o Initial import.HEADmaster

30 files changed, 2807 insertions, 0 deletions

diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_chacha20.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_chacha20.h
new file mode 100644
index 0000000..da24389
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_chacha20.h
@@ -0,0 +1,135 @@
+/**
+ * Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+ * 
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ * 
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ * 
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ * 
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ */
+
+/*!
+ * @brief ChaCha20 is a stream cipher developed by Daniel J. Bernstein based on the 20-round cipher Salsa20/20.
+ */
+/**@file
+ * A 256-bit key is expanded into 2^64 randomly accessible streams, each
+ * containing 2^64 randomly accessible 64-byte (512 bits) blocks.
+ *
+ * The changes from Salsa20/20 to ChaCha20 are designed to improve diffusion per
+ * round, conjecturally increasing resistance to cryptanalysis, while
+ * preserving - and often improving - time per round.
+ *
+ * @see [RFC 7539 - ChaCha20 and Poly1305 for IETF Protocols](http://tools.ietf.org/html/rfc7539)
+ * @see [The ChaCha family of stream ciphers](http://cr.yp.to/chacha.html)
+ */
+
+#ifndef OCC_CHACHA20_H
+#define OCC_CHACHA20_H
+
+#include <stdint.h>
+#include <stddef.h>
+
+
+/**
+ * Length of the encryption key.
+ */
+#define occ_chacha20_KEY_BYTES (32)
+
+/**
+ * Maximum length of the nonce.
+ */
+#define occ_chacha20_NONCE_BYTES_MAX (12)
+
+
+/**
+ * ChaCha20 cipher stream generator.
+ * 
+ * The encryption key @p k, the nonce @p n and the initial block counter
+ * @p count are used to generate a pseudo random cipher stream.
+ *
+ * Possible applications include key generation and random number generation.
+ *
+ * **Example**
+ * @include occ_chacha20_stream.c
+ * 
+ * @param[out] c     Generated cipher stream.
+ * @param      c_len Length of @p c.
+ * @param      n     Nonce.
+ * @param      n_len Nonce length. 0 <= @p n_len <= @c occ_chacha20_NONCE_BYTES_MAX.
+ * @param      k     Encryption key.
+ * @param      count Initial block counter.
+ *
+ * @remark When reusing an encryption key @p k, a different nonce @p n or
+ *         initial block counter @p count must be used.
+ *
+ * @remark This function is equivalent to @c chacha20_stream_xor with a
+ *         message @p m consisting of @p c_len zeroes.
+ */
+void occ_chacha20_stream(uint8_t *c, size_t c_len,
+                         const uint8_t *n, size_t n_len,
+                         const uint8_t k[occ_chacha20_KEY_BYTES],
+                         uint32_t count);
+
+/**
+ * ChaCha20 cipher stream encoder.
+ *
+ * The message @p m is encrypted by applying the XOR operation with a pseudo
+ * random cipher stream derived from the encryption key @p k, the nonce @p n and
+ * the initial block counter @p count.
+ *
+ * Calling the function a second time with the generated ciphertext as input
+ * message @p m decrypts it back to the original message.
+ *
+ * **Example**
+ * @include occ_chacha20_stream_xor.c
+ *
+ * @param[out] c     Generated ciphertext. Same length as input message.
+ * @param      m     Input message.
+ * @param      m_len Length of @p c and @p m.
+ * @param      n     Nonce.
+ * @param      n_len Nonce length. 0 <= @p n_len <= @c occ_chacha20_NONCE_BYTES_MAX.
+ * @param      k     Encryption key.
+ * @param      count Initial block counter.
+ * 
+ * @remark @p c and @p m can point to the same address.
+ *
+ * @remark When reusing an encryption key @p k for a different message @p m, a
+ *         different nonce @p n or initial block counter @p count must be used.
+ */
+void occ_chacha20_stream_xor(uint8_t *c,
+                             const uint8_t *m, size_t m_len,
+                             const uint8_t *n, size_t n_len,
+                             const uint8_t k[occ_chacha20_KEY_BYTES],
+                             uint32_t count);
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_chacha20_poly1305.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_chacha20_poly1305.h
new file mode 100644
index 0000000..9285a28
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_chacha20_poly1305.h
@@ -0,0 +1,212 @@
+/**
+ * Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+ * 
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ * 
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ * 
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ * 
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ */
+
+/*!
+ * @brief ChaCha20-Poly1305 is an authenticated encryption algorithm with
+ *        optional additional authenticated data developed by Daniel J.
+ *        Bernstein.
+ */
+/**@file
+ * The ChaCha20 stream cipher is combined with the Poly1305 authenticator.
+ *
+ * @see [RFC 7539 - ChaCha20 and Poly1305 for IETF Protocols](http://tools.ietf.org/html/rfc7539)
+ */
+
+#ifndef OCC_CHACHA20_POLY1305_H
+#define OCC_CHACHA20_POLY1305_H
+
+#include <stdint.h>
+#include <stddef.h>
+
+
+/**
+ * Length of the encryption key.
+ */
+#define occ_chacha20_poly1305_KEY_BYTES (32)
+
+/**
+ * Maximum length of the nonce.
+ */
+#define occ_chacha20_poly1305_NONCE_BYTES_MAX (12)
+
+/**
+ * Length of the authentication tag.
+ */
+#define occ_chacha20_poly1305_TAG_BYTES (16)
+
+
+/**@{*/
+/**
+ * AEAD ChaCha20-Poly1305 encrypt.
+ *
+ * The message @p m is encrypted using a ChaCha20 cipher stream derived from the
+ * encryption key @p k and the nonce @p n. The resulting ciphertext has the same
+ * length @p m_len as the input message @p m and is put into @p c.
+ *
+ * Additionally, the ciphertext @p c is authenticated with a tag that is
+ * generated with Poly1305 using a unique subkey derived from @p k and @p n, and
+ * then put into @p tag.
+ *
+ * **Example**
+ * @include occ_chacha20_poly1305_encrypt.c
+ *
+ * @param[out] tag   Generated authentication tag.
+ * @param[out] c     Generated ciphertext. Same length as input message.
+ * @param      m     Input message.
+ * @param      m_len Length of @p m and @p c.
+ * @param      n     Nonce.
+ * @param      n_len Length of @p n. 0 <= @p n_len <= @c occ_chacha20_poly1305_NONCE_BYTES_MAX.
+ * @param      k     Encryption key.
+ *
+ * @remark @p c and @p m can point to the same address.
+ *
+ * @remark When reusing an encryption key @p k for a different message @p m, a
+ *         different nonce @p n must be used.
+ */
+void occ_chacha20_poly1305_encrypt(uint8_t tag[occ_chacha20_poly1305_TAG_BYTES],
+                                   uint8_t *c,
+                                   const uint8_t *m, size_t m_len,
+                                   const uint8_t *n, size_t n_len,
+                                   const uint8_t k[occ_chacha20_poly1305_KEY_BYTES]);
+
+/**
+ * AEAD ChaCha20-Poly1305 encrypt with AAD.
+ *
+ * The message @p m is encrypted using a ChaCha20 cipher stream derived from the
+ * encryption key @p k and the nonce @p n. The resulting ciphertext has the same
+ * length @p m_len as the input message @p m and is put into @p c.
+ *
+ * Additionally, the ciphertext @p c as well as the additional authenticated
+ * data @p a is authenticated with a tag that is generated with Poly1305 using a
+ * unique subkey derived from @p k and @p n, and then put into @p tag.
+ *
+ * **Example**
+ * @include occ_chacha20_poly1305_encrypt_aad.c
+ *
+ * @param[out] tag   Generated authentication tag.
+ * @param[out] c     Generated ciphertext. Same length as input message.
+ * @param      m     Input message.
+ * @param      m_len Length of @p m and @p c.
+ * @param      a     Additional authenticated data.
+ * @param      a_len Length of @p a.
+ * @param      n     Nonce.
+ * @param      n_len Length of @p n. 0 <= @p n_len <= @c occ_chacha20_poly1305_NONCE_BYTES_MAX.
+ * @param      k     Encryption key.
+ *
+ * @remark @p c and @p m can point to the same address.
+ *
+ * @remark When reusing an encryption key @p k for a different message @p m or
+ *         different additional authenticated data @p a, a different nonce @p n
+ *         must be used.
+ */
+void occ_chacha20_poly1305_encrypt_aad(uint8_t tag[occ_chacha20_poly1305_TAG_BYTES],
+                                       uint8_t *c,
+                                       const uint8_t *m, size_t m_len,
+                                       const uint8_t *a, size_t a_len,
+                                       const uint8_t *n, size_t n_len,
+                                       const uint8_t k[occ_chacha20_poly1305_KEY_BYTES]);
+/**@}*/
+
+/**@{*/
+/**
+ * AEAD ChaCha20-Poly1305 decrypt.
+ *
+ * If the authentication tag @p tag is valid for the ciphertext @p c, the
+ * encryption key @p k and the nonce @p n, the ciphertext is decrypted and put
+ * into @p m. The decrypted message @p m has the same length @p c_len as the
+ * original ciphertext.
+ *
+ * **Example**
+ * @include occ_chacha20_poly1305_decrypt.c
+ *
+ * @param      tag   Received authentication tag.
+ * @param[out] m     Decoded message. Same length as received ciphertext.
+ * @param      c     Received ciphertext.
+ * @param      c_len Length of @p c and @p m.
+ * @param      n     Nonce.
+ * @param      n_len Length of @p n. 0 <= @p n_len <= @c occ_chacha20_poly1305_NONCE_BYTES_MAX.
+ * @param      k     Encryption key.
+ *
+ * @returns 0 If @p tag is valid.
+ * @returns 1 Otherwise.
+ *
+ * @remark @p m and @p c can point to the same address.
+ */
+int occ_chacha20_poly1305_decrypt(const uint8_t tag[occ_chacha20_poly1305_TAG_BYTES],
+                                  uint8_t *m,
+                                  const uint8_t *c, size_t c_len,
+                                  const uint8_t *n, size_t n_len,
+                                  const uint8_t k[occ_chacha20_poly1305_KEY_BYTES]);
+
+/**
+ * AEAD ChaCha20-Poly1305 decrypt with AAD.
+ *
+ * If the authentication tag @p tag is valid for the ciphertext @p c, the
+ * additional authenticated data @p a, the encryption key @p k and the nonce
+ * @p n, the ciphertext is decrypted and put into @p m. The decrypted message
+ * @p m has the same length @p c_len as the original ciphertext.
+ *
+ * **Example**
+ * @include occ_chacha20_poly1305_decrypt_aad.c
+ *
+ * @param      tag   Received authentication tag.
+ * @param[out] m     Decoded message. Same length as received ciphertext.
+ * @param      c     Received ciphertext.
+ * @param      c_len Length of @p c and @p m.
+ * @param      a     Received additional authenticated data.
+ * @param      a_len Length of @p a.
+ * @param      n     Nonce.
+ * @param      n_len Length of @p n. 0 <= @p n_len <= @c occ_chacha20_poly1305_NONCE_BYTES_MAX.
+ * @param      k     Encryption key.
+ *
+ * @returns 0 If @p tag is valid.
+ * @returns 1 Otherwise.
+ *
+ * @remark @p m and @p c can point to the same address.
+ */
+int occ_chacha20_poly1305_decrypt_aad(const uint8_t tag[occ_chacha20_poly1305_TAG_BYTES],
+                                      uint8_t *m,
+                                      const uint8_t *c, size_t c_len,
+                                      const uint8_t *a, size_t a_len,
+                                      const uint8_t *n, size_t n_len,
+                                      const uint8_t k[occ_chacha20_poly1305_KEY_BYTES]);
+/**@}*/
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_constant_time.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_constant_time.h
new file mode 100644
index 0000000..16d1356
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_constant_time.h
@@ -0,0 +1,80 @@
+/**
+ * Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+ * 
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ * 
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ * 
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ * 
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ */
+
+/**@file
+ * Collection of timing-invariant implementations of basic functions.
+ */
+
+#ifndef OCC_CONSTANT_TIME_H
+#define OCC_CONSTANT_TIME_H
+
+#include <stddef.h>
+
+
+/**
+ * Variable length comparison.
+ *
+ * **Example**
+ * @include occ_constant_time_equal.c
+ *
+ * @param x      Memory region to compare with @p y.
+ * @param y      Memory region to compare with @p x.
+ * @param length Number of bytes to compare, @p length > 0.
+ *
+ * @returns 1 If @p x and @p y point to equal memory regions.
+ * @returns 0 Otherwise.
+ */
+int occ_constant_time_equal(const void *x, const void *y, size_t length);
+
+/**
+ * Variable length compare to zero.
+ *
+ * **Example**
+ * @include occ_constant_time_is_zero.c
+ *
+ * @param x      Pointer to memory region that will be compared.
+ * @param length Number of bytes to compare, @p length > 0.
+ *
+ * @returns 1 If @p x is equal to a zero memory regions.
+ * @returns 0 Otherwise.
+ */
+int occ_constant_time_is_zero(const void *x, size_t length);
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_curve25519.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_curve25519.h
new file mode 100644
index 0000000..58a7e3d
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_curve25519.h
@@ -0,0 +1,106 @@
+/**
+ * Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+ * 
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ * 
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ * 
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ * 
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ */
+
+/**@file
+ * Curve25519 is an elliptic curve offering 128 bits of security. It is designed
+ * for use in the elliptic curve Diffie-Hellman (ECDH) key agreement scheme.
+ *
+ * @see [RFC 7748 - Elliptic Curves for Security](https://tools.ietf.org/html/rfc7748)
+ * @see [Curve25519: high-speed elliptic-curve cryptography](http://cr.yp.to/ecdh.html)
+ */
+
+#ifndef OCC_CURVE25519_H
+#define OCC_CURVE25519_H
+
+#include <stdint.h>
+
+
+/**
+ * Length of a scalar.
+ */
+#define occ_curve25519_SCALAR_BYTES (32)
+
+/**
+ * Length of a curve point.
+ */
+#define occ_curve25519_BYTES (32)
+
+
+/**
+ * Curve25519 scalar multiplication `r = n * basePoint`.
+ *
+ * Given a secret key @p n, the corresponding Curve25519 public key is computed
+ * and put into @p r.
+ *
+ * The inverse of this function is difficult to compute.
+ *
+ * **Example**
+ * @include occ_curve25519_scalarmult_base.c
+ *
+ * @param[out] r Resulting curve point.
+ * @param[in]  n Scalar factor.
+ *
+ * @remark @p r and @p n can point to the same address.
+ */
+void occ_curve25519_scalarmult_base(uint8_t r[occ_curve25519_BYTES],
+                                    const uint8_t n[occ_curve25519_SCALAR_BYTES]);
+
+/**
+ * Curve25519 scalar multiplication `r = n * p`.
+ *
+ * A shared secret is computed from the local secret key @p n and another
+ * party's public key @p p and put into @p r. The same shared secret is
+ * generated when the other party combines its private key with the local public
+ * key.
+ *
+ * **Example**
+ * @include occ_curve25519_scalarmult.c
+ *
+ * @param[out] r Resulting curve point.
+ * @param[in]  n Scalar factor.
+ * @param[in]  p Point factor.
+ *
+ * @remark @p r and @p n can point to the same address.
+ */
+void occ_curve25519_scalarmult(uint8_t r[occ_curve25519_BYTES],
+                               const uint8_t n[occ_curve25519_SCALAR_BYTES],
+                               const uint8_t p[occ_curve25519_BYTES]);
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_curve_p256.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_curve_p256.h
new file mode 100644
index 0000000..e2d6349
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_curve_p256.h
@@ -0,0 +1,78 @@
+/**
+ * Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+ * 
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ * 
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ * 
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ * 
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ */
+
+#ifndef OCC_CURVE_P256_H
+#define OCC_CURVE_P256_H
+
+#include "occ_sc_p256.h"
+
+
+// (x,y) only jacobian coordinates
+typedef struct {
+    occ_mod_p256 x;
+    occ_mod_p256 y;
+} occ_cp_p256;
+
+
+// load r.x from bytes, recover r.y
+// returns 0 if r is a legal curve point, -1 otherwise
+int occ_curve_p256_from32bytes(occ_cp_p256 *r, const uint8_t p[32]);
+
+// load point from bytes
+// returns 0 if r is a legal curve point, -1 otherwise
+int occ_curve_p256_from64bytes(occ_cp_p256 *r, const uint8_t p[64]);
+
+// store p.x to bytes
+void occ_curve_p256_to32bytes(uint8_t r[32], occ_cp_p256 *p);
+
+// store point to bytes
+void occ_curve_p256_to64bytes(uint8_t r[64], occ_cp_p256 *p);
+
+// r = p * s
+// r = [0,0] if p = [0,0] or s mod q = 0
+// returns -1 if r = [0,0], 0 if 0 < s < q, 1 if s > q
+int occ_curve_p256_scalarmult(occ_cp_p256 *r, const occ_cp_p256 *p, const occ_sc_p256 *s);
+
+// r = basePoint * s
+// r = [0,0] if s mod q = 0
+// returns -1 if r = [0,0], 0 if 0 < s < q, 1 if s > q
+int occ_curve_p256_scalarmult_base(occ_cp_p256 *r, const occ_sc_p256 *s);
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_ecdh_p256.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_ecdh_p256.h
new file mode 100644
index 0000000..3244451
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_ecdh_p256.h
@@ -0,0 +1,63 @@
+/**
+ * Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+ * 
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ * 
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ * 
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ * 
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ */
+
+#ifndef OCC_ECDH_P256_H
+#define OCC_ECDH_P256_H
+
+#include <stdint.h>
+
+
+// ecdh P-256 public key r = n * p
+// r[64]: the resulting public key
+// s[32]: the secret key
+// r may be same as s
+// returns 0 if s is a legal secret key
+int occ_ecdh_p256_public_key(uint8_t r[64], const uint8_t s[32]);
+
+// ecdh P-256 common secret
+// r[64]: the resulting secret
+// s[32]: the secret key
+// p[64]: the public key
+// r may be same as s or p
+// returns 0 if s is a legal secret key and p is a legal public key
+int occ_ecdh_p256_common_secret(uint8_t r[64], const uint8_t s[32], const uint8_t p[64]);
+
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_ecdsa_p256.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_ecdsa_p256.h
new file mode 100644
index 0000000..d164f03
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_ecdsa_p256.h
@@ -0,0 +1,85 @@
+/**
+ * Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+ * 
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ * 
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ * 
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ * 
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ */
+
+#ifndef OCC_ECDSA_P256_H
+#define OCC_ECDSA_P256_H
+
+#include <stdint.h>
+
+
+// ecdsa P-256 signature key pair generation
+// pk[64]: the generated public key
+// sk[32]: the private key
+// returns 0 if sk is a legal secret key
+int occ_ecdsa_p256_public_key(uint8_t pk[64], const uint8_t sk[32]);
+
+// ecdsa P-256 signature generate
+// sig[64]: the generated signature
+// m[mlen]: the input message
+// sk[32]:  the secret key
+// ek[32]:  the session key
+// returns 0 if ek is a valid session key
+int occ_ecdsa_p256_sign(uint8_t sig[64], const uint8_t *m, uint32_t mlen, const uint8_t sk[32], const uint8_t ek[32]);
+
+// ecdsa P-256 signature generate
+// sig[64]: the generated signature
+// hash[32]: SHA-256 hash of the input message
+// sk[32]:  the secret key
+// ek[32]:  the session key
+// returns 0 if ek is a valid session key
+int occ_ecdsa_p256_sign_hash(uint8_t sig[64], const uint8_t hash[32], const uint8_t sk[32], const uint8_t ek[32]);
+
+
+// ecdsa P-256 signature verification
+// sig[64]: the input signature
+// m[mlen]: the input message
+// pk[64]:  the public key
+// returns 0 if signature is valid, -1 otherwise
+int occ_ecdsa_p256_verify(const uint8_t sig[64], const uint8_t *m, uint32_t mlen, const uint8_t pk[64]);
+
+// ecdsa P-256 signature verification
+// sig[64]: the input signature
+// hash[32]: SHA-256 hash of the input message
+// pk[64]:  the public key
+// returns 0 if signature is valid, -1 otherwise
+int occ_ecdsa_p256_verify_hash(const uint8_t sig[64], const uint8_t hash[32], const uint8_t pk[64]);
+
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_ed25519.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_ed25519.h
new file mode 100644
index 0000000..68ad490
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_ed25519.h
@@ -0,0 +1,130 @@
+/**
+ * Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+ * 
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ * 
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ * 
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ * 
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ */
+
+/**@file
+ * Ed25519 is a specific implementation of EdDSA, a digital signature scheme.
+ * EdDSA is based on Twisted Edwards curves and is designed to be faster than
+ * existing digital signature schemes without sacrificing security. It was
+ * developed by Daniel J. Bernstein, et al. Ed25519 is intended to provide
+ * attack resistance comparable to quality 128-bit symmetric ciphers.
+ * 
+ * @see [Ed25519: high-speed high-security signatures](https://ed25519.cr.yp.to)
+ */
+
+#ifndef OCC_ED25519_H
+#define OCC_ED25519_H
+
+#include <stdint.h>
+#include <stddef.h>
+
+
+/**
+ * Length of a public key.
+ */
+#define occ_ed25519_PUBLIC_KEY_BYTES (32)
+
+/**
+ * Length of a secret key.
+ */
+#define occ_ed25519_SECRET_KEY_BYTES (32)
+
+/**
+ * Length of a signature.
+ */
+#define occ_ed25519_BYTES (64)
+
+
+/**
+ * Ed25519 signature key pair generation.
+ *
+ * Given a secret key `sk`, the corresponding public key is computed and put
+ * into `pk`. The key pair can then be used to sign and verify message signatures.
+ *
+ * **Example**
+ * @include occ_ed25519_public_key.c
+ *
+ * @param[out] pk Generated public key.
+ * @param      sk Secret key. Must be prefilled with random data.
+ */
+void occ_ed25519_public_key(uint8_t pk[occ_ed25519_PUBLIC_KEY_BYTES],
+                            const uint8_t sk[occ_ed25519_SECRET_KEY_BYTES]);
+
+/**
+ * Ed25519 signature generate.
+ *
+ * The message @p m is signed using the secret key @p sk and the corresponding
+ * public key @p pk. The signature is put into @p sig.
+ *
+ * **Example**
+ * @include occ_ed25519_sign.c
+ *
+ * @param[out] sig   Generated signature.
+ * @param      m     Input message.
+ * @param      m_len Length of @p m.
+ * @param      sk    Secret key.
+ * @param      pk    Public key.
+ */
+void occ_ed25519_sign(uint8_t sig[occ_ed25519_BYTES],
+                      const uint8_t *m, size_t m_len,
+                      const uint8_t sk[occ_ed25519_SECRET_KEY_BYTES],
+                      const uint8_t pk[occ_ed25519_PUBLIC_KEY_BYTES]);
+
+/**
+ * Ed25519 signature verification.
+ * 
+ * The signature @p sig of the input message @p m is verified using the signer's
+ * public key @p pk.
+ *
+ * **Example**
+ * @include occ_ed25519_verify.c
+ * 
+ * @param sig   Input signature.
+ * @param m     Input message.
+ * @param m_len Length of @p m.
+ * @param pk    Signer's public key.
+ *
+ * @returns 0 If signature OK.
+ * @returns -1 Otherwise.
+ */
+int occ_ed25519_verify(const uint8_t sig[occ_ed25519_BYTES],
+                       const uint8_t *m, size_t m_len,
+                       const uint8_t pk[occ_ed25519_PUBLIC_KEY_BYTES]);
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_hkdf_sha256.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_hkdf_sha256.h
new file mode 100644
index 0000000..4b586ad
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_hkdf_sha256.h
@@ -0,0 +1,89 @@
+/**
+ * Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+ * 
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ * 
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ * 
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ * 
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ */
+
+/**@file
+ * HKDF-SHA256 is a key derivation function based on HMAC-SHA256.
+ * 
+ * @see [RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF)](http://tools.ietf.org/html/rfc5869)
+ */
+ 
+#ifndef OCC_HKDF_SHA256_H
+#define OCC_HKDF_SHA256_H
+
+#include <stdint.h>
+#include <stddef.h>
+
+
+/**
+ * Maximum length of a derived key.
+ */
+#define occ_hkdf_sha256_LENGTH_MAX (32)
+
+/**
+ * Maximum salt length.
+ */
+#define occ_hkdf_sha256_SALT_LENGTH_MAX (64)
+
+
+/**
+ * HKDF-SHA256 algoritm.
+ *
+ * A new pseudorandom key of length @p r_len is derived from an input key
+ * @p key, a salt @p salt and additional information @p info. The new key is put
+ * into @p r.
+ *
+ * **Example**
+ * @include occ_hkdf_sha256.c
+ *
+ * @param[out] r        Output key.
+ * @param      r_len    Length of @p r, 0 < @p r_len <= @c occ_hkdf_sha256_LENGTH_MAX.
+ * @param      key      Input key.
+ * @param      key_len  Length of @p key.
+ * @param      salt     Salt.
+ * @param      salt_len Length of salt @p salt. 0 <= @p salt_len <= @c occ_hkdf_sha256_SALT_LENGTH_MAX.
+ * @param      info     Additional information.
+ * @param      info_len Length of @p info.
+ */
+void occ_hkdf_sha256(uint8_t* r, size_t r_len,
+                     const uint8_t* key, size_t key_len,
+                     const uint8_t* salt, size_t salt_len,
+                     const uint8_t* info, size_t info_len);
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_hkdf_sha512.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_hkdf_sha512.h
new file mode 100644
index 0000000..b8ab081
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_hkdf_sha512.h
@@ -0,0 +1,89 @@
+/**
+ * Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+ * 
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ * 
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ * 
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ * 
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ */
+
+/**@file
+ * HKDF-SHA512 is a key derivation function based on HMAC-SHA512.
+ * 
+ * @see [RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF)](http://tools.ietf.org/html/rfc5869)
+ */
+ 
+#ifndef OCC_HKDF_SHA512_H
+#define OCC_HKDF_SHA512_H
+
+#include <stdint.h>
+#include <stddef.h>
+
+
+/**
+ * Maximum length of a derived key.
+ */
+#define occ_hkdf_sha512_LENGTH_MAX (64)
+
+/**
+ * Maximum salt length.
+ */
+#define occ_hkdf_sha512_SALT_LENGTH_MAX (128)
+
+
+/**
+ * HKDF-SHA512 algoritm.
+ *
+ * A new pseudorandom key of length @p r_len is derived from an input key
+ * @p key, a salt @p salt and additional information @p info. The new key is put
+ * into @p r.
+ *
+ * **Example**
+ * @include occ_hkdf_sha512.c
+ *
+ * @param[out] r        Output key.
+ * @param      r_len    Length of @p r, 0 < @p r_len <= @c occ_hkdf_sha512_LENGTH_MAX.
+ * @param      key      Input key.
+ * @param      key_len  Length of @p key.
+ * @param      salt     Salt.
+ * @param      salt_len Length of salt @p salt. 0 <= @p salt_len <= @c occ_hkdf_sha512_SALT_LENGTH_MAX.
+ * @param      info     Additional information.
+ * @param      info_len Length of @p info.
+ */
+void occ_hkdf_sha512(uint8_t* r, size_t r_len,
+                     const uint8_t* key, size_t key_len,
+                     const uint8_t* salt, size_t salt_len,
+                     const uint8_t* info, size_t info_len);
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_hmac_sha256.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_hmac_sha256.h
new file mode 100644
index 0000000..e0ba535
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_hmac_sha256.h
@@ -0,0 +1,161 @@
+/**
+ * Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+ * 
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ * 
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ * 
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ * 
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ */
+
+/**@file
+ * HMAC-SHA256 is an algorithm for message authentication using the
+ * cryptographic hash function SHA256 and a reusable secret key. Users in
+ * possession of the key can verify the integrity and authenticity of the
+ * message.
+ *
+ * @see [RFC 2104 - HMAC: Keyed-Hashing for Message Authentication](http://tools.ietf.org/html/rfc2104)
+ */
+ 
+// REPLACEMENT
+
+#ifndef OCC_HMAC_SHA256_H
+#define OCC_HMAC_SHA256_H
+
+#include <stdint.h>
+#include <stddef.h>
+#include "include/occ_sha256.h"
+
+
+/**
+ * Maximum key length.
+ */
+#define occ_hmac_sha256_KEY_BYTES_MAX (64)
+
+/**
+ * Length of the authenticator.
+ */
+#define occ_hmac_sha256_BYTES (32)
+
+
+/**@cond */
+typedef struct
+{
+    occ_sha256_ctx hash_ctx;
+    uint8_t        ikey[occ_hmac_sha256_KEY_BYTES_MAX];
+    uint8_t        okey[occ_hmac_sha256_KEY_BYTES_MAX];
+    uint8_t        key[occ_hmac_sha256_KEY_BYTES_MAX];
+} occ_hmac_sha256_ctx;
+/**@endcond */
+
+
+/**@name Incremental HMAC-SHA256 generator.
+ * 
+ * This group of functions can be used to incrementally compute HMAC-SHA256
+ * for a given message.
+ */
+/**@{*/
+
+
+/**
+ * HMAC-SHA256 initialization.
+ *
+ * The generator state @p ctx is initialized by this function.
+ *
+ * @param[out] ctx     Generator state.
+ * @param      key     HMAC key.
+ * @param      key_len Length of @p key.
+ */
+void occ_hmac_sha256_init(occ_hmac_sha256_ctx * ctx,
+                          const uint8_t* key, size_t key_len);
+
+/**
+ * HMAC-SHA256 incremental data input.
+ *
+ * The generator state @p ctx is updated to hash a message chunk @p in.
+ *
+ * This function can be called repeatedly until the whole message is processed.
+ *
+ * @param[in,out] ctx    Generator state.
+ * @param         in     Input data.
+ * @param         in_len Length of @p in.
+ *
+ * @remark Initialization of the generator state @p ctx through
+ *         @c occ_hmac_sha256_init is required before this function can be called.
+ */
+void occ_hmac_sha256_update(occ_hmac_sha256_ctx * ctx,
+                            const uint8_t* in, size_t in_len);
+
+/**
+ * HMAC-SHA256 output.
+ *
+ * The generator state @p ctx is updated to finalize the HMAC calculation.
+ * The HMAC digest is put into @p r.
+ *
+ * @param[out]    r   Generated HMAC digest.
+ * @param[in,out] ctx Generator state.
+ *
+ * @remark Initialization of the generator state @p ctx through
+ *         @c occ_hmac_sha256_init is required before this function can be called.
+ *
+ * @remark After return, the generator state @p ctx must no longer be used with
+ *         @c occ_hmac_sha256_update and @c occ_hmac_sha256_final unless it is
+ *         reinitialized using @c occ_hmac_sha256_init.
+ */
+void occ_hmac_sha256_final(uint8_t r[occ_hmac_sha256_BYTES],
+                           occ_hmac_sha256_ctx * ctx);
+/**@}*/
+
+
+/**
+ * HMAC-SHA256 algorithm.
+ *
+ * The input message @p in is authenticated using the key @p k. The computed
+ * authenticator is put into @p r. To verify the authenticator, the recipient
+ * needs to recompute the HMAC authenticator and can then compare it with the
+ * received authenticator.
+ *
+ * **Example**
+ * @include occ_hmac_sha256.c
+ *
+ * @param[out] r       HMAC output.
+ * @param      key     HMAC key.
+ * @param      key_len Length of @p key. 0 <= @p key_len <= @c occ_hmac_sha256_KEY_BYTES_MAX.
+ * @param      in      Input data.
+ * @param      in_len  Length of @p in.
+ */
+void occ_hmac_sha256(uint8_t r[occ_hmac_sha256_BYTES],
+                     const uint8_t* key, size_t key_len,
+                     const uint8_t* in, size_t in_len);
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_hmac_sha512.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_hmac_sha512.h
new file mode 100644
index 0000000..89a3df8
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_hmac_sha512.h
@@ -0,0 +1,158 @@
+/**
+ * Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+ * 
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ * 
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ * 
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ * 
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ */
+
+/**@file
+ * HMAC-SHA512 is an algorithm for message authentication using the
+ * cryptographic hash function SHA512 and a reusable secret key. Users in
+ * possession of the key can verify the integrity and authenticity of the
+ * message.
+ *
+ * @see [RFC 2104 - HMAC: Keyed-Hashing for Message Authentication](http://tools.ietf.org/html/rfc2104)
+ */
+ 
+#ifndef OCC_HMAC_SHA512_H
+#define OCC_HMAC_SHA512_H
+
+#include <stdint.h>
+#include <stddef.h>
+#include "include/occ_sha512.h"
+
+
+/**
+ * Maximum key length.
+ */
+#define occ_hmac_sha512_KEY_BYTES_MAX (128)
+
+/**
+ * Length of the authenticator.
+ */
+#define occ_hmac_sha512_BYTES (64)
+
+
+/**@cond */
+typedef struct
+{
+    occ_sha512_ctx hash_ctx;
+    uint8_t        ikey[occ_hmac_sha512_KEY_BYTES_MAX];
+    uint8_t        okey[occ_hmac_sha512_KEY_BYTES_MAX];
+    uint8_t        key[occ_hmac_sha512_KEY_BYTES_MAX];
+} occ_hmac_sha512_ctx;
+/**@endcond */
+
+/**@name Incremental HMAC-SHA512 generator.
+ * 
+ * This group of functions can be used to incrementally compute HMAC-SHA512
+ * for a given message.
+ */
+/**@{*/
+
+
+/**
+ * HMAC-SHA512 initialization.
+ *
+ * The generator state @p ctx is initialized by this function.
+ *
+ * @param[out] ctx     Generator state.
+ * @param      key     HMAC key.
+ * @param      key_len Length of @p key.
+ */
+void occ_hmac_sha512_init(occ_hmac_sha512_ctx * ctx,
+                          const uint8_t* key, size_t key_len);
+
+/**
+ * HMAC-SHA512 incremental data input.
+ *
+ * The generator state @p ctx is updated to hash a message chunk @p in.
+ *
+ * This function can be called repeatedly until the whole message is processed.
+ *
+ * @param[in,out] ctx    Generator state.
+ * @param         in     Input data.
+ * @param         in_len Length of @p in.
+ *
+ * @remark Initialization of the generator state @p ctx through
+ *         @c occ_hmac_sha512_init is required before this function can be called.
+ */
+void occ_hmac_sha512_update(occ_hmac_sha512_ctx * ctx,
+                            const uint8_t* in, size_t in_len);
+
+/**
+ * HMAC-SHA512 output.
+ *
+ * The generator state @p ctx is updated to finalize the HMAC calculation.
+ * The HMAC digest is put into @p r.
+ *
+ * @param[out]    r   Generated HMAC digest.
+ * @param[in,out] ctx Generator state.
+ *
+ * @remark Initialization of the generator state @p ctx through
+ *         @c occ_hmac_sha512_init is required before this function can be called.
+ *
+ * @remark After return, the generator state @p ctx must no longer be used with
+ *         @c occ_hmac_sha512_update and @c occ_hmac_sha512_final unless it is
+ *         reinitialized using @c occ_hmac_sha512_init.
+ */
+void occ_hmac_sha512_final(uint8_t r[occ_hmac_sha512_BYTES],
+                           occ_hmac_sha512_ctx * ctx);
+/**@}*/
+
+
+/**
+ * HMAC-SHA512 algorithm.
+ *
+ * The input message @p in is authenticated using the key @p k. The computed
+ * authenticator is put into @p r. To verify the authenticator, the recipient
+ * needs to recompute the HMAC authenticator and can then compare it with the
+ * received authenticator.
+ *
+ * **Example**
+ * @include occ_hmac_sha512.c
+ *
+ * @param[out] r       HMAC output.
+ * @param      key     HMAC key.
+ * @param      key_len Length of @p key. 0 <= @p key_len <= @c occ_hmac_sha512_KEY_BYTES_MAX.
+ * @param      in      Input data.
+ * @param      in_len  Length of @p in.
+ */
+void occ_hmac_sha512(uint8_t r[occ_hmac_sha512_BYTES],
+                     const uint8_t* key, size_t key_len,
+                     const uint8_t* in, size_t in_len);
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_poly1305.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_poly1305.h
new file mode 100644
index 0000000..719096e
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_poly1305.h
@@ -0,0 +1,165 @@
+/**
+ * Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+ * 
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ * 
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ * 
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ * 
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ */
+
+/*!
+ * @brief Poly1305 is a message authentication code created by Daniel J.
+ *        Bernstein. It can be used to verify the data integrity and the
+ *        authenticity of a message.
+ */
+/**@file
+ * Poly1305 takes a one-time key to produce an authentication tag for a message.
+ * Since a key can only be used to authenticate a single message, a new key
+ * needs to be derived for each message.
+ *
+ * @see [RFC 7539 - ChaCha20 and Poly1305 for IETF Protocols](http://tools.ietf.org/html/rfc7539)
+ * @see [Poly1305-AES: a state-of-the-art message-authentication code](http://cr.yp.to/mac.html)
+ */
+
+#ifndef OCC_POLY1305_H
+#define OCC_POLY1305_H
+
+#include <stdint.h>
+#include <stddef.h>
+
+
+/**
+ * Key length.
+ */
+#define occ_poly1305_KEY_BYTES (32)
+
+/**
+ * Authenticator length.
+ */
+#define occ_poly1305_BYTES (16)
+
+
+/**@cond */
+typedef struct {
+    uint32_t h[5];
+} occ_poly1305_ctx;
+/**@endcond */
+
+
+/**@name Incremental Poly1305 generator.
+ * 
+ * This group of functions can be used to incrementally compute the Poly1305
+ * authenticator for a given message and key.
+ *
+ * **Example**
+ * @include occ_poly1305_incremental.c
+ */
+/**@{*/
+/**
+ * Poly1305 generator initialize.
+ *
+ * The generator state @p ctx is initialized by this function.
+ *
+ * @param[out] ctx Generator state.
+ */
+void occ_poly1305_init(occ_poly1305_ctx *ctx);
+
+/**
+ * Poly1305 generator.
+ *
+ * The generator state @p ctx is updated to authenticate a message chunk @p in
+ * with a key @p k.
+ * 
+ * This function can be called repeatedly until the whole message has been
+ * processed.
+ *
+ * @param[in,out] ctx    Generator state.
+ * @param         in     Input data.
+ * @param         in_len Length of @p in.
+ * @param         k      Encryption key.
+ *
+ * @remark Initialization of the generator state @p ctx through
+ *         @c occ_poly1305_init is required before this function can be called.
+ *
+ * @remark The same key @p k needs to be supplied for all message chunks.
+ */
+void occ_poly1305_update(occ_poly1305_ctx *ctx,
+                         const uint8_t *in, size_t in_len,
+                         const uint8_t k[occ_poly1305_KEY_BYTES]);
+
+/**
+ * Poly1305 generator output.
+ *
+ * The generator state @p ctx is updated to finalize the authenticator for the
+ * previously processed message chunks with key @p k. The authentication tag is
+ * put into @p r.
+ *
+ * @param[out]    r   Generated authentication tag.
+ * @param[in,out] ctx Generator state.
+ * @param         k   Encryption key.
+ *
+ * @remark Initialization of the generator state @p ctx through
+ *         @c occ_poly1305_init is required before this function can be called.
+ *
+ * @remark The same key @p k needs to be supplied that was used in previous
+ *         @c occ_poly1305_update invocations.
+ *
+ * @remark After return, the generator state @p ctx must no longer be used with
+ *         @c occ_poly1305_update and @c occ_poly1305_final unless it is
+ *         reinitialized using @c occ_poly1305_init.
+ */
+void occ_poly1305_final(uint8_t r[occ_poly1305_BYTES],
+                        occ_poly1305_ctx *ctx,
+                        const uint8_t k[occ_poly1305_KEY_BYTES]);
+/**@}*/
+
+/**
+ * Poly1305 message authentication tag.
+ *
+ * The Poly1305 authentication of a given input message @p in is computed and
+ * put into @p r.
+ *
+ * **Example**
+ * @include occ_poly1305.c
+ *
+ * @param[out] r      Generated authentication tag.
+ * @param      in     Input data.
+ * @param      in_len Length of @p in.
+ * @param      k      Encryption key.
+ */
+void occ_poly1305(uint8_t r[occ_poly1305_BYTES],
+                  const uint8_t *in, size_t in_len,
+                  const uint8_t k[occ_poly1305_KEY_BYTES]);
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_rsa.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_rsa.h
new file mode 100644
index 0000000..799db18
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_rsa.h
@@ -0,0 +1,282 @@
+/**
+ * Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+ * 
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ * 
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ * 
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ * 
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ */
+
+/**@file
+ * RSA is a number theoretic public-key encryption and signature algorithm.
+ *
+ * These functions support RSA encrytion and signatures with 1024 and 2048 bit
+ * modulo and PKCS1 V1.5 padding.
+ */
+
+#ifndef OCC_RSA_H
+#define OCC_RSA_H
+
+#include <stdint.h>
+#include "occ_rsa_key.h"
+
+
+#include "nrf.h"
+#if defined(NRF51)
+#error "Oberon library currently doesn't support RSA for NRF51"
+#endif
+
+/**@name 1024 Bit RSA Functions.
+ * 
+ * This group of functions is used for 1024 bit RSA.
+ */
+/**@{*/
+/**
+ * 1024 bit RSA PKCS1 V1.5 encryption.
+ *
+ * The message @p m is encryted to a ciphertext returned in @p c.
+ *
+ * @param[out] c         The generated 128 byte cyphertext.
+ * @param      m,mlen    The message to be encrypted. 0 <= mlen <= 117.
+ * @param      seed,slen The random sedd to be used for the padding. slen >= 125 - mlen.
+ * @param      pk        A valid 1024 bit RSA public key.
+ *
+ * @returns -1 If the message is too long (mlen > 117).
+ * @returns -2 If the seed is too short (slen < 125 - mlen).
+ * @returns 0  Otherwise.
+ *
+ * @remark The key @p pk should be initialized with @c occ_rsa1024_init_pub_key.
+ * @remark The @p seed should consist of non-zero random bytes.
+ * @remark @p c and @p m can point to the same address.
+ */
+int occ_rsa1024_pkcs1_v15_encrypt(uint8_t c[128], const uint8_t *m, int mlen, const uint8_t *seed, int slen, const occ_rsa1024_pub_key *pk);
+
+/**
+ * 1024 bit RSA PKCS1 V1.5 decryption.
+ *
+ * The ciphertext @p c is decryted to the message returned in @p m.
+ *
+ * @param[out] m,mlen  The decypted message. The buffer must be long enough to hold the meaasge.
+ * @param      c       The 128 byte cyphertext to decrypt.
+ * @param      k       A valid 1024 bit RSA secret key.
+
+ * @returns -1 If decrytion failed.
+ * @returns -2 If the output buffer is too short (mlen < length of message).
+ * @returns  n If a message of length n was successfully decrypted. 
+ *
+ * @remark The key @p k should be initialized with @c occ_rsa1024_init_key.
+ * @remark @p m and @p c can point to the same address.
+ */
+int occ_rsa1024_pkcs1_v15_decrypt(uint8_t *m, int mlen, const uint8_t c[128], const occ_rsa1024_key *k);
+
+/**
+ * 1024 bit RSA PKCS1 V1.5 decryption with CRT acceleration.
+ *
+ * The ciphertext @p c is decryted to the message returned in @p m.
+ *
+ * @param[out] m,mlen  The decypted message. The buffer must be long enough to hold the meaasge.
+ * @param      c       The 128 byte cyphertext to decrypt.
+ * @param      k       A valid 1024 bit RSA secret key with CRT coefficients.
+
+ * @returns -1  If decrytion failed.
+ * @returns -2  If the output buffer is too short (mlen < length of message).
+ * @returns  n  If a message of length n was successfully decrypted. 
+ *
+ * @remark The key @p k should be initialized with @c occ_rsa1024_init_crt_key.
+ * @remark @p m and @p c can point to the same address.
+ */
+int occ_rsa1024_pkcs1_v15_crt_decrypt(uint8_t *m, int mlen, const uint8_t c[128], const occ_rsa1024_crt_key *k);
+
+/**
+ * 1024 bit RSA PKCS1 V1.5 SHA-256 sign.
+ *
+ * The message @p m is signed and the signature returned in @p s.
+ *
+ * @param[out] s       The generated 128 byte signature.
+ * @param      m,mlen  The message to be signed.
+ * @param      k       A valid 1024 bit RSA secret key.
+
+ * @returns 0
+ *
+ * @remark The key @p k should be initialized with @c occ_rsa1024_init_key.
+ * @remark @p s and @p m can point to the same address.
+ */
+int occ_rsa1024_pkcs1_v15_sha256_sign(uint8_t s[128], const uint8_t *m, int mlen, const occ_rsa1024_key *k);
+
+/**
+ * 1024 bit RSA PKCS1 V1.5 SHA-256 sign with CRT acceleration.
+ *
+ * The message @p m is signed and the signature returned in @p s.
+ *
+ * @param[out] s       The generated 128 byte signature.
+ * @param      m,mlen  The message to be signed.
+ * @param      k       A valid 1024 bit RSA secret key with CRT coefficients.
+
+ * @returns 0
+ *
+ * @remark The key @p k should be initialized with @c occ_rsa1024_init_crt_key.
+ * @remark @p s and @p m can point to the same address.
+ */
+int occ_rsa1024_pkcs1_v15_sha256_crt_sign(uint8_t s[128], const uint8_t *m, int mlen, const occ_rsa1024_crt_key *k);
+
+/**
+ * 1024 bit RSA PKCS1 V1.5 SHA-256 signature verify.
+ *
+ * The signature @p s is verified for a correct signature of message @p m.
+ *
+ * @param s      The 128 byte signature.
+ * @param m,mlen The signed message.
+ * @param pk     A valid 1024 bit RSA public key.
+ *
+ * @returns 0  If the signature is successfully verified.
+ * @returns -1 If verification failed.
+ *
+ * @remark The key @p pk should be initialized with @c occ_rsa1024_init_pub_key.
+ */
+int occ_rsa1024_pkcs1_v15_sha256_verify(const uint8_t s[128], const uint8_t *m, int mlen, const occ_rsa1024_pub_key *pk);
+/**@}*/
+
+
+/**@name 2048 Bit RSA Functions.
+ * 
+ * This group of functions is used for 2048 bit RSA.
+ */
+/**@{*/
+/**
+ * 2048 bit RSA PKCS1 V1.5 encryption.
+ *
+ * The message @p m is encryted to a ciphertext returned in @p c.
+ *
+ * @param[out] c         The generated 256 byte cyphertext.
+ * @param      m,mlen    The message to be encrypted. 0 <= mlen <= 245.
+ * @param      seed,slen The random sedd to be used for the padding. slen >= 253 - mlen.
+ * @param      pk        A valid 2048 bit RSA public key.
+ *
+ * @returns -1 If the message is too long (mlen > 245).
+ * @returns -2 If the seed is too short (slen < 253 - mlen).
+ * @returns 0  Otherwise.
+ *
+ * @remark The key @p pk should be initialized with @c occ_rsa2048_init_pub_key.
+ * @remark The @p seed should consist of non-zero random bytes.
+ * @remark @p c and @p m can point to the same address.
+ */
+int occ_rsa2048_pkcs1_v15_encrypt(uint8_t c[256], const uint8_t *m, int mlen, const uint8_t *seed, int slen, const occ_rsa2048_pub_key *pk);
+
+/**
+ * 2048 bit RSA PKCS1 V1.5 decryption.
+ *
+ * The ciphertext @p c is decryted to the message returned in @p m.
+ *
+ * @param[out] m,mlen  The decypted message. The buffer must be long enough to hold the meaasge.
+ * @param      c       The 256 byte cyphertext to decrypt.
+ * @param      k       A valid 2048 bit RSA secret key.
+
+ * @returns -1 If decrytion failed.
+ * @returns -2 If the output buffer is too short (mlen < length of message).
+ * @returns n  If a message of length n was successfully decrypted. 
+ *
+ * @remark The key @p k should be initialized with @c occ_rsa2048_init_key.
+ * @remark @p m and @p c can point to the same address.
+ */
+int occ_rsa2048_pkcs1_v15_decrypt(uint8_t *m, int mlen, const uint8_t c[256], const occ_rsa2048_key *k);
+
+/**
+ * 2048 bit RSA PKCS1 V1.5 decryption with CRT acceleration.
+ *
+ * The ciphertext @p c is decryted to the message returned in @p m.
+ *
+ * @param[out] m,mlen  The decypted message. The buffer must be long enough to hold the meaasge.
+ * @param      c       The 256 byte cyphertext to decrypt.
+ * @param      k       A valid 2048 bit RSA secret key with CRT coefficients.
+
+ * @returns -1  If decrytion failed.
+ * @returns -2  If the output buffer is too short (mlen < length of message).
+ * @returns  n  If a message of length n was successfully decrypted. 
+ *
+ * @remark The key @p k should be initialized with @c occ_rsa2048_init_crt_key.
+ * @remark @p m and @p c can point to the same address.
+ */
+int occ_rsa2048_pkcs1_v15_crt_decrypt(uint8_t *m, int mlen, const uint8_t c[256], const occ_rsa2048_crt_key *k);
+
+/**
+ * 2048 bit RSA PKCS1 V1.5 SHA-256 sign.
+ *
+ * The message @p m is signed and the signature returned in @p s.
+ *
+ * @param[out] s       The generated 256 byte signature.
+ * @param      m,mlen  The message to be signed.
+ * @param      k       A valid 2048 bit RSA secret key.
+
+ * @returns 0
+ *
+ * @remark The key @p k should be initialized with @c occ_rsa2048_init_key.
+ * @remark @p s and @p m can point to the same address.
+ */
+int occ_rsa2048_pkcs1_v15_sha256_sign(uint8_t s[256], const uint8_t *m, int mlen, const occ_rsa2048_key *k);
+
+/**
+ * 2048 bit RSA PKCS1 V1.5 SHA-256 sign with CRT acceleration.
+ *
+ * The message @p m is signed and the signature returned in @p s.
+ *
+ * @param[out] s       The generated 256 byte signature.
+ * @param      m,mlen  The message to be signed.
+ * @param      k       A valid 2048 bit RSA secret key with CRT coefficients.
+
+ * @returns 0
+ *
+ * @remark The key @p k should be initialized with @c occ_rsa2048_init_crt_key.
+ * @remark @p s and @p m can point to the same address.
+ */
+int occ_rsa2048_pkcs1_v15_sha256_crt_sign(uint8_t s[256], const uint8_t *m, int mlen, const occ_rsa2048_crt_key *k);
+
+/**
+ * 2048 bit RSA PKCS1 V1.5 SHA-256 signature verify.
+ *
+ * The signature @p s is verified for a correct signature of message @p m.
+ *
+ * @param s      The 256 byte signature.
+ * @param m,mlen The signed message.
+ * @param pk     A valid 2048 bit RSA public key.
+ *
+ * @returns 0  If the signature is successfully verified.
+ * @returns -1 If verification failed.
+ *
+ * @remark The key @p pk should be initialized with @c occ_rsa2048_init_pub_key.
+ */
+int occ_rsa2048_pkcs1_v15_sha256_verify(const uint8_t s[256], const uint8_t *m, int mlen, const occ_rsa2048_pub_key *pk);
+/**@}*/
+
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_rsa_key.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_rsa_key.h
new file mode 100644
index 0000000..9e68504
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_rsa_key.h
@@ -0,0 +1,236 @@
+/**
+ * Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+ * 
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ * 
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ * 
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ * 
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ */
+
+/**@file
+ * RSA is a number theoretic public-key encryption and signature algorithm.
+ *
+ * These functions suport the setup of 1024 and 4069 RSA secret and public keys.
+ */
+
+#ifndef OCC_RSA_KEY_H
+#define OCC_RSA_KEY_H
+
+#include <stdint.h>
+
+#include "nrf.h"
+#if defined(NRF51)
+#error "Oberon library currently doesn't support RSA for NRF51"
+#endif
+
+/**
+ * The Public RSA Exponent.
+ */
+#define PUB_EXP 65537  // 2^16 + 1
+
+
+/**@name 1024 Bit RSA Keys.
+ * 
+ * This group of keys is used for 1024 bit RSA.
+ */
+/**@{*/
+/**
+ * 1024 bit RSA public key
+ */
+typedef struct {
+	uint32_t n[32];
+	// e = 65537
+} occ_rsa1024_pub_key;
+
+/**
+ * 1024 bit RSA secret key
+ */
+typedef struct {
+	uint32_t n[32];
+	uint32_t d[32];  // x^(e*d) mod n == x
+} occ_rsa1024_key;
+
+/**
+ * 1024 bit RSA secret key with CRT coefficients
+ */
+typedef struct {
+	uint32_t n[32];
+	uint32_t p[16], q[16];   // primes, p*q = n
+	uint32_t dp[16], dq[16]; // d mod (p-1), d mod (q-1)
+	uint32_t qinv[16];       // 1/q mod p
+} occ_rsa1024_crt_key;
+/**@}*/
+
+
+/**@name 2048 Bit RSA Keys.
+ * 
+ * This group of keys is used for 2048 bit RSA.
+ */
+/**@{*/
+/**
+ * 2048 bit RSA public key
+ */
+typedef struct {
+	uint32_t n[64];
+	// e = 65537
+} occ_rsa2048_pub_key;
+
+/**
+ * 2048 bit RSA secret key
+ */
+typedef struct {
+	uint32_t n[64];
+	uint32_t d[64];  // x^(e*d) mod n == x
+} occ_rsa2048_key;
+
+/**
+ * 2048 bit RSA secret key with CRT coefficients
+ */
+typedef struct {
+	uint32_t n[64];
+	uint32_t p[32], q[32];   // primes, p*q = n
+	uint32_t dp[32], dq[32]; // d mod (p-1), d mod (q-1)
+	uint32_t qinv[32];       // 1/q mod p
+} occ_rsa2048_crt_key;
+/**@}*/
+
+/**@name 1024 Bit RSA key setup.
+ * 
+ * This group of functions is used for 1024 bit RSA key setup.
+ */
+/**@{*/
+/**
+ * 1024 bit RSA public key setup.
+ *
+ * @param[out] k       The initialzed public key.
+ * @param      n,nlen  The RSA modulus. Must be exactly 1024 bits.
+ *
+ * @retruns -1 If the input length is not correct
+ * @returns 0  Otherwise.
+
+ * @remark The public exponent is fixed at 65537.
+ */
+int occ_rsa1024_init_pub_key (occ_rsa1024_pub_key *k,
+						      const uint8_t *n, int nlen);
+
+/**
+ * 1024 bit RSA secret key setup.
+ *
+ * @param[out] k       The initialzed public key.
+ * @param      n,nlen  The RSA modulus. Must be exactly 1024 bits.
+ * @param      d,dlen  The secret exponent. Must be <= 1024 bits.
+ *
+ * @retruns -1 If the input length is not correct
+ * @returns 0  Otherwise.
+ */
+int occ_rsa1024_init_key (occ_rsa1024_key *k,
+					      const uint8_t *n, int nlen,
+					      const uint8_t *d, int dlen);
+
+/**
+ * 1024 bit RSA secret key setup with CRT coefficients.
+ *
+ * @param[out] k          The initialzed secret key.
+ * @param      p,plen     The 1. RSA prime. Must be exactly 512 bits.
+ * @param      q,qlen     The 2. RSA prime. Must be exactly 512 bits.
+ * @param      dp,dplen   The 1. CRT exponent. dp = d mod (p-1).
+ * @param      dq,dqlen   The 2. CRT exponent. dq = d mod (q-1).
+ * @param      qinv,qilen The CRT coefficient. qinv = 1/q mod p.
+ *
+ * @retruns -1 If the input length is not correct
+ * @returns 0  Otherwise.
+ */
+int occ_rsa1024_init_crt_key (occ_rsa1024_crt_key *k,
+						      const uint8_t *p,    int plen,
+						      const uint8_t *q,    int qlen,
+						      const uint8_t *dp,   int dplen,
+						      const uint8_t *dq,   int dqlen,
+						      const uint8_t *qinv, int qilen);
+/**@}*/
+
+/**@name 2048 Bit RSA key setup.
+ * 
+ * This group of functions is used for 2048 bit RSA key setup.
+ */
+/**@{*/
+/**
+ * 2048 bit RSA public key setup.
+ *
+ * @param[out] k       The initialzed public key.
+ * @param      n,nlen  The RSA modulus. Must be exactly 2048 bits.
+ *
+ * @retruns -1 If the input length is not correct
+ * @returns 0  Otherwise.
+
+ * @remark The public exponent is fixed at 65537.
+ */
+int occ_rsa2048_init_pub_key (occ_rsa2048_pub_key *k,
+						      const uint8_t *n, int nlen);
+
+/**
+ * 2048 bit RSA secret key setup.
+ *
+ * @param[out] k       The initialzed public key.
+ * @param      n,nlen  The RSA modulus. Must be exactly 2048 bits.
+ * @param      d,dlen  The secret exponent. Must be <= 2048 bits.
+ *
+ * @retruns -1 If the input length is not correct
+ * @returns 0  Otherwise.
+ */
+int occ_rsa2048_init_key (occ_rsa2048_key *k,
+					      const uint8_t *n, int nlen,
+					      const uint8_t *d, int dlen);
+
+/**
+ * 2048 bit RSA secret key setup with CRT coefficients.
+ *
+ * @param[out] k          The initialzed secret key.
+ * @param      p,plen     The 1. RSA prime. Must be exactly 1024 bits.
+ * @param      q,qlen     The 2. RSA prime. Must be exactly 1024 bits.
+ * @param      dp,dplen   The 1. CRT exponent. dp = d mod (p-1).
+ * @param      dq,dqlen   The 2. CRT exponent. dq = d mod (q-1).
+ * @param      qinv,qilen The CRT coefficient. qinv = 1/q mod p.
+ *
+ * @retruns -1 If the input length is not correct
+ * @returns 0  Otherwise.
+ */
+int occ_rsa2048_init_crt_key (occ_rsa2048_crt_key *k,
+						      const uint8_t *p,    int plen,
+						      const uint8_t *q,    int qlen,
+						      const uint8_t *dp,   int dplen,
+						      const uint8_t *dq,   int dqlen,
+						      const uint8_t *qinv, int qilen);
+/**@}*/
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_sha1.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_sha1.h
new file mode 100644
index 0000000..3fe2a1e
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_sha1.h
@@ -0,0 +1,80 @@
+/**
+ * Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+ * 
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ * 
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ * 
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ * 
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ */
+
+/**@file
+ * SHA-1 is a cryptographic hash function designed by the NSA.
+ *
+ * A fixed-sized message digest is computed from input data with arbitrary
+ * length. The function is practically impossible to revert, and small changes
+ * in the input message lead to major changes in the message digest.
+ *
+ * SHA-1 is no longer considered secure against well-funded opponents;
+ * replacement by SHA-2 or SHA-3 is recommended.
+ */
+
+#ifndef OCC_SHA1_H
+#define OCC_SHA1_H
+
+#include <stdint.h>
+#include <stddef.h>
+
+
+/**
+ * Length of SHA-1 hash.
+ */
+#define occ_sha1_BYTES (20)
+
+
+/**
+ * SHA-1 hash.
+ *
+ * The SHA-1 hash of a given input message @p in is computed and put into @p r.
+ *
+ * **Example**
+ * @include occ_sha1.c
+ *
+ * @param[out] r      Generated hash.
+ * @param      in     Input data.
+ * @param      in_len Length of @p in.
+ */
+void occ_sha1(uint8_t r[occ_sha1_BYTES],
+              const uint8_t *in, size_t in_len);
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_sha256.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_sha256.h
new file mode 100644
index 0000000..290c86c
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_sha256.h
@@ -0,0 +1,141 @@
+/**
+ * Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+ * 
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ * 
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ * 
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ * 
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ */
+
+/**@file
+ * SHA-256 is part of the SHA-2 family that is a set of cryptographic hash
+ * functions designed by the NSA. It is the successor of the SHA-1 algorithm.
+ *
+ * A fixed-sized message digest is computed from variable length input data.
+ * The function is practically impossible to revert, and small changes in the
+ * input message lead to major changes in the message digest.
+ */
+
+#ifndef OCC_SHA256_H
+#define OCC_SHA256_H
+
+#include <stdint.h>
+#include <stddef.h>
+
+/**
+ * Length of SHA-256 hash.
+ */
+#define occ_sha256_BYTES (32)
+
+
+/**@cond */
+typedef struct {
+    uint32_t h[8];
+    uint8_t  padded[64];
+    uint32_t length;
+    size_t   bytes;
+} occ_sha256_ctx;
+/**@endcond */
+
+
+/**@name Incremental SHA-256 generator.
+ * 
+ * This group of functions can be used to incrementally compute the SHA-256
+ * hash for a given message.
+ *
+ * **Example**
+ * @include occ_sha256_incremental.c
+ */
+/**@{*/
+/**
+ * SHA-256 initialization.
+ *
+ * The generator state @p ctx is initialized by this function.
+ *
+ * @param[out] ctx Generator state.
+ */
+void occ_sha256_init(occ_sha256_ctx *ctx);
+
+/**
+ * SHA-256 incremental data input.
+ *
+ * The generator state @p ctx is updated to hash a message chunk @p in.
+ *
+ * This function can be called repeatedly until the whole message is processed.
+ *
+ * @param[in,out] ctx    Generator state.
+ * @param         in     Input data.
+ * @param         in_len Length of @p in.
+ *
+ * @remark Initialization of the generator state @p ctx through
+ *         @c occ_sha256_init is required before this function can be called.
+ */
+void occ_sha256_update(occ_sha256_ctx *ctx,
+                       const uint8_t *in, size_t in_len);
+
+/**
+ * SHA-256 output.
+ *
+ * The generator state @p ctx is updated to finalize the hash for the previously
+ * processed message chunks. The hash is put into @p r.
+ *
+ * @param[out]    r   Generated hash value.
+ * @param[in,out] ctx Generator state.
+ *
+ * @remark Initialization of the generator state @p ctx through
+ *         @c occ_sha256_init is required before this function can be called.
+ *
+ * @remark After return, the generator state @p ctx must no longer be used with
+ *         @c occ_sha256_update and @c occ_sha256_final unless it is
+ *         reinitialized using @c occ_sha256_init.
+ */
+void occ_sha256_final(uint8_t r[occ_sha256_BYTES], occ_sha256_ctx *ctx);
+/**@}*/
+
+/**
+ * SHA-256 hash.
+ *
+ * The SHA-256 hash of a given input message @p in is computed and put into @p r.
+ *
+ * **Example**
+ * @include occ_sha256.c
+ *
+ * @param[out] r      Generated hash.
+ * @param      in     Input data.
+ * @param      in_len Length of @p in.
+ */
+void occ_sha256(uint8_t r[occ_sha256_BYTES],
+                const uint8_t *in, size_t in_len);
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_sha512.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_sha512.h
new file mode 100644
index 0000000..757e0ad
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_sha512.h
@@ -0,0 +1,141 @@
+/**
+ * Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+ * 
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ * 
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ * 
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ * 
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ */
+
+/**@file
+ * SHA-512 is part of the SHA-2 family that is a set of cryptographic hash
+ * functions designed by the NSA. It is the successor of the SHA-1 algorithm.
+ *
+ * A fixed-sized message digest is computed from variable length input data.
+ * The function is practically impossible to revert, and small changes in the
+ * input message lead to major changes in the message digest.
+ */
+
+#ifndef OCC_SHA512_H
+#define OCC_SHA512_H
+
+#include <stdint.h>
+#include <stddef.h>
+
+/**
+ * Length of SHA-512 hash.
+ */
+#define occ_sha512_BYTES (64)
+
+
+/**@cond */
+typedef struct {
+    uint64_t h[8];
+    uint8_t  padded[128];
+    uint32_t length;
+    size_t   bytes;
+} occ_sha512_ctx;
+/**@endcond */
+
+
+/**@name Incremental SHA-512 generator.
+ * 
+ * This group of functions can be used to incrementally compute the SHA-512
+ * hash for a given message.
+ *
+ * **Example**
+ * @include occ_sha512_incremental.c
+ */
+/**@{*/
+/**
+ * SHA-512 initialization.
+ *
+ * The generator state @p ctx is initialized by this function.
+ *
+ * @param[out] ctx Generator state.
+ */
+void occ_sha512_init(occ_sha512_ctx *ctx);
+
+/**
+ * SHA-512 incremental data input.
+ *
+ * The generator state @p ctx is updated to hash a message chunk @p in.
+ *
+ * This function can be called repeatedly until the whole message is processed.
+ *
+ * @param[in,out] ctx    Generator state.
+ * @param         in     Input data.
+ * @param         in_len Length of @p in.
+ *
+ * @remark Initialization of the generator state @p ctx through
+ *         @c occ_sha512_init is required before this function can be called.
+ */
+void occ_sha512_update(occ_sha512_ctx *ctx,
+                       const uint8_t *in, size_t in_len);
+
+/**
+ * SHA-512 output.
+ *
+ * The generator state @p ctx is updated to finalize the hash for the previously
+ * processed message chunks. The hash is put into @p r.
+ *
+ * @param[out]    r   Generated hash value.
+ * @param[in,out] ctx Generator state.
+ *
+ * @remark Initialization of the generator state @p ctx through
+ *         @c occ_sha512_init is required before this function can be called.
+ *
+ * @remark After return, the generator state @p ctx must no longer be used with
+ *         @c occ_sha512_update and @c occ_sha512_final unless it is
+ *         reinitialized using @c occ_sha512_init.
+ */
+void occ_sha512_final(uint8_t r[occ_sha512_BYTES], occ_sha512_ctx *ctx);
+/**@}*/
+
+/**
+ * SHA-512 hash.
+ *
+ * The SHA-512 hash of a given input message @p in is computed and put into @p r.
+ *
+ * **Example**
+ * @include occ_sha512.c
+ *
+ * @param[out] r      Generated hash.
+ * @param      in     Input data.
+ * @param      in_len Length of @p in.
+ */
+void occ_sha512(uint8_t r[occ_sha512_BYTES],
+                const uint8_t *in, size_t in_len);
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_srp.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_srp.h
new file mode 100644
index 0000000..d42ee7f
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/include/occ_srp.h
@@ -0,0 +1,302 @@
+/**
+ * Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+ * 
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ * 
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ * 
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ * 
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ */
+
+/**@file
+ * SRP is an augmented password-authenticated key agreement protocol,
+ * specifically designed to work around existing patents. SRP allows the use of
+ * user names and passwords over unencrypted channels and supplies a shared
+ * secret at the end of the authentication sequence that can be used to generate
+ * encryption keys.
+ *
+ * An eavesdropper or man in the middle cannot obtain enough information to be
+ * able to brute force guess a password without further interactions with the
+ * parties for each guess.
+ *
+ * The server does not store password-equivalent data. This means that an
+ * attacker who steals the server data cannot masquerade as the client unless
+ * they first perform a brute force search for the password.
+ *
+ * The specific variant implemented here is SRP-6 3072 bit SHA-512 as mandated
+ * by Apple for use with HomeKit.
+ *
+ * @see [RFC 5054 - Using the Secure Remote Password (SRP) Protocol for TLS Authentication](https://tools.ietf.org/html/rfc5054)
+ * @see [The Stanford SRP Homepage](http://srp.stanford.edu)
+ *
+ * **Basic protocol overview**
+ *
+ * *Setup*
+ * 1. Server generates a username / password combination together with a salt.
+ * 2. Server derives a password verifier (see #occ_srp_verifier).
+ * 3. The username, salt and verifier are stored and required to open sessions.
+ *    The original password is no longer needed.
+ *
+ * *Session opening*
+ * 1. Client sends a username and the public key of an ephemeral key pair to the
+ *    server.
+ * 2. Server sends the salt and the public key of another ephemeral key pair to
+ *    the client (see #occ_srp_public_key).
+ * 3. Client and Server both compute the session key from this information (see
+ *    #occ_srp_scrambling_parameter, #occ_srp_premaster_secret,
+ *    #occ_srp_session_key).
+ * 4. Client sends proof of the session key to the server.
+ * 5. Server validates proof (see #occ_srp_proof_m1), then sends proof of the 
+ *    session key to the client (see #occ_srp_proof_m2).
+ * 6. Client validates proof. Both parties know that they share the same private
+ *    session key.
+ */
+
+#ifndef OCC_SRP_H
+#define OCC_SRP_H
+
+#include <stdint.h>
+#include <stddef.h>
+
+
+/**
+ * Salt length.
+ */
+#define occ_srp_SALT_BYTES (16)
+
+/**
+ * Password verifier length.
+ */
+#define occ_srp_VERIFIER_BYTES (384)
+
+/**
+ * Secret key length.
+ */
+#define occ_srp_SECRET_KEY_BYTES (32)
+
+/**
+ * Public key length.
+ */
+#define occ_srp_PUBLIC_KEY_BYTES (384)
+
+/**
+ * Scrambling parameter length.
+ */
+#define occ_srp_SCRAMBLING_PARAMETER_BYTES (64)
+
+/**
+ * Premaster secret length.
+ */
+#define occ_srp_PREMASTER_SECRET_BYTES (384)
+
+/**
+ * Session key length.
+ */
+#define occ_srp_SESSION_KEY_BYTES (64)
+
+/**
+ * Proof length.
+ */
+#define occ_srp_PROOF_BYTES (64)
+
+
+/**@name SRP-6 Password verifier generation.
+ *
+ * A password verifier is generated from a user name and a password. The
+ * password @p pass may be discarded, as only the verifier is used during later
+ * computations.
+ *
+ * **Example**
+ * @include occ_srp_verifier.c
+ */
+/**@{*/
+/**
+ * SRP-6 Password Verifier.
+ *
+ * The verifier is generated for a given user name @p user, a password @p pass
+ * and salt @p salt.
+ *
+ * @param[out] v        Generated password verifier, must be 32 bit aligned.
+ * @param      salt     Salt.
+ * @param      user     User name.
+ * @param      user_len Length of @p user.
+ * @param      pass     Password.
+ * @param      pass_len Length of @p pass.
+ */
+void occ_srp_verifier(uint8_t v[occ_srp_VERIFIER_BYTES],
+                      const uint8_t salt[occ_srp_SALT_BYTES],
+                      const uint8_t *user, size_t user_len,
+                      const uint8_t *pass, size_t pass_len);
+/**@}*/
+
+/**@name SRP-6 Public key generation.
+ *
+ * An ephemeral keypair can be generated based on the password verifier to be
+ * used when opening a new session.
+ *
+ * **Example**
+ * @include occ_srp_public_key.c
+ */
+/**@{*/
+/**
+ * SRP-6 Public Key.
+ *
+ * The public key for a given private key @p priv_b is generated using the
+ * password verifier @p v and put into @p pub_b.
+ *
+ * @param[out] pub_b  Generated public key, must be 32 bit aligned.
+ * @param      priv_b Private key.
+ * @param      v      Password verifier.
+ */
+void occ_srp_public_key(uint8_t pub_b[occ_srp_PUBLIC_KEY_BYTES],
+                        const uint8_t priv_b[occ_srp_SECRET_KEY_BYTES],
+                        const uint8_t v[occ_srp_VERIFIER_BYTES]);
+/**@}*/
+
+/**@name SRP-6 Session key generation.
+ * 
+ * A premaster secret can be derived from both the client's and server's public
+ * keys, the server's private key and the password verifier. A shared session
+ * key can be generated from this premaster secret.
+ *
+ * **Example**
+ * @include occ_srp_session_key.c
+ */
+/**@{*/
+/**
+ * SRP-6 Scrambling Parameter.
+ *
+ * The scrambling parameter is computed from both the client's public key
+ * @p pub_a and the server's public key @p pub_b. The scrambling parameter
+ * is required to compute the premaster secret.
+ *
+ * @param[out] u     Generated scrambling parameter.
+ * @param      pub_a Client public key.
+ * @param      pub_b Server public key.
+ */
+void occ_srp_scrambling_parameter(uint8_t u[occ_srp_SCRAMBLING_PARAMETER_BYTES],
+                                  const uint8_t pub_a[occ_srp_PUBLIC_KEY_BYTES],
+                                  const uint8_t pub_b[occ_srp_PUBLIC_KEY_BYTES]);
+
+/**
+ * SRP-6 Premaster Secret.
+ *
+ * The premaster secret between the client and the server is computed using the
+ * client public key @p pub_a, the server private key @p priv_b, the scrambling
+ * parameter @p u and the password verifier @p v. If the client public key
+ * @p pub_a is valid, the premaster secret is then put into @p s. The premaster
+ * secret can be used to generate encryption keys.
+ *
+ * @param[out] s      Generated premaster secret, must be 32 bit aligned.
+ * @param      pub_a  Client public key.
+ * @param      priv_b Server private key.
+ * @param      u      Scrambling parameter; generated with @c srp_scrambling_parameter.
+ * @param      v      Password verifier.
+ *
+ * @returns 0 If @p pub_a is a legal public key.
+ * @returns 1 Otherwise.
+ */
+int occ_srp_premaster_secret(uint8_t s[occ_srp_PREMASTER_SECRET_BYTES],
+                             const uint8_t pub_a[occ_srp_PUBLIC_KEY_BYTES],
+                             const uint8_t priv_b[occ_srp_SECRET_KEY_BYTES],
+                             const uint8_t u[occ_srp_SCRAMBLING_PARAMETER_BYTES],
+                             const uint8_t v[occ_srp_VERIFIER_BYTES]);
+
+/**
+ * SRP-6 SRP Session Key.
+ *
+ * Generates the shared SRP session key from the premaster secret @p s and puts
+ * it into @p k.
+ *
+ * @param[out] k Generated SRP session key.
+ * @param      s Premaster secret.
+ */
+void occ_srp_session_key(uint8_t k[occ_srp_SESSION_KEY_BYTES],
+                         const uint8_t s[occ_srp_PREMASTER_SECRET_BYTES]);
+/**@}*/
+
+/**@name SRP-6 Proof exchange.
+ * 
+ * Proofs are exchanged from client to server and vice versa to ensure that both
+ * parties computed the same shared session key. The proofs only match if the
+ * correct password is used by the client.
+ *
+ * **Example**
+ * @include occ_srp_proof.c
+ */
+/**@{*/
+/**
+ * SRP-6 Proof M1 (client to server).
+ *
+ * A proof is generated by the client and sent to the server to assert that the
+ * client is in possession of the shared session key @p k. The server also
+ * generates the proof. Only if the proofs match, the process can continue.
+ * The proof is based on the salt @p salt, the client public key @p pub_a,
+ * the server public key @p pub_b and the shared session key @p k.
+ *
+ * @param[out] m1       Generated proof.
+ * @param      user     User name.
+ * @param      user_len Length of @p user.
+ * @param      salt     Salt.
+ * @param      pub_a    Client public key.
+ * @param      pub_b    Server public key.
+ * @param      k        Session key.
+ */
+void occ_srp_proof_m1(uint8_t m1[occ_srp_PROOF_BYTES],
+                      const uint8_t *user, size_t user_len,
+                      const uint8_t salt[occ_srp_SALT_BYTES],
+                      const uint8_t pub_a[occ_srp_PUBLIC_KEY_BYTES],
+                      const uint8_t pub_b[occ_srp_PUBLIC_KEY_BYTES],
+                      const uint8_t k[occ_srp_SESSION_KEY_BYTES]);
+
+/**
+ * SRP-6 Proof M2 (server to client).
+ *
+ * A second proof is generated by the server and sent back to the client to
+ * assert that the server is in possession of the shared session key @p k. The
+ * client also generates the proof. If the proofs match, both parties can assume
+ * that they share the same session key @p k. The second proof is based on the
+ * client public key @p pub_a, the first proof @p m1 and the session key @p k.
+ *
+ * @param[out] m2    Generated proof.
+ * @param      pub_a Client public key.
+ * @param      m1    First proof; generated with @c srp_proof_m1.
+ * @param      k     Session key.
+ */
+void occ_srp_proof_m2(uint8_t m2[occ_srp_PROOF_BYTES],
+                      const uint8_t pub_a[occ_srp_PUBLIC_KEY_BYTES],
+                      const uint8_t m1[occ_srp_PROOF_BYTES],
+                      const uint8_t k[occ_srp_SESSION_KEY_BYTES]);
+/**@}*/
+
+#endif
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf51/liboberon_no_fp_2.0.4.a b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf51/liboberon_no_fp_2.0.4.a
new file mode 100644
index 0000000..cd29d4d
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf51/liboberon_no_fp_2.0.4.a
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf51/liboberon_no_fp_short_wchar_2.0.4.a b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf51/liboberon_no_fp_short_wchar_2.0.4.a
new file mode 100644
index 0000000..6b9830f
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf51/liboberon_no_fp_short_wchar_2.0.4.a
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf51/license.txt b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf51/license.txt
new file mode 100644
index 0000000..c35cf3c
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf51/license.txt
@@ -0,0 +1,37 @@
+Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+
+2. Redistributions in binary form, except as embedded into a Nordic
+   Semiconductor ASA integrated circuit in a product or a software update for
+   such product, must reproduce the above copyright notice, this list of
+   conditions and the following disclaimer in the documentation and/or other
+   materials provided with the distribution.
+
+3. Neither the name of Nordic Semiconductor ASA nor the names of its
+   contributors may be used to endorse or promote products derived from this
+   software without specific prior written permission.
+
+4. This software, with or without modification, must only be used with a
+   Nordic Semiconductor ASA integrated circuit.
+
+5. Any software provided in binary form under this license must not be reverse
+   engineered, decompiled, modified and/or disassembled.
+
+THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf51/oberon_no_fp_short_wchar_2.0.4.lib b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf51/oberon_no_fp_short_wchar_2.0.4.lib
new file mode 100644
index 0000000..6b9830f
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf51/oberon_no_fp_short_wchar_2.0.4.lib
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/liboberon_2.0.4.a b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/liboberon_2.0.4.a
new file mode 100644
index 0000000..45fdb45
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/liboberon_2.0.4.a
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/liboberon_no_fp_2.0.4.a b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/liboberon_no_fp_2.0.4.a
new file mode 100644
index 0000000..cd29d4d
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/liboberon_no_fp_2.0.4.a
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/liboberon_no_fp_short_wchar_2.0.4.a b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/liboberon_no_fp_short_wchar_2.0.4.a
new file mode 100644
index 0000000..6b9830f
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/liboberon_no_fp_short_wchar_2.0.4.a
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/liboberon_short_wchar_2.0.4.a b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/liboberon_short_wchar_2.0.4.a
new file mode 100644
index 0000000..baf5371
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/liboberon_short_wchar_2.0.4.a
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/license.txt b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/license.txt
new file mode 100644
index 0000000..c35cf3c
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/license.txt
@@ -0,0 +1,37 @@
+Copyright (c) 2016 - 2018, Nordic Semiconductor ASA
+
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+
+2. Redistributions in binary form, except as embedded into a Nordic
+   Semiconductor ASA integrated circuit in a product or a software update for
+   such product, must reproduce the above copyright notice, this list of
+   conditions and the following disclaimer in the documentation and/or other
+   materials provided with the distribution.
+
+3. Neither the name of Nordic Semiconductor ASA nor the names of its
+   contributors may be used to endorse or promote products derived from this
+   software without specific prior written permission.
+
+4. This software, with or without modification, must only be used with a
+   Nordic Semiconductor ASA integrated circuit.
+
+5. Any software provided in binary form under this license must not be reverse
+   engineered, decompiled, modified and/or disassembled.
+
+THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/oberon_no_fp_short_wchar_2.0.4.lib b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/oberon_no_fp_short_wchar_2.0.4.lib
new file mode 100644
index 0000000..6b9830f
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/oberon_no_fp_short_wchar_2.0.4.lib
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/oberon_short_wchar_2.0.4.lib b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/oberon_short_wchar_2.0.4.lib
new file mode 100644
index 0000000..baf5371
--- /dev/null
+++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_oberon/lib/nrf52/oberon_short_wchar_2.0.4.lib