diff --git a/.astyleignore b/.astyleignore index bac5af58f0c..71141325c60 100644 --- a/.astyleignore +++ b/.astyleignore @@ -1,5 +1,6 @@ BUILD cmsis +features/cryptocell features/mbedtls features/FEATURE_LWIP/lwip rtos/TARGET_CORTEX/rtx4 diff --git a/doxyfile_options b/doxyfile_options index 304eadb5283..31af07baa17 100644 --- a/doxyfile_options +++ b/doxyfile_options @@ -841,6 +841,7 @@ EXCLUDE_PATTERNS = */tools/* \ */BUILD/* \ */rtos/TARGET_CORTEX/rtx* \ */cmsis/* \ + */features/cryptocell/* \ */features/mbedtls/* \ */features/storage/* \ */features/unsupported/* \ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/Readme.md b/features/cryptocell/FEATURE_CRYPTOCELL310/Readme.md new file mode 100644 index 00000000000..629ef238ffe --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/Readme.md @@ -0,0 +1,21 @@ +# Guidelines for porting Cryptocell to Mbed OS + +Cryptocell (CC) 310 is a hardware accelerator that can be ported to several boards, assuming these boards have CC 310 embedded in their hardware. + +The CC 310 driver consists of three libraries: + +* A common core library(`libcc_core.a`). +* A platform-specific TRNG library, containing TRNG-related information, for sampling sufficient entropy on the specific platform(`libcc_trng.a`). +* A platform-specific library containing extra information, such as the CC register's base addresses on the specific board. (`libcc_ext.a`) + +To port your CC 310 driver to Mbed OS on your specific target, do the following: + +1. In `targets.json` add the following to your target: + * `MBEDTLS_CONFIG_HW_SUPPORT` to `macros_add` key. This instructs Mbed TLS to look for an alternative cryptographic implementation. + * `CRYPTOCELL310` to `feature`. Use this in your common code that you need to remove from compilation in case CC exists in your board. Use `#if !defined(FEATURE_CRYPTOCELL310)` and `#if defined(FEATURE_CRYPTOCELL310)`. +1. In `objects.h`, include `objects_cryptocell.h`. You can use the `FEATURE_CRYPTOCELL310` precompilation check as defined above. +1. In `features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_`, add your platform-specific libraries for all toolchains in `TOOLCHAIN_ARM`, `TOOLCHAIN_GCC_ARM` and `TOOLCHAIN_IAR` respectively. +1. Add your CC setup code: + * Implement `cc_platform_setup()` and `cc_platform_terminate()` to enable CC on your platform, in case you have board-specific setup functionality, required for CC setup. These functions can be empty. + * Define `cc_platform_ctx` in `cc_platform.h` in a way that suits your implementation. + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_ARM/libcc_310_ext.ar b/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_ARM/libcc_310_ext.ar new file mode 100644 index 00000000000..07f546ccf25 Binary files /dev/null and b/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_ARM/libcc_310_ext.ar differ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_ARM/libcc_310_trng.ar b/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_ARM/libcc_310_trng.ar new file mode 100644 index 00000000000..e1e34ce8100 Binary files /dev/null and b/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_ARM/libcc_310_trng.ar differ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_ARM/libnrf_cc310_ext_softfp_0.9.9.a b/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_ARM/libnrf_cc310_ext_softfp_0.9.9.a new file mode 100644 index 00000000000..c1e7d82cb89 Binary files /dev/null and b/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_ARM/libnrf_cc310_ext_softfp_0.9.9.a differ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_ARM/libnrf_cc310_trng_softfp_0.9.9.a b/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_ARM/libnrf_cc310_trng_softfp_0.9.9.a new file mode 100644 index 00000000000..33f394b89ac Binary files /dev/null and b/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_ARM/libnrf_cc310_trng_softfp_0.9.9.a differ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_GCC_ARM/libcc_310_ext.a b/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_GCC_ARM/libcc_310_ext.a new file mode 100644 index 00000000000..68b3dce450c Binary files /dev/null and b/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_GCC_ARM/libcc_310_ext.a differ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_GCC_ARM/libcc_310_trng.a b/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_GCC_ARM/libcc_310_trng.a new file mode 100644 index 00000000000..e5185062486 Binary files /dev/null and b/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_GCC_ARM/libcc_310_trng.a differ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_IAR/libnrf_cc310_ext_short_wchar_0.9.9.a b/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_IAR/libnrf_cc310_ext_short_wchar_0.9.9.a new file mode 100644 index 00000000000..26130959532 Binary files /dev/null and b/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_IAR/libnrf_cc310_ext_short_wchar_0.9.9.a differ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_IAR/libnrf_cc310_trng_short_wchar_0.9.9.a b/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_IAR/libnrf_cc310_trng_short_wchar_0.9.9.a new file mode 100644 index 00000000000..889c117f196 Binary files /dev/null and b/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/TOOLCHAIN_IAR/libnrf_cc310_trng_short_wchar_0.9.9.a differ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/cc_platform.h b/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/cc_platform.h new file mode 100644 index 00000000000..87433c55774 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/cc_platform.h @@ -0,0 +1,33 @@ +/* + * cc_platform.h + * + * Copyright (C) 2018, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ +#ifndef __CC_PLATFORM_H_ +#define __CC_PLATFORM_H_ +/** + * \brief The CC platform context structure. + * + * \note This structure may be used to assist platform-specific + * setup or teardown operations. + */ +typedef struct { + char dummy; /**< Placeholder member, as empty structs are not portable. */ +} +cc_platform_ctx; + +#endif /* __CC_PLATFORM_H_ */ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/cc_platform_nrf52840.c b/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/cc_platform_nrf52840.c new file mode 100644 index 00000000000..1ff1462e9a0 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_MCU_NRF52840/cc_platform_nrf52840.c @@ -0,0 +1,33 @@ + /* + * cc_platform_nrf52840.c + * + * Copyright (C) 2018, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "platform_alt.h" +#include "nrf52840.h" + +int cc_platform_setup( cc_platform_ctx *ctx ) +{ + NRF_CRYPTOCELL->ENABLE = 1; + return ( 0 ); +} + +void cc_platform_terminate( cc_platform_ctx *ctx ) +{ + NRF_CRYPTOCELL->ENABLE = 0; +} diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/binaries/TOOLCHAIN_ARM/libcc_310_core.ar b/features/cryptocell/FEATURE_CRYPTOCELL310/binaries/TOOLCHAIN_ARM/libcc_310_core.ar new file mode 100644 index 00000000000..d6db74847ae Binary files /dev/null and b/features/cryptocell/FEATURE_CRYPTOCELL310/binaries/TOOLCHAIN_ARM/libcc_310_core.ar differ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/binaries/TOOLCHAIN_ARM/libnrf_cc310_core_softfp_0.9.9.a b/features/cryptocell/FEATURE_CRYPTOCELL310/binaries/TOOLCHAIN_ARM/libnrf_cc310_core_softfp_0.9.9.a new file mode 100644 index 00000000000..69020fe8553 Binary files /dev/null and b/features/cryptocell/FEATURE_CRYPTOCELL310/binaries/TOOLCHAIN_ARM/libnrf_cc310_core_softfp_0.9.9.a differ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/binaries/TOOLCHAIN_GCC_ARM/libcc_310_core.a b/features/cryptocell/FEATURE_CRYPTOCELL310/binaries/TOOLCHAIN_GCC_ARM/libcc_310_core.a new file mode 100644 index 00000000000..4d0d8957775 Binary files /dev/null and b/features/cryptocell/FEATURE_CRYPTOCELL310/binaries/TOOLCHAIN_GCC_ARM/libcc_310_core.a differ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/binaries/TOOLCHAIN_GCC_ARM/libcc_310_core.a.mod b/features/cryptocell/FEATURE_CRYPTOCELL310/binaries/TOOLCHAIN_GCC_ARM/libcc_310_core.a.mod new file mode 100644 index 00000000000..a644c59f6ad Binary files /dev/null and b/features/cryptocell/FEATURE_CRYPTOCELL310/binaries/TOOLCHAIN_GCC_ARM/libcc_310_core.a.mod differ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/binaries/TOOLCHAIN_GCC_ARM/libcc_310_core.a~31bb423e11968b6c6cfbd1735561b06af3862622 b/features/cryptocell/FEATURE_CRYPTOCELL310/binaries/TOOLCHAIN_GCC_ARM/libcc_310_core.a~31bb423e11968b6c6cfbd1735561b06af3862622 new file mode 100644 index 00000000000..4d0d8957775 Binary files /dev/null and b/features/cryptocell/FEATURE_CRYPTOCELL310/binaries/TOOLCHAIN_GCC_ARM/libcc_310_core.a~31bb423e11968b6c6cfbd1735561b06af3862622 differ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/binaries/TOOLCHAIN_IAR/lib_cc310_core.a b/features/cryptocell/FEATURE_CRYPTOCELL310/binaries/TOOLCHAIN_IAR/lib_cc310_core.a new file mode 100644 index 00000000000..b23330ccc4d Binary files /dev/null and b/features/cryptocell/FEATURE_CRYPTOCELL310/binaries/TOOLCHAIN_IAR/lib_cc310_core.a differ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/cc_internal.c b/features/cryptocell/FEATURE_CRYPTOCELL310/cc_internal.c new file mode 100644 index 00000000000..acad6d5482d --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/cc_internal.c @@ -0,0 +1,153 @@ +/* + * cc_internal.c + * + * Internal utility functions and definitions, + * used for converting mbedtls types to CC types, and vice versa + * + * Copyright (C) 2018, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "cc_internal.h" +#include "crys_ecpki_error.h" +#include "crys_ec_mont_edw_error.h" + +CRYS_ECPKI_DomainID_t convert_mbedtls_grp_id_to_crys_domain_id( mbedtls_ecp_group_id grp_id ) +{ + switch( grp_id ) + { + case MBEDTLS_ECP_DP_SECP192K1: + return ( CRYS_ECPKI_DomainID_secp192k1 ); + case MBEDTLS_ECP_DP_SECP192R1: + return ( CRYS_ECPKI_DomainID_secp192r1 ); + case MBEDTLS_ECP_DP_SECP224K1: + return ( CRYS_ECPKI_DomainID_secp224k1 ); + case MBEDTLS_ECP_DP_SECP224R1: + return ( CRYS_ECPKI_DomainID_secp224r1 ); + case MBEDTLS_ECP_DP_SECP256K1: + return ( CRYS_ECPKI_DomainID_secp256k1 ); + case MBEDTLS_ECP_DP_SECP256R1: + return ( CRYS_ECPKI_DomainID_secp256r1 ); + case MBEDTLS_ECP_DP_SECP384R1: + return ( CRYS_ECPKI_DomainID_secp384r1 ); + case MBEDTLS_ECP_DP_SECP521R1: + return ( CRYS_ECPKI_DomainID_secp521r1 ); + default: + return ( CRYS_ECPKI_DomainID_OffMode ); + } + +} + +uint32_t convert_mbedtls_to_cc_rand( void* mbedtls_rnd_ctx, uint16_t outSizeBytes, uint8_t* out_ptr ) +{ + uint16_t i = 0; + uint8_t temp = 0; + mbedtls_rand_func_container* mbedtls_rand = (mbedtls_rand_func_container*)mbedtls_rnd_ctx; + + if( mbedtls_rand->f_rng( mbedtls_rand->ctx, out_ptr, outSizeBytes ) != 0 ) + return ( MBEDTLS_ERR_ECP_RANDOM_FAILED ); + + /* + * CC requires the random data as LE, so reversing the data + * (although this is random, but test vectors are in specific Endianess) + */ + while ( i < ( outSizeBytes / 2 ) ) + { + temp = out_ptr[outSizeBytes - 1 - i]; + out_ptr[outSizeBytes - 1 - i] = out_ptr[i]; + out_ptr[i] = temp; + ++i; + } + /* + * CC increases the random data by one, to put the vector in the proper range (1 to n), + * The RFC tests supply a data buffer within range, and in order to generate the proper ephemeral key, + * need to decrease one from this data, before CC increases the data, so the output will be as expected + */ + i = 0; + while( out_ptr[i] == 0 ) + { + ++i; + } + while( i > 0 ) + { + --out_ptr[i]; + --i; + } + --out_ptr[0]; + return ( 0 ); +} + +int convert_CrysError_to_mbedtls_err( CRYSError_t Crys_err ) +{ + switch( Crys_err ) + { + case CRYS_OK: + return ( 0 ); + + case CRYS_ECDH_SVDP_DH_INVALID_USER_PRIV_KEY_PTR_ERROR: + case CRYS_ECDH_SVDP_DH_USER_PRIV_KEY_VALID_TAG_ERROR: + case CRYS_ECDH_SVDP_DH_INVALID_PARTNER_PUBL_KEY_PTR_ERROR: + case CRYS_ECDH_SVDP_DH_PARTNER_PUBL_KEY_VALID_TAG_ERROR: + case CRYS_ECDH_SVDP_DH_INVALID_SHARED_SECRET_VALUE_PTR_ERROR: + case CRYS_ECDH_SVDP_DH_INVALID_TEMP_DATA_PTR_ERROR: + case CRYS_ECDH_SVDP_DH_INVALID_SHARED_SECRET_VALUE_SIZE_PTR_ERROR: + case CRYS_ECDH_SVDP_DH_NOT_CONCENT_PUBL_AND_PRIV_DOMAIN_ID_ERROR: + case CRYS_ECDH_SVDP_DH_INVALID_SHARED_SECRET_VALUE_SIZE_ERROR: + case CRYS_ECMONT_INVALID_INPUT_POINTER_ERROR: + case CRYS_ECMONT_INVALID_INPUT_SIZE_ERROR: + case CRYS_ECMONT_INVALID_DOMAIN_ID_ERROR: + case CRYS_ECDSA_SIGN_INVALID_USER_CONTEXT_PTR_ERROR: + case CRYS_ECDSA_SIGN_INVALID_USER_PRIV_KEY_PTR_ERROR: + case CRYS_ECDSA_SIGN_ILLEGAL_HASH_OP_MODE_ERROR: + case CRYS_ECDSA_SIGN_USER_PRIV_KEY_VALIDATION_TAG_ERROR: + case CRYS_ECDSA_SIGN_USER_CONTEXT_VALIDATION_TAG_ERROR: + case CRYS_ECDSA_SIGN_INVALID_MESSAGE_DATA_IN_PTR_ERROR: + case CRYS_ECDSA_SIGN_INVALID_MESSAGE_DATA_IN_SIZE_ERROR: + case CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_PTR_ERROR: + case CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_SIZE_PTR_ERROR: + case CRYS_ECDSA_SIGN_INVALID_IS_EPHEMER_KEY_INTERNAL_ERROR: + case CRYS_ECDSA_SIGN_INVALID_EPHEMERAL_KEY_PTR_ERROR: + case CRYS_ECDSA_VERIFY_INVALID_SIGNER_PUBL_KEY_PTR_ERROR: + case CRYS_ECDSA_VERIFY_SIGNER_PUBL_KEY_VALIDATION_TAG_ERROR: + case CRYS_ECDSA_VERIFY_INVALID_USER_CONTEXT_PTR_ERROR: + case CRYS_ECDSA_VERIFY_INVALID_SIGNATURE_IN_PTR_ERROR: + case CRYS_ECDSA_VERIFY_INVALID_SIGNATURE_SIZE_ERROR: + case CRYS_ECPKI_INVALID_RND_CTX_PTR_ERROR: + case CRYS_ECPKI_INVALID_RND_FUNC_PTR_ERROR: + case CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_SIZE_ERROR: + return ( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + + case CRYS_ECDSA_VERIFY_INCONSISTENT_VERIFY_ERROR: + return ( MBEDTLS_ERR_ECP_VERIFY_FAILED ); + + case CRYS_ECMONT_IS_NOT_SUPPORTED: + case CRYS_ECEDW_IS_NOT_SUPPORTED: + return ( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + + case CRYS_ECEDW_RND_GEN_VECTOR_FUNC_ERROR: + return ( MBEDTLS_ERR_ECP_RANDOM_FAILED ); + + case CRYS_ECPKI_GEN_KEY_INVALID_PRIVATE_KEY_PTR_ERROR: + case CRYS_ECPKI_EXPORT_PUBL_KEY_INVALID_PUBL_KEY_DATA_ERROR: + case CRYS_ECPKI_BUILD_KEY_INVALID_PRIV_KEY_DATA_ERROR: + return ( MBEDTLS_ERR_ECP_INVALID_KEY ); + + default: + return ( MBEDTLS_ERR_ECP_HW_ACCEL_FAILED ); + } + + +} diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/cc_internal.h b/features/cryptocell/FEATURE_CRYPTOCELL310/cc_internal.h new file mode 100644 index 00000000000..d61802e254c --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/cc_internal.h @@ -0,0 +1,133 @@ +/* + * cc_internal.h + * + * Internal utility functions and definitions, + * used for converting mbedtls types to CC types, and vice versa + * + * Copyright (C) 2018, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef __CC_INTERNAL_H__ +#define __CC_INTERNAL_H__ +#include "crys_ecpki_types.h" +#include "crys_ec_mont_api.h" +#include "mbedtls/ecp.h" +#include +#include + +#define CURVE_25519_KEY_SIZE 32 + +#ifdef __cplusplus +extern "C" { +#endif + +#define MAX_KEY_SIZE_IN_BYTES ( ( CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS ) * SASI_32BIT_WORD_SIZE) + +/* ECC utility functions and structures*/ +typedef struct cc_ecc_ws_keygen_params{ + CRYS_ECPKI_UserPublKey_t pubKey; + CRYS_ECPKI_UserPrivKey_t privKey; + CRYS_ECPKI_KG_TempData_t kgTempData; +} cc_ecc_ws_keygen_params_t; + +typedef struct cc_ecc_ws_comp_shared_params{ + CRYS_ECPKI_UserPublKey_t pubKey; + CRYS_ECPKI_UserPrivKey_t privKey; + CRYS_ECDH_TempData_t ecdhTempData; +} cc_ecc_ws_comp_shared_params_t; + +typedef struct cc_ecc_ws_verify_params{ + CRYS_ECPKI_UserPublKey_t pubKey; + CRYS_ECDSA_VerifyUserContext_t verifyContext; +} cc_ecc_ws_verify_params_t; + +typedef struct cc_ecc_ws_sign_params{ + CRYS_ECPKI_UserPrivKey_t privKey; + CRYS_ECDSA_SignUserContext_t signContext; +} cc_ecc_ws_sign_params_t; + +typedef struct cc_ecc_25519_keygen_params{ + uint8_t pubKey[CURVE_25519_KEY_SIZE]; + uint8_t privKey[CURVE_25519_KEY_SIZE]; + CRYS_ECMONT_TempBuff_t kgTempData; +} cc_ecc_25519_keygen_params_t; + +typedef cc_ecc_25519_keygen_params_t cc_ecc_25519_comp_shared_params_t; + +/** + * \brief This function converts mbedtls type mbedtls_ecp_group_id + * to Cryptocell type CRYS_ECPKI_DomainID_t + * + * \param grp_id The mbedtls mbedtls_ecp_group_id to convert + * + * \return \c The corresponding CRYS_ECPKI_DomainID_t. + * CRYS_ECPKI_DomainID_OffMode if not recognized. + */ +CRYS_ECPKI_DomainID_t convert_mbedtls_grp_id_to_crys_domain_id( mbedtls_ecp_group_id grp_id ); + +/* f_rng conversion from mbedtls type to cc type*/ +typedef struct +{ + int (*f_rng)( void* ctx, unsigned char* output, size_t outSizeBytes ); + void* ctx; + +}mbedtls_rand_func_container; + +/** + * \brief This function converts mbedtls f_rng type to + * Cryptocell f_rng type(SaSiRndGenerateVectWorkFunc_t) + * + * Note: The Mbed TLS type f_rng signature is: + * int (*f_rng)( void* ctx, unsigned char* output, size_t outSizeBytes ); + * while CC f_rng signature is: + * uint32_t (*SaSiRndGenerateVectWorkFunc_t)( + * void *rndState_ptr, + * uint16_t outSizeBytes, + * uint8_t *out_ptr) + * + * so the Mbed TLS f_rng can't be sent as is to the CC API. + * + * In addition, this function manipulates the different random data, + * to adjust between the way Cryptocell reads the random data. This is done for + * different standard tests to pass. + * + * + * \param mbedtls_rand The mbedtls rnd context pointer + * \param outSizeBytes The size of the output buffer + * \param out_ptr Pointer to the output buffer + * + * \return \c The corresponding CRYS_ECPKI_DomainID_t. + * CRYS_ECPKI_DomainID_OffMode if not recognized. + */ + +uint32_t convert_mbedtls_to_cc_rand( void* mbedtls_rand, uint16_t outSizeBytes, uint8_t* out_ptr ); + +/** + * \brief This function convertsCryptocell error + * Mbed TLS related error. + * + * + * \return \c The corresponding Mbed TLS error, + * MBEDTLS_ERR_ECP_HW_ACCEL_FAILED as default, if none found + */ +int convert_CrysError_to_mbedtls_err( CRYSError_t Crys_err ); + +#ifdef __cplusplus +} +#endif + +#endif /* __CC_INTERNAL_H__ */ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/ccm_alt.c b/features/cryptocell/FEATURE_CRYPTOCELL310/ccm_alt.c new file mode 100644 index 00000000000..4ba4be03bb3 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/ccm_alt.c @@ -0,0 +1,139 @@ +/* + * ccm_alt.c + * + * Copyright (C) 2018, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "mbedtls/ccm.h" +#if defined(MBEDTLS_CCM_ALT) +#include +#include "mbedtls/platform.h" +#include "mbedtls/aes.h" + +/* Implementation that should never be optimized out by the compiler */ +static void mbedtls_zeroize( void *v, size_t n ) { + volatile unsigned char *p = (unsigned char*)v; + while( n-- ) *p++ = 0; +} + +void mbedtls_ccm_init( mbedtls_ccm_context *ctx ) +{ + memset( ctx, 0, sizeof( mbedtls_ccm_context ) ); +} + +void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) +{ + mbedtls_zeroize( ctx, sizeof( mbedtls_ccm_context ) ); +} + +int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, + mbedtls_cipher_id_t cipher, + const unsigned char *key, + unsigned int keybits ) +{ + if( ctx == NULL ) + return ( MBEDTLS_ERR_CCM_BAD_INPUT ); + + if( cipher != MBEDTLS_CIPHER_ID_AES || + keybits != 128 ) + { + return ( MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE ); + } + + memcpy( ctx->cipher_key , key, keybits / 8 ); + ctx->keySize_ID = CRYS_AES_Key128BitSize; + + return ( 0 ); + +} + +/* + * Authenticated encryption or decryption + */ + +int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + unsigned char *tag, size_t tag_len ) + +{ + CRYSError_t CrysRet = CRYS_OK; + /* + * Check length requirements: SP800-38C A.1 + * Additional requirement: a < 2^16 - 2^8 to simplify the code. + * 'length' checked later (when writing it to the first block) + */ + if( tag_len < 4 || tag_len > 16 || tag_len % 2 != 0 ) + return ( MBEDTLS_ERR_CCM_BAD_INPUT ); + + /* Also implies q is within bounds */ + if( iv_len < 7 || iv_len > 13 ) + return ( MBEDTLS_ERR_CCM_BAD_INPUT ); + +#if SIZE_MAX > UINT_MAX + if( length > 0xFFFFFFFF || add_len > 0xFFFFFFFF ) + return ( MBEDTLS_ERR_CCM_BAD_INPUT ); +#endif + + CrysRet = CRYS_AESCCM( SASI_AES_ENCRYPT, ctx->cipher_key, ctx->keySize_ID,(uint8_t*)iv, iv_len, + (uint8_t*)add, add_len, (uint8_t*)input, length, output, tag_len, tag ); + if( CrysRet != CRYS_OK ) + return ( MBEDTLS_ERR_CCM_HW_ACCEL_FAILED ); + + return ( 0 ); + +} + +/* + * Authenticated decryption + */ +int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + const unsigned char *tag, size_t tag_len ) + +{ + CRYSError_t CrysRet = CRYS_OK; + /* + * Check length requirements: SP800-38C A.1 + * Additional requirement: a < 2^16 - 2^8 to simplify the code. + * 'length' checked later (when writing it to the first block) + */ + if( tag_len < 4 || tag_len > 16 || tag_len % 2 != 0 ) + return ( MBEDTLS_ERR_CCM_BAD_INPUT ); + + /* Also implies q is within bounds */ + if( iv_len < 7 || iv_len > 13 ) + return ( MBEDTLS_ERR_CCM_BAD_INPUT ); + +#if SIZE_MAX > UINT_MAX + if( length > 0xFFFFFFFF || add_len > 0xFFFFFFFF ) + return ( MBEDTLS_ERR_CCM_BAD_INPUT ); +#endif + + CrysRet = CRYS_AESCCM( SASI_AES_DECRYPT, ctx->cipher_key, ctx->keySize_ID,(uint8_t*)iv, iv_len, + (uint8_t*)add, add_len, (uint8_t*)input, length, output, tag_len, (uint8_t*)tag ); + if ( CrysRet != CRYS_OK ) + return ( MBEDTLS_ERR_CCM_HW_ACCEL_FAILED ); + + return ( 0 ); + +} + +#endif diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/ccm_alt.h b/features/cryptocell/FEATURE_CRYPTOCELL310/ccm_alt.h new file mode 100644 index 00000000000..38b98234609 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/ccm_alt.h @@ -0,0 +1,127 @@ +/* + * ccm_alt.h + * + * Copyright (C) 2018, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef __CCM_ALT__ +#define __CCM_ALT__ + +#if defined(MBEDTLS_CCM_ALT) +#include "crys_aesccm.h" + +#ifdef __cplusplus +extern "C" { +#endif + +typedef struct { + CRYS_AESCCM_Key_t cipher_key; /*!< cipher key used */ + CRYS_AESCCM_KeySize_t keySize_ID; +} +mbedtls_ccm_context; + +/** + * \brief Initialize CCM context (just makes references valid) + * Makes the context ready for mbedtls_ccm_setkey() or + * mbedtls_ccm_free(). + * + * \param ctx CCM context to initialize + */ +void mbedtls_ccm_init( mbedtls_ccm_context *ctx ); + +/** + * \brief CCM initialization (encryption and decryption) + * + * \param ctx CCM context to be initialized + * \param cipher cipher to use (a 128-bit block cipher) + * \param key encryption key + * \param keybits key size in bits (must be acceptable by the cipher) + * + * \return 0 if successful, or a cipher specific error code + */ +int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, + mbedtls_cipher_id_t cipher, + const unsigned char *key, + unsigned int keybits ); + +/** + * \brief Free a CCM context and underlying cipher sub-context + * + * \param ctx CCM context to free + */ +void mbedtls_ccm_free( mbedtls_ccm_context *ctx ); + +/** + * \brief CCM buffer encryption + * + * \param ctx CCM context + * \param length length of the input data in bytes + * \param iv nonce (initialization vector) + * \param iv_len length of IV in bytes + * must be 2, 3, 4, 5, 6, 7 or 8 + * \param add additional data + * \param add_len length of additional data in bytes + * must be less than 2^16 - 2^8 + * \param input buffer holding the input data + * \param output buffer for holding the output data + * must be at least 'length' bytes wide + * \param tag buffer for holding the tag + * \param tag_len length of the tag to generate in bytes + * must be 4, 6, 8, 10, 14 or 16 + * + * \note The tag is written to a separate buffer. To get the tag + * concatenated with the output as in the CCM spec, use + * tag = output + length and make sure the output buffer is + * at least length + tag_len wide. + * + * \return 0 if successful + */ +int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + unsigned char *tag, size_t tag_len ); + +/** + * \brief CCM buffer authenticated decryption + * + * \param ctx CCM context + * \param length length of the input data + * \param iv initialization vector + * \param iv_len length of IV + * \param add additional data + * \param add_len length of additional data + * \param input buffer holding the input data + * \param output buffer for holding the output data + * \param tag buffer holding the tag + * \param tag_len length of the tag + * + * \return 0 if successful and authenticated, + * MBEDTLS_ERR_CCM_AUTH_FAILED if tag does not match + */ +int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + const unsigned char *tag, size_t tag_len ); + +#ifdef __cplusplus +} +#endif + +#endif /* MBEDTLS_CCM_ALT */ +#endif /* __CCM_ALT__ */ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/ecdh_alt.c b/features/cryptocell/FEATURE_CRYPTOCELL310/ecdh_alt.c new file mode 100644 index 00000000000..9c99347e4e5 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/ecdh_alt.c @@ -0,0 +1,256 @@ +/* + * ecdh_alt.c + * + * Copyright (C) 2018, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "mbedtls/ecdh.h" +#include +#include "crys_ecpki_dh.h" +#include "crys_ecpki_build.h" +#include "crys_common.h" +#include "crys_ecpki_kg.h" +#include "crys_ecpki_domain.h" +#include "crys_ec_mont_api.h" +#include "mbedtls/platform.h" +#include "cc_internal.h" + + +/* Implementation that should never be optimized out by the compiler */ +static void mbedtls_zeroize( void *v, size_t n ) { + volatile unsigned char *p = (unsigned char*)v; + while( n-- ) *p++ = 0; +} + +#if defined (MBEDTLS_ECDH_GEN_PUBLIC_ALT) +int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, + int ( *f_rng )( void *, unsigned char *, size_t ), + void *p_rng ) +{ + int ret = 0; + void* pHeap = NULL; + size_t heapSize = 0; + + uint32_t public_key_size = (2 * MAX_KEY_SIZE_IN_BYTES + 1); + const CRYS_ECPKI_Domain_t* pDomain = CRYS_ECPKI_GetEcDomain ( convert_mbedtls_grp_id_to_crys_domain_id( grp->id ) ); + mbedtls_rand_func_container cc_rand = { f_rng, p_rng }; + + if ( pDomain ) + { + uint8_t temp_buf[ 2 * MAX_KEY_SIZE_IN_BYTES + 1 ] = {0}; + cc_ecc_ws_keygen_params_t* kgParams = mbedtls_calloc( 1, sizeof( cc_ecc_ws_keygen_params_t ) ); + + if ( kgParams == NULL ) + return ( MBEDTLS_ERR_ECP_ALLOC_FAILED ); + pHeap = kgParams; + heapSize = sizeof( cc_ecc_ws_keygen_params_t ); + + ret = convert_CrysError_to_mbedtls_err( CRYS_ECPKI_GenKeyPair( &cc_rand, convert_mbedtls_to_cc_rand, + pDomain, &kgParams->privKey, + &kgParams->pubKey, + &kgParams->kgTempData, NULL ) ); + if( ret != 0 ) + { + goto cleanup; + } + + ret = convert_CrysError_to_mbedtls_err( CRYS_ECPKI_ExportPublKey( &kgParams->pubKey, + CRYS_EC_PointUncompressed,temp_buf, &public_key_size ) ); + if( ret != 0 ) + { + goto cleanup; + } + + + MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( grp, Q, temp_buf, public_key_size ) ); + memset ( temp_buf, 0 , sizeof(temp_buf) ); + + ret = convert_CrysError_to_mbedtls_err( CRYS_COMMON_ConvertLswMswWordsToMsbLsbBytes( temp_buf, (grp->nbits+7)/8, + kgParams->privKey.PrivKeyDbBuff, + 4*((((grp->nbits+7)/8)+3)/4) ) ); + if( ret != 0 ) + { + mbedtls_zeroize( temp_buf, sizeof( temp_buf ) ); + goto cleanup; + } + + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary( d, temp_buf, (grp->nbits+7)/8 ) ); + mbedtls_zeroize( temp_buf, sizeof( temp_buf ) ); + } + + /* if CRYS_ECPKI_GetEcDomain returns NULL, then the given curve is either Montgomery 25519 + * or another curve which is not supported by CC310*/ + else if ( grp->id == MBEDTLS_ECP_DP_CURVE25519 ) + { + size_t priv_key_size = public_key_size = CURVE_25519_KEY_SIZE ; + + cc_ecc_25519_keygen_params_t* kgParams = mbedtls_calloc( 1, sizeof(cc_ecc_25519_keygen_params_t) ); + + if ( kgParams == NULL ) + return ( MBEDTLS_ERR_ECP_ALLOC_FAILED ); + pHeap = ( uint8_t* )kgParams; + heapSize = sizeof(cc_ecc_25519_keygen_params_t); + + ret = convert_CrysError_to_mbedtls_err( CRYS_ECMONT_KeyPair( kgParams->pubKey, ( size_t* )&public_key_size, kgParams->privKey, + &priv_key_size, &cc_rand, convert_mbedtls_to_cc_rand, + &kgParams->kgTempData ) ); + if( ret != 0 ) + { + goto cleanup; + } + + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( d, kgParams->privKey, priv_key_size ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &Q->X, kgParams->pubKey, public_key_size ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &Q->Z, 1 ) ); + } + else + ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + +cleanup: + + if ( pHeap ) + { + mbedtls_zeroize( pHeap, heapSize ); + mbedtls_free( pHeap ); + } + + return ( ret ); +} +#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */ + +/* + * Compute shared secret (SEC1 3.3.1) + */ +#if defined (MBEDTLS_ECDH_COMPUTE_SHARED_ALT) +int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z, + const mbedtls_ecp_point *Q, const mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int ret; + void* pHeap = NULL; + size_t heapSize = 0; + + size_t public_key_size = (grp->nbits+7)/8 ; + const CRYS_ECPKI_Domain_t* pDomain = CRYS_ECPKI_GetEcDomain ( convert_mbedtls_grp_id_to_crys_domain_id( grp->id ) ); + uint32_t secret_size = ( ( grp->nbits + 7 ) / 8 ) ; + const uint32_t secret_size_in_heap = secret_size; + uint8_t* secret = mbedtls_calloc( 1, secret_size_in_heap ); + if ( secret == NULL ) + return ( MBEDTLS_ERR_ECP_ALLOC_FAILED ); + + /* + * Make sure Q is a valid pubkey before using it + */ + MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) ); + if ( pDomain ) + { + uint8_t temp_buf[ 2 * MAX_KEY_SIZE_IN_BYTES + 1 ] = {0}; + cc_ecc_ws_comp_shared_params_t* ecdhParams = mbedtls_calloc( 1, sizeof(cc_ecc_ws_comp_shared_params_t) ); + + if ( ecdhParams == NULL ) + { + ret = MBEDTLS_ERR_ECP_ALLOC_FAILED; + goto cleanup; + } + + pHeap = ecdhParams; + heapSize = sizeof(cc_ecc_ws_comp_shared_params_t); + + + MBEDTLS_MPI_CHK( mbedtls_ecp_point_write_binary( grp, Q, MBEDTLS_ECP_PF_UNCOMPRESSED, + &public_key_size, temp_buf, sizeof(temp_buf) ) ); + + ret = convert_CrysError_to_mbedtls_err( CRYS_ECPKI_BuildPublKey( pDomain, temp_buf, public_key_size, + &ecdhParams->pubKey ) ); + if ( ret != 0 ) + { + goto cleanup; + } + + memset ( temp_buf, 0, sizeof(temp_buf) ); + + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, temp_buf, mbedtls_mpi_size( d ) ) ); + + ret = convert_CrysError_to_mbedtls_err( CRYS_ECPKI_BuildPrivKey( pDomain, + temp_buf, + mbedtls_mpi_size( d ), + &ecdhParams->privKey ) ); + mbedtls_zeroize( temp_buf, sizeof( temp_buf ) ); + if ( ret != 0 ) + { + goto cleanup; + } + + ret = convert_CrysError_to_mbedtls_err( CRYS_ECDH_SVDP_DH( &ecdhParams->pubKey, &ecdhParams->privKey, + secret, &secret_size, + &ecdhParams->ecdhTempData ) ); + if ( ret != 0 ) + { + goto cleanup; + } + } + else if ( grp->id == MBEDTLS_ECP_DP_CURVE25519 ) + { + cc_ecc_25519_comp_shared_params_t* ecdhParams = mbedtls_calloc( 1, sizeof(cc_ecc_25519_comp_shared_params_t) ); + if ( ecdhParams == NULL ) + { + ret = MBEDTLS_ERR_ECP_ALLOC_FAILED; + goto cleanup; + } + + pHeap = ecdhParams; + heapSize = sizeof(cc_ecc_25519_comp_shared_params_t); + + + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, ecdhParams->privKey, mbedtls_mpi_size( d ) ) ) ; + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &Q->X, ecdhParams->pubKey, public_key_size ) ); + + ret = convert_CrysError_to_mbedtls_err( CRYS_ECMONT_Scalarmult( secret, ( size_t* )&secret_size, + ecdhParams->privKey, CURVE_25519_KEY_SIZE , + ecdhParams->pubKey, CURVE_25519_KEY_SIZE , + &ecdhParams->kgTempData ) ); + if ( ret != 0 ) + { + goto cleanup; + } + } + else + { + ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + goto cleanup; + } + + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( z, secret, secret_size ) ); + +cleanup: + + if ( pHeap ) + { + mbedtls_zeroize( pHeap, heapSize ); + mbedtls_free ( pHeap ); + } + + if ( secret ) + { + mbedtls_zeroize( secret, secret_size_in_heap ); + mbedtls_free ( secret ); + } + + return ( ret ); +} +#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/ecdsa_alt.c b/features/cryptocell/FEATURE_CRYPTOCELL310/ecdsa_alt.c new file mode 100644 index 00000000000..995a5706a3e --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/ecdsa_alt.c @@ -0,0 +1,327 @@ +/* + * ecdsa_alt.c + * + * Copyright (C) 2018, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "mbedtls/ecdsa.h" +#include +#include "crys_ecpki_ecdsa.h" +#include "crys_ecpki_build.h" +#include "crys_common.h" +#include "crys_ecpki_kg.h" +#include "crys_ecpki_domain.h" +#include "crys_ec_edw_api.h" +#include "mbedtls/platform.h" +#include "cc_internal.h" + +/* Implementation that should never be optimized out by the compiler */ +static void mbedtls_zeroize( void *v, size_t n ) { + volatile unsigned char *p = (unsigned char*)v; + while( n-- ) *p++ = 0; +} + +static CRYS_ECPKI_HASH_OpMode_t message_size_to_hash_mode( size_t blen ) +{ + CRYS_ECPKI_HASH_OpMode_t hash_mode; + switch( blen ) + { + case CRYS_HASH_SHA1_DIGEST_SIZE_IN_WORDS*sizeof(uint32_t): + hash_mode = CRYS_ECPKI_AFTER_HASH_SHA1_mode; + break; + case CRYS_HASH_SHA224_DIGEST_SIZE_IN_WORDS*sizeof(uint32_t): + hash_mode = CRYS_ECPKI_AFTER_HASH_SHA224_mode; + break; + case CRYS_HASH_SHA256_DIGEST_SIZE_IN_WORDS*sizeof(uint32_t): + hash_mode = CRYS_ECPKI_AFTER_HASH_SHA256_mode; + break; + case CRYS_HASH_SHA384_DIGEST_SIZE_IN_WORDS*sizeof(uint32_t): + hash_mode = CRYS_ECPKI_AFTER_HASH_SHA384_mode; + break; + case CRYS_HASH_SHA512_DIGEST_SIZE_IN_WORDS*sizeof(uint32_t): + hash_mode = CRYS_ECPKI_AFTER_HASH_SHA512_mode; + break; + default: + hash_mode = CRYS_ECPKI_HASH_OpModeLast; + } + + return hash_mode; +} + +#if defined(MBEDTLS_ECDSA_SIGN_ALT) +int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +{ + int ret = 0; + CRYSError_t CrysRet = CRYS_OK; + void* pHeap = NULL; + size_t heapSize = 0; + uint8_t* pSignature = NULL; + CRYS_ECPKI_HASH_OpMode_t hash_mode = message_size_to_hash_mode( blen ); + uint32_t signature_size = ( ( grp->nbits + 7 ) / 8 ) *2; + const uint32_t signature_size_for_heap = signature_size; + mbedtls_rand_func_container cc_rand = { f_rng, p_rng }; + const CRYS_ECPKI_Domain_t* pDomain = CRYS_ECPKI_GetEcDomain ( convert_mbedtls_grp_id_to_crys_domain_id( grp->id ) ); + +#if SIZE_MAX > UINT_MAX + if( blen > 0xFFFFFFFF ) + { + return ( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + } +#endif + + if ( pDomain != NULL ) + { + uint8_t temp_buf[ MAX_KEY_SIZE_IN_BYTES ] = {0}; + cc_ecc_ws_sign_params_t* signParams = mbedtls_calloc( 1, sizeof(cc_ecc_ws_sign_params_t) ); + if ( signParams == NULL) + return ( MBEDTLS_ERR_ECP_ALLOC_FAILED ); + pHeap = signParams; + heapSize = sizeof(cc_ecc_ws_sign_params_t); + + pSignature = mbedtls_calloc( 1, signature_size_for_heap ); + if ( pSignature == NULL) + { + ret = MBEDTLS_ERR_ECP_ALLOC_FAILED; + goto cleanup; + } + + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, temp_buf, mbedtls_mpi_size( d ) ) ); + + CrysRet = CRYS_ECPKI_BuildPrivKey( pDomain, + temp_buf, + mbedtls_mpi_size( d ), + &signParams->privKey); + if( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + mbedtls_zeroize( temp_buf, sizeof(temp_buf) ); + goto cleanup; + } + + CrysRet = CRYS_ECDSA_Sign( &cc_rand, + convert_mbedtls_to_cc_rand, + &signParams->signContext, + &signParams->privKey, + hash_mode, + (uint8_t*)buf, + blen, + pSignature, + &signature_size ); + mbedtls_zeroize( temp_buf, sizeof(temp_buf) ); + if( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + goto cleanup; + } + } + else + { + ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + goto cleanup; + } + + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( r, pSignature, ( ( grp->nbits + 7 ) / 8 ) ) ); + + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( s, pSignature + ( ( grp->nbits + 7 ) / 8 ), ( ( grp->nbits + 7 ) / 8 ) ) ); + + +cleanup: + + if ( pHeap ) + { + mbedtls_zeroize( pHeap, heapSize ); + mbedtls_free( pHeap ); + } + + if( pSignature ) + { + mbedtls_zeroize( pSignature, signature_size_for_heap ); + mbedtls_free( pSignature ); + + } + + return ( ret ) ; +} +#endif /* MBEDTLS_ECDSA_SIGN_ALT*/ + +#if defined(MBEDTLS_ECDSA_VERIFY_ALT) +//need to normalize the coordinates +int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, + const unsigned char *buf, size_t blen, + const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s) +{ + int ret = 0; + CRYSError_t CrysRet = CRYS_OK; + void* pHeap = NULL; + size_t heapSize = 0; + uint8_t * pSignature = NULL; + CRYS_ECPKI_HASH_OpMode_t hash_mode = message_size_to_hash_mode( blen ); + size_t temp_size = 0; + uint32_t signature_size = ( ( grp->nbits + 7 ) / 8 ) * 2; + const CRYS_ECPKI_Domain_t* pDomain = CRYS_ECPKI_GetEcDomain ( convert_mbedtls_grp_id_to_crys_domain_id( grp->id ) ); + +#if SIZE_MAX > UINT_MAX + if( blen > 0xFFFFFFFF ) + { + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + } +#endif + + if ( pDomain ) + { + uint8_t temp_buf[ 2*MAX_KEY_SIZE_IN_BYTES + 1 ] = {0}; + + cc_ecc_ws_verify_params_t* verifyParams = mbedtls_calloc( 1, sizeof(cc_ecc_ws_verify_params_t) ); + if ( verifyParams == NULL) + return ( MBEDTLS_ERR_ECP_ALLOC_FAILED ); + pHeap = verifyParams; + heapSize = sizeof(cc_ecc_ws_verify_params_t); + + pSignature = mbedtls_calloc( 1, signature_size ); + if ( pSignature == NULL) + { + ret = MBEDTLS_ERR_ECP_ALLOC_FAILED; + goto cleanup; + } + + MBEDTLS_MPI_CHK( mbedtls_ecp_point_write_binary( grp, Q, MBEDTLS_ECP_PF_UNCOMPRESSED, + &temp_size, temp_buf, sizeof(temp_buf) ) ); + + CrysRet = CRYS_ECPKI_BuildPublKey(pDomain, temp_buf, temp_size, &verifyParams->pubKey); + if( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + goto cleanup; + } + + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( r, pSignature, ( ( grp->nbits + 7 ) / 8 ) ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( s, pSignature + ( ( grp->nbits + 7 ) / 8 ), ( ( grp->nbits + 7 ) / 8 ) ) ); + CrysRet = CRYS_ECDSA_Verify ( &verifyParams->verifyContext, + &verifyParams->pubKey, + hash_mode, + pSignature, + signature_size, + (uint8_t*)buf, + blen ); + if( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + goto cleanup; + } + } + else + ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + +cleanup: + + if( pHeap ) + { + mbedtls_zeroize( pHeap, heapSize ); + mbedtls_free( pHeap ); + } + + if( pSignature ) + { + mbedtls_zeroize( pSignature, signature_size ); + mbedtls_free( pSignature ); + + } + + return ret; +} +#endif /* MBEDTLS_ECDSA_VERIFY_ALT */ + +#if defined(MBEDTLS_ECDSA_GENKEY_ALT) +int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +{ + int ret = 0; + CRYSError_t CrysRet = CRYS_OK; + void* pHeap = NULL; + size_t heapSize = 0; + uint32_t key_size = 2*MAX_KEY_SIZE_IN_BYTES + 1; + const CRYS_ECPKI_Domain_t* pDomain = CRYS_ECPKI_GetEcDomain ( convert_mbedtls_grp_id_to_crys_domain_id( gid ) ); + mbedtls_rand_func_container cc_rand = { f_rng, p_rng }; + + + if ( pDomain ) + { + uint8_t temp_buf[ 2 * MAX_KEY_SIZE_IN_BYTES + 1 ] = {0}; + + cc_ecc_ws_keygen_params_t* kgParams = mbedtls_calloc( 1, sizeof(cc_ecc_ws_keygen_params_t) ); + if ( kgParams == NULL ) + return ( MBEDTLS_ERR_ECP_ALLOC_FAILED ); + + pHeap = kgParams; + heapSize = sizeof(cc_ecc_ws_keygen_params_t); + + CrysRet = CRYS_ECPKI_GenKeyPair( &cc_rand, convert_mbedtls_to_cc_rand, pDomain, + &kgParams->privKey, &kgParams->pubKey, + &kgParams->kgTempData, NULL ); + if ( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + goto cleanup; + } + + MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ctx->grp, gid ) ); + + CrysRet = CRYS_ECPKI_ExportPublKey( &kgParams->pubKey, CRYS_EC_PointUncompressed, temp_buf, &key_size ); + if ( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + goto cleanup; + } + + ret = mbedtls_ecp_point_read_binary( &ctx->grp, &ctx->Q, temp_buf, key_size ); + if ( ret != 0 ) + goto cleanup; + + memset ( temp_buf, 0 , sizeof(temp_buf) ); + + CrysRet = CRYS_COMMON_ConvertLswMswWordsToMsbLsbBytes( temp_buf, (ctx->grp.nbits+7)/8, + kgParams->privKey.PrivKeyDbBuff, + 4*((((ctx->grp.nbits+7)/8)+3)/4) ); + if ( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + mbedtls_zeroize( temp_buf, sizeof(temp_buf) ); + goto cleanup; + } + + ret = mbedtls_mpi_read_binary( &ctx->d, temp_buf, (ctx->grp.nbits+7)/8 ); + mbedtls_zeroize( temp_buf, sizeof(temp_buf) ); + if ( ret != 0 ) + { + goto cleanup; + } + } + else + ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + + +cleanup: + if ( pHeap ) + { + mbedtls_zeroize( pHeap, heapSize ); + mbedtls_free ( pHeap ); + } + return ( ret ); +} +#endif /* MBEDTLS_ECDSA_GENKEY_ALT */ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/ecdsa_alt.c.mod b/features/cryptocell/FEATURE_CRYPTOCELL310/ecdsa_alt.c.mod new file mode 100644 index 00000000000..b028128c772 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/ecdsa_alt.c.mod @@ -0,0 +1,327 @@ +/* + * ecdsa_alt.c + * + * Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "mbedtls/ecdsa.h" +#include +#include "crys_ecpki_ecdsa.h" +#include "crys_ecpki_build.h" +#include "crys_common.h" +#include "crys_ecpki_kg.h" +#include "crys_ecpki_domain.h" +#include "crys_ec_edw_api.h" +#include "mbedtls/platform.h" +#include "cc_internal.h" + +/* Implementation that should never be optimized out by the compiler */ +static void mbedtls_zeroize( void *v, size_t n ) { + volatile unsigned char *p = (unsigned char*)v; + while( n-- ) *p++ = 0; +} + + +static CRYS_ECPKI_HASH_OpMode_t message_size_to_hash_mode( size_t blen ) +{ + CRYS_ECPKI_HASH_OpMode_t hash_mode; + switch( blen ) + { + case CRYS_HASH_SHA1_DIGEST_SIZE_IN_WORDS*sizeof(uint32_t): + hash_mode = CRYS_ECPKI_AFTER_HASH_SHA1_mode; + break; + case CRYS_HASH_SHA224_DIGEST_SIZE_IN_WORDS*sizeof(uint32_t): + hash_mode = CRYS_ECPKI_AFTER_HASH_SHA224_mode; + break; + case CRYS_HASH_SHA256_DIGEST_SIZE_IN_WORDS*sizeof(uint32_t): + hash_mode = CRYS_ECPKI_AFTER_HASH_SHA256_mode; + break; + case CRYS_HASH_SHA384_DIGEST_SIZE_IN_WORDS*sizeof(uint32_t): + hash_mode = CRYS_ECPKI_AFTER_HASH_SHA384_mode; + break; + case CRYS_HASH_SHA512_DIGEST_SIZE_IN_WORDS*sizeof(uint32_t): + hash_mode = CRYS_ECPKI_AFTER_HASH_SHA512_mode; + break; + default: + hash_mode = CRYS_ECPKI_HASH_OpModeLast; + } + + return hash_mode; +} + +#if defined(MBEDTLS_ECDSA_SIGN_ALT) +int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +{ + int ret = 0; + CRYSError_t CrysRet = CRYS_OK; + void* pHeap = NULL; + size_t heapSize = 0; + uint8_t* pSignature = NULL; + CRYS_ECPKI_HASH_OpMode_t hash_mode = message_size_to_hash_mode( blen ); + uint32_t signature_size = ( ( grp->nbits + 7 ) / 8 ) *2; + const uint32_t signature_size_for_heap = signature_size; + mbedtls_rand_func_container cc_rand = { f_rng, p_rng }; + const CRYS_ECPKI_Domain_t* pDomain = CRYS_ECPKI_GetEcDomain ( convert_mbedtls_grp_id_to_crys_domain_id( grp->id ) ); + + if( blen > 0xFFFFFFFF ) + { + ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + goto cleanup; + } + + if ( pDomain != NULL ) + { + uint8_t temp_buf[ MAX_KEY_SIZE_IN_BYTES ] = {0}; + cc_ecc_ws_sign_params_t* signParams = mbedtls_calloc( 1, sizeof(cc_ecc_ws_sign_params_t) ); + if ( signParams == NULL) + return ( MBEDTLS_ERR_ECP_ALLOC_FAILED ); + pHeap = signParams; + heapSize = sizeof(cc_ecc_ws_sign_params_t); + + pSignature = mbedtls_calloc( 1, signature_size_for_heap ); + if ( pSignature == NULL) + { + ret = MBEDTLS_ERR_ECP_ALLOC_FAILED; + goto cleanup; + } + + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, temp_buf, mbedtls_mpi_size( d ) ) ); + + CrysRet = CRYS_ECPKI_BuildPrivKey( pDomain, + temp_buf, + mbedtls_mpi_size( d ), + &signParams->privKey); + if( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + mbedtls_zeroize( temp_buf, sizeof(temp_buf) ); + goto cleanup; + } + + CrysRet = CRYS_ECDSA_Sign( &cc_rand, + convert_mbedtls_to_cc_rand, + &signParams->signContext, + &signParams->privKey, + hash_mode, + (uint8_t*)buf, + blen, + pSignature, + &signature_size ); + mbedtls_zeroize( temp_buf, sizeof(temp_buf) ); + if( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + goto cleanup; + } + + } + else + { + ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + goto cleanup; + } + + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( r, pSignature, ( ( grp->nbits + 7 ) / 8 ) ) ); + + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( s, pSignature + ( ( grp->nbits + 7 ) / 8 ), ( ( grp->nbits + 7 ) / 8 ) ) ); + + +cleanup: + + if ( pHeap ) + { + mbedtls_zeroize( pHeap, heapSize ); + mbedtls_free( pHeap ); + } + + if( pSignature ) + { + mbedtls_zeroize( pSignature, signature_size_for_heap ); + mbedtls_free( pSignature ); + + } + + return ( ret ) ; +} +#endif /* MBEDTLS_ECDSA_SIGN_ALT*/ + +#if defined(MBEDTLS_ECDSA_VERIFY_ALT) +//need to normalize the coordinates +int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, + const unsigned char *buf, size_t blen, + const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s) +{ + int ret = 0; + CRYSError_t CrysRet = CRYS_OK; + void* pHeap = NULL; + size_t heapSize = 0; + uint8_t * pSignature = NULL; + CRYS_ECPKI_HASH_OpMode_t hash_mode = message_size_to_hash_mode( blen ); + size_t temp_size = 0; + uint32_t signature_size = ( ( grp->nbits + 7 ) / 8 ) * 2; + const CRYS_ECPKI_Domain_t* pDomain = CRYS_ECPKI_GetEcDomain ( convert_mbedtls_grp_id_to_crys_domain_id( grp->id ) ); + + if( blen > 0xFFFFFFFF ) + { + ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + goto cleanup; + } + + if ( pDomain ) + { + uint8_t temp_buf[ 2*MAX_KEY_SIZE_IN_BYTES + 1 ] = {0}; + + cc_ecc_ws_verify_params_t* verifyParams = mbedtls_calloc( 1, sizeof(cc_ecc_ws_verify_params_t) ); + if ( verifyParams == NULL) + return ( MBEDTLS_ERR_ECP_ALLOC_FAILED ); + pHeap = verifyParams; + heapSize = sizeof(cc_ecc_ws_verify_params_t); + + pSignature = mbedtls_calloc( 1, signature_size ); + if ( pSignature == NULL) + { + ret = MBEDTLS_ERR_ECP_ALLOC_FAILED; + goto cleanup; + } + + MBEDTLS_MPI_CHK( mbedtls_ecp_point_write_binary( grp, Q, MBEDTLS_ECP_PF_UNCOMPRESSED, + &temp_size, temp_buf, sizeof(temp_buf) ) ); + + CrysRet = CRYS_ECPKI_BuildPublKey(pDomain, temp_buf, temp_size, &verifyParams->pubKey); + if( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + goto cleanup; + } + + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( r, pSignature, ( ( grp->nbits + 7 ) / 8 ) ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( s, pSignature + ( ( grp->nbits + 7 ) / 8 ), ( ( grp->nbits + 7 ) / 8 ) ) ); + CrysRet = CRYS_ECDSA_Verify ( &verifyParams->verifyContext, + &verifyParams->pubKey, + hash_mode, + pSignature, + signature_size, + (uint8_t*)buf, + blen ); + if( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + goto cleanup; + } + } + else + ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + +cleanup: + + if( pHeap ) + { + mbedtls_zeroize( pHeap, heapSize ); + mbedtls_free( pHeap ); + } + if( pSignature ) + { + mbedtls_zeroize( pSignature, signature_size ); + mbedtls_free( pSignature ); + + } + + return ret; +} +#endif /* MBEDTLS_ECDSA_VERIFY_ALT */ + +#if defined(MBEDTLS_ECDSA_GENKEY_ALT) +int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +{ + int ret = 0; + CRYSError_t CrysRet = CRYS_OK; + void* pHeap = NULL; + size_t heapSize = 0; + uint32_t key_size = 2*MAX_KEY_SIZE_IN_BYTES + 1; + const CRYS_ECPKI_Domain_t* pDomain = CRYS_ECPKI_GetEcDomain ( convert_mbedtls_grp_id_to_crys_domain_id( gid ) ); + mbedtls_rand_func_container cc_rand = { f_rng, p_rng }; + + + if ( pDomain ) + { + uint8_t temp_buf[ 2 * MAX_KEY_SIZE_IN_BYTES + 1 ] = {0}; + + cc_ecc_ws_keygen_params_t* kgParams = mbedtls_calloc( 1, sizeof(cc_ecc_ws_keygen_params_t) ); + if ( kgParams == NULL ) + return ( MBEDTLS_ERR_ECP_ALLOC_FAILED ); + + pHeap = kgParams; + heapSize = sizeof(cc_ecc_ws_keygen_params_t); + + CrysRet = CRYS_ECPKI_GenKeyPair( &cc_rand, convert_mbedtls_to_cc_rand, pDomain, + &kgParams->privKey, &kgParams->pubKey, + &kgParams->kgTempData, NULL ); + if ( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + goto cleanup; + } + + MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ctx->grp, gid ) ); + + CrysRet = CRYS_ECPKI_ExportPublKey( &kgParams->pubKey, CRYS_EC_PointUncompressed, temp_buf, &key_size ); + if ( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + goto cleanup; + } + + ret = mbedtls_ecp_point_read_binary( &ctx->grp, &ctx->Q, temp_buf, key_size ); + if ( ret != 0 ) + goto cleanup; + + memset ( temp_buf, 0 , sizeof(temp_buf) ); + + CrysRet = CRYS_COMMON_ConvertLswMswWordsToMsbLsbBytes( temp_buf, (ctx->grp.nbits+7)/8, + kgParams->privKey.PrivKeyDbBuff, + 4*((((ctx->grp.nbits+7)/8)+3)/4) ); + if ( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + mbedtls_zeroize( temp_buf, sizeof(temp_buf) ); + goto cleanup; + } + + ret = mbedtls_mpi_read_binary( &ctx->d, temp_buf, (ctx->grp.nbits+7)/8 ); + mbedtls_zeroize( temp_buf, sizeof(temp_buf) ); + if ( ret != 0 ) + { + goto cleanup; + } + + } + else + ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + + +cleanup: + if ( pHeap ) + { + mbedtls_zeroize( pHeap, heapSize ); + mbedtls_free ( pHeap ); + } + return ( ret ); +} +#endif /* MBEDTLS_ECDSA_GENKEY_ALT */ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/ccsw_crys_rsa_shared_types.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/ccsw_crys_rsa_shared_types.h new file mode 100644 index 00000000000..03f561aedf4 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/ccsw_crys_rsa_shared_types.h @@ -0,0 +1,144 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +#ifndef SW_CRYS_RSA_SHARED_TYPES_H +#define SW_CRYS_RSA_SHARED_TYPES_H + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/** @file + * @brief This file contains the types for the CCSW RSA module. + */ + +/************************ Defines ******************************/ + +/************************************************************************/ +/* the following definitions are only relevant for RSA code on SW */ +/************************************************************************/ +/* Define the maximal allowed width of the exponentiation sliding window +in range 2...6. This define is actual for projects on soft platform. +To minimize code size use the minimum value. To optimize performance +choose the maximum value */ + +/* The valid key size in bits */ +#define SW_CRYS_RSA_MIN_VALID_KEY_SIZE_VALUE_IN_BITS 512 + +#ifndef CRYS_NO_RSA_MAX_KEY_SIZE_4096_BIT_SUPPORT +#define SW_CRYS_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BITS 4096 +#define SW_CRYS_RSA_MAX_KEY_GENERATION_SIZE_BITS 4096 +#else +#ifndef CRYS_NO_RSA_MAX_KEY_SIZE_3072_BIT_SUPPORT +#define SW_CRYS_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BITS 3072 +#define SW_CRYS_RSA_MAX_KEY_GENERATION_SIZE_BITS 3072 +#else +#define SW_CRYS_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BITS 2048 +#define SW_CRYS_RSA_MAX_KEY_GENERATION_SIZE_BITS 2048 +#endif +#endif + + + + + +/* Define the size of the exponentiation temp buffer, used in LLF_PKI exponentiation and NON DEPENDED on + width of the sliding window. The size defined in units equaled to maximal RSA modulus size */ +#define PKI_EXP_CONST_TEMP_BUFF_SIZE_IN_MODULUS_UNITS 7 + +#define PKI_EXP_SLIDING_WINDOW_MAX_VALUE 2 + + /* The maximum buffer size for the 'H' value */ +#define SW_CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS ((SW_CRYS_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BITS + 64UL ) / 32 ) + + +/* definition of PKI_KEY_GEN_TEMP_BUFF_SIZE_WORDS IS DEPENDED on width of the sliding window*/ +#if( PKI_EXP_SLIDING_WINDOW_MAX_VALUE > 2 ) +#define PKI_KEY_GEN_TEMP_BUFF_SIZE_WORDS \ + ((4 + (1<<(PKI_EXP_SLIDING_WINDOW_MAX_VALUE-2))) * SW_CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS) +#else +#define PKI_KEY_GEN_TEMP_BUFF_SIZE_WORDS \ + (16 * SW_CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS) +#endif + +#ifndef PKI_EXP_WINDOW_TEMP_BUFFER_SIZE_IN_MODULUS_UNITS +#define PKI_EXP_WINDOW_TEMP_BUFFER_SIZE_IN_MODULUS_UNITS (3 + (1 << (PKI_EXP_SLIDING_WINDOW_MAX_VALUE-1))) +#endif + + +/* Define the size of the temp buffer, used in LLF_PKI exponentiation and DEPENDED on + width of the sliding window in words */ +#if (PKI_EXP_CONST_TEMP_BUFF_SIZE_IN_MODULUS_UNITS > PKI_EXP_WINDOW_TEMP_BUFFER_SIZE_IN_MODULUS_UNITS ) +#define PKI_EXP_TEMP_BUFFER_SIZE_IN_WORDS \ + (PKI_EXP_CONST_TEMP_BUFF_SIZE_IN_MODULUS_UNITS * SW_CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS + 2 ) +#else +#define PKI_EXP_TEMP_BUFFER_SIZE_IN_WORDS \ + (PKI_EXP_WINDOW_TEMP_BUFFER_SIZE_IN_MODULUS_UNITS * SW_CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS + 2 ) +#endif + +/* the RSA data type */ +typedef struct SW_Shared_CRYS_RSAPrimeData_t { + /* The aligned input and output data buffers */ + uint32_t DataIn[SW_CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + uint32_t DataOut[SW_CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + + /* #include specific fields that are used by the low level */ + struct { + union { + struct { /* Temporary buffers used for the exponent calculation */ + uint32_t Tempbuff1[PKI_EXP_TEMP_BUFFER_SIZE_IN_WORDS]; + uint32_t Tempbuff2[SW_CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS * 2]; + /* Temporary buffer for self-test support */ + uint32_t TempBuffer[SW_CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + }NonCrt; + + struct { /* Temporary buffers used for the exponent calculation */ + uint32_t Tempbuff1[PKI_EXP_TEMP_BUFFER_SIZE_IN_WORDS]; + uint32_t Tempbuff2[SW_CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS * 2]; + }Crt; + }Data; + }LLF; + +}SW_Shared_CRYS_RSAPrimeData_t; + + + + +#ifdef __cplusplus +} +#endif +#endif diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_aesccm.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_aesccm.h new file mode 100644 index 00000000000..ccf073208f5 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_aesccm.h @@ -0,0 +1,315 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef CRYS_AESCCM_H +#define CRYS_AESCCM_H + +#include "ssi_pal_types.h" +#include "crys_error.h" + +#include "ssi_aes.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief This file contains all of the enums and definitions that are used for the CRYS AESCCM APIs, as well as the APIs themselves. +The API supports AES-CCM and AES-CCM* as defined in ieee-802.15.4. +@defgroup crys_aesccm CryptoCell AES-CCM APIs +@{ +@ingroup cryptocell_api + + +@note +Regarding the AES-CCM*, the API supports only AES-CCM* as defined in ieee-802.15.4-2011; With the instantiations as defined in B.3.2 and the nonce as defined in 7.3.2. +in case of AES-CCM* the flow should be as follows: +
  • AES-CCM* integrated
    • +
    • CRYS_AESCCMStar_NonceGenerate
      • +
    • CRYS_AESCCMStar
+
  • AES-CCM* non-integrated
    • +
    • CRYS_AESCCMStar_NonceGenerate
      • +
    • CRYS_AESCCMStar_Init
      • +
    • CRYS_AESCCM_BlockAdata
      • +
    • CRYS_AESCCM_BlockTextData
      • +
    • CRYS_AESCCM_Finish
+*/ + +/************************ Defines ******************************/ + +/*! AES CCM context size in words.*/ +#define CRYS_AESCCM_USER_CTX_SIZE_IN_WORDS (152/4) + +/*! AES CCM maximal key size in words. */ +#define CRYS_AESCCM_KEY_SIZE_WORDS 8 + +/* nonce and AESCCM-MAC sizes definitions */ +/*! AES CCM NONCE minimal size in bytes. */ +#define CRYS_AESCCM_NONCE_MIN_SIZE_BYTES 7 +/*! AES CCM NONCE maximal size in bytes. */ +#define CRYS_AESCCM_NONCE_MAX_SIZE_BYTES 13 +/*! AES CCM MAC minimal size in bytes..*/ +#define CRYS_AESCCM_MAC_MIN_SIZE_BYTES 4 +/*! AES CCM MAC maximal size in bytes. */ +#define CRYS_AESCCM_MAC_MAX_SIZE_BYTES 16 + +/*! AES CCM star NONCE size in bytes. */ +#define CRYS_AESCCM_STAR_NONCE_SIZE_BYTES 13 +/*! AES CCM star source address size in bytes. */ +#define CRYS_AESCCM_STAR_SOURCE_ADDRESS_SIZE_BYTES 8 + +/*! AES CCM mode - CCM. */ +#define CRYS_AESCCM_MODE_CCM 0 +/*! AES CCM mode - CCM STAR. */ +#define CRYS_AESCCM_MODE_STAR 1 + + +/************************ Typedefs ****************************/ +/*! AES CCM key sizes. */ +typedef enum { + /*! Key size 128 bits. */ + CRYS_AES_Key128BitSize = 0, + /*! Key size 192 bits. */ + CRYS_AES_Key192BitSize = 1, + /*! Key size 256 bits. */ + CRYS_AES_Key256BitSize = 2, + /*! Key size 512 bits. */ + CRYS_AES_Key512BitSize = 3, + /*! Number of optional key sizes. */ + CRYS_AES_KeySizeNumOfOptions, + /*! Reserved. */ + CRYS_AES_KeySizeLast = 0x7FFFFFFF, + +}CRYS_AESCCM_KeySize_t; + +/*! AES_CCM key buffer definition.*/ +typedef uint8_t CRYS_AESCCM_Key_t[CRYS_AESCCM_KEY_SIZE_WORDS * sizeof(uint32_t)]; +/*! AES_CCM MAC buffer definition.*/ +typedef uint8_t CRYS_AESCCM_Mac_Res_t[SASI_AES_BLOCK_SIZE_IN_BYTES]; + +/*! AES_CCM_STAR source address buffer defintion. */ +typedef uint8_t CRYS_AESCCMStar_SourceAddress_t[CRYS_AESCCM_STAR_SOURCE_ADDRESS_SIZE_BYTES]; +/*! AES_CCM_STAR Nonce buffer defintion. */ +typedef uint8_t CRYS_AESCCMStar_Nonce_t[CRYS_AESCCM_STAR_NONCE_SIZE_BYTES]; + +/******************* Context Structure ***********************/ +/*! The user's context structure - the argument type that is passed by the user to the AES CCM APIs */ +typedef struct CRYS_AESCCM_UserContext_t +{ + /*! AES CCM context buffer for internal usage. */ + uint32_t buff[CRYS_AESCCM_USER_CTX_SIZE_IN_WORDS]; +}CRYS_AESCCM_UserContext_t; + + +/************************ Public Functions **********************/ + +/*! +@brief This function initializes the AES CCM context. + +It formats of the input data, calculates AES-MAC value for the formatted B0 block containing control information and +CCM unique value (Nonce), and initializes the AES context structure including the initial CTR0 value. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_aesccm_error.h. +*/ +CRYSError_t CC_AESCCM_Init( + CRYS_AESCCM_UserContext_t *ContextID_ptr, /*!< [in] Pointer to the AES context buffer that is allocated by the user and is used for + the AES operation. */ + SaSiAesEncryptMode_t EncrDecrMode, /*!< [in] Flag specifying whether Encrypt (::SASI_AES_ENCRYPT) or Decrypt + (::SASI_AES_DECRYPT) operation should be performed. */ + CRYS_AESCCM_Key_t CCM_Key, /*!< [in] Pointer to the AES-CCM key. */ + CRYS_AESCCM_KeySize_t KeySizeId, /*!< [in] Enumerator defining the key size (only 128 bit is valid). */ + uint32_t AdataSize, /*!< [in] Full byte length of additional (associated) data. If set to zero, + calling ::CRYS_AESCCM_BlockAdata on the same context would return an error. */ + uint32_t TextSizeQ, /*!< [in] Full length of plain text data. */ + uint8_t *N_ptr, /*!< [in] Pointer to the Nonce. */ + uint8_t SizeOfN, /*!< [in] Nonce byte size. The valid values depend on the ccm mode: +
  • CCM: valid values = [7 .. 13].
    • +
  • CCM*: valid values = [13].
*/ + uint8_t SizeOfT, /*!< [in] AES-CCM MAC (tag) byte size. The valid values depend on the ccm mode: +
  • CCM: valid values = [4, 6, 8, 10, 12, 14, 16].
    • +
  • CCM*: valid values = [0, 4, 8, 16].
*/ + uint32_t ccmMode /*!< [in] Flag specifying whether AES-CCM or AES-CCM* should be performed. */ +); + +/*! Macro defintion for CRYS_AESCCM_Init (AES CCM non-star implementation). */ +#define CRYS_AESCCM_Init(ContextID_ptr, EncrDecrMode, CCM_Key, KeySizeId, AdataSize, TextSizeQ, N_ptr, SizeOfN, SizeOfT) \ + CC_AESCCM_Init(ContextID_ptr, EncrDecrMode, CCM_Key, KeySizeId, AdataSize, TextSizeQ, N_ptr, SizeOfN, SizeOfT, CRYS_AESCCM_MODE_CCM) + +/*! Macro defintion CRYS_AESCCMStar_Init (AES CCM star implementation). */ +#define CRYS_AESCCMStar_Init(ContextID_ptr, EncrDecrMode, CCM_Key, KeySizeId, AdataSize, TextSizeQ, N_ptr, SizeOfN, SizeOfT) \ + CC_AESCCM_Init(ContextID_ptr, EncrDecrMode, CCM_Key, KeySizeId, AdataSize, TextSizeQ, N_ptr, SizeOfN, SizeOfT, CRYS_AESCCM_MODE_STAR) + +/*! +@brief This function receives a CCM context and a block of additional data, and adds it to the AES MAC +calculation. +This API can be called only once per operation context. It should not be called in case AdataSize was set to +zero in ::CC_AESCCM_Init. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_aesccm_error.h. +*/ +CRYSError_t CRYS_AESCCM_BlockAdata( + CRYS_AESCCM_UserContext_t *ContextID_ptr, /*!< [in] Pointer to the context buffer. */ + uint8_t *DataIn_ptr, /*!< [in] Pointer to the additional input data. The buffer must be contiguous. */ + uint32_t DataInSize /*!< [in] Byte size of the additional data. Must match AdataSize parameter provided to + ::CRYS_AESCCM_Init. */ +); + +/*! +@brief This function can be invoked for any block of Text data whose size is a multiple of 16 bytes, +excluding the last block that must be processed by ::CRYS_AESCCM_Finish. +
  • If encrypting: + Continues calculation of the intermediate AES_MAC value of the text data, while simultaneously encrypting the text data using AES_CTR, + starting from CTR value = CTR0+1.
    • +
  • If decrypting: + Continues decryption of the text data, while calculating the intermediate AES_MAC value of decrypted data.
+ +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_aesccm_error.h. +*/ +CRYSError_t CRYS_AESCCM_BlockTextData( + CRYS_AESCCM_UserContext_t *ContextID_ptr, /*!< [in] Pointer to the context buffer. */ + uint8_t *DataIn_ptr, /*!< [in] Pointer to the additional input data. The buffer must be contiguous. */ + uint32_t DataInSize, /*!< [in] Byte size of the text data block. Must be a multiple of 16 bytes. */ + uint8_t *DataOut_ptr /*!< [out] Pointer to the output data. The size of the output buffer must be at least DataInSize. + The buffer must be contiguous. */ +); + +/*! +@brief This function must be the last to be called on the text data. +It can either be called on the entire text data (if transferred as one block), or on the last block of the text data, +even if total size of text data is equal to 0. +It performs the same operations as ::CRYS_AESCCM_BlockTextData, but additionally: +
  • If encrypting:
    • +
    • If the size of text data is not in multiples of 16 bytes, it pads the remaining bytes with zeros to a full 16-bytes block and + processes the data using AES_MAC and AES_CTR algorithms.
      • +
    • Encrypts the AES_MAC result with AES_CTR using the CTR0 value saved in the context and places the SizeOfT bytes of MAC (tag) + at the end.
+
  • If decrypting:
    • +
    • Processes the text data, except for the last SizeOfT bytes (tag), using AES_CTR and then AES_MAC algorithms.
      • +
    • Encrypts the calculated MAC using AES_CTR based on the saved CTR0 value, and compares it with SizeOfT last bytes of input data (i.e. + tag value).
      • +
    • The function saves the validation result (Valid/Invalid) in the context.
      • +
    • Returns (as the error code) the final CCM-MAC verification result.
+ +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_aesccm_error.h. +*/ +CEXPORT_C CRYSError_t CRYS_AESCCM_Finish( + CRYS_AESCCM_UserContext_t *ContextID_ptr, /*!< [in] Pointer to the context buffer. */ + uint8_t *DataIn_ptr, /*!< [in] Pointer to the last input data. The buffer must be contiguous. */ + uint32_t DataInSize, /*!< [in] Byte size of the last text data block. Can be zero. */ + uint8_t *DataOut_ptr, /*!< [in] Pointer to the output (cipher or plain text data) data. The buffer must + be contiguous. If DataInSize = 0, output buffer is not required. */ + CRYS_AESCCM_Mac_Res_t MacRes, /*!< [in] MAC result buffer pointer. */ + uint8_t *SizeOfT /*!< [out] AES-CCM MAC byte size as defined in CRYS_AESCCM_Init. */ +); + +/****************************************************************************************************/ +/******** AESCCM FUNCTION ******/ +/****************************************************************************************************/ +/*! +@brief AES CCM combines Counter mode encryption with CBC-MAC authentication. +Input to CCM includes the following elements: +
  • Payload - text data that is both authenticated and encrypted.
    • +
  • Associated data (Adata) - data that is authenticated but not encrypted, e.g., a header.
    • +
  • Nonce - A unique value that is assigned to the payload and the associated data.
+ +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_aesccm_error.h. +*/ +CIMPORT_C CRYSError_t CC_AESCCM( + SaSiAesEncryptMode_t EncrDecrMode, /*!< [in] A flag specifying whether an AES Encrypt (::SASI_AES_ENCRYPT) or Decrypt + (::SASI_AES_DECRYPT) operation should be performed. */ + CRYS_AESCCM_Key_t CCM_Key, /*!< [in] Pointer to AES-CCM key. */ + CRYS_AESCCM_KeySize_t KeySizeId, /*!< [in] Enumerator defining the key size (only 128 bit is valid). */ + uint8_t *N_ptr, /*!< [in] Pointer to the Nonce. */ + uint8_t SizeOfN, /*!< [in] Nonce byte size. The valid values depend on the ccm mode: +
  • CCM: valid values = [7 .. 13].
    • +
  • CCM*: valid values = [13].
*/ + uint8_t *ADataIn_ptr, /*!< [in] Pointer to the additional input data. The buffer must be contiguous. */ + uint32_t ADataInSize, /*!< [in] Byte size of the additional data. */ + uint8_t *TextDataIn_ptr, /*!< [in] Pointer to the plain-text data for encryption or cipher-text data for decryption. + The buffer must be contiguous. */ + uint32_t TextDataInSize, /*!< [in] Byte size of the full text data. */ + uint8_t *TextDataOut_ptr, /*!< [out] Pointer to the output (cipher or plain text data according to encrypt-decrypt mode) + data. The buffer must be contiguous. */ + uint8_t SizeOfT, /*!< [in] AES-CCM MAC (tag) byte size. The valid values depend on the ccm mode: +
  • CCM: valid values = [4, 6, 8, 10, 12, 14, 16].
    • +
  • CCM*: valid values = [0, 4, 8, 16].
*/ + CRYS_AESCCM_Mac_Res_t Mac_Res, /*!< [in/out] Pointer to the MAC result buffer. */ + uint32_t ccmMode /*!< [in] Flag specifying whether AES-CCM or AES-CCM* should be performed. */ +); + +/*! Macro defintion for CRYS_AESCCM (AES CCM non-star implementation). */ +#define CRYS_AESCCM(EncrDecrMode, CCM_Key, KeySizeId, N_ptr, SizeOfN, ADataIn_ptr, ADataInSize, TextDataIn_ptr, TextDataInSize, TextDataOut_ptr, SizeOfT, Mac_Res) \ + CC_AESCCM(EncrDecrMode, CCM_Key, KeySizeId, N_ptr, SizeOfN, ADataIn_ptr, ADataInSize, TextDataIn_ptr, TextDataInSize, TextDataOut_ptr, SizeOfT, Mac_Res, CRYS_AESCCM_MODE_CCM) + +/*! Macro defintion for CRYS_AESCCMStar (AES CCM star implementation). */ +#define CRYS_AESCCMStar(EncrDecrMode, CCM_Key, KeySizeId, N_ptr, SizeOfN, ADataIn_ptr, ADataInSize, TextDataIn_ptr, TextDataInSize, TextDataOut_ptr, SizeOfT, Mac_Res) \ + CC_AESCCM(EncrDecrMode, CCM_Key, KeySizeId, N_ptr, SizeOfN, ADataIn_ptr, ADataInSize, TextDataIn_ptr, TextDataInSize, TextDataOut_ptr, SizeOfT, Mac_Res, CRYS_AESCCM_MODE_STAR) + + +/*! +@brief This function receives the MAC source address, the frame counter and the MAC size +and returns the required nonce for AES-CCM* as defined in ieee-802.15.4. +This API should be called before CRYS_AESCCMStar and CRYS_AESCCMStar_Init, +and the generated nonce should be provided to these functions. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_aesccm_error.h. +*/ +CRYSError_t CRYS_AESCCMStar_NonceGenerate( + CRYS_AESCCMStar_SourceAddress_t srcAddr, /*!< [in] The MAC address in EUI-64 format. */ + uint32_t FrameCounter, /*!< [in] The MAC frame counter. */ + uint8_t SizeOfT, /*!< [in] AES-CCM* MAC (tag) byte size. Valid values = [0,4,8,16]. */ + CRYS_AESCCMStar_Nonce_t nonce /*!< [out] The required nonce for AES-CCM*. */ +); + +#ifdef __cplusplus +} +#endif + +/** +@} + */ + +#endif /*#ifndef CRYS_AESCCM_H*/ + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_aesccm_error.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_aesccm_error.h new file mode 100644 index 00000000000..4ed26e312b9 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_aesccm_error.h @@ -0,0 +1,134 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + + +#ifndef CRYS_AESCCM_ERROR_H +#define CRYS_AESCCM_ERROR_H + + +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief This module contains the definitions of the CRYS AESCCM errors. +@defgroup crys_aesccm_error CryptoCell AES-CCM specific errors +@{ +@ingroup crys_aesccm +*/ + +/************************ Defines ******************************/ + +/*! CRYS AESCCM module errors. CRYS_AESCCM_MODULE_ERROR_BASE = 0x00F01500. */ +/*! Invalid context pointer. */ +#define CRYS_AESCCM_INVALID_USER_CONTEXT_POINTER_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x00UL) +/*! Illegal key size. */ +#define CRYS_AESCCM_ILLEGAL_KEY_SIZE_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x01UL) +/*! Invalid key pointer. */ +#define CRYS_AESCCM_INVALID_KEY_POINTER_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x02UL) +/*! Invalid encryption mode. */ +#define CRYS_AESCCM_INVALID_ENCRYPT_MODE_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x03UL) +/*! Context is corrupted. */ +#define CRYS_AESCCM_USER_CONTEXT_CORRUPTED_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x04UL) +/*! Invalid data in pointer. */ +#define CRYS_AESCCM_DATA_IN_POINTER_INVALID_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x05UL) +/*! Invalid data out pointer. */ +#define CRYS_AESCCM_DATA_OUT_POINTER_INVALID_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x06UL) +/*! Illegal data in size. */ +#define CRYS_AESCCM_DATA_IN_SIZE_ILLEGAL (CRYS_AESCCM_MODULE_ERROR_BASE + 0x07UL) +/*! Illegal data in or data out address. */ +#define CRYS_AESCCM_DATA_OUT_DATA_IN_OVERLAP_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x08UL) +/*! Illegal data out size. */ +#define CRYS_AESCCM_DATA_OUT_SIZE_INVALID_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x09UL) +/*! Illegal call to process additional data. */ +#define CRYS_AESCCM_ADDITIONAL_BLOCK_NOT_PERMITTED_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x0AUL) +/*! Illegal dma buffer type. */ +#define CRYS_AESCCM_ILLEGAL_DMA_BUFF_TYPE_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x0BUL) +/*! Illegal parameter size. */ +#define CRYS_AESCCM_ILLEGAL_PARAMETER_SIZE_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x0CUL) +/*! Invalid parameter pointer. */ +#define CRYS_AESCCM_ILLEGAL_PARAMETER_PTR_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x0DUL) +/*! Invalid data type. */ +#define CRYS_AESCCM_ILLEGAL_DATA_TYPE_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x0EUL) +/*! CCM MAC compare failure. */ +#define CRYS_AESCCM_CCM_MAC_INVALID_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x0FUL) +/*! Illegal operation. */ +#define CRYS_AESCCM_LAST_BLOCK_NOT_PERMITTED_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x10UL) +/*! Illegal parameter. */ +#define CRYS_AESCCM_ILLEGAL_PARAMETER_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x11UL) +/*! Additional data input size is incorrect. */ +#define CRYS_AESCCM_NOT_ALL_ADATA_WAS_PROCESSED_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x13UL) +/*! Text data input size is incorrect. */ +#define CRYS_AESCCM_NOT_ALL_DATA_WAS_PROCESSED_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x14UL) +/*! Additional data was already processed (must be processed only once). */ +#define CRYS_AESCCM_ADATA_WAS_PROCESSED_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x15UL) +/*! Illegal Nonce size. */ +#define CRYS_AESCCM_ILLEGAL_NONCE_SIZE_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x16UL) +/*! Illegal tag (MAC) size. */ +#define CRYS_AESCCM_ILLEGAL_TAG_SIZE_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x17UL) + +/*! Illegal context size. */ +#define CRYS_AESCCM_CTX_SIZES_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x28UL) +/*! Illegal parameters. */ +#define CRYS_AESCCM_ILLEGAL_PARAMS_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x29UL) +/*! AESCCM is not supported. */ +#define CRYS_AESCCM_IS_NOT_SUPPORTED (CRYS_AESCCM_MODULE_ERROR_BASE + 0xFFUL) + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Structs *****************************/ + +/************************ Public Variables *********************/ + +/************************ Public Functions *********************/ + +#ifdef __cplusplus +} +#endif + +/** +@} + */ + +#endif + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_chacha.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_chacha.h new file mode 100644 index 00000000000..89fb88d2392 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_chacha.h @@ -0,0 +1,234 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +/*! +@file +@brief This file contains all of the enums and definitions that are used for the + CRYS CHACHA APIs, as well as the APIs themselves. +@defgroup crys_chacha CryptoCell CHACHA APIs +@{ +@ingroup cryptocell_api +*/ +#ifndef CRYS_CHACHA_H +#define CRYS_CHACHA_H + + +#include "ssi_pal_types.h" +#include "crys_error.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + +/************************ Defines ******************************/ +/*! CHACHA user's context size in words. */ +#define CRYS_CHACHA_USER_CTX_SIZE_IN_WORDS 17 + +/*! CHACHA block size in words. */ +#define CRYS_CHACHA_BLOCK_SIZE_IN_WORDS 16 +/*! CHACHA block size in bytes. */ +#define CRYS_CHACHA_BLOCK_SIZE_IN_BYTES (CRYS_CHACHA_BLOCK_SIZE_IN_WORDS * sizeof(uint32_t)) + +/*! Nonce buffer max size in words. */ +#define CRYS_CHACHA_NONCE_MAX_SIZE_IN_WORDS 3 +/*! Nonce buffer max size in bytes. */ +#define CRYS_CHACHA_NONCE_MAX_SIZE_IN_BYTES (CRYS_CHACHA_NONCE_MAX_SIZE_IN_WORDS * sizeof(uint32_t)) + +/*! CHACHA KEY maximal size in words. */ +#define CRYS_CHACHA_KEY_MAX_SIZE_IN_WORDS 8 +/*! CHACHA KEY maximal size in bytes. */ +#define CRYS_CHACHA_KEY_MAX_SIZE_IN_BYTES (CRYS_CHACHA_KEY_MAX_SIZE_IN_WORDS * sizeof(uint32_t)) + +/************************ Enums ********************************/ + +/*! Enum defining the CHACHA Encrypt or Decrypt operation mode. */ +typedef enum { + /*! CHACHA encrypt mode. */ + CRYS_CHACHA_Encrypt = 0, + /*! CHACHA decrypt mode. */ + CRYS_CHACHA_Decrypt = 1, + /*! CHACHA maximal number of operations (encrypt/decrypt). */ + CRYS_CHACHA_EncryptNumOfOptions, + + /*! Reserved. */ + CRYS_CHACHA_EncryptModeLast = 0x7FFFFFFF, + +}CRYS_CHACHA_EncryptMode_t; + +/*! Enum defining the CHACHA Nonce size in bits. */ +typedef enum { + /*! 64 bit Nonce size. */ + CRYS_CHACHA_Nonce64BitSize = 0, + /*! 96 bit Nonce size. */ + CRYS_CHACHA_Nonce96BitSize = 1, + /*! CHACHA maximal number of nonce sizes. */ + CRYS_CHACHA_NonceSizeNumOfOptions, + /*! Reserved. */ + CRYS_CHACHA_NonceSizeLast = 0x7FFFFFFF, + +}CRYS_CHACHA_NonceSize_t; + +/************************ Typedefs ****************************/ + +/*! Defines the Nonce buffer 12 bytes array. */ +typedef uint8_t CRYS_CHACHA_Nonce_t[CRYS_CHACHA_NONCE_MAX_SIZE_IN_BYTES]; + +/*! Defines the CHACHA key buffer. */ +typedef uint8_t CRYS_CHACHA_Key_t[CRYS_CHACHA_KEY_MAX_SIZE_IN_BYTES]; + + +/************************ context Structs ******************************/ + +/*! The user's context prototype - the argument type that is passed by the user + to the CHACHA API. The context saves the state of the operation and must be saved by the user + till the end of the APIs flow (for example till ::CRYS_CHACHA_Free is called). */ +typedef struct CRYS_CHACHAUserContext_t { + /* Allocated buffer must be double the size of actual context + * + 1 word for offset management */ + /*! Context buffer for internal use */ + uint32_t buff[CRYS_CHACHA_USER_CTX_SIZE_IN_WORDS]; +}CRYS_CHACHAUserContext_t; + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +/****************************************************************************************************/ + +/*! +@brief This function is used to initialize the context for CHACHA operations. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_chacha_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_CHACHA_Init( + CRYS_CHACHAUserContext_t *pContextID, /*!< [in] Pointer to the CHACHA context buffer that is allocated by the user + and is used for the CHACHA operation. */ + CRYS_CHACHA_Nonce_t pNonce, /*!< [in] A buffer containing an nonce. */ + CRYS_CHACHA_NonceSize_t nonceSize, /*!< [in] Enumerator defining the nonce size (only 64 and 96 bit are valid). */ + CRYS_CHACHA_Key_t pKey, /*!< [in] A pointer to the user's key buffer. */ + uint32_t initialCounter, /*!< [in] An initial counter. */ + CRYS_CHACHA_EncryptMode_t EncryptDecryptFlag /*!< [in] A flag specifying whether the CHACHA should perform an Encrypt operation + or a Decrypt operation. */ +); + + +/*! +@brief This function is used to process aligned blocks of CHACHA. +The data in size should be a multiple of chacha block size. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_chacha_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_CHACHA_Block( + CRYS_CHACHAUserContext_t *pContextID, /*!< [in] Pointer to the context buffer. */ + uint8_t *pDataIn, /*!< [in] A pointer to the buffer of the input data to the CHACHA. + The pointer does not need to be aligned. must not be null. */ + uint32_t dataInSize, /*!< [in] The size of the input data. + Must be a multiple of ::CRYS_CHACHA_BLOCK_SIZE_IN_BYTES bytes and must not be 0. */ + uint8_t *pDataOut /*!< [out] A pointer to the buffer of the output data from the CHACHA. + The pointer does not need to be aligned. must not be null. */ +); + + +/*! +@brief This function is used to process the remaining data of CHACHA. +The data in size should be smaller than chacha block size. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_chacha_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_CHACHA_Finish( + CRYS_CHACHAUserContext_t *pContextID, /*!< [in] Pointer to the context buffer. */ + uint8_t *pDataIn, /*!< [in] A pointer to the buffer of the input data to the CHACHA. + The pointer does not need to be aligned. If dataInSize = 0, input buffer is not required. */ + uint32_t dataInSize, /*!< [in] The size of the input data. + zero and non multiple of ::CRYS_CHACHA_BLOCK_SIZE_IN_BYTES are valid. */ + uint8_t *pDataOut /*!< [out] A pointer to the buffer of the output data from the CHACHA. + The pointer does not need to be aligned. If dataInSize = 0, output buffer is not required. */ +); + + +/*! +@brief This function is used to free the context of CHACHA operations. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_chacha_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_CHACHA_Free( + CRYS_CHACHAUserContext_t *pContextID /*!< [in] Pointer to the context buffer. */ +); + + +/*! +@brief This function is used to perform the CHACHA operation in one integrated process. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_chacha_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_CHACHA( + CRYS_CHACHA_Nonce_t pNonce, /*!< [in] A buffer containing an nonce. */ + CRYS_CHACHA_NonceSize_t nonceSize, /*!< [in] Enumerator defining the nonce size (only 64 and 96 bit are valid). */ + CRYS_CHACHA_Key_t pKey, /*!< [in] A pointer to the user's key buffer. */ + uint32_t initialCounter, /*!< [in] An initial counter. */ + CRYS_CHACHA_EncryptMode_t encryptDecryptFlag, /*!< [in] A flag specifying whether the CHACHA should perform an Encrypt operation + or a Decrypt operation. */ + uint8_t *pDataIn, /*!< [in] A pointer to the buffer of the input data to the CHACHA. + The pointer does not need to be aligned. must not be null. */ + uint32_t dataInSize, /*!< [in] The size of the input data. must not be 0. */ + uint8_t *pDataOut /*!< [out] A pointer to the buffer of the output data from the CHACHA. + The pointer does not need to be aligned. must not be null. */ +); + + +/***********************************************************************************/ + +#ifdef __cplusplus +} +#endif + +/** +@} + */ + +#endif /* #ifndef CRYS_CHACHA_H */ + + + + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_chacha_error.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_chacha_error.h new file mode 100644 index 00000000000..93f6141a210 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_chacha_error.h @@ -0,0 +1,103 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +#ifndef CRYS_CHACHA_ERROR_H +#define CRYS_CHACHA_ERROR_H + + +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief This module contains the definitions of the CRYS CHACHA errors. +@defgroup crys_chacha_error CryptoCell CHACHA specific errors +@{ +@ingroup crys_chacha +*/ + + + +/************************ Defines ******************************/ + +/*! The CRYS CHACHA module errors base address - 0x00F02200. */ +/*! Illegal Nonce. */ +#define CRYS_CHACHA_INVALID_NONCE_ERROR (CRYS_CHACHA_MODULE_ERROR_BASE + 0x01UL) +/*! Illegal key size. */ +#define CRYS_CHACHA_ILLEGAL_KEY_SIZE_ERROR (CRYS_CHACHA_MODULE_ERROR_BASE + 0x02UL) +/*! Illegal key pointer. */ +#define CRYS_CHACHA_INVALID_KEY_POINTER_ERROR (CRYS_CHACHA_MODULE_ERROR_BASE + 0x03UL) +/*! Illegal operation mode. */ +#define CRYS_CHACHA_INVALID_ENCRYPT_MODE_ERROR (CRYS_CHACHA_MODULE_ERROR_BASE + 0x04UL) +/*! Illegal data in pointer. */ +#define CRYS_CHACHA_DATA_IN_POINTER_INVALID_ERROR (CRYS_CHACHA_MODULE_ERROR_BASE + 0x05UL) +/*! Illegal data out pointer. */ +#define CRYS_CHACHA_DATA_OUT_POINTER_INVALID_ERROR (CRYS_CHACHA_MODULE_ERROR_BASE + 0x06UL) +/*! Illegal user context. */ +#define CRYS_CHACHA_INVALID_USER_CONTEXT_POINTER_ERROR (CRYS_CHACHA_MODULE_ERROR_BASE + 0x07UL) +/*! Illegal user context size. */ +#define CRYS_CHACHA_CTX_SIZES_ERROR (CRYS_CHACHA_MODULE_ERROR_BASE + 0x08UL) +/*! Illegal Nonce pointer. */ +#define CRYS_CHACHA_INVALID_NONCE_PTR_ERROR (CRYS_CHACHA_MODULE_ERROR_BASE + 0x09UL) +/*! Illegal data in size. */ +#define CRYS_CHACHA_DATA_IN_SIZE_ILLEGAL (CRYS_CHACHA_MODULE_ERROR_BASE + 0x0AUL) +/*! General error. */ +#define CRYS_CHACHA_GENERAL_ERROR (CRYS_CHACHA_MODULE_ERROR_BASE + 0x0BUL) +/*! CHACHA is not supported. */ +#define CRYS_CHACHA_IS_NOT_SUPPORTED (CRYS_CHACHA_MODULE_ERROR_BASE + 0xFFUL) + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Structs *****************************/ + +/************************ Public Variables *********************/ + +/************************ Public Functions *********************/ + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_chacha_poly.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_chacha_poly.h new file mode 100644 index 00000000000..f9a7ce15fa8 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_chacha_poly.h @@ -0,0 +1,95 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +/*! +@file +@brief This file contains all of the enums and definitions that are used for the + CRYS CHACHA-POLY APIs, as well as the APIs themselves. +@defgroup crys_chacha_poly CryptoCell CHACHA-POLY APIs +@{ +@ingroup cryptocell_api +*/ +#ifndef CRYS_CHACHA_POLY_H +#define CRYS_CHACHA_POLY_H + + +#include "ssi_pal_types.h" +#include "crys_error.h" +#include "crys_chacha.h" +#include "crys_poly.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/*! +@brief This function is used to perform the CHACHA-POLY encryption and authentication operation. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_chacha_poly_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_CHACHA_POLY( + CRYS_CHACHA_Nonce_t pNonce, /*!< [in] A pointer to a buffer containing the nonce value. */ + CRYS_CHACHA_Key_t pKey, /*!< [in] A pointer to the user's key buffer. */ + CRYS_CHACHA_EncryptMode_t encryptDecryptFlag, /*!< [in] A flag specifying whether the CHACHA-POLY should perform an Encrypt or + Decrypt operation. */ + uint8_t *pAddData, /*!< [in] A pointer to the buffer of the additional data to the POLY. + The pointer does not need to be aligned. must not be null. */ + size_t addDataSize, /*!< [in] The size of the input data. must not be 0. */ + uint8_t *pDataIn, /*!< [in] A pointer to the buffer of the input data to the CHACHA. + The pointer does not need to be aligned. must not be null. */ + size_t dataInSize, /*!< [in] The size of the input data. must not be 0. */ + uint8_t *pDataOut, /*!< [out] A pointer to the buffer of the output data from the CHACHA. + must not be null. */ + CRYS_POLY_Mac_t macRes /*!< [in/out] Pointer to the MAC result buffer.*/ +); + + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif /* #ifndef CRYS_CHACHA_POLY_H */ + + + + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_chacha_poly_error.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_chacha_poly_error.h new file mode 100644 index 00000000000..f5465ecfacf --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_chacha_poly_error.h @@ -0,0 +1,95 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +#ifndef CRYS_CHACHA_POLY_ERROR_H +#define CRYS_CHACHA_POLY_ERROR_H + + +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief This module contains the definitions of the CRYS CHACHA POLY errors. +@defgroup crys_chacha_poly_error CryptoCell CHACHA POLY specific errors +@{ +@ingroup crys_chacha_poly +*/ + + + +/************************ Defines ******************************/ + +/*! The CRYS CHACHA POLY module errors base address - 0x00F02400. */ +/*! Invalid Additional data. */ +#define CRYS_CHACHA_POLY_ADATA_INVALID_ERROR (CRYS_CHACHA_POLY_MODULE_ERROR_BASE + 0x01UL) +/*! Invalid input data. */ +#define CRYS_CHACHA_POLY_DATA_INVALID_ERROR (CRYS_CHACHA_POLY_MODULE_ERROR_BASE + 0x02UL) +/*! Illegal encryption mode. */ +#define CRYS_CHACHA_POLY_ENC_MODE_INVALID_ERROR (CRYS_CHACHA_POLY_MODULE_ERROR_BASE + 0x03UL) +/*! Illegal data size. */ +#define CRYS_CHACHA_POLY_DATA_SIZE_INVALID_ERROR (CRYS_CHACHA_POLY_MODULE_ERROR_BASE + 0x04UL) +/*! Key generation error. */ +#define CRYS_CHACHA_POLY_GEN_KEY_ERROR (CRYS_CHACHA_POLY_MODULE_ERROR_BASE + 0x05UL) +/*! CHACHA Key generation error. */ +#define CRYS_CHACHA_POLY_ENCRYPTION_ERROR (CRYS_CHACHA_POLY_MODULE_ERROR_BASE + 0x06UL) +/*! Authentication error. */ +#define CRYS_CHACHA_POLY_AUTH_ERROR (CRYS_CHACHA_POLY_MODULE_ERROR_BASE + 0x07UL) +/*! MAC comparison error. */ +#define CRYS_CHACHA_POLY_MAC_ERROR (CRYS_CHACHA_POLY_MODULE_ERROR_BASE + 0x08UL) + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Structs *****************************/ + +/************************ Public Variables *********************/ + +/************************ Public Functions *********************/ + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_common.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_common.h new file mode 100644 index 00000000000..74c6302e638 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_common.h @@ -0,0 +1,371 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + + +#ifndef CRYS_COMMON_H +#define CRYS_COMMON_H + +#include "crys_common_error.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/************************ Defines ******************************/ + +#define CRYS_AES_SECRET_KEY_SIZE_IN_WORDS 4 + +/* the ROT13 definition - relevant only on SW low level engines compiled in the ROT mode */ +#define CRYS_COMMON_ROT_13_OFFSET 13 + + + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Structs *****************************/ + +/************************ Public Variables *********************/ + +/************************ Public Functions *********************/ + + + +/*********************************************************************** + ** + * @brief This function executes a reverse bytes copying from one buffer to another buffer. + * + * Overlapping of buffers is not allowed, excluding the case, when destination and source + * buffers are the same. + * Example of a 5 byte buffer: + * + * dst_ptr[4] = src_ptr[0] + * dst_ptr[3] = src_ptr[1] + * dst_ptr[2] = src_ptr[2] + * dst_ptr[1] = src_ptr[3] + * dst_ptr[0] = src_ptr[4] + * + * @param[in] dst_ptr - The pointer to destination buffer. + * @param[in] src_ptr - The pointer to source buffer. + * @param[in] size - The size in bytes. + * + */ + CRYSError_t CRYS_COMMON_ReverseMemcpy( uint8_t *dst_ptr , uint8_t *src_ptr , uint32_t size ); + + +/*********************************************************************** + ** + * @brief This function converts aligned words array to bytes array/ + * + * 1. Assumed, that input buffer is aligned to 4-bytes word and + * bytes order is set according to machine endianness. + * 2. Output buffer receives data as bytes stream from LSB to MSB. + * For increasing performance on small buffers, the output data is given + * by rounded down pointer and alignment. + * 3. This implementation is given for both Big and Little endian machines. + * + * + * @param[in] in32_ptr - The pointer to aligned input buffer. + * @param[in] out32_ptr - The 32-bits pointer to output buffer (rounded down to 4 bytes) . + * @param[in] outAlignBits - The actual output data alignment; + * @param[in] sizeWords - The size in words (sizeWords >= 1). + * + * return - no return value. + */ + void CRYS_COMMON_AlignedWordsArrayToBytes( uint32_t *in32_ptr , uint32_t *out32_ptr , + uint32_t outAlignBits, uint32_t sizeWords ); + +/***********************************************************************/ + /** + * @brief This function converts in place words byffer to bytes buffer with + * reversed endianity of output array. + * + * The function can convert: + * - big endian bytes array to words array with little endian order + * of words and backward. + * + * Note: + * 1. Endianness of each word in words buffer should be set allways + * according to processor used. + * 2. Implementation is given for both big and little endianness of + * processor. + * + * @param[in] buf_ptr - The 32-bits pointer to input/output buffer. + * @param[in] sizeWords - The size in words (sizeWords > 0). + * + * @return - no return value. + */ +void CRYS_COMMON_InPlaceConvertBytesWordsAndArrayEndianness( + uint32_t *buf_ptr, + uint32_t sizeWords); + + +/***********************************************************************/ + /** + * @brief This function converts big endianness bytes array to aligned words + * array with words order according to little endian / + * + * 1. Assumed, that input bytes order is set according + * to big endianness: MS Byte is most left, i.e. order is from + * Msb to Lsb. + * 2. Output words array should set according to + * little endianness words order: LSWord is most left, i.e. order + * is from Lsw to Msw. Order bytes in each word - according to + * 3. Implementation is given for both big and little + * endianness of processor. + * + * @param[out] out32_ptr - The 32-bits pointer to output buffer. + * @param[in] sizeOutBuffBytes - The size in bytes of output buffer, must be + * aligned to 4 bytes and not less than sizeInBytes. + * @param[in] in8_ptr - The pointer to input buffer. + * @param[in] sizeInBytes - The size in bytes of input data(sizeBytes >= 1). + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in . + */ +CRYSError_t CRYS_COMMON_ConvertMsbLsbBytesToLswMswWords( + uint32_t *out32_ptr, + uint32_t sizeOutBuffBytes, + const uint8_t *in8_ptr, + uint32_t sizeInBytes); + + +/***********************************************************************/ + /** + * @brief This function converts LE 32bit-words array to BE bytes array. + * + * Note: The function allows output full size of the data and also output + * without leading zeros, if the user gives appropriate exact output + * size < input size. + * + * Assuming: + * 1. Output bytes order is according to big endianness: + * MS Byte is most left, i.e. order is from Msb to Lsb. + * 2. Input array words order is set according to + * little endianness words order: LSWord is most left, i.e. order + * is from Lsw to Msw. Bytes order in each word - according to + * processor endianness. + * 3. Owerlapping of buffers is not allowed, besides in + * place operation and size aligned to full words. + * 4. Implementation is given for both big and little + * endianness of processor. + * + * @param[in] out8_ptr - The bytes pointer to the output buffer. + * @param[in] sizeOutBuffBytes - The size of the data in bytes to output; must + * be not less, than sizeInBytes. + * @param[out] in32_ptr - The pointer to the input buffer. + * @param[in] sizeInpBytes - The size of the input data in bytes. The size must + * be > 0 and aligned to 4 bytes. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in . + */ +CRYSError_t CRYS_COMMON_ConvertLswMswWordsToMsbLsbBytes( + uint8_t *out8_ptr, + uint32_t sizeOutBytes, + uint32_t *in32_ptr, + uint32_t sizeInpBytes); + + +/***********************************************************************/ +/** + * @brief VOS_GetGlobalData get the global random key hidden inside the function + * the global data implemented for now are random key buffer and AES secret key buffer + * + * When no_rtos is declared then we allow a global data. The random key/AES secret key are hidden as static inside the function + * + * + * @param[in] Globalid select the buffer + * @param[in] GlobalDataSizeWords - the global data buffer size needed in words - this value must be a predetermined value + * @param[out] GlobalData_ptr - Pointer to the global buffer returned. The buffer must be at least GlobalDataSizeWords size + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure an Error as defined in VOS_error + */ +CRYSError_t CRYS_COMMON_GetGlobalData(uint16_t Globalid, uint32_t *GlobalData_ptr, uint16_t GlobalDataSizeWords); + + +/***********************************************************************/ +/** +* @brief CRYS_COMMON_StoreGlobalData store the global random key into the global buffer hidden inside the function +* the global data implemented for now are random key buffer and AES secret key buffer +* +* +* @param[in] Globalid - random key / AES secret key +* @param[in] GlobalDataSizeWords - the global data buffer size needed in words - this value must be a predetermined value +* @param[in] GlobalData_ptr - Pointer to the global buffer to be saved. The buffer must be at least GlobalDataSizeWords size +* +* Return Value: +*/ +CRYSError_t CRYS_COMMON_StoreGlobalData(uint16_t Globalid, uint32_t *GlobalData_ptr, uint16_t GlobalDataSizeWords); + + +/***********************************************************************/ +/** + * @brief The CRYS_COMMON_CutAndSaveEndOfLliData() function saves the data from end of source + * memory, pointed by LLI table, to destination memory, and decreases the LLI table accordingly. + * + * The function executes the following major steps: + * + * 1. Starts copy bytes from last byte of last chunk of source LLI table into + * last byte of destination memory. + * 2. Continues copy bytes in reverse order while not completes copying of all amount of data. + * 3. If last chunk of source or destination data is not enough, the function crosses + * to next chunk of LLI table. + * 4. Decreases the Data size of last updated LLI entry and sets the LAST bit. + * 5. Exits with the OK code. + * + * + * @param[in] SrcLliTab_ptr - The pointer to the LLI table, containing pointers and sizes of + * chunks of source data. The table need to be aligned and placed + * in SEP SRAM. + * @param[in] SrcLliTabSize_ptr - The pointer to buffer, containing th size of the LLI table in words. + * @param[in] Dest_ptr - The destination address for copying the data. + * @param[in] DataSize - The count of bytes to copy. + * + * @return CRYSError_t - On success CRYS_OK is returned, + * - CRYS_COMMON_ERROR_IN_SAVING_LLI_DATA_ERROR + * + * NOTE: 1. Because the function is intended for internal using, it is presumed that all input parameters + * are valid. + * 2. Assumed, that copied source not may to take more than two last chunks of source memory. + */ + CRYSError_t CRYS_COMMON_CutAndSaveEndOfLliData( + uint32_t *SrcLliTab_ptr, + uint32_t *SrcLliTabSize_ptr, + uint8_t *Dst_ptr, + uint32_t DataSize); + +/***********************************************************************/ +/** + * @brief The CRYS_COMMON_CutAndSaveBeginOfLliData() function saves the data from beginning of source + * memory, pointed by LLI table, to destination memory, and decreases the LLI table accordingly. + * + * The function executes the following major steps: + * + * 1. Starts copy bytes from first byte of first chunk of source LLI table into + * destination memory. + * 2. If first chunk of source is not enough, the function crosses + * to next chunk of LLI table. + * 3. Updates LLI table pointer and size according to copied amount of data. + * 5. Exits with the OK code. + * + * @param[in/out] SrcLliTab_ptr_ptr - The pointer to pointer to the LLI table, containing pointers and + * sizes of the chunks of source data. The table need to be aligned and + * placed in SRAM. + * @param[in/out] SrcLliTabSize_ptr - The pointer to buffer, containing th size of the LLI table in words. + * @param[in] Dest_ptr - The destination address for copying the data. + * @param[in] DataSize - The count of bytes to copy. + * + * @return - no return value. + * + * NOTE: 1. Because the function is intended for internal using, it is presumed that all input parameters + * are valid. + * 2. Assumed, that copied source not may to take more than two first chunks of source memory. + */ + void CRYS_COMMON_CutAndSaveBeginOfLliData( + uint32_t **SrcLliTab_ptr_ptr, + uint32_t *SrcLliTabSize_ptr, + uint8_t *Dst_ptr, + uint32_t DataSize); + +/***********************************************************************/ + /** + * @brief This function converts 32-bit words array with little endian + * order of words to bytes array with little endian (LE) order of bytes. + * + * Assuming: no buffers overlapping, in/out pointers and sizes not equall to NULL, + the buffer size must be not less, than input data size. + * + * @param[out] out8Le - The bytes pointer to output buffer. + * @param[in] in32Le - The pointer to input 32-bit words buffer. + * @param[in] sizeInWords - The size in words of input data (sizeWords >= 0). + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in . + */ +void CRYS_COMMON_ConvertLswMswWordsToLsbMsbBytes( + uint8_t *out8Le, + const uint32_t *in32Le, + size_t sizeInWords); + + +/***********************************************************************/ +/** + * @brief This function converts bytes array with little endian (LE) order of + * bytes to 32-bit words array with little endian order of words and bytes. + * + * Assuming: No owerlapping of buffers; in/out pointers and sizes are not equall to NULL. + * If is in-place conversion, then the size must be multiple of 4 bytes. + * @param[out] out32Le - The 32-bits pointer to output buffer. The buffer size must be + * not less, than input data size. + * @param[in] in8Le - The pointer to input buffer. + * @param[in] sizeInBytes - The size in bytes of input data(sizeBytes > 0). + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in . + */ +void CRYS_COMMON_ConvertLsbMsbBytesToLswMswWords( + uint32_t *out32Le, + const uint8_t *in8Le, + size_t sizeInBytes); + + +/** + * The function compares value of byte vector to null. + * + * @author reuvenl (6/20/2016) + * + * @param vect - a pointer to bytes vector. + * @param sizeBytes - size of the vector. + * + * @return uint32_t - if vector's value iz zero, then returns 1, else - 0; + */ +uint32_t CRYS_COMMON_CheckIsVectorZero(uint8_t *vect, uint32_t sizeBytes); + + + + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_common_error.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_common_error.h new file mode 100644 index 00000000000..03c73c54d68 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_common_error.h @@ -0,0 +1,95 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + + #ifndef CRYS_COMMON_ERROR_H +#define CRYS_COMMON_ERROR_H + +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/************************ Defines ******************************/ + +/* CRYS COMMON module errors. Base address - 0x00F00D00 */ + +#define CRYS_COMMON_INIT_HW_SEM_CREATION_FAILURE (CRYS_COMMON_MODULE_ERROR_BASE + 0x0UL) +#define CRYS_COMMON_DATA_IN_POINTER_INVALID_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x4UL) +#define CRYS_COMMON_DATA_SIZE_ILLEGAL (CRYS_COMMON_MODULE_ERROR_BASE + 0x5UL) +#define CRYS_COMMON_DATA_OUT_DATA_IN_OVERLAP_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x6UL) +#define CRYS_COMMON_DATA_OUT_POINTER_INVALID_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x7UL) +#define CRYS_COMMON_OUTPUT_BUFF_SIZE_ILLEGAL (CRYS_COMMON_MODULE_ERROR_BASE + 0x9UL) + +#define CRYS_COMMON_TST_UTIL_CHUNK_SIZE_SMALL_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x10UL) +#define CRYS_COMMON_ERROR_IN_SAVING_LLI_DATA_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x11UL) + + +#define CRYS_COMMON_TST_UTIL_LLI_ENTRY_SIZE_TOO_SMALL_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x12UL) +#define CRYS_COMMON_TST_CSI_DATA_SIZE_EXCEED_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x13UL) +#define CRYS_COMMON_TST_CSI_MODULE_ID_OUT_OF_RANGE (CRYS_COMMON_MODULE_ERROR_BASE + 0x14UL) +#define CRYS_COMMON_TST_CSI_MEMORY_MAPPING_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x15UL) + +#define CRYS_COMMON_TERM_HW_SEM_DELETE_FAILURE (CRYS_COMMON_MODULE_ERROR_BASE + 0x16UL) + +#define CRYS_COMMON_TST_UTIL_NOT_INTEGER_CHAR_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x17UL) +#define CRYS_COMMON_TST_UTIL_BUFFER_IS_SMALL_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x18UL) +#define CRYS_COMMON_POINTER_NOT_ALIGNED_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x19UL) + + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_dh.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_dh.h new file mode 100644 index 00000000000..be0deb907cd --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_dh.h @@ -0,0 +1,446 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + + +#ifndef _CRYS_DH_H +#define _CRYS_DH_H + +#include "crys_rsa_types.h" +#include "crys_kdf.h" +#include "crys_rnd.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/*! +@file +@brief This module defines the API that supports Diffie-Hellman key exchange, as defined in [PKCS3] and in [X9.42] (key lengths 1024 and 2048 bits). +@defgroup crys_dh CryptoCell DH APIs +@{ +@ingroup cryptocell_api +*/ + + +/************************ Defines ******************************/ +/*! Defintion for DH public key.*/ +#define CRYS_DHPubKey_t CRYSRSAPubKey_t + +/*! Maximal valid key size in bits.*/ +#define CRYS_DH_MAX_VALID_KEY_SIZE_VALUE_IN_BITS CRYS_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BITS /*!< \internal RL restrict to 2048 */ +/*! Minimal valid key size in bits.*/ +#define CRYS_DH_MIN_VALID_KEY_SIZE_VALUE_IN_BITS 1024 /*!< Size limitation according to ANSI standard */ +/*! Maximal modulus size in bytes.*/ +#define CRYS_DH_MAX_MOD_SIZE_IN_BYTES (CRYS_DH_MAX_VALID_KEY_SIZE_VALUE_IN_BITS / SASI_BITS_IN_BYTE) +/*! Maximal modulus size in words.*/ +#define CRYS_DH_MAX_MOD_SIZE_IN_WORDS (CRYS_DH_MAX_MOD_SIZE_IN_BYTES/sizeof(uint32_t)) + +/*! Modulus buffer size in words.*/ +#define CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS (CRYS_DH_MAX_MOD_SIZE_IN_WORDS + 2) +/*! Maximal domain generation size in bits.*/ +#define CRYS_DH_DOMAIN_GENERATION_MAX_SIZE_BITS CRYS_RSA_MAX_KEY_GENERATION_SIZE_BITS /*!< \internal RL restrict to 2048 */ + +/*! Defintion for DH primitives data.*/ +#define CRYS_DHPrimeData_t CRYS_RSAPrimeData_t +/*! Defintion for DH public key.*/ +#define CRYS_DHUserPubKey_t CRYS_RSAUserPubKey_t +/*! Defintion for DH other info.*/ +#define CRYS_DH_OtherInfo_t CRYS_KDF_OtherInfo_t + +/*! Keying data size is in bytes*/ +#define CRYS_DH_MAX_SIZE_OF_KEYING_DATA CRYS_KDF_MAX_SIZE_OF_KEYING_DATA + +/************************ Enums ********************************/ + +/*! DH operations mode */ +typedef enum +{ + /*! PKCS3 operation mode. */ + CRYS_DH_PKCS3_mode = 0, + /*! ANSI X942 operation mode. */ + CRYS_DH_ANSI_X942_mode = 1, + /*! Total number of operation modes. */ + CRYS_DH_NumOfModes, + + /*! Reserved. */ + CRYS_DH_OpModeLast = 0x7FFFFFFF, + +}CRYS_DH_OpMode_t; + +/*! HASH operation modes */ +typedef enum +{ + /*! SHA1 operation mode. */ + CRYS_DH_HASH_SHA1_mode = CRYS_HASH_SHA1_mode, + /*! SHA224 operation mode. */ + CRYS_DH_HASH_SHA224_mode = CRYS_HASH_SHA224_mode, + /*! SHA256 operation mode. */ + CRYS_DH_HASH_SHA256_mode = CRYS_HASH_SHA256_mode, + /*! SHA384 operation mode. */ + CRYS_DH_HASH_SHA384_mode = CRYS_HASH_SHA384_mode, + /*! SHA512 operation mode. */ + CRYS_DH_HASH_SHA512_mode = CRYS_HASH_SHA512_mode, + /*! MD5 operation mode (not used in DH). */ + CRYS_DH_HASH_MD5_mode = CRYS_HASH_MD5_mode, /*!< \internal not used in DH */ + /*! Total number of HASH modes. */ + CRYS_DH_HASH_NumOfModes = CRYS_HASH_MD5_mode, + /*! Reserved. */ + CRYS_DH_HASH_OperationModeLast = 0x7FFFFFFF, + +}CRYS_DH_HASH_OpMode_t; + +/*! Key derivation modes. */ +typedef enum +{ + /*! ASN1 derivation mode.*/ + CRYS_DH_ASN1_Der_mode = CRYS_KDF_ASN1_DerivMode, + /*! Concatination derivation mode.*/ + CRYS_DH_Concat_Der_mode = CRYS_KDF_ConcatDerivMode, + /*! X963 derivation mode.*/ + CRYS_DH_X963_DerMode = CRYS_KDF_ConcatDerivMode, + /*! Reserved. */ + CRYS_DH_DerivationFunc_ModeLast= 0x7FFFFFFF, + +}CRYS_DH_DerivationFunc_Mode; + + +/************************ Typedefs *************************************/ +/*! Temporary buffer structure for internal usage.*/ +typedef struct +{ + /*! Temporary primitives data */ + CRYS_DHPrimeData_t PrimeData; + /*! Public key. */ + CRYS_DHPubKey_t PubKey; + /*! Temporary buffer for internal usage. */ + uint32_t TempBuff[CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS]; +} CRYS_DH_ExpTemp_t; + +/*! Temporary buffer structure for internal usage. */ +typedef struct +{ + /*! Temporary primitives data */ + CRYS_DHPrimeData_t PrimeData; + /*! User's public key. */ + CRYS_DHUserPubKey_t UserPubKey; + /*! Temporary buffer for internal usage. */ + uint32_t TempBuff[CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS]; +} CRYS_DH_Temp_t; + +/*! Temporary buffer structure for internal usage. */ +typedef struct +{ + /*! Temporary primitives data */ + CRYS_DHPrimeData_t PrimeData; + /*! User's public key. */ + CRYS_DHUserPubKey_t UserPubKey; + /*! Temporary buffer for internal usage. */ + uint32_t TempBuff[2*CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS]; +} CRYS_DH_HybrTemp_t; + +/*! Defintion of buffer used for FIPS Known Answer Tests. */ +typedef struct +{ + /*! Public key. */ + CRYS_DHUserPubKey_t pubKey; + /*! Temporary primitives data */ + CRYS_DHPrimeData_t primeData; + /*! Buffer for the secret value.*/ + uint8_t secretBuff[CRYS_DH_MIN_VALID_KEY_SIZE_VALUE_IN_BITS/SASI_BITS_IN_BYTE]; // KAT tests uses 1024 bit key +} CRYS_DH_FipsKat_t; + + +/************************ Structs **************************************/ + +/************************ Public Variables ******************************/ + +/************************ Public Functions ******************************/ + +/*******************************************************************************************/ + +/*! +@brief This function has two purposes: +
  1. Randomly generate the client private key according to the choosen version [PKCS3] or [ANSI X9.42].
    2. +
  2. Computes the client public key as follows: ClientPub = Generator^Prv mod Prime, where '^' is the symbol of exponentiation.
+This function should not be called directly. Instead, use the macros ::CRYS_DH_PKCS3_GeneratePubPrv and ::CRYS_DH_ANSI_X942_GeneratePubPrv. +\note +All buffer parameters should be in Big-Endian form. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_dh_error.h, crys_rnd_error.h or crys_rsa_error.h. + */ +CIMPORT_C CRYSError_t _DX_DH_GeneratePubPrv( + void *rndState_ptr, /*!< [in/out] Pointer to the RND state structure. */ + SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc, /*!< [in] Pointer to the random vector generation function. */ + uint8_t *Generator_ptr, /*!< [in] Pointer to the Generator octet string. */ + uint16_t GeneratorSize, /*!< [in] The size of the Generator string (in bytes). */ + uint8_t *Prime_ptr, /*!< [in] Pointer to the Prime octet string P (used as modulus in the algorithm). */ + uint16_t PrimeSize, /*!< [in] The size of the Prime string in bytes. */ + uint16_t L, /*!< [in] Exact size in bits of the Prime to be generated (relevant only for [PKCS3]): +
  • If L!=0, force the private key to be [2^(L-1) ? Prv < 2^L], where '^' + indicates exponentiation.
    • +
  • If L = 0 then [0 < Prv < P-1].
*/ + uint8_t *Q_ptr, /*!< [in] Relevant only for [ANSI X9.42] - Pointer to the Q octet string in the range: + 1 <= Prv <= Q-1 or 1 < Prv < Q-1. */ + uint16_t QSize, /*!< [in] Relevant only for [ANSI X9.42] - Size of the Q string (in bytes). */ + CRYS_DH_OpMode_t DH_mode, /*!< [in] An enumerator declaring whether this is [PKCS3] or [ANSI X9.42] mode. */ + CRYS_DHUserPubKey_t *tmpPubKey_ptr, /*!< [in] Pointer to a temporary buffer for public key structure. Used for the + exponentiation function. */ + CRYS_DHPrimeData_t *tmpPrimeData_ptr, /*!< [in] Pointer to a structure holding internal temporary buffers. */ + uint8_t *ClientPrvKey_ptr, /*!< [out] Pointer to the Private key Prv. This buffer should be at least the following + size (in bytes): +
  • If L is provided: (L+7)/8.
    • +
  • If L is NULL: \p PrimeSize.
*/ + uint16_t *ClientPrvKeySize_ptr, /*!< [in/out] Pointer to the Private key size: +
  • Input - size of the given buffer.
    • +
  • Output - actual size of the generated private key.
*/ + uint8_t *ClientPub1_ptr, /*!< [out] Pointer to the Public key. This buffer should be at least \p PrimeSize bytes. */ + uint16_t *ClientPubSize_ptr /*!< [in/out] Pointer to the Public key size: +
  • Input - size of the given buffer.
    • +
  • Output - actual size of the generated public key.
*/ +); + + +/* macro for calling the GeneratePubPrv function on PKCS#3 mode: Q is irrelevant */ +/*--------------------------------------------------------------------------------*/ +/*! +This macro is used to generate the public and private DH keys according to [PKCS3]. For a description of the parameters see ::_DX_DH_GeneratePubPrv. +*/ +#define CRYS_DH_PKCS3_GeneratePubPrv(rndState_ptr, rndGenerateVectFunc, Generator_ptr,GeneratorSize,\ + Prime_ptr,PrimeSize,\ + L,\ + tmpPubKey_ptr,tmpPrimeData_ptr,\ + ClientPrvKey_ptr,ClientPrvKeySize_ptr,\ + ClientPub_ptr,ClientPubSize_ptr)\ + _DX_DH_GeneratePubPrv(rndState_ptr, rndGenerateVectFunc, (Generator_ptr),(GeneratorSize),\ + (Prime_ptr),(PrimeSize),\ + (L),\ + (uint8_t *)NULL,(uint16_t)0,\ + CRYS_DH_PKCS3_mode,\ + (tmpPubKey_ptr),(tmpPrimeData_ptr),\ + (ClientPrvKey_ptr),(ClientPrvKeySize_ptr),\ + (ClientPub_ptr),(ClientPubSize_ptr)) + +/*! +This macro is used to generate the public and private DH keys according to [ANSI X9.42]. For a description of the parameters see ::_DX_DH_GeneratePubPrv. +*/ +#define CRYS_DH_ANSI_X942_GeneratePubPrv(rndState_ptr, rndGenerateVectFunc, Generator_ptr,GeneratorSize,Prime_ptr,PrimeSize,\ + Q_ptr,QSize,\ + tmpPubKey_ptr,tmpPrimeData_ptr,\ + ClientPrvKey_ptr,ClientPrvKeySize_ptr,\ + ClientPub_ptr,ClientPubSize_ptr)\ + _DX_DH_GeneratePubPrv(rndState_ptr, rndGenerateVectFunc, (Generator_ptr),(GeneratorSize),\ + (Prime_ptr),(PrimeSize),\ + (uint16_t)0,\ + (Q_ptr),(QSize),\ + CRYS_DH_ANSI_X942_mode,\ + (tmpPubKey_ptr),(tmpPrimeData_ptr),\ + (ClientPrvKey_ptr),(ClientPrvKeySize_ptr),\ + (ClientPub_ptr),(ClientPubSize_ptr)) + + +/*******************************************************************************************/ +/*! +@brief This function computes the shared secret key (value) accordng to [ANSI X9.42], 7.5.1: + SecretKey = ServerPubKey ^ ClientPrvKey mod Prime. +\note
  • All buffer parameters should be in Big-Endian form.
    • +
  • The user must obtain assurance of validity of the public key, using one of methods, +described in [ANSI X9.42] paragraph 7.4.
    • +
  • The actual size of the private key (in bits) must be not less than 2 and not greater than the actual +size of the Prime (modulus in bits).
+ +@return CRYS_OK on success. +@return A non-zero value on failure as defined in crys_dh_error.h or crys_rsa_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_DH_GetSecretKey( + uint8_t *ClientPrvKey_ptr, /*!< [in] Pointer to the Private key octet string Prv < Prime. */ + uint16_t ClientPrvKeySize, /*!< [in] The Private key Size (in bytes). */ + uint8_t *ServerPubKey_ptr, /*!< [in] Pointer to the Server public key octet string. */ + uint16_t ServerPubKeySize, /*!< [in] The Server Public key Size (in bytes). */ + uint8_t *Prime_ptr, /*!< [in] Pointer to the Prime octet string. */ + uint16_t PrimeSize, /*!< [in] The size of the Prime string. */ + CRYS_DHUserPubKey_t *tmpPubKey_ptr, /*!< [in] Pointer to the public key structure. Used for the exponentiation + operation function. Need not be initialized. */ + CRYS_DHPrimeData_t *tmpPrimeData_ptr, /*!< [in] Pointer to a structure containing internal temp buffers. */ + uint8_t *SecretKey_ptr, /*!< [out] Pointer to the secret key octet string. This buffer should be at + least PrimeSize bytes. */ + uint16_t *SecretKeySize_ptr /*!< [in/out] Pointer to the secret key Buffer Size. This buffer should be at + least of PrimeSize bytes: +
  • Input - size of the given buffer.
    • +
  • Output - actual size.
*/ +); + + +/******************************************************************************************/ +/*! +@brief This function extracts the shared secret keying data from the shared secret value. It should be called by using +macros ::CRYS_DH_X942_GetSecretDataAsn1 and ::CRYS_DH_X942_GetSecretDataConcat. + +\note +
  • The "other info" argument and its AlgorithmID entry are mandatory only for ASN1 key derivation, and optional for +the other derivation modes.
    • +
  • If used, all entries of the structure should be initialized with relevant data and size, prior to calling this function +(entry size of empty fields must be set to 0).
    • +
  • All buffers arguments are represented in Big-Endian form.
+ +@return CRYS_OK on success. +@return A non-zero value on failure as defined in crys_dh_error.h, crys_rsa_error.h, crys_kdf_error.h or crys_hash_error.h. +*/ + CIMPORT_C CRYSError_t CRYS_DH_X942_GetSecretData( + uint8_t *ClientPrvKey_ptr, /*!< [in] Pointer to the Private key octet string. */ + uint16_t ClientPrvKeySize, /*!< [in] The Private key size (in bytes). */ + uint8_t *ServerPubKey_ptr, /*!< [in] Pointer to the Server public key octet string. */ + uint16_t ServerPubKeySize, /*!< [in] The Server Public key size (in bytes). */ + uint8_t *Prime_ptr, /*!< [in] Pointer to the Prime octet string. */ + uint16_t PrimeSize, /*!< [in] The size of the Prime string. */ + CRYS_DH_OtherInfo_t *otherInfo_ptr, /*!< [in] Pointer to structure containing other data, shared by two entities + sharing the secret keying data. + The Maximal size of each data entry of "other info" is limited - see crys_kdf.h + for the defined value. */ + CRYS_DH_HASH_OpMode_t hashMode, /*!< [in] One of the supported SHA-x HASH modes. The supported modes are according to the supported + HASH modes for the product (and MD5 is not supported). */ + CRYS_DH_DerivationFunc_Mode DerivFunc_mode, /*!< [in] The enumerator ID of key derivation function mode. ASN1 or Concatenation + modes are supported. */ + CRYS_DH_Temp_t *tmpBuff_ptr, /*!< [in] A pointer to the DH temp buffer structure. Not initialized. */ + uint8_t *SecretKeyingData_ptr, /*!< [out] Pointer to the secret key octet string. This buffer should be at least + PrimeSize bytes. */ + uint16_t SecretKeyingDataSize /*!< [in] The required Secret Keying data size (in bytes). Must be larger than 0, + and smaller than the maximal - CRYS_DH_MAX_SIZE_OF_KEYING_DATA. */ +); + +/****************************************************************/ +/*! +This macro implements the DH [ANSI X9.42] standard. It derives a secret key using the Derivation function based on ASN.1. For a +description of the parameters see ::CRYS_DH_X942_GetSecretData.*/ +#define CRYS_DH_X942_GetSecretDataAsn1(ClientPrvKey_ptr,ClientPrvKeySize,ServerPubKey_ptr,ServerPubKeySize,Prime_ptr,PrimeSize,otherInfo_ptr,hashMode,tmpBuff_ptr,SecretKeyingData_ptr,SecretKeyingDataSize)\ + CRYS_DH_X942_GetSecretData((ClientPrvKey_ptr),(ClientPrvKeySize),(ServerPubKey_ptr),(ServerPubKeySize),(Prime_ptr),(PrimeSize),(otherInfo_ptr),(hashMode),(CRYS_DH_ASN1_Der_mode),(tmpBuff_ptr),(SecretKeyingData_ptr),(SecretKeyingDataSize)) +/*! +This macro implements the DH [ANSI X9.42] standard. It derives a secret key using the Derivation function based on concatenation of HASHed data. +For a description of the parameters see ::CRYS_DH_X942_GetSecretData.*/ +#define CRYS_DH_X942_GetSecretDataConcat(ClientPrvKey_ptr,ClientPrvKeySize,ServerPubKey_ptr,ServerPubKeySize,Prime_ptr,PrimeSize,otherInfo_ptr,hashMode,tmpBuff_ptr,SecretKeyingData_ptr,SecretKeyingDataSize)\ + CRYS_DH_X942_GetSecretData((ClientPrvKey_ptr),(ClientPrvKeySize),(ServerPubKey_ptr),(ServerPubKeySize),(Prime_ptr),(PrimeSize),(otherInfo_ptr),(hashMode),(CRYS_DH_Concat_Der_mode),(tmpBuff_ptr),(SecretKeyingData_ptr),(SecretKeyingDataSize)) + + +/****************************************************************/ +/*! +@brief The function computes shared secret data using two pairs of public and private keys: + +
  • SecretKey1 = ServerPubKey1^ClientPrvKey1 mod Prime.
    • +
  • SecretKey2 = ServerPubKey2^ClientPrvKey2 mod Prime.
+It uses the Derivation function to derive secret keying data from the two secret keys (values). +This function may be called directly, or by using macros ::CRYS_DH_X942_HybridGetSecretDataAsn1 and ::CRYS_DH_X942_HybridGetSecretDataConcat +described above. + +\note +
  • The "other info" argument and its AlgorithmID entry are mandatory only for ASN1 key derivation, and optional for the other derivation modes.
    • +If used, all entries of the structure should be initialized with relevant data and size, prior to calling this function +(entry size of empty fields must be set to 0). +
  • All buffers arguments are represented in Big-Endian form.
+ +@return CRYS_OK on success. +@return A non-zero value on failure as defined in crys_dh_error.h, crys_rsa_error.h or crys_hash_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_DH_X942_HybridGetSecretData( + uint8_t *ClientPrvKey_ptr1, /*!< [in] Pointer to the First Private key octet string number. */ + uint16_t ClientPrvKeySize1, /*!< [in] The First Private key Size (in bytes). */ + uint8_t *ClientPrvKey_ptr2, /*!< [in] Pointer to the Second Private key octet string. */ + uint16_t ClientPrvKeySize2, /*!< [in] The Second Private key Size (in bytes). */ + uint8_t *ServerPubKey_ptr1, /*!< [in] Pointer to the First Server public key octet string. */ + uint16_t ServerPubKeySize1, /*!< [in] The First Server Public key Size (in bytes). */ + uint8_t *ServerPubKey_ptr2, /*!< [in] Pointer to the Second Server public key octet string. */ + uint16_t ServerPubKeySize2, /*!< [in] The Second Server Public key Size (in bytes). */ + uint8_t *Prime_ptr, /*!< [in] Pointer to the Prime octet string. */ + uint16_t PrimeSize, /*!< [in] The size of the Prime string. */ + CRYS_DH_OtherInfo_t *otherInfo_ptr, /*!< [in] Pointer to structure containing optional other data, shared by two entities + sharing the secret keying data. */ + CRYS_DH_HASH_OpMode_t hashMode, /*!< [in] One of the supported SHA-x HASH modes. The supported modes are according to the supported + HASH modes for the product (and MD5 is not supported). */ + CRYS_DH_DerivationFunc_Mode DerivFunc_mode, /*!< [in] The type of function to use to derive the secret key to the key data. + ASN.1 or Concatenation modes are supported. */ + CRYS_DH_HybrTemp_t *tmpDhHybr_ptr, /*!< [in] Pointer to a CRYS_DH_Temp_t structure that contains temp buffers for + internal operations. */ + uint8_t *SecretKeyingData_ptr, /*!< [out] Pointer to the secret key octet string. This buffer should be at least + of size PrimeSize bytes. */ + uint16_t SecretKeyingDataSize /*!< [in] The required Secret Keying data size (in bytes). Must be larger than 0, + and smaller than CRYS_DH_MAX_SIZE_OF_KEYING_DATA. */ +); + + +/****************************************************************/ +/*! +This macro implements the DH [X9.42] standard deriving a hybrid secret key from two public-private pair of keys using the Derivation function based on ASN.1. +For a description of the parameters see ::CRYS_DH_X942_HybridGetSecretData.*/ +#define CRYS_DH_X942_HybridGetSecretDataAsn1(ClientPrvKey_ptr1,ClientPrvKeySize1,ClientPrvKey_ptr2,ClientPrvKeySize2,ServerPubKey_ptr1,ServerPubKeySize1,ServerPubKey_ptr2,ServerPubKeySize2,Prime_ptr,PrimeSize,otherInfo_ptr,hashFunc,tmpDhHybr_ptr,SecretKeyingData_ptr,SecretKeyingDataSize)\ + CRYS_DH_X942_HybridGetSecretData((ClientPrvKey_ptr1),(ClientPrvKeySize1),(ClientPrvKey_ptr2),(ClientPrvKeySize2),(ServerPubKey_ptr1),(ServerPubKeySize1),(ServerPubKey_ptr2),(ServerPubKeySize2),(Prime_ptr),(PrimeSize),(otherInfo_ptr),(hashFunc),CRYS_DH_ASN1_Der_mode,(tmpDhHybr_ptr),(SecretKeyingData_ptr),(SecretKeyingDataSize)) + +/*! +This macro implements the DH [X9.42] standard, deriving a hybrid secret key from two pairs of public-private keys, using the Derivation +function based on concatenation using SHA-x HASH. For a description of the parameters see ::CRYS_DH_X942_HybridGetSecretData. +*/ +#define CRYS_DH_X942_HybridGetSecretDataConcat(ClientPrvKey_ptr1,ClientPrvKeySize1,ClientPrvKey_ptr2,ClientPrvKeySize2,ServerPubKey_ptr1,ServerPubKeySize1,ServerPubKey_ptr2,ServerPubKeySize2,Prime_ptr,PrimeSize,otherInfo_ptr,hashFunc,tmpDhHybr_ptr,SecretKeyingData_ptr,SecretKeyingDataSize)\ + CRYS_DH_X942_HybridGetSecretData((ClientPrvKey_ptr1),(ClientPrvKeySize1),(ClientPrvKey_ptr2),(ClientPrvKeySize2),(ServerPubKey_ptr1),(ServerPubKeySize1),(ServerPubKey_ptr2),(ServerPubKeySize2),(Prime_ptr),(PrimeSize),(otherInfo_ptr),(hashFunc),CRYS_DH_Concat_Der_mode,(tmpDhHybr_ptr),(SecretKeyingData_ptr),(SecretKeyingDataSize)) + + +/******************************************************************************************/ +/*! +@brief The function checks the obtained DH public key according to its domain parameters [ANSI X9.42-2001] + +\note +Assuming: The DH domain parameters are valid. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined in crys_dh_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_DH_CheckPubKey( + uint8_t *modP_ptr, /*!< [in] The pointer to the modulus (prime) P. */ + uint32_t modPsizeBytes, /*!< [in] The modulus size in bytes. */ + uint8_t *orderQ_ptr, /*!< [in] The pointer to the prime order Q of generator. */ + uint32_t orderQsizeBytes, /*!< [in] The size of order of generator in bytes. */ + uint8_t *pubKey_ptr, /*!< [in] The pointer to the public key to be validated. */ + uint32_t pubKeySizeBytes, /*!< [in] The public key size in bytes. */ + CRYS_DH_Temp_t *tempBuff_ptr /*!< [in] The temp buffer for internal calculations. */ +); + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_dh_error.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_dh_error.h new file mode 100644 index 00000000000..c9a7ff68001 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_dh_error.h @@ -0,0 +1,158 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef CRYS_DH_ERROR_H +#define CRYS_DH_ERROR_H + + +#include "crys_error.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief This file contains error codes definitions for CRYS DH module. +@defgroup crys_dh_error CryptoCell DH specific errors +@{ +@ingroup crys_dh +*/ +/************************ Defines ******************************/ +/* DH module on the CRYS layer base address - 0x00F00500 */ +/*! The CRYS DH module errors */ +/*! Illegal input pointer.*/ +#define CRYS_DH_INVALID_ARGUMENT_POINTER_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x0UL) +/*! Illegal input size.*/ +#define CRYS_DH_INVALID_ARGUMENT_SIZE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x1UL) +/*! Illegal operation mode.*/ +#define CRYS_DH_INVALID_ARGUMENT_OPERATION_MODE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x2UL) +/*! Illegal hash mode.*/ +#define CRYS_DH_INVALID_ARGUMENT_HASH_MODE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x3UL) + +/*! Illegal secret key data size. */ +#define CRYS_DH_SECRET_KEYING_DATA_SIZE_ILLEGAL_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x4UL) +/*! Illegal L input. */ +#define CRYS_DH_INVALID_L_ARGUMENT_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x5UL) +/*! Prime is smaller than generator. */ +#define CRYS_DH_ARGUMENT_PRIME_SMALLER_THAN_GENERATOR_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x6UL) +/*! Generator is smaller than zero. */ +#define CRYS_DH_ARGUMENT_GENERATOR_SMALLER_THAN_ZERO_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x7UL) +/*! Illegal private key size. */ +#define CRYS_DH_ARGUMENT_PRV_SIZE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x8UL) +/*! Illegal buffer size. */ +#define CRYS_DH_ARGUMENT_BUFFER_SIZE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x9UL) +/*! Invalid shared secret value. */ +#define CRYS_DH_INVALID_SHARED_SECRET_VALUE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0xAUL) +/*! DH is not supported. */ +#define CRYS_DH_IS_NOT_SUPPORTED (CRYS_DH_MODULE_ERROR_BASE + 0xFUL) +/*! Illegal X942 hybrid buffer size.*/ +#define CRYS_DH_X942_HYBRID_SIZE1_BUFFER_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x15UL) + +/*The requested derived secret key size is invalid*/ +/*! Illegal secret key size .*/ +#define CRYS_DH_SECRET_KEY_SIZE_NEEDED_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x16UL) +/*! Illegal output secret key size .*/ +#define CRYS_DH_SECRET_KEY_SIZE_OUTPUT_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x17UL) +/*! Illegal otherInfo size .*/ +#define CRYS_DH_OTHERINFO_SIZE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x18UL) + +/* DH domain and key generation and checking errors */ +/*! Illegal modulus size. */ +#define CRYS_DH_INVALID_MODULUS_SIZE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x20UL) +/*! Illegal order size. */ +#define CRYS_DH_INVALID_ORDER_SIZE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x21UL) +/*! Illegal seed size. */ +#define CRYS_DH_INVALID_SEED_SIZE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x22UL) +/*! Illegal J factor pointer size. */ +#define CRYS_DH_INVALID_J_FACTOR_PTR_OR_SIZE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x23UL) +/*! Illegal generator pointer or size. */ +#define CRYS_DH_INVALID_GENERATOR_PTR_OR_SIZE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x24UL) + +/*! Illegal domain primes. */ +#define CRYS_DH_CHECK_DOMAIN_PRIMES_NOT_VALID_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x25UL) +/*! Illegal domain generator. */ +#define CRYS_DH_CHECK_DOMAIN_GENERATOR_NOT_VALID_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x26UL) +/*! Illegal public key size. */ +#define CRYS_DH_INVALID_PUBLIC_KEY_SIZE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x27UL) +/*! Illegal public key. */ +#define CRYS_DH_CHECK_PUB_KEY_NOT_VALID_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x28UL) +/*! Illegal generator size or pointer. */ +#define CRYS_DH_CHECK_GENERATOR_SIZE_OR_PTR_NOT_VALID_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x29UL) +/*! Illegal seed size or pointer. */ +#define CRYS_DH_CHECK_SEED_SIZE_OR_PTR_NOT_VALID_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x2AUL) +/*! Illegal generator. */ +#define CRYS_DH_CHECK_GENERATOR_NOT_VALID_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x2BUL) +/*! Prime generation failed. */ +#define CRYS_DH_PRIME_P_GENERATION_FAILURE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x2CUL) +/*! Illegal public key. */ +#define CRYS_DH_INVALID_PUBLIC_KEY_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x2DUL) +/*! Illegal seed. */ +#define CRYS_DH_PASSED_INVALID_SEED_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x2EUL) +/*! Prime generation failed. */ +#define CRYS_DH_PRIME_Q_GENERATION_FAILURE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x2FUL) +/*! Internal PKI error */ +#define CRYS_DH_PKI_INTERNAL_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x30UL) + + + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + + + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_dh_kg.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_dh_kg.h new file mode 100644 index 00000000000..15654288f99 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_dh_kg.h @@ -0,0 +1,203 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + + +#ifndef _CRYS_DH_KG_H +#define _CRYS_DH_KG_H + + +#include "crys_dh.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! @file +@brief This module defines the API that supports Diffie-Hellman domain. +@defgroup crys_dh_kg CryptoCell DH Key Generation APIs +@{ +@ingroup crys_dh +*/ + +/************************ Defines ******************************/ +/*! Minimal size of DH seed in bytes. */ +#define CRYS_DH_SEED_MIN_SIZE_IN_BYTES CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES +/*! Minimal size of DH seed in bits. */ +#define CRYS_DH_SEED_MIN_SIZE_IN_BITS (CRYS_DH_SEED_MIN_SIZE_IN_BYTES * 8) + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + +/* temp buffers, used in different DH KG functions */ + +/*! Temporary data buffer structure for domain parameters generation in DH. */ +typedef struct CRYS_DHKGData_t +{ + /* The aligned input and output temp buffers */ + /*! Temporary buffer. */ + uint32_t TempBuff1[CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS]; + /*! Temporary buffer. */ + uint32_t TempBuff2[CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS]; + /*! Temporary buffer. */ + uint32_t TempBuff3[CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS]; + /*! Temporary buffer. */ + uint32_t TempBuff4[CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS]; + /*! Temporary buffer. */ + uint32_t TempBuff5[CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS]; + /*! Temporary buffer. */ + uint32_t TempBuff6[CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS]; + /*! Temporary buffer. */ + CRYS_DH_Temp_t ExpTemps; +}CRYS_DHKGData_t; + +/*! Temporary buffer structure . */ +typedef struct CRYS_DHKG_CheckTemp_t +{ + /*! Temporary buffer. */ + uint32_t CheckTempBuff[3*CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS]; + /*! Temporary buffer. */ + CRYS_DHKGData_t DhKgBuff; +}CRYS_DHKG_CheckTemp_t; + +/*! DH Domain generation values definitions */ +/*! Minimal modulus size for X942 - 1024.*/ +#define DH_X942_PRIME_MOD_MIN_VAL 1024 +/*! Maximal modulus size for X942 - 2048.*/ +#define DH_X942_PRIME_MOD_MAX_VAL 2048 +/*! PGeneration counter for X942 - 4096.*/ +#define DH_X942_PGEN_COUNTER_CONST 4096 +/*! HASH size in bits for X942 - 160.*/ +#define DH_X942_HASH_SIZE_BITS 160 +/*! Maximal allowed ratio between modulus and generator order sizes (by implementation) */ +#define DH_MAX_RATIO_MODULO_TO_ORDER 4 + +/************************ Structs ******************************/ + +/************************ Public Variables **********************/ + +/************************ Public Functions **********************/ + + +/******************************************************************************************/ +/*! +@brief This function generates DH domain parameters in Galois prime field according to standard [ANS X9.42]. +It receives the required sizes (in bits) of the modulus, the generator's order, and the seed, and then generates +the prime modulus and the generator according to given sizes. +If generateSeed argument is set to 1, the function generates and outputs the random seed. Otherwise (if set to 0), +the seed has to be passed as an input argument. According to implementation the seed should be not greate, than (2^seedSizeBits - 2^32). +The seed and some additional parameters, generated by the function (factorJ, pgenCounter), are used for checking +that all domain parameters are generated according to the standard and not forged. +\note All buffer parameters should be in Big-Endian form. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_dh_error.h, crys_rnd_error.h or crys_hash_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_DH_CreateDomainParams( + void *rndState_ptr, /*!< [in/out] Pointer to the RND state structure. */ + SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc, /*!< [in] Pointer to a random vector generation function. */ + uint32_t modPsizeBits, /*!< [in] Size of the modulus (Prime) in bits equal 256*n, where n >= 4. FIPS 186-4 + defines sizes 1024 and 2048 bit. */ + uint32_t orderQsizeBits, /*!< [in] Size of the Generator's order in bits. FIPS 186-4 defines orderQSizeBits = 160 + for modulus 1024 bit and 224 or 256 bit for modPSizeBits = 2048. We not recommend + sizes > 256 and returns an error if orderQSizeBits > modPSizeBits/4 */ + uint32_t seedSizeBits, /*!< [in] Seed size in bits. Requirements: modPSizeBits >= seedSizeBits >= orderQSizeBits + (the first is required by our implementation). */ + uint8_t *modP_ptr, /*!< [out] Pointer to the modulus (prime) buffer. The size of the buffer for output + generated value must be no less than given modulus size. */ + uint8_t *orderQ_ptr, /*!< [out] Pointer to the order Q of generator. The size of the buffer for output generated + value must be no less than the given order size. */ + uint8_t *generatorG_ptr, /*!< [out] Pointer to the generator of multiplicative subgroup in GF(P). + If the user does not need this output, then both the pointer and the buffer size + must be set to 0. */ + uint32_t *generGsizeBytes_ptr, /*!< [in/out] Pointer to the one word buffer for outputting the generator's size. + The passed size (if needed) must be not less than modulus size and the function + returns the actual size of the generator. */ + uint8_t *factorJ_ptr, /*!< [out] Pointer to the buffer for integer factor J. If NULL, the function does not output + this parameter (in this case JsizeBytes_ptr also must be set to NULL, else the function + returns an error). */ + uint32_t *JsizeBytes_ptr, /*!< [in/out] Pointer to the size of integer factor J. If NULL, the function does not output + this parameter. */ + uint8_t *seedS_ptr, /*!< [in/out] Random seed used for prime generation. The size of the buffer must be + at least the seed size. */ + int8_t generateSeed, /*!< [in] Flag, defining whether the seed should be generated randomly by the function + (1) or is passed by the user (0). */ + uint32_t *pgenCounter_ptr, /*!< [out] Pointer to counter of tries to generate the primes. If NULL, the function does not + output this parameter. */ + CRYS_DHKGData_t *DHKGbuff_ptr /*!< [out] The temp buffer of defined structure for internal calculations. */ +); + + +/******************************************************************************************/ +/*! +@brief This function receives DH domain parameters, seed and prime generation counter and then verifies +that the domain was created according to the standard [ANS X9.42]. +According to implementation, the value of the user passed seed should be not +greate, than (2^seedSizeBits - 2^32), otherwise an error is returned. +\note All buffer parameters should be in Big-Endian form. For more detailed +description of the parameters see ::CRYS_DH_CreateDomainParams. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_dh_error.h, crys_rnd_error.h or crys_hash_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_DH_CheckDomainParams( + void *rndState_ptr, /*!< [in/out] Pointer to the RND state. */ + SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc, /*!< [in/out] Pointer to the RND Generate vector function pointer. */ + uint8_t *modP_ptr, /*!< [in] Pointer to the modulus (Prime). */ + uint32_t modPsizeBytes, /*!< [in] Size of the modulus (Prime) in bytes. */ + uint8_t *orderQ_ptr, /*!< [in] Pointer to the order Q of generator. The size of the buffer for output + generated value must be no less than the order size. */ + uint32_t orderQsizeBytes, /*!< [in] Size of the Generator's order in bytes. */ + uint8_t *generatorG_ptr, /*!< [in] Pointer to the generator of the multiplicative subgroup in GF(P). */ + uint32_t generatorSizeBytes, /*!< [in] Size of the generator in bytes. */ + uint8_t *seedS_ptr, /*!< [in] Random seed used for prime generation. */ + uint32_t seedSizeBits, /*!< [in] Seed size in bits. */ + uint32_t pgenCounter, /*!< [in] Counter of prime generation attempts. */ + CRYS_DHKG_CheckTemp_t *checkTempBuff_ptr /*!< [in] Temporary buffer for internal calculations. */ + +); + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ec_edw_api.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ec_edw_api.h new file mode 100644 index 00000000000..6d544713079 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ec_edw_api.h @@ -0,0 +1,201 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef CRYS_EC_EDW_API_H +#define CRYS_EC_EDW_API_H + +#include "ssi_pal_types.h" +#include "crys_hash.h" +#include "crys_rnd.h" +#include "crys_pka_defs_hw.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/*! +@defgroup cryptocell_ec CryptoCell EC 25519 curve APIs +@{ +@ingroup cryptocell_api +@brief This group is the cryptocell EC 25519 curve root group +@} + +@file +@brief This file contains the CRYS APIs used for EC EDW (Edwards) ed25519 algorithms. +@defgroup crys_ec_edw CryptoCell EC Edwards APIs +@{ +@ingroup cryptocell_ec + +\note Algorithms of Montgomery and Edwards elliptic curves cryptography were developed by + Daniel.J.Bernstein. +*/ + +/*! EC Edwards ed25519 modulus and order sizes in bits, words and bytes. */ +/*! EC Edwards modulus size in bits. */ +#define CRYS_ECEDW_MOD_SIZE_IN_BITS 255U /*!<\internal MOD - EC Edw modulus size*/ +/*! EC Edwards order size in bits. */ +#define CRYS_ECEDW_ORD_SIZE_IN_BITS 255U /*!<\internal ORD - EC Edw generator order size*/ +/*! EC Edwards nodulus size in words. */ +#define CRYS_ECEDW_MOD_SIZE_IN_32BIT_WORDS ((CRYS_ECEDW_MOD_SIZE_IN_BITS + SASI_BITS_IN_32BIT_WORD - 1) / SASI_BITS_IN_32BIT_WORD) +/*! EC Edwards modulus size in bytes. */ +#define CRYS_ECEDW_MOD_SIZE_IN_BYTES (CRYS_ECEDW_MOD_SIZE_IN_32BIT_WORDS * SASI_32BIT_WORD_SIZE) +/*! EC Edwards order size in words. */ +#define CRYS_ECEDW_ORD_SIZE_IN_32BIT_WORDS ((CRYS_ECEDW_ORD_SIZE_IN_BITS + SASI_BITS_IN_32BIT_WORD - 1) / SASI_BITS_IN_32BIT_WORD) +/*! EC Edwards order size in bytes. */ +#define CRYS_ECEDW_ORD_SIZE_IN_BYTES (CRYS_ECEDW_ORD_SIZE_IN_32BIT_WORDS * SASI_32BIT_WORD_SIZE) + +/*! Constant sizes of special EC_MONT buffers and arrays */ +/*! EC Edwards seed size in bytes. */ +#define CRYS_ECEDW_SEED_BYTES CRYS_ECEDW_MOD_SIZE_IN_BYTES +/*! EC Edwards secret key size in bytes. */ +#define CRYS_ECEDW_SECRET_KEY_BYTES (2 * CRYS_ECEDW_MOD_SIZE_IN_BYTES) +/*! EC Edwards signatue size in bytes. */ +#define CRYS_ECEDW_SIGNATURE_BYTES (2 * CRYS_ECEDW_ORD_SIZE_IN_BYTES) +/*! EC Edwards scalar size in bytes. */ +#define CRYS_ECEDW_SCALAR_BYTES CRYS_ECEDW_ORD_SIZE_IN_BYTES +/*! EC Edwards scalar multiplication size in bytes. */ +#define CRYS_ECEDW_SCALARMULT_BYTES CRYS_ECEDW_MOD_SIZE_IN_BYTES + +/*! EC_EDW temp buffer size definition. */ +#define CRYS_ECEDW_TEMP_BUFF_SIZE_IN_32BIT_WORD (10*CRYS_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS + (sizeof(CRYS_HASHUserContext_t)+SASI_32BIT_WORD_SIZE-1)/SASI_32BIT_WORD_SIZE) + +/*! EC_EDW temp buffer type definition. */ +typedef struct { + /*! Internal buffer. */ + uint32_t buff[CRYS_ECEDW_TEMP_BUFF_SIZE_IN_32BIT_WORD]; +} CRYS_ECEDW_TempBuff_t; + + +/******************************************************************************/ +/*! +@brief The function creates EC Edwards signature on the message. +\note Used detached form of signature, separated from the message. + Implemented algorithm of Bernstein D. etc. sign ed25519. + +@return CRYS_OK on success, +@return A non-zero value on failure as defined crys_ec_mont_edw_error.h or crys_hash_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_ECEDW_Sign ( + uint8_t *pSign, /*!< [out] Pointer to the detached signature. */ + size_t *pSignSize, /*!< [in/out] Pointer to the total size of the signature ; + In - the buffer size, which (must be at least 2*EC order size); + Out - the actual size of output data. */ + const uint8_t *pMsg, /*!< [in] Pointer to the message. */ + size_t msgSize, /*!< [in] Message size in bytes: must be less, than + (CRYS_HASH_UPDATE_DATA_MAX_SIZE_IN_BYTES - 2*(EC_EDW modulus size)). */ + const uint8_t *pSignSecrKey, /*!< [in] Pointer to the signer secret key (seed || pulKey) */ + size_t secrKeySize, /*!< [in] Size of signer secret key in bytes: (must be 2*EC order size). */ + CRYS_ECEDW_TempBuff_t *pTempBuff /*!< [in] Pointer to the temp buffer. */); + + + +/******************************************************************************/ +/*! +@brief The function verifies the EC Edwards ed25519 signature on the message. +\note The input signature is in detached form, i.e. separated from the message. + +@return CRYS_OK on success, +@return A non-zero value on failure as defined crys_ec_mont_edw_error.h or crys_hash_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_ECEDW_Verify( + const uint8_t *pSign, /*!< [in] Pointer to detached signature, i.e. the + signature is separated from the message. */ + size_t signSize, /*!< [in] Size of the signature in bytes, it must be + equal to two EC Order size in bytes. */ + const uint8_t *pSignPublKey, /*!< [in] Pointer to signer public key. */ + size_t publKeySize, /*!< [in] Size of the signer public key in bytes; must be + equal to EC modulus size. */ + uint8_t *pMsg, /*!< [in] Pointer to the message. */ + size_t msgSize, /*!< [in] Pointer to the message size in bytes. Must be less than + (CRYS_HASH_UPDATE_DATA_MAX_SIZE_IN_BYTES - 2*(EC_EDW modulus size)). */ + CRYS_ECEDW_TempBuff_t *pTempBuff /*!< [in] Pointer to the temp buffer, for internal use. */); + + +/******************************************************************************/ +/*! +@brief The function randomly generates Ec ed25519 private and public keys + using given seed. + The generation is performed using EC Edwards ed25519 algorithm. + +@return CRYS_OK on success, +@return A non-zero value on failure as defined crys_ec_mont_edw_error.h or crys_hash_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_ECEDW_SeedKeyPair ( + const uint8_t *pSeed, /*!< [in] Pointer to the given seed. */ + size_t seedSize, /*!< [in] Size of the seed in bytes, must be equal the EC order size + in bytes. */ + uint8_t *pSecrKey, /*!< [out] Pointer to the secret key, including the seed, concatenated + with the public key. */ + size_t *pSecrKeySize, /*!< [in/out] Pointer to the size of the secret key buffer in bytes + (must be at least 2*EC order size). */ + uint8_t *pPublKey, /*!< [out] Pointer to the public key. */ + size_t *pPublKeySize, /*!< [in/out] Pointer to the size of the public key in bytes. + In - the size of buffer must be at least EC modulus size; + Out - the actual size. */ + CRYS_ECEDW_TempBuff_t *pTempBuff /*!< [in] Pointer to the temp buffer, for internal use. */); + +/*******************************************************************/ +/*! + @brief The function randomly generates the EC Edwards ed25519 private and + public keys. + The generation is performed using EC Edwards ed25519 algorithm. + +@return CRYS_OK on success, +@return A non-zero value on failure as defined crys_ec_mont_edw_error.h, crys_hash_error.h or crys_rnd_error. +*/ +CIMPORT_C CRYSError_t CRYS_ECEDW_KeyPair ( + uint8_t *pSecrKey, /*!< [out] Pointer to the secret key (including seed and public key). */ + size_t *pSecrKeySize, /*!< [in/out] Pointer to the size of the secret key in bytes, + (must be at least 2*EC order size). */ + uint8_t *pPublKey, /*!< [out] Pointer to the public key. */ + size_t *pPublKeySize, /*!< [in/out] - Pointer to the size of the public key in bytes. + In - the size of buffer must be at least EC modulus size; + Out - the actual size. */ + void *pRndState, /*!< [in/out] Pointer to the RND state structure. */ + SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc, /*!< [in] Pointer to the random vector generation function. */ + CRYS_ECEDW_TempBuff_t *pTempBuff /*!< [in] Pointer to the temp buffer. */); + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ec_mont_api.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ec_mont_api.h new file mode 100644 index 00000000000..57ab9d78baf --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ec_mont_api.h @@ -0,0 +1,213 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef CRYS_ECMONT_API_H +#define CRYS_ECMONT_API_H + +#include "ssi_pal_types.h" +#include "crys_rnd.h" +#include "crys_pka_defs_hw.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/*! +@file +@brief This file contains the CRYS APIs used for EC MONT (Montgomery Curve25519) algorithms. +@defgroup crys_ec_mont CryptoCell EC Montgomery APIs +@{ +@ingroup cryptocell_ec + + +\note Implemented algorithms according to Montgomery elliptic curves cryptography, + developed by Daniel J.Bernstein etc. +*/ + +/*! EC Montgomery curve25519 modulus size in bits, words and bytes */ +/*! EC Montgomery modulus size in bits. */ +#define CRYS_ECMONT_MOD_SIZE_IN_BITS 255U +/*! EC Montgomery modulus size in words. */ +#define CRYS_ECMONT_MOD_SIZE_IN_32BIT_WORDS ((CRYS_ECMONT_MOD_SIZE_IN_BITS + SASI_BITS_IN_32BIT_WORD - 1) / SASI_BITS_IN_32BIT_WORD) +/*! EC Montgomery modulus size in bytes. */ +#define CRYS_ECMONT_MOD_SIZE_IN_BYTES ((CRYS_ECMONT_MOD_SIZE_IN_BITS + SASI_BITS_IN_32BIT_WORD - 1) / sizeof(uint32_t)) + +/*! Constant sizes of special EC_MONT buffers and arrays */ +/*! EC Montgomery scalar size in bytes. */ +#define CRYS_ECMONT_SCALARBYTES (CRYS_ECMONT_MOD_SIZE_IN_32BIT_WORDS * SASI_32BIT_WORD_SIZE) +/*! EC Montgomery scalar multiplication size in bytes. */ +#define CRYS_ECMONT_SCALARMULTBYTES (CRYS_ECMONT_MOD_SIZE_IN_32BIT_WORDS * SASI_32BIT_WORD_SIZE) +/*! EC Montgomery scalar seed size in bytes. */ +#define CRYS_ECMONT_SEEDBYTES (CRYS_ECMONT_MOD_SIZE_IN_32BIT_WORDS * SASI_32BIT_WORD_SIZE) + +/*! EC Montgomery domains ID-s enumerator. */ +typedef enum { + CRYS_ECMONT_DOMAIN_CURVE_25519, /*!< EC Curve25519. */ + /*! EC Montgomery last domain. */ + CRYS_ECMONT_DOMAIN_OFF_MODE, + /*! Reserved. */ + CRYS_ECMONT_DOMAIN_LAST = 0x7FFFFFFF +}CRYS_ECMONT_DomainId_t; + + +/*! EC_MONT scalar mult temp buffer type definition */ +typedef struct { + /*! Internal temporary buffer. */ + uint32_t ecMontScalarMultTempBuff[CRYS_EC_MONT_TEMP_BUFF_SIZE_IN_32BIT_WORDS]; // set needed +} CRYS_ECMONT_ScalrMultTempBuff_t; + +/*! EC_MONT temp buffer type definition */ +typedef struct { + /* Don't change sequence order of the buffers */ + /*! Internal temporary buffer. */ + uint32_t ecMontScalar[CRYS_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS]; + /*! Internal temporary buffer. */ + uint32_t ecMontResPoint[CRYS_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS]; + /*! Internal temporary buffer. */ + uint32_t ecMontInPoint[CRYS_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS]; + /*! Internal temporary buffer. */ + CRYS_ECMONT_ScalrMultTempBuff_t ecMontScalrMultTempBuff; // if needed +} CRYS_ECMONT_TempBuff_t; + + +/*********************************************************************/ +/*! +@brief The function performs EC Montgomery (Curve25519) scalar multiplication: + resPoint = scalar * point. + +@return CRYS_OK on success, +@return A non-zero value on failure as defined crys_ec_mont_edw_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_ECMONT_Scalarmult( + uint8_t *pResPoint, /*!< [out] Pointer to the public (secret) key. */ + size_t *pResPointSize, /*!< [in/out] Pointer to the size of the public key in bytes. + In - the size of the buffer. must be at least EC modulus + size (for curve25519 - 32 bytes). + Out - the actual size. */ + const uint8_t *pScalar, /*!< [in] Pointer to the secret (private) key. */ + size_t scalarSize, /*!< [in] Pointer to the size of the secret key in bytes; + must be equal to EC order size (for curve25519 - 32 bytes). */ + const uint8_t *pInPoint, /*!< [in] Pointer to the input point (compressed). */ + size_t inPointSize, /*!< [in] Size of the point - must be equal to CRYS_ECMONT_MOD_SIZE_IN_BYTES. */ + CRYS_ECMONT_TempBuff_t *pEcMontTempBuff /*!< [in] Pointer to temp buffer, for internal use. */); + + +/*********************************************************************/ +/*! +@brief The function performs EC Montgomery (Curve25519) scalar multiplication of base point: + res = scalar * base_point. + + Note: all byte arrays have LE order of bytes, i.e. LS byte is on left most place. + +@return CRYS_OK on success, +@return A non-zero value on failure as defined crys_ec_mont_edw_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_ECMONT_ScalarmultBase( + uint8_t *pResPoint, /*!< [out] Pointer to the public (secret) key. */ + size_t *pResPointSize, /*!< [in/out] Pointer to the size of the public key in bytes. + In - the size of buffer must be at least EC modulus size + (for curve25519 - 32 bytes); + Out - the actual size. */ + const uint8_t *pScalar, /*!< [in] Pointer to the secret (private) key. */ + size_t scalarSize, /*!< [in] Pointer to the size of the scalar in bytes - + must be equal to EC order size (for curve25519 - 32 bytes). */ + CRYS_ECMONT_TempBuff_t *pEcMontTempBuff /*!< [in] Pointer to temp buffer, for internal use. */); + + +/*******************************************************************/ +/*! +@brief The function randomly generates private and public keys for Montgomery + Curve25519. + + +\note
  • All byte arrays are in LE order of bytes, i.e. LS byte is on the left most place.
    • +
  • LS and MS bits of the Secret key are set according to EC Montgomery scalar mult. algorithm: + secrKey[0] &= 248; secrKey[31] &= 127; secrKey[31] |= 64;
+ +@return CRYS_OK on success, +@return A non-zero value on failure as defined crys_ec_mont_edw_error.h or crys_rnd_error.h. + +*/ +CIMPORT_C CRYSError_t CRYS_ECMONT_KeyPair ( + uint8_t *pPublKey, /*!< [out] Pointer to the public key. */ + size_t *pPublKeySize, /*!< [in/out] Pointer to the size of the public key in bytes. + In - the size of the buffer must be at least EC order size + (for curve25519 - 32 bytes); + Out - the actual size. */ + uint8_t *pSecrKey, /*!< [out] Pointer to the secret key, including. */ + size_t *pSecrKeySize, /*!< [in/out] Pointer to the size of buffer for the secret key in bytes - + must be at least EC order size (for curve25519 - 32 bytes). */ + void *pRndState, /*!< [in/out] Pointer to the RND state structure. */ + SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc, /*!< [in] Pointer to the random vector generation function. */ + CRYS_ECMONT_TempBuff_t *pEcMontTempBuff /*!< [in] Pointer to the temp buffer, for internal use. */); + + +/*******************************************************************/ +/*! +@brief The function generates private and public keys for Montgomery algorithms. + + The generation performed using given seed. + + +@return CRYS_OK on success, +@return A non-zero value on failure as defined crys_ec_mont_edw_error.h or crys_hash_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_ECMONT_SeedKeyPair ( + uint8_t *pPublKey, /*!< [out] Pointer to the public (secret) key. */ + size_t *pPublKeySize, /*!< [in/out] Pointer to the size of the public key in bytes. + In - the size of buffer must be at least EC order size + (for curve25519 - 32 bytes); + Out - the actual size. */ + uint8_t *pSecrKey, /*!< [out] Pointer to the secret (private) key. */ + size_t *pSecrKeySize, /*!< [in/out] Pointer to the size of the secret key in bytes + In - the size of buffer must be at least EC order size + (for curve25519 - 32 bytes); + Out - the actual size. */ + const uint8_t *pSeed, /*!< [in] Pointer to the given seed - 32 bytes. */ + size_t seedSize, /*!< [in/] Size of the seed in bytes (must be equal to CRYS_ECMONT_SEEDBYTES). */ + CRYS_ECMONT_TempBuff_t *pEcMontTempBuff /*!< [in] Pointer to a temp buffer, for internal use. */); + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ec_mont_edw_error.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ec_mont_edw_error.h new file mode 100644 index 00000000000..5b76d2cc40b --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ec_mont_edw_error.h @@ -0,0 +1,114 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +#ifndef CRYS_EC_MONT_EDW_ERROR_H +#define CRYS_EC_MONT_EDW_ERROR_H + +/*! +@file +@brief This module containes the definitions of the CRYS ECC-25519 errors. +@defgroup crys_ecmontedw_error CryptoCell ECC-25519 errors +@{ +@ingroup cryptocell_ec +*/ + +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/************************ Defines ******************************/ + +/********************************************************************************************************** + * CRYS EC Montgomery-Edwards MODULE ERRORS base address - 0x00F02300 * + **********************************************************************************************************/ +/*! Illegal input pointer */ +#define CRYS_ECEDW_INVALID_INPUT_POINTER_ERROR (CRYS_EC_MONT_EDW_MODULE_ERROR_BASE + 0x00UL) +/*! Illegal input size */ +#define CRYS_ECEDW_INVALID_INPUT_SIZE_ERROR (CRYS_EC_MONT_EDW_MODULE_ERROR_BASE + 0x01UL) +/*! Illegal scalar size */ +#define CRYS_ECEDW_INVALID_SCALAR_SIZE_ERROR (CRYS_EC_MONT_EDW_MODULE_ERROR_BASE + 0x02UL) +/*! Illegal scalar data */ +#define CRYS_ECEDW_INVALID_SCALAR_DATA_ERROR (CRYS_EC_MONT_EDW_MODULE_ERROR_BASE + 0x03UL) +/*! Invalid RND context pointer */ +#define CRYS_ECEDW_RND_CONTEXT_PTR_INVALID_ERROR (CRYS_EC_MONT_EDW_MODULE_ERROR_BASE + 0x04UL) +/*! Invalid RND generate vector functions pointer */ +#define CRYS_ECEDW_RND_GEN_VECTOR_FUNC_ERROR (CRYS_EC_MONT_EDW_MODULE_ERROR_BASE + 0x05UL) +/*! Signing or verification operation failed */ +#define CRYS_ECEDW_SIGN_VERIFY_FAILED_ERROR (CRYS_EC_MONT_EDW_MODULE_ERROR_BASE + 0x20UL) +/*! Illegal input pointer */ +#define CRYS_ECMONT_INVALID_INPUT_POINTER_ERROR (CRYS_EC_MONT_EDW_MODULE_ERROR_BASE + 0x30UL) +/*! Illegal input size */ +#define CRYS_ECMONT_INVALID_INPUT_SIZE_ERROR (CRYS_EC_MONT_EDW_MODULE_ERROR_BASE + 0x31UL) +/*! Illegal domain id */ +#define CRYS_ECMONT_INVALID_DOMAIN_ID_ERROR (CRYS_EC_MONT_EDW_MODULE_ERROR_BASE + 0x32UL) +/*! Internal PKI error */ +#define CRYS_ECEDW_PKI_ERROR (CRYS_EC_MONT_EDW_MODULE_ERROR_BASE + 0x33UL) +/*! Internal PKI error */ +#define CRYS_ECMONT_PKI_ERROR (CRYS_EC_MONT_EDW_MODULE_ERROR_BASE + 0x34UL) + + +/************************************************************************************************************ + * NOT SUPPORTED MODULES ERROR IDs * + ************************************************************************************************************/ +/*! EC montgomery is not supported */ +#define CRYS_ECMONT_IS_NOT_SUPPORTED (CRYS_EC_MONT_EDW_MODULE_ERROR_BASE + 0xFEUL) +/*! EC edwards is not supported */ +#define CRYS_ECEDW_IS_NOT_SUPPORTED (CRYS_EC_MONT_EDW_MODULE_ERROR_BASE + 0xFFUL) + + + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Structs ******************************/ + +/************************ Public Variables **********************/ + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif +/** +@} +*/ +#endif + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_build.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_build.h new file mode 100644 index 00000000000..72391ab710e --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_build.h @@ -0,0 +1,207 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +#ifndef CRYS_ECPKI_BUILD_H +#define CRYS_ECPKI_BUILD_H + +/*! +@defgroup cryptocell_ecpki CryptoCell ECC APIs +@{ +@ingroup cryptocell_api +@brief This group is the cryptocell ECC root group +@} + +@file +@brief This module defines functions for building key structures used in Elliptic Curves Cryptography (ECC). +@defgroup crys_ecpki_build CryptoCell key build for ECC APIs +@{ +@ingroup cryptocell_ecpki +*/ + + +#include "crys_error.h" +#include "crys_ecpki_types.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/********************************************************************************** + * CRYS_ECPKI_BuildPrivKey function * + **********************************************************************************/ +/*! +@brief Builds (imports) the user private key structure from an existing private key so +that this structure can be used by other EC primitives. +This function should be called before using of the private key. Input +domain structure must be initialized by EC parameters and auxiliary +values, using CRYS_ECPKI_GetDomain or CRYS_ECPKI_SetDomain functions. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_ecpki_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_ECPKI_BuildPrivKey( + const CRYS_ECPKI_Domain_t *pDomain, /*!< [in] The EC domain (curve). */ + const uint8_t *pPrivKeyIn, /*!< [in] Pointer to private key data. */ + uint32_t PrivKeySizeInBytes, /*!< [in] Size of private key data (in bytes). */ + CRYS_ECPKI_UserPrivKey_t *pUserPrivKey /*!< [out] Pointer to the private key structure. + This structure is used as input to the ECPKI cryptographic primitives. */ + ); + +/********************************************************************************** + * _DX_ECPKI_BuildPublKey function * + **********************************************************************************/ +/*! +@brief Builds a user public key structure from an imported public key, +so it can be used by other EC primitives. +When operating the EC cryptographic algorithms with imported EC public +key, this function should be called before using of the public key. + +\note The Incoming public key PublKeyIn structure is big endian bytes array, containing +concatenation of PC||X||Y, where: +
  • PC - point control single byte, defining the type of point: 0x4 - uncompressed, +06,07 - hybrid, 2,3 - compressed.
    • +
  • X,Y - EC point coordinates of public key (y is omitted in compressed form), +size of X and Y must be equal to size of EC modulus.
+ +The user may call this function by appropriate macros, according to necessary validation level [SEC1. ECC standard: 3.2, ANS X9.62]: +
  • Checking the input pointers and sizes only - ::CRYS_ECPKI_BuildPublKey.
    • +
  • Partially checking of public key - ::CRYS_ECPKI_BuildPublKeyPartlyCheck.
    • +
  • Full checking of public key - ::CRYS_ECPKI_BuildPublKeyFullCheck.
+ +\note Full check mode takes long time and should be used when it is actually needed. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_ecpki_error.h. +*/ +/* +The function performs the following operations: +- Checks validity of incoming variables and pointers; +- Converts incoming key data from big endian into little endian; +- If public key is given in compressed form (i.e. byte[0] = 2 or 3 and + coordinate Y is omitted), then the function uncompress it; +- Performs checking of input key according to CheckMode parameter. +- Initializes variables and structures. +*/ +CIMPORT_C CRYSError_t _DX_ECPKI_BuildPublKey( + const CRYS_ECPKI_Domain_t *pDomain, /*!< [in] The EC domain (curve). */ + uint8_t *PublKeyIn_ptr, /*!< [in] Pointer to the input public key data, in compressed or + uncompressed or hybrid form: + [PC||X||Y] Big-Endian representation, structured according to + [IEEE1363], where: +
  • X and Y are the public key's EC point coordinates. + In compressed form, Y is omitted.
    • +
  • The sizes of X and Y are equal to the size of the EC modulus.
    • +
  • PC is a one-byte point control that defines the type of point + compression.
*/ + uint32_t PublKeySizeInBytes, /*!< [in] The size of public key data (in bytes). */ + EC_PublKeyCheckMode_t CheckMode, /*!< [in] The required level of public key verification + (higher verification level means longer verification time): +
  • 0 = preliminary validation.
    • +
  • 1 = partial validation.
    • +
  • 2 = full validation.
*/ + CRYS_ECPKI_UserPublKey_t *pUserPublKey, /*!< [out] Pointer to the output public key structure. + This structure is used as input to the ECPKI cryptographic primitives. */ + CRYS_ECPKI_BUILD_TempData_t *pTempBuff /*!< [in] Pointer for a temporary buffer required for the build function. */ + ); + + +/********************************************************************************** + * CRYS_ECPKI_BuildPublKey macro * + **********************************************************************************/ +/*! +@brief This macro calls _DX_ECPKI_BuildPublKey function for building the public key +while checking input pointers and sizes. For a description of the parameters see ::_DX_ECPKI_BuildPublKey. +*/ +#define CRYS_ECPKI_BuildPublKey(pDomain, PublKeyIn_ptr, PublKeySizeInBytes, pUserPublKey) \ + _DX_ECPKI_BuildPublKey((pDomain), (PublKeyIn_ptr), (PublKeySizeInBytes), CheckPointersAndSizesOnly, (pUserPublKey), NULL) + + +/********************************************************************************** + * CRYS_ECPKI_BuildPublKeyPartlyCheck macro * + **********************************************************************************/ +/*! +@brief This macro calls _DX_ECPKI_BuildPublKey function for building the public key with partial validation of the key [SEC1] - 3.2.3. +For a description of the parameters see ::_DX_ECPKI_BuildPublKey. +*/ +#define CRYS_ECPKI_BuildPublKeyPartlyCheck(pDomain, PublKeyIn_ptr, PublKeySizeInBytes, pUserPublKey, pTempBuff) \ + _DX_ECPKI_BuildPublKey((pDomain), (PublKeyIn_ptr), (PublKeySizeInBytes), ECpublKeyPartlyCheck, (pUserPublKey), (pTempBuff)) + + +/********************************************************************************** + * CRYS_ECPKI_BuildPublKeyFullCheck macro * + **********************************************************************************/ +/*! +@brief This macro calls _DX_ECPKI_BuildPublKey function for building the public key with full validation of the key [SEC1] - 3.2.2. +For a description of the parameters and return values see _DX_ECPKI_BuildPublKey. +*/ +#define CRYS_ECPKI_BuildPublKeyFullCheck(pDomain, PublKeyIn_ptr, PublKeySizeInBytes, pUserPublKey, pTempBuff) \ + _DX_ECPKI_BuildPublKey((pDomain), (PublKeyIn_ptr), (PublKeySizeInBytes), (ECpublKeyFullCheck), (pUserPublKey), (pTempBuff)) + + +/*********************************************************************************** + * CRYS_ECPKI_ExportPublKey function * + ***********************************************************************************/ +/*! +@brief Converts an existing public key from internal representation to Big-Endian export representation. +The function converts the X,Y coordinates of public key EC point to big endianness, +and sets the public key as follows: +
  • In case "Uncompressed" point: PubKey = PC||X||Y, PC = 0x4 - single byte;
    • +
  • In case of "Hybrid" key PC = 0x6.
    • +
  • In case of "Compressed" key PC = 0x2.
+\note Size of output X and Y coordinates is equal to ModSizeInBytes. +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_ecpki_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_ECPKI_ExportPublKey( + CRYS_ECPKI_UserPublKey_t *pUserPublKey, /*!< [in] Pointer to the input public key structure (in Little-Endian form). */ + CRYS_ECPKI_PointCompression_t compression, /*!< [in] Compression mode: Compressed, Uncompressed or Hybrid. */ + uint8_t *pExternPublKey, /*!< [out] Pointer to the exported public key array, in compressed or uncompressed + or hybrid form: + [PC||X||Y] Big-Endian representation, structured according to [IEEE1363]. + In compressed form, Y is omitted. */ + uint32_t *pPublKeySizeBytes /*!< [in/out] Pointer used for the input of the user public key buffer size + (in bytes), and the output of the size of the converted public key in bytes. */ + ); + + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_dh.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_dh.h new file mode 100644 index 00000000000..b95abe55e74 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_dh.h @@ -0,0 +1,90 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef CRYS_ECPKI_DH_H +#define CRYS_ECPKI_DH_H + +/*! @file +@brief Defines the API that supports EC Diffie-Hellman shared secret value derivation primitives. +@defgroup crys_ecpki_dh CryptoCell ECC Diffie-Hellman APIs +@{ +@ingroup cryptocell_ecpki +*/ + + +#include "crys_ecpki_types.h" +#include "crys_ecpki_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*********************************************************************** + * CRYS_ECDH_SVDP_DH function * + ***********************************************************************/ +/*! +@brief Creates the shared secret value according to [IEEE1363, ANS X9.63]: + +
  1. Checks input-parameter pointers and EC Domain in public and private +keys.
    2. +
  2. Derives the partner public key and calls the EcWrstDhDeriveSharedSecret +function, which performs EC SVDP operations.
+\note The term "User" +refers to any party that calculates a shared secret value using this primitive. +The term "Partner" refers to any other party of shared secret value calculation. +Partner's public key shall be validated before using in this primitive. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_ecpki_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_ECDH_SVDP_DH( + CRYS_ECPKI_UserPublKey_t *PartnerPublKey_ptr, /*!< [in] Pointer to a partner public key. */ + CRYS_ECPKI_UserPrivKey_t *UserPrivKey_ptr, /*!< [in] Pointer to a user private key. */ + uint8_t *SharedSecretValue_ptr, /*!< [out] Pointer to an output buffer that will contain the shared + secret value. */ + uint32_t *SharedSecrValSize_ptr, /*!< [in/out] Pointer to the size of user-passed buffer (in) and + actual size of output of calculated shared secret value + (out). */ + CRYS_ECDH_TempData_t *TempBuff_ptr /*!< [in] Pointer to a temporary buffer. */); + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_domain.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_domain.h new file mode 100644 index 00000000000..8475d522e58 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_domain.h @@ -0,0 +1,80 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef CRYS_ECPKI_DOMAIN_H +#define CRYS_ECPKI_DOMAIN_H + + +/*! +@file +@brief Defines the ecpki build domain API. +@defgroup crys_ecpki_domain CryptoCell ECC domain APIs +@{ +@ingroup cryptocell_ecpki +*/ + + +#include "crys_error.h" +#include "crys_ecpki_types.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + + + +/********************************************************************************** + * CRYS_ECPKI_GetEcDomain function * + **********************************************************************************/ + +/*! + * @brief The function returns a pointer to an ECDSA saved domain (one of the supported domains). + * + * @return Domain pointer on success. + * @return NULL on failure. + */ + +const CRYS_ECPKI_Domain_t *CRYS_ECPKI_GetEcDomain(CRYS_ECPKI_DomainID_t domainId /*!< [in] Index of one of the domain Id (must be one of the supported domains). */); + +#ifdef __cplusplus +} +#endif +/** +@} +*/ +#endif diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_ecdsa.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_ecdsa.h new file mode 100644 index 00000000000..02db31d9481 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_ecdsa.h @@ -0,0 +1,139 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef CRYS_ECPKI_ECDSA_H +#define CRYS_ECPKI_ECDSA_H + +/*! +@file +@brief Defines the APIs that support the ECDSA functions. +@defgroup crys_ecpki_ecdsa CryptoCell ECDSA APIs +@{ +@ingroup cryptocell_ecpki +*/ + +#include "crys_error.h" +#include "crys_ecpki_types.h" +#include "crys_hash.h" +#include "crys_rnd.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + + +/************************************************************************** + * CRYS_ECDSA_Sign - integrated function + **************************************************************************/ +/*! +@brief This function performs an ECDSA sign operation in integrated form. + +\note +Using of HASH functions with HASH size greater than EC modulus size, is not recommended!. +Algorithm according [ANS X9.62] standard. + +The message data may be either a non-hashed data or a digest of a hash function. +For a non-hashed data, the message data will be hashed using the hash function indicated by ::CRYS_ECPKI_HASH_OpMode_t. +For a digest, ::CRYS_ECPKI_HASH_OpMode_t should indicate the hash function that the message data was created by, and it will not be hashed. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_ecpki_error.h, crys_hash_error.h or crys_rnd_error.h. +**/ +CIMPORT_C CRYSError_t CRYS_ECDSA_Sign( + void *rndState_ptr, /*!< [in/out] Pointer to the RND state structure. */ + SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc, /*!< [in] Pointer to the random vector generation function. */ + CRYS_ECDSA_SignUserContext_t *pSignUserContext, /*!< [in/out] Pointer to the user buffer for signing the database. */ + CRYS_ECPKI_UserPrivKey_t *pSignerPrivKey, /*!< [in] A pointer to a user private key structure. */ + CRYS_ECPKI_HASH_OpMode_t hashMode, /*!< [in] One of the supported SHA-x HASH modes, as defined in + ::CRYS_ECPKI_HASH_OpMode_t. + \note MD5 is not supported. */ + uint8_t *pMessageDataIn, /*!< [in] Pointer to the input data to be signed. + The size of the scatter/gather list representing the data buffer + is limited to 128 entries, and the size of each entry is limited + to 64KB (fragments larger than 64KB are broken into + fragments <= 64KB). */ + uint32_t messageSizeInBytes, /*!< [in] Size of message data in bytes. */ + uint8_t *pSignatureOut, /*!< [in] Pointer to a buffer for output of signature. */ + uint32_t *pSignatureOutSize /*!< [in/out] Pointer to the signature size. Used to pass the size of + the SignatureOut buffer (in), which must be >= 2 + * OrderSizeInBytes. When the API returns, + it is replaced with the size of the actual signature (out). */ + ); + + + +/************************************************************************** + * CRYS_ECDSA_Verify integrated function + **************************************************************************/ +/*! +@brief This function performs an ECDSA verify operation in integrated form. +Algorithm according [ANS X9.62] standard. + +The message data may be either a non-hashed data or a digest of a hash function. +For a non-hashed data, the message data will be hashed using the hash function indicated by ::CRYS_ECPKI_HASH_OpMode_t. +For a digest, ::CRYS_ECPKI_HASH_OpMode_t should indicate the hash function that the message data was created by, and it will not be hashed. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_ecpki_error.h or crys_hash_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_ECDSA_Verify ( + CRYS_ECDSA_VerifyUserContext_t *pVerifyUserContext, /*!< [in] Pointer to the user buffer for signing the database. */ + CRYS_ECPKI_UserPublKey_t *pUserPublKey, /*!< [in] Pointer to a user public key structure. */ + CRYS_ECPKI_HASH_OpMode_t hashMode, /*!< [in] One of the supported SHA-x HASH modes, as defined in + ::CRYS_ECPKI_HASH_OpMode_t. + \note MD5 is not supported. */ + uint8_t *pSignatureIn, /*!< [in] Pointer to the signature to be verified. */ + uint32_t SignatureSizeBytes, /*!< [in] Size of the signature (in bytes). */ + uint8_t *pMessageDataIn, /*!< [in] Pointer to the input data that was signed (same as given to + the signing function). The size of the scatter/gather list representing + the data buffer is limited to 128 entries, and the size of each entry is + limited to 64KB (fragments larger than 64KB are broken into fragments <= 64KB). */ + uint32_t messageSizeInBytes /*!< [in] Size of the input data (in bytes). */ + ); + + +/**********************************************************************************************************/ + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_error.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_error.h new file mode 100644 index 00000000000..9eb141dc560 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_error.h @@ -0,0 +1,303 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef CRYS_ECPKI_ERROR_H +#define CRYS_ECPKI_ERROR_H + + +/*! +@file +@brief This module contains the definitions of the CRYS ECPKI errors. +@defgroup crys_ecpki_error CryptoCell ECC specific errors +@{ +@ingroup cryptocell_ecpki +*/ + +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/************************ Defines ******************************/ + +/* CRYS_ECPKI_MODULE_ERROR_BASE = 0x00F00800 */ + +/********************************************************************************************* + * CRYS ECPKI MODULE ERRORS * + *********************************************************************************************/ +/*! Illegal domain ID. */ +#define CRYS_ECPKI_ILLEGAL_DOMAIN_ID_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x1UL) +/*! Illegal domain pointer. */ +#define CRYS_ECPKI_DOMAIN_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x2UL) +/* The CRYS ECPKI GEN KEY PAIR module errors */ +/*! Illegal private key pointer. */ +#define CRYS_ECPKI_GEN_KEY_INVALID_PRIVATE_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x3UL) +/*! Illegal public key pointer. */ +#define CRYS_ECPKI_GEN_KEY_INVALID_PUBLIC_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x4UL) +/*! Illegal temporary buffer pointer. */ +#define CRYS_ECPKI_GEN_KEY_INVALID_TEMP_DATA_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x5UL) +/*! Illegal RND context pointer. */ +#define CRYS_ECPKI_RND_CONTEXT_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x6UL) + +/************************************************************************************************************ +* The CRYS ECPKI BUILD KEYS MODULE ERRORS * +*************************************************************************************************************/ +/*! Illegal compression mode. */ +#define CRYS_ECPKI_BUILD_KEY_INVALID_COMPRESSION_MODE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x07UL) +/*! Illegal domain ID. */ +#define CRYS_ECPKI_BUILD_KEY_ILLEGAL_DOMAIN_ID_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x08UL) +/*! Illegal private key pointer. */ +#define CRYS_ECPKI_BUILD_KEY_INVALID_PRIV_KEY_IN_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x09UL) +/*! Illegal private key structure pointer. */ +#define CRYS_ECPKI_BUILD_KEY_INVALID_USER_PRIV_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x0AUL) +/*! Illegal private key size. */ +#define CRYS_ECPKI_BUILD_KEY_INVALID_PRIV_KEY_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x0BUL) +/*! Illegal private key data. */ +#define CRYS_ECPKI_BUILD_KEY_INVALID_PRIV_KEY_DATA_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x0CUL) +/*! Illegal public key pointer. */ +#define CRYS_ECPKI_BUILD_KEY_INVALID_PUBL_KEY_IN_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x0DUL) +/*! Illegal public key structure pointer. */ +#define CRYS_ECPKI_BUILD_KEY_INVALID_USER_PUBL_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x0EUL) +/*! Illegal public key size. */ +#define CRYS_ECPKI_BUILD_KEY_INVALID_PUBL_KEY_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x0FUL) +/*! Illegal public key data. */ +#define CRYS_ECPKI_BUILD_KEY_INVALID_PUBL_KEY_DATA_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x10UL) +/*! Illegal EC build check mode option. */ +#define CRYS_ECPKI_BUILD_KEY_INVALID_CHECK_MODE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x11UL) +/*! Illegal temporary buffer pointer. */ +#define CRYS_ECPKI_BUILD_KEY_INVALID_TEMP_BUFF_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x12UL) + +/* The CRYS ECPKI EXPORT PUBLIC KEY MODULE ERRORS */ +/*! Illegal public key structure pointer. */ +#define CRYS_ECPKI_EXPORT_PUBL_KEY_INVALID_USER_PUBL_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x14UL) +/*! Illegal public key compression mode. */ +#define CRYS_ECPKI_EXPORT_PUBL_KEY_ILLEGAL_COMPRESSION_MODE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x15UL) +/*! Illegal output public key pointer. */ +#define CRYS_ECPKI_EXPORT_PUBL_KEY_INVALID_EXTERN_PUBL_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x16UL) +/*! Illegal output public key size pointer. */ +#define CRYS_ECPKI_EXPORT_PUBL_KEY_INVALID_PUBL_KEY_SIZE_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x17UL) +/*! Illegal output public key size. */ +#define CRYS_ECPKI_EXPORT_PUBL_KEY_INVALID_PUBL_KEY_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x18UL) +/*! Illegal domain ID. */ +#define CRYS_ECPKI_EXPORT_PUBL_KEY_ILLEGAL_DOMAIN_ID_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x19UL) +/*! Validation of public key failed. */ +#define CRYS_ECPKI_EXPORT_PUBL_KEY_ILLEGAL_VALIDATION_TAG_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x1AUL) +/*! Validation of public key failed. */ +#define CRYS_ECPKI_EXPORT_PUBL_KEY_INVALID_PUBL_KEY_DATA_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x1BUL) + +/* The CRYS ECPKI BUILD ECC DOMAIN ERRORS */ +/*! Illegal domain ID. */ +#define CRYS_ECPKI_BUILD_DOMAIN_ID_IS_NOT_VALID_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x20UL) +/*! Illegal domain ID pointer. */ +#define CRYS_ECPKI_BUILD_DOMAIN_DOMAIN_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x21UL) +/*! Illegal domain parameter pointer. */ +#define CRYS_ECPKI_BUILD_DOMAIN_EC_PARAMETR_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x22UL) +/*! Illegal domain parameter size. */ +#define CRYS_ECPKI_BUILD_DOMAIN_EC_PARAMETR_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x23UL) +/*! Illegal domain cofactor parameters. */ +#define CRYS_ECPKI_BUILD_DOMAIN_COFACTOR_PARAMS_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x24UL) +/*! Insufficient strength. */ +#define CRYS_ECPKI_BUILD_DOMAIN_SECURITY_STRENGTH_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x25UL) +/*! SCA resistance error. */ +#define CRYS_ECPKI_BUILD_SCA_RESIST_ILLEGAL_MODE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x26UL) + + +/*! Internal PKI error */ +#define CRYS_ECPKI_PKI_INTERNAL_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x30UL) + +/************************************************************************************************************ + * CRYS EC DIFFIE-HELLMAN MODULE ERRORS +*************************************************************************************************************/ +/* The CRYS EC SVDP_DH Function errors */ +/*! Illegal partner's public key pointer. */ +#define CRYS_ECDH_SVDP_DH_INVALID_PARTNER_PUBL_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x31UL) +/*! Partner's public key validation failed. */ +#define CRYS_ECDH_SVDP_DH_PARTNER_PUBL_KEY_VALID_TAG_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x32UL) +/*! Illegal user private key pointer. */ +#define CRYS_ECDH_SVDP_DH_INVALID_USER_PRIV_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x33UL) +/*! Private key validation failed. */ +#define CRYS_ECDH_SVDP_DH_USER_PRIV_KEY_VALID_TAG_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x34UL) +/*! Illegal shared secret pointer. */ +#define CRYS_ECDH_SVDP_DH_INVALID_SHARED_SECRET_VALUE_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x35UL) +/*! Illegal temporary buffer pointer. */ +#define CRYS_ECDH_SVDP_DH_INVALID_TEMP_DATA_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x36UL) +/*! Illegal shared secret size pointer. */ +#define CRYS_ECDH_SVDP_DH_INVALID_SHARED_SECRET_VALUE_SIZE_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x37UL) +/*! Illegal shared secret size. */ +#define CRYS_ECDH_SVDP_DH_INVALID_SHARED_SECRET_VALUE_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x38UL) +/*! Illegal domain ID. */ +#define CRYS_ECDH_SVDP_DH_ILLEGAL_DOMAIN_ID_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x39UL) +/*! Illegal private and public domain ID are different. */ +#define CRYS_ECDH_SVDP_DH_NOT_CONCENT_PUBL_AND_PRIV_DOMAIN_ID_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x3AUL) + + +/************************************************************************************************************ + * CRYS ECDSA MODULE ERRORS + ************************************************************************************************************/ +/* The CRYS ECDSA Signing errors */ +/*! Illegal domain ID. */ +#define CRYS_ECDSA_SIGN_INVALID_DOMAIN_ID_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x50UL) +/*! Illegal context pointer. */ +#define CRYS_ECDSA_SIGN_INVALID_USER_CONTEXT_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x51UL) +/*! Illegal private key pointer. */ +#define CRYS_ECDSA_SIGN_INVALID_USER_PRIV_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x52UL) +/*! Illegal hash operation mode. */ +#define CRYS_ECDSA_SIGN_ILLEGAL_HASH_OP_MODE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x53UL) +/*! Illegal data in pointer. */ +#define CRYS_ECDSA_SIGN_INVALID_MESSAGE_DATA_IN_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x54UL) +/*! Illegal data in size. */ +#define CRYS_ECDSA_SIGN_INVALID_MESSAGE_DATA_IN_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x55UL) +/*! Context validation failed. */ +#define CRYS_ECDSA_SIGN_USER_CONTEXT_VALIDATION_TAG_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x57UL) +/*! User's private key validation failed. */ +#define CRYS_ECDSA_SIGN_USER_PRIV_KEY_VALIDATION_TAG_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x58UL) +/*! Illegal signature pointer. */ +#define CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x60UL) +/*! Illegal signature size pointer. */ +#define CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_SIZE_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x61UL) +/*! Illegal signature size. */ +#define CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x62UL) +/*! Ephemeral key error. */ +#define CRYS_ECDSA_SIGN_INVALID_IS_EPHEMER_KEY_INTERNAL_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x63UL) +/*! Illegal ephemeral key pointer. */ +#define CRYS_ECDSA_SIGN_INVALID_EPHEMERAL_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x64UL) +/*! Illegal RND context pointer. */ +#define CRYS_ECDSA_SIGN_INVALID_RND_CONTEXT_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x65UL) +/*! Illegal RND function pointer. */ +#define CRYS_ECDSA_SIGN_INVALID_RND_FUNCTION_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x66UL) +/*! Signature calculation failed. */ +#define CRYS_ECDSA_SIGN_SIGNING_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x67UL) + +/* The CRYS ECDSA Verifying errors */ +/*! Illegal domain ID. */ +#define CRYS_ECDSA_VERIFY_INVALID_DOMAIN_ID_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x70UL) +/*! Illegal user's context pointer. */ +#define CRYS_ECDSA_VERIFY_INVALID_USER_CONTEXT_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x71UL) +/*! Illegal public key pointer. */ +#define CRYS_ECDSA_VERIFY_INVALID_SIGNER_PUBL_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x72UL) +/*! Illegal hash operation mode. */ +#define CRYS_ECDSA_VERIFY_ILLEGAL_HASH_OP_MODE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x73UL) +/*! Illegal signature pointer. */ +#define CRYS_ECDSA_VERIFY_INVALID_SIGNATURE_IN_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x76UL) +/*! Illegal signature size. */ +#define CRYS_ECDSA_VERIFY_INVALID_SIGNATURE_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x77UL) +/*! Illegal data in pointer. */ +#define CRYS_ECDSA_VERIFY_INVALID_MESSAGE_DATA_IN_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x80UL) +/*! Illegal data in size. */ +#define CRYS_ECDSA_VERIFY_INVALID_MESSAGE_DATA_IN_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x81UL) +/*! Context validation failed. */ +#define CRYS_ECDSA_VERIFY_USER_CONTEXT_VALIDATION_TAG_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x82UL) +/*! public key validation failed. */ +#define CRYS_ECDSA_VERIFY_SIGNER_PUBL_KEY_VALIDATION_TAG_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x83UL) +/*! Verification failed. */ +#define CRYS_ECDSA_VERIFY_INCONSISTENT_VERIFY_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x84UL) + +/*! Illegal parameters. */ +#define CRYS_ECC_ILLEGAL_PARAMS_ACCORDING_TO_PRIV_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xD3UL) +/*! Illegal hash mode. */ +#define CRYS_ECC_ILLEGAL_HASH_MODE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xE0UL) + + +/************************************************************************************************************ + * CRYS ECPKI MODULE COMMON ERRORS +*************************************************************************************************************/ +/*! Illegal RND function pointer. */ +#define CRYS_ECPKI_INVALID_RND_FUNC_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x90UL) +/*! Illegal RND context pointer. */ +#define CRYS_ECPKI_INVALID_RND_CTX_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x91UL) +/*! Illegal domain ID. */ +#define CRYS_ECPKI_INVALID_DOMAIN_ID_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x92UL) +/*! Private key validation failed. */ +#define CRYS_ECPKI_INVALID_PRIV_KEY_TAG_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x93UL) +/*! Public key validation failed. */ +#define CRYS_ECPKI_INVALID_PUBL_KEY_TAG_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x94UL) +/*! Illegal data in. */ +#define CRYS_ECPKI_INVALID_DATA_IN_PASSED_STRUCT_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x95UL) + +/************************************************************************************************************ + * CRYS ECIES MODULE ERRORS +*************************************************************************************************************/ +/*! Illegal public key pointer. */ +#define CRYS_ECIES_INVALID_PUBL_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xE0UL) +/*! Public key validation failed. */ +#define CRYS_ECIES_INVALID_PUBL_KEY_TAG_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xE1UL) +/*! Illegal private key pointer. */ +#define CRYS_ECIES_INVALID_PRIV_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xE2UL) +/*! Private key validation failed. */ +#define CRYS_ECIES_INVALID_PRIV_KEY_TAG_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xE3UL) +/*! Illegal private key value. */ +#define CRYS_ECIES_INVALID_PRIV_KEY_VALUE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xE4UL) +/*! Illegal KDF derivation mode. */ +#define CRYS_ECIES_INVALID_KDF_DERIV_MODE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xE5UL) +/*! Illegal KDF hash mode. */ +#define CRYS_ECIES_INVALID_KDF_HASH_MODE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xE6UL) +/*! Illegal secret key pointer. */ +#define CRYS_ECIES_INVALID_SECRET_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xE7UL) +/*! Illegal secret key size. */ +#define CRYS_ECIES_INVALID_SECRET_KEY_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xE8UL) +/*! Illegal cipher data pointer. */ +#define CRYS_ECIES_INVALID_CIPHER_DATA_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xE9UL) +/*! Illegal cipher data size pointer. */ +#define CRYS_ECIES_INVALID_CIPHER_DATA_SIZE_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xEAUL) +/*! Illegal cipher data size. */ +#define CRYS_ECIES_INVALID_CIPHER_DATA_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xEBUL) +/*! Illegal temporary buffer pointer. */ +#define CRYS_ECIES_INVALID_TEMP_DATA_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xECUL) +/*! Illegal ephemeral key pointer */ +#define CRYS_ECIES_INVALID_EPHEM_KEY_PAIR_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xEDUL) + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Structs ******************************/ + +/************************ Public Variables **********************/ + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_kg.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_kg.h new file mode 100644 index 00000000000..10fcd49ab36 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_kg.h @@ -0,0 +1,88 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef CRYS_ECPKI_KG_H +#define CRYS_ECPKI_KG_H + +/*! @file +@brief Defines the API for generation of ECC private and public keys. +@defgroup crys_ecpki_kg CryptoCell ECC Key Generation APIs +@{ +@ingroup cryptocell_ecpki +*/ + + +#include "crys_error.h" +#include "crys_rnd.h" +#include "crys_ecpki_types.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/***************** CRYS_ECPKI_GenKeyPair function **********************/ +/*! +@brief Generates a pair of private and public keys in internal representation according to [ANS X9.62]. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_ecpki_error.h or crys_rnd_error.h +*/ +CIMPORT_C CRYSError_t CRYS_ECPKI_GenKeyPair( + void *rndState_ptr, /*!< [in/out] Pointer to the RND state structure. */ + SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc, /*!< [in] Pointer to the random vector generation function. */ + const CRYS_ECPKI_Domain_t *pDomain, /*!< [in] Pointer to EC domain (curve). */ + CRYS_ECPKI_UserPrivKey_t *pUserPrivKey, /*!< [out] Pointer to the private key structure. This structure is used as input to the + ECPKI cryptographic primitives. */ + CRYS_ECPKI_UserPublKey_t *pUserPublKey, /*!< [out] Pointer to the public key structure. This structure is used as input to the + ECPKI cryptographic primitives. */ + CRYS_ECPKI_KG_TempData_t *pTempData, /*!< [in] Temporary buffers for internal use, defined in ::CRYS_ECPKI_KG_TempData_t. */ + CRYS_ECPKI_KG_FipsContext_t *pFipsCtx /*!< [in] Pointer to temporary buffer used in case FIPS certification if required. */ +); + + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + + + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_types.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_types.h new file mode 100644 index 00000000000..2b4ee2c6464 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_ecpki_types.h @@ -0,0 +1,478 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef CRYS_ECPKI_TYPES_H +#define CRYS_ECPKI_TYPES_H + +/*! +@file +@brief Contains all of the enums and definitions that are used for the CRYS ECPKI APIs. +@defgroup crys_ecpki_types CryptoCell ECC specific types +@{ +@ingroup cryptocell_ecpki +*/ + +#include "ssi_pal_types_plat.h" +#include "crys_hash.h" +#include "crys_pka_defs_hw.h" +#include "ssi_pal_compiler.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/************************ Defines ******************************/ +/*! Internal buffer size in words. */ +#define CRYS_PKA_DOMAIN_LLF_BUFF_SIZE_IN_WORDS (10 + 3*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS) + +/************************************************************************************** + * Enumerators + ***************************************************************************************/ + +/*------------------------------------------------------------------*/ +/*! Enumerator for the EC Domain idetifier + References: [13] - SEC 2: Recommended elliptic curve domain parameters. + Version 1.0. Certicom 2000. + [8] - WAP-261-WTLS-20010406-a, Version 06-April-2001. */ + +typedef enum +{ + /* For prime field */ + CRYS_ECPKI_DomainID_secp160k1, /*!< EC secp160r1 */ + CRYS_ECPKI_DomainID_secp160r1, /*!< EC secp160k1 */ + CRYS_ECPKI_DomainID_secp160r2, /*!< EC secp160r2 */ + CRYS_ECPKI_DomainID_secp192k1, /*!< EC secp192k1 */ + CRYS_ECPKI_DomainID_secp192r1, /*!< EC secp192r1 */ + CRYS_ECPKI_DomainID_secp224k1, /*!< EC secp224k1 */ + CRYS_ECPKI_DomainID_secp224r1, /*!< EC secp224r1 */ + CRYS_ECPKI_DomainID_secp256k1, /*!< EC secp256k1 */ + CRYS_ECPKI_DomainID_secp256r1, /*!< EC secp256r1 */ + CRYS_ECPKI_DomainID_secp384r1, /*!< EC secp384r1 */ + CRYS_ECPKI_DomainID_secp521r1, /*!< EC secp521r1 */ + + CRYS_ECPKI_DomainID_Builded, /*!< User given, not identified. */ + CRYS_ECPKI_DomainID_OffMode, /*!< Reserved.*/ + + CRYS_ECPKI_DomainIDLast = 0x7FFFFFFF, /*! Reserved.*/ + +}CRYS_ECPKI_DomainID_t; + + +/*------------------------------------------------------------------*/ +/*! Defines the enum for the HASH operation mode. + * The enumerator defines 6 HASH modes according to IEEE 1363. + * + */ +typedef enum +{ + CRYS_ECPKI_HASH_SHA1_mode = 0, /*!< The message data will be hashed with SHA1. */ + CRYS_ECPKI_HASH_SHA224_mode = 1, /*!< The message data will be hashed with SHA224. */ + CRYS_ECPKI_HASH_SHA256_mode = 2, /*!< The message data will be hashed with SHA256. */ + CRYS_ECPKI_HASH_SHA384_mode = 3, /*!< The message data will be hashed with SHA384. */ + CRYS_ECPKI_HASH_SHA512_mode = 4, /*!< The message data will be hashed with SHA512. */ + + CRYS_ECPKI_AFTER_HASH_SHA1_mode = 5, /*!< The message data is a digest of SHA1 and will not be hashed. */ + CRYS_ECPKI_AFTER_HASH_SHA224_mode = 6, /*!< The message data is a digest of SHA224 and will not be hashed. */ + CRYS_ECPKI_AFTER_HASH_SHA256_mode = 7, /*!< The message data is a digest of SHA256 and will not be hashed. */ + CRYS_ECPKI_AFTER_HASH_SHA384_mode = 8, /*!< The message data is a digest of SHA384 and will not be hashed. */ + CRYS_ECPKI_AFTER_HASH_SHA512_mode = 9, /*!< The message data is a digest of SHA512 and will not be hashed. */ + + + CRYS_ECPKI_HASH_NumOfModes, /*!< Maximal number of HASH modes. */ + CRYS_ECPKI_HASH_OpModeLast = 0x7FFFFFFF, /*!< Reserved. */ + +}CRYS_ECPKI_HASH_OpMode_t; + + +/*---------------------------------------------------*/ +/*! Enumerator for the EC point compression idetifier. */ +typedef enum +{ + CRYS_EC_PointCompressed = 2, /*!< Compressed point. */ + CRYS_EC_PointUncompressed = 4, /*!< Uncompressed point. */ + CRYS_EC_PointContWrong = 5, /*!< Wrong Point Control value. */ + CRYS_EC_PointHybrid = 6, /*!< Hybrid point. */ + + CRYS_EC_PointCompresOffMode = 8, /*!< Reserved. */ + + CRYS_ECPKI_PointCompressionLast= 0x7FFFFFFF, /*!< Reserved. */ + +}CRYS_ECPKI_PointCompression_t; + + +/*! EC key checks defintions. */ +typedef enum { + CheckPointersAndSizesOnly = 0, /*!< Only preliminary input parameters are checked. */ + ECpublKeyPartlyCheck = 1, /*!< Preliminary input parameters check and verify that EC PubKey point is on the curve. */ + ECpublKeyFullCheck = 2, /*!< All the above and in addition verifies that EC_GeneratorOrder*PubKey = O */ + + PublKeyChecingOffMode, /*! Reserved. */ + EC_PublKeyCheckModeLast = 0x7FFFFFFF, /*! Reserved. */ +}EC_PublKeyCheckMode_t; + +/*----------------------------------------------------*/ +/*! Defintion of sw SCA protection. */ +typedef enum { + SCAP_Inactive, /*! Inactive.*/ + SCAP_Active, /*! Active.*/ + SCAP_OFF_MODE, /*! Reserved. */ + SCAP_LAST = 0x7FFFFFFF /*! Reserved. */ +} CRYS_ECPKI_ScaProtection_t; + + +/************************************************************************************** + * EC Domain structure definition + ***************************************************************************************/ + +/*! The structure containing the EC domain parameters in little-endian form + EC equation: Y^2 = X^3 + A*X + B over prime fild GFp. */ +typedef struct { + + /*! EC modulus: P. */ + uint32_t ecP [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + /*! EC equation parameter a. */ + uint32_t ecA [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + /*! EC equation parameter b. */ + uint32_t ecB [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + /*! Order of generator. */ + uint32_t ecR [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 1]; + /*! EC cofactor EC_Cofactor_K + Generator (EC base point) coordinates in projective form. */ + uint32_t ecGx [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + /*! EC cofactor EC_Cofactor_K + Generator (EC base point) coordinates in projective form. */ + uint32_t ecGy [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + /*! EC cofactor EC_Cofactor_K + Generator (EC base point) coordinates in projective form. */ + uint32_t ecH; + /*! Specific fields that are used by the low level.*/ + uint32_t llfBuff[CRYS_PKA_DOMAIN_LLF_BUFF_SIZE_IN_WORDS]; + /*! Size of fields in bits. */ + uint32_t modSizeInBits; + /*! Order size in bits. */ + uint32_t ordSizeInBits; + /*! Size of each inserted Barret tag in words; 0 - if not inserted.*/ + uint32_t barrTagSizeInWords; + /*! EC Domain identifier.*/ + CRYS_ECPKI_DomainID_t DomainID; + + /*! Internal buffer. */ + int8_t name[20]; + +} CRYS_ECPKI_Domain_t; + + + +/************************************************************************************** + * EC point structures definitions + ***************************************************************************************/ + +/*! The structure containing the EC point in affine coordinates + and little endian form. */ +typedef struct +{ + /*! Point coordinate X. */ + uint32_t x[CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + /*! Point coordinate Y. */ + uint32_t y[CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + +}CRYS_ECPKI_PointAffine_t; + + +/************************************************************************************** + * ECPKI public and private key Structures + ***************************************************************************************/ + +/* --------------------------------------------------------------------- */ +/* .................. The public key structures definitions ............ */ +/* --------------------------------------------------------------------- */ + +/*! The structure containing the Public Key in affine coordinates.*/ +typedef struct +{ + /*! Public Key coordinate X.*/ + uint32_t x[CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + /*! Public Key coordinate Y.*/ + uint32_t y[CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + /*! EC Domain.*/ + CRYS_ECPKI_Domain_t domain; + /*! Point type.*/ + uint32_t pointType; +} CRYS_ECPKI_PublKey_t; + +/*! The EC public key's user structure prototype. This structure must be saved by the user, and is used as input to the ECC functions +(such as ::CRYS_ECDSA_Verify etc.). */ +typedef struct CRYS_ECPKI_UserPublKey_t +{ + /*! Validation tag.*/ + uint32_t valid_tag; + /*! Public key data. */ + uint32_t PublKeyDbBuff[(sizeof(CRYS_ECPKI_PublKey_t)+3)/4]; + +} CRYS_ECPKI_UserPublKey_t; + + +/* --------------------------------------------------------------------- */ +/* .................. The private key structures definitions ........... */ +/* --------------------------------------------------------------------- */ + +/*! Structure containing the Private key data. */ +typedef struct +{ + /*! Private Key data. */ + uint32_t PrivKey[CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 1]; + /*! Domain. */ + CRYS_ECPKI_Domain_t domain; + /*! SCA protection mode. */ + CRYS_ECPKI_ScaProtection_t scaProtection; + +}CRYS_ECPKI_PrivKey_t; + + +/*! The EC private key's user structure prototype. This structure must be saved by the user, and is used as input to the ECC functions +(such as ::CRYS_ECDSA_Sign etc.). */ +typedef struct CRYS_ECPKI_UserPrivKey_t +{ + /*! Validation tag. */ + uint32_t valid_tag; + /*! Private key data. */ + uint32_t PrivKeyDbBuff[(sizeof(CRYS_ECPKI_PrivKey_t)+3)/4]; + +} CRYS_ECPKI_UserPrivKey_t; + +/*! ECDH temporary data type */ +typedef struct CRYS_ECDH_TempData_t +{ + /*! Temporary buffers. */ + uint32_t crysEcdhIntBuff[CRYS_PKA_ECDH_BUFF_MAX_LENGTH_IN_WORDS]; +}CRYS_ECDH_TempData_t; + +/*! EC build temporary data. */ +typedef struct CRYS_ECPKI_BUILD_TempData_t +{ + /*! Temporary buffers. */ + uint32_t crysBuildTmpIntBuff[CRYS_PKA_ECPKI_BUILD_TMP_BUFF_MAX_LENGTH_IN_WORDS]; +}CRYS_ECPKI_BUILD_TempData_t; + + + +/************************************************************************** + * CRYS ECDSA context structures + **************************************************************************/ + +/* --------------------------------------------------------------------- */ +/* CRYS ECDSA Signing context structure */ +/* --------------------------------------------------------------------- */ +/*! Internal buffer used in the signing process. */ +typedef uint32_t CRYS_ECDSA_SignIntBuff[CRYS_PKA_ECDSA_SIGN_BUFF_MAX_LENGTH_IN_WORDS]; + +/*! Context definition for Signing operation. */ +typedef struct +{ + /*! Private Key data. */ + CRYS_ECPKI_UserPrivKey_t ECDSA_SignerPrivKey; + + /*! HASH context. */ + CRYS_HASHUserContext_t hashUserCtxBuff; + /*! HASH result buffer. */ + CRYS_HASH_Result_t hashResult; + /*! HASH result size in words. */ + uint32_t hashResultSizeWords; + /*! HASH mode. */ + CRYS_ECPKI_HASH_OpMode_t hashMode; + /*! Internal buffer. */ + CRYS_ECDSA_SignIntBuff crysEcdsaSignIntBuff; +}ECDSA_SignContext_t; + + +/* --------------------------------------------------------------------- */ +/* CRYS ECDSA Signing User context database */ +/* --------------------------------------------------------------------- */ + +/*! User's context definition for signing operation. The context saves the state of the operation and must be saved by the user + till the end of the APIs flow */ +typedef struct CRYS_ECDSA_SignUserContext_t +{ + /*! Signing process data. */ + uint32_t context_buff [(sizeof(ECDSA_SignContext_t)+3)/4]; + /*! Validation tag*/ + uint32_t valid_tag; +} CRYS_ECDSA_SignUserContext_t; + + + +/****************************************************************************/ + +/* --------------------------------------------------------------------- */ +/* CRYS ECDSA Verifying context structure */ +/* --------------------------------------------------------------------- */ +/*! Internal buffer used in the verification process. */ +typedef uint32_t CRYS_ECDSA_VerifyIntBuff[CRYS_PKA_ECDSA_VERIFY_BUFF_MAX_LENGTH_IN_WORDS]; + +/*! Context definition for verification operation. */ +typedef struct +{ + /*! Public key data. */ + CRYS_ECPKI_UserPublKey_t ECDSA_SignerPublKey; + + /*! HASH context. */ + CRYS_HASHUserContext_t hashUserCtxBuff; + /*! HASH result. */ + CRYS_HASH_Result_t hashResult; + /*! HASH result size in words. */ + uint32_t hashResultSizeWords; + /*! HASH mode. */ + CRYS_ECPKI_HASH_OpMode_t hashMode; + /*! Internal buffer. */ + CRYS_ECDSA_VerifyIntBuff crysEcdsaVerIntBuff; + +}ECDSA_VerifyContext_t; + + +/* --------------------------------------------------------------------- */ +/* CRYS ECDSA Verifying User context database */ +/* --------------------------------------------------------------------- */ +/*! User's context definition for verification operation. The context saves the state of the operation and must be saved by the user + till the end of the APIs flow */ +typedef struct CRYS_ECDSA_VerifyUserContext_t +{ + /*! Verification process data. */ + uint32_t context_buff[(sizeof(ECDSA_VerifyContext_t)+3)/4]; + /*! Validation tag. */ + uint32_t valid_tag; +}CRYS_ECDSA_VerifyUserContext_t; + + + + +/* --------------------------------------------------------------------- */ +/* .................. key generation temp buffer ........... */ +/* --------------------------------------------------------------------- */ + +/*! ECPKI KG temporary data type */ +typedef struct CRYS_ECPKI_KG_TempData_t +{ + /*! Internal buffer. */ + uint32_t crysKGIntBuff[CRYS_PKA_KG_BUFF_MAX_LENGTH_IN_WORDS]; +}CRYS_ECPKI_KG_TempData_t; + +/*! ECIES temporary data definition. */ +typedef struct CRYS_ECIES_TempData_t { + + /*! Private key data. */ + CRYS_ECPKI_UserPrivKey_t PrivKey; + /*! Public key data. */ + CRYS_ECPKI_UserPublKey_t PublKey; + /*! Internal buffer. */ + uint32_t zz[3*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 1]; + /*! Internal buffers. */ + union { + CRYS_ECPKI_BUILD_TempData_t buildTempbuff; + CRYS_ECPKI_KG_TempData_t KgTempBuff; + CRYS_ECDH_TempData_t DhTempBuff; + } tmp; + +}CRYS_ECIES_TempData_t; + + +/* --------------------------------------------------------------------- */ +/* .................. defines for FIPS ........... */ +/* --------------------------------------------------------------------- */ + +/*! Order length for the FIPS ECC tests. */ +#define CRYS_ECPKI_FIPS_ORDER_LENGTH (256/SASI_BITS_IN_BYTE) // the order of secp256r1 in bytes + +/*! Context definition required for internal FIPS verification for ECPKI key generation. */ +typedef struct CRYS_ECPKI_KG_FipsContext_t +{ + /*! Signing and verification data. */ + union { + CRYS_ECDSA_SignUserContext_t signCtx; + CRYS_ECDSA_VerifyUserContext_t verifyCtx; + }operationCtx; + /*! Internal buffer. */ + uint32_t signBuff[2*CRYS_ECPKI_ORDER_MAX_LENGTH_IN_WORDS]; +}CRYS_ECPKI_KG_FipsContext_t; + + + +/*! Context defintion, required for internal FIPS verification for ECDSA KAT. * +* The ECDSA KAT tests defined for domain 256r1. */ +typedef struct CRYS_ECDSAFipsKatContext_t{ + /*! Key data. */ + union { + /*! Private key data. */ + struct { + CRYS_ECPKI_UserPrivKey_t PrivKey; + CRYS_ECDSA_SignUserContext_t signCtx; + }userSignData; + /*! Public key data. */ + struct { + CRYS_ECPKI_UserPublKey_t PublKey; + union { + CRYS_ECDSA_VerifyUserContext_t verifyCtx; + CRYS_ECPKI_BUILD_TempData_t tempData; + }buildOrVerify; + }userVerifyData; + }keyContextData; + /*! Internal buffer. */ + uint8_t signBuff[2*CRYS_ECPKI_FIPS_ORDER_LENGTH]; +}CRYS_ECDSAFipsKatContext_t; + +/*! Context definition, required for internal FIPS verification for ECDH KAT. */ +typedef struct CRYS_ECDHFipsKatContext_t{ + /*! Public key data. */ + CRYS_ECPKI_UserPublKey_t pubKey; + /*! Private key data. */ + CRYS_ECPKI_UserPrivKey_t privKey; + /*! Internal buffers. */ + union { + CRYS_ECPKI_BUILD_TempData_t ecpkiTempData; + CRYS_ECDH_TempData_t ecdhTempBuff; + }tmpData; + /*! Buffer for the secret key. */ + uint8_t secretBuff[CRYS_ECPKI_FIPS_ORDER_LENGTH]; +}CRYS_ECDHFipsKatContext_t; + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_error.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_error.h new file mode 100644 index 00000000000..ae9125e7a98 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_error.h @@ -0,0 +1,273 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +#ifndef CRYS_ERROR_H +#define CRYS_ERROR_H + +#include "ssi_pal_types.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! @file +@brief This module defines the error return code types and the numbering spaces of the error codes +for each module of the layers listed below. +@defgroup crys_error CryptoCell general base error codes +@{ +@ingroup cryptocell_api +*/ + +/*! The definitions of the error number space used for the different modules */ + +/* ........... Error base numeric mapping definitions ................... */ +/* ----------------------------------------------------------------------- */ + + /*! CRYS error base number. */ +#define CRYS_ERROR_BASE 0x00F00000UL + +/*! Error range number assigned for each layer. */ +#define CRYS_ERROR_LAYER_RANGE 0x00010000UL + +/*! Error range number assigned to each module on its specified layer. */ +#define CRYS_ERROR_MODULE_RANGE 0x00000100UL + +/* Defines the layer index for the error mapping. */ +/*! CRYS error layer index. */ +#define CRYS_LAYER_ERROR_IDX 0x00UL +/*! Low level functions error layer index. */ +#define LLF_LAYER_ERROR_IDX 0x01UL +/*! Generic error layer index. */ +#define GENERIC_ERROR_IDX 0x05UL + +/* Defines the module index for error mapping */ +/*! AES error index.*/ +#define AES_ERROR_IDX 0x00UL +/*! DES error index.*/ +#define DES_ERROR_IDX 0x01UL +/*! HASH error index.*/ +#define HASH_ERROR_IDX 0x02UL +/*! HMAC error index.*/ +#define HMAC_ERROR_IDX 0x03UL +/*! RSA error index.*/ +#define RSA_ERROR_IDX 0x04UL +/*! DH error index.*/ +#define DH_ERROR_IDX 0x05UL + +/*! ECPKI error index.*/ +#define ECPKI_ERROR_IDX 0x08UL +/*! RND error index.*/ +#define RND_ERROR_IDX 0x0CUL +/*! Common error index.*/ +#define COMMON_ERROR_IDX 0x0DUL +/*! KDF error index.*/ +#define KDF_ERROR_IDX 0x11UL +/*! HKDF error index.*/ +#define HKDF_ERROR_IDX 0x12UL +/*! AESCCM error index.*/ +#define AESCCM_ERROR_IDX 0x15UL +/*! FIPS error index.*/ +#define FIPS_ERROR_IDX 0x17UL + +/*! PKA error index.*/ +#define PKA_MODULE_ERROR_IDX 0x21UL +/*! CHACHA error index.*/ +#define CHACHA_ERROR_IDX 0x22UL +/*! EC montgomery and edwards error index.*/ +#define EC_MONT_EDW_ERROR_IDX 0x23UL +/*! CHACHA POLY error index.*/ +#define CHACHA_POLY_ERROR_IDX 0x24UL +/*! POLY error index.*/ +#define POLY_ERROR_IDX 0x25UL +/*! SRP error index.*/ +#define SRP_ERROR_IDX 0x26UL + + + +/* .......... defining the error spaces for each module on each layer ........... */ +/* ------------------------------------------------------------------------------ */ + +/*! AES module error base address - 0x00F00000. */ +#define CRYS_AES_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * AES_ERROR_IDX ) ) + +/*! DES module error base address - 0x00F00100. */ +#define CRYS_DES_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * DES_ERROR_IDX ) ) + +/*! HASH module error base address - 0x00F00200. */ +#define CRYS_HASH_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * HASH_ERROR_IDX ) ) + +/*! HMAC module error base address - 0x00F00300. */ +#define CRYS_HMAC_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * HMAC_ERROR_IDX ) ) + +/*! RSA module error base address - 0x00F00400. */ +#define CRYS_RSA_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * RSA_ERROR_IDX ) ) + +/*! DH module error base address - 0x00F00500. */ +#define CRYS_DH_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * DH_ERROR_IDX ) ) + +/*! ECPKI module error base address - 0x00F00800. */ +#define CRYS_ECPKI_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * ECPKI_ERROR_IDX ) ) + +/*! Low level ECPKI module error base address - 0x00F10800. */ +#define LLF_ECPKI_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * LLF_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * ECPKI_ERROR_IDX ) ) + +/*! RND module error base address - 0x00F00C00. */ +#define CRYS_RND_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * RND_ERROR_IDX ) ) + +/*! Low level RND module error base address - 0x00F10C00. */ +#define LLF_RND_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * LLF_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * RND_ERROR_IDX ) ) + +/*! COMMMON module error base address - 0x00F00D00. */ +#define CRYS_COMMON_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * COMMON_ERROR_IDX ) ) + +/*! KDF module error base address - 0x00F01100. */ +#define CRYS_KDF_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * KDF_ERROR_IDX ) ) + +/*! HKDF module error base address - 0x00F01100. */ +#define CRYS_HKDF_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * HKDF_ERROR_IDX ) ) + +/*! AESCCM module error base address - 0x00F01500. */ +#define CRYS_AESCCM_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * AESCCM_ERROR_IDX ) ) + +/*! FIPS module error base address - 0x00F01700. */ +#define CRYS_FIPS_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * FIPS_ERROR_IDX ) ) + +/*! PKA module error base address - 0x00F02100. */ +#define PKA_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * PKA_MODULE_ERROR_IDX ) ) + +/*! CHACHA module error base address - 0x00F02200. */ +#define CRYS_CHACHA_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * CHACHA_ERROR_IDX ) ) +/*! CHACHA POLY module error base address - 0x00F02400. */ +#define CRYS_CHACHA_POLY_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * CHACHA_POLY_ERROR_IDX ) ) +/*! POLY module error base address - 0x00F02500. */ +#define CRYS_POLY_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * POLY_ERROR_IDX ) ) + +/*! SRP module error base address - 0x00F02600. */ +#define CRYS_SRP_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * SRP_ERROR_IDX ) ) + + +/*! EC MONT_EDW module error base address - 0x00F02300. */ +#define CRYS_EC_MONT_EDW_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * EC_MONT_EDW_ERROR_IDX ) ) + + +/*! User generic error base address - 0x00F50000 */ +#define GENERIC_ERROR_BASE ( CRYS_ERROR_BASE + (CRYS_ERROR_LAYER_RANGE * GENERIC_ERROR_IDX) ) +/*! CRYS fatal error. */ +#define CRYS_FATAL_ERROR (GENERIC_ERROR_BASE + 0x00UL) +/*! CRYS out of resources error. */ +#define CRYS_OUT_OF_RESOURCE_ERROR (GENERIC_ERROR_BASE + 0x01UL) +/*! CRYS illegal resource value error. */ +#define CRYS_ILLEGAL_RESOURCE_VAL_ERROR (GENERIC_ERROR_BASE + 0x02UL) + + + +/* ............ The OK (success) definition ....................... */ +/*! Success defintion. */ +#define CRYS_OK 0 + +/*! MACRO that defines crys return value. */ +#define SASI_CRYS_RETURN_ERROR(retCode, retcodeInfo, funcHandler) \ + ((retCode) == 0 ? CRYS_OK : funcHandler(retCode, retcodeInfo)) + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + +/*! The typedef definition of all of the error codes that are returned from the CRYS functions */ +typedef uint32_t CRYSError_t; + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + + + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hash.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hash.h new file mode 100644 index 00000000000..ea93a8a8615 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hash.h @@ -0,0 +1,285 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +/*! +@file +@brief This file contains all of the enums and definitions +that are used for the CRYS HASH APIs, as well as the APIs themselves. +@defgroup crys_hash CryptoCell HASH APIs +@{ +@ingroup cryptocell_api + + +This product supports the following HASH algorithms (or modes, according to product): +
  • CRYS_HASH_MD5 (producing 16 byte output).
    • +
  • CRYS_HASH_SHA1 (producing 20 byte output).
    • +
  • CRYS_HASH_SHA224 (producing 28 byte output).
    • +
  • CRYS_HASH_SHA256 (producing 32 byte output).
    • +
  • CRYS_HASH_SHA384 (producing 48 byte output).
    • +
  • CRYS_HASH_SHA512 (producing 64 byte output).
+ +HASH calculation can be performed in either of the following two modes of operation: +
  • Integrated operation - Processes all data in a single function call. This flow is applicable when all data is available prior to the + cryptographic operation.
    • +
  • Block operation - Processes a subset of the data buffers, and is called multiple times in a sequence. This flow is applicable when the + next data buffer becomes available only during/after processing of the current data buffer.
+ +The following is a typical HASH Block operation flow: +
  1. ::CRYS_HASH_Init - this function initializes the HASH machine on the CRYS level by setting the context pointer that is used on the entire + HASH operation.
    2. +
  2. ::CRYS_HASH_Update - this function runs a HASH operation on a block of data allocated by the user. This function may be called as many times + as required.
    3. +
  3. ::CRYS_HASH_Finish - this function ends the HASH operation. It returns the digest result and clears the context.
+*/ + +#ifndef CRYS_HASH_H +#define CRYS_HASH_H + + +#include "ssi_pal_types.h" +#include "crys_error.h" +#include "crys_hash_defs.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/************************ Defines ******************************/ +/* The hash result in words +#define CRYS_HASH_RESULT_SIZE_IN_WORDS 5*/ +/*! The maximal hash result is 512 bits for SHA512. */ +#define CRYS_HASH_RESULT_SIZE_IN_WORDS 16 + +/*! MD5 digest result size in bytes. */ +#define CRYS_HASH_MD5_DIGEST_SIZE_IN_BYTES 16 + +/*! MD5 digest result size in words. */ +#define CRYS_HASH_MD5_DIGEST_SIZE_IN_WORDS 4 + +/*! SHA-1 digest result size in bytes. */ +#define CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES 20 + +/*! SHA-1 digest result size in words. */ +#define CRYS_HASH_SHA1_DIGEST_SIZE_IN_WORDS 5 + +/*! SHA-256 digest result size in words. */ +#define CRYS_HASH_SHA224_DIGEST_SIZE_IN_WORDS 7 + +/*! SHA-256 digest result size in words. */ +#define CRYS_HASH_SHA256_DIGEST_SIZE_IN_WORDS 8 + +/*! SHA-384 digest result size in words. */ +#define CRYS_HASH_SHA384_DIGEST_SIZE_IN_WORDS 12 + +/*! SHA-512 digest result size in words. */ +#define CRYS_HASH_SHA512_DIGEST_SIZE_IN_WORDS 16 + +/*! SHA-256 digest result size in bytes */ +#define CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES 28 + +/*! SHA-256 digest result size in bytes */ +#define CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES 32 + +/*! SHA-384 digest result size in bytes */ +#define CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES 48 + +/*! SHA-512 digest result size in bytes */ +#define CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES 64 + +/*! SHA1 hash block size in words */ +#define CRYS_HASH_BLOCK_SIZE_IN_WORDS 16 + +/*! SHA1 hash block size in bytes */ +#define CRYS_HASH_BLOCK_SIZE_IN_BYTES 64 + +/*! SHA2 hash block size in words */ +#define CRYS_HASH_SHA512_BLOCK_SIZE_IN_WORDS 32 + +/*! SHA2 hash block size in bytes */ +#define CRYS_HASH_SHA512_BLOCK_SIZE_IN_BYTES 128 + +/*! Maximal data size for update operation. */ +#define CRYS_HASH_UPDATE_DATA_MAX_SIZE_IN_BYTES (1 << 29) + + +/************************ Enums ********************************/ + +/*! +HASH operation mode +*/ +typedef enum { + CRYS_HASH_SHA1_mode = 0, /*!< SHA1. */ + CRYS_HASH_SHA224_mode = 1, /*!< SHA224. */ + CRYS_HASH_SHA256_mode = 2, /*!< SHA256. */ + CRYS_HASH_SHA384_mode = 3, /*!< SHA384. */ + CRYS_HASH_SHA512_mode = 4, /*!< SHA512. */ + CRYS_HASH_MD5_mode = 5, /*!< MD5. */ + /*! Number of hash modes. */ + CRYS_HASH_NumOfModes, + /*! Reserved. */ + CRYS_HASH_OperationModeLast= 0x7FFFFFFF, + +}CRYS_HASH_OperationMode_t; + +/************************ Typedefs *****************************/ + +/*! HASH result buffer. */ +typedef uint32_t CRYS_HASH_Result_t[CRYS_HASH_RESULT_SIZE_IN_WORDS]; + +/************************ Structs ******************************/ +/*! The user's context prototype - the argument type that is passed by the user + to the HASH APIs. The context saves the state of the operation and must be saved by the user + till the end of the APIs flow. */ +typedef struct CRYS_HASHUserContext_t { + /*! Internal buffer */ + uint32_t buff[CRYS_HASH_USER_CTX_SIZE_IN_WORDS]; +}CRYS_HASHUserContext_t; + +/************************ Public Variables **********************/ + +/************************ Public Functions **********************/ + + +/************************************************************************************************/ +/*! +@brief This function initializes the HASH machine and the HASH Context. + +It receives as input a pointer to store the context handle to the HASH Context, +and initializes the HASH Context with the cryptographic attributes that are needed for the HASH block operation (initializes H's value for the HASH algorithm). + +@return CRYS_OK on success. +@return A non-zero value from crys_hash_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_HASH_Init( + CRYS_HASHUserContext_t *ContextID_ptr, /*!< [in] Pointer to the HASH context buffer allocated by the user that is used + for the HASH machine operation. */ + CRYS_HASH_OperationMode_t OperationMode /*!< [in] One of the supported HASH modes, as defined in CRYS_HASH_OperationMode_t. */ +); + +/************************************************************************************************/ +/*! +@brief This function processes a block of data to be HASHed. + +It updates a HASH Context that was previously initialized by CRYS_HASH_Init or updated by a previous call to CRYS_HASH_Update. + +@return CRYS_OK on success. +@return A non-zero value from crys_hash_error.h on failure. +*/ + +CIMPORT_C CRYSError_t CRYS_HASH_Update( + CRYS_HASHUserContext_t *ContextID_ptr, /*!< [in] Pointer to the HASH context buffer allocated by the user, which is used for the + HASH machine operation. */ + uint8_t *DataIn_ptr, /*!< [in] Pointer to the input data to be HASHed. + it is a one contiguous memory block. */ + size_t DataInSize /*!< [in] Byte size of the input data. Must be > 0. + If not a multiple of the HASH block size (64 for MD5, SHA-1 and SHA-224/256, + 128 for SHA-384/512), no further calls + to CRYS_HASH_Update are allowed in this context, and only CRYS_HASH_Finish + can be called to complete the computation. */ +); + +/************************************************************************************************/ +/*! +@brief This function finalizes the hashing process of data block. + +It receives a handle to the HASH Context, which was previously initialized by CRYS_HASH_Init or by CRYS_HASH_Update. +It "adds" a header to the data block according to the relevant HASH standard, and computes the final message digest. + +@return CRYS_OK on success. +@return A non-zero value from crys_hash_error.h on failure. +*/ + +CIMPORT_C CRYSError_t CRYS_HASH_Finish( + CRYS_HASHUserContext_t *ContextID_ptr, /*!< [in] Pointer to the HASH context buffer allocated by the user that is used for + the HASH machine operation. */ + CRYS_HASH_Result_t HashResultBuff /*!< [in] Pointer to the word-aligned 64 byte buffer. The actual size of the HASH + result depends on CRYS_HASH_OperationMode_t. */ +); + + +/************************************************************************************************/ +/*! +@brief This function is a utility function that frees the context if the operation has failed. + +The function executes the following major steps: +
  1. Checks the validity of all of the inputs of the function.
    2. +
  2. Clears the user's context.
    3. +
  3. Exits the handler with the OK code.
+ +@return CRYS_OK on success. +@return A non-zero value from crys_hash_error.h on failure. +*/ + +CIMPORT_C CRYSError_t CRYS_HASH_Free( + CRYS_HASHUserContext_t *ContextID_ptr /*!< [in] Pointer to the HASH context buffer allocated by the user that is used for + the HASH machine operation. */ +); + + +/************************************************************************************************/ +/*! +@brief This function processes a single buffer of data. + +The function allocates an internal HASH Context, and initializes it with the cryptographic attributes +that are needed for the HASH block operation (initialize H's value for the HASH algorithm). +Then it processes the data block, calculating the HASH. Finally, it returns the data buffer's message digest. + +@return CRYS_OK on success. +@return A non-zero value from crys_hash_error.h on failure. + */ + +CIMPORT_C CRYSError_t CRYS_HASH ( + CRYS_HASH_OperationMode_t OperationMode, /*!< [in] One of the supported HASH modes, as defined in CRYS_HASH_OperationMode_t. */ + uint8_t *DataIn_ptr, /*!< [in] Pointer to the input data to be HASHed. + The size of the scatter/gather list representing the data buffer is limited + to 128 entries, and the size of each entry is limited to 64KB + (fragments larger than 64KB are broken into fragments <= 64KB). */ + size_t DataSize, /*!< [in] The size of the data to be hashed in bytes. */ + CRYS_HASH_Result_t HashResultBuff /*!< [out] Pointer to a word-aligned 64 byte buffer. The actual size of the HASH + result depends on CRYS_HASH_OperationMode_t. */ +); + + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hash_defs.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hash_defs.h new file mode 100644 index 00000000000..701f78a8709 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hash_defs.h @@ -0,0 +1,66 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +#ifndef CRYS_HASH_DEFS_H +#define CRYS_HASH_DEFS_H + +/*! +@file +@brief This file contains HASH definitions. +@defgroup crys_hash_defs CryptoCell Hash definitions +@{ +@ingroup crys_hash +*/ + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/************************ Defines ******************************/ + +/*! The size of user's context prototype (see ::CRYS_HASHUserContext_t) in words. */ +#define CRYS_HASH_USER_CTX_SIZE_IN_WORDS 60 + + +#ifdef __cplusplus +} +#endif + +/** +@} + */ +#endif diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hash_error.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hash_error.h new file mode 100644 index 00000000000..3840d183f76 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hash_error.h @@ -0,0 +1,108 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + + +#ifndef CRYS_HASH_ERROR_H +#define CRYS_HASH_ERROR_H + + +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief This module contains the definitions of the CRYS HASH errors. +@defgroup crys_hash_error CryptoCell HASH specific errors +@{ +@ingroup crys_hash +*/ + + + + +/************************ Defines ******************************/ +/*! HASH module on the CRYS layer base address - 0x00F00200*/ +/* The CRYS HASH module errors */ +/*! Illegal context pointer. */ +#define CRYS_HASH_INVALID_USER_CONTEXT_POINTER_ERROR (CRYS_HASH_MODULE_ERROR_BASE + 0x0UL) +/*! Illegal operation mode. */ +#define CRYS_HASH_ILLEGAL_OPERATION_MODE_ERROR (CRYS_HASH_MODULE_ERROR_BASE + 0x1UL) +/*! Context is corrupted. */ +#define CRYS_HASH_USER_CONTEXT_CORRUPTED_ERROR (CRYS_HASH_MODULE_ERROR_BASE + 0x2UL) +/*! Illegal data in pointer. */ +#define CRYS_HASH_DATA_IN_POINTER_INVALID_ERROR (CRYS_HASH_MODULE_ERROR_BASE + 0x3UL) +/*! Illegal data in size. */ +#define CRYS_HASH_DATA_SIZE_ILLEGAL (CRYS_HASH_MODULE_ERROR_BASE + 0x4UL) +/*! Illegal result buffer pointer. */ +#define CRYS_HASH_INVALID_RESULT_BUFFER_POINTER_ERROR (CRYS_HASH_MODULE_ERROR_BASE + 0x5UL) +/*! Last block was already processed (may happen if previous block was not a multiple of block size). */ +#define CRYS_HASH_LAST_BLOCK_ALREADY_PROCESSED_ERROR (CRYS_HASH_MODULE_ERROR_BASE + 0xCUL) +/*! Illegal parameter. */ +#define CRYS_HASH_ILLEGAL_PARAMS_ERROR (CRYS_HASH_MODULE_ERROR_BASE + 0xDUL) +/*! Illegal context size. */ +#define CRYS_HASH_CTX_SIZES_ERROR (CRYS_HASH_MODULE_ERROR_BASE + 0xEUL) +/*! HASH is not supported. */ +#define CRYS_HASH_IS_NOT_SUPPORTED (CRYS_HASH_MODULE_ERROR_BASE + 0xFUL) + + + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hkdf.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hkdf.h new file mode 100644 index 00000000000..fbc5bcc5557 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hkdf.h @@ -0,0 +1,124 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +#ifndef CRYS_HKDF_H +#define CRYS_HKDF_H + +#include "crys_hash.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief This module defines the API that supports HMAC Key derivation function as defined by RFC5869. +@defgroup crys_hkdf CryptoCell HMAC Key Derivation APIs +@{ +@ingroup cryptocell_api +*/ + +/*! HKDF maximal key size in words. */ +#define CRYS_HKDF_MAX_HASH_KEY_SIZE_IN_BYTES 512 + +/*! HKDF maximal HASH digest size in bytes. */ +#define CRYS_HKDF_MAX_HASH_DIGEST_SIZE_IN_BYTES CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES + +/************************ Defines ******************************/ + +/************************ Enums ********************************/ + +/*! Enum defining HKDF HASH available modes. */ +typedef enum +{ + /*! SHA1 mode. */ + CRYS_HKDF_HASH_SHA1_mode = 0, + /*! SHA224 mode. */ + CRYS_HKDF_HASH_SHA224_mode = 1, + /*! SHA256 mode. */ + CRYS_HKDF_HASH_SHA256_mode = 2, + /*! SHA384 mode. */ + CRYS_HKDF_HASH_SHA384_mode = 3, + /*! SHA512 mode. */ + CRYS_HKDF_HASH_SHA512_mode = 4, + + /*! Maximal number of HASH modes. */ + CRYS_HKDF_HASH_NumOfModes, + + /*! Reserved */ + CRYS_HKDF_HASH_OpModeLast = 0x7FFFFFFF, + +}CRYS_HKDF_HASH_OpMode_t; + +/************************ Typedefs ****************************/ + +/************************ Structs ******************************/ + +/************************ Public Variables **********************/ + +/************************ Public Functions **********************/ + +/****************************************************************/ + + +/*********************************************************************************************************/ +/*! +@brief CRYS_HKDF_KeyDerivFunc performs the HMAC-based key derivation, according to RFC5869 + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_kdf_error.h, crys_hash_error or crys_hmac_error.h +*/ +CEXPORT_C CRYSError_t CRYS_HKDF_KeyDerivFunc( + CRYS_HKDF_HASH_OpMode_t HKDFhashMode, /*!< [in] The HKDF identifier of hash function to be used. */ + uint8_t* Salt_ptr, /*!< [in] A pointer to a non secret random value. can be NULL. */ + size_t SaltLen, /*!< [in] The size of the salt_ptr. */ + uint8_t* Ikm_ptr, /*!< [in] A pointer to a input key message. */ + uint32_t IkmLen, /*!< [in] The size of the input key message */ + uint8_t* Info, /*!< [in] A pointer to an optional context and application specific information. can be NULL */ + uint32_t InfoLen, /*!< [in] The size of the info. */ + uint8_t* Okm, /*!< [in] A pointer to a output key material. */ + uint32_t OkmLen, /*!< [in] The size of the output key material. */ + SaSiBool IsStrongKey /*!< [in] if TRUE , then no need to perform the extraction phase. */ + ); + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hkdf_error.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hkdf_error.h new file mode 100644 index 00000000000..d78398e32f9 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hkdf_error.h @@ -0,0 +1,91 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +#ifndef CRYS_HKDF_ERROR_H +#define CRYS_HKDF_ERROR_H + +#include "crys_error.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief This module contains the definitions of the CRYS HKDF errors. +@defgroup crys_hkdf_error HMAC Key Derivation specific errors +@{ +@ingroup crys_hkdf + */ + + +/************************ Defines *******************************/ + +/*! CryptoCell HKDF module errors / base address - 0x00F01100. */ +/*! Invalid argument. */ +#define CRYS_HKDF_INVALID_ARGUMENT_POINTER_ERROR (CRYS_HKDF_MODULE_ERROR_BASE + 0x0UL) +/*! Invalid argument size. */ +#define CRYS_HKDF_INVALID_ARGUMENT_SIZE_ERROR (CRYS_HKDF_MODULE_ERROR_BASE + 0x1UL) +/*! Illegal hash mode. */ +#define CRYS_HKDF_INVALID_ARGUMENT_HASH_MODE_ERROR (CRYS_HKDF_MODULE_ERROR_BASE + 0x3UL) +/*! HKDF not supported. */ +#define CRYS_HKDF_IS_NOT_SUPPORTED (CRYS_HKDF_MODULE_ERROR_BASE + 0xFFUL) + +/************************ Enums *********************************/ + +/************************ Typedefs *****************************/ + +/************************ Structs ******************************/ + +/************************ Public Variables **********************/ + +/************************ Public Functions **********************/ + + + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + + + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hmac.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hmac.h new file mode 100644 index 00000000000..9094d732ef2 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hmac.h @@ -0,0 +1,214 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +/*! +@file +@brief This file contains all of the enums and definitions +that are used for the CRYS HMAC APIs, as well as the APIs themselves. +@defgroup crys_hmac CryptoCell HMAC APIs +@{ +@ingroup cryptocell_api + + +HMAC is a wrapping algorithm that uses a HASH function (one of the supported HASH algorithms, as specified in the HASH chapter) and a key, +to generate a unique authentication code over the input data. +HMAC calculation can be performed in either of the following two modes of operation: +
  • Integrated operation - Processes all data in a single function call. This flow is applicable when all data is available prior to +the cryptographic operation.
    • +
  • Block operation - Processes a subset of the data buffers, and is called multiple times in a sequence. This flow is applicable when +the next data buffer becomes available only during/after processing of the current data buffer.
+ +The following is a typical HMAC Block operation flow: +
  1. ::CRYS_HMAC_Init: This function initializes the HMAC machine on the CRYS level by setting the context pointer that is + used on the entire HMAC operation.
    2. +
  2. ::CRYS_HMAC_Update: This function runs an HMAC operation on a block of data allocated by the user. This function may be called as + many times as required.
    3. +
  3. ::CRYS_HMAC_Finish: This function ends the HMAC operation. It returns the digest result and clears the context.
+*/ + +#ifndef CRYS_HMAC_H +#define CRYS_HMAC_H + + +#include "ssi_pal_types.h" +#include "crys_error.h" + +#include "crys_hash.h" +#include "crys_hmac_defs.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/************************ Defines ******************************/ + +/*! HMAC key size after padding for MD5, SHA1, SHA256. */ +#define CRYS_HMAC_KEY_SIZE_IN_BYTES 64 + +/*! HMAC key size after padding for SHA384, SHA512 */ +#define CRYS_HMAC_SHA2_1024BIT_KEY_SIZE_IN_BYTES 128 + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/*********************** Structures ****************************/ + + +/*! User's context prototype - the argument type that is passed by the user + to the HMAC APIs. The context saves the state of the operation and must be saved by the user + till the end of the APIs flow */ +typedef struct CRYS_HMACUserContext_t { + /*! Context buffer for internal use */ + uint32_t buff[CRYS_HMAC_USER_CTX_SIZE_IN_WORDS]; + +}CRYS_HMACUserContext_t; + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +/*! +@brief This function initializes the HMAC machine. + +It allocates and initializes the HMAC Context. It initiates a HASH session and processes a HASH update on the Key XOR ipad, +then stores it in the context + +@return CRYS_OK on success. +@return A non-zero value from crys_hmac_error.h or crys_hash_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_HMAC_Init( + CRYS_HMACUserContext_t *ContextID_ptr, /*!< [in] Pointer to the HMAC context buffer allocated by the user, which is used + for the HMAC machine operation. */ + CRYS_HASH_OperationMode_t OperationMode, /*!< [in] One of the supported HASH modes, as defined in CRYS_HASH_OperationMode_t. */ + uint8_t *key_ptr, /*!< [in] The pointer to the user's key buffer. */ + uint16_t keySize /*!< [in] The key size in bytes. If the key size is bigger than the HASH block, the key will be hashed. + The limitations on the key size are the same as the limitations on MAX hash size. */ +); + + +/*! +@brief This function processes a block of data to be HASHed. + +It receives a handle to the HMAC Context, and updates the HASH value with the new data. + +@return CRYS_OK on success. +@return A non-zero value from crys_hmac_error.h or crys_hash_error.h on failure. +*/ + +CIMPORT_C CRYSError_t CRYS_HMAC_Update( + CRYS_HMACUserContext_t *ContextID_ptr, /*!< [in] Pointer to the HMAC context buffer allocated by the user + that is used for the HMAC machine operation. */ + uint8_t *DataIn_ptr, /*!< [in] Pointer to the input data to be HASHed. + The size of the scatter/gather list representing the data buffer is limited to + 128 entries, and the size of each entry is limited to 64KB + (fragments larger than 64KB are broken into fragments <= 64KB). */ + size_t DataInSize /*!< [in] Byte size of the input data. Must be > 0. + If not a multiple of the HASH block size (64 for SHA-1 and SHA-224/256, + 128 for SHA-384/512), no further calls to ::CRYS_HMAC_Update are allowed in + this context, and only ::CRYS_HMAC_Finish can be called to complete the + computation. */ +); + + +/*! +@brief This function finalizes the HMAC processing of a data block. + +It receives a handle to the HMAC context that was previously initialized by ::CRYS_HMAC_Init, or by ::CRYS_HMAC_Update. +It completes the HASH calculation on the ipad and text, and then executes a new HASH operation with the key XOR opad and the previous +HASH operation result. + +@return CRYS_OK on success. +@return A non-zero value from crys_hmac_error.h or crys_hash_error.h on failure. +*/ + +CIMPORT_C CRYSError_t CRYS_HMAC_Finish( + CRYS_HMACUserContext_t *ContextID_ptr, /*!< [in] Pointer to the HMAC context buffer allocated by the user, which is used + for the HMAC machine operation. */ + CRYS_HASH_Result_t HmacResultBuff /*!< [out] Pointer to the word-aligned 64 byte buffer. The actual size of the + HASH result depends on CRYS_HASH_OperationMode_t. */ +); + + +/*! +@brief This function is a service function that frees the context if the operation has failed. + +The function executes the following major steps: +
  1. Checks the validity of all of the inputs of the function.
    2. +
  2. Clears the user's context.
    3. +
  3. Exits the handler with the OK code.
+ +@return CRYS_OK on success. +@return a non-zero value from crys_hmac_error.h on failure. +*/ + +CIMPORT_C CRYSError_t CRYS_HMAC_Free( + CRYS_HMACUserContext_t *ContextID_ptr /*!< [in] Pointer to the HMAC context buffer allocated by the user, which is used for + the HMAC machine operation. */ +); + + +/*! +@brief This function processes a single buffer of data, and returns the data buffer's message digest. + +@return CRYS_OK on success. +@return A non-zero value from crys_hmac_error.h or crys_hash_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_HMAC ( + CRYS_HASH_OperationMode_t OperationMode, /*!< [in] One of the supported HASH modes, as defined in CRYS_HASH_OperationMode_t. */ + uint8_t *key_ptr, /*!< [in] The pointer to the user's key buffer. */ + uint16_t keySize, /*!< [in] The key size in bytes. If the key size is bigger than the HASH block, the key will be hashed. + The limitations on the key size are the same as the limitations on MAX hash size.*/ + uint8_t *DataIn_ptr, /*!< [in] Pointer to the input data to be HASHed. + The size of the scatter/gather list representing the data buffer is limited to 128 + entries, and the size of each entry is limited to 64KB (fragments larger than + 64KB are broken into fragments <= 64KB). */ + size_t DataSize, /*!< [in] The size of the data to be hashed (in bytes). */ + CRYS_HASH_Result_t HmacResultBuff /*!< [out] Pointer to the word-aligned 64 byte buffer. The actual size of the + HMAC result depends on CRYS_HASH_OperationMode_t. */ +); +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hmac_defs.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hmac_defs.h new file mode 100644 index 00000000000..6e76d71988a --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hmac_defs.h @@ -0,0 +1,64 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +#ifndef CRYS_HMAC_DEFS_H +#define CRYS_HMAC_DEFS_H + + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief This file contains HMAC definitions. +@defgroup crys_hmac_defs CryptoCell Hmac definitions +@{ +@ingroup crys_hmac +*/ + +/************************ Defines ******************************/ +/*! The size of user's context prototype (see ::CRYS_HMACUserContext_t) in words. */ +#define CRYS_HMAC_USER_CTX_SIZE_IN_WORDS 94 + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hmac_error.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hmac_error.h new file mode 100644 index 00000000000..e9bd5c8b2f7 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_hmac_error.h @@ -0,0 +1,108 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef CRYS_HMAC_ERROR_H +#define CRYS_HMAC_ERROR_H + +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! @file +@brief This module contains the definitions of the CRYS HMAC errors. +@defgroup crys_hmac_error CryptoCell HMAC specific errors +@{ +@ingroup crys_hmac +*/ + + + +/************************ Defines ******************************/ + +/*! The CRYS HMAC module errors */ +/*! Illegal context pointer. */ +#define CRYS_HMAC_INVALID_USER_CONTEXT_POINTER_ERROR (CRYS_HMAC_MODULE_ERROR_BASE + 0x0UL) +/*! Illegal operation mode. */ +#define CRYS_HMAC_ILLEGAL_OPERATION_MODE_ERROR (CRYS_HMAC_MODULE_ERROR_BASE + 0x1UL) +/*! Context is corrupted. */ +#define CRYS_HMAC_USER_CONTEXT_CORRUPTED_ERROR (CRYS_HMAC_MODULE_ERROR_BASE + 0x2UL) +/*! Illegal data in pointer. */ +#define CRYS_HMAC_DATA_IN_POINTER_INVALID_ERROR (CRYS_HMAC_MODULE_ERROR_BASE + 0x3UL) +/*! Illegal data in size. */ +#define CRYS_HMAC_DATA_SIZE_ILLEGAL (CRYS_HMAC_MODULE_ERROR_BASE + 0x4UL) +/*! Illegal result buffer pointer. */ +#define CRYS_HMAC_INVALID_RESULT_BUFFER_POINTER_ERROR (CRYS_HMAC_MODULE_ERROR_BASE + 0x5UL) +/*! Illegal key buffer pointer. */ +#define CRYS_HMAC_INVALID_KEY_POINTER_ERROR (CRYS_HMAC_MODULE_ERROR_BASE + 0x6UL) +/*! Illegal key size. */ +#define CRYS_HMAC_UNVALID_KEY_SIZE_ERROR (CRYS_HMAC_MODULE_ERROR_BASE + 0x7UL) +/*! Last block was already processed (may happen if previous block was not a multiple of block size). */ +#define CRYS_HMAC_LAST_BLOCK_ALREADY_PROCESSED_ERROR (CRYS_HMAC_MODULE_ERROR_BASE + 0xBUL) +/*! Illegal parameters. */ +#define CRYS_HMAC_ILLEGAL_PARAMS_ERROR (CRYS_HMAC_MODULE_ERROR_BASE + 0xCUL) +/*! Illegal context size. */ +#define CRYS_HMAC_CTX_SIZES_ERROR (CRYS_HMAC_MODULE_ERROR_BASE + 0xEUL) +/*! HMAC is not supported. */ +#define CRYS_HMAC_IS_NOT_SUPPORTED (CRYS_HMAC_MODULE_ERROR_BASE + 0xFUL) + + + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_kdf.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_kdf.h new file mode 100644 index 00000000000..add338e2f39 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_kdf.h @@ -0,0 +1,211 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +#ifndef CRYS_KDF_H +#define CRYS_KDF_H + + +#include "crys_hash.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief This module defines the API that supports Key derivation function in modes +as defined in PKCS#3, ANSI X9.42-2001, and ANSI X9.63-1999. +@defgroup crys_kdf CryptoCell Key Derivation APIs +@{ +@ingroup cryptocell_api +*/ + +#include "crys_hash.h" + +/************************ Defines ******************************/ + +/*! Shared secret value max size in bytes */ +#define CRYS_KDF_MAX_SIZE_OF_SHARED_SECRET_VALUE 1024 + +/* Count and max. sizeof OtherInfo entries (pointers to data buffers) */ +/*! Number of other info entries. */ +#define CRYS_KDF_COUNT_OF_OTHER_INFO_ENTRIES 5 +/*! Maximal size of other info entry. */ +#define CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY 64 /*!< Size is in bytes*/ +/*! Maximal size of keying data in bytes. */ +#define CRYS_KDF_MAX_SIZE_OF_KEYING_DATA 2048 + +/************************ Enums ********************************/ +/*! HASH operation modes */ +typedef enum +{ + /*! SHA1 mode.*/ + CRYS_KDF_HASH_SHA1_mode = 0, + /*! SHA224 mode.*/ + CRYS_KDF_HASH_SHA224_mode = 1, + /*! SHA256 mode.*/ + CRYS_KDF_HASH_SHA256_mode = 2, + /*! SHA384 mode.*/ + CRYS_KDF_HASH_SHA384_mode = 3, + /*! SHA512 mode.*/ + CRYS_KDF_HASH_SHA512_mode = 4, + /*! Maximal number of HASH modes. */ + CRYS_KDF_HASH_NumOfModes, + /*! Reserved.*/ + CRYS_KDF_HASH_OpModeLast = 0x7FFFFFFF, + +}CRYS_KDF_HASH_OpMode_t; + +/*! Key derivation modes. */ +typedef enum +{ + /*! ASN1 key derivation mode.*/ + CRYS_KDF_ASN1_DerivMode = 0, + /*! Concatination key derivation mode.*/ + CRYS_KDF_ConcatDerivMode = 1, + /*! X963 key derivation mode.*/ + CRYS_KDF_X963_DerivMode = CRYS_KDF_ConcatDerivMode, + /*! ISO 18033 KDF1 key derivation mode.*/ + CRYS_KDF_ISO18033_KDF1_DerivMode = 3, + /*! ISO 18033 KDF2 key derivation mode.*/ + CRYS_KDF_ISO18033_KDF2_DerivMode = 4, + /*! Maximal number of key derivation modes. */ + CRYS_KDF_DerivFunc_NumOfModes = 5, + /*! Reserved.*/ + CRYS_KDF_DerivFuncModeLast= 0x7FFFFFFF, + +}CRYS_KDF_DerivFuncMode_t; + +/************************ Typedefs ****************************/ + +/*! Structure, containing the optional data (other info) for KDF, + if any data is not needed, then the pointer value and + the size must be set to NULL */ +typedef struct +{ + /*! A unique object identifier (OID), indicating algorithm(s) + for which the keying data is used. */ + uint8_t AlgorithmID[CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY]; + uint32_t SizeOfAlgorithmID; /*!< Size of algorithm ID.*/ + /*! Public information contributed by the initiator. */ + uint8_t PartyUInfo[CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY]; + uint32_t SizeOfPartyUInfo; /*!< Size of the Public information contributed by the initiator. */ + /*! Public information contributed by the responder. */ + uint8_t PartyVInfo[CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY]; + uint32_t SizeOfPartyVInfo; /*!< Size of the responder's public information. */ + /*! Mutually-known private information, e.g. shared information + communicated throgh a separate channel. */ + uint8_t SuppPrivInfo[CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY]; + uint32_t SizeOfSuppPrivInfo; /*!< Size of the private information. */ + /*! Mutually-known public information, */ + uint8_t SuppPubInfo[CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY]; + uint32_t SizeOfSuppPubInfo; /*!< Size of the public information. */ + +}CRYS_KDF_OtherInfo_t; + +/************************ Structs ******************************/ + +/************************ Public Variables **********************/ + +/************************ Public Functions **********************/ + +/****************************************************************/ + + +/*********************************************************************************************************/ +/*! + @brief CRYS_KDF_KeyDerivFunc performs key derivation according to one of the modes defined in standards: + ANS X9.42-2001, ANS X9.63, ISO/IEC 18033-2. + +The present implementation of the function allows the following operation modes: +
  • CRYS_KDF_ASN1_DerivMode - mode based on ASN.1 DER encoding;
    • +
  • CRYS_KDF_ConcatDerivMode - mode based on concatenation;
    • +
  • CRYS_KDF_X963_DerivMode = CRYS_KDF_ConcatDerivMode;
    • +
  • CRYS_KDF_ISO18033_KDF1_DerivMode - specific mode according to ECIES-KEM algorithm (ISO/IEC 18033-2).
+ +The purpose of this function is to derive a keying data from the shared secret value and some +other optional shared information (SharedInfo). + +\note +
  • The length in Bytes of the hash result buffer is denoted by "hashlen".
    • +
  • All buffers arguments are represented in Big-Endian format.
    • + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_kdf_error.h or crys_hash_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_KDF_KeyDerivFunc( + uint8_t *ZZSecret_ptr, /*!< [in] A pointer to shared secret value octet string. */ + uint32_t ZZSecretSize, /*!< [in] The size of the shared secret value in bytes. + The maximal size is defined as: CRYS_KDF_MAX_SIZE_OF_SHARED_SECRET_VALUE. */ + CRYS_KDF_OtherInfo_t *OtherInfo_ptr, /*!< [in] The pointer to structure, containing the data, shared by two entities of + agreement and the data sizes. This argument may be optional in several modes + (if it is not needed - set NULL). + On two ISO/IEC 18033-2 modes - set NULL. + On KDF ASN1 mode the OtherInfo and its AlgorithmID entry are mandatory. */ + CRYS_KDF_HASH_OpMode_t KDFhashMode, /*!< [in] The KDF identifier of hash function to be used. The hash function output + must be at least 160 bits. */ + CRYS_KDF_DerivFuncMode_t derivation_mode, /*!< [in] Specifies one of above described derivation modes. */ + uint8_t *KeyingData_ptr, /*!< [out] A pointer to the buffer for derived keying data. */ + uint32_t KeyingDataSizeBytes /*!< [in] The size in bytes of the keying data to be derived. + The maximal size is defined as: CRYS_KDF_MAX_SIZE_OF_KEYING_DATA. */ +); + +/*********************************************************************************************************/ +/*! + CRYS_KDF_ASN1_KeyDerivFunc is A MACRO that performs key derivation according to ASN1 DER encoding method defined + in standard ANS X9.42-2001, 7.2.1. For a description of the parameters see ::CRYS_KDF_KeyDerivFunc. +*/ +#define CRYS_KDF_ASN1_KeyDerivFunc(ZZSecret_ptr,ZZSecretSize,OtherInfo_ptr,KDFhashMode,KeyingData_ptr,KeyLenInBytes)\ + CRYS_KDF_KeyDerivFunc((ZZSecret_ptr),(ZZSecretSize),(OtherInfo_ptr),(KDFhashMode),CRYS_KDF_ASN1_DerivMode,(KeyingData_ptr),(KeyLenInBytes)) + + +/*********************************************************************************************************/ +/*! + CRYS_KDF_ConcatKeyDerivFunc is a MACRO that performs key derivation according to concatenation mode defined + in standard ANS X9.42-2001, 7.2.2. For a description of the parameters see + ::CRYS_KDF_KeyDerivFunc. +*/ +#define CRYS_KDF_ConcatKeyDerivFunc(ZZSecret_ptr,ZZSecretSize,OtherInfo_ptr,KDFhashMode,KeyingData_ptr,KeyLenInBytes)\ + CRYS_KDF_KeyDerivFunc((ZZSecret_ptr),(ZZSecretSize),(OtherInfo_ptr),(KDFhashMode),CRYS_KDF_ConcatDerivMode,(KeyingData_ptr),(KeyLenInBytes)) + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_kdf_error.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_kdf_error.h new file mode 100644 index 00000000000..905ffa1a40e --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_kdf_error.h @@ -0,0 +1,105 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +#ifndef CRYS_KDF_ERROR_H +#define CRYS_KDF_ERROR_H + +#include "crys_error.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief This module contains the definitions of the CRYS KDF errors. +@defgroup crys_kdf_error CryptoCell Key Derivation specific errors +@{ +@ingroup crys_kdf + */ + + +/************************ Defines *******************************/ + +/*! The CRYS KDF module errors / base address - 0x00F01100*/ +/*! Illegal input pointer. */ +#define CRYS_KDF_INVALID_ARGUMENT_POINTER_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0x0UL) +/*! Illegal input size. */ +#define CRYS_KDF_INVALID_ARGUMENT_SIZE_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0x1UL) +/*! Illegal operation mode. */ +#define CRYS_KDF_INVALID_ARGUMENT_OPERATION_MODE_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0x2UL) +/*! Illegal hash mode. */ +#define CRYS_KDF_INVALID_ARGUMENT_HASH_MODE_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0x3UL) +/*! Illegal key derivation mode. */ +#define CRYS_KDF_INVALID_KEY_DERIVATION_MODE_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0x4UL) +/*! Illegal shared secret value size. */ +#define CRYS_KDF_INVALID_SHARED_SECRET_VALUE_SIZE_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0x5UL) +/*! Illegal otherInfo size. */ +#define CRYS_KDF_INVALID_OTHER_INFO_SIZE_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0x6UL) +/*! Illegal key data size. */ +#define CRYS_KDF_INVALID_KEYING_DATA_SIZE_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0x7UL) +/*! Illegal algorithm ID pointer. */ +#define CRYS_KDF_INVALID_ALGORITHM_ID_POINTER_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0x8UL) +/*! Illegal algorithm ID size. */ +#define CRYS_KDF_INVALID_ALGORITHM_ID_SIZE_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0x9UL) +/*! KDF is not supproted. */ +#define CRYS_KDF_IS_NOT_SUPPORTED (CRYS_KDF_MODULE_ERROR_BASE + 0xFFUL) + +/************************ Enums *********************************/ + +/************************ Typedefs *****************************/ + +/************************ Structs ******************************/ + +/************************ Public Variables **********************/ + +/************************ Public Functions **********************/ + + + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + + + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_pka_defs_hw.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_pka_defs_hw.h new file mode 100644 index 00000000000..5073ad2e4fb --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_pka_defs_hw.h @@ -0,0 +1,128 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + + +#ifndef _CRYS_PKA_DEFS_HW_H_ +#define _CRYS_PKA_DEFS_HW_H_ + +#include "ssi_pal_types.h" +#include "ssi_pka_hw_plat_defs.h" + +/*! +@defgroup cryptocell_pka CryptoCell PKA group +@{ +@ingroup cryptocell_api +@brief This group is the cryptocell PKA root group +@} + +@file +@brief The file contains all of the enums and definitions that are used in the PKA related code. +@defgroup crys_pka_defs_hw CryptoCell PKA specific definitions +@{ +@ingroup cryptocell_pka +*/ + + +/* The valid key sizes in bits for RSA primitives (exponentiation) */ +/*! Maximal RSA modulus size */ +#define CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS ((CRYS_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BITS + SASI_PKA_WORD_SIZE_IN_BITS) / SASI_BITS_IN_32BIT_WORD ) +/*! Maximal EC modulus size */ +#define CRYS_ECPKI_MODUL_MAX_LENGTH_IN_BITS 521 + +/*! size of buffers for Barrett modulus tag NP, used in PKI algorithms. */ +#define CRYS_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS 5 +/*! size of buffers for Barrett modulus tag NP, used in ECC. */ +#define CRYS_PKA_ECPKI_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS CRYS_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS +/*! Maximal PKA modulus size */ +#define CRYS_PKA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS +/*! Maximal PKA public key size in words */ +#define CRYS_PKA_PUB_KEY_BUFF_SIZE_IN_WORDS (2*CRYS_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS) +/*! Maximal PKA private key size in words */ +#define CRYS_PKA_PRIV_KEY_BUFF_SIZE_IN_WORDS (2*CRYS_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS) +/*! Maximal PKA KG buffer size in words */ +#define CRYS_PKA_KGDATA_BUFF_SIZE_IN_WORDS (3*CRYS_PKA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS) + + +/*! Maximal EC modulus size in words. */ +#define CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS 18 /*!< \internal [(CRYS_ECPKI_MODUL_MAX_LENGTH_IN_BITS + 31)/(sizeof(uint32_t)) + 1] */ +/*! Maximal EC order size in words. */ +#define CRYS_ECPKI_ORDER_MAX_LENGTH_IN_WORDS (CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 1) +/*! Maximal EC domain size in words. */ +#define CRYS_PKA_DOMAIN_BUFF_SIZE_IN_WORDS (2*CRYS_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS) + + +/*! ECC NAF buffer definitions */ +#define COUNT_NAF_WORDS_PER_KEY_WORD 8 /*!< \internal Change according to NAF representation (? 2)*/ +/*! Maximal ECC NAF length */ +#define CRYS_PKA_ECDSA_NAF_BUFF_MAX_LENGTH_IN_WORDS (COUNT_NAF_WORDS_PER_KEY_WORD*CRYS_ECPKI_ORDER_MAX_LENGTH_IN_WORDS + 1) + +#ifndef SSI_SUPPORT_ECC_SCA_SW_PROTECT +/* on fast SCA non protected mode required additional buffers for NAF key */ +/*! Scalar Buffer size in words */ +#define CRYS_PKA_ECPKI_SCALAR_MUL_BUFF_MAX_LENGTH_IN_WORDS (CRYS_PKA_ECDSA_NAF_BUFF_MAX_LENGTH_IN_WORDS+CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+2) +#else +/*! Scalar Buffer size in words */ +#define CRYS_PKA_ECPKI_SCALAR_MUL_BUFF_MAX_LENGTH_IN_WORDS 1 /*(4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS)*/ +#endif +/*! ECC temp buffer size in words */ +#define CRYS_PKA_ECPKI_BUILD_TMP_BUFF_MAX_LENGTH_IN_WORDS (3*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+CRYS_PKA_ECPKI_SCALAR_MUL_BUFF_MAX_LENGTH_IN_WORDS) +/*! ECC sign temp buffer size in words */ +#define CRYS_PKA_ECDSA_SIGN_BUFF_MAX_LENGTH_IN_WORDS (6*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+CRYS_PKA_ECPKI_SCALAR_MUL_BUFF_MAX_LENGTH_IN_WORDS) +/*! ECC ecdh temp buffer size in words */ +#define CRYS_PKA_ECDH_BUFF_MAX_LENGTH_IN_WORDS (2*CRYS_ECPKI_ORDER_MAX_LENGTH_IN_WORDS + CRYS_PKA_ECPKI_SCALAR_MUL_BUFF_MAX_LENGTH_IN_WORDS) +/*! PKA KG temp buffer size in words */ +#define CRYS_PKA_KG_BUFF_MAX_LENGTH_IN_WORDS (2*CRYS_ECPKI_ORDER_MAX_LENGTH_IN_WORDS + CRYS_PKA_ECPKI_SCALAR_MUL_BUFF_MAX_LENGTH_IN_WORDS) +/*! ECC verify temp buffer size in words */ +#define CRYS_PKA_ECDSA_VERIFY_BUFF_MAX_LENGTH_IN_WORDS (3*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS) + +/* *************************************************************************** */ +/*! Definitions of maximal size of modulus buffers for CRYS_EC_MONT and EC_EDW in bytes */ +#define CRYS_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_BYTES 32U /*!< \internal for Curve25519 */ +/*! Definitions of maximal size of modulus buffers for CRYS_EC_MONT and EC_EDW in words */ +#define CRYS_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS 8U /*!< \internal for Curve25519 */ +/*! ECC montgomery temp buffer size in words */ +#define CRYS_EC_MONT_TEMP_BUFF_SIZE_IN_32BIT_WORDS (8 * CRYS_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS) +/*! ECC edwards temp buffer size in words */ +#define CRYS_EC_EDW_TEMP_BUFF_SIZE_IN_32BIT_WORD (8*CRYS_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS + (sizeof(CRYS_HASHUserContext_t)+SASI_32BIT_WORD_SIZE-1)/SASI_32BIT_WORD_SIZE) + +/** +@} + */ +/** +@} + */ +#endif /*_CRYS_PKA_DEFS_HW_H_*/ + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_poly.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_poly.h new file mode 100644 index 00000000000..7c5f2188381 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_poly.h @@ -0,0 +1,107 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +/*! +@file +@brief This file contains all of the enums and definitions that are used for the + CRYS POLY APIs, as well as the APIs themselves. +@defgroup crys_poly CryptoCell POLY APIs +@{ +@ingroup cryptocell_api + +*/ +#ifndef CRYS_POLY_H +#define CRYS_POLY_H + + +#include "ssi_pal_types.h" +#include "crys_error.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + +/************************ Defines ******************************/ +/*! POLY KEY size in words. */ +#define CRYS_POLY_KEY_SIZE_IN_WORDS 8 +/*! POLY KEY size in bytes. */ +#define CRYS_POLY_KEY_SIZE_IN_BYTES (CRYS_POLY_KEY_SIZE_IN_WORDS*SASI_32BIT_WORD_SIZE) + +/*! POLY MAC size in words. */ +#define CRYS_POLY_MAC_SIZE_IN_WORDS 4 +/*! POLY MAC size in bytes. */ +#define CRYS_POLY_MAC_SIZE_IN_BYTES (CRYS_POLY_MAC_SIZE_IN_WORDS*SASI_32BIT_WORD_SIZE) + +/************************ Typedefs ****************************/ + +/*! CHACHA MAC buffer definition. */ +typedef uint32_t CRYS_POLY_Mac_t[CRYS_POLY_MAC_SIZE_IN_WORDS]; + +/*! CHACHA key buffer definition. */ +typedef uint32_t CRYS_POLY_Key_t[CRYS_POLY_KEY_SIZE_IN_WORDS]; + +/************************ Public Functions **********************/ + +/****************************************************************************************************/ +/*! +@brief This function is used to perform the POLY MAC Calculation. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_poly_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_POLY( + CRYS_POLY_Key_t pKey, /*!< [in] A pointer to the user's key buffer. */ + uint8_t *pDataIn, /*!< [in] A pointer to the buffer of the input data to the CHACHA. + must not be null. */ + size_t dataInSize, /*!< [in] The size of the input data. must not be 0. */ + CRYS_POLY_Mac_t macRes /*!< [in/out] Pointer to the MAC result buffer.*/ +); + + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif /* #ifndef CRYS_POLY_H */ + + + + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_poly_error.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_poly_error.h new file mode 100644 index 00000000000..0b8989212be --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_poly_error.h @@ -0,0 +1,89 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +#ifndef CRYS_POLY_ERROR_H +#define CRYS_POLY_ERROR_H + + +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief This module contains the definitions of the CRYS POLY errors. +@defgroup crys_poly_error CryptoCell POLY specific errors +@{ +@ingroup crys_poly +*/ + + +/************************ Defines ******************************/ + +/*! The CRYS POLY module errors base address - 0x00F02500 */ +/*! Invalid key. */ +#define CRYS_POLY_KEY_INVALID_ERROR (CRYS_POLY_MODULE_ERROR_BASE + 0x01UL) +/*! Invalid input data. */ +#define CRYS_POLY_DATA_INVALID_ERROR (CRYS_POLY_MODULE_ERROR_BASE + 0x02UL) +/*! Illegal input data size. */ +#define CRYS_POLY_DATA_SIZE_INVALID_ERROR (CRYS_POLY_MODULE_ERROR_BASE + 0x03UL) +/*! MAC calculation error. */ +#define CRYS_POLY_MAC_CALCULATION_ERROR (CRYS_POLY_MODULE_ERROR_BASE + 0x04UL) + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Structs *****************************/ + +/************************ Public Variables *********************/ + +/************************ Public Functions *********************/ + +#ifdef __cplusplus +} +#endif + + +/** +@} + */ + +#endif + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rnd.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rnd.h new file mode 100644 index 00000000000..12ba8ec0e30 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rnd.h @@ -0,0 +1,380 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + + +#ifndef CRYS_RND_H +#define CRYS_RND_H + +#include "crys_error.h" +#include "ssi_aes.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief This file contains the CRYS APIs used for random number generation. +The random-number generation module implements referenced standard [SP800-90]. +@defgroup crys_rnd CryptoCell Random Generator APIs +@{ +@ingroup cryptocell_api +*/ + +/************************ Defines ******************************/ + +/*! Maximal reseed counter - indicates maximal number of +requests allowed between reseeds; according to NIST 800-90 +it is (2^48 - 1), our restriction is : (0xFFFFFFFF - 0xF).*/ +#define CRYS_RND_MAX_RESEED_COUNTER (0xFFFFFFFF - 0xF) + +/* Max size for one RNG generation (in bits) = + max_num_of_bits_per_request = 2^19 (FIPS 800-90 Tab.3) */ +/*! Maximal size of generated vector in bits. */ +#define CRYS_RND_MAX_GEN_VECTOR_SIZE_BITS 0x7FFFF +/*! Maximal size of generated vector in bytes. */ +#define CRYS_RND_MAX_GEN_VECTOR_SIZE_BYTES 0xFFFF + +/*! AES output block size in words. */ +#define CRYS_RND_AES_BLOCK_SIZE_IN_WORDS SASI_AES_BLOCK_SIZE_IN_WORDS + + +/* RND seed and additional input sizes */ +/*! Maximal size of random seed in words. */ +#define CRYS_RND_SEED_MAX_SIZE_WORDS 12 + +#ifndef CRYS_RND_ADDITINAL_INPUT_MAX_SIZE_WORDS +/*! Maximal size of additional input data in words. */ +#define CRYS_RND_ADDITINAL_INPUT_MAX_SIZE_WORDS CRYS_RND_SEED_MAX_SIZE_WORDS +#endif + +/* allowed sizes of AES Key, in words */ +/*! AES key size (128 bits) in words. */ +#define CRYS_RND_AES_KEY_128_SIZE_WORDS 4 +/*! AES key size (192 bits) in words. */ +#define CRYS_RND_AES_KEY_192_SIZE_WORDS 6 +/*! AES key size (256 bits) in words. */ +#define CRYS_RND_AES_KEY_256_SIZE_WORDS 8 + +/* Definitions of temp buffer for RND_DMA version of CRYS_RND */ +/*******************************************************************/ +/* Definitions of temp buffer for DMA version of CRYS_RND */ + +/*! Temporary buffer size in words. */ +#define CRYS_RND_WORK_BUFFER_SIZE_WORDS 1528 + +/*! A definition for RAM buffer to be internally used in instantiation (or reseeding) operation. */ +typedef struct +{ + /*! Internal buffer*/ + uint32_t crysRndWorkBuff[CRYS_RND_WORK_BUFFER_SIZE_WORDS]; +}CRYS_RND_WorkBuff_t; + +/*! A definition for entropy estimation data type. */ +#define CRYS_RND_EntropyEstimatData_t CRYS_RND_WorkBuff_t +/*! A definition for entropy estimation buffer. */ +#define crysRndEntrIntBuff crysRndWorkBuff + + +/* RND source buffer inner (entrpopy) offset */ +/*! An internal offset definition. */ +#define CRYS_RND_TRNG_SRC_INNER_OFFSET_WORDS 2 +/*! An internal offset definition. */ +#define CRYS_RND_TRNG_SRC_INNER_OFFSET_BYTES (CRYS_RND_TRNG_SRC_INNER_OFFSET_WORDS*sizeof(uint32_t)) + + + + +/* Size of the expected output buffer used by FIPS KAT */ +/*! FIPS Known answer test output size. */ +#define CRYS_PRNG_FIPS_KAT_OUT_DATA_SIZE 64 + +/************************ Enumerators ****************************/ + +/*! Definition of random operation modes. */ +typedef enum +{ + /*! SW entropy estimation mode. */ + CRYS_RND_Fast = 0, + /*! Full entropy mode. */ + CRYS_RND_Slow = 1, + /*! Reserved. */ + CRYS_RND_ModeLast = 0x7FFFFFFF, +} CRYS_RND_mode_t; + + + +/************************ Structs *****************************/ + + +/* The internal state of DRBG mechanism based on AES CTR and CBC-MAC + algorithms. It is set as global data defined by the following + structure */ +/*! RND state structure. Includes internal data that needs to be saved between boots by the user.*/ +typedef struct +{ + /* Seed buffer, consists from concatenated Key||V: max size 12 words */ + /*! Random Seed buffer */ + uint32_t Seed[CRYS_RND_SEED_MAX_SIZE_WORDS]; + /* Previous value for continuous test */ + /*! Previous random data (used for continuous test). */ + uint32_t PreviousRandValue[SASI_AES_BLOCK_SIZE_IN_WORDS]; + + /* AdditionalInput buffer max size = seed max size words + 4w for padding*/ + /*! Previous additional input buffer. */ + uint32_t PreviousAdditionalInput[CRYS_RND_ADDITINAL_INPUT_MAX_SIZE_WORDS+5]; + /*! Additional input buffer. */ + uint32_t AdditionalInput[CRYS_RND_ADDITINAL_INPUT_MAX_SIZE_WORDS+4]; + /*! Additional input size in words. */ + uint32_t AddInputSizeWords; /* size of additional data set by user, words */ + + /*! Entropy source size in words */ + uint32_t EntropySourceSizeWords; + + /*! Reseed counter (32 bits active) - indicates number of requests for entropy + since instantiation or reseeding */ + uint32_t ReseedCounter; + + /*! Key size: 4 or 8 words according to security strength 128 bits or 256 bits*/ + uint32_t KeySizeWords; + + /* State flag (see definition of StateFlag above), containing bit-fields, defining: + - b'0: instantiation steps: 0 - not done, 1 - done; + - 2b'9,8: working or testing mode: 0 - working, 1 - KAT DRBG test, 2 - + KAT TRNG test; + b'16: flag defining is Previous random valid or not: + 0 - not valid, 1 - valid */ + /*! State flag used internally in the code.*/ + uint32_t StateFlag; + + /* Trng processing flag - indicates which ROSC lengths are: + - allowed (bits 0-3); + - total started (bits 8-11); + - processed (bits 16-19); + - started, but not processed (bits24-27) */ + /*! TRNG process state used internally in the code */ + uint32_t TrngProcesState; + + /* validation tag */ + /*! Validation tag used internally in the code */ + uint32_t ValidTag; + + /*! Rnd source entropy size in bits */ + uint32_t EntropySizeBits; + +} CRYS_RND_State_t; + + +/*! The RND Generate vector function pointer type definition. + The prototype intendent for External and CRYS internal RND functions + pointers definitions. + Full description can be found in ::CRYS_RND_GenerateVector function API. */ +typedef uint32_t (*SaSiRndGenerateVectWorkFunc_t)( \ + void *rndState_ptr, /*context*/ \ + uint16_t outSizeBytes, /*in*/ \ + uint8_t *out_ptr /*out*/); + + + +/*! Data structure required for internal FIPS verification for PRNG KAT. */ +typedef struct +{ + /*! Internal working buffer. */ + CRYS_RND_WorkBuff_t rndWorkBuff; + /*! Output buffer. */ + uint8_t rndOutputBuff[CRYS_PRNG_FIPS_KAT_OUT_DATA_SIZE]; +} CRYS_PrngFipsKatCtx_t; + + +/*****************************************************************************/ +/********************** Public Functions *************************/ +/*****************************************************************************/ + +/*! +@brief This function initializes the RND context. +It must be called at least once prior to using this context with any API that requires it as a parameter (e.g., other RND APIs, asymmetric +cryptography key generation and signatures). +It is called as part of ARM TrustZone CryptoCell library initialization, which initializes and returns the primary RND context. +This primary context can be used as a single global context for all RND needs. +Alternatively, other contexts may be initialized and used with a more limited scope (for specific applications or specific threads). +The call to this function must be followed by a call to ::CRYS_RND_SetGenerateVectorFunc API to set the generate vector function. +It implements referenced standard [SP800-90] - 10.2.1.3.2 - CTR-DRBG Instantiate algorithm using AES (FIPS-PUB 197) and Derivation Function (DF). +\note Additional data can be mixed with the random seed (personalization data or nonce). If required, this data should be provided by calling ::CRYS_RND_AddAdditionalInput prior to using this API. + +@return CRYS_OK on success. +@return A non-zero value from crys_rnd_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_RND_Instantiation( + void *rndState_ptr, /*!< [in/out] Pointer to the RND state buffer allocated by the user, which is used to + maintain the RND state. This context state must be saved and provided as a + parameter to any API that uses the RND module. + \note the context must be cleared before sent to the function. */ + CRYS_RND_WorkBuff_t *rndWorkBuff_ptr /*!< [in/out] Scratchpad for the RND module's work. */ +); + + +/*! +@brief Clears existing RNG instantiation state. + +@return CRYS_OK on success. +@return A non-zero value from crys_rnd_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_RND_UnInstantiation( + void *rndState_ptr /*!< [in/out] Pointer to the RND context state buffer. */ +); + + +/*! +@brief This function is used for reseeding the RNG with additional entropy and additional user-provided input. +(additional data should be provided by calling ::CRYS_RND_AddAdditionalInput prior to using this API). +It implements referenced standard [SP800-90] - 10.2.1.4.2 - CTR-DRBG Reseeding algorithm, using AES (FIPS-PUB 197) and Derivation Function (DF). + +@return CRYS_OK on success. +@return A non-zero value from crys_rnd_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_RND_Reseeding( + void *rndState_ptr, /*!< [in/out] Pointer to the RND context buffer. */ + CRYS_RND_WorkBuff_t *rndWorkBuff_ptr /*!< [in/out] Scratchpad for the RND module's work. */ +); + + +/****************************************************************************************/ +/*! +@brief Generates a random vector according to the algorithm defined in referenced standard [SP800-90] - 10.2.1.5.2 - CTR-DRBG. +The generation algorithm uses AES (FIPS-PUB 197) and Derivation Function (DF). + +\note +
    • The RND module must be instantiated prior to invocation of this API.
      • +
    • In the following cases, Reseeding operation must be performed prior to vector generation:
      • +
      • Prediction resistance is required.
        • +
      • The function returns CRYS_RND_RESEED_COUNTER_OVERFLOW_ERROR, stating that the Reseed Counter has passed its upper-limit (2^32-2).
    + +@return CRYS_OK on success. +@return A non-zero value from crys_rnd_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_RND_GenerateVector( + void *rndState_ptr, /*!< [in/out] Pointer to the RND state structure, which is part of the RND context structure. + Use rndContext->rndState field of the context for this parameter. */ + uint16_t outSizeBytes, /*!< [in] The size in bytes of the random vector required. The maximal size is 2^16 -1 bytes. */ + uint8_t *out_ptr /*!< [out] The pointer to output buffer. */ +); + + + +/**********************************************************************************************************/ +/*! +@brief Generates a random vector with specific limitations by testing candidates (described and used in FIPS 186-4: B.1.2, B.4.2 etc.). + +This function draws a random vector, compare it to the range limits, and if within range - return it in rndVect_ptr. +If outside the range, the function continues retrying until a conforming vector is found, or the maximal retries limit is exceeded. +If maxVect_ptr is provided, rndSizeInBits specifies its size, and the output vector must conform to the range [1 < rndVect < maxVect]. +If maxVect_ptr is NULL, rndSizeInBits specifies the exact required vector size, and the output vector must be the exact same +bit size (with its most significant bit = 1). +\note +The RND module must be instantiated prior to invocation of this API. + +@return CRYS_OK on success. +@return A non-zero value from crys_rnd_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_RND_GenerateVectorInRange( + void *rndState_ptr, /*!< [in/out] Pointer to the RND state structure. */ + SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc, /*!< [in] Pointer to the random vector generation function. */ + uint32_t rndSizeInBits, /*!< [in] The size in bits of the random vector required. The allowed size in range 2 <= rndSizeInBits < 2^19-1, bits. */ + uint8_t *maxVect_ptr, /*!< [in] Pointer to the vector defining the upper limit for the random vector output, Given as little-endian byte array. + If not NULL, its actual size is treated as [(rndSizeInBits+7)/8] bytes and its value must be in range (3, 2^19) */ + uint8_t *rndVect_ptr /*!< [in/out] Pointer to the output buffer for the random vector. Must be at least [(rndSizeInBits+7)/8] bytes. + Treated as little-endian byte array. */ +); + + +/*************************************************************************************/ +/*! +@brief Used for adding additional input/personalization data provided by the user, +to be later used by the ::CRYS_RND_Instantiation/::CRYS_RND_Reseeding/::CRYS_RND_GenerateVector functions. + +@return CRYS_OK on success. +@return A non-zero value from crys_rnd_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_RND_AddAdditionalInput( + void *rndState_ptr, /*!< [in/out] Pointer to the RND context state buffer. */ + uint8_t *additonalInput_ptr, /*!< [in] The Additional Input buffer. */ + uint16_t additonalInputSize /*!< [in] The size of the Additional Input buffer. It must + be <= CRYS_RND_ADDITINAL_INPUT_MAX_SIZE_WORDS and a multiple of 4. */ +); + +/*! +@brief The CRYS_RND_EnterKatMode function sets KAT mode bit into StateFlag of global CRYS_RND_WorkingState structure. + +The user must call this function before calling functions performing KAT tests. + +\note Total size of entropy and nonce must be not great than 126 words (maximal size of entropy and nonce). + +@return CRYS_OK on success. +@return A non-zero value from crys_rnd_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_RND_EnterKatMode( + void *rndState_ptr, /*!< [in/out] Pointer to the RND context state buffer. */ + uint8_t *entrData_ptr, /*!< [in] Entropy data. */ + uint32_t entrSize, /*!< [in] Entropy size in bytes. */ + uint8_t *nonce_ptr, /*!< [in] Nonce. */ + uint32_t nonceSize, /*!< [in] Entropy size in bytes. */ + CRYS_RND_WorkBuff_t *workBuff_ptr /*!< [out] RND working buffer, must be the same buffer, which should be passed into + Instantiation/Reseeding functions. */ +); + +/**********************************************************************************************************/ +/*! +@brief The CRYS_RND_DisableKatMode function disables KAT mode bit into StateFlag of global CRYS_RND_State_t structure. + +The user must call this function after KAT tests before actual using RND module (Instantiation etc.). + +@return CRYS_OK on success. +@return A non-zero value from crys_rnd_error.h on failure. +*/ +CIMPORT_C void CRYS_RND_DisableKatMode( + void *rndState_ptr /*!< [in/out] Pointer to the RND state buffer. */ +); + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif /* #ifndef CRYS_RND_H */ + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rnd_error.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rnd_error.h new file mode 100644 index 00000000000..a38f3bc0dea --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rnd_error.h @@ -0,0 +1,153 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + + +#ifndef CRYS_RND_ERROR_H +#define CRYS_RND_ERROR_H + +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/*! +@file +@brief This module contains the definitions of the CRYS RND errors. +@defgroup crys_rnd_error CryptoCell RND specific errors +@{ +@ingroup crys_rnd +*/ + + + +/************************ Defines ******************************/ +/*! RND module on the CRYS layer base address - 0x00F00C00 */ + +/*! Illegal output pointer.*/ +#define CRYS_RND_DATA_OUT_POINTER_INVALID_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x0UL) +/*! Random generation in range failed .*/ +#define CRYS_RND_CAN_NOT_GENERATE_RAND_IN_RANGE (CRYS_RND_MODULE_ERROR_BASE + 0x1UL) +/*! CPRNGT test failed.*/ +#define CRYS_RND_CPRNG_TEST_FAIL_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x2UL) +/*! Illegal additional data buffer. */ +#define CRYS_RND_ADDITIONAL_INPUT_BUFFER_NULL (CRYS_RND_MODULE_ERROR_BASE + 0x3UL) +/*! Illegal additional data size. */ +#define CRYS_RND_ADDITIONAL_INPUT_SIZE_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x4UL) +/*! Data size overflow. */ +#define CRYS_RND_DATA_SIZE_OVERFLOW_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x5UL) +/*! Illegal vector size. */ +#define CRYS_RND_VECTOR_SIZE_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x6UL) +/*! Reseed counter overflow - in case this error was returned instantiation or reseeding operation must be called. */ +#define CRYS_RND_RESEED_COUNTER_OVERFLOW_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x7UL) +/*! Instantiation was not yet called. */ +#define CRYS_RND_INSTANTIATION_NOT_DONE_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x8UL) +/*! TRNG loss of samples. */ +#define CRYS_RND_TRNG_LOSS_SAMPLES_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x9UL) +/*! TRNG Time exceeded limitations. */ +#define CRYS_RND_TRNG_TIME_EXCEED_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0xAUL) +/*! TRNG loss of samples and time exceeded limitations. */ +#define CRYS_RND_TRNG_LOSS_SAMPLES_AND_TIME_EXCEED_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0xBUL) +/*! RND is in Known Answer Test mode. */ +#define CRYS_RND_IS_KAT_MODE_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0xCUL) +/*! RND operation not supported. */ +#define CRYS_RND_OPERATION_IS_NOT_SUPPORTED_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0xDUL) +/*! RND validity check failed. */ +#define CRYS_RND_STATE_VALIDATION_TAG_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0xEUL) +/*! RND is not supported. */ +#define CRYS_RND_IS_NOT_SUPPORTED (CRYS_RND_MODULE_ERROR_BASE + 0xFUL) + +/*! Illegal generate vector function pointer. */ +#define CRYS_RND_GEN_VECTOR_FUNC_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x14UL) + +/*! Illegal work buffer pointer. */ +#define CRYS_RND_WORK_BUFFER_PTR_INVALID_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x20UL) +/*! Illegal AES key size. */ +#define CRYS_RND_ILLEGAL_AES_KEY_SIZE_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x21UL) +/*! Illegal data pointer. */ +#define CRYS_RND_ILLEGAL_DATA_PTR_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x22UL) +/*! Illegal data size. */ +#define CRYS_RND_ILLEGAL_DATA_SIZE_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x23UL) +/*! Illegal parameter. */ +#define CRYS_RND_ILLEGAL_PARAMETER_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x24UL) +/*! Illegal RND state pointer. */ +#define CRYS_RND_STATE_PTR_INVALID_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x25UL) +/*! TRNG errors. */ +#define CRYS_RND_TRNG_ERRORS_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x26UL) +/*! Illegal context pointer. */ +#define CRYS_RND_CONTEXT_PTR_INVALID_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x27UL) + +/*! Illegal output vector pointer. */ +#define CRYS_RND_VECTOR_OUT_PTR_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x30UL) +/*! Illegal output vector size. */ +#define CRYS_RND_VECTOR_OUT_SIZE_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x31UL) +/*! Maximal vector size is too small. */ +#define CRYS_RND_MAX_VECTOR_IS_TOO_SMALL_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x32UL) +/*! Illegal Known Answer Tests parameters. */ +#define CRYS_RND_KAT_DATA_PARAMS_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x33UL) +/*! TRNG Known Answer Test not supported. */ +#define CRYS_RND_TRNG_KAT_NOT_SUPPORTED_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x34UL) +/*! SRAM memory is not defined. */ +#define CRYS_RND_SRAM_NOT_SUPPORTED_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x35UL) +/*! AES operation failure. */ +#define CRYS_RND_AES_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x36UL) + + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rsa_build.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rsa_build.h new file mode 100644 index 00000000000..c522aa3fd31 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rsa_build.h @@ -0,0 +1,152 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef CRYS_RSA_BUILD_H +#define CRYS_RSA_BUILD_H + + +#include "crys_error.h" +#include "crys_rsa_types.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@defgroup crys_rsa CryptoCell RSA APIs +@{ +@ingroup cryptocell_api +@brief This group is the cryptocell ECC root group +@} + +@file +@brief This module defines some utility functions for working with RSA cryptography. +@defgroup crys_rsa_build CryptoCell RSA Utility APIs +@{ +@ingroup crys_rsa +*/ + +/******************************************************************************************/ +/*! +@brief Builds a ::CRYSRSAPubKey_t public key structure with the provided modulus and exponent. + +@return CRYS_OK on success. +@return A non-zero value from crys_rsa_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_RSA_Build_PubKey( + CRYS_RSAUserPubKey_t *UserPubKey_ptr, /*!< [out] Pointer to the public key structure. */ + uint8_t *Exponent_ptr, /*!< [in] Pointer to the exponent stream of bytes (Big-Endian format). */ + uint16_t ExponentSize, /*!< [in] The size of the exponent (in bytes). */ + uint8_t *Modulus_ptr, /*!< [in] Pointer to the modulus stream of bytes (Big-Endian format). + The most significant bit (MSB) must be set to '1'. */ + uint16_t ModulusSize /*!< [in] The modulus size in bytes. Supported sizes are 64, 128, 256, 384 and 512. */ +); + + +/******************************************************************************************/ +/*! +@brief Builds a ::CRYSRSAPrivKey_t private key structure with the provided modulus and exponent, marking the key as a non-CRT key. + +@return CRYS_OK on success. +@return A non-zero value from crys_rsa_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_RSA_Build_PrivKey( + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, /*!< [out] Pointer to the public key structure.*/ + uint8_t *PrivExponent_ptr, /*!< [in] Pointer to the private exponent stream of bytes (Big-Endian format). */ + uint16_t PrivExponentSize, /*!< [in] The size of the private exponent (in bytes). */ + uint8_t *PubExponent_ptr, /*!< [in] Pointer to the public exponent stream of bytes (Big-Endian format). */ + uint16_t PubExponentSize, /*!< [in] The size of the public exponent (in bytes). */ + uint8_t *Modulus_ptr, /*!< [in] Pointer to the modulus stream of bytes (Big-Endian format). + The most significant bit must be set to '1'. */ + uint16_t ModulusSize /*!< [in] The modulus size in bytes. Supported sizes are 64, 128, 256, 384 and 512. */ +); + +/******************************************************************************************/ +/*! +@brief Builds a ::CRYSRSAPrivKey_t private key structure with the provided parameters, marking the key as a CRT key. + +@return CRYS_OK on success. +@return A non-zero value from crys_rsa_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_RSA_Build_PrivKeyCRT( + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, /*!< [out] Pointer to the public key structure. */ + uint8_t *P_ptr, /*!< [in] Pointer to the first factor stream of bytes (Big-Endian format). */ + uint16_t PSize, /*!< [in] The size of the first factor (in bytes). */ + uint8_t *Q_ptr, /*!< [in] Pointer to the second factor stream of bytes (Big-Endian format). */ + uint16_t QSize, /*!< [in] The size of the second factor (in bytes). */ + uint8_t *dP_ptr, /*!< [in] Pointer to the first factor's CRT exponent stream of bytes + (Big-Endian format). */ + uint16_t dPSize, /*!< [in] The size of the first factor's CRT exponent (in bytes). */ + uint8_t *dQ_ptr, /*!< [in] Pointer to the second factor's CRT exponent stream of bytes + (Big-Endian format). */ + uint16_t dQSize, /*!< [in] The size of the second factor's CRT exponent (in bytes). */ + uint8_t *qInv_ptr, /*!< [in] Pointer to the first CRT coefficient stream of bytes (Big-Endian format). */ + uint16_t qInvSize /*!< [in] The size of the first CRT coefficient (in bytes). */ +); + + +/******************************************************************************************/ +/*! +@brief The function gets the e,n public key parameters from the input +CRYS_RSAUserPubKey_t structure. The function can also be used to retrieve the +modulus and exponent sizes only (Exponent_ptr AND Modulus_ptr must be set to +NULL). + +\note All members of input UserPubKey_ptr structure must be initialized. + +@return CRYS_OK on success. +@return A non-zero value from crys_rsa_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_RSA_Get_PubKey( + CRYS_RSAUserPubKey_t *UserPubKey_ptr, /*!< [in] A pointer to the public key structure. */ + uint8_t *Exponent_ptr, /*!< [out] A pointer to the exponent stream of bytes (Big-Endian format). */ + uint16_t *ExponentSize_ptr, /*!< [in/out] the size of the exponent buffer in bytes, + it is updated to the actual size of the exponent, in bytes. */ + uint8_t *Modulus_ptr, /*!< [out] A pointer to the modulus stream of bytes (Big-Endian format). + The MS (most significant) bit must be set to '1'. */ + uint16_t *ModulusSize_ptr /*!< [in/out] the size of the modulus buffer in bytes, it is updated to the actual + size of the modulus, in bytes. */ +); + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rsa_error.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rsa_error.h new file mode 100644 index 00000000000..a8468ff3d98 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rsa_error.h @@ -0,0 +1,277 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + + #ifndef CRYS_RSA_ERROR_H +#define CRYS_RSA_ERROR_H + + +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! @file +@brief This module contains the definitions of the CRYS RSA errors. +@defgroup crys_rsa_error CryptoCell RSA specific errors +@{ +@ingroup crys_rsa +*/ + +/************************ Defines ******************************/ + +/*! CRYS RSA module on the CRYS layer base address - 0x00F00400 */ + +/*! The CRYS RSA module errors */ +/*! Illegal modulus size. */ +#define CRYS_RSA_INVALID_MODULUS_SIZE (CRYS_RSA_MODULE_ERROR_BASE + 0x0UL) +/*! Illegal modulus pointer. */ +#define CRYS_RSA_INVALID_MODULUS_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x1UL) +/*! Illegal exponent pointer. */ +#define CRYS_RSA_INVALID_EXPONENT_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x2UL) +/*! Illegal public key structure pointer. */ +#define CRYS_RSA_INVALID_PUB_KEY_STRUCT_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x3UL) +/*! Illegal private key structure pointer. */ +#define CRYS_RSA_INVALID_PRIV_KEY_STRUCT_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x4UL) +/*! Illegal exponent value. */ +#define CRYS_RSA_INVALID_EXPONENT_VAL (CRYS_RSA_MODULE_ERROR_BASE + 0x5UL) +/*! Illegal exponent size. */ +#define CRYS_RSA_INVALID_EXPONENT_SIZE (CRYS_RSA_MODULE_ERROR_BASE + 0x6UL) +/*! Illegal CRT first factor pointer (P_ptr) . */ +#define CRYS_RSA_INVALID_CRT_FIRST_FACTOR_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x7UL) +/*! Illegal CRT second factor pointer (Q_ptr) . */ +#define CRYS_RSA_INVALID_CRT_SECOND_FACTOR_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x8UL) +/*! Illegal CRT first exponent factor pointer (dP_ptr) . */ +#define CRYS_RSA_INVALID_CRT_FIRST_FACTOR_EXP_PTR_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x9UL) +/*! Illegal CRT second exponent factor pointer (dQ_ptr) . */ +#define CRYS_RSA_INVALID_CRT_SECOND_FACTOR_EXP_PTR_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0xAUL) +/*! Illegal CRT coefficient pointer (qInv_ptr) . */ +#define CRYS_RSA_INVALID_CRT_COEFFICIENT_PTR_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0xBUL) +/*! Illegal CRT first factor size (Psize). */ +#define CRYS_RSA_INVALID_CRT_FIRST_FACTOR_SIZE (CRYS_RSA_MODULE_ERROR_BASE + 0xCUL) +/*! Illegal CRT second factor size (Qsize). */ +#define CRYS_RSA_INVALID_CRT_SECOND_FACTOR_SIZE (CRYS_RSA_MODULE_ERROR_BASE + 0xDUL) +/*! Illegal CRT first and second factor size (Psize + Qsize). */ +#define CRYS_RSA_INVALID_CRT_FIRST_AND_SECOND_FACTOR_SIZE (CRYS_RSA_MODULE_ERROR_BASE + 0xEUL) +/*! Illegal CRT first factor exponent value (dP). */ +#define CRYS_RSA_INVALID_CRT_FIRST_FACTOR_EXPONENT_VAL (CRYS_RSA_MODULE_ERROR_BASE + 0xFUL) +/*! Illegal CRT first factor exponent value (dQ). */ +#define CRYS_RSA_INVALID_CRT_SECOND_FACTOR_EXPONENT_VAL (CRYS_RSA_MODULE_ERROR_BASE + 0x10UL) +/*! Illegal CRT coefficient value (qInv). */ +#define CRYS_RSA_INVALID_CRT_COEFF_VAL (CRYS_RSA_MODULE_ERROR_BASE + 0x11UL) +/*! Illegal data in. */ +#define CRYS_RSA_DATA_POINTER_INVALID_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x12UL) +/*! Illegal message data size. */ +#define CRYS_RSA_INVALID_MESSAGE_DATA_SIZE (CRYS_RSA_MODULE_ERROR_BASE + 0x13UL) +/*! Illegal message value. */ +#define CRYS_RSA_INVALID_MESSAGE_VAL (CRYS_RSA_MODULE_ERROR_BASE + 0x14UL) + +/*! Modulus even error. */ +#define CRYS_RSA_MODULUS_EVEN_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x15UL) +/*! Illegal context pointer. */ +#define CRYS_RSA_INVALID_USER_CONTEXT_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x16UL) +/*! Illegal hash operation mode. */ +#define CRYS_RSA_HASH_ILLEGAL_OPERATION_MODE_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x17UL) +/*! Illegal MGF value. */ +#define CRYS_RSA_MGF_ILLEGAL_ARG_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x18UL) +/*! Illegal PKCS1 version. */ +#define CRYS_RSA_PKCS1_VER_ARG_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x19UL) + +/*! Invalid private key. */ +#define CRYS_RSA_PRIV_KEY_VALIDATION_TAG_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x1AUL) +/*! Invalid public key. */ +#define CRYS_RSA_PUB_KEY_VALIDATION_TAG_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x1BUL) +/*! Invalid context. */ +#define CRYS_RSA_USER_CONTEXT_VALIDATION_TAG_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x1CUL) +/*! Illegal output pointer. */ +#define CRYS_RSA_INVALID_OUTPUT_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x1DUL) +/*! Illegal output size pointer. */ +#define CRYS_RSA_INVALID_OUTPUT_SIZE_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x1FUL) +/*! Illegal temporary buffer pointer. */ +#define CRYS_RSA_CONV_TO_CRT_INVALID_TEMP_BUFF_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x20UL) + +/*! OAEP encode parameter string is too long. */ +#define CRYS_RSA_BASE_OAEP_ENCODE_PARAMETER_STRING_TOO_LONG (CRYS_RSA_MODULE_ERROR_BASE + 0x22UL) +/*! OAEP decode parameter string is too long. */ +#define CRYS_RSA_BASE_OAEP_DECODE_PARAMETER_STRING_TOO_LONG (CRYS_RSA_MODULE_ERROR_BASE + 0x23UL) +/*! OAEP encode message is too long. */ +#define CRYS_RSA_BASE_OAEP_ENCODE_MESSAGE_TOO_LONG (CRYS_RSA_MODULE_ERROR_BASE + 0x24UL) +/*! OAEP decode message is too long. */ +#define CRYS_RSA_BASE_OAEP_DECODE_MESSAGE_TOO_LONG (CRYS_RSA_MODULE_ERROR_BASE + 0x25UL) +/*! Illegal key generation data struct pointer. */ +#define CRYS_RSA_KEY_GEN_DATA_STRUCT_POINTER_INVALID (CRYS_RSA_MODULE_ERROR_BASE + 0x26UL) +/*! Illegal PRIM data struct pointer. */ +#define CRYS_RSA_PRIM_DATA_STRUCT_POINTER_INVALID (CRYS_RSA_MODULE_ERROR_BASE + 0x27UL) +/*! Illegal message buffer size. */ +#define CRYS_RSA_INVALID_MESSAGE_BUFFER_SIZE (CRYS_RSA_MODULE_ERROR_BASE + 0x28UL) +/*! Illegal signature buffer size. */ +#define CRYS_RSA_INVALID_SIGNATURE_BUFFER_SIZE (CRYS_RSA_MODULE_ERROR_BASE + 0x29UL) +/*! Illegal modulus size pointer. */ +#define CRYS_RSA_INVALID_MOD_BUFFER_SIZE_POINTER (CRYS_RSA_MODULE_ERROR_BASE + 0x2AUL) +/*! Illegal exponent size pointer. */ +#define CRYS_RSA_INVALID_EXP_BUFFER_SIZE_POINTER (CRYS_RSA_MODULE_ERROR_BASE + 0x2BUL) +/*! Illegal signature pointer. */ +#define CRYS_RSA_INVALID_SIGNATURE_BUFFER_POINTER (CRYS_RSA_MODULE_ERROR_BASE + 0x2CUL) +/*! Wrong private key type. */ +#define CRYS_RSA_WRONG_PRIVATE_KEY_TYPE (CRYS_RSA_MODULE_ERROR_BASE + 0x2DUL) + +/*! Illegal CRT first factor size pointer (Psize) . */ +#define CRYS_RSA_INVALID_CRT_FIRST_FACTOR_SIZE_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x2EUL) +/*! Illegal CRT second factor size pointer (Qsize) . */ +#define CRYS_RSA_INVALID_CRT_SECOND_FACTOR_SIZE_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x2FUL) +/*! Illegal CRT first factor exponent size pointer (dPsize) . */ +#define CRYS_RSA_INVALID_CRT_FIRST_FACTOR_EXP_SIZE_PTR_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x30UL) +/*! Illegal CRT second factor exponent size pointer (dQsize) . */ +#define CRYS_RSA_INVALID_CRT_SECOND_FACTOR_EXP_SIZE_PTR_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x31UL) +/*! Illegal CRT coefficient size pointer (qInvsize) . */ +#define CRYS_RSA_INVALID_CRT_COEFFICIENT_SIZE_PTR_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x32UL) + +/*! Illegal CRT first factor size (Psize) . */ +#define CRYS_RSA_INVALID_CRT_FIRST_FACTOR_SIZE_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x33UL) +/*! Illegal CRT second factor size (Qsize) . */ +#define CRYS_RSA_INVALID_CRT_SECOND_FACTOR_SIZE_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x34UL) +/*! Illegal CRT first factor exponent size (dPsize) . */ +#define CRYS_RSA_INVALID_CRT_FIRST_FACTOR_EXP_SIZE_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x35UL) +/*! Illegal CRT second factor exponent size (dQsize) . */ +#define CRYS_RSA_INVALID_CRT_SECOND_FACTOR_EXP_SIZE_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x36UL) +/*! Illegal CRT coefficient size (qInvsize) . */ +#define CRYS_RSA_INVALID_CRT_COEFFICIENT_SIZE_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x37UL) +/*! Key generation conditional test failed. */ +#define CRYS_RSA_KEY_GEN_CONDITIONAL_TEST_FAIL_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x38UL) + +/*! Random generation in range failed. */ +#define CRYS_RSA_CAN_NOT_GENERATE_RAND_IN_RANGE (CRYS_RSA_MODULE_ERROR_BASE + 0x39UL) +/*! Illegal CRT parameter size. */ +#define CRYS_RSA_INVALID_CRT_PARAMETR_SIZE_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x3AUL) + +/*! Illegal modulus. */ +#define CRYS_RSA_INVALID_MODULUS_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x40UL) +/*! Illegal pointer. */ +#define CRYS_RSA_INVALID_PTR_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x41UL) +/*! Illegal decryption mode. */ +#define CRYS_RSA_INVALID_DECRYPRION_MODE_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x42UL) + +/*! Illegal generated private key. */ +#define CRYS_RSA_GENERATED_PRIV_KEY_IS_TOO_LOW (CRYS_RSA_MODULE_ERROR_BASE + 0x43UL) +/*! Key generation error. */ +#define CRYS_RSA_KEY_GENERATION_FAILURE_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x44UL) +/*! Internal error. */ +#define CRYS_RSA_INTERNAL_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x45UL) + + +/**************************************************************************************** + * PKCS#1 VERSION 1.5 ERRORS + ****************************************************************************************/ +/*! BER encoding passed. */ +#define CRYS_RSA_BER_ENCODING_OK CRYS_OK +/*! Error in BER parsing. */ +#define CRYS_RSA_ERROR_BER_PARSING (CRYS_RSA_MODULE_ERROR_BASE+0x51UL) +/*! Error in PKCS15 message. */ +#define CRYS_RSA_ENCODE_15_MSG_OUT_OF_RANGE (CRYS_RSA_MODULE_ERROR_BASE+0x52UL) +/*! Error in PKCS15 PS. */ +#define CRYS_RSA_ENCODE_15_PS_TOO_SHORT (CRYS_RSA_MODULE_ERROR_BASE+0x53UL) +/*! PKCS15 block type is not supported. */ +#define CRYS_RSA_PKCS1_15_BLOCK_TYPE_NOT_SUPPORTED (CRYS_RSA_MODULE_ERROR_BASE+0x54UL) +/*! Error in PKCS15 decrypted block parsing. */ +#define CRYS_RSA_15_ERROR_IN_DECRYPTED_BLOCK_PARSING (CRYS_RSA_MODULE_ERROR_BASE+0x55UL) +/*! Error in random operation. */ +#define CRYS_RSA_ERROR_IN_RANDOM_OPERATION_FOR_ENCODE (CRYS_RSA_MODULE_ERROR_BASE+0x56UL) +/*! PKCS15 verification failed. */ +#define CRYS_RSA_ERROR_VER15_INCONSISTENT_VERIFY (CRYS_RSA_MODULE_ERROR_BASE+0x57UL) +/*! Illegal message size (in no hash operation case). */ +#define CRYS_RSA_INVALID_MESSAGE_DATA_SIZE_IN_NO_HASH_CASE (CRYS_RSA_MODULE_ERROR_BASE+0x58UL) +/*! Illegal message size. */ +#define CRYS_RSA_INVALID_MESSAGE_DATA_SIZE_IN_SSL_CASE (CRYS_RSA_MODULE_ERROR_BASE+0x59UL) +/*! PKCS#1 Ver 1.5 verify hash input inconsistent with hash mode derived from signature. */ +#define CRYS_RSA_PKCS15_VERIFY_BER_ENCODING_HASH_TYPE (CRYS_RSA_MODULE_ERROR_BASE+0x60UL) +/*! Illegal DER hash mode */ +#define CRYS_RSA_GET_DER_HASH_MODE_ILLEGAL (CRYS_RSA_MODULE_ERROR_BASE+0x61UL) + +/**************************************************************************************** + * PKCS#1 VERSION 2.1 ERRORS + ****************************************************************************************/ +/*! Illegal salt length. */ +#define CRYS_RSA_PSS_ENCODING_MODULUS_HASH_SALT_LENGTHS_ERROR (CRYS_RSA_MODULE_ERROR_BASE+0x80UL) +/*! Illegal MGF mask. */ +#define CRYS_RSA_BASE_MGF_MASK_TOO_LONG (CRYS_RSA_MODULE_ERROR_BASE+0x81UL) +/*! PSS verification failed. */ +#define CRYS_RSA_ERROR_PSS_INCONSISTENT_VERIFY (CRYS_RSA_MODULE_ERROR_BASE+0x82UL) +/*! OAEP message too long. */ +#define CRYS_RSA_OAEP_VER21_MESSAGE_TOO_LONG (CRYS_RSA_MODULE_ERROR_BASE+0x83UL) +/*! OAEP error in decrypted block parsing. */ +#define CRYS_RSA_ERROR_IN_DECRYPTED_BLOCK_PARSING (CRYS_RSA_MODULE_ERROR_BASE+0x84UL) +/*! OAEP decoding error. */ +#define CRYS_RSA_OAEP_DECODE_ERROR (CRYS_RSA_MODULE_ERROR_BASE+0x85UL) +/*! Error in decrypted data size. */ +#define CRYS_RSA_15_ERROR_IN_DECRYPTED_DATA_SIZE (CRYS_RSA_MODULE_ERROR_BASE+0x86UL) +/*! Error in decrypted data. */ +#define CRYS_RSA_15_ERROR_IN_DECRYPTED_DATA (CRYS_RSA_MODULE_ERROR_BASE+0x87UL) +/*! Illegal L pointer. */ +#define CRYS_RSA_OAEP_L_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE+0x88UL) +/*! Illegal output size. */ +#define CRYS_RSA_DECRYPT_INVALID_OUTPUT_SIZE (CRYS_RSA_MODULE_ERROR_BASE+0x89UL) +/*! Illegal output size pointer. */ +#define CRYS_RSA_DECRYPT_OUTPUT_SIZE_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE+0x8AUL) +/*! Illegal parameters. */ +#define CRYS_RSA_ILLEGAL_PARAMS_ACCORDING_TO_PRIV_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x93UL) +/*! RSA is not supported. */ +#define CRYS_RSA_IS_NOT_SUPPORTED (CRYS_RSA_MODULE_ERROR_BASE+0xFFUL) + + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rsa_kg.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rsa_kg.h new file mode 100644 index 00000000000..401fb2ec5f7 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rsa_kg.h @@ -0,0 +1,129 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + + +#ifndef CRYS_RSA_KG_H +#define CRYS_RSA_KG_H + +#include "crys_rsa_types.h" +#include "crys_rnd.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief Generates a RSA pair of public and private keys. +@defgroup crys_rsa_kg CryptoCell RSA key generation APIs +@{ +@ingroup crys_rsa +*/ + +/************************ Defines ******************************/ + +/* Max allowed size and values of public exponent for key generation in CRYS */ +/*! Maximal public exponent size in bits. */ +#define CRYS_RSA_KG_PUB_EXP_MAX_SIZE_BITS 17 +/*! Definition of public exponent value. */ +#define CRYS_RSA_KG_PUB_EXP_ALLOW_VAL_1 0x000003 +/*! Definition of public exponent value. */ +#define CRYS_RSA_KG_PUB_EXP_ALLOW_VAL_2 0x000011 +/*! Definition of public exponent value. */ +#define CRYS_RSA_KG_PUB_EXP_ALLOW_VAL_3 0x010001 + + + + +/***********************************************************************************************/ + +/*! +@brief CRYS_RSA_KG_GenerateKeyPair generates a Pair of public and private keys on non CRT mode according to [ANS X9.31]. + +\note To be FIPS 186-4 [5.1] compliant use only the following key sizes (in bits): 1024, 2048 and 3072. + +@return CRYS_OK on success. +@return A non-zero value from crys_rsa_error.h or crys_rnd_error.h on failure. + +*/ + +CIMPORT_C CRYSError_t CRYS_RSA_KG_GenerateKeyPair( + void *rndState_ptr, /*!< [in/out] Pointer to the RND state structure. */ + SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc, /*!< [in] Pointer to the random vector generation function. */ + uint8_t *pubExp_ptr, /*!< [in] The pointer to the public exponent (public key). */ + uint16_t pubExpSizeInBytes, /*!< [in] The public exponent size in bytes. */ + uint32_t keySize, /*!< [in] The size of the key, in bits. Supported sizes are + 512, 1024, 2048, 3072 and 4096 bit. */ + CRYS_RSAUserPrivKey_t *userPrivKey_ptr, /*!< [out] Pointer to the private key structure. */ + CRYS_RSAUserPubKey_t *userPubKey_ptr, /*!< [out] Pointer to the public key structure. */ + CRYS_RSAKGData_t *keyGenData_ptr, /*!< [in] Pointer to a temporary structure required for the KeyGen operation. */ + CRYS_RSAKGFipsContext_t *pFipsCtx /*!< [in] Pointer to temporary buffer used in case FIPS certification if required. */ +); + +/***********************************************************************************************/ +/*! +@brief Generates a pair of public and private keys on CRT mode according to [ANS X9.31]. + +\note To be FIPS 186-4 [5.1] compliant use only the following key sizes (in bits): 1024, 2048 and 3072. + +@return CRYS_OK on success. +@return A non-zero value from crys_rsa_error.h or crys_rnd_error.h on failure. +*/ + +CIMPORT_C CRYSError_t CRYS_RSA_KG_GenerateKeyPairCRT( + void *rndState_ptr, /*!< [in/out] Pointer to the RND state structure. */ + SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc, /*!< [in] Pointer to the random vector generation function. */ + uint8_t *pubExp_ptr, /*!< [in] The pointer to the public exponent (public key). */ + uint16_t pubExpSizeInBytes, /*!< [in] The public exponent size in bytes. */ + uint32_t keySize, /*!< [in] The size of the key, in bits. Supported sizes are + 512, 1024, 2048, 3072 and 4096 bit. */ + CRYS_RSAUserPrivKey_t *userPrivKey_ptr, /*!< [out] Pointer to the private key structure. */ + CRYS_RSAUserPubKey_t *userPubKey_ptr, /*!< [out] Pointer to the public key structure. */ + CRYS_RSAKGData_t *keyGenData_ptr, /*!< [in] Pointer to a temporary structure required for the KeyGen operation. */ + CRYS_RSAKGFipsContext_t *pFipsCtx /*!< [in] Pointer to temporary buffer used in case FIPS certification if required. */ +); + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rsa_prim.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rsa_prim.h new file mode 100644 index 00000000000..2d2c3b49562 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rsa_prim.h @@ -0,0 +1,125 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef CRYS_RSA_PRIM_H +#define CRYS_RSA_PRIM_H + +#include "crys_rsa_types.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief This module defines the API that implements the [PKCS1_2.1] primitive functions. +@defgroup crys_rsa_prim CryptoCell RSA primitive APIs +@{ +@ingroup crys_rsa + + +\note Direct use of primitive functions, rather than schemes to protect data, is strongly discouraged as primitive functions are +susceptible to well-known attacks. +*/ + + + +/**********************************************************************************/ +/*! +@brief Implements the RSAEP algorithm, as defined in [PKCS1_2.1] - 6.1.1. + +@return CRYS_OK on success. +@return A non-zero value from crys_rsa_error.h on failure. + */ +CIMPORT_C CRYSError_t CRYS_RSA_PRIM_Encrypt( + CRYS_RSAUserPubKey_t *UserPubKey_ptr, /*!< [in] Pointer to the public key data structure. */ + CRYS_RSAPrimeData_t *PrimeData_ptr, /*!< [in] Pointer to a temporary structure containing internal buffers. */ + uint8_t *Data_ptr, /*!< [in] Pointer to the data to encrypt. */ + uint16_t DataSize, /*!< [in] The size (in bytes) of input data must be ≤ modulus size. If is smaller, + then the function padds it by zeros on left side up to the modulus size + and therefore, after further decrypt operation, its result will contain + zero-padding also. If the function is used for recovering the plain data + from result of inverse function (CRYS_RSA_PRIM_Decrypt), the input size + must be equal to modulus size exactly. */ + uint8_t *Output_ptr /*!< [out] Pointer to the encrypted data. The buffer size must be ≥ the modulus size. */ +); + + +/**********************************************************************************/ +/*! +@brief Implements the RSADP algorithm, as defined in [PKCS1_2.1] - 6.1.2. + +@return CRYS_OK on success. +@return A non-zero value from crys_rsa_error.h on failure. + +*/ +CIMPORT_C CRYSError_t CRYS_RSA_PRIM_Decrypt( + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, /*!< [in] Pointer to the private key data structure. + The key representation (pair or quintuple) and hence the RSA algorithm + (CRT or not-CRT) is determined by enum value in the structure + ::CRYS_RSA_Build_PrivKey or ::CRYS_RSA_Build_PrivKeyCRT. */ + CRYS_RSAPrimeData_t *PrimeData_ptr, /*!< [in] Pointer to a temporary structure containing internal buffers required for + the RSA operation. */ + uint8_t *Data_ptr, /*!< [in] Pointer to the data to be decrypted. */ + uint16_t DataSize, /*!< [in] The size (in bytes) of input data must be ≤ modulus size. + If the size is smaller (not recommendet), then the data will be zero-padded + by the function on left side up to the modulus size and therefore, after further + decrypt operation,its result will contain zero-padding also. If the function is used + for recovering the plain data from result of inverse function (CRYS_RSA_PRIM_Encrypt), + the input size must be equal to modulus size exactly. */ + uint8_t *Output_ptr /*!< [out] Pointer to the decrypted data. The buffer size must be ≤ the modulus size. */ +); + + +/*! +@brief Implements the RSASP1 algorithm, as defined in [PKCS1_2.1] - 6.2.1, as a call to ::CRYS_RSA_PRIM_Decrypt, +since the signature primitive is identical to the decryption primitive. +*/ +#define CRYS_RSA_PRIM_Sign CRYS_RSA_PRIM_Decrypt + +/*! +@brief Implements the RSAVP1 algorithm, as defined in [PKCS1_2.1] - 6.2.2, as a call to ::CRYS_RSA_PRIM_Encrypt. +*/ +#define CRYS_RSA_PRIM_Verify CRYS_RSA_PRIM_Encrypt + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rsa_schemes.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rsa_schemes.h new file mode 100644 index 00000000000..ab356205341 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rsa_schemes.h @@ -0,0 +1,521 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef CRYS_RSA_SCHEMES_H +#define CRYS_RSA_SCHEMES_H + + +#include "crys_error.h" +#include "crys_rsa_types.h" +#include "crys_rnd.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief This module defines APIs that support [PKCS1_1.5] and [PKCS1_2.1] encryption and signature schemes. +@defgroup crys_rsa_schemes CryptoCell RSA encryption and signature schemes +@{ +@ingroup crys_rsa +*/ + +/**********************************************************************************************************/ +/*! +@brief This function implements the Encrypt algorithm, as defined in [PKCS1_2.1] and [PKCS1_1.5]. + +It should not be called directly. Instead, use macros ::CRYS_RSA_OAEP_Encrypt or ::CRYS_RSA_PKCS1v15_Encrypt. + +@return CRYS_OK on success. +@return A non-zero value from crys_rsa_error.h, crys_rnd_error.h or crys_hash_error.h on failure. +*/ +CIMPORT_C CRYSError_t SaSi_RsaSchemesEncrypt( + void *rndState_ptr, /*!< [in/out] Pointer to the RND state structure. */ + SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc, /*!< [in] Pointer to the random vector generation function. */ + CRYS_RSAUserPubKey_t *UserPubKey_ptr, /*!< [in] Pointer to the public key data structure. */ + CRYS_RSAPrimeData_t *PrimeData_ptr, /*!< [in] Pointer to a temporary structure that is internally used as workspace for the + Encryption operation. */ + CRYS_RSA_HASH_OpMode_t hashFunc, /*!< [in] The HASH function to be used. One of the supported SHA-x HASH modes, as defined + in ::CRYS_RSA_HASH_OpMode_t (MD5 is not supported).*/ + uint8_t *L, /*!< [in] The label input pointer. Relevant for [PKCS1_2.1] only. NULL by default. + NULL for [PKCS1_1.5]. */ + uint16_t Llen, /*!< [in] The label length. Relevant for [PKCS1_2.1] only. Zero by default. + Must be <=2048. Zero for [PKCS1_1.5]. */ + CRYS_PKCS1_MGF_t MGF, /*!< [in] The mask generation function. [PKCS1_2.1] defines MGF1, so the only value + allowed here is CRYS_PKCS1_MGF1. */ + uint8_t *DataIn_ptr, /*!< [in] Pointer to the data to encrypt. */ + uint16_t DataInSize, /*!< [in] The size (in bytes) of the data to encrypt. The data size must be: + - For [PKCS1_2.1], DataSize <= modulus size - 2*HashLen - 2. + - For [PKCS1_1.5], DataSize <= modulus size - 11. */ + uint8_t *Output_ptr, /*!< [out] Pointer to the encrypted data. The buffer must be at least modulus size bytes long. */ + CRYS_PKCS1_version PKCS1_ver /*!< [in] [PKCS1_1.5] or [PKCS1_2.1], according to the functionality required. */ +); + +/*! + @brief + CRYS_RSA_OAEP_PSS21_Encrypt implements the RSAES-OAEP algorithm + as defined in PKCS#1 v2.1 8.1. + + \note It is not recommended to use hash MD5 in OAEP PKCS1 ver 2.1, therefore + it is not supported. + + This function combines the RSA encryption primitive and the + EME-OAEP encoding method, to provide an RSA-based encryption + method that is semantically secure against adaptive + chosen-ciphertext attacks. For additional details, please refer to + the PKCS#1 standard. +*/ +#define CRYS_RSA_OAEP_Encrypt(rndState_ptr, rndGenerateVectFunc, UserPubKey_ptr,PrimeData_ptr,HashMode,L,Llen,MGF,Data_ptr,DataSize,Output_ptr)\ + SaSi_RsaSchemesEncrypt(rndState_ptr, rndGenerateVectFunc, UserPubKey_ptr,PrimeData_ptr,HashMode,L,Llen,MGF,Data_ptr,DataSize,Output_ptr,CRYS_PKCS1_VER21) + +/*! + @brief + CRYS_RSA_PKCS1v15_Encrypt implements the RSAES-PKCS1v15 algorithm + as defined in PKCS#1 v2.1 8.2. +*/ +#define CRYS_RSA_PKCS1v15_Encrypt(rndState_ptr, rndGenerateVectFunc, UserPubKey_ptr,PrimeData_ptr,DataIn_ptr,DataInSize,Output_ptr)\ + SaSi_RsaSchemesEncrypt(rndState_ptr, rndGenerateVectFunc, UserPubKey_ptr,PrimeData_ptr,CRYS_RSA_HASH_NO_HASH_mode,NULL,0,CRYS_PKCS1_NO_MGF,DataIn_ptr, \ + DataInSize, Output_ptr,CRYS_PKCS1_VER15) + + +/**********************************************************************************************************/ +/*! +@brief This function implements the Decrypt algorithm, as defined in [PKCS1_2.1] and [PKCS1_1.5]. + +It should not be called directly. Instead, use macros ::CRYS_RSA_OAEP_Decrypt or ::CRYS_RSA_PKCS1v15_Decrypt. + +@return CRYS_OK on success. +@return A non-zero value from crys_rsa_error.h or crys_hash_error.h on failure. +*/ +CIMPORT_C CRYSError_t SaSi_RsaSchemesDecrypt( + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, /*!< [in] Pointer to the private key data structure of the user. */ + CRYS_RSAPrimeData_t *PrimeData_ptr, /*!< [in] Pointer to a temporary structure that is internally used as workspace + for the decryption operation. */ + CRYS_RSA_HASH_OpMode_t hashFunc, /*!< [in] The HASH function to be used. One of the supported SHA-x HASH modes, + as defined in ::CRYS_RSA_HASH_OpMode_t (MD5 is not supported). */ + uint8_t *L, /*!< [in] The label input pointer. Relevant for [PKCS1_2.1] only. NULL by default. + NULL for [PKCS1_1.5]. */ + uint16_t Llen, /*!< [in] The label length. Relevant for [PKCS1_2.1] only. Zero by default. + Zero for [PKCS1_1.5]. */ + CRYS_PKCS1_MGF_t MGF, /*!< [in] The mask generation function. [PKCS1_2.1] defines MGF1, so the only + value allowed here is CRYS_PKCS1_MGF1. */ + uint8_t *DataIn_ptr, /*!< [in] Pointer to the data to decrypt. */ + uint16_t DataInSize, /*!< [in] The size (in bytes) of the data to decrypt. DataSize must be ≤ + the modulus size. */ + uint8_t *Output_ptr, /*!< [in] Pointer to the decrypted data. The buffer must be at least + PrivKey_ptr->N.len bytes long (i.e. the modulus size in bytes). */ + uint16_t *OutputSize_ptr, /*!< [in] Pointer to the byte size of the buffer pointed to by Output_buffer. + The size must be: +
    • For PKCS #1 v2.1: Modulus size > OutputSize >= + (modulus size - 2*HashLen - 2).
      • +
    • For PKCS #1 v1.5: Modulus size > OutputSize >= (modulus size - 11). + The value pointed by OutputSize_ptr is updated after decryption with + the actual number of bytes that are loaded to Output_ptr.
    */ + CRYS_PKCS1_version PKCS1_ver /*!< [in] [PKCS1_1.5] or [PKCS1_2.1], according to the functionality required. */ +); + +/**********************************************************************************************************/ +/** + @brief + CRYS_RSA_OAEP_Decrypt implements the RSAES-OAEP algorithm + as defined in PKCS#1 v2.1 8.1. + + \note It is not recommended to use hash MD5 in OAEP PKCS1 ver 2.1, therefore + it is not supported. + + This function combines the RSA decryption primitive and the + EME-OAEP encoding method, to provide an RSA-based decryption + method that is semantically secure against adaptive + chosen-ciphertext attacks. For more details, please refer to + the PKCS#1 standard. + +*/ +#define CRYS_RSA_OAEP_Decrypt(UserPrivKey_ptr,PrimeData_ptr,HashMode,L,Llen,MGF,Data_ptr,DataSize,Output_ptr,OutputSize_ptr)\ + SaSi_RsaSchemesDecrypt(UserPrivKey_ptr,PrimeData_ptr,HashMode,L,Llen,MGF,Data_ptr,DataSize,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) + + +/** + @brief + CRYS_RSA_PKCS1v15_Decrypt implements the RSAES-PKCS1v15 algorithm as defined + in PKCS#1 v2.1 8.2. +*/ +#define CRYS_RSA_PKCS1v15_Decrypt(UserPrivKey_ptr,PrimeData_ptr,DataIn_ptr,DataInSize,Output_ptr,OutputSize_ptr)\ + SaSi_RsaSchemesDecrypt(UserPrivKey_ptr,PrimeData_ptr,CRYS_RSA_HASH_NO_HASH_mode,NULL,0,CRYS_PKCS1_NO_MGF,DataIn_ptr,DataInSize,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER15) + + +/**********************************************************************************************************/ +/*! +@brief Implements the Signing algorithm, as defined in [PKCS1_1.5] or [PKCS1_2.1], using a single function. + +The input data may be either a non-hashed data or a digest of a hash function. +For a non-hashed data, the input data will be hashed using the hash function indicated by ::CRYS_RSA_HASH_OpMode_t. +For a digest, ::CRYS_RSA_HASH_OpMode_t should indicate the hash function that the input data was created by, and it will not be hashed. + +@return CRYS_OK on success. +@return A non-zero value from crys_rsa_error.h, crys_rnd_error.h or crys_hash_error.h on failure. +*/ +CIMPORT_C CRYSError_t SaSi_RsaSign( + void *rndState_ptr, /*!< [in/out] Pointer to the RND state. */ + SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc, /*!< [in/out] Pointer to the RND Generate vector function pointer. */ + CRYS_RSAPrivUserContext_t *UserContext_ptr, /*!< [in] Pointer to a temporary context for internal use. */ + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, /*!< [in] Pointer to the private key data structure of the user. + The representation (pair or quintuple) and hence the algorithm (CRT or not CRT) + is determined by the Private Key build function - + ::CRYS_RSA_Build_PrivKey or ::CRYS_RSA_Build_PrivKeyCRT. */ + CRYS_RSA_HASH_OpMode_t rsaHashMode, /*!< [in] One of the supported SHA-x HASH modes, as defined in ::CRYS_RSA_HASH_OpMode_t. + (MD5 is not supported). */ + CRYS_PKCS1_MGF_t MGF, /*!< [in] The mask generation function. [PKCS1_2.1] defines only MGF1, so the only value + allowed for [PKCS1_2.1] is CRYS_PKCS1_MGF1. */ + uint16_t SaltLen, /*!< [in] The Length of the Salt buffer (relevant for PKCS#1 Ver 2.1 only, typically lengths is 0 or hash Len). + FIPS 186-4 requires, that SaltLen <= hash len. If SaltLen > KeySize - hash Len - 2, the function + returns an error. */ + uint8_t *DataIn_ptr, /*!< [in] Pointer to the input data to be signed. + The size of the scatter/gather list representing the data buffer is limited to 128 + entries, and the size of each entry is limited to 64KB (fragments larger than + 64KB are broken into fragments <= 64KB). */ + uint32_t DataInSize, /*!< [in] The size (in bytes) of the data to sign. */ + uint8_t *Output_ptr, /*!< [out] Pointer to the signature. The buffer must be at least PrivKey_ptr->N.len bytes + long (i.e. the modulus size in bytes). */ + uint16_t *OutputSize_ptr, /*!< [in/out] Pointer to the signature size value - the input value is the signature + buffer size allocated, the output value is the signature size used. + he buffer must be equal to PrivKey_ptr->N.len bytes long + (i.e. the modulus size in bytes). */ + CRYS_PKCS1_version PKCS1_ver /*!< [in] [PKCS1_1.5] or [PKCS1_2.1], according to the functionality required. */ +); + + +/*! +@brief CRYS_RSA_PKCS1v15_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5. + +This function combines the RSASP1 signature primitive and the EMSA-PKCS1v15 encoding method, to provide an RSA-based signature scheme. +For more details, please refer to the PKCS#1 standard. + */ + +#define CRYS_RSA_PKCS1v15_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,hashFunc,DataIn_ptr,DataInSize,Output_ptr,OutputSize_ptr)\ + SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),(hashFunc),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),(DataInSize),(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) + + +/*! +@brief CRYS_RSA_PKCS1v15_SHA1_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function - +it assumes that the data in has already been hashed using SHA-1. + +\note The data_in size is already known after the Hash. +*/ +#define CRYS_RSA_PKCS1v15_SHA1_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),(CRYS_RSA_After_SHA1_mode),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) + +/*! +@brief CRYS_RSA_PKCS1v15_MD5_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function - +it assumes that the data in has already been hashed using MD5. + +\note The data_in size is already known after the Hash. +*/ + +#define CRYS_RSA_PKCS1v15_MD5_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),CRYS_RSA_After_MD5_mode,CRYS_PKCS1_NO_MGF,0,(DataIn_ptr),CRYS_HASH_MD5_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) + + +/*! +@brief CRYS_RSA_PKCS1v15_SHA224_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function - +it assumes that the data in has already been hashed using SHA-224. + +\note The data_in size is already known after the Hash. +*/ +#define CRYS_RSA_PKCS1v15_SHA224_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),(CRYS_RSA_After_SHA224_mode),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) + + +/*! +@brief CRYS_RSA_PKCS1v15_SHA256_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function - +it assumes that the data in has already been hashed using SHA-256. + +\note The data_in size is already known after the Hash. +*/ +#define CRYS_RSA_PKCS1v15_SHA256_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),(CRYS_RSA_After_SHA256_mode),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) + +/*! +@brief CRYS_RSA_PKCS1v15_SHA1_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function - +it assumes that the data in has already been hashed using SHA-384. + +\note The data_in size is already known after the Hash. +*/ +#define CRYS_RSA_PKCS1v15_SHA384_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),(CRYS_RSA_After_SHA384_mode),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) + + +/*! +@brief CRYS_RSA_PKCS1v15_SHA512_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function - +it assumes that the data in has already been hashed using SHA-512. + +\note The data_in size is already known after the Hash. +*/ +#define CRYS_RSA_PKCS1v15_SHA512_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, (UserContext_ptr),(UserPrivKey_ptr),(CRYS_RSA_After_SHA512_mode),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) + + + +/*! +@brief CRYS_RSA_PSS_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1, in a single function call. + +\note According to the PKCS#1 ver2.1 it is not recommended to use MD5 Hash, therefore it is not supported. + +The actual macro that is used by the user is ::CRYS_RSA_PSS_Sign. +*/ + +#define CRYS_RSA_PSS_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,hashFunc,MGF,SaltLen,DataIn_ptr,DataInSize,Output_ptr,OutputSize_ptr)\ + SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,hashFunc,MGF,SaltLen,DataIn_ptr,DataInSize,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) + + +/*! +@brief CRYS_RSA_PSS_SHA1_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1 in a single function call, but without performing a HASH function - +it assumes that the data in has already been hashed using SHA-1. + +\note The data_in size is already known after the Hash. + +The actual macro that is used by the users is ::CRYS_RSA_PSS_SHA1_Sign. +*/ + +#define CRYS_RSA_PSS_SHA1_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,MGF,SaltLen,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,CRYS_RSA_After_SHA1_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) + + +/*! +@brief CRYS_RSA_PSS_SHA224_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1 in a single function call, but without performing a HASH function - +it assumes that the data in has already been hashed using SHA-224. + +\note The data_in size is already known after the Hash. + +The actual macro that is used by the users is ::CRYS_RSA_PSS_SHA224_Sign. +*/ + +#define CRYS_RSA_PSS_SHA224_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,MGF,SaltLen,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,CRYS_RSA_After_SHA224_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) + + +/*! +@brief CRYS_RSA_PSS_SHA256_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1 in a single function call, but without performing a HASH function - +it assumes that the data in has already been hashed using SHA-256. + +\note The data_in size is already known after the Hash. + +The actual macro that is used by the users is ::CRYS_RSA_PSS_SHA256_Sign. +*/ + +#define CRYS_RSA_PSS_SHA256_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,MGF,SaltLen,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,CRYS_RSA_After_SHA256_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) + + +/*! +@brief CRYS_RSA_PSS_SHA384_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1 in a single function call, but without performing a HASH function - +it assumes that the data in has already been hashed using SHA-384. + +\note The data_in size is already known after the Hash. + +The actual macro that is used by the users is ::CRYS_RSA_PSS_SHA384_Sign. +*/ + +#define CRYS_RSA_PSS_SHA384_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,MGF,SaltLen,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,CRYS_RSA_After_SHA384_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) + + +/*! +@brief CRYS_RSA_PSS_SHA512_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1 in a single function call, but without performing a HASH function - +it assumes that the data in has already been hashed using SHA-512. + +\note The data_in size is already known after the Hash. + +The actual macro that is used by the users is ::CRYS_RSA_PSS_SHA512_Sign. +*/ + +#define CRYS_RSA_PSS_SHA512_Sign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,MGF,SaltLen,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + SaSi_RsaSign(rndState_ptr, rndGenerateVectFunc, UserContext_ptr,UserPrivKey_ptr,CRYS_RSA_After_SHA512_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) + + +/**********************************************************************************************************/ +/*! +@brief Implements the RSA signature verification algorithms, in a single function call, as defined in referenced standards [PKCS1_1.5] +and [PKCS1_2.1]. + +The input data may be either a non-hashed data or a digest of a hash function. +For a non-hashed data, the input data will be hashed using the hash function indicated by ::CRYS_RSA_HASH_OpMode_t. +For a digest, ::CRYS_RSA_HASH_OpMode_t should indicate the hash function that the input data was created by, and it will not be hashed. + +@return CRYS_OK on success. +@return A non-zero value from crys_rsa_error.h or crys_hash_error.h on failure. +*/ + +CIMPORT_C CRYSError_t SaSi_RsaVerify( + CRYS_RSAPubUserContext_t *UserContext_ptr, /*!< [in] Pointer to a temporary context for internal use. */ + CRYS_RSAUserPubKey_t *UserPubKey_ptr, /*!< [in] Pointer to the public key data structure of the user. */ + CRYS_RSA_HASH_OpMode_t rsaHashMode, /*!< [in] One of the supported SHA-x HASH modes, as defined in ::CRYS_RSA_HASH_OpMode_t. + (MD5 is not supported). */ + CRYS_PKCS1_MGF_t MGF, /*!< [in] The mask generation function. [PKCS1_2.1] defines only MGF1, so the only + value allowed for [PKCS_2.1] is CRYS_PKCS1_MGF1. */ + uint16_t SaltLen, /*!< [in] The Length of the Salt buffer. Relevant only for [PKCS1_2.1]. + Typical lengths are 0 or hash Len (20 for SHA-1). + The maximum length allowed is [modulus size - hash Len - 2]. */ + uint8_t *DataIn_ptr, /*!< [in] Pointer to the input data to be verified. + The size of the scatter/gather list representing the data buffer is + limited to 128 entries, and the size of each entry is limited to 64KB + (fragments larger than 64KB are broken into fragments <= 64KB). */ + uint32_t DataInSize, /*!< [in] The size (in bytes) of the data whose signature is to be verified. */ + uint8_t *Sig_ptr, /*!< [in] Pointer to the signature to be verified. + The length of the signature is PubKey_ptr->N.len bytes + (i.e. the modulus size in bytes). */ + CRYS_PKCS1_version PKCS1_ver /*!< [in] [PKCS1_1.5] or [PKCS1_2.1], according to the functionality required. */ +); + +/*! +@brief CRYS_RSA_PKCS1v15_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5. +*/ +#define CRYS_RSA_PKCS1v15_Verify(UserContext_ptr,UserPubKey_ptr,hashFunc,DataIn_ptr,DataInSize,Sig_ptr)\ + SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,hashFunc,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,DataInSize,Sig_ptr,CRYS_PKCS1_VER15) + + +/*! +@brief CRYS_RSA_PKCS1v15_MD5_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function - +it assumes the DataIn_ptr data has already been hashed using MD5. +*/ +#define CRYS_RSA_PKCS1v15_MD5_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\ + SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_MD5_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_MD5_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15) + + +/*! +@brief CRYS_RSA_PKCS1v15_SHA1_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function - +it assumes that the DataIn_ptr data has already been hashed using SHA1. + +*/ +#define CRYS_RSA_PKCS1v15_SHA1_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\ + SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA1_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15) + +/*! +@brief CRYS_RSA_PKCS1v15_SHA224_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function - +it assumes that the DataIn_ptr data has already been hashed using SHA224. + +*/ +#define CRYS_RSA_PKCS1v15_SHA224_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\ + SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA224_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15) + +/*! +@brief CRYS_RSA_PKCS1v15_SHA256_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function - +it assumes that the DataIn_ptr data has already been hashed using SHA256. + +*/ +#define CRYS_RSA_PKCS1v15_SHA256_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\ + SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA256_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15) + +/*! +@brief CRYS_RSA_PKCS1v15_SHA384_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function - +it assumes that the DataIn_ptr data has already been hashed using SHA384. + +*/ +#define CRYS_RSA_PKCS1v15_SHA384_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\ + SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA384_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15) + +/*! +@brief CRYS_RSA_PKCS1v15_SHA512_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function - +it assumes that the DataIn_ptr data has already been hashed using SHA512. + +*/ +#define CRYS_RSA_PKCS1v15_SHA512_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\ + SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA512_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15) + +/*! +@brief CRYS_RSA_PSS_Verify implements the RSASSA-PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1. +*/ + +#define CRYS_RSA_PSS_Verify(UserContext_ptr,UserPubKey_ptr,hashFunc,MGF,SaltLen,DataIn_ptr,DataInSize,Sig_ptr)\ + SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,hashFunc,MGF,SaltLen,DataIn_ptr,DataInSize,Sig_ptr,CRYS_PKCS1_VER21) + + /*! +@brief CRYS_RSA_PSS_SHA1_Verify implements the PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1, but without operating the HASH function - +it assumes the DataIn_ptr has already been hashed using SHA1. + +*/ + +#define CRYS_RSA_PSS_SHA1_Verify(UserContext_ptr,UserPubKey_ptr,MGF,SaltLen,DataIn_ptr,Sig_ptr)\ + SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA1_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER21) + + +/*! +@brief CRYS_RSA_PSS_SHA224_Verify implements the PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1, but without operating the HASH function - +it assumes the DataIn_ptr has already been hashed using SHA224. +*/ + +#define CRYS_RSA_PSS_SHA224_Verify(UserContext_ptr,UserPubKey_ptr,MGF,SaltLen,DataIn_ptr,Sig_ptr)\ + SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA224_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER21) + +/*! +@brief CRYS_RSA_PSS_SHA256_Verify implements the PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1, but without operating the HASH function - +it assumes the DataIn_ptr has already been hashed using SHA256. + +*/ + +#define CRYS_RSA_PSS_SHA256_Verify(UserContext_ptr,UserPubKey_ptr,MGF,SaltLen,DataIn_ptr,Sig_ptr)\ + SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA256_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER21) + + +/*! +@brief CRYS_RSA_PSS_SHA384_Verify implements the PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1, but without operating the HASH function - +it assumes the DataIn_ptr has already been hashed using SHA384. + +*/ + +#define CRYS_RSA_PSS_SHA384_Verify(UserContext_ptr,UserPubKey_ptr,MGF,SaltLen,DataIn_ptr,Sig_ptr)\ + SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA384_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER21) + + +/*! +@brief CRYS_RSA_PSS_SHA512_Verify implements the PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1, but without operating the HASH function - +it assumes the DataIn_ptr has already been hashed using SHA512. +*/ + +#define CRYS_RSA_PSS_SHA512_Verify(UserContext_ptr,UserPubKey_ptr,MGF,SaltLen,DataIn_ptr,Sig_ptr)\ + SaSi_RsaVerify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA512_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER21) + +/**********************************************************************************************************/ + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rsa_types.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rsa_types.h new file mode 100644 index 00000000000..4a47c37dcfb --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_rsa_types.h @@ -0,0 +1,616 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +#ifndef CRYS_RSA_TYPES_H +#define CRYS_RSA_TYPES_H + +#include "crys_hash.h" +#include "crys_pka_defs_hw.h" +#include "ssi_pal_types.h" +#include "ssi_pal_compiler.h" + +#ifdef DX_SOFT_KEYGEN +#include "ccsw_crys_rsa_shared_types.h" +#endif + + +#ifdef __cplusplus +extern "C" +{ +#endif +/*! +@file +@brief This file contains all of the enums and definitions that are used for the CRYS RSA APIs. +@defgroup crys_rsa_types CryptoCell RSA used definitions and enums +@{ +@ingroup crys_rsa +*/ + +/************************ Defines ******************************/ + +/*! Definition of HASH context size. */ +#define CRYS_PKA_RSA_HASH_CTX_SIZE_IN_WORDS CRYS_HASH_USER_CTX_SIZE_IN_WORDS + +/*! Maximal key size in bytes. */ +#define CRYS_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BYTES (CRYS_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BITS / SASI_BITS_IN_BYTE) + +/*! Minimal key size in bits. */ +#define CRYS_RSA_MIN_VALID_KEY_SIZE_VALUE_IN_BITS 512 +/*! Valid key size multiplications in RSA. */ +#define CRYS_RSA_VALID_KEY_SIZE_MULTIPLE_VALUE_IN_BITS 256 + +/*! Maximal RSA generated key size in bits. */ +#define CRYS_RSA_MAX_KEY_GENERATION_SIZE_BITS CRYS_RSA_MAX_KEY_GENERATION_HW_SIZE_BITS + +/* FIPS 184-4 definitions for allowed RSA and FFC DH key sizes */ +/*! FIPS 184-4 allowed key size - 1024 bits. */ +#define CRYS_RSA_FIPS_KEY_SIZE_1024_BITS 1024 +/*! FIPS 184-4 allowed key size - 2048 bits. */ +#define CRYS_RSA_FIPS_KEY_SIZE_2048_BITS 2048 +/*! FIPS 184-4 allowed key size - 3072 bits. */ +#define CRYS_RSA_FIPS_KEY_SIZE_3072_BITS 3072 +/*! FIPS 184-4 allowed modulus size in bits. */ +#define CRYS_RSA_FIPS_MODULUS_SIZE_BITS CRYS_RSA_FIPS_KEY_SIZE_2048_BITS + +/*! FIPS 184-4 DH key size - 1024 bits. */ +#define CRYS_DH_FIPS_KEY_SIZE_1024_BITS 1024 +/*! FIPS 184-4 DH key size - 2048 bits. */ +#define CRYS_DH_FIPS_KEY_SIZE_2048_BITS 2048 + + +/*! Salt length definition - if the salt length is not available in verify operation, the user can use this define and the algorithm will + calculate the salt length alone*/ +/*!\note Security wise: it is not recommended to use this flag.*/ +#define CRYS_RSA_VERIFY_SALT_LENGTH_UNKNOWN 0xFFFF + +/*! Minimal public exponent value */ +#define CRYS_RSA_MIN_PUB_EXP_VALUE 3 +/*! Minimal private exponent value */ +#define CRYS_RSA_MIN_PRIV_EXP_VALUE 1 + +/* The maximum buffer size for the 'H' value */ +/*! Temporary buffer size definition.*/ +#define CRYS_RSA_TMP_BUFF_SIZE (CRYS_RSA_OAEP_ENCODE_MAX_MASKDB_SIZE + CRYS_RSA_OAEP_ENCODE_MAX_SEEDMASK_SIZE + CRYS_PKA_RSA_HASH_CTX_SIZE_IN_WORDS*sizeof(uint32_t) + sizeof(CRYS_HASH_Result_t)) + +/*! Hash structure definition.*/ +#define CRYS_PKCS1_HashFunc_t CRYS_HASH_OperationMode_t + +/*! OAEP maximal H length.*/ +#define CRYS_RSA_OAEP_MAX_HLEN CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES + +/*! MGF1 definitions */ +#define CRYS_RSA_MGF_2_POWER_32 65535 /*!< \internal 0xFFFF This is the 2^32 of the 2^32*hLen boundary check */ +/*! MGF1 definitions */ +#define CRYS_RSA_SIZE_OF_T_STRING_BYTES (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*sizeof(uint32_t)) + +/*********************************************************** + * + * RSA PKCS#1 v2.1 DEFINES + * + ***********************************************************/ +/*! Size of OEAP seed. */ +#define CRYS_RSA_OAEP_ENCODE_MAX_SEEDMASK_SIZE CRYS_RSA_OAEP_MAX_HLEN +/*! Maximal PSS salt size. */ +#define CRYS_RSA_PSS_SALT_LENGTH CRYS_RSA_OAEP_MAX_HLEN +/*! PSS padding length. */ +#define CRYS_RSA_PSS_PAD1_LEN 8 + +/*! OAEP encode mask size. */ +#define CRYS_RSA_OAEP_ENCODE_MAX_MASKDB_SIZE (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*sizeof(uint32_t)) /*!< \internal For OAEP Encode; the max size is emLen */ +/*! OAEP decode mask size. */ +#define CRYS_RSA_OAEP_DECODE_MAX_DBMASK_SIZE (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*sizeof(uint32_t)) /*!< \internal For OAEP Decode; the max size is emLen */ + +/************************ Enums ********************************/ + +/*! Defines the enum for the HASH operation mode. */ +typedef enum +{ + CRYS_RSA_HASH_MD5_mode = 0, /*!< For PKCS1 v1.5 only. The input data will be hashed with MD5 */ + CRYS_RSA_HASH_SHA1_mode = 1, /*!< The input data will be hashed with SHA1. */ + CRYS_RSA_HASH_SHA224_mode = 2, /*!< The input data will be hashed with SHA224. */ + CRYS_RSA_HASH_SHA256_mode = 3, /*!< The input data will be hashed with SHA256. */ + CRYS_RSA_HASH_SHA384_mode = 4, /*!< The input data will be hashed with SHA384. */ + CRYS_RSA_HASH_SHA512_mode = 5, /*!< The input data will be hashed with SHA512. */ + CRYS_RSA_After_MD5_mode = 6, /*!< For PKCS1 v1.5 only. The input data is a digest of MD5 and will not be hashed. */ + CRYS_RSA_After_SHA1_mode = 7, /*!< The input data is a digest of SHA1 and will not be hashed. */ + CRYS_RSA_After_SHA224_mode = 8, /*!< The input data is a digest of SHA224 and will not be hashed. */ + CRYS_RSA_After_SHA256_mode = 9, /*!< The input data is a digest of SHA256 and will not be hashed. */ + CRYS_RSA_After_SHA384_mode = 10, /*!< The input data is a digest of SHA384 and will not be hashed. */ + CRYS_RSA_After_SHA512_mode = 11, /*!< The input data is a digest of SHA512 and will not be hashed. */ + CRYS_RSA_After_HASH_NOT_KNOWN_mode = 12, /*!< \internal used only for PKCS#1 Ver 1.5 - possible to perform verify operation without hash mode input, + the hash mode is derived from the signature.*/ + CRYS_RSA_HASH_NO_HASH_mode = 13, /*!< Used for PKCS1 v1.5 Encrypt and Decrypt.*/ + CRYS_RSA_HASH_NumOfModes, /*!< Maximal number of hash operations modes. */ + + CRYS_RSA_HASH_OpModeLast = 0x7FFFFFFF, /*! Reserved.*/ + +}CRYS_RSA_HASH_OpMode_t; + + +/*! Defines the enum of the RSA decryption mode. */ +typedef enum +{ + CRYS_RSA_NoCrt = 10, /*!< Decryption no CRT mode.*/ + CRYS_RSA_Crt = 11, /*!< Decryption CRT mode.*/ + + CRYS_RSADecryptionNumOfOptions, /*! Reserved.*/ + + CRYS_RSA_DecryptionModeLast= 0x7FFFFFFF, /*! Reserved.*/ + +}CRYS_RSA_DecryptionMode_t; + +/*! RSA Key source definition. */ +typedef enum +{ + CRYS_RSA_ExternalKey = 1, /*!< External key.*/ + CRYS_RSA_InternalKey = 2, /*!< Internal key.*/ + + CRYS_RSA_KeySourceLast= 0x7FFFFFFF, /*!< Reserved. */ + +}CRYS_RSA_KeySource_t; + +/*! MGF values. */ +typedef enum +{ + CRYS_PKCS1_MGF1 = 0, /*! MGF1. */ + CRYS_PKCS1_NO_MGF = 1, /*! No MGF. */ + CRYS_RSA_NumOfMGFFunctions, /*! Maximal number of MGF options. */ + + CRYS_PKCS1_MGFLast= 0x7FFFFFFF, /*! Reserved.*/ + +}CRYS_PKCS1_MGF_t; + +/*! Defines the enum of the various PKCS1 versions. */ +typedef enum +{ + CRYS_PKCS1_VER15 = 0, /*! PKCS1 version 15. */ + CRYS_PKCS1_VER21 = 1, /*! PKCS1 version 21. */ + + CRYS_RSA_NumOf_PKCS1_versions, /*! Maximal number of PKCS versions. */ + + CRYS_PKCS1_versionLast= 0x7FFFFFFF, /*! Reserved.*/ + +}CRYS_PKCS1_version; + + +/*! Enum defining primality testing mode in Rabin-Miller + and Lucas-Lehmer tests (internal tests). */ +typedef enum +{ + /* P and Q primes */ + CRYS_RSA_PRIME_TEST_MODE = 0, /*!< PRIME test. */ + /* FFC (DH, DSA) primes */ + CRYS_DH_PRIME_TEST_MODE = 1, /*!< DH Prime test. */ + + CRYS_RSA_DH_PRIME_TEST_OFF_MODE /*!< Reserved.*/ + +}CRYS_RSA_DH_PrimeTestMode_t; + +/************************ Public and private key database Structs ******************************/ + +/* .................. The public key definitions ...................... */ +/* --------------------------------------------------------------------- */ + +/*! Public key data structure (used internally). */ +typedef struct +{ + /*! RSA modulus buffer. */ + uint32_t n[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + /*! RSA modulus size in bits. */ + uint32_t nSizeInBits; + + /*! RSA public exponent buffer. */ + uint32_t e[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + /*! RSA public exponent buffer. */ + uint32_t eSizeInBits; + + /*! Buffer for internal usage.*/ + uint32_t crysRSAIntBuff[CRYS_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS]; + +}CRYSRSAPubKey_t; + +/*! The public key's user structure prototype. This structure must be saved by the user, and is used as input to the RSA functions +(such as ::SaSi_RsaSchemesEncrypt etc.) */ +typedef struct CRYS_RSAUserPubKey_t +{ + /*! Validation tag. */ + uint32_t valid_tag; + /*! Public key data. */ + uint32_t PublicKeyDbBuff[ sizeof(CRYSRSAPubKey_t)/sizeof(uint32_t) + 1 ]; + + +}CRYS_RSAUserPubKey_t; + +/* .................. The private key definitions ...................... */ +/* --------------------------------------------------------------------- */ + +/*! Private key on non-CRT mode data structure (used internally). */ +typedef struct +{ + /*! RSA private exponent buffer. */ + uint32_t d[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + /*! RSA private exponent size in bits. */ + uint32_t dSizeInBits; + + /*! RSA public exponent buffer. */ + uint32_t e[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + /*! RSA public exponent size in bits. */ + uint32_t eSizeInBits; + +}CRYSRSAPrivNonCRTKey_t; + +/*! Private key on CRT mode data structure (used internally). */ +#ifndef CRYS_NO_RSA_SMALL_CRT_BUFFERS_SUPPORT +/* use small CRT buffers */ +typedef struct +{ + /*! First factor buffer. */ + uint32_t P[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS/2]; + /*! First factor size in bits. */ + uint32_t PSizeInBits; + + /*! Second factor buffer. */ + uint32_t Q[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS/2]; + /*! Second factor size in bits. */ + uint32_t QSizeInBits; + + /*! First CRT exponent buffer. */ + uint32_t dP[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS/2]; + /*! First CRT exponent size in bits. */ + uint32_t dPSizeInBits; + + /*! Second CRT exponent buffer. */ + uint32_t dQ[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS/2]; + /*! Second CRT exponent size in bits. */ + uint32_t dQSizeInBits; + + /*! First CRT coefficient buffer. */ + uint32_t qInv[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS/2]; + /*! First CRT coefficient size in bits. */ + uint32_t qInvSizeInBits; + +}CRYSRSAPrivCRTKey_t; + +/*! Size of CRYSRSAPrivCRTKey_t structure in words (used for temp buffers allocation). */ +#define CRYS_RSA_SIZE_IN_WORDS_OF_CRYSRSAPrivCRTKey_t (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*7/2 + 5) + +#else /* use large CRT buffers */ +typedef struct +{ + /* The first factor buffer and size in bits */ + uint32_t P[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + uint32_t PSizeInBits; + + /* The second factor buffer and its size in bits */ + uint32_t Q[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + uint32_t QSizeInBits; + + /* The first CRT exponent buffer and its size in bits */ + uint32_t dP[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + uint32_t dPSizeInBits; + + /* The second CRT exponent buffer and its size in bits */ + uint32_t dQ[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + uint32_t dQSizeInBits; + + /* The first CRT coefficient buffer and its size in bits */ + uint32_t qInv[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + uint32_t qInvSizeInBits; + +}CRYSRSAPrivCRTKey_t; + +/* size of CRYSRSAPrivCRTKey_t structure in words (used for temp buffers allocation) */ +#define CRYS_RSA_SIZE_IN_WORDS_OF_CRYSRSAPrivCRTKey_t (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*5 + 5) + +#endif + +/*! Private key data structure (used internally). */ +typedef struct +{ + /*! RSA modulus buffer. */ + uint32_t n[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + /*! RSA modulus size in bits. */ + uint32_t nSizeInBits; + + /*! Decryption operation mode. */ + CRYS_RSA_DecryptionMode_t OperationMode; + + /*! Key source ( internal or external ). */ + CRYS_RSA_KeySource_t KeySource; + + + /*! Union between the CRT and non-CRT data structures. */ + union + { + CRYSRSAPrivNonCRTKey_t NonCrt; /*!< Non CRT data structure. */ + CRYSRSAPrivCRTKey_t Crt; /*!< CRT data structure. */ + }PriveKeyDb; + + /*! Internal buffer. */ + uint32_t crysRSAPrivKeyIntBuff[CRYS_PKA_PRIV_KEY_BUFF_SIZE_IN_WORDS]; + +}CRYSRSAPrivKey_t; + +/*! The private key's user structure prototype. This structure must be saved by the user, and is used as input to the RSA functions +(such as ::SaSi_RsaSchemesDecrypt etc.). */ +typedef struct CRYS_RSAUserPrivKey_t +{ + /*! Validation tag.*/ + uint32_t valid_tag; + /*! Private key data. */ + uint32_t PrivateKeyDbBuff[ sizeof(CRYSRSAPrivKey_t)/sizeof(uint32_t) + 1 ] ; + +}CRYS_RSAUserPrivKey_t; + +/*! Temporary buffers for RSA usage. */ +typedef struct CRYS_RSAPrimeData_t +{ + /* The aligned input and output data buffers */ + uint32_t DataIn[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; /*!< Temporary buffer for data in.*/ + uint32_t DataOut[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; /*!< Temporary buffer for data out.*/ + /*! Temporary buffer for internal data.*/ + uint8_t InternalBuff[CRYS_RSA_TMP_BUFF_SIZE] SASI_PAL_COMPILER_ALIGN (4); + +}CRYS_RSAPrimeData_t; + +/*! KG data type. */ +typedef union CRYS_RSAKGData_t +{ + /*! RSA Key Generation buffers definitions. */ + struct + { + /* The aligned input and output data buffers */ + /*! First factor buffer. */ + uint32_t p[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS / 2]; + /*! Second factor buffer. */ + uint32_t q[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS / 2]; + union { + /*! Internal buffer. */ + uint32_t crysRSAKGDataIntBuff[CRYS_PKA_KGDATA_BUFF_SIZE_IN_WORDS]; + #ifdef DX_SOFT_KEYGEN + /* # added for compatibility with size of KGData SW type */ + uint32_t TempbuffExp[PKI_KEY_GEN_TEMP_BUFF_SIZE_WORDS]; + #endif + }kg_buf; + }KGData; + + /*! Buffers for internal usage. */ + union { + /*! Internally used buffer.*/ + struct { + CRYS_RSAPrimeData_t PrimData; + }primExt; + #ifdef DX_SOFT_KEYGEN + /* # added for compatibility with size of SW CRYSRSAPrivKey_t type */ + SW_Shared_CRYS_RSAPrimeData_t SW_Shared_PrimData; + #endif + }prim; +}CRYS_RSAKGData_t; + + /************* + * RSA contexts + **************/ +/************************ CRYS RSA struct for Private Key ******************************/ + +/*! Context definition for operations that use the RSA private key. */ +typedef struct +{ + + /*! Private key data. */ + CRYS_RSAUserPrivKey_t PrivUserKey; + + /*! RSA PKCS#1 Version 1.5 or 2.1 */ + uint8_t PKCS1_Version; + + /*! MGF to be used for the PKCS1 Ver 2.1 sign or verify operations. */ + uint8_t MGF_2use; + + /*! Salt random length for PKCS#1 PSS Ver 2.1*/ + uint16_t SaltLen; + + /*! Internal buffer. */ + CRYS_RSAPrimeData_t PrimeData; + + /*! HASH context buffer. */ + uint32_t CRYSPKAHashCtxBuff[CRYS_PKA_RSA_HASH_CTX_SIZE_IN_WORDS]; + /*! HASH result buffer. */ + CRYS_HASH_Result_t HASH_Result; + /*! HASH result size in words. */ + uint16_t HASH_Result_Size; /*in words*/ + /*! RSA HASH operation mode (all modes RSA supports).*/ + CRYS_RSA_HASH_OpMode_t RsaHashOperationMode; /*RSA HASH enum. */ + /*! HASH operation mode.*/ + CRYS_HASH_OperationMode_t HashOperationMode; /*CRYS HASH enum. */ + /*! HASH block size (in words).*/ + uint16_t HashBlockSize; /*in words*/ + /*! HASH flag. */ + bool doHash; + + /* Used for sensitive data manipulation in the context space, which is safer and which saves stack space */ + /*! Internal buffer.*/ + uint32_t EBD[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + /*! Internal bufffer used size in bits. */ + uint32_t EBDSizeInBits; + + /* Used for sensitive data manipulation in the context space, which is safer and which saves stack space */ + /*! Internal buffer.*/ + uint8_t T_Buf[CRYS_RSA_SIZE_OF_T_STRING_BYTES]; + /*! Internal buffer used size.*/ + uint16_t T_BufSize; + + /*! Buffer for the use of the Ber encoder in the case of PKCS#1 Ver 1.5. */ + uint32_t BER[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + /*! Ber encoder buffer size.*/ + uint16_t BERSize; + + /*! Internal buffer.*/ + uint8_t DummyBufAESBlockSize[16]; + +}RSAPrivContext_t; + +/*! The user's context prototype - the argument type that is passed by the user + to the RSA APIs. The context saves the state of the operation and must be saved by the user + till the end of the APIs flow . */ +typedef struct CRYS_RSAPrivUserContext_t +{ + /*! Validation tag. */ + uint32_t valid_tag; + /*! Internally used value.*/ + uint32_t AES_iv; + /*! Private data context buffer. */ + uint8_t context_buff[ sizeof(RSAPrivContext_t) + sizeof(uint32_t)] SASI_PAL_COMPILER_ALIGN (4); /* must be aligned to 4 */ + +}CRYS_RSAPrivUserContext_t; + + +/************************ CRYS RSA struct for Public Key ******************************/ + +/*! Context definition for operations that use the RSA public key. */ +typedef struct +{ + + /*! RSA public key structure. */ + CRYS_RSAUserPubKey_t PubUserKey; + + /*! Public key size in bytes */ + uint32_t nSizeInBytes; + + /*! RSA PKCS#1 Version 1.5 or 2.1 */ + uint8_t PKCS1_Version; + + /*! MGF to be used for the PKCS1 Ver 2.1 Sign or Verify operations */ + uint8_t MGF_2use; + + /*! Salt random length for PKCS#1 PSS Ver 2.1*/ + uint16_t SaltLen; + + /*! Internal buffer. */ + CRYS_RSAPrimeData_t PrimeData; + + /*! HASH context. */ + uint32_t CRYSPKAHashCtxBuff[CRYS_PKA_RSA_HASH_CTX_SIZE_IN_WORDS]; + /*! HASH result buffer. */ + CRYS_HASH_Result_t HASH_Result; + /*! HASH result size. */ + uint16_t HASH_Result_Size; /* denotes the length, in words, of the hash function output */ + /*! RSA HASH operation mode (all modes RSA supports). */ + CRYS_RSA_HASH_OpMode_t RsaHashOperationMode; /*RSA HASH enum. */ + /*! HASH operation mode. */ + CRYS_HASH_OperationMode_t HashOperationMode; /*CRYS HASH enum. */ + /*! HASH block size. */ + uint16_t HashBlockSize; /*in words*/ + /*! HASH flag.*/ + bool doHash; + + /* Used for sensitive data manipulation in the context space, which is safer and which saves stack space */ + /*! Internal buffer.*/ + uint32_t EBD[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + /*! Internal bufffer used size in bits. */ + uint32_t EBDSizeInBits; + + /* Used for sensitive data manipulation in the context space, which is safer and which saves stack space */ + /*! Internal buffer.*/ + uint8_t T_Buf[CRYS_RSA_SIZE_OF_T_STRING_BYTES]; + /*! Internal buffer used size.*/ + uint16_t T_BufSize; + + /*! Internal buffer.*/ + uint8_t DummyBufAESBlockSize[16]; + +}RSAPubContext_t; + +/*! Temporary buffers for the RSA usage. */ +typedef struct CRYS_RSAPubUserContext_t +{ + /*! Validation tag. */ + uint32_t valid_tag; + /*! Internally used value.*/ + uint32_t AES_iv; /* For the use of the AES CBC mode of Encryption and Decryption of the context in CCM */ + /*! Public data context buffer. */ + uint32_t context_buff[ sizeof(RSAPubContext_t)/sizeof(uint32_t) + 1] ; + +}CRYS_RSAPubUserContext_t; + + + +/*! Required for internal FIPS verification for RSA key generation. */ +typedef struct CRYS_RSAKGFipsContext_t{ + /*! Internal buffer. */ + CRYS_RSAPrimeData_t primData; + /*! Buffer used for decryption. */ + uint8_t decBuff[((CRYS_RSA_MIN_VALID_KEY_SIZE_VALUE_IN_BITS/SASI_BITS_IN_BYTE) - 2*(CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES) -2)]; + /*! Buffer used for encryption. */ + uint8_t encBuff[CRYS_RSA_FIPS_MODULUS_SIZE_BITS/SASI_BITS_IN_BYTE]; +}CRYS_RSAKGFipsContext_t; + +/*! Required for internal FIPS verification for RSA KAT. The RSA KAT tests defined for scheme 2.1 with modulus key size of 2048. */ +typedef struct CRYS_RSAFipsKatContext_t{ + /*! RSA user's key (either public or private).*/ + union { + /*! RSA user's public key. */ + CRYS_RSAUserPubKey_t userPubKey; // used for RsaEnc and RsaVerify + /*! RSA user's private key. */ + CRYS_RSAUserPrivKey_t userPrivKey; // used for RsaDec and RsaSign + }userKey; + /*! RSA user's context (either public or private).*/ + union { + /*! RSA user's private context. */ + CRYS_RSAPrivUserContext_t userPrivContext; // used for RsaSign + /*! RSA public user's context. */ + CRYS_RSAPubUserContext_t userPubContext; // used for RsaVerify + /*! Internal buffers. */ + CRYS_RSAPrimeData_t primData; // used for RsaEnc and RsaDec + }userContext; + /*! RSA user's data. */ + union { + struct { // used for RsaEnc and RsaDec + /*! Buffer for encrypted data. */ + uint8_t encBuff[CRYS_RSA_FIPS_MODULUS_SIZE_BITS/SASI_BITS_IN_BYTE]; + /*! Buffer for decrypted data. */ + uint8_t decBuff[((CRYS_RSA_FIPS_MODULUS_SIZE_BITS/SASI_BITS_IN_BYTE) - 2*(CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES) -2)]; + }userOaepData; + /*! Buffer for Signed data. */ + uint8_t signBuff[CRYS_RSA_FIPS_MODULUS_SIZE_BITS/SASI_BITS_IN_BYTE]; // used for RsaSign and RsaVerify + }userData; +}CRYS_RSAFipsKatContext_t; + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_srp.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_srp.h new file mode 100644 index 00000000000..20ca556e7ff --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_srp.h @@ -0,0 +1,375 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +/*! +@file +@brief This file contains all of the enums and definitions that are used for the + CRYS SRP APIs, as well as the APIs themselves. +@defgroup crys_srp CryptoCell SRP APIs +@{ +@ingroup cryptocell_api + +*/ +#ifndef CRYS_SRP_H +#define CRYS_SRP_H + + +#include "ssi_pal_types.h" +#include "crys_error.h" +#include "crys_pka_defs_hw.h" +#include "crys_hash.h" +#include "crys_rnd.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*!\internal The following describes the SRP APIs usage for the Device and the Accessory :* + + Device (User) Accessory (Host) +* -------------- ----------------- + + 1. CRYS_SRP_HK_INIT(CRYS_SRP_USER, .......) CRYS_SRP_HK_INIT(CRYS_SRP_HOST, .....) + + 2. CRYS_SRP_PwdVerCreate(..) + + 3. CRYS_SRP_UserPubKeyCreate(..) CRYS_SRP_HostPubKeyCreate(..) + + 4. CRYS_SRP_UserProofCalc(..) + + 5. CRYS_SRP_HostProofVerifyAndCalc(..) + + 6. CRYS_SRP_UserProofVerify(..) + + 7. CRYS_SRP_Clear(..) CRYS_SRP_Clear(..) + + */ + +/************************ Defines ******************************/ +/*! The SRP modulus sizes. */ +/*! 1024 bits modulus size. */ +#define CRYS_SRP_MODULUS_SIZE_1024_BITS 1024 +/*! 1536 bits modulus size. */ +#define CRYS_SRP_MODULUS_SIZE_1536_BITS 1536 +/*! 2048 bits modulus size. */ +#define CRYS_SRP_MODULUS_SIZE_2048_BITS 2048 +/*! 3072 bits modulus size. */ +#define CRYS_SRP_MODULUS_SIZE_3072_BITS 3072 + +/*! Maximal modulus size in bits. */ +#define CRYS_SRP_MAX_MODULUS_IN_BITS CRYS_SRP_MODULUS_SIZE_3072_BITS +/*! Maximal modulus size in bytes. */ +#define CRYS_SRP_MAX_MODULUS (CRYS_SRP_MAX_MODULUS_IN_BITS/SASI_BITS_IN_BYTE) +/*! Maximal modulus size in words. */ +#define CRYS_SRP_MAX_MODULUS_IN_WORDS (CRYS_SRP_MAX_MODULUS_IN_BITS/SASI_BITS_IN_32BIT_WORD) + +/*! The SRP private number size range. */ +/*! Minimal private number size in bits. */ +#define CRYS_SRP_PRIV_NUM_MIN_SIZE_IN_BITS (256) +/*! Minimal private number size in bytes. */ +#define CRYS_SRP_PRIV_NUM_MIN_SIZE (CRYS_SRP_PRIV_NUM_MIN_SIZE_IN_BITS/SASI_BITS_IN_BYTE) +/*! Minimal private number size in words. */ +#define CRYS_SRP_PRIV_NUM_MIN_SIZE_IN_WORDS (CRYS_SRP_PRIV_NUM_MIN_SIZE_IN_BITS/SASI_BITS_IN_32BIT_WORD) +/*! Maximal private number size in bits. */ +#define CRYS_SRP_PRIV_NUM_MAX_SIZE_IN_BITS (CRYS_SRP_MAX_MODULUS_IN_BITS) +/*! Maximal private number size in bytes. */ +#define CRYS_SRP_PRIV_NUM_MAX_SIZE (CRYS_SRP_PRIV_NUM_MAX_SIZE_IN_BITS/SASI_BITS_IN_BYTE) +/*! Maximal private number size in words. */ +#define CRYS_SRP_PRIV_NUM_MAX_SIZE_IN_WORDS (CRYS_SRP_PRIV_NUM_MAX_SIZE_IN_BITS/SASI_BITS_IN_32BIT_WORD) + +/*! Maximal SRP HASH digest size in words. */ +#define CRYS_SRP_MAX_DIGEST_IN_WORDS CRYS_HASH_RESULT_SIZE_IN_WORDS +/*! Maximal SRP HASH digest size in bytes. */ +#define CRYS_SRP_MAX_DIGEST (CRYS_SRP_MAX_DIGEST_IN_WORDS*SASI_32BIT_WORD_SIZE) + +/*! Minimal salt size in bytes. */ +#define CRYS_SRP_MIN_SALT_SIZE (8) +/*! Minimal salt size in words. */ +#define CRYS_SRP_MIN_SALT_SIZE_IN_WORDS (CRYS_SRP_MIN_SALT_SIZE/SASI_32BIT_WORD_SIZE) +/*! Maximal salt size in bytes. */ +#define CRYS_SRP_MAX_SALT_SIZE (64) +/*! Maximal salt size in words. */ +#define CRYS_SRP_MAX_SALT_SIZE_IN_WORDS (CRYS_SRP_MAX_SALT_SIZE/SASI_32BIT_WORD_SIZE) + +/************************ Typedefs ****************************/ +/*! SRP modulus buffer definition. */ +typedef uint8_t CRYS_SRP_Modulus_t[CRYS_SRP_MAX_MODULUS]; + +/*! SRP digest buffer definition. */ +typedef uint8_t CRYS_SRP_Digest_t[CRYS_SRP_MAX_DIGEST]; + +/*! SRP secret buffer definition. */ +typedef uint8_t CRYS_SRP_Secret_t[2*CRYS_SRP_MAX_DIGEST]; + +/************************ Enums ********************************/ + +/*! +SRP supported versions +*/ +typedef enum { + CRYS_SRP_VER_3 = 0, /*!< VER 3. */ + CRYS_SRP_VER_6 = 1, /*!< VER 6. */ + CRYS_SRP_VER_6A = 2, /*!< VER 6A. */ + CRYS_SRP_VER_HK = 3, /*!< VER 6A. */ + /*! Maximal number of supported versions.*/ + CRYS_SRP_NumOfVersions, + /*! Reserved.*/ + CRYS_SRP_VersionLast= 0x7FFFFFFF, + +}CRYS_SRP_Version_t; + +/*! +SRP entity type +*/ +typedef enum { + CRYS_SRP_HOST = 1, /*!< Host entity, called also server, verifier, or Accessory in Home-Kit */ + CRYS_SRP_USER = 2, /*!< User entity, called also client, or Device in Home-Kit */ + /*! Maximal number of entities types.*/ + CRYS_SRP_NumOfEntityType, + /*! Reserved.*/ + CRYS_SRP_EntityLast= 0x7FFFFFFF, + +}CRYS_SRP_Entity_t; + +/************************ Structs ******************************/ + +/*! Group parameters for the SRP - defines the modulus and the generator used */ +typedef struct CRYS_SRP_GroupParam_t { + /*! SRP modulus.*/ + CRYS_SRP_Modulus_t modulus; + /*! SRP generator.*/ + uint8_t gen; + /*! SRP modulus size in bits .*/ + size_t modSizeInBits; + /*! SRP valid Np.*/ + uint32_t validNp; + /*! SRP Np buffer.*/ + uint32_t Np[CRYS_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS]; +}CRYS_SRP_GroupParam_t; + +/************************ context Structs ******************************/ +/*! The SRP context prototype */ +typedef struct CRYS_SRP_Context_t { + /*! SRP entitiy type.*/ + CRYS_SRP_Entity_t srpType; + /*! SRP version.*/ + CRYS_SRP_Version_t srpVer; + /*! Group parameter including the modulus information.*/ + CRYS_SRP_GroupParam_t groupParam; // N, g, Np + /*! Hash mode.*/ + CRYS_HASH_OperationMode_t hashMode; + /*! Hash digest size.*/ + size_t hashDigestSize; + /*! Pointer to RND state.*/ + CRYS_RND_State_t *pRndState; + /*! Pointer to random vector generation function.*/ + SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc; + /*! Modulus.*/ + CRYS_SRP_Modulus_t ephemPriv; // a or b + /*! Modulus size.*/ + size_t ephemPrivSize; + /*! User name digest.*/ + CRYS_SRP_Digest_t userNameDigest; // M + /*! Cred digest.*/ + CRYS_SRP_Digest_t credDigest; // p + /*! SRP K multiplier. */ // + CRYS_SRP_Digest_t kMult; // k multiplier +}CRYS_SRP_Context_t; + + +/************************ SRP common Functions **********************/ +/****************************************************************************************************/ +/*! +@brief This function initiates the SRP context. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_srp_error.h or crys_hash_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_SRP_Init( + CRYS_SRP_Entity_t srpType, /*!< [in] SRP entity type. */ + CRYS_SRP_Version_t srpVer, /*!< [in] SRP version. */ + CRYS_SRP_Modulus_t srpModulus, /*!< [in] A pointer to the SRP modulus, BE byte buffer. */ + uint8_t srpGen, /*!< [in] The SRP generator param. */ + size_t modSizeInBits, /*!< [in] The SRP modulus size in bits:1024, 1536, 2048 & 3072 */ + CRYS_HASH_OperationMode_t hashMode, /*!< [in] Enumerator defining the HASH mode. */ + uint8_t *pUserName, /*!< [in] A Pointer to user name. */ + size_t userNameSize, /*!< [in] The user name buffer size > 0. */ + uint8_t *pPwd, /*!< [in] A Pointer to user password. */ + size_t pwdSize, /*!< [in] The user password buffer size > 0 if pPwd is valid. */ + void *pRndState, /*!< [in] A Pointer to RND context.*/ + SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc, /*!< [in] Pointer to random vector generation function.*/ + CRYS_SRP_Context_t *pCtx /*!< [out] A Pointer to the SRP host context.*/ +); + +/*! MACRO definition for a specific SRP initialization function.*/ +#define CRYS_SRP_HK_INIT(srpType, srpModulus, srpGen, modSizeInBits, pUserName, userNameSize, pPwd, pwdSize, pRndState, rndGenerateVectFunc, pCtx) \ + CRYS_SRP_Init(srpType, CRYS_SRP_VER_HK, srpModulus, srpGen, modSizeInBits, CRYS_HASH_SHA512_mode, pUserName, userNameSize, pPwd, pwdSize, pRndState, rndGenerateVectFunc, pCtx) + + +/****************************************************************************************************/ +/*! +@brief This function calculates pSalt & password verifier + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_srp_error.h, crys_rnd_error.h or crys_hash_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_SRP_PwdVerCreate( + size_t saltSize, /*!< [in] The size of the random salt to generate, + The range is between CRYS_SRP_MIN_SALT_SIZE + to CRYS_SRP_MAX_SALT_SIZE. */ + uint8_t *pSalt, /*!< [out] A Pointer to the pSalt number (s).*/ + CRYS_SRP_Modulus_t pwdVerifier, /*!< [out] A Pointer to the password verifier (v). */ + CRYS_SRP_Context_t *pCtx /*!< [out] A Pointer to the SRP context.*/ +); + + +/****************************************************************************************************/ +/*! +@brief Clears the SRP context. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_srp_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_SRP_Clear( + CRYS_SRP_Context_t *pCtx /*!< [in/out] A Pointer to the SRP context.*/ +); + + +/************************ SRP Host Functions **********************/ +/****************************************************************************************************/ +/*! +@brief This function generates host public & private ephemeral key, known as B & b in RFC + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_srp_error.h or crys_rnd_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_SRP_HostPubKeyCreate( + size_t ephemPrivSize, /*!< [in] The size of the generated ephemeral private key (b). + The range is between CRYS_SRP_PRIV_NUM_MIN_SIZE to + CRYS_SRP_PRIV_NUM_MAX_SIZE */ + CRYS_SRP_Modulus_t pwdVerifier, /*!< [in] A Pointer to the verifier (v). */ + CRYS_SRP_Modulus_t hostPubKeyB, /*!< [out] A Pointer to the host ephemeral public key (B). */ + CRYS_SRP_Context_t *pCtx /*!< [in/out] A Pointer to the SRP context.*/ +); + + +/*! +@brief Verifies the user Proof and calculates the Host message proof. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_srp_error.h or crys_hash_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_SRP_HostProofVerifyAndCalc( + size_t saltSize, /*!< [in] The size of the random salt, + The range is between CRYS_SRP_MIN_SALT_SIZE + to CRYS_SRP_MAX_SALT_SIZE. */ + uint8_t *pSalt, /*!< [in] A Pointer to the pSalt number.*/ + CRYS_SRP_Modulus_t pwdVerifier, /*!< [in] A Pointer to the password verifier (v). */ + CRYS_SRP_Modulus_t userPubKeyA, /*!< [in] A Pointer to the user ephemeral public key (A). */ + CRYS_SRP_Modulus_t hostPubKeyB, /*!< [in] A Pointer to the host ephemeral public key (B). */ + CRYS_SRP_Digest_t userProof, /*!< [in] A Pointer to the SRP user proof buffer (M1).*/ + CRYS_SRP_Digest_t hostProof, /*!< [out] A Pointer to the SRP host proof buffer (M2).*/ + CRYS_SRP_Secret_t sharedSecret, /*!< [out] A Pointer to the SRP shared secret (K).*/ + CRYS_SRP_Context_t *pCtx /*!< [in] A Pointer to the SRP context.*/ +); + + + +/************************ SRP User Functions **********************/ +/****************************************************************************************************/ +/*! +@brief This function generates user public & private ephemeral key, known as A & a in RFC + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_srp_error.h or crys_rnd_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_SRP_UserPubKeyCreate( + size_t ephemPrivSize, /*!< [in] The size of the generated ephemeral private key (a). + The range is between CRYS_SRP_PRIV_NUM_MIN_SIZE to + CRYS_SRP_PRIV_NUM_MAX_SIZE */ + CRYS_SRP_Modulus_t userPubKeyA, /*!< [out] A Pointer to the user ephemeral public key (A). */ + CRYS_SRP_Context_t *pCtx /*!< [in/out] A Pointer to the SRP context.*/ +); + + +/****************************************************************************************************/ +/*! +@brief This function calculates the user proof. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_srp_error.h or crys_hash_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_SRP_UserProofCalc( + size_t saltSize, /*!< [in] The size of the random salt, + The range is between CRYS_SRP_MIN_SALT_SIZE + to CRYS_SRP_MAX_SALT_SIZE. */ + uint8_t *pSalt, /*!< [in] A Pointer to the pSalt number.*/ + CRYS_SRP_Modulus_t userPubKeyA, /*!< [in] A Pointer to the user public ephmeral key (A).*/ + CRYS_SRP_Modulus_t hostPubKeyB, /*!< [in] A Pointer to the host public ephmeral key (B).*/ + CRYS_SRP_Digest_t userProof, /*!< [out] A Pointer to the SRP user proof buffer (M1).*/ + CRYS_SRP_Secret_t sharedSecret, /*!< [out] A Pointer to the SRP shared secret (K).*/ + CRYS_SRP_Context_t *pCtx /*!< [out] A Pointer to the SRP context.*/ +); + +/****************************************************************************************************/ +/*! +@brief This function verifies the host proof + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_srp_error.h or crys_hash_error.h. +*/ +CIMPORT_C CRYSError_t CRYS_SRP_UserProofVerify( + CRYS_SRP_Secret_t sharedSecret, /*!< [in] A Pointer to the SRP shared secret (K).*/ + CRYS_SRP_Modulus_t userPubKeyA, /*!< [in] A Pointer to the user public ephmeral key (A).*/ + CRYS_SRP_Digest_t userProof, /*!< [in] A Pointer to the SRP user proof buffer (M1).*/ + CRYS_SRP_Digest_t hostProof, /*!< [in] A Pointer to the SRP host proof buffer (M2).*/ + CRYS_SRP_Context_t *pCtx /*!< [out] A Pointer to the SRP user context.*/ +); + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif /* #ifndef CRYS_SRP_H */ + + + + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_srp_error.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_srp_error.h new file mode 100644 index 00000000000..a710746d0fb --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/crys_srp_error.h @@ -0,0 +1,91 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +#ifndef CRYS_SRP_ERROR_H +#define CRYS_SRP_ERROR_H + + +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief This module contains the definitions of the CRYS SRP errors. +@defgroup crys_srp_error CryptoCell SRP specific errors +@{ +@ingroup crys_srp +*/ + + + +/************************ Defines ******************************/ + +/*! The CRYS SRP module errors base address - 0x00F02600. */ +/*! Illegal parameter. */ +#define CRYS_SRP_PARAM_INVALID_ERROR (CRYS_SRP_MODULE_ERROR_BASE + 0x01UL) +/*! Illegal modulus size . */ +#define CRYS_SRP_MOD_SIZE_INVALID_ERROR (CRYS_SRP_MODULE_ERROR_BASE + 0x02UL) +/*! Illegal state (uninitialized) . */ +#define CRYS_SRP_STATE_UNINITIALIZED_ERROR (CRYS_SRP_MODULE_ERROR_BASE + 0x03UL) +/*! Result validation error. */ +#define CRYS_SRP_RESULT_ERROR (CRYS_SRP_MODULE_ERROR_BASE + 0x04UL) +/*! Invalid parameter. */ +#define CRYS_SRP_PARAM_ERROR (CRYS_SRP_MODULE_ERROR_BASE + 0x05UL) +/*! Internal PKI error */ +#define CRYS_SRP_PKI_INTERNAL_ERROR (CRYS_SRP_MODULE_ERROR_BASE + 0x06UL) + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Structs *****************************/ + +/************************ Public Variables *********************/ + +/************************ Public Functions *********************/ + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/driver_defs.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/driver_defs.h new file mode 100644 index 00000000000..bc49e7e75c3 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/driver_defs.h @@ -0,0 +1,354 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef _DRIVER_DEFS_H_ +#define _DRIVER_DEFS_H_ + +#ifdef __KERNEL__ +#include +#define INT32_MAX 0x7FFFFFFFL +#else +#include +#endif + +#ifndef min +#define min(a, b) ((a) < (b) ? (a) : (b)) +#endif + +/****************************************************************************** +* TYPE DEFINITIONS +******************************************************************************/ +typedef uint32_t drvError_t; + +typedef enum aesMode { + CIPHER_NULL_MODE = -1, + CIPHER_ECB = 0, + CIPHER_CBC = 1, + CIPHER_CTR = 2, + CIPHER_CBC_MAC = 3, + CIPHER_CMAC = 7, + CIPHER_RESERVE32B = INT32_MAX +}aesMode_t; + +typedef enum hashMode { + HASH_NULL_MODE = -1, + HASH_SHA1 = 0, + HASH_SHA256 = 1, + HASH_SHA224 = 2, + HASH_SHA512 = 3, + HASH_SHA384 = 4, + HASH_RESERVE32B = INT32_MAX +}hashMode_t; + +typedef enum DataBlockType { + FIRST_BLOCK, + MIDDLE_BLOCK, + LAST_BLOCK, + RESERVE32B_BLOCK = INT32_MAX +}DataBlockType_t; + +typedef enum dataAddrType { + SRAM_ADDR = 0, + DLLI_ADDR = 1, + ADDR_RESERVE32B = INT32_MAX +}dataAddrType_t; + +typedef enum cryptoDirection { + CRYPTO_DIRECTION_ENCRYPT = 0, + CRYPTO_DIRECTION_DECRYPT = 1, + + CRYPTO_DIRECTION_NUM_OF_ENC_MODES, + CRYPTO_DIRECTION_RESERVE32B = INT32_MAX +}cryptoDirection_t; + +typedef enum cryptoKeyType { + RKEK_KEY = 0, + USER_KEY = 1, + PROVISIONING_KEY = 2, + SESSION_KEY = 3, + END_OF_KEYS = INT32_MAX, +}cryptoKeyType_t; + +typedef enum cryptoPaddingType { + CRYPTO_PADDING_NONE = 0, + CRYPTO_PADDING_PKCS7 = 1, + CRYPTO_PADDING_RESERVE32B = INT32_MAX +}cryptoPaddingType_t; + +typedef enum chachaNonceSize { + NONCE_SIZE_64 = 0, + NONCE_SIZE_96 = 1, + NONCE_SIZE_RESERVE32B = INT32_MAX +}chachaNonceSize_t; + +/* The IOT drviers base address */ +#define DRV_MODULE_ERROR_BASE 0x00F00000 +#define AES_DRV_MODULE_ERROR_BASE (DRV_MODULE_ERROR_BASE + 0x10000UL) +#define HASH_DRV_MODULE_ERROR_BASE (DRV_MODULE_ERROR_BASE + 0x20000UL) +#define HMAC_DRV_MODULE_ERROR_BASE (DRV_MODULE_ERROR_BASE + 0x30000UL) +#define BYPASS_DRV_MODULE_ERROR_BASE (DRV_MODULE_ERROR_BASE + 0x40000UL) +#define CHACHA_DRV_MODULE_ERROR_BASE (DRV_MODULE_ERROR_BASE + 0x50000UL) + + +/****************************************************************************** +* AES DEFINITIONS +******************************************************************************/ + +#define AES_BLOCK_SIZE 16 +#define AES_BLOCK_SIZE_WORDS (AES_BLOCK_SIZE >> 2) +#define AES_IV_SIZE 16 +#define AES_IV_SIZE_WORDS (AES_IV_SIZE >> 2) +#define AES_128_BIT_KEY_SIZE 16 +#define AES_128_BIT_KEY_SIZE_WORDS (AES_128_BIT_KEY_SIZE >> 2) + + +#define ENABLE_AES_CLOCK 0x1UL +#define DISABLE_AES_CLOCK 0x0UL + +#define CONFIG_DIN_AES_DOUT_VAL 0x1UL + +/* The CRYS AES module errors */ +#define AES_DRV_OK 0 +#define AES_DRV_INVALID_USER_CONTEXT_POINTER_ERROR (AES_DRV_MODULE_ERROR_BASE + 0x00UL) +#define AES_DRV_ILLEGAL_OPERATION_MODE_ERROR (AES_DRV_MODULE_ERROR_BASE + 0x01UL) +#define AES_DRV_ILLEGAL_OPERATION_DIRECTION_ERROR (AES_DRV_MODULE_ERROR_BASE + 0x02UL) +#define AES_DRV_ILLEGAL_INPUT_ADDR_MEM_ERROR (AES_DRV_MODULE_ERROR_BASE + 0x03UL) +#define AES_DRV_ILLEGAL_OUTPUT_ADDR_MEM_ERROR (AES_DRV_MODULE_ERROR_BASE + 0x04UL) +#define AES_DRV_ILLEGAL_MEM_SIZE_ERROR (AES_DRV_MODULE_ERROR_BASE + 0x05UL) + + +/****************************************************************************** +* HASH & HMAC DEFINITIONS +******************************************************************************/ + +/************************ Typedefs ****************************/ +typedef drvError_t (*llf_hash_init_operation_func)(void *); +typedef drvError_t (*llf_hash_update_operation_func)(void *, uint32_t inputDataAddr, uint32_t dataInSize); +typedef drvError_t (*llf_hash_finish_operation_func)(void *); + + +/* The SHA-1 digest result size */ +#define SHA1_DIGEST_SIZE_IN_WORDS 5 +#define SHA1_DIGEST_SIZE_IN_BYTES (SHA1_DIGEST_SIZE_IN_WORDS * sizeof(uint32_t)) + +/* The SHA-256 digest result size*/ +#define SHA224_DIGEST_SIZE_IN_WORDS 7 +#define SHA224_DIGEST_SIZE_IN_BYTES (SHA224_DIGEST_SIZE_IN_WORDS * sizeof(uint32_t)) + +/* The SHA-256 digest result size */ +#define SHA256_DIGEST_SIZE_IN_WORDS 8 +#define SHA256_DIGEST_SIZE_IN_BYTES (SHA256_DIGEST_SIZE_IN_WORDS * sizeof(uint32_t)) + +/* The SHA-384 digest result size*/ +#define SHA384_DIGEST_SIZE_IN_WORDS 12 +#define SHA384_DIGEST_SIZE_IN_BYTES (SHA384_DIGEST_SIZE_IN_WORDS * sizeof(uint32_t)) + +/* The SHA-512 digest result size in bytes */ +#define SHA512_DIGEST_SIZE_IN_WORDS 16 +#define SHA512_DIGEST_SIZE_IN_BYTES (SHA512_DIGEST_SIZE_IN_WORDS * sizeof(uint32_t)) + + +#define MAX_DIGEST_SIZE_WORDS SHA512_DIGEST_SIZE_IN_WORDS + +/* Hash driver registers configurations */ +#define ENABLE_HASH_CLOCK 0x1UL +#define DISABLE_HASH_CLOCK 0x0UL + +#define HW_HASH_CTL_SHA1_VAL 0x0001UL +#define HW_HASH_CTL_SHA256_VAL 0x0002UL +#define HW_HASH_LE_MODE_VAL 0x0001UL +#define HW_HASH_PAD_EN_VAL 0x1UL + +/* The SHA1 hash block size in words */ +#define HASH_BLOCK_SIZE_IN_WORDS 16 +#define HASH_BLOCK_SIZE_IN_BYTES (HASH_BLOCK_SIZE_IN_WORDS * sizeof(uint32_t)) + +/* The SHA2 hash block size in words */ +#define HASH_SHA512_BLOCK_SIZE_IN_WORDS 32 +#define HASH_SHA512_BLOCK_SIZE_IN_BYTES (HASH_SHA512_BLOCK_SIZE_IN_WORDS * sizeof(uint32_t)) + +#define CONFIG_HASH_MODE_VAL 0x7UL + +/* the MAC key IPAD and OPAD bytes */ +#define MAC_KEY_IPAD_BYTE 0x36 +#define MAC_KEY_OPAD_BYTE 0x5C + +#define HMAC_CONTEXT_VALIDATION_TAG 0x23456789 + +/* The CRYS HASH module errors */ +#define HASH_DRV_OK 0 +#define HASH_DRV_INVALID_USER_CONTEXT_POINTER_ERROR (HASH_DRV_MODULE_ERROR_BASE + 0x00UL) +#define HASH_DRV_ILLEGAL_OPERATION_MODE_ERROR (HASH_DRV_MODULE_ERROR_BASE + 0x01UL) +#define HASH_DRV_USER_CONTEXT_CORRUPTED_ERROR (HASH_DRV_MODULE_ERROR_BASE + 0x02UL) + +/* The CRYS HMAC module errors */ +#define HMAC_DRV_OK 0 +#define HMAC_DRV_INVALID_USER_CONTEXT_POINTER_ERROR (HMAC_DRV_MODULE_ERROR_BASE + 0x00UL) + + +/* SHA512 soft driver */ + +/* The first padding byte */ +#define LLF_HASH_FIRST_PADDING_BYTE 0x80 +/* The size at the end of the padding for SHA384 and SHA512 */ +#define LLF_HASH_SHA2_COUNTER_SIZE_ON_END_OF_PADDING_IN_BYTES (4 * sizeof(uint32_t)) +#define LLF_HASH_SHA2_COUNTER_SIZE_ON_END_OF_PADDING_IN_WORDS 4 + +/* the HASH user context validity TAG */ +#define HASH_CONTEXT_VALIDATION_TAG 0x12345678 + +/****************************************************************************** +* BYPASS DEFINITIONS +******************************************************************************/ + +#define CONFIG_DIN_BYPASS_DOUT_VAL 0 + +/* The CRYS BYPASS module errors */ +#define BYPASS_DRV_OK 0 +#define BYPASS_DRV_ILLEGAL_BLOCK_SIZE_ERROR (BYPASS_DRV_MODULE_ERROR_BASE + 0x01UL) +#define BYPASS_DRV_ILLEGAL_INPUT_ADDR_MEM_ERROR (BYPASS_DRV_MODULE_ERROR_BASE + 0x02UL) +#define BYPASS_DRV_ILLEGAL_OUTPUT_ADDR_MEM_ERROR (BYPASS_DRV_MODULE_ERROR_BASE + 0x03UL) + +/****************************************************************************** +* CHACHA DEFINITIONS +******************************************************************************/ + +#define CHACHA_BLOCK_SIZE_BYTES 64 +#define CHACHA_BLOCK_SIZE_WORDS (CHACHA_BLOCK_SIZE_BYTES >> 2) +#define CHACHA_NONCE_64_SIZE_BYTES 8 +#define CHACHA_NONCE_64_SIZE_WORDS (CHACHA_NONCE_64_SIZE_BYTES >> 2) +#define CHACHA_NONCE_96_SIZE_BYTES 12 +#define CHACHA_NONCE_96_SIZE_WORDS (CHACHA_NONCE_96_SIZE_BYTES >> 2) +#define CHACHA_256_BIT_KEY_SIZE 32 +#define CHACHA_256_BIT_KEY_SIZE_WORDS (CHACHA_256_BIT_KEY_SIZE >> 2) + +#define ENABLE_CHACHA_CLOCK 0x1UL +#define DISABLE_CHACHA_CLOCK 0x0UL + +#define CONFIG_DIN_CHACHA_DOUT_VAL 0x10UL + +/* The CRYS CHACHA module errors */ +#define CHACHA_DRV_OK 0 +#define CHACHA_DRV_INVALID_USER_CONTEXT_POINTER_ERROR (CHACHA_DRV_MODULE_ERROR_BASE + 0x00UL) +#define CHACHA_DRV_ILLEGAL_OPERATION_DIRECTION_ERROR (CHACHA_DRV_MODULE_ERROR_BASE + 0x01UL) +#define CHACHA_DRV_ILLEGAL_INPUT_ADDR_MEM_ERROR (CHACHA_DRV_MODULE_ERROR_BASE + 0x02UL) +#define CHACHA_DRV_ILLEGAL_OUTPUT_ADDR_MEM_ERROR (CHACHA_DRV_MODULE_ERROR_BASE + 0x03UL) +#define CHACHA_DRV_ILLEGAL_MEM_SIZE_ERROR (CHACHA_DRV_MODULE_ERROR_BASE + 0x04UL) +#define CHACHA_DRV_ILLEGAL_NONCE_SIZE_ERROR (CHACHA_DRV_MODULE_ERROR_BASE + 0x05UL) + + +/****************************************************************************** +* MACROS +******************************************************************************/ +/* This MACRO purpose is to switch from CryptoCell definitions to crypto driver definitions, the MACRO assumes that the value is legal (encrypt or decrypt only) */ +#define SASI_2_DRIVER_DIRECTION(ssiDirection) ((ssiDirection == SASI_AES_ENCRYPT) ? (CRYPTO_DIRECTION_ENCRYPT) : (CRYPTO_DIRECTION_DECRYPT)) + +/* Poll on the DOUT MEM DMA (DLLI) busy till it is = 0 */ +#define SASI_HAL_WAIT_ON_DOUT_MEM_DMA_BUSY()\ + do {\ + uint32_t regVal=1;\ + do {\ + regVal = SASI_HAL_READ_REGISTER( SASI_REG_OFFSET(HOST_RGF, DOUT_MEM_DMA_BUSY));\ + }while( regVal ); \ + }while(0) + +/* Poll on the DIN MEM DMA (DLLI) busy till it is = 0 */ +#define SASI_HAL_WAIT_ON_DIN_MEM_DMA_BUSY()\ + do {\ + uint32_t regVal=1;\ + do {\ + regVal = SASI_HAL_READ_REGISTER( SASI_REG_OFFSET(HOST_RGF, DIN_MEM_DMA_BUSY));\ + }while( regVal );\ + }while(0) + +/* Poll on the DOUT SRAM DMA busy till it is = 0 */ +#define SASI_HAL_WAIT_ON_DOUT_SRAM_DMA_BUSY()\ + do {\ + uint32_t regVal=1; \ + do {\ + regVal = SASI_HAL_READ_REGISTER( SASI_REG_OFFSET(HOST_RGF, DOUT_SRAM_DMA_BUSY));\ + }while( regVal );\ + }while(0) + +/* Poll on the DIN SRAM busy till it is = 0 */ +#define SASI_HAL_WAIT_ON_DIN_SRAM_DMA_BUSY()\ + do {\ + uint32_t regVal=1;\ + do {\ + regVal = SASI_HAL_READ_REGISTER( SASI_REG_OFFSET(HOST_RGF, DIN_SRAM_DMA_BUSY));\ + }while( regVal );\ + }while(0) + + +/* Poll on the AES busy till it is = 0 */ +#define SASI_HAL_WAIT_ON_AES_BUSY()\ + do {\ + uint32_t regVal=1;\ + do {\ + regVal = SASI_HAL_READ_REGISTER( SASI_REG_OFFSET(HOST_RGF, AES_BUSY));\ + }while( regVal );\ + }while(0) + +/* Poll on the HASH busy till it is = 0 */ +#define SASI_HAL_WAIT_ON_HASH_BUSY()\ + do {\ + uint32_t regVal=1;\ + do {\ + regVal = SASI_HAL_READ_REGISTER( SASI_REG_OFFSET(HOST_RGF, HASH_BUSY));\ + }while( regVal );\ + }while(0) + +/* Poll on the CHACHA busy till it is = 0 */ +#define SASI_HAL_WAIT_ON_CHACHA_BUSY() \ + do { \ + uint32_t regVal=1; \ + do { \ + regVal = SASI_HAL_READ_REGISTER( SASI_REG_OFFSET(HOST_RGF, CHACHA_BUSY)); \ + }while( regVal ); \ + }while(0) + +/* Poll on the crypto busy till it is = 0 */ +#define SASI_HAL_WAIT_ON_CRYPTO_BUSY()\ + do {\ + uint32_t regVal=1;\ + do {\ + regVal = SASI_HAL_READ_REGISTER( SASI_REG_OFFSET(HOST_RGF, CRYPTO_BUSY));\ + }while( regVal );\ + }while(0) + + +#endif /* _DRIVER_DEFS_H_ */ + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/sns_silib.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/sns_silib.h new file mode 100644 index 00000000000..6a1502afbdc --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/sns_silib.h @@ -0,0 +1,113 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +/*! +@file +@brief This file contains all of the enums and definitions that are used for the + CryptoCell Lib init and finish APIs, as well as the APIs themselves. +@defgroup sns_silib CryptoCell library basic APIs +@{ +@ingroup cryptocell_api + +*/ + +#ifndef __SNS_SILIB_H__ +#define __SNS_SILIB_H__ + +#include "ssi_pal_types.h" +#include "crys_rnd.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! Definitions for error returns from SaSi_LibInit or SaSi_LibFini functions. */ +typedef enum { + SA_SILIB_RET_OK = 0, /*!< Success defintion.*/ + SA_SILIB_RET_EINVAL_CTX_PTR, /*!< Illegal context pointer.*/ + SA_SILIB_RET_EINVAL_WORK_BUF_PTR, /*!< Illegal work buffer pointer.*/ + SA_SILIB_RET_HAL, /*!< Error returned from HAL layer.*/ + SA_SILIB_RET_PAL, /*!< Error returned from PAL layer.*/ + SA_SILIB_RET_RND_INST_ERR, /*!< RND instantiation faied.*/ + SA_SILIB_RET_EINVAL_HW_VERSION, /*!< Invalid HW version. */ + SA_SILIB_RET_EINVAL_HW_SIGNATURE, /*!< Invalid HW signature. */ + SA_SILIB_RESERVE32B = 0x7FFFFFFFL /*!< Reserved.*/ +} SA_SilibRetCode_t; + + +/*! Internal defintion for the product register. */ +#define DX_VERSION_PRODUCT_BIT_SHIFT 0x18UL +/*! Internal defintion for the product register size. */ +#define DX_VERSION_PRODUCT_BIT_SIZE 0x8UL + + + +/*! +@brief This function Perform global initialization of the ARM CryptoCell 3xx runtime library; +it must be called once per ARM CryptoCell for 3xx cold boot cycle. +Among other initializations, this function calls CRYS_RND_Instantiation and CRYS_RND_SetGenerateVectorFunc +to initialize the TRNG and the primary RND context. An initialized RND context is required for calling RND +APIs and asymmetric cryptography key generation and signatures. The primary context returned by this +function can be used as a single global context for all RND needs. Alternatively, other contexts may +be initialized and used with a more limited scope (for specific applications or specific threads). +\note The Mutexes, if used, are initialized by this API. Therefore, unlike the other APIs in the library, +this API is not thread-safe. +@return SA_SILIB_RET_OK on success. +@return A non-zero value in case of failure. +*/ +SA_SilibRetCode_t SaSi_LibInit(void *rnd_ctx, /*!< [in/out] Pointer to the RND state buffer, + allocated by the user. + This state must be saved and provided as parameter to any API that + uses the RND module.*/ + CRYS_RND_WorkBuff_t *rndWorkBuff_ptr /*!< [in] Scratchpad for the RND module's work. */); + +/*! +@brief This function finalize the library operations. It frees the associated resources (mutexes) and call hal and pal terminate functions. +the function also call CRYS_RND_UnInstantiation to clean the rnd state. +@return SA_SILIB_RET_OK on success. +@return A non-zero value in case of failure. +*/ +SA_SilibRetCode_t SaSi_LibFini(void *rnd_ctx /*!< [in/out] Pointer to the RND state buffer that was + initialized in SaSi_LibInit.*/); + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif /*__DX_CCLIB_H__*/ + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_aes.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_aes.h new file mode 100644 index 00000000000..ccd50abb539 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_aes.h @@ -0,0 +1,325 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +/*! @file +@brief This file contains all of the enums and definitions that are used for the +CryptoCell AES APIs, as well as the APIs themselves. +@defgroup ssi_aes CryptoCell AES APIs +@{ +@ingroup cryptocell_api +*/ + +#ifndef SSI_AES_H +#define SSI_AES_H + +#include "ssi_pal_types.h" +#include "ssi_aes_error.h" +#include "ssi_aes_defs.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + +/************************ Defines ******************************/ + + +/************************ Enums ********************************/ + +/*! +Encrypt or Decrypt operation mode. +*/ +typedef enum { + /*! Encrypt operation. */ + SASI_AES_ENCRYPT = 0, + /*! Decrypt operation. */ + SASI_AES_DECRYPT = 1, + /*! Maximal number of operations. */ + SASI_AES_NUM_OF_ENCRYPT_MODES, + /*! Reserved. */ + SASI_AES_ENCRYPT_MODE_LAST = 0x7FFFFFFF +}SaSiAesEncryptMode_t; + +/*! +AES operation mode. +*/ +typedef enum { + SASI_AES_MODE_ECB = 0, /*!< ECB mode. */ + SASI_AES_MODE_CBC = 1, /*!< CBC mode. */ + SASI_AES_MODE_CBC_MAC = 2, /*!< CBC-MAC mode. */ + SASI_AES_MODE_CTR = 3, /*!< CTR mode. */ + SASI_AES_MODE_XCBC_MAC = 4, /*!< XCBC-MAC mode. */ + SASI_AES_MODE_CMAC = 5, /*!< CMAC mode. */ + SASI_AES_MODE_XTS = 6, /*!< XTS mode. */ + SASI_AES_MODE_CBC_CTS = 7, /*!< CBC-CTS mode. */ + SASI_AES_MODE_OFB = 8, /*!< OFB mode. */ + + /*! Maximal number of AES modes */ + SASI_AES_NUM_OF_OPERATION_MODES, + /*! Reserved. */ + SASI_AES_OPERATION_MODE_LAST = 0x7FFFFFFF +}SaSiAesOperationMode_t; + +/*! +AES padding type. +*/ +typedef enum { + SASI_AES_PADDING_NONE = 0, /*!< No padding. */ + SASI_AES_PADDING_PKCS7 = 1, /*!< PKCS7 padding. */ + + /*! Maximal number of AES padding modes */ + SASI_AES_NUM_OF_PADDING_TYPES, + /*! Reserved. */ + SASI_AES_PADDING_TYPE_LAST = 0x7FFFFFFF +}SaSiAesPaddingType_t; + +/*! +AES key type. +*/ +typedef enum { + SASI_AES_USER_KEY = 0, /*!< user key. */ + SASI_AES_PLATFORM_KEY = 1, /*!< Kplt hardware key. */ + SASI_AES_CUSTOMER_KEY = 2, /*!< Kcst hardware key. */ + + /*! Maximal number of AES key types */ + SASI_AES_NUM_OF_KEY_TYPES, + /*! Reserved. */ + SASI_AES_KEY_TYPE_LAST = 0x7FFFFFFF +}SaSiAesKeyType_t; + +/************************ Typedefs ****************************/ + +/*! Defines the IV buffer - 16 bytes array. */ +typedef uint8_t SaSiAesIv_t[SASI_AES_IV_SIZE_IN_BYTES]; + +/*! Defines the AES key data buffer. */ +typedef uint8_t SaSiAesKeyBuffer_t[SASI_AES_KEY_MAX_SIZE_IN_BYTES]; + +/************************ Structs ******************************/ + +/*! The user's context prototype - the argument type that is passed by the user + to the AES APIs. The context saves the state of the operation and must be saved by the user + till the end of the APIs flow*/ +typedef struct SaSiAesUserContext_t { + /*! Context buffer for internal usage. */ + uint32_t buff[SASI_AES_USER_CTX_SIZE_IN_WORDS]; +}SaSiAesUserContext_t; + + +/*! AES User Key Data. */ +typedef struct SaSiAesUserKeyData_t { + uint8_t * pKey; /*!< Pointer to the key. */ + size_t keySize; /*!< The key size in bytes. Valid values: +
    • For XTS mode - 32 or 64 byte, indicating the full size of the double key (2x128 or 2x256 bit).
      • +
    • For XCBC-MAC mode - 16 byte (limited by the standard).
      • +
    • For all other modes - 16, 24 or 32 byte.
    */ +}SaSiAesUserKeyData_t; + +/*! AES HW Key Data - this structure is likely to be changed when we'll start using it. */ +typedef struct SaSiAesHwKeyData_t { + size_t slotNumber; /*!< Slot number. */ +}SaSiAesHwKeyData_t; + + +/************************ Functions *****************************/ + +/*! +@brief This function is used to initialize an AES operation context. + To operate the AES machine, this must be the first API called. + +@return SASI_OK on success, +@return A non-zero value from ssi_aes_error.h on failure. +*/ +CIMPORT_C SaSiError_t SaSi_AesInit( + SaSiAesUserContext_t * pContext, /*!< [in] Pointer to the AES context buffer that is allocated by the caller and initialized by this API. + Should be used in all subsequent calls that are part of the same operation. */ + SaSiAesEncryptMode_t encryptDecryptFlag, /*!< [in] A flag specifying whether an AES Encrypt (SASI_AES_Encrypt) or Decrypt (SASI_AES_Decrypt) operation should be performed. + Must be set to CRYS_AES_Encrypt in CBC-MAC, XCBC-MAC and CMAC modes. */ + SaSiAesOperationMode_t operationMode, /*!< [in] The operation cipher/mode. */ + SaSiAesPaddingType_t paddingType /*!< [in] The padding type for AES operation: +
    • NONE - supported for all operation modes.
      • +
    • PKCS7 - supported for ECB, CBC, CBC-MAC operation modes.
    */ +); + + +/*! +@brief This function sets the key information for the AES operation, in the context that was initialized by SaSi_AesInit. +\note When FIPS certification mode is set to ON, and the mode is AES-XTS, weak keys are not allowed (128/256 lsb bits must be +different than 128/256 msb bits, according to the key size). +@return SASI_OK on success, +@return A non-zero value from ssi_aes_error.h on failure. +*/ +CIMPORT_C SaSiError_t SaSi_AesSetKey( + SaSiAesUserContext_t * pContext, /*!< [in] Pointer to the AES context, after it was initialized by SaSi_AesInit. */ + SaSiAesKeyType_t keyType, /*!< [in] The type of key to be used for the AES operation. + Currently only SASI_AES_USER_KEY is supported - the key is plaintext and provided in the pKeyData parameter. */ + void * pKeyData, /*!< [in] Pointer to the key data structure (to be casted to the relevant struct type). */ + size_t keyDataSize /*!< [in] The size of data passed in pKeyData in bytes. */ +); + + +/*! +@brief This function sets the IV, counter or tweak data for the following AES operation on the same context. + The context must be first initialized by SaSi_AesInit. + It must be called at least once prior to the first SaSi_AesBlock operation on the same context - for those ciphers that require it. + If needed, it can also be called to override the IV in the middle of a sequence of SaSi_AesBlock operations. + +@return SASI_OK on success, +@return A non-zero value from ssi_aes_error.h on failure. +*/ +CIMPORT_C SaSiError_t SaSi_AesSetIv( + SaSiAesUserContext_t * pContext, /*!< [in] Pointer to the AES context. */ + SaSiAesIv_t pIV /*!< [in] Pointer to the buffer of the IV, counter or tweak. +
    • For CBC, CBC-CTS, OFB and CBC-MAC modes - the IV value.
      • +
    • For CTR mode - the counter.
      • +
    • For XTS mode - the tweak value.
      • +
    • For all other modes - N/A.
    */ +); + + +/*! +@brief This function retrieves the current IV, counter or tweak from the AES context. + +@return SASI_OK on success, +@return A non-zero value from ssi_aes_error.h on failure. +*/ +CIMPORT_C SaSiError_t SaSi_AesGetIv( + SaSiAesUserContext_t * pContext, /*!< [in] Pointer to the AES context. */ + SaSiAesIv_t pIV /*!< [out] Pointer to the buffer of the IV, counter or tweak. +
    • For CBC, CBC-CTS, OFB and CBC-MAC modes - the IV value.
      • +
    • For CTR mode - the counter.
      • +
    • For XTS mode - the tweak value.
      • +
    • For all other modes - N/A.
    */ +); + + +/*! +@brief This function performs an AES operation on an input data buffer, according to the configuration defined in the context parameter. + It can be called as many times as needed, until all the input data is processed. + SaSi_AesInit, SaSi_AesSetKey, and for some ciphers SaSi_AesSetIv, must be called before + the first call to this API with the same context. + +@return SASI_OK on success, +@return A non-zero value from ssi_aes_error.h on failure. +*/ +CIMPORT_C SaSiError_t SaSi_AesBlock( + SaSiAesUserContext_t * pContext, /*!< [in] Pointer to the AES context. */ + uint8_t * pDataIn, /*!< [in] Pointer to the buffer of the input data to the AES. The pointer does not need to be aligned. + For TZ, the size of the scatter/gather list representing the data buffer is limited to 128 entries, + and the size of each entry is limited to 64KB (fragments larger than 64KB are broken into fragments <= 64KB). + For ARM CryptoCell 3xx, The buffer must be contiguous and limited to 64KB. */ + size_t dataInSize, /*!< [in] Size of the input data in bytes. +
    • For all modes except XTS, must be multiple of 16 bytes.
      • +
    • For XTS mode, only the following data sizes are supported: 64, 512, 520, 521, 1024 and 4096 bytes. + The data passed in a single SaSi_AesBlock call is considered to be a single XTS unit. + All subsequent calls to this API with the same context must use the same data size.
    */ + uint8_t * pDataOut /*!< [out] Pointer to the output buffer. The pointer does not need to be aligned. + For CBC-MAC, XCBC-MAC, CMAC modes it may be NULL. + For TZ, the size of the scatter/gather list representing the data buffer is limited to 128 entries, + and the size of each entry is limited to 64KB (fragments larger than 64KB are broken into fragments <= 64KB). + For ARM CryptoCell 3xx, The buffer must be contiguous and limited to 64KB. */ +); + + +/*! +@brief This function is used to finish AES operation. + + It processes the last data block if needed, finalizes the AES operation (cipher-specific), + and produces operation results (for MAC operations). + \note In case AES padding is used (PKCS#7) Din and Dout user's buffers must include extra space for + the padding scheme. + +@return SASI_OK on success, +@return A non-zero value from ssi_aes_error.h on failure. +*/ +CIMPORT_C SaSiError_t SaSi_AesFinish( + SaSiAesUserContext_t * pContext, /*!< [in] Pointer to the AES context. */ + size_t dataSize, /*!< [in] The size of the input data in bytes. +
    • For CBC-CTS mode, must be > 16. Can be <=16 only if this is the only data (no previous calls were + made to SaSi_AesBlock with the same context).
      • +
    • For XTS mode, the data size must conform to the dataInSize rules as listed for XTS under the + SaSi_AesBlock API, and match the data size passed in the previous calls to SaSi_AesBlock with the + same context.
      • +
    • For all other modes, zero is a valid size.
      • +
    • For ECB, CBC, CBC-MAC modes:
      • +
      • Must be >= 0, if direction is SASI_AES_ENCRYPT and padding type is SASI_AES_PADDING_PKCS7.
        • +
      • Must be >= 16 and a multiple of 16 bytes, if direction is SASI_AES_DECRYPT and padding type + is SASI_AES_PADDING_PKCS7.
        • +
      • Must be a multiple of 16 bytes, otherwise.
    */ + uint8_t * pDataIn, /*!< [in] Pointer of the input data buffer. + For TZ, the size of the scatter/gather list representing the data buffer is limited to 128 entries, + and the size of each entry is limited to 64KB (fragments larger than 64KB are broken into fragments <= 64KB). + For ARM CryptoCell 3xx, The buffer must be contiguous and limited to 64KB. */ + size_t dataInBuffSize, /*!< [in] Size of pDataIn buffer in bytes. +
    • Must be >= dataSize.
      • +
    • According to padding type, must be >= dataSize + padding. For PKCS7, padding size is + maximum SASI_AES_BLOCK_SIZE_IN_BYTES.
    */ + uint8_t * pDataOut, /*!< [out] Pointer to the output buffer. + For TZ, the size of the scatter/gather list representing the data buffer is limited to 128 entries, + and the size of each entry is limited to 64KB (fragments larger than 64KB are broken into fragments <= 64KB). + For ARM CryptoCell 3xx, The buffer must be contiguous and limited to 64KB. */ + size_t * dataOutBuffSize /*!< [in,out] In - Size of pDataOut buffer in bytes. + The output buffer size must be no less than: +
    • For CBC-MAC, XCBC-MAC, CMAC modes - 16 bytes (for MAC result).
      • +
    • For non-MAC modes - dataInBuffSize.
    + Out - The size in bytes of the actual output data: +
    • If direction is SASI_AES_ENCRYPT and padding type is SASI_AES_PADDING_PKCS7, it is the actual size + with the padding.
      • +
    • If direction is SASI_AES_DECRYPT and padding type is SASI_AES_PADDING_PKCS7, it is the size without + the padding.
      • +
    • For CBC-MAC, XCBC-MAC, CMAC modes - always 16 bytes.
    */ +); + + +/*! +@brief This function releases and crears resources after AES operations. + +@return SASI_OK on success, +@return A non-zero value from ssi_aes_error.h on failure. +*/ +CIMPORT_C SaSiError_t SaSi_AesFree( + SaSiAesUserContext_t * pContext /*!< [in] Pointer to the AES context. */ +); + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif /* #ifndef SSI_AES_H */ + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_aes_defs.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_aes_defs.h new file mode 100644 index 00000000000..02789d068cb --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_aes_defs.h @@ -0,0 +1,83 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +/*! +@file +@brief This file contains definitions that are used for the ARM CryptoCell 3xx version of the CryptoCell AES APIs. +@defgroup ssi_aes_defs CryptoCell AES definitions +@{ +@ingroup ssi_aes + +*/ + +#ifndef SSI_AES_DEFS_H +#define SSI_AES_DEFS_H + +#include "ssi_pal_types.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + +/************************ Defines ******************************/ + +/*! The size of the user's context prototype (see ::SaSiAesUserContext_t) in words. */ +#define SASI_AES_USER_CTX_SIZE_IN_WORDS (4+4+7+4) + +/*! The AES block size in words. */ +#define SASI_AES_BLOCK_SIZE_IN_WORDS 4 +/*! The AES block size in bytes. */ +#define SASI_AES_BLOCK_SIZE_IN_BYTES (SASI_AES_BLOCK_SIZE_IN_WORDS * sizeof(uint32_t)) + +/*! The size of the IV buffer in words. */ +#define SASI_AES_IV_SIZE_IN_WORDS SASI_AES_BLOCK_SIZE_IN_WORDS +/*! The size of the IV buffer in bytes. */ +#define SASI_AES_IV_SIZE_IN_BYTES (SASI_AES_IV_SIZE_IN_WORDS * sizeof(uint32_t)) + +/*! The maximum size of the AES KEY in words. */ +#define SASI_AES_KEY_MAX_SIZE_IN_WORDS 4 +/*! The maximum size of the AES KEY in bytes. */ +#define SASI_AES_KEY_MAX_SIZE_IN_BYTES (SASI_AES_KEY_MAX_SIZE_IN_WORDS * sizeof(uint32_t)) + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif /* #ifndef SSI_AES_DEFS_H */ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_aes_error.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_aes_error.h new file mode 100644 index 00000000000..4ad49e60908 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_aes_error.h @@ -0,0 +1,133 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +/*! +@file +@brief This file contains the definitions of the CryptoCell AES errors. +@defgroup ssi_aes_error CryptoCell AES specific errors +@{ +@ingroup ssi_aes +*/ + +#ifndef SSI_AES_ERROR_H +#define SSI_AES_ERROR_H + +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/************************ Defines ******************************/ + +/* generic errors */ +/*! General fatal error. */ +#define SASI_FATAL_ERROR CRYS_FATAL_ERROR +/*! General out of resources error. */ +#define SASI_OUT_OF_RESOURCE_ERROR CRYS_OUT_OF_RESOURCE_ERROR +/*! General Illegal resource value error. */ +#define SASI_ILLEGAL_RESOURCE_VAL_ERROR CRYS_ILLEGAL_RESOURCE_VAL_ERROR + +/*! CRYS_AES_MODULE_ERROR_BASE - 0x00F00000. */ +/*! Illegal user context. */ +#define SASI_AES_INVALID_USER_CONTEXT_POINTER_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x00UL) +/*! Illegal IV or tweak pointer. */ +#define SASI_AES_INVALID_IV_OR_TWEAK_PTR_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x01UL) +/*! Illegal operation. */ +#define SASI_AES_ILLEGAL_OPERATION_MODE_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x02UL) +/*! Illegal key size. */ +#define SASI_AES_ILLEGAL_KEY_SIZE_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x03UL) +/*! Illegal key pointer. */ +#define SASI_AES_INVALID_KEY_POINTER_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x04UL) +/*! Unsupported key type. */ +#define SASI_AES_KEY_TYPE_NOT_SUPPORTED_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x05UL) +/*! Illegal operation. */ +#define SASI_AES_INVALID_ENCRYPT_MODE_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x06UL) +/*! User context corrupted. */ +#define SASI_AES_USER_CONTEXT_CORRUPTED_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x07UL) +/*! Illegal data in pointer. */ +#define SASI_AES_DATA_IN_POINTER_INVALID_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x08UL) +/*! Illegal data out pointer. */ +#define SASI_AES_DATA_OUT_POINTER_INVALID_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x09UL) +/*! Illegal data in size. */ +#define SASI_AES_DATA_IN_SIZE_ILLEGAL (CRYS_AES_MODULE_ERROR_BASE + 0x0AUL) +/*! Illegal data out address. */ +#define SASI_AES_DATA_OUT_DATA_IN_OVERLAP_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x0BUL) +/*! Illegal data in buffer size. */ +#define SASI_AES_DATA_IN_BUFFER_SIZE_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x0CUL) +/*! Illegal data out buffer size. */ +#define SASI_AES_DATA_OUT_BUFFER_SIZE_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x0DUL) +/*! Illegal padding type. */ +#define SASI_AES_ILLEGAL_PADDING_TYPE_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x0EUL) +/*! Incorrect padding. */ +#define SASI_AES_INCORRECT_PADDING_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x0FUL) +/*! Output is corrupted. */ +#define SASI_AES_CORRUPTED_OUTPUT_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x10UL) +/*! Illegal output size. */ +#define SASI_AES_DATA_OUT_SIZE_POINTER_INVALID_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x11UL) +/*! Decryption operation is not permitted in this mode. */ +#define SASI_AES_DECRYPTION_NOT_ALLOWED_ON_THIS_MODE (CRYS_AES_MODULE_ERROR_BASE + 0x12UL) +/*! Additional block operation is not permitted. */ +#define SASI_AES_ADDITIONAL_BLOCK_NOT_PERMITTED_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x15UL) +/*! Illegal context size. */ +#define SASI_AES_CTX_SIZES_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x16UL) + +/*! Illegal parameters. */ +#define SASI_AES_ILLEGAL_PARAMS_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x60UL) +/*! Illegal CTR block offset. */ +#define SASI_AES_CTR_ILLEGAL_BLOCK_OFFSET_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x70UL) +/*! Illegal counter (in CTR mode). */ +#define SASI_AES_CTR_ILLEGAL_COUNTER_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x71UL) +/*! AES is not supported. */ +#define SASI_AES_IS_NOT_SUPPORTED (CRYS_AES_MODULE_ERROR_BASE + 0xFFUL) + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Structs *****************************/ + +/************************ Public Variables *********************/ + +/************************ Public Functions *********************/ + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif /* #ifndef SSI_AES_ERROR_H */ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_pal_compiler.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_pal_compiler.h new file mode 100644 index 00000000000..9481d633140 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_pal_compiler.h @@ -0,0 +1,188 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +#ifndef __SSI_PAL_COMPILER_H__ +#define __SSI_PAL_COMPILER_H__ + +/*! +@file +@brief This file contains compiler related definitions. +@defgroup ssi_pal_compiler CryptoCell PAL platform dependant compiler specific definitions +@{ +@ingroup ssi_pal + +*/ + +#ifdef __GNUC__ + +/************************ Defines ******************************/ + +/*! Associate a symbol with a link section. */ +#define SASI_PAL_COMPILER_SECTION(sectionName) __attribute__((section(sectionName))) + +/*! Mark symbol as used, i.e., prevent garbage collector from dropping it. */ +#define SASI_PAL_COMPILER_KEEP_SYMBOL __attribute__((used)) + +/*! Make given data item aligned (alignment in bytes). */ +#define SASI_PAL_COMPILER_ALIGN(alignement) __attribute__((aligned(alignement))) + +/*! Mark function that never returns. */ +#define SASI_PAL_COMPILER_FUNC_NEVER_RETURNS __attribute__((noreturn)) + +/*! Prevent function from being inlined */ +#define SASI_PAL_COMPILER_FUNC_DONT_INLINE __attribute__((noinline)) + +/*! Given data type may cast (alias) another data type pointer. */ +/* (this is used for "superclass" struct casting) */ +#define SASI_PAL_COMPILER_TYPE_MAY_ALIAS __attribute__((__may_alias__)) + +/*! Get sizeof for a structure type member. */ +#define SASI_PAL_COMPILER_SIZEOF_STRUCT_MEMBER(type_name, member_name) \ + sizeof(((type_name *)0)->member_name) + +/*! Assertion. */ +#define SASI_ASSERT_CONCAT_(a, b) a##b +#define SASI_ASSERT_CONCAT(a, b) SASI_ASSERT_CONCAT_(a, b) +#define SASI_PAL_COMPILER_ASSERT(cond, message) \ + enum { SASI_ASSERT_CONCAT(assert_line_, __LINE__) = 1/(!!(cond)) } + +#elif defined(__ARM_DSM__) || defined(__CC_ARM) +#define inline +/*! Associate a symbol with a link section. */ +#define SASI_PAL_COMPILER_SECTION(sectionName) __attribute__((section(sectionName))) + +/*! Mark symbol as used, i.e., prevent garbage collector from dropping it. */ +#define SASI_PAL_COMPILER_KEEP_SYMBOL __attribute__((used)) + +/*! Make given data item aligned (alignment in bytes). */ +#define SASI_PAL_COMPILER_ALIGN(alignement) __attribute__((aligned(alignement))) + +/*! Mark function that never returns. */ +#define SASI_PAL_COMPILER_FUNC_NEVER_RETURNS __attribute__((noreturn)) + +/*! Prevent function from being inlined. */ +#define SASI_PAL_COMPILER_FUNC_DONT_INLINE __attribute__((noinline)) + +/*! Given data type may cast (alias) another data type pointer. */ +/* (this is used for "superclass" struct casting) */ +#define SASI_PAL_COMPILER_TYPE_MAY_ALIAS __attribute__((__may_alias__)) + +/*! Get sizeof for a structure type member. */ +#define SASI_PAL_COMPILER_SIZEOF_STRUCT_MEMBER(type_name, member_name) \ + sizeof(((type_name *)0)->member_name) + +/*! Assertion. */ +#define SASI_ASSERT_CONCAT_(a, b) a##b +#define SASI_ASSERT_CONCAT(a, b) SASI_ASSERT_CONCAT_(a, b) +#define SASI_PAL_COMPILER_ASSERT(cond, message) \ + enum { SASI_ASSERT_CONCAT(assert_line_, __LINE__) = 1/(!!(cond)) } +#elif defined(__ARM_DS__) +#define inline +/*! Associate a symbol with a link section. */ +#define SASI_PAL_COMPILER_SECTION(sectionName) __attribute__((section(sectionName))) + +/*! Mark symbol as used, i.e., prevent garbage collector from dropping it. */ +#define SASI_PAL_COMPILER_KEEP_SYMBOL __attribute__((used)) + +/*! Make given data item aligned (alignment in bytes). */ +#define SASI_PAL_COMPILER_ALIGN(alignement) __attribute__((aligned(alignement))) + +/*! Mark function that never returns. */ +#define SASI_PAL_COMPILER_FUNC_NEVER_RETURNS __attribute__((noreturn)) + +/*! Prevent function from being inlined. */ +#define SASI_PAL_COMPILER_FUNC_DONT_INLINE __attribute__((noinline)) + +/*! Given data type may cast (alias) another data type pointer. */ +/* (this is used for "superclass" struct casting) */ +#define SASI_PAL_COMPILER_TYPE_MAY_ALIAS + +/*! Get sizeof for a structure type member. */ +#define SASI_PAL_COMPILER_SIZEOF_STRUCT_MEMBER(type_name, member_name) \ + sizeof(((type_name *)0)->member_name) + +/*! Assertion. */ +#define SASI_ASSERT_CONCAT_(a, b) a##b +#define SASI_ASSERT_CONCAT(a, b) SASI_ASSERT_CONCAT_(a, b) +#define SASI_PAL_COMPILER_ASSERT(cond, message) \ + enum { SASI_ASSERT_CONCAT(assert_line_, __LINE__) = 1/(!!(cond)) } +#elif defined(__ICCARM__) + +/************************ Defines ******************************/ + +/*! Associate a symbol with a link section. */ +#define SASI_PAL_COMPILER_SECTION(sectionName) __attribute__((section(sectionName))) + +/*! Mark symbol as used, i.e., prevent garbage collector from dropping it. */ +#define SASI_PAL_COMPILER_KEEP_SYMBOL __attribute__((used)) + + +#define STRING_PRAGMA(x) _Pragma(#x) +/*! Make given data item aligned (alignment in bytes). Not implemented */ +/* Used in crys_rsa_types.h. This is telling the compiler about buffer alignment. */ +/* IAR treats alignment a bit different. Nonetheless, this is used only for RSA, which was not ported yet. */ +#define SASI_PAL_COMPILER_ALIGN(n) + +/*! Mark function that never returns. Not implemented. */ +/* Not used anywhere, and probably located due to legacy reasons.*/ +#define SASI_PAL_COMPILER_FUNC_NEVER_RETURNS + +/* Prevent function from being inlined */ +#define SASI_PAL_COMPILER_FUNC_DONT_INLINE STRING_PRAGMA(optimize = no_inline) + +/*! Given data type may cast (alias) another data type pointer. */ +/* (this is used for "superclass" struct casting). Not implemented */ +/* Used in crys_rsa_local.h. for some compilers it translates to __may_alias__. */ +/* For IAR, there is probably no need for this attribute, as the typedef */ +/* is equivalent. Nonetheless, this is RSA code, which was not yet ported to Mbed TLS.*/ +#define SASI_PAL_COMPILER_TYPE_MAY_ALIAS + +/*! Get sizeof for a structure type member. */ +#define SASI_PAL_COMPILER_SIZEOF_STRUCT_MEMBER(type_name, member_name) \ + sizeof(((type_name *)0)->member_name) + +/*! Assertion. */ +#define SASI_ASSERT_CONCAT_(a, b) a##b +#define SASI_ASSERT_CONCAT(a, b) SASI_ASSERT_CONCAT_(a, b) + +#define SASI_PAL_COMPILER_ASSERT(cond, message) \ + enum { SASI_ASSERT_CONCAT(assert_line_, __LINE__) = 1/(!!(cond)) } +#else +#error Unsupported compiler. +#endif +/** +@} + */ +#endif /*__SSI_PAL_COMPILER_H__*/ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_pal_trng.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_pal_trng.h new file mode 100644 index 00000000000..029bb0aa1a5 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_pal_trng.h @@ -0,0 +1,66 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef _SSI_PAL_TRNG_H +#define _SSI_PAL_TRNG_H + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*---------------------------- + PUBLIC FUNCTIONS +-----------------------------------*/ + +/** + * @brief This function purpose is to get TRNG characterization parameters. + * + * + * @return Zero on success. + * @return A non-zero value on failure. + */ +SaSiError_t SaSi_PalTrngParameterGet(uint32_t *SubSamplingRatio /*!< [out] TRNG characterization parameters, array size = 4. */); + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_pal_types.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_pal_types.h new file mode 100644 index 00000000000..d2554881a17 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_pal_types.h @@ -0,0 +1,115 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +/*! +@file +@brief This file contains the platform dependent definitions and types. +@defgroup ssi_pal_types CryptoCell PAL platform dependant types +@{ +@ingroup ssi_pal +*/ + +#ifndef SSI_PAL_TYPES_H +#define SSI_PAL_TYPES_H + +#include "ssi_pal_types_plat.h" + +/*! Boolean definition.*/ +typedef enum { + /*! Boolean false definition.*/ + SASI_FALSE = 0, + /*! Boolean true definition.*/ + SASI_TRUE = 1 +} SaSiBool; + +/*! Success definition. */ +#define SASI_SUCCESS 0UL +/*! Failure definition. */ +#define SASI_FAIL 1UL + +/*! Defintion of 1KB in bytes. */ +#define SASI_1K_SIZE_IN_BYTES 1024 +/*! Defintion of number of bits in a byte. */ +#define SASI_BITS_IN_BYTE 8 +/*! Defintion of number of bits in a 32bits word. */ +#define SASI_BITS_IN_32BIT_WORD 32 +/*! Defintion of number of bytes in a 32bits word. */ +#define SASI_32BIT_WORD_SIZE (sizeof(uint32_t)) + +/*! Success (OK) defintion. */ +#define SASI_OK SASI_SUCCESS + +/*! Macro that handles unused parameters in the code (to avoid compilation warnings). */ +#define SASI_UNUSED_PARAM(prm) ((void)prm) + +/*! Maximal uint32 value.*/ +#define SASI_MAX_UINT32_VAL (0xFFFFFFFF) + + +/* Minimum and Maximum macros */ +#ifdef min +/*! Definition for minimum. */ +#define CRYS_MIN(a,b) min( a , b ) +#else +/*! Definition for minimum. */ +#define CRYS_MIN( a , b ) ( ( (a) < (b) ) ? (a) : (b) ) +#endif + +#ifdef max +/*! Definition for maximum. */ +#define CRYS_MAX(a,b) max( a , b ) +#else +/*! Definition for maximum. */ +#define CRYS_MAX( a , b ) ( ( (a) > (b) ) ? (a) : (b) ) +#endif + +/*! Macro that calculates number of full bytes from bits (i.e. 7 bits are 1 byte). */ +#define CALC_FULL_BYTES(numBits) (((numBits) + (SASI_BITS_IN_BYTE -1))/SASI_BITS_IN_BYTE) +/*! Macro that calculates number of full 32bits words from bits (i.e. 31 bits are 1 word). */ +#define CALC_FULL_32BIT_WORDS(numBits) (((numBits) + (SASI_BITS_IN_32BIT_WORD -1))/SASI_BITS_IN_32BIT_WORD) +/*! Macro that calculates number of full 32bits words from bytes (i.e. 3 bytes are 1 word). */ +#define CALC_32BIT_WORDS_FROM_BYTES(sizeBytes) (((sizeBytes) + SASI_32BIT_WORD_SIZE - 1) / SASI_32BIT_WORD_SIZE) +/*! Macro that round up bits to 32bits words. */ +#define ROUNDUP_BITS_TO_32BIT_WORD(numBits) (CALC_FULL_32BIT_WORDS(numBits)*SASI_BITS_IN_32BIT_WORD) +/*! Macro that round up bits to bytes. */ +#define ROUNDUP_BITS_TO_BYTES(numBits) (CALC_FULL_BYTES(numBits)*SASI_BITS_IN_BYTE) +/*! Macro that round up bytes to 32bits words. */ +#define ROUNDUP_BYTES_TO_32BIT_WORD(numBytes) (SASI_32BIT_WORD_SIZE*(((numBytes)+SASI_32BIT_WORD_SIZE-1)/SASI_32BIT_WORD_SIZE)) + + +/** +@} + */ +#endif diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_pal_types_plat.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_pal_types_plat.h new file mode 100644 index 00000000000..97a9130e645 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_pal_types_plat.h @@ -0,0 +1,57 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +/*! @file +@brief This file contains basic type definitions that are platform dependent. +*/ +#ifndef SSI_PAL_TYPES_PLAT_H +#define SSI_PAL_TYPES_PLAT_H +/* Host specific types for standard (ISO-C99) compilant platforms */ + +#include +#include +#include + +typedef uintptr_t SaSiVirtAddr_t; +typedef uint32_t SaSiBool_t; +typedef uint32_t SaSiStatus; + +#define SaSiError_t SaSiStatus +#define SASI_INFINITE 0xFFFFFFFF + +#define CEXPORT_C +#define CIMPORT_C + +#endif /*SSI_PAL_TYPES_PLAT_H*/ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_pka_hw_plat_defs.h b/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_pka_hw_plat_defs.h new file mode 100644 index 00000000000..c205919f5c4 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/include/ssi_pka_hw_plat_defs.h @@ -0,0 +1,77 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef PKA_HW_PLAT_DEFS_H +#define PKA_HW_PLAT_DEFS_H + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief Contains the enums and definitions that are used in the PKA code (definitions that are platform dependent). +@defgroup ssi_pka_hw_plat_defs CryptoCell PKA specific types and definitions +@{ +@ingroup cryptocell_pka + +*/ + +/*! Size of PKA engine word.*/ +#define SASI_PKA_WORD_SIZE_IN_BITS 64 +/*! Maximal supported modulus size in bits. */ +#define CRYS_SRP_MAX_MODULUS_SIZE_IN_BITS 3072 +/*! Maximal supported modulus size in RSA in bits. */ +#define CRYS_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BITS 2048 +/*! Maximal supported key generation size in RSA in bits. */ +#define CRYS_RSA_MAX_KEY_GENERATION_HW_SIZE_BITS 2048 + +/*! PKA operations maximal count of extra bits. */ +#define PKA_EXTRA_BITS 8 +/*! PKA operations number of memory registers. */ +#define PKA_MAX_COUNT_OF_PHYS_MEM_REGS 32 + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif //PKA_HW_PLAT_DEFS_H + + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/mbedtls_device.h b/features/cryptocell/FEATURE_CRYPTOCELL310/mbedtls_device.h new file mode 100644 index 00000000000..c612c14e577 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/mbedtls_device.h @@ -0,0 +1,34 @@ + /* + * mbedtls_device.h + * + * Copyright (C) 2018, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef __MBEDTLS_DEVICE__ +#define __MBEDTLS_DEVICE__ + +#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT +#define MBEDTLS_SHA1_ALT +#define MBEDTLS_SHA256_ALT +#define MBEDTLS_CCM_ALT +#define MBEDTLS_ECDSA_VERIFY_ALT +#define MBEDTLS_ECDSA_SIGN_ALT +#define MBEDTLS_ECDSA_GENKEY_ALT +#define MBEDTLS_ECDH_GEN_PUBLIC_ALT +#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT + +#endif //__MBEDTLS_DEVICE__ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/objects_cryptocell.h b/features/cryptocell/FEATURE_CRYPTOCELL310/objects_cryptocell.h new file mode 100644 index 00000000000..941ddf55589 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/objects_cryptocell.h @@ -0,0 +1,44 @@ + /* + * objects_cryptocell.h + * + * Copyright (C) 2017, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef MBED_OBJECTS_CRYPTOCELL_H +#define MBED_OBJECTS_CRYPTOCELL_H +#include "sns_silib.h" + +typedef struct trng_s +{ + /* parameters defining TRNG */ + CRYS_RND_mode_t TrngMode; + + /* allowed ring oscillator lengths: bits 0,1,2,3 */ + uint32_t RoscsAllowed; + + /* sampling interval: count of ring oscillator cycles between + consecutive bits sampling */ + uint32_t SubSamplingRatio; + + uint32_t SubSamplingRatio1; + uint32_t SubSamplingRatio2; + uint32_t SubSamplingRatio3; + uint32_t SubSamplingRatio4; + +}CRYS_RND_Params_t; + +#endif // MBED_OBJECTS_CRYPTOCELL_H diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/platform_alt.c b/features/cryptocell/FEATURE_CRYPTOCELL310/platform_alt.c new file mode 100644 index 00000000000..ed579901ada --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/platform_alt.c @@ -0,0 +1,57 @@ + /* + * platform_alt.c + * + * Copyright (C) 2018, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "mbedtls/platform.h" +#if defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) +#include "sns_silib.h" + +/* once https://github.com/ARMmbed/mbedtls/issues/1200 will be supported, + * rndState should be part of mbedtls_platform_context + * Until then, we should keep it global and extern */ + +CRYS_RND_State_t rndState = { { 0 } } ; +CRYS_RND_WorkBuff_t rndWorkBuff = { { 0 } } ; + + +int mbedtls_platform_setup( mbedtls_platform_context *ctx ) +{ + int ret = 0; + if( ctx == NULL ) + return ( -1 ); + + /* call platform specific code to setup CC driver*/ + if( ( ret = cc_platform_setup( &ctx->platform_impl_ctx ) ) != 0 ) + return ( ret ); + + if( SaSi_LibInit( &rndState, &rndWorkBuff ) != 0 ) + return ( -1 ); + return ( 0 ); +} + +void mbedtls_platform_teardown( mbedtls_platform_context *ctx ) +{ + if( ctx == NULL ) + return; + + SaSi_LibFini( &rndState ); + cc_platform_terminate( &ctx->platform_impl_ctx ); +} + +#endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT*/ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/platform_alt.h b/features/cryptocell/FEATURE_CRYPTOCELL310/platform_alt.h new file mode 100644 index 00000000000..8ed39ae15d2 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/platform_alt.h @@ -0,0 +1,69 @@ +/* + * platform_alt.h + * + * Copyright (C) 2018, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef __PLATFORM_ALT__ +#define __PLATFORM_ALT__ +#include "cc_platform.h" +#include "crys_rnd.h" + +/** + * \brief The platform context structure. + * + * \note This structure may be used to assist platform-specific + * setup or teardown operations. + */ +typedef struct { + cc_platform_ctx platform_impl_ctx; /** A context holding all the partner's platform specific context */ + /* + * Add CRYS_RND_State_t rndState; when https://github.com/ARMmbed/mbedtls/issues/1200 is supported + * */ +} +mbedtls_platform_context; + + +/** + * \brief This function performs any partner platform initialization operations, + * needed top enable CryptoCell. + * + * \param ctx The platform specific context. + * + * \return \c 0 on success. + * + * \note This function is intended to allow platform-specific initialization for CryptoCell, + * and is called before initializing the CC library(SaSi_LibInit). Its + * implementation is platform-specific, and its implementation MUST be provided. + * + */ +int cc_platform_setup( cc_platform_ctx *ctx ); + +/** + * \brief This function performs any partner platform teardown operations, to disable CryptoCell. + * + * \param ctx The platform specific context. + * + * \note This function is called after terminating CC library(SaSi_LibFini) + * and intended to free any resource used for CryptoCell by the platform. + * Its implementation is platform-specific,and its implementation MUST be provided. + * + */ +void cc_platform_terminate( cc_platform_ctx *ctx ); + +#endif /* __PLATFORM_ALT__ */ + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/sha1_alt.c b/features/cryptocell/FEATURE_CRYPTOCELL310/sha1_alt.c new file mode 100644 index 00000000000..10818ed18fc --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/sha1_alt.c @@ -0,0 +1,86 @@ +/* + * sha1_alt.c + * + * Copyright (C) 2018, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "mbedtls/sha1.h" +#if defined(MBEDTLS_SHA1_ALT) +#include + +void mbedtls_sha1_init( mbedtls_sha1_context *ctx ) +{ + memset( ctx, 0, sizeof( mbedtls_sha1_context ) ); + +} + +void mbedtls_sha1_free( mbedtls_sha1_context *ctx ) +{ + if( ctx == NULL ) + return; + + CRYS_HASH_Free( &ctx->crys_hash_ctx ); + + memset( ctx, 0, sizeof( mbedtls_sha1_context ) ); +} + +void mbedtls_sha1_clone( mbedtls_sha1_context *dst, + const mbedtls_sha1_context *src ) +{ + memcpy( dst, src, sizeof( mbedtls_sha1_context ) ); +} + +int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ) +{ + if( CRYS_HASH_Init( &ctx->crys_hash_ctx, CRYS_HASH_SHA1_mode ) != CRYS_OK ) + return ( MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED ); + return ( 0 ); +} + + +int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, + const unsigned char *input, + size_t ilen ) +{ + if( CRYS_HASH_Update( &ctx->crys_hash_ctx, (uint8_t*)input, ilen ) != CRYS_OK ) + return ( MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED ); + return ( 0 ); +} + +int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, + unsigned char output[20] ) +{ + CRYSError_t CrysErr = CRYS_OK; + CRYS_HASH_Result_t crys_result = {0}; + CrysErr = CRYS_HASH_Finish( &ctx->crys_hash_ctx, crys_result ); + if( CrysErr == CRYS_OK ) + { + memcpy( output, crys_result, 20 ); + return ( 0 ); + } + else + return ( MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED ); +} + +int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, + const unsigned char data[64] ) +{ + if( CRYS_HASH_Update( &ctx->crys_hash_ctx, (uint8_t*)data, 64 ) != CRYS_OK ) + return ( MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED ); + return ( 0 ); +} +#endif //MBEDTLS_SHA1_ALT diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/sha1_alt.h b/features/cryptocell/FEATURE_CRYPTOCELL310/sha1_alt.h new file mode 100644 index 00000000000..d9a74f2410f --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/sha1_alt.h @@ -0,0 +1,148 @@ +/* + * sha1_alt.h + * + * Copyright (C) 2018, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef __SHA1_ALT__ +#define __SHA1_ALT__ +#if defined(MBEDTLS_SHA1_ALT) +#include "crys_hash.h" +#ifdef __cplusplus +extern "C" { +#endif + + +/** + * \brief SHA-1 context structure + */ +typedef struct +{ + CRYS_HASHUserContext_t crys_hash_ctx; +} mbedtls_sha1_context; + +/** + * \brief This function initializes a SHA-1 context. + * + * \param ctx The SHA-1 context to initialize. + * + * \warning SHA-1 is considered a weak message digest and its use + * constitutes a security risk. We recommend considering + * stronger message digests instead. + * + */ +void mbedtls_sha1_init( mbedtls_sha1_context *ctx ); + +/** + * \brief This function clears a SHA-1 context. + * + * \param ctx The SHA-1 context to clear. + * + * \warning SHA-1 is considered a weak message digest and its use + * constitutes a security risk. We recommend considering + * stronger message digests instead. + * + */ +void mbedtls_sha1_free( mbedtls_sha1_context *ctx ); + +/** + * \brief This function clones the state of a SHA-1 context. + * + * \param dst The destination context. + * \param src The context to clone. + * + * \warning SHA-1 is considered a weak message digest and its use + * constitutes a security risk. We recommend considering + * stronger message digests instead. + * + */ +void mbedtls_sha1_clone( mbedtls_sha1_context *dst, + const mbedtls_sha1_context *src ); + +/** + * \brief This function starts a SHA-1 checksum calculation. + * + * \param ctx The context to initialize. + * + * \return \c 0 if successful + * + * \warning SHA-1 is considered a weak message digest and its use + * constitutes a security risk. We recommend considering + * stronger message digests instead. + * + */ +int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ); + +/** + * \brief This function feeds an input buffer into an ongoing SHA-1 + * checksum calculation. + * + * \param ctx The SHA-1 context. + * \param input The buffer holding the input data. + * \param ilen The length of the input data. + * + * \return \c 0 if successful + * + * \warning SHA-1 is considered a weak message digest and its use + * constitutes a security risk. We recommend considering + * stronger message digests instead. + * + */ +int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, + const unsigned char *input, + size_t ilen ); + +/** + * \brief This function finishes the SHA-1 operation, and writes + * the result to the output buffer. + * + * \param ctx The SHA-1 context. + * \param output The SHA-1 checksum result. + * + * \return \c 0 if successful + * + * \warning SHA-1 is considered a weak message digest and its use + * constitutes a security risk. We recommend considering + * stronger message digests instead. + * + */ +int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, + unsigned char output[20] ); + +/** + * \brief SHA-1 process data block (internal use only) + * + * \param ctx SHA-1 context + * \param data The data block being processed. + * + * \return \c 0 if successful + * + * \warning SHA-1 is considered a weak message digest and its use + * constitutes a security risk. We recommend considering + * stronger message digests instead. + * + */ +int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, + const unsigned char data[64] ); + +#ifdef __cplusplus +} +#endif + +#endif //MBEDTLS_SHA1_ALT +#endif //__SHA1_ALT__ + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/sha256_alt.c b/features/cryptocell/FEATURE_CRYPTOCELL310/sha256_alt.c new file mode 100644 index 00000000000..f7912996a67 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/sha256_alt.c @@ -0,0 +1,86 @@ +/* + * sha256_alt.c + * + * Copyright (C) 2018, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "mbedtls/sha256.h" +#if defined(MBEDTLS_SHA256_ALT) +#include + +void mbedtls_sha256_init( mbedtls_sha256_context *ctx ) +{ + memset( ctx, 0, sizeof( mbedtls_sha256_context ) ); + +} + +void mbedtls_sha256_free( mbedtls_sha256_context *ctx ) +{ + if( ctx == NULL ) + return; + CRYS_HASH_Free( &ctx->crys_hash_ctx ); + memset( ctx, 0, sizeof( mbedtls_sha256_context ) ); +} + +void mbedtls_sha256_clone( mbedtls_sha256_context *dst, + const mbedtls_sha256_context *src ) +{ + memcpy( dst, src, sizeof( mbedtls_sha256_context ) ); +} + + +int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ) +{ + if(CRYS_HASH_Init( &ctx->crys_hash_ctx, is224 ? + CRYS_HASH_SHA224_mode : CRYS_HASH_SHA256_mode ) != CRYS_OK ) + return ( MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED ); + return ( 0 ); +} + +int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, + const unsigned char data[64] ) +{ + if( CRYS_HASH_Update( &ctx->crys_hash_ctx, (uint8_t*)data, 64 ) != CRYS_OK ) + return ( MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED ); + return ( 0 ); +} + +int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, + const unsigned char *input, + size_t ilen ) +{ + if( CRYS_HASH_Update( &ctx->crys_hash_ctx, (uint8_t*)input, ilen ) != CRYS_OK ) + return ( MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED ); + return ( 0 ); +} + +int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, + unsigned char output[32] ) +{ + CRYSError_t CrysErr = CRYS_OK; + CRYS_HASH_Result_t crys_result = {0}; + CrysErr = CRYS_HASH_Finish( &ctx->crys_hash_ctx, crys_result ); + if( CrysErr == CRYS_OK ) + { + memcpy( output, crys_result, 32 ); + return ( 0 ); + } + else + return ( MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED ); +} +#endif //MBEDTLS_SHA256_ALT + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/sha256_alt.h b/features/cryptocell/FEATURE_CRYPTOCELL310/sha256_alt.h new file mode 100644 index 00000000000..bdb7c45e80c --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/sha256_alt.h @@ -0,0 +1,121 @@ +/* + * sha256_alt.h + * + * Copyright (C) 2018, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef __SHA256_ALT__ +#define __SHA256_ALT__ + +#if defined(MBEDTLS_SHA256_ALT) + +#include "crys_hash.h" +#ifdef __cplusplus +extern "C" { +#endif + + +/** + * \brief SHA-256 context structure + */ +typedef struct +{ + CRYS_HASHUserContext_t crys_hash_ctx; +} mbedtls_sha256_context; + + +/** + * \brief This function initializes a SHA-256 context. + * + * \param ctx The SHA-256 context to initialize. + */ +void mbedtls_sha256_init( mbedtls_sha256_context *ctx ); + +/** + * \brief This function clears a SHA-256 context. + * + * \param ctx The SHA-256 context to clear. + */ +void mbedtls_sha256_free( mbedtls_sha256_context *ctx ); + +/** + * \brief This function clones the state of a SHA-256 context. + * + * \param dst The destination context. + * \param src The context to clone. + */ +void mbedtls_sha256_clone( mbedtls_sha256_context *dst, + const mbedtls_sha256_context *src ); + +/** + * \brief This function starts a SHA-224 or SHA-256 checksum + * calculation. + * + * \param ctx The context to initialize. + * \param is224 Determines which function to use. + *
    • 0: Use SHA-256.
      • + *
    • 1: Use SHA-224.
    + * + * \return \c 0 on success. + */ +int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ); + +/** + * \brief This function feeds an input buffer into an ongoing + * SHA-256 checksum calculation. + * + * \param ctx SHA-256 context + * \param input buffer holding the data + * \param ilen length of the input data + * + * \return \c 0 on success. + */ +int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, + const unsigned char *input, + size_t ilen ); + +/** + * \brief This function finishes the SHA-256 operation, and writes + * the result to the output buffer. + * + * \param ctx The SHA-256 context. + * \param output The SHA-224 or SHA-256 checksum result. + * + * \return \c 0 on success. + */ +int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, + unsigned char output[32] ); + +/** + * \brief This function processes a single data block within + * the ongoing SHA-256 computation. This function is for + * internal use only. + * + * \param ctx The SHA-256 context. + * \param data The buffer holding one block of data. + * + * \return \c 0 on success. + */ +int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, + const unsigned char data[64] ); + +#ifdef __cplusplus +} +#endif + +#endif // MBEDTLS_SHA256_ALT__ +#endif //__SHA256_ALT__ diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/trng.c b/features/cryptocell/FEATURE_CRYPTOCELL310/trng.c new file mode 100644 index 00000000000..c0d238e71e3 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/trng.c @@ -0,0 +1,89 @@ + /* + * trng.c + * + * Copyright (C) 2017, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#if defined(DEVICE_TRNG) + +#include +#include "trng_api.h" + +extern CRYS_RND_State_t rndState; +extern CRYS_RND_WorkBuff_t rndWorkBuff; + +/* Implementation that should never be optimized out by the compiler */ +static void mbedtls_zeroize( void *v, size_t n ) { + volatile unsigned char *p = (unsigned char*)v; + while( n-- ) *p++ = 0; +} + +CRYSError_t RNG_PLAT_SetUserRngParameters( + CRYS_RND_State_t *pRndState, + CRYS_RND_Params_t *pTrngParams); + +CRYSError_t LLF_RND_GetTrngSource( + CRYS_RND_State_t *rndState_ptr, + CRYS_RND_Params_t *trngParams_ptr, + SaSiBool_t isContinued, + uint32_t *entropySize_ptr, + uint32_t **sourceOut_ptr_ptr, + uint32_t *sourceOutSize_ptr, + uint32_t *rndWorkBuff_ptr); + + +void trng_init(trng_t *obj) +{ + RNG_PLAT_SetUserRngParameters(&rndState, obj); +} + +void trng_free(trng_t *obj) +{ + (void)obj; +} + + +int trng_get_bytes(trng_t *obj, uint8_t *output, size_t length, size_t *outputLength) +{ + (void)obj; + int ret; + uint32_t entropySizeBits; + uint32_t *entrSource_ptr; + uint32_t actualLength; + + ret = LLF_RND_GetTrngSource( + &rndState , /*in/out*/ + obj, /*in/out*/ + 0, /*in*/ + &entropySizeBits, /*in/out*/ + &entrSource_ptr, /*out*/ + &actualLength, /*out*/ + (uint32_t*)&rndWorkBuff.crysRndWorkBuff /*in*/); + if ( ret != 0 ) + return -1; + + if ( length < actualLength ) + actualLength = length; + + *outputLength = actualLength; + + memcpy( output, entrSource_ptr + CRYS_RND_TRNG_SRC_INNER_OFFSET_WORDS, *outputLength ); + mbedtls_zeroize( entrSource_ptr + CRYS_RND_TRNG_SRC_INNER_OFFSET_WORDS, *outputLength ); + return 0; +} + +#endif //DEVICE_TRNG diff --git a/targets/TARGET_NORDIC/TARGET_NRF5x/TARGET_NRF52/objects.h b/targets/TARGET_NORDIC/TARGET_NRF5x/TARGET_NRF52/objects.h index 760674b3ce1..47e6276a829 100644 --- a/targets/TARGET_NORDIC/TARGET_NRF5x/TARGET_NRF52/objects.h +++ b/targets/TARGET_NORDIC/TARGET_NRF5x/TARGET_NRF52/objects.h @@ -54,6 +54,14 @@ extern "C" { #include "nrf_uart.h" +#if defined(FEATURE_CRYPTOCELL310) +#include "objects_cryptocell.h" +#else +struct trng_s { + uint32_t placeholder; +}; +#endif + struct serial_s { int instance; uint32_t tx; @@ -134,10 +142,6 @@ struct flash_s { uint32_t placeholder; }; -struct trng_s { - uint32_t placeholder; -}; - #include "gpio_object.h" #ifdef __cplusplus diff --git a/targets/TARGET_NORDIC/TARGET_NRF5x/TARGET_NRF52/trng_api.c b/targets/TARGET_NORDIC/TARGET_NRF5x/TARGET_NRF52/trng_api.c index 747ac6aabf9..26aade19e7b 100644 --- a/targets/TARGET_NORDIC/TARGET_NRF5x/TARGET_NRF52/trng_api.c +++ b/targets/TARGET_NORDIC/TARGET_NRF5x/TARGET_NRF52/trng_api.c @@ -37,7 +37,7 @@ */ #if defined(DEVICE_TRNG) - +#if !defined(FEATURE_CRYPTOCELL310) #include "hal/trng_api.h" #include "hal/critical_section_api.h" @@ -119,5 +119,5 @@ int trng_get_bytes(trng_t *obj, uint8_t *output, size_t length, size_t *output_l return result; } - +#endif/* !FEATURE_CRYPTOCELL310 */ #endif diff --git a/targets/targets.json b/targets/targets.json index b283c4f5fdd..7078ceb459a 100755 --- a/targets/targets.json +++ b/targets/targets.json @@ -3624,8 +3624,10 @@ "TARGET_NRF52840", "CMSIS_VECTAB_VIRTUAL", "CMSIS_VECTAB_VIRTUAL_HEADER_FILE=\"cmsis_nvic.h\"", - "MBED_TICKLESS" + "MBED_TICKLESS", + "MBEDTLS_CONFIG_HW_SUPPORT" ], + "features": ["CRYPTOCELL310"], "device_has": [ "ANALOGIN", "FLASH", diff --git a/tools/config/__init__.py b/tools/config/__init__.py index 1b421099907..8c2df230b6e 100644 --- a/tools/config/__init__.py +++ b/tools/config/__init__.py @@ -369,7 +369,7 @@ class Config(object): # Allowed features in configurations __allowed_features = [ - "UVISOR", "BLE", "CLIENT", "IPV4", "LWIP", "COMMON_PAL", "STORAGE", "NANOSTACK", + "UVISOR", "BLE", "CLIENT", "IPV4", "LWIP", "COMMON_PAL", "STORAGE", "NANOSTACK","CRYPTOCELL310", # Nanostack configurations "LOWPAN_BORDER_ROUTER", "LOWPAN_HOST", "LOWPAN_ROUTER", "NANOSTACK_FULL", "THREAD_BORDER_ROUTER", "THREAD_END_DEVICE", "THREAD_ROUTER", "ETHERNET_HOST" ]