aboutsummaryrefslogtreecommitdiff
path: root/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta
diff options
context:
space:
mode:
authorTrygve Laugstøl <trygvis@inamo.no>2018-08-23 17:08:59 +0200
committerTrygve Laugstøl <trygvis@inamo.no>2018-08-23 17:12:21 +0200
commit3061ecca3d0fdfb87dabbf5f63c9e06c2a30f53a (patch)
treeab49cc16ed0b853452c5c2ed2d3042416d628986 /thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta
downloadiot-sensors-master.tar.gz
iot-sensors-master.tar.bz2
iot-sensors-master.tar.xz
iot-sensors-master.zip
o Initial import.HEADmaster
Diffstat (limited to 'thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta')
-rw-r--r--thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/create-module.sh47
-rw-r--r--thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/README.md103
-rw-r--r--thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/adjust-config.sh77
-rw-r--r--thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/entropy_hardware_poll.c88
-rw-r--r--thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-authcrypt/README.md68
-rw-r--r--thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-authcrypt/main.cpp197
-rw-r--r--thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-benchmark/README.md100
-rw-r--r--thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-benchmark/main.cpp951
-rw-r--r--thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-hashing/README.md67
-rw-r--r--thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-hashing/main.cpp177
-rw-r--r--thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-selftest/README.md82
-rw-r--r--thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-selftest/main.cpp268
-rw-r--r--thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/target_config.h35
13 files changed, 2260 insertions, 0 deletions
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/create-module.sh b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/create-module.sh
new file mode 100644
index 0000000..4c79ebe
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/create-module.sh
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -eu
+
+# relative to the script's directory
+TREE=..
+DEST=module
+
+# make sure we're running in our own directory
+if [ -f create-module.sh ]; then :; else
+ cd $( dirname $0 )
+ if [ -f create-module.sh ]; then :; else
+ echo "Please run the script from is directory." >&2
+ exit 1
+ fi
+fi
+
+# use a temporary directory to build the module, then rsync to DEST
+# this allows touching only new files, for more efficient re-builds
+TMP=$DEST-tmp
+rm -rf $TMP
+
+mkdir -p $TMP/mbedtls $TMP/source
+cp $TREE/include/mbedtls/*.h $TMP/mbedtls
+cp $TREE/library/*.c $TMP/source
+
+# temporary, should depend on external module later
+cp data/entropy_hardware_poll.c $TMP/source
+cp data/target_config.h $TMP/mbedtls
+
+data/adjust-config.sh $TREE/scripts/config.pl $TMP/mbedtls/config.h
+
+mkdir -p $TMP/test
+cp -r data/example-* $TMP/test
+# later we should have the generated test suites here too
+
+cp data/module.json $TMP
+cp data/README.md $TMP
+
+cp ../LICENSE $TMP
+if [ -f ../apache-2.0.txt ]; then cp ../apache-2.0.txt $TMP; fi
+
+mkdir -p $DEST
+rsync -cr --delete --exclude build --exclude yotta_\* $TMP/ $DEST/
+rm -rf $TMP
+
+echo "mbed TLS yotta module created in '$PWD/$DEST'."
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/README.md b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/README.md
new file mode 100644
index 0000000..b748aac
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/README.md
@@ -0,0 +1,103 @@
+# mbed TLS
+
+mbed TLS makes it trivially easy for developers to include cryptographic and SSL/TLS capabilities in their embedded products, with a minimal code footprint. It offers an SSL library with an intuitive API and readable source code.
+
+**Note:** The current release is beta, and implements no secure source of random numbers, weakening its security.
+
+Currently the only supported yotta targets are:
+- `frdm-k64f-gcc`
+- `frdm-k64f-armcc`
+- `x86-linux-native`
+- `x86-osx-native`
+
+## Sample programs
+
+This release includes the following examples:
+
+1. [**Self test:**](https://github.com/ARMmbed/mbedtls/blob/development/yotta/data/example-selftest) Tests different basic functions in the mbed TLS library.
+
+2. [**Benchmark:**](https://github.com/ARMmbed/mbedtls/blob/development/yotta/data/example-benchmark) Measures the time taken to perform basic cryptographic functions used in the library.
+
+3. [**Hashing:**](https://github.com/ARMmbed/mbedtls/blob/development/yotta/data/example-hashing) Demonstrates the various APIs for computing hashes of data (also known as message digests) with SHA-256.
+
+4. [**Authenticated encryption:**](https://github.com/ARMmbed/mbedtls/blob/development/yotta/data/example-authcrypt) Demonstrates usage of the Cipher API for encrypting and authenticating data with AES-CCM.
+
+These examples are integrated as yotta tests, so that they are built automatically when you build mbed TLS. Each of them comes with complete usage instructions as a Readme file in the repository.
+
+## Performing TLS and DTLS connections
+
+A high-level API for performing TLS and DTLS connections with mbed TLS in mbed OS is provided in a separate yotta module: [mbed-tls-sockets](https://github.com/ARMmbed/mbed-tls-sockets). We recommend this API for TLS and DTLS connections. It is very similar to the API provided by the [sockets](https://github.com/ARMmbed/sockets) module for unencrypted TCP and UDP connections.
+
+The `mbed-tls-sockets` module includes a complete [example TLS client](https://github.com/ARMmbed/mbed-tls-sockets/blob/master/test/tls-client/main.cpp) with [usage instructions](https://github.com/ARMmbed/mbed-tls-sockets/blob/master/test/tls-client/README.md).
+
+## Configuring mbed TLS features
+
+mbed TLS makes it easy to disable any feature during compilation, if that feature isn't required for a particular project. The default configuration enables all modern and widely-used features, which should meet the needs of new projects, and disables all features that are older or less common, to minimize the code footprint.
+
+The list of available compilation flags is available in the fully documented [config.h file](https://github.com/ARMmbed/mbedtls/blob/development/include/mbedtls/config.h).
+
+If you need to adjust those flags, you can provide your own configuration-adjustment file with suitable `#define` and `#undef` statements. These will be included between the default definitions and the sanity checks. Your configuration file should be in your application's include directory, and can be named freely; you just need to let mbed TLS know the file's name. To do that, use yotta's [configuration system](http://docs.yottabuild.org/reference/config.html). The file's name should be in your `config.json` file, under mbedtls, as the key `user-config-file`.
+
+For example, in an application called `myapp`, if you want to enable the EC J-PAKE key exchange and disable the CBC cipher mode, you can create a file named `mbedtls-config-changes.h` in the `myapp` directory containing the following lines:
+
+ #define MBEDTLS_ECJPAKE_C
+ #define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
+
+ #undef MBEDTLS_CIPHER_MODE_CBC
+
+And then create a file named `config.json` at the root of your application with the following contents:
+
+ {
+ "mbedtls": {
+ "user-config-file": "\"myapp/mbedtls-config-changes.h\""
+ }
+ }
+
+Please note: you need to provide the exact name that will be used in the `#include` directive, including the `<>` or quotes around the name.
+
+## Getting mbed TLS from GitHub
+
+Like most components of mbed OS, mbed TLS is developed in the open and its source can be found on GitHub: [ARMmbed/mbedtls](https://github.com/ARMmbed/mbedtls). Unlike most other mbed OS components, however, you cannot just clone the repository and run `yotta build` from its root. This is because mbed TLS also exists as an independent component, so its repository includes things that are not relevant for mbed OS, as well as other build systems.
+
+The way to use mbed TLS from a clone of the GitHub repository is to run the following commands from the root of a checkout:
+
+ yotta/create-module.sh
+ cd yotta/module
+
+You can then run any yotta command you would normally run, such as `yotta build` or `yotta link`.
+
+## Differences between the standalone and mbed OS editions
+
+While the two editions share the same code base, there are still a number of differences, mainly in configuration and integration. You should keep in mind those differences when reading some articles in our [knowledge base](https://tls.mbed.org/kb), as currently all the articles are about the standalone edition.
+
+* The mbed OS edition has a smaller set of features enabled by default in `config.h`, in order to reduce footprint. While the default configuration of the standalone edition puts more emphasize on maintaining interoperability with old peers, the mbed OS edition only enables the most modern ciphers and the latest version of (D)TLS.
+
+* The following components of mbed TLS are disabled in the mbed OS edition: `net_sockets.c` and `timing.c`. This is because mbed OS include their equivalents.
+
+* The mbed OS edition comes with a fully integrated API for (D)TLS connections in a companion module: [mbed-tls-sockets](https://github.com/ARMmbed/mbed-tls-sockets). See "Performing TLS and DTLS connections" above.
+
+## Other resources
+
+The [mbed TLS website](https://tls.mbed.org) contains many other useful
+resources for the developer, such as [developer
+documentation](https://tls.mbed.org/dev-corner), [knowledgebase
+articles](https://tls.mbed.org/kb), and a [support forum](https://tls.mbed.org/discussions).
+
+## Contributing
+
+We gratefully accept bug reports and contributions from the community. There are some requirements we need to fulfill in order to be able to integrate contributions:
+
+* Simple bug fixes to existing code do not contain copyright themselves and we can integrate without issue. The same is true of trivial contributions.
+
+* For larger contributions, such as a new feature, the code can possibly fall under copyright law. We then need your consent to share in the ownership of the copyright. We have a form for this, which we will send to you in case you submit a contribution or pull request that we deem this necessary for.
+
+To contribute, please:
+
+* [Check for open issues](https://github.com/ARMmbed/mbedtls/issues) or [start a discussion](https://tls.mbed.org/discussions) around a feature idea or a bug.
+
+* Fork the [mbed TLS repository on GitHub](https://github.com/ARMmbed/mbedtls) to start making your changes. As a general rule, you should use the "development" branch as a basis.
+
+* Write a test that shows that the bug was fixed or that the feature works as expected.
+
+* Send a pull request and bug us until it gets merged and published. We will include your name in the ChangeLog.
+
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/adjust-config.sh b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/adjust-config.sh
new file mode 100644
index 0000000..3fa8490
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/adjust-config.sh
@@ -0,0 +1,77 @@
+#!/bin/sh
+
+set -eu
+
+if [ $# -ne 2 ]; then
+ echo "Usage: $0 path/to/config.pl path/to/config.h" >&2
+ exit 1
+fi
+
+SCRIPT=$1
+FILE=$2
+
+conf() {
+ $SCRIPT -f $FILE $@
+}
+
+
+# Set the target specific header
+conf set YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE \"mbedtls/target_config.h\"
+
+# not supported on mbed OS, nor used by mbed Client
+conf unset MBEDTLS_NET_C
+conf unset MBEDTLS_TIMING_C
+
+# not supported on all targets with mbed OS, nor used by mbed Client
+conf unset MBEDTLS_FS_IO
+
+conf unset MBEDTLS_CIPHER_MODE_CFB
+conf unset MBEDTLS_CIPHER_MODE_CTR
+conf unset MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
+conf unset MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
+conf unset MBEDTLS_CIPHER_PADDING_ZEROS
+conf unset MBEDTLS_ECP_DP_SECP192R1_ENABLED
+conf unset MBEDTLS_ECP_DP_SECP224R1_ENABLED
+conf unset MBEDTLS_ECP_DP_SECP521R1_ENABLED
+conf unset MBEDTLS_ECP_DP_SECP192K1_ENABLED
+conf unset MBEDTLS_ECP_DP_SECP224K1_ENABLED
+conf unset MBEDTLS_ECP_DP_SECP256K1_ENABLED
+conf unset MBEDTLS_ECP_DP_BP256R1_ENABLED
+conf unset MBEDTLS_ECP_DP_BP384R1_ENABLED
+conf unset MBEDTLS_ECP_DP_BP512R1_ENABLED
+conf unset MBEDTLS_PK_PARSE_EC_EXTENDED
+
+conf unset MBEDTLS_AESNI_C
+conf unset MBEDTLS_ARC4_C
+conf unset MBEDTLS_BLOWFISH_C
+conf unset MBEDTLS_CAMELLIA_C
+conf unset MBEDTLS_DES_C
+conf unset MBEDTLS_DHM_C
+conf unset MBEDTLS_GENPRIME
+conf unset MBEDTLS_MD5_C
+conf unset MBEDTLS_PADLOCK_C
+conf unset MBEDTLS_PEM_WRITE_C
+conf unset MBEDTLS_PKCS5_C
+conf unset MBEDTLS_PKCS12_C
+conf unset MBEDTLS_RIPEMD160_C
+conf unset MBEDTLS_SHA1_C
+conf unset MBEDTLS_XTEA_C
+
+conf unset MBEDTLS_X509_RSASSA_PSS_SUPPORT
+
+conf unset MBEDTLS_X509_CSR_PARSE_C
+conf unset MBEDTLS_X509_CREATE_C
+conf unset MBEDTLS_X509_CRT_WRITE_C
+conf unset MBEDTLS_X509_CSR_WRITE_C
+
+conf unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
+conf unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
+conf unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+conf unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
+conf unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+conf unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+conf unset MBEDTLS_SSL_FALLBACK_SCSV
+conf unset MBEDTLS_SSL_CBC_RECORD_SPLITTING
+conf unset MBEDTLS_SSL_PROTO_TLS1
+conf unset MBEDTLS_SSL_PROTO_TLS1_1
+conf unset MBEDTLS_SSL_TRUNCATED_HMAC
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/entropy_hardware_poll.c b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/entropy_hardware_poll.c
new file mode 100644
index 0000000..3a61e22
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/entropy_hardware_poll.c
@@ -0,0 +1,88 @@
+/*
+ * Hardware entropy collector for the K64F, using Freescale's RNGA
+ *
+ * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/*
+ * WARNING: this is temporary!
+ * This should be in a separate yotta module which would be a target
+ * dependency of mbedtls (see IOTSSL-313)
+ */
+
+#if defined(TARGET_LIKE_K64F)
+
+/*
+ * Reference: "K64 Sub-Family Reference Manual, Rev. 2", chapter 34
+ */
+
+#include "fsl_clock_manager.h"
+
+/*
+ * Get one byte of entropy from the RNG, assuming it is up and running.
+ * As recommended (34.1.1), get only one bit of each output.
+ */
+static void rng_get_byte( unsigned char *byte )
+{
+ size_t bit;
+
+ /* 34.5 Steps 3-4-5: poll SR and read from OR when ready */
+ for( bit = 0; bit < 8; bit++ )
+ {
+ while( ( RNG->SR & RNG_SR_OREG_LVL_MASK ) == 0 );
+ *byte |= ( RNG->OR & 1 ) << bit;
+ }
+}
+
+/*
+ * Get len bytes of entropy from the hardware RNG.
+ */
+int mbedtls_hardware_poll( void *data,
+ unsigned char *output, size_t len, size_t *olen )
+{
+ size_t i;
+ int ret;
+ ((void) data);
+
+ CLOCK_SYS_EnableRngaClock( 0 );
+
+ /* Set "Interrupt Mask", "High Assurance" and "Go",
+ * unset "Clear interrupt" and "Sleep" */
+ RNG->CR = RNG_CR_INTM_MASK | RNG_CR_HA_MASK | RNG_CR_GO_MASK;
+
+ for( i = 0; i < len; i++ )
+ rng_get_byte( output + i );
+
+ /* Just be extra sure that we didn't do it wrong */
+ if( ( RNG->SR & RNG_SR_SECV_MASK ) != 0 )
+ {
+ ret = -1;
+ goto cleanup;
+ }
+
+ *olen = len;
+ ret = 0;
+
+cleanup:
+ /* Disable clock to save power - assume we're the only users of RNG */
+ CLOCK_SYS_DisableRngaClock( 0 );
+
+ return( ret );
+}
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-authcrypt/README.md b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-authcrypt/README.md
new file mode 100644
index 0000000..ae4b1ef
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-authcrypt/README.md
@@ -0,0 +1,68 @@
+# Authenticated Encryption Example
+
+This application performs authenticated encryption and authenticated decryption of a buffer. It serves as a tutorial for the basic authenticated encryption functions of mbed TLS.
+
+## Pre-requisites
+
+To build and run this example you must have:
+
+* A computer with the following software installed:
+ * [CMake](http://www.cmake.org/download/).
+ * [yotta](https://github.com/ARMmbed/yotta). Please note that **yotta has its own set of dependencies**, listed in the [installation instructions](http://armmbed.github.io/yotta/#installing-on-windows).
+ * [Python](https://www.python.org/downloads/).
+ * [The ARM GCC toolchain](https://launchpad.net/gcc-arm-embedded).
+ * A serial terminal emulator (Like screen, pySerial and cu).
+* An [FRDM-K64F](http://developer.mbed.org/platforms/FRDM-K64F/) development board, or another board supported by mbed OS (in which case you'll have to substitute frdm-k64f-gcc with the appropriate target in the instructions below).
+* A micro-USB cable.
+* If your OS is Windows, please follow the installation instructions [for the serial port driver](https://developer.mbed.org/handbook/Windows-serial-configuration).
+
+## Getting started
+
+1. Connect the FRDM-K64F to the computer with the micro-USB cable, being careful to use the "OpenSDA" connector on the target board.
+
+2. Navigate to the mbedtls directory supplied with your release and open a terminal.
+
+3. Set the yotta target:
+
+ ```
+ yotta target frdm-k64f-gcc
+ ```
+
+4. Build mbedtls and the examples. This may take a long time if this is your first compilation:
+
+ ```
+ $ yotta build
+ ```
+
+5. Copy `build/frdm-k64f-gcc/test/mbedtls-test-example-authcrypt.bin` to your mbed board and wait until the LED next to the USB port stops blinking.
+
+6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
+
+ Use the following settings:
+
+ * 115200 baud (not 9600).
+ * 8N1.
+ * No flow control.
+
+7. Press the Reset button on the board.
+
+8. The output in the terminal window should look like:
+
+ ```
+ {{timeout;10}}
+ {{host_test_name;default}}
+ {{description;mbed TLS example authcrypt}}
+ {{test_id;MBEDTLS_EX_AUTHCRYPT}}
+ {{start}}
+
+
+ plaintext message: 536f6d65207468696e67732061726520626574746572206c65667420756e7265616400
+ ciphertext: c57f7afb94f14c7977d785d08682a2596bd62ee9dcf216b8cccd997afee9b402f5de1739e8e6467aa363749ef39392e5c66622b01c7203ec0a3d14
+ decrypted: 536f6d65207468696e67732061726520626574746572206c65667420756e7265616400
+
+ DONE
+ {{success}}
+ {{end}}
+ ```
+
+The actual output for the ciphertext line will vary on each run because of the use of a random nonce in the encryption process.
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-authcrypt/main.cpp b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-authcrypt/main.cpp
new file mode 100644
index 0000000..23fad27
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-authcrypt/main.cpp
@@ -0,0 +1,197 @@
+/*
+ * Hello world example of using the authenticated encryption with mbed TLS
+ *
+ * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#include "mbedtls/cipher.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+
+#include <stdio.h>
+#include <string.h>
+
+static void print_hex(const char *title, const unsigned char buf[], size_t len)
+{
+ printf("%s: ", title);
+
+ for (size_t i = 0; i < len; i++)
+ printf("%02x", buf[i]);
+
+ printf("\r\n");
+}
+
+/*
+ * The pre-shared key. Should be generated randomly and be unique to the
+ * device/channel/etc. Just used a fixed on here for simplicity.
+ */
+static const unsigned char secret_key[16] = {
+ 0xf4, 0x82, 0xc6, 0x70, 0x3c, 0xc7, 0x61, 0x0a,
+ 0xb9, 0xa0, 0xb8, 0xe9, 0x87, 0xb8, 0xc1, 0x72,
+};
+
+static int example(void)
+{
+ /* message that should be protected */
+ const char message[] = "Some things are better left unread";
+ /* metadata transmitted in the clear but authenticated */
+ const char metadata[] = "eg sequence number, routing info";
+ /* ciphertext buffer large enough to hold message + nonce + tag */
+ unsigned char ciphertext[128] = { 0 };
+ int ret;
+
+ printf("\r\n\r\n");
+ print_hex("plaintext message", (unsigned char *) message, sizeof message);
+
+ /*
+ * Setup random number generator
+ * (Note: later this might be done automatically.)
+ */
+ mbedtls_entropy_context entropy; /* entropy pool for seeding PRNG */
+ mbedtls_ctr_drbg_context drbg; /* pseudo-random generator */
+
+ mbedtls_entropy_init(&entropy);
+ mbedtls_ctr_drbg_init(&drbg);
+
+ /* Seed the PRNG using the entropy pool, and throw in our secret key as an
+ * additional source of randomness. */
+ ret = mbedtls_ctr_drbg_seed(&drbg, mbedtls_entropy_func, &entropy,
+ secret_key, sizeof (secret_key));
+ if (ret != 0) {
+ printf("mbedtls_ctr_drbg_init() returned -0x%04X\r\n", -ret);
+ return 1;
+ }
+
+ /*
+ * Setup AES-CCM contex
+ */
+ mbedtls_cipher_context_t ctx;
+
+ mbedtls_cipher_init(&ctx);
+
+ ret = mbedtls_cipher_setup(&ctx, mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_CCM));
+ if (ret != 0) {
+ printf("mbedtls_cipher_setup() returned -0x%04X\r\n", -ret);
+ return 1;
+ }
+
+ ret = mbedtls_cipher_setkey(&ctx, secret_key, 8 * sizeof secret_key, MBEDTLS_ENCRYPT);
+ if (ret != 0) {
+ printf("mbedtls_cipher_setkey() returned -0x%04X\r\n", -ret);
+ return 1;
+ }
+
+ /*
+ * Encrypt-authenticate the message and authenticate additional data
+ *
+ * First generate a random 8-byte nonce.
+ * Put it directly in the output buffer as the recipient will need it.
+ *
+ * Warning: you must never re-use the same (key, nonce) pair. One of the
+ * best ways to ensure this to use a counter for the nonce. However this
+ * means you should save the counter accross rebots, if the key is a
+ * long-term one. The alternative we choose here is to generate the nonce
+ * randomly. However it only works if you have a good source of
+ * randomness.
+ */
+ const size_t nonce_len = 8;
+ mbedtls_ctr_drbg_random(&drbg, ciphertext, nonce_len);
+
+ size_t ciphertext_len = 0;
+ /* Go for a conservative 16-byte (128-bit) tag
+ * and append it to the ciphertext */
+ const size_t tag_len = 16;
+ ret = mbedtls_cipher_auth_encrypt(&ctx, ciphertext, nonce_len,
+ (const unsigned char *) metadata, sizeof metadata,
+ (const unsigned char *) message, sizeof message,
+ ciphertext + nonce_len, &ciphertext_len,
+ ciphertext + nonce_len + sizeof message, tag_len );
+ if (ret != 0) {
+ printf("mbedtls_cipher_auth_encrypt() returned -0x%04X\r\n", -ret);
+ return 1;
+ }
+ ciphertext_len += nonce_len + tag_len;
+
+ /*
+ * The following information should now be transmitted:
+ * - first ciphertext_len bytes of ciphertext buffer
+ * - metadata if not already transmitted elsewhere
+ */
+ print_hex("ciphertext", ciphertext, ciphertext_len);
+
+ /*
+ * Decrypt-authenticate
+ */
+ unsigned char decrypted[128] = { 0 };
+ size_t decrypted_len = 0;
+
+ ret = mbedtls_cipher_setkey(&ctx, secret_key, 8 * sizeof secret_key, MBEDTLS_DECRYPT);
+ if (ret != 0) {
+ printf("mbedtls_cipher_setkey() returned -0x%04X\r\n", -ret);
+ return 1;
+ }
+
+ ret = mbedtls_cipher_auth_decrypt(&ctx,
+ ciphertext, nonce_len,
+ (const unsigned char *) metadata, sizeof metadata,
+ ciphertext + nonce_len, ciphertext_len - nonce_len - tag_len,
+ decrypted, &decrypted_len,
+ ciphertext + ciphertext_len - tag_len, tag_len );
+ /* Checking the return code is CRITICAL for security here */
+ if (ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED) {
+ printf("Something bad is happening! Data is not authentic!\r\n");
+ return 1;
+ }
+ if (ret != 0) {
+ printf("mbedtls_cipher_authdecrypt() returned -0x%04X\r\n", -ret);
+ return 1;
+ }
+
+ print_hex("decrypted", decrypted, decrypted_len);
+
+ printf("\r\nDONE\r\n");
+
+ return 0;
+}
+
+#if defined(TARGET_LIKE_MBED)
+
+#include "mbed-drivers/test_env.h"
+#include "minar/minar.h"
+
+static void run() {
+ MBED_HOSTTEST_TIMEOUT(10);
+ MBED_HOSTTEST_SELECT(default);
+ MBED_HOSTTEST_DESCRIPTION(mbed TLS example authcrypt);
+ MBED_HOSTTEST_START("MBEDTLS_EX_AUTHCRYPT");
+ MBED_HOSTTEST_RESULT(example() == 0);
+}
+
+void app_start(int, char*[]) {
+ /* Use 115200 bps for consistency with other examples */
+ get_stdio_serial().baud(115200);
+ minar::Scheduler::postCallback(mbed::util::FunctionPointer0<void>(run).bind());
+}
+
+#else
+
+int main() {
+ return example();
+}
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-benchmark/README.md b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-benchmark/README.md
new file mode 100644
index 0000000..8589e7b
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-benchmark/README.md
@@ -0,0 +1,100 @@
+# mbed TLS Benchmark Example
+
+This application benchmarks the various cryptographic primitives offered by mbed TLS.
+
+## Pre-requisites
+
+To build and run this example you must have:
+
+* A computer with the following software installed:
+ * [CMake](http://www.cmake.org/download/).
+ * [yotta](https://github.com/ARMmbed/yotta). Please note that **yotta has its own set of dependencies**, listed in the [installation instructions](http://armmbed.github.io/yotta/#installing-on-windows).
+ * [Python](https://www.python.org/downloads/).
+ * [The ARM GCC toolchain](https://launchpad.net/gcc-arm-embedded).
+ * A serial terminal emulator (Like screen, pySerial and cu).
+* An [FRDM-K64F](http://developer.mbed.org/platforms/FRDM-K64F/) development board, or another board supported by mbed OS (in which case you'll have to substitute frdm-k64f-gcc with the appropriate target in the instructions below).
+* A micro-USB cable.
+* If your OS is Windows, please follow the installation instructions [for the serial port driver](https://developer.mbed.org/handbook/Windows-serial-configuration).
+
+## Getting started
+
+1. Connect the FRDM-K64F to the computer with the micro-USB cable, being careful to use the "OpenSDA" connector on the target board.
+
+2. Navigate to the mbedtls directory supplied with your release and open a terminal.
+
+3. Set the yotta target:
+
+ ```
+ yotta target frdm-k64f-gcc
+ ```
+
+4. Build mbedtls and the examples. This may take a long time if this is your first compilation:
+
+ ```
+ $ yotta build
+ ```
+
+5. Copy `build/frdm-k64f-gcc/test/mbedtls-test-example-benchmark.bin` to your mbed board and wait until the LED next to the USB port stops blinking.
+
+6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
+
+ Use the following settings:
+
+ * 115200 baud (not 9600).
+ * 8N1.
+ * No flow control.
+
+7. Press the Reset button on the board.
+
+8. The output in the terminal window should look like:
+
+ ```
+ {{timeout;150}}
+ {{host_test_name;default}}
+ {{description;mbed TLS benchmark program}}
+ {{test_id;MBEDTLS_BENCHMARK}}
+ {{start}}
+
+
+ SHA-1 : 3644 Kb/s, 32 cycles/byte
+ SHA-256 : 1957 Kb/s, 59 cycles/byte
+ SHA-512 : 587 Kb/s, 200 cycles/byte
+ AES-CBC-128 : 1359 Kb/s, 86 cycles/byte
+ AES-CBC-192 : 1183 Kb/s, 99 cycles/byte
+ AES-CBC-256 : 1048 Kb/s, 111 cycles/byte
+ AES-GCM-128 : 421 Kb/s, 279 cycles/byte
+ AES-GCM-192 : 403 Kb/s, 292 cycles/byte
+ AES-GCM-256 : 385 Kb/s, 305 cycles/byte
+ AES-CCM-128 : 542 Kb/s, 216 cycles/byte
+ AES-CCM-192 : 484 Kb/s, 242 cycles/byte
+ AES-CCM-256 : 437 Kb/s, 268 cycles/byte
+ CTR_DRBG (NOPR) : 1002 Kb/s, 117 cycles/byte
+ CTR_DRBG (PR) : 705 Kb/s, 166 cycles/byte
+ HMAC_DRBG SHA-1 (NOPR) : 228 Kb/s, 517 cycles/byte
+ HMAC_DRBG SHA-1 (PR) : 210 Kb/s, 561 cycles/byte
+ HMAC_DRBG SHA-256 (NOPR) : 212 Kb/s, 557 cycles/byte
+ HMAC_DRBG SHA-256 (PR) : 185 Kb/s, 637 cycles/byte
+ RSA-2048 : 41 ms/ public
+ RSA-2048 : 1349 ms/private
+ RSA-4096 : 134 ms/ public
+ RSA-4096 : 7149 ms/private
+ ECDSA-secp384r1 : 640 ms/sign
+ ECDSA-secp256r1 : 387 ms/sign
+ ECDSA-secp384r1 : 1233 ms/verify
+ ECDSA-secp256r1 : 751 ms/verify
+ ECDHE-secp384r1 : 1191 ms/handshake
+ ECDHE-secp256r1 : 730 ms/handshake
+ ECDHE-Curve25519 : 611 ms/handshake
+ ECDH-secp384r1 : 584 ms/handshake
+ ECDH-secp256r1 : 365 ms/handshake
+ ECDH-Curve25519 : 303 ms/handshake
+
+ {{success}}
+ {{end}}
+ ```
+
+Any performance data generated by this example application are indicative only of the performance of the mbed TLS module on the platform it's executed on.
+
+Differences in the integration of mbed TLS into the platform, such as whether all available hardware accelerators have been used or not, can lead to significant differences in performance, and so results from the program are not intended to be used to meaningfully compare platforms.
+
+The figures may also slightly change from execution to execution due to variations in the timing functions.
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-benchmark/main.cpp b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-benchmark/main.cpp
new file mode 100644
index 0000000..ef38c44
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-benchmark/main.cpp
@@ -0,0 +1,951 @@
+/*
+ * Benchmark demonstration program
+ *
+ * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(TARGET_LIKE_MBED)
+
+#include <stdio.h>
+
+int main() {
+ printf("this version of this program only works on mbed OS\n");
+ return 0;
+}
+
+#else
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_exit exit
+#define mbedtls_printf printf
+#define mbedtls_snprintf snprintf
+#define mbedtls_free free
+#endif
+
+#include <string.h>
+
+#include "mbedtls/md4.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/ripemd160.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+#include "mbedtls/arc4.h"
+#include "mbedtls/des.h"
+#include "mbedtls/aes.h"
+#include "mbedtls/blowfish.h"
+#include "mbedtls/camellia.h"
+#include "mbedtls/gcm.h"
+#include "mbedtls/ccm.h"
+#include "mbedtls/havege.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/hmac_drbg.h"
+#include "mbedtls/rsa.h"
+#include "mbedtls/pk.h"
+#include "mbedtls/dhm.h"
+#include "mbedtls/ecdsa.h"
+#include "mbedtls/ecdh.h"
+#include "mbedtls/error.h"
+
+#include "mbed-drivers/mbed.h"
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+#include "mbedtls/memory_buffer_alloc.h"
+#endif
+
+#define RSA_PRIVATE_KEY_2048 \
+"-----BEGIN RSA PRIVATE KEY-----\r\n" \
+"MIIEogIBAAKCAQEA2dwVr+IMGEtA2/MCP6fA5eb/6B18Bq6e7gw8brNPkm3E6LyR\r\n" \
+"4DnMJVxZmw3bPDKBDoKzfntkMESi/Yw5UopLtVfjGfWeQWPClqffLZBsZ60BRAsg\r\n" \
+"/g+ID5tgzxSuxzftypK59uexOVCAm7hCKZHGO3DbI7bLY27j7VAgEP7d/yuaz5Fx\r\n" \
+"Kl/vu7shqrBoz6ABJVJD3KC8nUiMRUCXRINmxbyUUjA4DnicZv6+xrGKr36r6M8h\r\n" \
+"VYLa5msKc8WzbnBWzpUsrpb4/r7ML+qp92gdSfVJ8/bLiU7h2C7faDA59uaqrFK9\r\n" \
+"xmDdx7FaWhGQs3LWW6w1UNgkPS0FDYUslpsnsQIDAQABAoIBAC7IJNwM5V3+IuJY\r\n" \
+"T35Nzo1PyloUosJokvY5KGz5Ejg2XBdCDu0gXCcVqqQyGIbXrYDpLhQV+RCoXHun\r\n" \
+"tdN0oQdC5SB47s/J1Uo2qCUHo0+sBd6PqTkFKsl3KxWssk9TQjvCwC412IefMs69\r\n" \
+"hW+ZvwCanmQP56LleApIr2oW4KLfW8Ry/QfZlua+dizctdN7+H1mWwgZQTY9T27J\r\n" \
+"6RtGRA5NVkKVPzIHVJfdpKoO7xGg1g06aEbPB/VmGvZaaFWWnaf7uRvFjLZecBLu\r\n" \
+"QSx2DA/GDjirlDYj99PJb7DtB4xRtKzsyw0o+xapC8w6OtIl/3xFt9moCu2jGrsx\r\n" \
+"vpjHdfECgYEA7fSACRseIs9gAIVX8wq6gayTpA47DHYWAD6IQfIj35SJ+AgsvbFF\r\n" \
+"4AmrwDhcJVPmDy1N4nLBfyGAMt/2CfiYkdkW6QFX/ULRMMBL/G7kWV8hYQDICB2g\r\n" \
+"xaMRN1lPCmFq6BkSWjwIYTnYDFBDWVm1GVT8TMtJoM8Erej9qC0PeFUCgYEA6mF3\r\n" \
+"bigO3t8f5sig+XepaftEUbkJMzo72TVRnIR2ycdR2ihelPQ+25g9dwV0ZA5XXhBS\r\n" \
+"DKOABWjMM739Mwmy9v26Dlmu9R01zHQktMvtEAyfz7lk2NF0aMuj8285OJUBf9bz\r\n" \
+"Cq3MjtMCD+4CZ6iaEqCdUKOuxfpx5cWVJV+qve0CgYBhD1YaYMFOGaBjFgDl1f51\r\n" \
+"Xltqk5NqZdBbkSYrIAWZ8RDF5y+4wFJsLAWuhk6vuyUgE66tK3nZzWRpXAkT0B8L\r\n" \
+"fq1lpXKqj1KcvBNCiEkEW1VWJ+dvyAYIF5eyJ++hoFLnETL3M32HivyhKSwPihPg\r\n" \
+"nVW8TT9fJJIYDe1JZ/fjcQKBgHJfv7UsrR0LSvkG3K8AOtbx+8PZhOjPuRbk0v+L\r\n" \
+"EKCkuIe5/XW4vtfQMeZb7hFJgk7vrepm+vkoy8VQKDf4urGW3W1VTHBmobM01hi4\r\n" \
+"DuYvEul+Mf0wMRtWjJolo4m+BO5KiW2jpFfqFm6JmfjVqOIAKOSKC6am8V/MDF0h\r\n" \
+"kyN9AoGAT9oOiEXMolbkDZw/QCaBiRoAGlGlNYUkJ+58U6OjIZLISw6aFv+Y2uE0\r\n" \
+"mEImItjuYZtSYKblWikp6ldPoKlt9bwEFe3c6IZ8kJ3+xyEyAGrvjXjEY7PzP6dp\r\n" \
+"Ajbjp9X9uocEBv9W/KsBLdQ7yizcL/toHwdBO4vQqmqTvAc5IIw=\r\n" \
+"-----END RSA PRIVATE KEY-----\r\n"
+
+#define RSA_PRIVATE_KEY_4096 \
+"-----BEGIN RSA PRIVATE KEY-----\r\n" \
+"MIIJKgIBAAKCAgEAmkdGjoIshJuOt2NO47qB3Z3yyvmLg2j351isItSNuFQU3qr+\r\n" \
+"jXHIeANf03yw/K0Zvos8RPd+CqLjoxAQL3QDH4bZAl88bIo29i+SANbNSrKQmc0k\r\n" \
+"pH+yzw3alDzO0GZaOPZjsbo6AwBrno5msi0vRuC2aY8vGLPsZWSyLai7tneS1j/o\r\n" \
+"vYW6XIo8Cj61j2Ypy9HhVUW/4Wc+zAT25D/x7jTpkqJLWWT+YzibNbOY48M5eJcB\r\n" \
+"6/sMyUIeI3/u/wXyMrooNyLiCpedkuHRA0m7u5cWPTUISTunSRlVFij/NHJjuU8e\r\n" \
+"wA3B29yfZFsUqDEnyc+OxniIueAixTomVszxAaVn8zFEbYhFMPqziiFp99u3jfeG\r\n" \
+"k1q9mmUi/uCfUC4e2IC5rqq1ZbKSduH7Ug/Vn2bGQahww0sZFRHDXFrnBcotcW+M\r\n" \
+"bnC290VBDnYgzmdYrIOxuPb2aUwJo4ZlbKh5uBB1PigMuyhLKibQ1a+V5ZJGdpP6\r\n" \
+"SE9PGIdgYWSmh2QEMuLE6v+wTO2LQ5JgqsvFfi3GIZvkn0s8jTS72Jq2uMkFkMer\r\n" \
+"UBjPDYaSPy5kpo103KerWs+cMPOJ/3FtZzI++7MoSUTkWVr1ySQFt5i1EIZ/0Thi\r\n" \
+"jut2jNe8a4AoA3TtC8Rkk/3AIIbg8MVNT4EnT+KHROTMu6gET1oJ3YfBRpUCAwEA\r\n" \
+"AQKCAgEAhuNSmT7PVZH8kfLOAuYKrY1vvm+4v0iDl048Eqfs0QESziyLK3gUYnnw\r\n" \
+"yqP2yrU+EQ8Dvvj0xq/sf6GHxTWVlXb9PcmutueRbmXhLcKg83J0Y0StiPXtjIL8\r\n" \
+"XSddW3Bh6fPi7n14Qy+W6KZwu9AtybanRlvePabyRSRpdOpWVQ7u30w5XZsSed6S\r\n" \
+"6BI0BBC68m2qqje1sInoqdCdXKtcB31TytUDNEHM+UuAyM8iGeGS2hCNqZlycHTS\r\n" \
+"jQ9KEsdMH3YLu0lQgRpWtxmg+VL6ROWwmAtKF12EwbDYZ+uoVl69OkQnCpv8pxKa\r\n" \
+"ec/4m6V+uEA1AOpaAMorHG3fH31IKWC/fTZstovgO/eG2XCtlbcCoWCQ7amFq16l\r\n" \
+"Gh1UKeBHxMXpDj4oDmIUGUvgzSNnEeSN/v76losWvWYQDjXR/LMDa/CNYsD8BmJR\r\n" \
+"PZidIjIXdVRlYOhA7ljtySQvp6RBujBfw3tsVMyZw2XzXFwM9O89b1xXC6+M5jf9\r\n" \
+"DXs/U7Fw+J9qq/YpByABcPCwWdttwdQFRbOxwxaSOKarIqS87TW1JuFcNJ59Ut6G\r\n" \
+"kMvAg6gC34U+0ktkG/AmI1hgjC+P7ErHCXBR2xARoGzcO/CMZF59S+Z2HFchpTSP\r\n" \
+"5T2o4mGy3VfHSBidQQrcZRukg8ZP8M1NF3bXjpY6QZpeLHc4oHECggEBAMjdgzzk\r\n" \
+"xp4mIYFxAEiXYt7tzuUXJk+0UpEJj5uboWLirUZqZmNUPyh6WDnzlREBH++Ms0LO\r\n" \
+"+AWSfaGPDoMb0NE2j3c4FRWAhe7Vn6lj7nLVpF2RdwRo88yGerZ4uwGMY8NUQCtn\r\n" \
+"zum3J7eCJ5DojiceRb6uMxTJ8xZmUC4W2f3J/lrR7wlYjyVnnHqH5HcemYUipWSw\r\n" \
+"sM0/cHp3lrz2VWrbAEu8HVpklvDQpdAgl7cjXt/JHYawY+p426IF/PzQSRROnzgy\r\n" \
+"4WI8FVYNV2tgu0TOFURbkkEvuj/duDKeooUIF0G0XHzha5oAX/j0iWiHbrOF6wHj\r\n" \
+"0xeajL9msKBnmD8CggEBAMSgLWmv7G31x4tndJCcXnX4AyVL7KpygAx/ZwCcyTR8\r\n" \
+"rY1rO07f/ta2noEra/xmEW/BW98qJFCHSU2nSLAQ5FpFSWyuQqrnffrMJnfWyvpr\r\n" \
+"ceQ0yQ/MiA6/JIOvGAjabcspzZijxzGp+Qk3eTT0yOXLSVOCH9B9XVHLodcy4PQM\r\n" \
+"KSCxy0vVHhVNl2SdPEwTXRmxk99Q/rw6IHVpQxBq1OhQt05nTKT+rZMD/grSK22e\r\n" \
+"my2F0DodAJwLo063Zv3RXQZhDYodMmjcp9Hqrtvj9P3HD7J3z6ACiV3SCi8cZumL\r\n" \
+"bSmnKCcd0bb45+aOWm31ieECJuIcJ9rOREEa/KDYTCsCggEBAMG5WkSVhLWsou37\r\n" \
+"dUGNuA63nq42SH3gtS0q4nU6gUkkw+dA4ST1cMByVrr1oRQ4WHup4I4TnQOKyF3T\r\n" \
+"4jQy1I+ipnVeAn+tZ/7zyzwMpEHeqNqRXA9FxbTBEoMAJ6QTqXgOvqDeSqIAQm7r\r\n" \
+"OYu5rrgtqyh/S8bGCwvUe4ooAfCSKx2ekYMbBVwW9MT8YS09tuS/iHJ3Mt2RTMLg\r\n" \
+"qeHvVmxrcXqZoFm44Ba7tN/pP0mi9HKyviZT4tmV3IYEbn3JyGGsfkUuVU9wEUfg\r\n" \
+"MCrgrVxrwfketAzooiHMjkVL2ASjzAJTmEvdAPETYXxzJD9LN0ovY3t8JfAC37IN\r\n" \
+"sVXS8/MCggEBALByOS59Y4Ktq1rLBQx8djwQyuneP0wZohUVAx7Gk7xZIfklQDyg\r\n" \
+"v/R4PrcVezstcPpDnykdjScCsGJR+uWc0v667I/ttP/e6utz5hVmmBGu965dPAzE\r\n" \
+"c1ggaSkOqFfRg/Nr2Qbf+fH0YPnHYSqHe/zSt0OMIvaaeXLcdKhEDSCUBRhE1HWB\r\n" \
+"kxR046WzgBeYzNQwycz9xwqsctJKGpeR9ute+5ANHPd3X9XtID0fqz8ctI5eZaSw\r\n" \
+"wApIW01ZQcAF8B+4WkkVuFXnpWW33yCOaRyPVOPHpnclr5WU1fS+3Q85QkW9rkej\r\n" \
+"97zlkl0QY9AHJqrXnoML1ywAK7ns+MVyNK8CggEAf62xcKZhOb1djeF72Ms+i/i/\r\n" \
+"WIAq4Q4YpsElgvJTHpNH2v9g4ngSTKe3ws3bGc502sWRlhcoTFMOW2rJNe/iqKkb\r\n" \
+"3cdeTkseDbpqozmJWz9dJWSVtXas2bZjzBEa//gQ7nHGVeQdqZJQ9rxPsoOAkfpi\r\n" \
+"qCFrmfUVUqC53e3XMt8+W+aSvKl+JZiB9ozkO9A6Q0vfQLKtjUMdQE3XaCFQT8DI\r\n" \
+"smaLBlBmeRaBpc02ENeC4ADlWosm1SwgxqMhuh2Alba/GrHOoPlVl4hDs9Fb5a6R\r\n" \
+"rmpXSt07GAxnG6j9jssA95E4rc1zO0CVKG5bvjVTxwi/sT0/VVX7VsJM4uTAQg==\r\n" \
+"-----END RSA PRIVATE KEY-----\r\n"
+
+#if defined _MSC_VER && !defined snprintf
+#define snprintf _snprintf
+#endif
+
+/*
+ * For heap usage estimates, we need an estimate of the overhead per allocated
+ * block. ptmalloc2/3 (used in gnu libc for instance) uses 2 size_t per block,
+ * so use that as our baseline.
+ */
+#define MEM_BLOCK_OVERHEAD ( 2 * sizeof( size_t ) )
+
+/*
+ * Size to use for the malloc buffer if MEMORY_BUFFER_ALLOC_C is defined.
+ */
+#define HEAP_SIZE (1u << 16) // 64k
+
+#define BUFSIZE 1024
+#define HEADER_FORMAT " %-24s : "
+#define TITLE_LEN 25
+
+#define OPTIONS \
+ "md4, md5, ripemd160, sha1, sha256, sha512,\r\n" \
+ "arc4, des3, des, aes_cbc, aes_gcm, aes_ccm, camellia, blowfish,\r\n" \
+ "havege, ctr_drbg, hmac_drbg\r\n" \
+ "rsa, dhm, ecdsa, ecdh.\r\n"
+
+#if defined(MBEDTLS_ERROR_C)
+#define PRINT_ERROR \
+ mbedtls_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \
+ mbedtls_printf( "FAILED: %s\r\n", tmp );
+#else
+#define PRINT_ERROR \
+ mbedtls_printf( "FAILED: -0x%04x\r\n", -ret );
+#endif
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ static int dwt_started = 0;
+
+ if( dwt_started == 0 )
+ {
+ CoreDebug->DEMCR |= CoreDebug_DEMCR_TRCENA_Msk;
+ DWT->CTRL |= DWT_CTRL_CYCCNTENA_Msk;
+ }
+
+ return( DWT->CYCCNT );
+}
+
+static volatile int alarmed;
+static void alarm() { alarmed = 1; }
+
+#define TIME_AND_TSC( TITLE, CODE ) \
+do { \
+ unsigned long i, j, tsc; \
+ Timeout t; \
+ \
+ mbedtls_printf( HEADER_FORMAT, TITLE ); \
+ fflush( stdout ); \
+ \
+ for( i = 1, alarmed = 0, t.attach( alarm, 1.0 ); !alarmed; i++ ) \
+ { \
+ CODE; \
+ } \
+ \
+ tsc = mbedtls_timing_hardclock(); \
+ for( j = 0; j < 1024; j++ ) \
+ { \
+ CODE; \
+ } \
+ \
+ mbedtls_printf( "%9lu Kb/s, %9lu cycles/byte\r\n", \
+ i * BUFSIZE / 1024, \
+ ( mbedtls_timing_hardclock() - tsc ) / ( j * BUFSIZE ) ); \
+} while( 0 )
+
+#if defined(MBEDTLS_ERROR_C)
+#define PRINT_ERROR \
+ mbedtls_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \
+ mbedtls_printf( "FAILED: %s\r\n", tmp );
+#else
+#define PRINT_ERROR \
+ mbedtls_printf( "FAILED: -0x%04x\r\n", -ret );
+#endif
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && defined(MBEDTLS_MEMORY_DEBUG)
+
+#define MEMORY_MEASURE_INIT \
+ size_t max_used, max_blocks, max_bytes; \
+ size_t prv_used, prv_blocks; \
+ mbedtls_memory_buffer_alloc_cur_get( &prv_used, &prv_blocks ); \
+ mbedtls_memory_buffer_alloc_max_reset( );
+
+#define MEMORY_MEASURE_PRINT( title_len ) \
+ mbedtls_memory_buffer_alloc_max_get( &max_used, &max_blocks ); \
+ for( i = 12 - title_len; i != 0; i-- ) mbedtls_printf( " " ); \
+ max_used -= prv_used; \
+ max_blocks -= prv_blocks; \
+ max_bytes = max_used + MEM_BLOCK_OVERHEAD * max_blocks; \
+ mbedtls_printf( "%6u heap bytes", (unsigned) max_bytes );
+
+#else
+#define MEMORY_MEASURE_INIT
+#define MEMORY_MEASURE_PRINT( title_len )
+#endif
+
+#define TIME_PUBLIC( TITLE, TYPE, CODE ) \
+do { \
+ unsigned long ms; \
+ int ret = 0; \
+ Timer t; \
+ MEMORY_MEASURE_INIT; \
+ \
+ mbedtls_printf( HEADER_FORMAT, TITLE ); \
+ fflush( stdout ); \
+ \
+ t.start(); \
+ CODE; \
+ t.stop(); \
+ ms = t.read_ms(); \
+ \
+ if( ret != 0 ) \
+ { \
+ PRINT_ERROR; \
+ } \
+ else \
+ { \
+ mbedtls_printf( "%6lu ms/" TYPE, ms ); \
+ MEMORY_MEASURE_PRINT( sizeof( TYPE ) + 1 ); \
+ mbedtls_printf( "\r\n" ); \
+ } \
+} while( 0 )
+
+static int myrand( void *rng_state, unsigned char *output, size_t len )
+{
+ size_t use_len;
+ int rnd;
+
+ if( rng_state != NULL )
+ rng_state = NULL;
+
+ while( len > 0 )
+ {
+ use_len = len;
+ if( use_len > sizeof(int) )
+ use_len = sizeof(int);
+
+ rnd = rand();
+ memcpy( output, &rnd, use_len );
+ output += use_len;
+ len -= use_len;
+ }
+
+ return( 0 );
+}
+
+/*
+ * Clear some memory that was used to prepare the context
+ */
+#if defined(MBEDTLS_ECP_C)
+void ecp_clear_precomputed( mbedtls_ecp_group *grp )
+{
+ if( grp->T != NULL )
+ {
+ size_t i;
+ for( i = 0; i < grp->T_size; i++ )
+ mbedtls_ecp_point_free( &grp->T[i] );
+ mbedtls_free( grp->T );
+ }
+ grp->T = NULL;
+ grp->T_size = 0;
+}
+#else
+#define ecp_clear_precomputed( g )
+#endif
+
+unsigned char buf[BUFSIZE];
+
+typedef struct {
+ char md4, md5, ripemd160, sha1, sha256, sha512,
+ arc4, des3, des, aes_cbc, aes_gcm, aes_ccm, camellia, blowfish,
+ havege, ctr_drbg, hmac_drbg,
+ rsa, dhm, ecdsa, ecdh;
+} todo_list;
+
+int benchmark( int argc, char *argv[] )
+{
+ int i;
+ unsigned char tmp[200];
+ char title[TITLE_LEN];
+ todo_list todo;
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+ unsigned char malloc_buf[HEAP_SIZE] = { 0 };
+#endif
+
+ if( argc <= 1 )
+ {
+ memset( &todo, 1, sizeof( todo ) );
+ }
+ else
+ {
+ memset( &todo, 0, sizeof( todo ) );
+
+ for( i = 1; i < argc; i++ )
+ {
+ if( strcmp( argv[i], "md4" ) == 0 )
+ todo.md4 = 1;
+ else if( strcmp( argv[i], "md5" ) == 0 )
+ todo.md5 = 1;
+ else if( strcmp( argv[i], "ripemd160" ) == 0 )
+ todo.ripemd160 = 1;
+ else if( strcmp( argv[i], "sha1" ) == 0 )
+ todo.sha1 = 1;
+ else if( strcmp( argv[i], "sha256" ) == 0 )
+ todo.sha256 = 1;
+ else if( strcmp( argv[i], "sha512" ) == 0 )
+ todo.sha512 = 1;
+ else if( strcmp( argv[i], "arc4" ) == 0 )
+ todo.arc4 = 1;
+ else if( strcmp( argv[i], "des3" ) == 0 )
+ todo.des3 = 1;
+ else if( strcmp( argv[i], "des" ) == 0 )
+ todo.des = 1;
+ else if( strcmp( argv[i], "aes_cbc" ) == 0 )
+ todo.aes_cbc = 1;
+ else if( strcmp( argv[i], "aes_gcm" ) == 0 )
+ todo.aes_gcm = 1;
+ else if( strcmp( argv[i], "aes_ccm" ) == 0 )
+ todo.aes_ccm = 1;
+ else if( strcmp( argv[i], "camellia" ) == 0 )
+ todo.camellia = 1;
+ else if( strcmp( argv[i], "blowfish" ) == 0 )
+ todo.blowfish = 1;
+ else if( strcmp( argv[i], "havege" ) == 0 )
+ todo.havege = 1;
+ else if( strcmp( argv[i], "ctr_drbg" ) == 0 )
+ todo.ctr_drbg = 1;
+ else if( strcmp( argv[i], "hmac_drbg" ) == 0 )
+ todo.hmac_drbg = 1;
+ else if( strcmp( argv[i], "rsa" ) == 0 )
+ todo.rsa = 1;
+ else if( strcmp( argv[i], "dhm" ) == 0 )
+ todo.dhm = 1;
+ else if( strcmp( argv[i], "ecdsa" ) == 0 )
+ todo.ecdsa = 1;
+ else if( strcmp( argv[i], "ecdh" ) == 0 )
+ todo.ecdh = 1;
+ else
+ {
+ mbedtls_printf( "Unrecognized option: %s\r\n", argv[i] );
+ mbedtls_printf( "Available options: " OPTIONS );
+ }
+ }
+ }
+
+ mbedtls_printf( "\r\n\r\n" );
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+ mbedtls_memory_buffer_alloc_init( malloc_buf, sizeof( malloc_buf ) );
+#endif
+ memset( buf, 0xAA, sizeof( buf ) );
+ memset( tmp, 0xBB, sizeof( tmp ) );
+
+#if defined(MBEDTLS_MD4_C)
+ if( todo.md4 )
+ TIME_AND_TSC( "MD4", mbedtls_md4( buf, BUFSIZE, tmp ) );
+#endif
+
+#if defined(MBEDTLS_MD5_C)
+ if( todo.md5 )
+ TIME_AND_TSC( "MD5", mbedtls_md5( buf, BUFSIZE, tmp ) );
+#endif
+
+#if defined(MBEDTLS_RIPEMD160_C)
+ if( todo.ripemd160 )
+ TIME_AND_TSC( "RIPEMD160", mbedtls_ripemd160( buf, BUFSIZE, tmp ) );
+#endif
+
+#if defined(MBEDTLS_SHA1_C)
+ if( todo.sha1 )
+ TIME_AND_TSC( "SHA-1", mbedtls_sha1( buf, BUFSIZE, tmp ) );
+#endif
+
+#if defined(MBEDTLS_SHA256_C)
+ if( todo.sha256 )
+ TIME_AND_TSC( "SHA-256", mbedtls_sha256( buf, BUFSIZE, tmp, 0 ) );
+#endif
+
+#if defined(MBEDTLS_SHA512_C)
+ if( todo.sha512 )
+ TIME_AND_TSC( "SHA-512", mbedtls_sha512( buf, BUFSIZE, tmp, 0 ) );
+#endif
+
+#if defined(MBEDTLS_ARC4_C)
+ if( todo.arc4 )
+ {
+ mbedtls_arc4_context arc4;
+ mbedtls_arc4_init( &arc4 );
+ mbedtls_arc4_setup( &arc4, tmp, 32 );
+ TIME_AND_TSC( "ARC4", mbedtls_arc4_crypt( &arc4, BUFSIZE, buf, buf ) );
+ mbedtls_arc4_free( &arc4 );
+ }
+#endif
+
+#if defined(MBEDTLS_DES_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
+ if( todo.des3 )
+ {
+ mbedtls_des3_context des3;
+ mbedtls_des3_init( &des3 );
+ mbedtls_des3_set3key_enc( &des3, tmp );
+ TIME_AND_TSC( "3DES",
+ mbedtls_des3_crypt_cbc( &des3, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
+ mbedtls_des3_free( &des3 );
+ }
+
+ if( todo.des )
+ {
+ mbedtls_des_context des;
+ mbedtls_des_init( &des );
+ mbedtls_des_setkey_enc( &des, tmp );
+ TIME_AND_TSC( "DES",
+ mbedtls_des_crypt_cbc( &des, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
+ mbedtls_des_free( &des );
+ }
+#endif
+
+#if defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+ if( todo.aes_cbc )
+ {
+ int keysize;
+ mbedtls_aes_context aes;
+ mbedtls_aes_init( &aes );
+ for( keysize = 128; keysize <= 256; keysize += 64 )
+ {
+ mbedtls_snprintf( title, sizeof( title ), "AES-CBC-%d", keysize );
+
+ memset( buf, 0, sizeof( buf ) );
+ memset( tmp, 0, sizeof( tmp ) );
+ mbedtls_aes_setkey_enc( &aes, tmp, keysize );
+
+ TIME_AND_TSC( title,
+ mbedtls_aes_crypt_cbc( &aes, MBEDTLS_AES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
+ }
+ mbedtls_aes_free( &aes );
+ }
+#endif
+#if defined(MBEDTLS_GCM_C)
+ if( todo.aes_gcm )
+ {
+ int keysize;
+ mbedtls_gcm_context gcm;
+
+ mbedtls_gcm_init( &gcm );
+ for( keysize = 128; keysize <= 256; keysize += 64 )
+ {
+ mbedtls_snprintf( title, sizeof( title ), "AES-GCM-%d", keysize );
+
+ memset( buf, 0, sizeof( buf ) );
+ memset( tmp, 0, sizeof( tmp ) );
+ mbedtls_gcm_setkey( &gcm, MBEDTLS_CIPHER_ID_AES, tmp, keysize );
+
+ TIME_AND_TSC( title,
+ mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_ENCRYPT, BUFSIZE, tmp,
+ 12, NULL, 0, buf, buf, 16, tmp ) );
+
+ mbedtls_gcm_free( &gcm );
+ }
+ }
+#endif
+#if defined(MBEDTLS_CCM_C)
+ if( todo.aes_ccm )
+ {
+ int keysize;
+ mbedtls_ccm_context ccm;
+
+ mbedtls_ccm_init( &ccm );
+ for( keysize = 128; keysize <= 256; keysize += 64 )
+ {
+ mbedtls_snprintf( title, sizeof( title ), "AES-CCM-%d", keysize );
+
+ memset( buf, 0, sizeof( buf ) );
+ memset( tmp, 0, sizeof( tmp ) );
+ mbedtls_ccm_setkey( &ccm, MBEDTLS_CIPHER_ID_AES, tmp, keysize );
+
+ TIME_AND_TSC( title,
+ mbedtls_ccm_encrypt_and_tag( &ccm, BUFSIZE, tmp,
+ 12, NULL, 0, buf, buf, tmp, 16 ) );
+
+ mbedtls_ccm_free( &ccm );
+ }
+ }
+#endif
+#endif
+
+#if defined(MBEDTLS_CAMELLIA_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
+ if( todo.camellia )
+ {
+ int keysize;
+ mbedtls_camellia_context camellia;
+ mbedtls_camellia_init( &camellia );
+ for( keysize = 128; keysize <= 256; keysize += 64 )
+ {
+ mbedtls_snprintf( title, sizeof( title ), "CAMELLIA-CBC-%d", keysize );
+
+ memset( buf, 0, sizeof( buf ) );
+ memset( tmp, 0, sizeof( tmp ) );
+ mbedtls_camellia_setkey_enc( &camellia, tmp, keysize );
+
+ TIME_AND_TSC( title,
+ mbedtls_camellia_crypt_cbc( &camellia, MBEDTLS_CAMELLIA_ENCRYPT,
+ BUFSIZE, tmp, buf, buf ) );
+ }
+ mbedtls_camellia_free( &camellia );
+ }
+#endif
+
+#if defined(MBEDTLS_BLOWFISH_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
+ if( todo.blowfish )
+ {
+ int keysize;
+ mbedtls_blowfish_context blowfish;
+ mbedtls_blowfish_init( &blowfish );
+
+ for( keysize = 128; keysize <= 256; keysize += 64 )
+ {
+ mbedtls_snprintf( title, sizeof( title ), "BLOWFISH-CBC-%d", keysize );
+
+ memset( buf, 0, sizeof( buf ) );
+ memset( tmp, 0, sizeof( tmp ) );
+ mbedtls_blowfish_setkey( &blowfish, tmp, keysize );
+
+ TIME_AND_TSC( title,
+ mbedtls_blowfish_crypt_cbc( &blowfish, MBEDTLS_BLOWFISH_ENCRYPT, BUFSIZE,
+ tmp, buf, buf ) );
+ }
+
+ mbedtls_blowfish_free( &blowfish );
+ }
+#endif
+
+#if defined(MBEDTLS_HAVEGE_C)
+ if( todo.havege )
+ {
+ mbedtls_havege_state hs;
+ mbedtls_havege_init( &hs );
+ TIME_AND_TSC( "HAVEGE", mbedtls_havege_random( &hs, buf, BUFSIZE ) );
+ mbedtls_havege_free( &hs );
+ }
+#endif
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+ if( todo.ctr_drbg )
+ {
+ mbedtls_ctr_drbg_context ctr_drbg;
+
+ mbedtls_ctr_drbg_init( &ctr_drbg );
+
+ if( mbedtls_ctr_drbg_seed( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
+ mbedtls_exit(1);
+ TIME_AND_TSC( "CTR_DRBG (NOPR)",
+ if( mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
+ mbedtls_exit(1) );
+
+ if( mbedtls_ctr_drbg_seed( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
+ mbedtls_exit(1);
+ mbedtls_ctr_drbg_set_prediction_resistance( &ctr_drbg, MBEDTLS_CTR_DRBG_PR_ON );
+ TIME_AND_TSC( "CTR_DRBG (PR)",
+ if( mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
+ mbedtls_exit(1) );
+ mbedtls_ctr_drbg_free( &ctr_drbg );
+ }
+#endif
+
+#if defined(MBEDTLS_HMAC_DRBG_C)
+ if( todo.hmac_drbg )
+ {
+ mbedtls_hmac_drbg_context hmac_drbg;
+ const mbedtls_md_info_t *md_info;
+
+ mbedtls_hmac_drbg_init( &hmac_drbg );
+
+#if defined(MBEDTLS_SHA1_C)
+ if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL )
+ mbedtls_exit(1);
+
+ if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
+ mbedtls_exit(1);
+ TIME_AND_TSC( "HMAC_DRBG SHA-1 (NOPR)",
+ if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
+ mbedtls_exit(1) );
+ mbedtls_hmac_drbg_free( &hmac_drbg );
+
+ if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
+ mbedtls_exit(1);
+ mbedtls_hmac_drbg_set_prediction_resistance( &hmac_drbg,
+ MBEDTLS_HMAC_DRBG_PR_ON );
+ TIME_AND_TSC( "HMAC_DRBG SHA-1 (PR)",
+ if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
+ mbedtls_exit(1) );
+ mbedtls_hmac_drbg_free( &hmac_drbg );
+#endif
+
+#if defined(MBEDTLS_SHA256_C)
+ if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ) ) == NULL )
+ mbedtls_exit(1);
+
+ if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
+ mbedtls_exit(1);
+ TIME_AND_TSC( "HMAC_DRBG SHA-256 (NOPR)",
+ if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
+ mbedtls_exit(1) );
+ mbedtls_hmac_drbg_free( &hmac_drbg );
+
+ if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
+ mbedtls_exit(1);
+ mbedtls_hmac_drbg_set_prediction_resistance( &hmac_drbg,
+ MBEDTLS_HMAC_DRBG_PR_ON );
+ TIME_AND_TSC( "HMAC_DRBG SHA-256 (PR)",
+ if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
+ mbedtls_exit(1) );
+ mbedtls_hmac_drbg_free( &hmac_drbg );
+#endif
+ }
+#endif
+
+#if defined(MBEDTLS_RSA_C) && \
+ defined(MBEDTLS_PEM_PARSE_C) && defined(MBEDTLS_PK_PARSE_C)
+ if( todo.rsa )
+ {
+ mbedtls_pk_context pk;
+ mbedtls_rsa_context *rsa;
+ const char *rsa_keys[] = { RSA_PRIVATE_KEY_2048, RSA_PRIVATE_KEY_4096 };
+ size_t i;
+
+ for( i = 0; i < sizeof( rsa_keys ) / sizeof( rsa_keys[0] ); i++ )
+ {
+ mbedtls_pk_init( &pk );
+ mbedtls_pk_parse_key( &pk, (const unsigned char *) rsa_keys[i],
+ strlen( rsa_keys[i] ) + 1, NULL, 0 );
+ rsa = mbedtls_pk_rsa( pk );
+
+ mbedtls_snprintf( title, sizeof( title ), "RSA-%d", mbedtls_pk_get_bitlen( &pk ) );
+
+ TIME_PUBLIC( title, " public",
+ buf[0] = 0;
+ ret = mbedtls_rsa_public( rsa, buf, buf ) );
+
+ TIME_PUBLIC( title, "private",
+ buf[0] = 0;
+ ret = mbedtls_rsa_private( rsa, myrand, NULL, buf, buf ) );
+
+ mbedtls_pk_free( &pk );
+ }
+ }
+#endif
+
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_BIGNUM_C)
+ if( todo.dhm )
+ {
+ int dhm_sizes[] = { 2048, 3072 };
+ const char *dhm_P[] = {
+ MBEDTLS_DHM_RFC3526_MODP_2048_P,
+ MBEDTLS_DHM_RFC3526_MODP_3072_P,
+ };
+ const char *dhm_G[] = {
+ MBEDTLS_DHM_RFC3526_MODP_2048_G,
+ MBEDTLS_DHM_RFC3526_MODP_3072_G,
+ };
+
+ mbedtls_dhm_context dhm;
+ size_t olen;
+ for( i = 0; (size_t) i < sizeof( dhm_sizes ) / sizeof( dhm_sizes[0] ); i++ )
+ {
+ mbedtls_dhm_init( &dhm );
+
+ if( mbedtls_mpi_read_string( &dhm.P, 16, dhm_P[i] ) != 0 ||
+ mbedtls_mpi_read_string( &dhm.G, 16, dhm_G[i] ) != 0 )
+ {
+ mbedtls_exit( 1 );
+ }
+
+ dhm.len = mbedtls_mpi_size( &dhm.P );
+ mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len, myrand, NULL );
+ if( mbedtls_mpi_copy( &dhm.GY, &dhm.GX ) != 0 )
+ mbedtls_exit( 1 );
+
+ mbedtls_snprintf( title, sizeof( title ), "DHE-%d", dhm_sizes[i] );
+ TIME_PUBLIC( title, "handshake",
+ ret |= mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len,
+ myrand, NULL );
+ ret |= mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &olen, myrand, NULL ) );
+
+ mbedtls_snprintf( title, sizeof( title ), "DH-%d", dhm_sizes[i] );
+ TIME_PUBLIC( title, "handshake",
+ ret |= mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &olen, myrand, NULL ) );
+
+ mbedtls_dhm_free( &dhm );
+ }
+ }
+#endif
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_SHA256_C)
+ if( todo.ecdsa )
+ {
+ mbedtls_ecdsa_context ecdsa;
+ const mbedtls_ecp_curve_info *curve_info;
+ size_t sig_len;
+
+ memset( buf, 0x2A, sizeof( buf ) );
+
+ for( curve_info = mbedtls_ecp_curve_list();
+ curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
+ curve_info++ )
+ {
+ mbedtls_ecdsa_init( &ecdsa );
+
+ if( mbedtls_ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 )
+ mbedtls_exit( 1 );
+ ecp_clear_precomputed( &ecdsa.grp );
+
+ mbedtls_snprintf( title, sizeof( title ), "ECDSA-%s",
+ curve_info->name );
+ TIME_PUBLIC( title, "sign",
+ ret = mbedtls_ecdsa_write_signature( &ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->bit_size,
+ tmp, &sig_len, myrand, NULL ) );
+
+ mbedtls_ecdsa_free( &ecdsa );
+ }
+
+ for( curve_info = mbedtls_ecp_curve_list();
+ curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
+ curve_info++ )
+ {
+ mbedtls_ecdsa_init( &ecdsa );
+
+ if( mbedtls_ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 ||
+ mbedtls_ecdsa_write_signature( &ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->bit_size,
+ tmp, &sig_len, myrand, NULL ) != 0 )
+ {
+ mbedtls_exit( 1 );
+ }
+ ecp_clear_precomputed( &ecdsa.grp );
+
+ mbedtls_snprintf( title, sizeof( title ), "ECDSA-%s",
+ curve_info->name );
+ TIME_PUBLIC( title, "verify",
+ ret = mbedtls_ecdsa_read_signature( &ecdsa, buf, curve_info->bit_size,
+ tmp, sig_len ) );
+
+ mbedtls_ecdsa_free( &ecdsa );
+ }
+ }
+#endif
+
+#if defined(MBEDTLS_ECDH_C)
+ if( todo.ecdh )
+ {
+ mbedtls_ecdh_context ecdh;
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+ mbedtls_mpi z;
+#endif
+ const mbedtls_ecp_curve_info *curve_info;
+ size_t olen;
+
+ for( curve_info = mbedtls_ecp_curve_list();
+ curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
+ curve_info++ )
+ {
+ mbedtls_ecdh_init( &ecdh );
+
+ if( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) != 0 ||
+ mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
+ myrand, NULL ) != 0 ||
+ mbedtls_ecp_copy( &ecdh.Qp, &ecdh.Q ) != 0 )
+ {
+ mbedtls_exit( 1 );
+ }
+ ecp_clear_precomputed( &ecdh.grp );
+
+ mbedtls_snprintf( title, sizeof( title ), "ECDHE-%s",
+ curve_info->name );
+ TIME_PUBLIC( title, "handshake",
+ ret |= mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
+ myrand, NULL );
+ ret |= mbedtls_ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ),
+ myrand, NULL ) );
+ mbedtls_ecdh_free( &ecdh );
+ }
+
+ /* Curve25519 needs to be handled separately */
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+ mbedtls_ecdh_init( &ecdh );
+ mbedtls_mpi_init( &z );
+
+ if( mbedtls_ecp_group_load( &ecdh.grp, MBEDTLS_ECP_DP_CURVE25519 ) != 0 ||
+ mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp, myrand, NULL ) != 0 )
+ {
+ mbedtls_exit( 1 );
+ }
+
+ TIME_PUBLIC( "ECDHE-Curve25519", "handshake",
+ ret |= mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q,
+ myrand, NULL );
+ ret |= mbedtls_ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d,
+ myrand, NULL ) );
+
+ mbedtls_ecdh_free( &ecdh );
+ mbedtls_mpi_free( &z );
+#endif
+
+ for( curve_info = mbedtls_ecp_curve_list();
+ curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
+ curve_info++ )
+ {
+ mbedtls_ecdh_init( &ecdh );
+
+ if( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) != 0 ||
+ mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
+ myrand, NULL ) != 0 ||
+ mbedtls_ecp_copy( &ecdh.Qp, &ecdh.Q ) != 0 ||
+ mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
+ myrand, NULL ) != 0 )
+ {
+ mbedtls_exit( 1 );
+ }
+ ecp_clear_precomputed( &ecdh.grp );
+
+ mbedtls_snprintf( title, sizeof( title ), "ECDH-%s",
+ curve_info->name );
+ TIME_PUBLIC( title, "handshake",
+ ret |= mbedtls_ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ),
+ myrand, NULL ) );
+ mbedtls_ecdh_free( &ecdh );
+ }
+
+ /* Curve25519 needs to be handled separately */
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+ mbedtls_ecdh_init( &ecdh );
+ mbedtls_mpi_init( &z );
+
+ if( mbedtls_ecp_group_load( &ecdh.grp, MBEDTLS_ECP_DP_CURVE25519 ) != 0 ||
+ mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp,
+ myrand, NULL ) != 0 ||
+ mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q, myrand, NULL ) != 0 )
+ {
+ mbedtls_exit( 1 );
+ }
+
+ TIME_PUBLIC( "ECDH-Curve25519", "handshake",
+ ret |= mbedtls_ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d,
+ myrand, NULL ) );
+
+ mbedtls_ecdh_free( &ecdh );
+ mbedtls_mpi_free( &z );
+#endif
+ }
+#endif
+
+ mbedtls_printf( "\r\n" );
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+ mbedtls_memory_buffer_alloc_free();
+#endif
+
+#if defined(_WIN32)
+ mbedtls_printf( " Press Enter to exit this program.\r\n" );
+ fflush( stdout ); getchar();
+#endif
+
+ return( 0 );
+}
+
+#include "mbed-drivers/test_env.h"
+#include "minar/minar.h"
+
+static void run() {
+ MBED_HOSTTEST_TIMEOUT(150);
+ MBED_HOSTTEST_SELECT(default);
+ MBED_HOSTTEST_DESCRIPTION(mbed TLS benchmark program);
+ MBED_HOSTTEST_START("MBEDTLS_BENCHMARK");
+ MBED_HOSTTEST_RESULT(benchmark(0, NULL) == 0);
+}
+
+void app_start(int, char*[]) {
+ /* Use 115200 bps for consistency with other examples */
+ get_stdio_serial().baud(115200);
+ minar::Scheduler::postCallback(mbed::util::FunctionPointer0<void>(run).bind());
+}
+
+#endif /* TARGET_LIKE_MBED */
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-hashing/README.md b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-hashing/README.md
new file mode 100644
index 0000000..553c3a6
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-hashing/README.md
@@ -0,0 +1,67 @@
+# SHA-256 Hash Example
+
+This application performs hashing of a buffer with SHA-256 using various APIs. It serves as a tutorial for the basic hashing APIs of mbed TLS.
+
+## Pre-requisites
+
+To build and run this example you must have:
+
+* A computer with the following software installed:
+ * [CMake](http://www.cmake.org/download/).
+ * [yotta](https://github.com/ARMmbed/yotta). Please note that **yotta has its own set of dependencies**, listed in the [installation instructions](http://armmbed.github.io/yotta/#installing-on-windows).
+ * [Python](https://www.python.org/downloads/).
+ * [The ARM GCC toolchain](https://launchpad.net/gcc-arm-embedded).
+ * A serial terminal emulator (Like screen, pySerial and cu).
+* An [FRDM-K64F](http://developer.mbed.org/platforms/FRDM-K64F/) development board, or another board supported by mbed OS (in which case you'll have to substitute frdm-k64f-gcc with the appropriate target in the instructions below).
+* A micro-USB cable.
+* If your OS is Windows, please follow the installation instructions [for the serial port driver](https://developer.mbed.org/handbook/Windows-serial-configuration).
+
+## Getting started
+
+1. Connect the FRDM-K64F to the computer with the micro-USB cable, being careful to use the "OpenSDA" connector on the target board.
+
+2. Navigate to the mbedtls directory supplied with your release and open a terminal.
+
+3. Set the yotta target:
+
+ ```
+ yotta target frdm-k64f-gcc
+ ```
+
+4. Build mbedtls and the examples. This may take a long time if this is your first compilation:
+
+ ```
+ $ yotta build
+ ```
+
+5. Copy `build/frdm-k64f-gcc/test/mbedtls-test-example-hashing.bin` to your mbed board and wait until the LED next to the USB port stops blinking.
+
+6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
+
+ Use the following settings:
+
+ * 115200 baud (not 9600).
+ * 8N1.
+ * No flow control.
+
+7. Press the Reset button on the board.
+
+8. The output in the terminal window should look like:
+
+ ```
+ {{timeout;10}}
+ {{host_test_name;default}}
+ {{description;mbed TLS example on hashing}}
+ {{test_id;MBEDTLS_EX_HASHING}}
+ {{start}}
+
+
+ Method 1: 315f5bdb76d078c43b8ac0064e4a0164612b1fce77c869345bfc94c75894edd3
+ Method 2: 315f5bdb76d078c43b8ac0064e4a0164612b1fce77c869345bfc94c75894edd3
+ Method 3: 315f5bdb76d078c43b8ac0064e4a0164612b1fce77c869345bfc94c75894edd3
+ Method 4: 315f5bdb76d078c43b8ac0064e4a0164612b1fce77c869345bfc94c75894edd3
+
+ DONE
+ {{success}}
+ {{end}}
+ ```
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-hashing/main.cpp b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-hashing/main.cpp
new file mode 100644
index 0000000..574152a
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-hashing/main.cpp
@@ -0,0 +1,177 @@
+/*
+ * Hello world example of using the hashing functions of mbed TLS
+ *
+ * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/*
+ * This program illustrates various ways of hashing a buffer.
+ * You normally need only one of these two includes.
+ */
+#include "mbedtls/sha256.h" /* SHA-256 only */
+#include "mbedtls/md.h" /* generic interface */
+
+#if defined(TARGET_LIKE_MBED)
+#include "mbed-drivers/mbed.h"
+#endif
+#include <cstdio>
+
+static void print_hex(const char *title, const unsigned char buf[], size_t len)
+{
+ printf("%s: ", title);
+
+ for (size_t i = 0; i < len; i++)
+ printf("%02x", buf[i]);
+
+ printf("\r\n");
+}
+
+static const char hello_str[] = "Hello, world!";
+static const unsigned char *hello_buffer = (const unsigned char *) hello_str;
+static const size_t hello_len = sizeof hello_str - 1;
+
+int example(void)
+{
+ printf( "\r\n\r\n" );
+
+ /*
+ * Method 1: use all-in-one function of a specific SHA-xxx module
+ */
+ unsigned char output1[32]; /* SHA-256 outputs 32 bytes */
+
+ /* 0 here means use the full SHA-256, not the SHA-224 variant */
+ mbedtls_sha256(hello_buffer, hello_len, output1, 0);
+
+ print_hex("Method 1", output1, sizeof output1);
+
+
+ /*
+ * Method 2: use the streaming interface of a specific SHA-xxx module
+ * This is useful if we get our input piecewise.
+ */
+ unsigned char output2[32];
+ mbedtls_sha256_context ctx2;
+
+ mbedtls_sha256_init(&ctx2);
+ mbedtls_sha256_starts(&ctx2, 0); /* SHA-256, not 224 */
+
+ /* Simulating multiple fragments */
+ mbedtls_sha256_update(&ctx2, hello_buffer, 1);
+ mbedtls_sha256_update(&ctx2, hello_buffer + 1, 1);
+ mbedtls_sha256_update(&ctx2, hello_buffer + 2, hello_len - 2);
+
+ mbedtls_sha256_finish(&ctx2, output2);
+ print_hex("Method 2", output2, sizeof output2);
+
+ /* Or you could re-use the context by doing mbedtls_sha256_starts() again */
+ mbedtls_sha256_free(&ctx2);
+
+ /*
+ * Method 3: use all-in-one function of the generice interface
+ */
+ unsigned char output3[MBEDTLS_MD_MAX_SIZE]; /* Enough for any hash */
+
+ /* Can easily pick any hash you want, by identifier */
+ const mbedtls_md_info_t *md_info3 = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
+
+ if (md_info3 == NULL)
+ {
+ printf("SHA256 not available\r\n");
+ return 1;
+ }
+
+ int ret3 = mbedtls_md(md_info3, hello_buffer, hello_len, output3);
+
+ if (ret3 != 0)
+ {
+ printf("md() returned -0x%04X\r\n", -ret3);
+ return 1;
+ }
+
+ print_hex("Method 3", output3, mbedtls_md_get_size(md_info3));
+
+
+ /*
+ * Method 4: streaming & generic interface
+ */
+ unsigned char output4[MBEDTLS_MD_MAX_SIZE]; /* Enough for any hash */
+
+ const mbedtls_md_info_t *md_info4 = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
+
+ if (md_info4 == NULL)
+ {
+ printf("SHA256 not available\r\n");
+ return 1;
+ }
+
+ mbedtls_md_context_t ctx4;
+
+ mbedtls_md_init(&ctx4);
+
+ int ret4 = mbedtls_md_init_ctx(&ctx4, md_info4);
+ if (ret4 != 0)
+ {
+ printf("md_init_ctx() returned -0x%04X\r\n", -ret4);
+ return 1;
+ }
+
+ mbedtls_md_starts(&ctx4);
+
+ /* Simulating multiple fragments */
+ mbedtls_md_update(&ctx4, hello_buffer, 1);
+ mbedtls_md_update(&ctx4, hello_buffer + 1, 1);
+ mbedtls_md_update(&ctx4, hello_buffer + 2, hello_len - 2);
+
+ mbedtls_md_finish(&ctx4, output4);
+ print_hex("Method 4", output4, mbedtls_md_get_size(md_info4));
+
+ /* Or you could re-use the context by doing mbedtls_md_starts() again */
+ mbedtls_md_free(&ctx4);
+
+
+ printf("\r\nDONE\r\n");
+
+ return 0;
+}
+
+#if defined(TARGET_LIKE_MBED)
+
+#include "mbed-drivers/test_env.h"
+#include "minar/minar.h"
+
+static void run() {
+ MBED_HOSTTEST_TIMEOUT(10);
+ MBED_HOSTTEST_SELECT(default);
+ MBED_HOSTTEST_DESCRIPTION(mbed TLS example on hashing);
+ MBED_HOSTTEST_START("MBEDTLS_EX_HASHING");
+ MBED_HOSTTEST_RESULT(example() == 0);
+}
+
+void app_start(int, char*[]) {
+ /* Use 115200 bps for consistency with other examples */
+ get_stdio_serial().baud(115200);
+ minar::Scheduler::postCallback(mbed::util::FunctionPointer0<void>(run).bind());
+}
+
+#else
+
+int main() {
+ return example();
+}
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-selftest/README.md b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-selftest/README.md
new file mode 100644
index 0000000..5bc22a6
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-selftest/README.md
@@ -0,0 +1,82 @@
+# mbed TLS Selftest Example
+
+This application runs the various selftest functions of individual mbed TLS components. It serves as a basic sanity check to verify operation of mbed TLS on your platform. In the future, a wider portion of the mbed TLS test suite will become part of this example application.
+
+## Pre-requisites
+
+To build and run this example you must have:
+
+* A computer with the following software installed:
+ * [CMake](http://www.cmake.org/download/).
+ * [yotta](https://github.com/ARMmbed/yotta). Please note that **yotta has its own set of dependencies**, listed in the [installation instructions](http://armmbed.github.io/yotta/#installing-on-windows).
+ * [Python](https://www.python.org/downloads/).
+ * [The ARM GCC toolchain](https://launchpad.net/gcc-arm-embedded).
+ * A serial terminal emulator (Like screen, pySerial and cu).
+* An [FRDM-K64F](http://developer.mbed.org/platforms/FRDM-K64F/) development board, or another board supported by mbed OS (in which case you'll have to substitute frdm-k64f-gcc with the appropriate target in the instructions below).
+* A micro-USB cable.
+* If your OS is Windows, please follow the installation instructions [for the serial port driver](https://developer.mbed.org/handbook/Windows-serial-configuration).
+
+## Getting started
+
+1. Connect the FRDM-K64F to the computer with the micro-USB cable, being careful to use the "OpenSDA" connector on the target board.
+
+2. Navigate to the mbedtls directory supplied with your release and open a terminal.
+
+3. Set the yotta target:
+
+ ```
+ yotta target frdm-k64f-gcc
+ ```
+
+4. Build mbedtls and the examples. This may take a long time if this is your first compilation:
+
+ ```
+ $ yotta build
+ ```
+
+5. Copy `build/frdm-k64f-gcc/test/mbedtls-test-example-selftest.bin` to your mbed board and wait until the LED next to the USB port stops blinking.
+
+6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
+
+ Use the following settings:
+
+ * 115200 baud (not 9600).
+ * 8N1.
+ * No flow control.
+
+7. Press the Reset button on the board.
+
+8. The output in the terminal window should look like:
+
+ ```
+ {{timeout;40}}
+ {{host_test_name;default}}
+ {{description;mbed TLS selftest program}}
+ {{test_id;MBEDTLS_SELFTEST}}
+ {{start}}
+
+ SHA-224 test #1: passed
+ SHA-224 test #2: passed
+ SHA-224 test #3: passed
+ SHA-256 test #1: passed
+ SHA-256 test #2: passed
+ SHA-256 test #3: passed
+
+ [ ... several lines omitted ... ]
+
+ CTR_DRBG (PR = TRUE) : passed
+ CTR_DRBG (PR = FALSE): passed
+
+ HMAC_DRBG (PR = True) : passed
+ HMAC_DRBG (PR = False) : passed
+
+ ECP test #1 (constant op_count, base point G): passed
+ ECP test #2 (constant op_count, other point): passed
+
+ ENTROPY test: passed
+
+ [ All tests passed ]
+
+ {{success}}
+ {{end}}
+ ```
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-selftest/main.cpp b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-selftest/main.cpp
new file mode 100644
index 0000000..0ff5b04
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/example-selftest/main.cpp
@@ -0,0 +1,268 @@
+/*
+ * Self-test demonstration program
+ *
+ * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(POLARSSL_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/entropy.h"
+#include "mbedtls/hmac_drbg.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/dhm.h"
+#include "mbedtls/gcm.h"
+#include "mbedtls/ccm.h"
+#include "mbedtls/md2.h"
+#include "mbedtls/md4.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/ripemd160.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+#include "mbedtls/arc4.h"
+#include "mbedtls/des.h"
+#include "mbedtls/aes.h"
+#include "mbedtls/camellia.h"
+#include "mbedtls/base64.h"
+#include "mbedtls/bignum.h"
+#include "mbedtls/rsa.h"
+#include "mbedtls/x509.h"
+#include "mbedtls/xtea.h"
+#include "mbedtls/pkcs5.h"
+#include "mbedtls/ecp.h"
+
+#include <stdio.h>
+#include <string.h>
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+#include "mbedtls/memory_buffer_alloc.h"
+#endif
+
+int selftest( int argc, char *argv[] )
+{
+ int ret = 0, v;
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+ unsigned char buf[1000000];
+#endif
+
+ if( argc == 2 && strcmp( argv[1], "-quiet" ) == 0 )
+ v = 0;
+ else
+ {
+ v = 1;
+ mbedtls_printf( "\n" );
+ }
+
+#if defined(MBEDTLS_SELF_TEST)
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+ mbedtls_memory_buffer_alloc_init( buf, sizeof(buf) );
+#endif
+
+#if defined(MBEDTLS_MD2_C)
+ if( ( ret = mbedtls_md2_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_MD4_C)
+ if( ( ret = mbedtls_md4_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_MD5_C)
+ if( ( ret = mbedtls_md5_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_RIPEMD160_C)
+ if( ( ret = mbedtls_ripemd160_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_SHA1_C)
+ if( ( ret = mbedtls_sha1_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_SHA256_C)
+ if( ( ret = mbedtls_sha256_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_SHA512_C)
+ if( ( ret = mbedtls_sha512_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_ARC4_C)
+ if( ( ret = mbedtls_arc4_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_DES_C)
+ if( ( ret = mbedtls_des_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_AES_C)
+ if( ( ret = mbedtls_aes_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)
+ if( ( ret = mbedtls_gcm_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)
+ if( ( ret = mbedtls_ccm_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_BASE64_C)
+ if( ( ret = mbedtls_base64_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_BIGNUM_C)
+ if( ( ret = mbedtls_mpi_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_RSA_C)
+ if( ( ret = mbedtls_rsa_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_X509_USE_C)
+ if( ( ret = mbedtls_x509_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_XTEA_C)
+ if( ( ret = mbedtls_xtea_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_CAMELLIA_C)
+ if( ( ret = mbedtls_camellia_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+ if( ( ret = mbedtls_ctr_drbg_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_HMAC_DRBG_C)
+ if( ( ret = mbedtls_hmac_drbg_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+ if( ( ret = mbedtls_ecp_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_DHM_C)
+ if( ( ret = mbedtls_dhm_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_ENTROPY_C)
+ if( ( ret = mbedtls_entropy_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_PKCS5_C)
+ if( ( ret = mbedtls_pkcs5_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#if defined(MBEDTLS_TIMING_C)
+ if( ( ret = mbedtls_timing_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+#else
+ mbedtls_printf( " POLARSSL_SELF_TEST not defined.\n" );
+#endif
+
+ if( v != 0 )
+ {
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && defined(MBEDTLS_MEMORY_DEBUG)
+ mbedtls_memory_buffer_alloc_status();
+#endif
+ }
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+ mbedtls_memory_buffer_alloc_free();
+
+ if( ( ret = mbedtls_memory_buffer_alloc_self_test( v ) ) != 0 )
+ return( ret );
+#endif
+
+ if( v != 0 )
+ {
+ mbedtls_printf( " [ All tests passed ]\n\n" );
+#if defined(_WIN32)
+ mbedtls_printf( " Press Enter to exit this program.\n" );
+ fflush( stdout ); getchar();
+#endif
+ }
+
+ return( ret );
+}
+
+#if defined(TARGET_LIKE_MBED)
+
+#include "mbed-drivers/test_env.h"
+#include "minar/minar.h"
+
+static void run() {
+ MBED_HOSTTEST_TIMEOUT(40);
+ MBED_HOSTTEST_SELECT(default);
+ MBED_HOSTTEST_DESCRIPTION(mbed TLS selftest program);
+ MBED_HOSTTEST_START("MBEDTLS_SELFTEST");
+ MBED_HOSTTEST_RESULT(selftest(0, NULL) == 0);
+}
+
+void app_start(int, char*[]) {
+ /* Use 115200 bps for consistency with other examples */
+ get_stdio_serial().baud(115200);
+ minar::Scheduler::postCallback(mbed::util::FunctionPointer0<void>(run).bind());
+}
+
+#else
+
+int main() {
+ return selftest(0, NULL);
+}
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/target_config.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/target_config.h
new file mode 100644
index 0000000..f350ce3
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/mbedtls/yotta/data/target_config.h
@@ -0,0 +1,35 @@
+/*
+ * Temporary target-specific config.h for entropy collection
+ *
+ * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if defined(TARGET_LIKE_MBED)
+#define MBEDTLS_NO_PLATFORM_ENTROPY
+#undef MBEDTLS_HAVE_TIME_DATE
+#undef MBEDTLS_FS_IO
+#endif
+
+/*
+ * WARNING: this is temporary!
+ * This should be in a separate yotta module which would be a target
+ * dependency of mbedtls (see IOTSSL-313)
+ */
+#if defined(TARGET_LIKE_K64F)
+#define MBEDTLS_ENTROPY_HARDWARE_ALT
+#endif
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-28 21:43:01 +0000