diff options
Diffstat (limited to 'thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310')
23 files changed, 5374 insertions, 0 deletions
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_aes.c b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_aes.c new file mode 100644 index 0000000..66de4bb --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_aes.c @@ -0,0 +1,887 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include "sdk_common.h" +#include <drivers/nrfx_common.h> +#if NRF_MODULE_ENABLED(NRF_CRYPTO) + +#include <stdbool.h> +#include "ssi_aes_error.h" +#include "cc310_backend_aes.h" +#include "cc310_backend_mutex.h" +#include "cc310_backend_shared.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_CC310_AES) + +/**@internal @brief Type declarations of templates matching all possible context sizes + * for this backend. + */ +typedef struct +{ + nrf_crypto_aes_internal_context_t header; /**< Common header for context. */ + SaSiAesUserContext_t context; /**< AES context internal to mbed TLS. */ + nrf_crypto_backend_aes_ctx_t backend; /**< Backend-specific internal context. */ +} nrf_crypto_backend_cc310_aes_any_context_t; + +/**@internal @brief Type declarations of templates matching all possible context sizes + * for this backend. + */ +typedef union +{ + nrf_crypto_backend_cc310_aes_any_context_t any; /**< Common for all contexts. */ + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_ECB) + nrf_crypto_backend_aes_ecb_context_t ecb; +#endif +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CBC) + nrf_crypto_backend_aes_cbc_context_t cbc; +#endif +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CTR) + nrf_crypto_backend_aes_ctr_context_t ctr; +#endif +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CBC_MAC) + nrf_crypto_backend_aes_cbc_mac_context_t cbc_mac; +#endif +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CMAC) + nrf_crypto_backend_aes_cmac_context_t cmac; +#endif +} nrf_crypto_backend_cc310_aes_context_t; + + +static ret_code_t result_get(SaSiError_t error) +{ + ret_code_t ret_val; + switch (error) + { + case SASI_SUCCESS: + ret_val = NRF_SUCCESS; + break; + + case SASI_AES_INVALID_USER_CONTEXT_POINTER_ERROR: + ret_val = NRF_ERROR_CRYPTO_CONTEXT_NULL; + break; + + case SASI_AES_ILLEGAL_KEY_SIZE_ERROR: + case SASI_AES_DATA_IN_SIZE_ILLEGAL: + case SASI_AES_DATA_IN_BUFFER_SIZE_ERROR: + ret_val = NRF_ERROR_CRYPTO_INPUT_LENGTH; + break; + + case SASI_AES_INVALID_IV_OR_TWEAK_PTR_ERROR: + case SASI_AES_INVALID_KEY_POINTER_ERROR: + case SASI_AES_DATA_IN_POINTER_INVALID_ERROR: + ret_val = NRF_ERROR_CRYPTO_INPUT_NULL; + break; + + case SASI_AES_ILLEGAL_OPERATION_MODE_ERROR: + case SASI_AES_KEY_TYPE_NOT_SUPPORTED_ERROR: + case SASI_AES_INVALID_ENCRYPT_MODE_ERROR: + case SASI_AES_ILLEGAL_PADDING_TYPE_ERROR: + case SASI_AES_INCORRECT_PADDING_ERROR: + case SASI_AES_DECRYPTION_NOT_ALLOWED_ON_THIS_MODE: + case SASI_AES_ADDITIONAL_BLOCK_NOT_PERMITTED_ERROR: + case SASI_AES_IS_NOT_SUPPORTED: + ret_val = NRF_ERROR_CRYPTO_FEATURE_UNAVAILABLE; + break; + + case SASI_AES_DATA_OUT_BUFFER_SIZE_ERROR: + ret_val = NRF_ERROR_CRYPTO_OUTPUT_LENGTH; + break; + + case SASI_AES_DATA_OUT_POINTER_INVALID_ERROR: + case SASI_AES_DATA_OUT_SIZE_POINTER_INVALID_ERROR: + ret_val = NRF_ERROR_CRYPTO_OUTPUT_NULL; + break; + + case SASI_AES_CTX_SIZES_ERROR: + default: + ret_val = NRF_ERROR_CRYPTO_INTERNAL; + break; + } + return ret_val; +} + +static ret_code_t params_validate(nrf_crypto_backend_cc310_aes_context_t const * const p_ctx, + SaSiAesOperationMode_t * p_mode, + nrf_crypto_operation_t operation) +{ + ret_code_t ret_val = NRF_SUCCESS; + + switch (p_ctx->any.header.p_info->mode) + { +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_ECB) + case NRF_CRYPTO_AES_MODE_ECB: + case NRF_CRYPTO_AES_MODE_ECB_PAD_PCKS7: + *p_mode = SASI_AES_MODE_ECB; + break; +#endif + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CBC) + case NRF_CRYPTO_AES_MODE_CBC: + case NRF_CRYPTO_AES_MODE_CBC_PAD_PCKS7: + *p_mode = SASI_AES_MODE_CBC; + break; +#endif + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CTR) + case NRF_CRYPTO_AES_MODE_CTR: + *p_mode = SASI_AES_MODE_CTR; + break; +#endif + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CBC_MAC) + case NRF_CRYPTO_AES_MODE_CBC_MAC: + case NRF_CRYPTO_AES_MODE_CBC_MAC_PAD_PCKS7: + *p_mode = SASI_AES_MODE_CBC_MAC; + VERIFY_TRUE((operation == NRF_CRYPTO_MAC_CALCULATE), NRF_ERROR_CRYPTO_INVALID_PARAM); + break; +#endif + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CMAC) + case NRF_CRYPTO_AES_MODE_CMAC: + *p_mode = SASI_AES_MODE_CMAC; + VERIFY_TRUE((operation == NRF_CRYPTO_MAC_CALCULATE), NRF_ERROR_CRYPTO_INVALID_PARAM); + break; +#endif + + default: + ret_val = NRF_ERROR_CRYPTO_FEATURE_UNAVAILABLE; + break; + } + + return ret_val; +} + +static ret_code_t backend_cc310_init(void * const p_context, nrf_crypto_operation_t operation) +{ + SaSiError_t result; + ret_code_t ret_val; + bool mutex_locked; + + SaSiAesOperationMode_t mode; + SaSiAesEncryptMode_t operation_cc310; + + nrf_crypto_backend_cc310_aes_context_t * p_ctx = + (nrf_crypto_backend_cc310_aes_context_t *)p_context; + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + if (!nrfx_is_in_ram(&p_ctx->any.context)) + { + ret_val = NRF_ERROR_CRYPTO_INPUT_LOCATION; + goto exit; + } + if (p_ctx->any.header.p_info->key_size != NRF_CRYPTO_KEY_SIZE_128) + { + ret_val = NRF_ERROR_CRYPTO_KEY_SIZE; + goto exit; + } + + ret_val = params_validate(p_ctx, &mode, operation); + + if (ret_val != NRF_SUCCESS) + { + goto exit; + } + + if (operation == NRF_CRYPTO_DECRYPT) + { + operation_cc310 = SASI_AES_DECRYPT; + } + else if ((operation == NRF_CRYPTO_ENCRYPT) || (operation == NRF_CRYPTO_MAC_CALCULATE)) + { + operation_cc310 = SASI_AES_ENCRYPT; + } + else + { + ret_val = NRF_ERROR_CRYPTO_INVALID_PARAM; + goto exit; + } + p_ctx->any.backend.operation = operation; + + result = SaSi_AesInit(&p_ctx->any.context, + operation_cc310, + mode, + SASI_AES_PADDING_NONE); /* CC310 does not support padding */ + ret_val = result_get(result); + +exit: + cc310_backend_mutex_unlock(); + return ret_val; +} + +static ret_code_t backend_cc310_uninit(void * const p_context) +{ + SaSiError_t result; + ret_code_t ret_val; + + nrf_crypto_backend_cc310_aes_context_t * p_ctx = + (nrf_crypto_backend_cc310_aes_context_t *)p_context; + + bool mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + result = SaSi_AesFree(&p_ctx->any.context); + ret_val = result_get(result); + + cc310_backend_mutex_unlock(); + return ret_val; +} + +static ret_code_t backend_cc310_key_set(void * const p_context, uint8_t * p_key) +{ + SaSiError_t result; + ret_code_t ret_val; + bool mutex_locked; + + SaSiAesUserKeyData_t key_data; + + nrf_crypto_backend_cc310_aes_context_t * p_ctx = + (nrf_crypto_backend_cc310_aes_context_t *)p_context; + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + if (!nrfx_is_in_ram(p_key)) + { + ret_val = NRF_ERROR_CRYPTO_INPUT_LOCATION; + goto exit; + } + + key_data.pKey = p_key; + key_data.keySize = (p_ctx->any.header.p_info->key_size) >> 3; // change bits to bytes + + result = SaSi_AesSetKey(&p_ctx->any.context, + SASI_AES_USER_KEY, + &key_data, + sizeof(key_data)); + ret_val = result_get(result); + +exit: + cc310_backend_mutex_unlock(); + return ret_val; +} + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CBC) || \ + NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CTR) || \ + NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CBC_MAC) +static ret_code_t backend_cc310_iv_set(void * const p_context, uint8_t * p_iv) +{ + SaSiError_t result; + ret_code_t ret_val; + bool mutex_locked; + + nrf_crypto_backend_cc310_aes_context_t * p_ctx = + (nrf_crypto_backend_cc310_aes_context_t *)p_context; + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + if (!nrfx_is_in_ram(p_iv)) + { + ret_val = NRF_ERROR_CRYPTO_INPUT_LOCATION; + goto exit; + } + + result = SaSi_AesSetIv(&p_ctx->any.context, p_iv); + ret_val = result_get(result); + +exit: + cc310_backend_mutex_unlock(); + return ret_val; +} + +static ret_code_t backend_cc310_iv_get(void * const p_context, uint8_t * p_iv) +{ + SaSiError_t result; + ret_code_t ret_val = NRF_ERROR_CRYPTO_INTERNAL; + bool mutex_locked; + + nrf_crypto_backend_cc310_aes_context_t * p_ctx = + (nrf_crypto_backend_cc310_aes_context_t *)p_context; + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + if (!nrfx_is_in_ram(p_iv)) + { + ret_val = NRF_ERROR_CRYPTO_INPUT_LOCATION; + goto exit; + } + + result = SaSi_AesGetIv(&p_ctx->any.context, p_iv); + + /* Below code allows to read IV after calling nrf_crypto_aes_finalize */ + if (result == SASI_AES_ILLEGAL_OPERATION_MODE_ERROR) + { + if (p_ctx->any.header.init_value == NRF_CRYPTO_AES_UNINIT_MAGIC_VALUE) + { + memcpy(p_iv, p_ctx->any.backend.iv, NRF_CRYPTO_MBEDTLS_AES_IV_SIZE); + ret_val = NRF_SUCCESS; + } + } + else + { + ret_val = result_get(result); + } + +exit: + cc310_backend_mutex_unlock(); + return ret_val; +} +#endif + +static ret_code_t backend_cc310_update(void * const p_context, + uint8_t * p_data_in, + size_t data_size, + uint8_t * p_data_out) +{ + SaSiError_t result; + ret_code_t ret_val; + bool mutex_locked; + size_t size; + size_t offset = 0; + + nrf_crypto_backend_cc310_aes_context_t * p_ctx = + (nrf_crypto_backend_cc310_aes_context_t *)p_context; + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + if (!nrfx_is_in_ram(p_data_in) || !nrfx_is_in_ram(p_data_out)) + { + ret_val = NRF_ERROR_CRYPTO_INPUT_LOCATION; + goto exit; + } + + do + { + /* CC310 allows only 64kB blocks, operation must be devided */ + if (data_size > CC310_MAX_LENGTH_DMA_AES_OPERATIONS) + { + size = CC310_MAX_LENGTH_DMA_AES_OPERATIONS; + data_size -= CC310_MAX_LENGTH_DMA_AES_OPERATIONS; + } + else + { + size = data_size; + data_size = 0; + } + + cc310_backend_enable(); + + if (p_ctx->any.backend.operation == NRF_CRYPTO_MAC_CALCULATE) + { + result = SaSi_AesBlock(&p_ctx->any.context, + p_data_in + offset, + size, + p_data_out); + } + else + { + result = SaSi_AesBlock(&p_ctx->any.context, + p_data_in + offset, + size, + p_data_out + offset); + } + + cc310_backend_disable(); + + offset += size; + ret_val = result_get(result); + + } while ((data_size > 0) && (ret_val == NRF_SUCCESS)); + +exit: + cc310_backend_mutex_unlock(); + return ret_val; +} + +static ret_code_t backend_cc310_finalize(void * const p_context, + uint8_t * p_data_in, + size_t data_size, + uint8_t * p_data_out, + size_t * p_data_out_size) +{ + SaSiError_t result; + ret_code_t ret_val; + bool mutex_locked; + size_t size; + size_t offset = 0; + + nrf_crypto_backend_cc310_aes_context_t * p_ctx = + (nrf_crypto_backend_cc310_aes_context_t *)p_context; + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + if (*p_data_out_size < data_size) + { + ret_val = NRF_ERROR_CRYPTO_OUTPUT_LENGTH; + goto exit; + } + + /* This function does not support padding */ + if (((data_size & 0xF) != 0) && + (p_ctx->any.header.p_info->mode != NRF_CRYPTO_AES_MODE_CTR)) + { + ret_val = NRF_ERROR_CRYPTO_INPUT_LENGTH; + goto exit; + } + + if (!nrfx_is_in_ram(p_data_in) || !nrfx_is_in_ram(p_data_out)) + { + ret_val = NRF_ERROR_CRYPTO_INPUT_LOCATION; + goto exit; + } + + /* CC310 allows only 64kB blocks, operation must be devided */ + while (data_size > CC310_MAX_LENGTH_DMA_AES_OPERATIONS) + { + size = CC310_MAX_LENGTH_DMA_AES_OPERATIONS; + data_size -= CC310_MAX_LENGTH_DMA_AES_OPERATIONS; + + cc310_backend_enable(); + + result = SaSi_AesBlock(&p_ctx->any.context, + p_data_in + offset, + size, + p_data_out + offset); + + cc310_backend_disable(); + + offset += size; + ret_val = result_get(result); + + if (ret_val != NRF_SUCCESS) + { + goto exit; + } + } + + /* Calculate space in the output buffer */ + *p_data_out_size -= offset; + + cc310_backend_enable(); + + result = SaSi_AesFinish(&p_ctx->any.context, + data_size, + p_data_in + offset, + data_size, + p_data_out + offset, + p_data_out_size); + + cc310_backend_disable(); + + ret_val = result_get(result); + + if (ret_val == NRF_SUCCESS) + { + /* update information about size of encrypted data */ + *p_data_out_size += offset; + } + + /* Store IV value in case it will be needed after finalize operation */ + if ((p_ctx->any.header.p_info->mode == NRF_CRYPTO_AES_MODE_CBC) || + (p_ctx->any.header.p_info->mode == NRF_CRYPTO_AES_MODE_CTR)) + { + result = SaSi_AesGetIv(&p_ctx->any.context, &p_ctx->any.backend.iv[0]); + ret_val = result_get(result); + } + +exit: + cc310_backend_mutex_unlock(); + return ret_val; +} + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CMAC) || \ + NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CBC_MAC) +static ret_code_t backend_cc310_mac_finalize(void * const p_context, + uint8_t * p_data_in, + size_t data_size, + uint8_t * p_data_out, + size_t * p_data_out_size) +{ + SaSiError_t result; + ret_code_t ret_val; + bool mutex_locked; + size_t size; + size_t offset = 0; + + nrf_crypto_backend_cc310_aes_context_t * p_ctx = + (nrf_crypto_backend_cc310_aes_context_t *)p_context; + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + if (*p_data_out_size < NRF_CRYPTO_AES_BLOCK_SIZE) + { + ret_val = NRF_ERROR_CRYPTO_OUTPUT_LENGTH; + goto exit; + } + + if (!nrfx_is_in_ram(p_data_in) || !nrfx_is_in_ram(p_data_out)) + { + ret_val = NRF_ERROR_CRYPTO_INPUT_LOCATION; + goto exit; + } + + /* This function does not support padding for CBC-MAC */ + if (((data_size & 0xF) != 0) && + (NRF_CRYPTO_AES_MODE_CBC_MAC == p_ctx->any.header.p_info->mode)) + { + ret_val = NRF_ERROR_CRYPTO_INPUT_LENGTH; + goto exit; + } + + /* CC310 allows only 64kB blocks, operation must be devided */ + while (data_size > CC310_MAX_LENGTH_DMA_AES_OPERATIONS) + { + size = CC310_MAX_LENGTH_DMA_AES_OPERATIONS; + data_size -= CC310_MAX_LENGTH_DMA_AES_OPERATIONS; + + cc310_backend_enable(); + + result = SaSi_AesBlock(&p_ctx->any.context, + p_data_in + offset, + size, + p_data_out); + + cc310_backend_disable(); + + offset += size; + ret_val = result_get(result); + + if (ret_val != NRF_SUCCESS) + { + goto exit; + } + } + + cc310_backend_enable(); + + result = SaSi_AesFinish(&p_ctx->any.context, + data_size, + p_data_in + offset, + data_size, + p_data_out, + p_data_out_size); + + cc310_backend_disable(); + + ret_val = result_get(result); + + if (ret_val == NRF_SUCCESS) + { + /* update information about size of encrypted data */ + *p_data_out_size = NRF_CRYPTO_AES_BLOCK_SIZE; + } + + /* Store IV value in case it will be needed after finalize operation */ + if (p_ctx->any.header.p_info->mode == NRF_CRYPTO_AES_MODE_CBC_MAC_PAD_PCKS7) + { + result = SaSi_AesGetIv(&p_ctx->any.context, &p_ctx->any.backend.iv[0]); + ret_val = result_get(result); + } + +exit: + cc310_backend_mutex_unlock(); + return ret_val; +} +#endif + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CBC_MAC) +static ret_code_t backend_cc310_cbc_mac_padding_finalize(void * const p_context, + uint8_t * p_data_in, + size_t data_size, + uint8_t * p_data_out, + size_t * p_data_out_size) +{ + ret_code_t ret_val; + uint8_t padding_buffer[NRF_CRYPTO_AES_BLOCK_SIZE] = {0}; + uint8_t msg_ending = (uint8_t)(data_size & (size_t)0x0F); + + if (*p_data_out_size < NRF_CRYPTO_AES_BLOCK_SIZE) + { + /* output buffer too small */ + return NRF_ERROR_CRYPTO_OUTPUT_LENGTH; + } + + data_size -= msg_ending; + + if (data_size > 0) + { + ret_val = backend_cc310_update(p_context, + p_data_in, + data_size, + p_data_out); + VERIFY_SUCCESS(ret_val); + } + + ret_val = padding_pkcs7_add(&padding_buffer[0], + p_data_in + data_size, + msg_ending); + VERIFY_SUCCESS(ret_val); + + ret_val = backend_cc310_mac_finalize(p_context, + &padding_buffer[0], + NRF_CRYPTO_AES_BLOCK_SIZE, + p_data_out, + p_data_out_size); + VERIFY_SUCCESS(ret_val); + + return ret_val; +} +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CBC) || \ + NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_ECB) +static ret_code_t backend_cc310_padding_finalize(void * const p_context, + uint8_t * p_data_in, + size_t data_size, + uint8_t * p_data_out, + size_t * p_data_out_size) +{ + SaSiError_t result; + ret_code_t ret_val; + uint8_t padding_buffer[NRF_CRYPTO_AES_BLOCK_SIZE] = {0}; + uint8_t msg_ending = (uint8_t)(data_size & (size_t)0x0F); + size_t buff_out_size; + + nrf_crypto_backend_cc310_aes_context_t * p_ctx = + (nrf_crypto_backend_cc310_aes_context_t *)p_context; + + if (p_ctx->any.backend.operation == NRF_CRYPTO_DECRYPT) + { + ret_val = backend_cc310_finalize(p_context, + p_data_in, + data_size, + p_data_out, + p_data_out_size); + VERIFY_SUCCESS(ret_val); + + + ret_val = padding_pkcs7_remove(p_data_out, + p_data_out_size); + return ret_val; + } + + /* -------------- ENCRYPTION --------------*/ + data_size -= msg_ending; + + if (*p_data_out_size < (data_size + NRF_CRYPTO_AES_BLOCK_SIZE)) + { + /* no space for padding */ + return NRF_ERROR_CRYPTO_OUTPUT_LENGTH; + } + + if (data_size > 0) + { + ret_val = backend_cc310_update(p_context, + p_data_in, + data_size, + p_data_out); + VERIFY_SUCCESS(ret_val); + } + + ret_val = padding_pkcs7_add(&padding_buffer[0], + p_data_in + data_size, + msg_ending); + VERIFY_SUCCESS(ret_val); + + buff_out_size = *p_data_out_size - data_size; + + ret_val = backend_cc310_finalize(p_context, + &padding_buffer[0], + NRF_CRYPTO_AES_BLOCK_SIZE, + p_data_out + data_size, + &buff_out_size); + VERIFY_SUCCESS(ret_val); + + *p_data_out_size = buff_out_size + data_size; + + /* Store IV value in case it will be needed after finalize operation */ + if (p_ctx->any.header.p_info->mode == NRF_CRYPTO_AES_MODE_CBC_PAD_PCKS7) + { + result = SaSi_AesGetIv(&p_ctx->any.context, &p_ctx->any.backend.iv[0]); + ret_val = result_get(result); + } + + return ret_val; +} +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CBC) +nrf_crypto_aes_info_t const g_nrf_crypto_aes_cbc_128_info = +{ + .mode = NRF_CRYPTO_AES_MODE_CBC, + .key_size = NRF_CRYPTO_KEY_SIZE_128, + .context_size = sizeof(nrf_crypto_backend_aes_cbc_context_t), + + .init_fn = backend_cc310_init, + .uninit_fn = backend_cc310_uninit, + .key_set_fn = backend_cc310_key_set, + .iv_set_fn = backend_cc310_iv_set, + .iv_get_fn = backend_cc310_iv_get, + .update_fn = backend_cc310_update, + .finalize_fn = backend_cc310_finalize +}; + +nrf_crypto_aes_info_t const g_nrf_crypto_aes_cbc_128_pad_pkcs7_info = +{ + .mode = NRF_CRYPTO_AES_MODE_CBC_PAD_PCKS7, + .key_size = NRF_CRYPTO_KEY_SIZE_128, + .context_size = sizeof(nrf_crypto_backend_aes_cbc_context_t), + + .init_fn = backend_cc310_init, + .uninit_fn = backend_cc310_uninit, + .key_set_fn = backend_cc310_key_set, + .iv_set_fn = backend_cc310_iv_set, + .iv_get_fn = backend_cc310_iv_get, + .update_fn = backend_cc310_update, + .finalize_fn = backend_cc310_padding_finalize +}; +#endif + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CTR) +nrf_crypto_aes_info_t const g_nrf_crypto_aes_ctr_128_info = +{ + .mode = NRF_CRYPTO_AES_MODE_CTR, + .key_size = NRF_CRYPTO_KEY_SIZE_128, + .context_size = sizeof(nrf_crypto_backend_aes_ctr_context_t), + + .init_fn = backend_cc310_init, + .uninit_fn = backend_cc310_uninit, + .key_set_fn = backend_cc310_key_set, + .iv_set_fn = backend_cc310_iv_set, + .iv_get_fn = backend_cc310_iv_get, + .update_fn = backend_cc310_update, + .finalize_fn = backend_cc310_finalize +}; +#endif + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_ECB) +nrf_crypto_aes_info_t const g_nrf_crypto_aes_ecb_128_info = +{ + .mode = NRF_CRYPTO_AES_MODE_ECB, + .key_size = NRF_CRYPTO_KEY_SIZE_128, + .context_size = sizeof(nrf_crypto_backend_aes_ecb_context_t), + + .init_fn = backend_cc310_init, + .uninit_fn = backend_cc310_uninit, + .key_set_fn = backend_cc310_key_set, + .iv_set_fn = NULL, + .iv_get_fn = NULL, + .update_fn = backend_cc310_update, + .finalize_fn = backend_cc310_finalize +}; + +nrf_crypto_aes_info_t const g_nrf_crypto_aes_ecb_128_pad_pkcs7_info = +{ + .mode = NRF_CRYPTO_AES_MODE_ECB_PAD_PCKS7, + .key_size = NRF_CRYPTO_KEY_SIZE_128, + .context_size = sizeof(nrf_crypto_backend_aes_ecb_context_t), + + .init_fn = backend_cc310_init, + .uninit_fn = backend_cc310_uninit, + .key_set_fn = backend_cc310_key_set, + .iv_set_fn = NULL, + .iv_get_fn = NULL, + .update_fn = backend_cc310_update, + .finalize_fn = backend_cc310_padding_finalize +}; +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CBC_MAC) +nrf_crypto_aes_info_t const g_nrf_crypto_aes_cbc_mac_128_info = +{ + .mode = NRF_CRYPTO_AES_MODE_CBC_MAC, + .key_size = NRF_CRYPTO_KEY_SIZE_128, + .context_size = sizeof(nrf_crypto_backend_aes_cbc_mac_context_t), + + .init_fn = backend_cc310_init, + .uninit_fn = backend_cc310_uninit, + .key_set_fn = backend_cc310_key_set, + .iv_set_fn = backend_cc310_iv_set, + .iv_get_fn = backend_cc310_iv_get, + .update_fn = backend_cc310_update, + .finalize_fn = backend_cc310_mac_finalize +}; + +nrf_crypto_aes_info_t const g_nrf_crypto_aes_cbc_mac_128_pad_pkcs7_info = +{ + .mode = NRF_CRYPTO_AES_MODE_CBC_MAC_PAD_PCKS7, + .key_size = NRF_CRYPTO_KEY_SIZE_128, + .context_size = sizeof(nrf_crypto_backend_aes_cbc_mac_context_t), + + .init_fn = backend_cc310_init, + .uninit_fn = backend_cc310_uninit, + .key_set_fn = backend_cc310_key_set, + .iv_set_fn = backend_cc310_iv_set, + .iv_get_fn = backend_cc310_iv_get, + .update_fn = backend_cc310_update, + .finalize_fn = backend_cc310_cbc_mac_padding_finalize +}; +#endif + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CMAC) +nrf_crypto_aes_info_t const g_nrf_crypto_aes_cmac_128_info = +{ + .mode = NRF_CRYPTO_AES_MODE_CMAC, + .key_size = NRF_CRYPTO_KEY_SIZE_128, + .context_size = sizeof(nrf_crypto_backend_aes_cmac_context_t), + + .init_fn = backend_cc310_init, + .uninit_fn = backend_cc310_uninit, + .key_set_fn = backend_cc310_key_set, + .iv_set_fn = NULL, + .iv_get_fn = NULL, + .update_fn = backend_cc310_update, + .finalize_fn = backend_cc310_mac_finalize +}; +#endif + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_AES_BACKEND_CC310) +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) + diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_aes.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_aes.h new file mode 100644 index 0000000..e7127a3 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_aes.h @@ -0,0 +1,187 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#ifndef CC310_BACKEND_AES_H__ +#define CC310_BACKEND_AES_H__ + +/** @file + * + * @defgroup nrf_crypto_cc310_backend_aes nrf_crypto CC310 backend AES + * @{ + * @ingroup nrf_crypto_cc310_backend + * + * @brief AES functionality provided by the nrf_crypto CC310 backend. + */ + +#include "sdk_config.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) || defined(__SDK_DOXYGEN__) + +#include "ssi_aes.h" +#include "nrf_crypto_error.h" +#include "nrf_crypto_types.h" +#include "nrf_crypto_aes_shared.h" + +#ifdef __cplusplus +extern "C" { +#endif + + +/* AES CBC */ +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CBC) +#if NRF_MODULE_ENABLED(NRF_CRYPTO_AES_CBC) +#error "Duplicate definition of AES CBC mode. More than one backend enabled"); +#endif +#define NRF_CRYPTO_AES_CBC_ENABLED 1 +#undef NRF_CRYPTO_AES_ENABLED +#define NRF_CRYPTO_AES_ENABLED 1 // Flag that nrf_crypto_aes frontend can be compiled +#undef NRF_CRYPTO_CC310_AES_ENABLED +#define NRF_CRYPTO_CC310_AES_ENABLED 1 + +/* define for test purposes */ +#define NRF_CRYPTO_AES_CBC_128_ENABLED 1 + +typedef struct +{ + nrf_crypto_aes_internal_context_t header; /**< Common header for context. */ + SaSiAesUserContext_t context; /**< AES context internal to CC310. */ + nrf_crypto_backend_aes_ctx_t backend; +} nrf_crypto_backend_aes_cbc_context_t; +#endif + +/* AES CTR */ +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CTR) +#if NRF_MODULE_ENABLED(NRF_CRYPTO_AES_CTR) +#error "Duplicate definition of AES CTR mode. More than one backend enabled"); +#endif +#define NRF_CRYPTO_AES_CTR_ENABLED 1 +#undef NRF_CRYPTO_AES_ENABLED +#define NRF_CRYPTO_AES_ENABLED 1 // Flag that nrf_crypto_aes frontend can be compiled +#undef NRF_CRYPTO_CC310_AES_ENABLED +#define NRF_CRYPTO_CC310_AES_ENABLED 1 + +/* define for test purposes */ +#define NRF_CRYPTO_AES_CTR_128_ENABLED 1 + +typedef struct +{ + nrf_crypto_aes_internal_context_t header; /**< Common header for context. */ + SaSiAesUserContext_t context; /**< AES context internal to CC310. */ + nrf_crypto_backend_aes_ctx_t backend; +} nrf_crypto_backend_aes_ctr_context_t; +#endif + +/* AES ECB */ +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_ECB) +#if NRF_MODULE_ENABLED(NRF_CRYPTO_AES_ECB) +#error "Duplicate definition of AES ECB mode. More than one backend enabled"); +#endif +#define NRF_CRYPTO_AES_ECB_ENABLED 1 +#undef NRF_CRYPTO_AES_ENABLED +#define NRF_CRYPTO_AES_ENABLED 1 // Flag that nrf_crypto_aes frontend can be compiled +#undef NRF_CRYPTO_CC310_AES_ENABLED +#define NRF_CRYPTO_CC310_AES_ENABLED 1 + +/* define for test purposes */ +#define NRF_CRYPTO_AES_ECB_128_ENABLED 1 + +typedef struct +{ + nrf_crypto_aes_internal_context_t header; /**< Common header for context. */ + SaSiAesUserContext_t context; /**< AES context internal to CC310. */ + nrf_crypto_backend_no_iv_aes_ctx_t backend; +} nrf_crypto_backend_aes_ecb_context_t; +#endif + + +/* AES CBC_MAC */ +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CBC_MAC) +#if NRF_MODULE_ENABLED(NRF_CRYPTO_AES_CBC_MAC) +#error "Duplicate definition of AES CBC_MAC mode. More than one backend enabled"); +#endif +#define NRF_CRYPTO_AES_CBC_MAC_ENABLED 1 +#undef NRF_CRYPTO_AES_ENABLED +#define NRF_CRYPTO_AES_ENABLED 1 // Flag that nrf_crypto_aes frontend can be compiled +#undef NRF_CRYPTO_CC310_AES_ENABLED +#define NRF_CRYPTO_CC310_AES_ENABLED 1 + +/* define for test purposes */ +#define NRF_CRYPTO_AES_CBC_MAC_128_ENABLED 1 + +typedef struct +{ + nrf_crypto_aes_internal_context_t header; /**< Common header for context. */ + SaSiAesUserContext_t context; /**< AES context internal to CC310. */ + nrf_crypto_backend_aes_ctx_t backend; +} nrf_crypto_backend_aes_cbc_mac_context_t; +#endif + +/* AES CMAC */ +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CMAC) +#if NRF_MODULE_ENABLED(NRF_CRYPTO_AES_CMAC) +#error "Duplicate definition of AES CMAC mode. More than one backend enabled"); +#endif +#define NRF_CRYPTO_AES_CMAC_ENABLED 1 +#undef NRF_CRYPTO_AES_ENABLED +#define NRF_CRYPTO_AES_ENABLED 1 // Flag that nrf_crypto_aes frontend can be compiled +#undef NRF_CRYPTO_CC310_AES_ENABLED +#define NRF_CRYPTO_CC310_AES_ENABLED 1 + +/* define for test purposes */ +#define NRF_CRYPTO_AES_CMAC_128_ENABLED 1 + +typedef struct +{ + nrf_crypto_aes_internal_context_t header; /**< Common header for context. */ + SaSiAesUserContext_t context; /**< AES context internal to CC310. */ + nrf_crypto_backend_no_iv_aes_ctx_t backend; +} nrf_crypto_backend_aes_cmac_context_t; + +#endif + +#ifdef __cplusplus +} +#endif + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +/** @} */ + +#endif // CC310_BACKEND_AES_H__ diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_aes_aead.c b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_aes_aead.c new file mode 100644 index 0000000..e8e312e --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_aes_aead.c @@ -0,0 +1,366 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include "sdk_common.h" +#include <drivers/nrfx_common.h> +#if NRF_MODULE_ENABLED(NRF_CRYPTO) + +#include <stdbool.h> +#include "crys_aesccm_error.h" +#include "cc310_backend_aes_aead.h" +#include "cc310_backend_mutex.h" +#include "cc310_backend_shared.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_CC310_AES_AEAD) + +/**@internal @brief Type declaration of a template suiting all possible context sizes + * for this backend. + */ +typedef struct +{ + nrf_crypto_aead_internal_context_t header; /**< Common header for context. */ + CRYS_AESCCM_UserContext_t context; + uint8_t key[16]; /**< Only supported key size by CC310 is 128 bit */ +} nrf_crypto_backend_cc310_aes_aead_context_t; + +static ret_code_t result_get(CRYSError_t error) +{ + ret_code_t ret_val; + + switch (error) + { + case CRYS_OK: + ret_val = NRF_SUCCESS; + break; + + case CRYS_AESCCM_INVALID_USER_CONTEXT_POINTER_ERROR: + ret_val = NRF_ERROR_CRYPTO_CONTEXT_NULL; + break; + + case CRYS_AESCCM_ILLEGAL_KEY_SIZE_ERROR: + ret_val = NRF_ERROR_CRYPTO_KEY_SIZE; + break; + + case CRYS_AESCCM_ILLEGAL_TAG_SIZE_ERROR: + ret_val = NRF_ERROR_CRYPTO_AEAD_MAC_SIZE; + break; + + case CRYS_AESCCM_ILLEGAL_NONCE_SIZE_ERROR: + ret_val = NRF_ERROR_CRYPTO_AEAD_NONCE_SIZE; + break; + + case CRYS_AESCCM_ILLEGAL_PARAMETER_SIZE_ERROR: + case CRYS_AESCCM_DATA_IN_SIZE_ILLEGAL: + ret_val = NRF_ERROR_CRYPTO_INPUT_LENGTH; + break; + + case CRYS_AESCCM_INVALID_KEY_POINTER_ERROR: + case CRYS_AESCCM_ILLEGAL_PARAMETER_PTR_ERROR: + case CRYS_AESCCM_DATA_IN_POINTER_INVALID_ERROR: + ret_val = NRF_ERROR_CRYPTO_INPUT_NULL; + break; + + case CRYS_AESCCM_IS_NOT_SUPPORTED: + case CRYS_AESCCM_INVALID_ENCRYPT_MODE_ERROR: + ret_val = NRF_ERROR_CRYPTO_FEATURE_UNAVAILABLE; + break; + + case CRYS_AESCCM_DATA_OUT_SIZE_INVALID_ERROR: + ret_val = NRF_ERROR_CRYPTO_OUTPUT_LENGTH; + break; + + case CRYS_AESCCM_DATA_OUT_POINTER_INVALID_ERROR: + ret_val = NRF_ERROR_CRYPTO_OUTPUT_NULL; + break; + + case CRYS_AESCCM_ILLEGAL_PARAMETER_ERROR: + ret_val = NRF_ERROR_CRYPTO_INVALID_PARAM; + break; + + case CRYS_AESCCM_CCM_MAC_INVALID_ERROR: + ret_val = NRF_ERROR_CRYPTO_AEAD_INVALID_MAC; + break; + + case CRYS_AESCCM_CTX_SIZES_ERROR: + default: + ret_val = NRF_ERROR_CRYPTO_INTERNAL; + break; + } + return ret_val; +} + +static ret_code_t backend_cc310_init(void * const p_context, uint8_t * p_key) +{ + ret_code_t ret_val; + + nrf_crypto_backend_cc310_aes_aead_context_t * p_ctx = + (nrf_crypto_backend_cc310_aes_aead_context_t *)p_context; + + if (!nrfx_is_in_ram(p_ctx)) + { + return NRF_ERROR_CRYPTO_INPUT_LOCATION; + } + if (p_ctx->header.p_info->key_size != NRF_CRYPTO_KEY_SIZE_128) + { + return NRF_ERROR_CRYPTO_KEY_SIZE; + } + + switch (p_ctx->header.p_info->mode) + { +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CCM) + case NRF_CRYPTO_AEAD_MODE_AES_CCM: + ret_val = NRF_SUCCESS; + break; +#endif + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CCM_STAR) + case NRF_CRYPTO_AEAD_MODE_AES_CCM_STAR: + ret_val = NRF_SUCCESS; + break; +#endif + + default: + return NRF_ERROR_CRYPTO_FEATURE_UNAVAILABLE; + } + + memcpy(p_ctx->key, p_key, sizeof(p_ctx->key)); + + return ret_val; +} + +static ret_code_t backend_cc310_uninit(void * const p_context) +{ + nrf_crypto_backend_cc310_aes_aead_context_t * p_ctx = + (nrf_crypto_backend_cc310_aes_aead_context_t *)p_context; + + memset(&p_ctx->context, 0, sizeof(CRYS_AESCCM_UserContext_t)); + + return NRF_SUCCESS; +} + +static ret_code_t backend_cc310_crypt(void * const p_context, + nrf_crypto_operation_t operation, + uint8_t * p_nonce, + uint8_t nonce_size, + uint8_t * p_adata, + size_t adata_size, + uint8_t * p_data_in, + size_t data_in_size, + uint8_t * p_data_out, + uint8_t * p_mac, + uint8_t mac_size) + +{ + uint32_t mode; + CRYSError_t result; + ret_code_t ret_val; + bool mutex_locked; + + SaSiAesEncryptMode_t operation_cc310; + CRYS_AESCCM_Mac_Res_t mac_buffer; + + nrf_crypto_backend_cc310_aes_aead_context_t * p_ctx = + (nrf_crypto_backend_cc310_aes_aead_context_t *)p_context; + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + if (!nrfx_is_in_ram(p_adata) && (adata_size > 0)) + { + ret_val = NRF_ERROR_CRYPTO_INPUT_LOCATION; + goto exit; + } + + /* CC310 supports: CCM & CCM*, where nonce_size must be > 0, so p_nonce must always + point to RAM. */ + if (!nrfx_is_in_ram(p_nonce) || + !nrfx_is_in_ram(p_data_in) || + !nrfx_is_in_ram(p_data_out) || + !nrfx_is_in_ram(p_mac)) + { + ret_val = NRF_ERROR_CRYPTO_INPUT_LOCATION; + goto exit; + } + + if (operation == NRF_CRYPTO_DECRYPT) + { + operation_cc310 = SASI_AES_DECRYPT; + } + else if (operation == NRF_CRYPTO_ENCRYPT) + { + operation_cc310 = SASI_AES_ENCRYPT; + } + else + { + ret_val = NRF_ERROR_CRYPTO_INVALID_PARAM; + goto exit; + } + + if (p_ctx->header.p_info->mode == NRF_CRYPTO_AEAD_MODE_AES_CCM) + { + mode = CRYS_AESCCM_MODE_CCM; + + /* Allowed MAC size in CCM mode: [4, 6, 8, 10, 12, 14, 16] */ + if ((mac_size < NRF_CRYPTO_AES_CCM_MAC_MIN) || + (mac_size > NRF_CRYPTO_AES_CCM_MAC_MAX) || + ((mac_size & 0x01) != 0)) + { + ret_val = NRF_ERROR_CRYPTO_AEAD_MAC_SIZE; + goto exit; + } + + if ((nonce_size < NRF_CRYPTO_AES_CCM_NONCE_SIZE_MIN) || + (nonce_size > NRF_CRYPTO_AES_CCM_NONCE_SIZE_MAX)) + { + ret_val = NRF_ERROR_CRYPTO_AEAD_NONCE_SIZE; + goto exit; + } + } + else + { + mode = CRYS_AESCCM_MODE_STAR; + + /* Allowed MAC size in CCM* mode: [0, 4, 8, 16] */ + if ((mac_size | NRF_CRYPTO_AES_CCM_STAR_MAC_BITMASK) != NRF_CRYPTO_AES_CCM_STAR_MAC_BITMASK) + { + ret_val = NRF_ERROR_CRYPTO_AEAD_MAC_SIZE; + goto exit; + } + + /* Allowed nonce size in CCM* mode: [13] */ + if (nonce_size != NRF_CRYPTO_AES_CCM_STAR_NONCE_SIZE) + { + ret_val = NRF_ERROR_CRYPTO_AEAD_NONCE_SIZE; + goto exit; + } + } + + cc310_backend_enable(); + + result = CC_AESCCM_Init(&p_ctx->context, + operation_cc310, + p_ctx->key, + CRYS_AES_Key128BitSize, // the only allowed key size for CC310 + (uint32_t)adata_size, + (uint32_t)data_in_size, + p_nonce, + nonce_size, + mac_size, + mode); + + cc310_backend_disable(); + + ret_val = result_get(result); + + if (ret_val != NRF_SUCCESS) + { + goto exit; + } + + if ((adata_size > 0) && (p_adata != NULL)) + { + cc310_backend_enable(); + + result = CRYS_AESCCM_BlockAdata(&p_ctx->context, + p_adata, + (uint32_t)adata_size); + + cc310_backend_disable(); + + ret_val = result_get(result); + + if (ret_val != NRF_SUCCESS) + { + goto exit; + } + } + + /* CC310 backend always needs 16 bytes buffer for MAC calculation. */ + memcpy(mac_buffer, p_mac, mac_size); + + cc310_backend_enable(); + + result = CRYS_AESCCM_Finish(&p_ctx->context, + p_data_in, + (uint32_t)data_in_size, + p_data_out, + mac_buffer, + &mac_size); + + cc310_backend_disable(); + + ret_val = result_get(result); + if (ret_val == NRF_SUCCESS) + { + memcpy(p_mac, mac_buffer, mac_size); + } + +exit: + cc310_backend_mutex_unlock(); + return ret_val; +} + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CCM) +nrf_crypto_aead_info_t const g_nrf_crypto_aes_ccm_128_info = +{ + .key_size = NRF_CRYPTO_KEY_SIZE_128, + .mode = NRF_CRYPTO_AEAD_MODE_AES_CCM, + + .init_fn = backend_cc310_init, + .uninit_fn = backend_cc310_uninit, + .crypt_fn = backend_cc310_crypt +}; +#endif + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CCM_STAR) +nrf_crypto_aead_info_t const g_nrf_crypto_aes_ccm_star_128_info = +{ + .key_size = NRF_CRYPTO_KEY_SIZE_128, + .mode = NRF_CRYPTO_AEAD_MODE_AES_CCM_STAR, + + .init_fn = backend_cc310_init, + .uninit_fn = backend_cc310_uninit, + .crypt_fn = backend_cc310_crypt +}; +#endif + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_CC310_AES_AEAD) +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) + diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_aes_aead.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_aes_aead.h new file mode 100644 index 0000000..34622d9 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_aes_aead.h @@ -0,0 +1,124 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#ifndef CC310_BACKEND_AES_AEAD_H__ +#define CC310_BACKEND_AES_AEAD_H__ + +/** @file + * + * @defgroup nrf_crypto_cc310_backend_aes_aead nrf_crypto CC310 backend AES AEAD + * @{ + * @ingroup nrf_crypto_cc310_backend + * + * @brief AES AEAD functionality provided by the nrf_crypto CC310 backend. + */ + +#include "sdk_config.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +#include "crys_aesccm.h" +#include "nrf_crypto_error.h" +#include "nrf_crypto_types.h" +#include "nrf_crypto_aead_shared.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#define NRF_CRYPTO_CC310_AES_BACKEND_KEY_SIZE (16) + + +/* AES CCM */ +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CCM) +#if NRF_MODULE_ENABLED(NRF_CRYPTO_AES_CCM) +#error "Duplicate definition of AES CCM mode. More than one backend enabled"); +#endif +#define NRF_CRYPTO_AES_CCM_ENABLED 1 +#undef NRF_CRYPTO_AEAD_ENABLED +#define NRF_CRYPTO_AEAD_ENABLED 1 // Flag that nrf_crypto_aead frontend can be compiled +#undef NRF_CRYPTO_CC310_AES_AEAD_ENABLED +#define NRF_CRYPTO_CC310_AES_AEAD_ENABLED 1 // aead backend for cc310 can be compiled + +/* define for test purposes */ +#define NRF_CRYPTO_AES_CCM_128_ENABLED 1 + +typedef struct +{ + nrf_crypto_aead_internal_context_t header; /**< Common header for context. */ + CRYS_AESCCM_UserContext_t context; /**< AES CCM context internal to CC310. */ + + uint8_t key[NRF_CRYPTO_CC310_AES_BACKEND_KEY_SIZE]; +} nrf_crypto_backend_aes_ccm_context_t; +#endif + +/* AES CCM* (CCM STAR) */ +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_AES_CCM_STAR) +#if NRF_MODULE_ENABLED(NRF_CRYPTO_AES_CCM_STAR) +#error "Duplicate definition of AES CCM* (star) mode. More than one backend enabled"); +#endif +#define NRF_CRYPTO_AES_CCM_STAR_ENABLED 1 +#undef NRF_CRYPTO_AEAD_ENABLED +#define NRF_CRYPTO_AEAD_ENABLED 1 // Flag that nrf_crypto_aes_aead frontend can be compiled +#undef NRF_CRYPTO_CC310_AES_AEAD_ENABLED +#define NRF_CRYPTO_CC310_AES_AEAD_ENABLED 1 // aead backend for cc310 can be compiled + +/* define for test purposes */ +#define NRF_CRYPTO_AES_CCM_STAR_128_ENABLED 1 + +typedef struct +{ + nrf_crypto_aead_internal_context_t header; /**< Common header for context. */ + CRYS_AESCCM_UserContext_t context; /**< AES CCM context internal to CC310. */ + + uint8_t key[NRF_CRYPTO_CC310_AES_BACKEND_KEY_SIZE]; +} nrf_crypto_backend_aes_ccm_star_context_t; +#endif + +#ifdef __cplusplus +} +#endif + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +/** @} */ + +#endif // CC310_BACKEND_AES_AEAD_H__ + diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_chacha_poly_aead.c b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_chacha_poly_aead.c new file mode 100644 index 0000000..16ca026 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_chacha_poly_aead.c @@ -0,0 +1,214 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include "sdk_common.h" +#if NRF_MODULE_ENABLED(NRF_CRYPTO) + +#include <drivers/nrfx_common.h> +#include <stdbool.h> +#include "cc310_backend_mutex.h" +#include "crys_chacha_poly_error.h" +#include "cc310_backend_chacha_poly_aead.h" +#include "cc310_backend_shared.h" +#include "cc310_backend_shared.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_CC310_CHACHA_POLY_AEAD) + +static ret_code_t result_get(CRYSError_t error) +{ + ret_code_t ret_val; + + switch (error) + { + case CRYS_OK: + ret_val = NRF_SUCCESS; + break; + + /*! Invalid Additional data. */ + case CRYS_CHACHA_POLY_DATA_INVALID_ERROR: + case CRYS_CHACHA_POLY_ADATA_INVALID_ERROR: + ret_val = NRF_ERROR_CRYPTO_INPUT_NULL; + break; + + /*! Illegal encryption mode. */ + case CRYS_CHACHA_POLY_ENC_MODE_INVALID_ERROR: + ret_val = NRF_ERROR_CRYPTO_INVALID_PARAM; + break; + + /*! Illegal data size. */ + case CRYS_CHACHA_POLY_DATA_SIZE_INVALID_ERROR: + ret_val = NRF_ERROR_CRYPTO_INPUT_LENGTH; + break; + + /*! MAC comparison error. */ + case CRYS_CHACHA_POLY_MAC_ERROR: + ret_val = NRF_ERROR_CRYPTO_AEAD_INVALID_MAC; + break; + + default: + ret_val = NRF_ERROR_CRYPTO_INTERNAL; + break; + } + return ret_val; +} + +static ret_code_t backend_cc310_init(void * const p_context, uint8_t * p_key) +{ + nrf_crypto_backend_chacha_poly_context_t * p_ctx = + (nrf_crypto_backend_chacha_poly_context_t *)p_context; + + if (!nrfx_is_in_ram(p_ctx)) + { + return NRF_ERROR_CRYPTO_INPUT_LOCATION; + } + + if (p_ctx->header.p_info->key_size != NRF_CRYPTO_KEY_SIZE_256) + { + return NRF_ERROR_CRYPTO_KEY_SIZE; + } + + memcpy(p_ctx->key, p_key, sizeof(p_ctx->key)); + return NRF_SUCCESS; +} + +static inline ret_code_t backend_cc310_uninit(void * const p_context) +{ + return NRF_SUCCESS; +} + +static ret_code_t backend_cc310_crypt(void * const p_context, + nrf_crypto_operation_t operation, + uint8_t * p_nonce, + uint8_t nonce_size, + uint8_t * p_adata, + size_t adata_size, + uint8_t * p_data_in, + size_t data_in_size, + uint8_t * p_data_out, + uint8_t * p_mac, + uint8_t mac_size) + +{ + CRYSError_t result; + ret_code_t ret_val; + bool mutex_locked; + + CRYS_CHACHA_EncryptMode_t operation_cc310; + + nrf_crypto_backend_chacha_poly_context_t * p_ctx = + (nrf_crypto_backend_chacha_poly_context_t *)p_context; + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + if ((adata_size == 0) || (data_in_size == 0)) + { + ret_val = NRF_ERROR_CRYPTO_INPUT_LENGTH; + goto exit; + } + + if (mac_size != NRF_CRYPTO_CHACHA_POLY_MAC_SIZE) + { + ret_val = NRF_ERROR_CRYPTO_AEAD_MAC_SIZE; + goto exit; + } + + if (nonce_size != NRF_CRYPTO_CHACHA_POLY_NONCE_SIZE) + { + ret_val = NRF_ERROR_CRYPTO_AEAD_NONCE_SIZE; + goto exit; + } + + if (!nrfx_is_in_ram(p_data_in) || !nrfx_is_in_ram(p_data_out) || + !nrfx_is_in_ram(p_mac) || !nrfx_is_in_ram(p_adata) || + !nrfx_is_in_ram(p_nonce)) + { + ret_val = NRF_ERROR_CRYPTO_INPUT_LOCATION; + goto exit; + } + + if (operation == NRF_CRYPTO_DECRYPT) + { + operation_cc310 = CRYS_CHACHA_Decrypt; + } + else if (operation == NRF_CRYPTO_ENCRYPT) + { + operation_cc310 = CRYS_CHACHA_Encrypt; + } + else + { + ret_val = NRF_ERROR_CRYPTO_INVALID_PARAM; + goto exit; + } + + cc310_backend_enable(); + + result = CRYS_CHACHA_POLY(p_nonce, + p_ctx->key, + operation_cc310, + p_adata, + adata_size, + p_data_in, + data_in_size, + p_data_out, + (uint32_t *)p_mac); + cc310_backend_disable(); + + ret_val = result_get(result); + +exit: + cc310_backend_mutex_unlock(); + return ret_val; +} + +nrf_crypto_aead_info_t const g_nrf_crypto_chacha_poly_256_info = +{ + .key_size = NRF_CRYPTO_KEY_SIZE_256, + .mode = NRF_CRYPTO_AEAD_MODE_CHACHA_POLY, + + .init_fn = backend_cc310_init, + .uninit_fn = backend_cc310_uninit, + .crypt_fn = backend_cc310_crypt +}; + + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_CC310_CHACHA_POLY_AEAD) +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) + diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_chacha_poly_aead.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_chacha_poly_aead.h new file mode 100644 index 0000000..4c1edf9 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_chacha_poly_aead.h @@ -0,0 +1,99 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#ifndef CC310_BACKEND_CHACHA_POLY_AEAD_H__ +#define CC310_BACKEND_CHACHA_POLY_AEAD_H__ + +/** @file + * + * @defgroup nrf_crypto_cc310_backend_chacha_poly_aead nrf_crypto CC310 backend CHACHA_POLY AEAD + * @{ + * @ingroup nrf_crypto_cc310_backend + * + * @brief CHACHA_POLY AEAD functionality provided by the nrf_crypto CC310 backend. + */ + +#include "sdk_config.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +#include "crys_chacha_poly.h" +#include "nrf_crypto_error.h" +#include "nrf_crypto_types.h" +#include "nrf_crypto_aead_shared.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#define NRF_CRYPTO_CC310_CHACHA_POLY_BACKEND_KEY_SIZE (32) + +/* CHACHA-POLY */ +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_CHACHA_POLY) +#if NRF_MODULE_ENABLED(NRF_CRYPTO_CHACHA_POLY) +#error "Duplicate definition of CHACHA-POLY mode. More than one backend enabled"); +#endif +#define NRF_CRYPTO_CHACHA_POLY_ENABLED 1 +#undef NRF_CRYPTO_AEAD_ENABLED +#define NRF_CRYPTO_AEAD_ENABLED 1 // Flag that nrf_crypto_aead frontend can be compiled +#undef NRF_CRYPTO_CC310_CHACHA_POLY_AEAD_ENABLED +#define NRF_CRYPTO_CC310_CHACHA_POLY_AEAD_ENABLED 1 // aead backend for cc310 can be compiled + +/* defines for test purposes */ +#define NRF_CRYPTO_CHACHA_POLY_256_ENABLED 1 + +typedef struct +{ + nrf_crypto_aead_internal_context_t header; /**< Common header for context. */ + + uint8_t key[NRF_CRYPTO_CC310_CHACHA_POLY_BACKEND_KEY_SIZE]; +} nrf_crypto_backend_chacha_poly_context_t; +#endif + + +#ifdef __cplusplus +} +#endif + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +/** @} */ + +#endif // CC310_BACKEND_CHACHA_POLY_AEAD_H__ diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_ecc.c b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_ecc.c new file mode 100644 index 0000000..e93230c --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_ecc.c @@ -0,0 +1,464 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include "sdk_config.h" +#include "nordic_common.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +#include <string.h> + +#include "nrf_crypto_mem.h" +#include "nrf_crypto_ecc.h" +#include "cc310_backend_ecc.h" +#include "cc310_backend_shared.h" +#include "cc310_backend_mutex.h" +#include "crys_ecpki_kg.h" +#include "crys_ecpki_domain.h" +#include "crys_ecpki_build.h" +#include "crys_ecpki_error.h" +#include "crys_rnd_error.h" + + +#define CC310_UNCOMPRESSED_PUBLIC_KEY_ID_BYTE 0x04 /**< @brief @internal Byte value used by CC310 library to prefix uncompressed public key. */ + + +ret_code_t nrf_crypto_backend_cc310_ecc_error_convert(uint32_t crys_error) +{ + switch (crys_error) + { + case CRYS_OK: + return NRF_SUCCESS; + + case CRYS_ECDSA_VERIFY_INCONSISTENT_VERIFY_ERROR: + return NRF_ERROR_CRYPTO_ECDSA_INVALID_SIGNATURE; + + case CRYS_RND_INSTANTIATION_NOT_DONE_ERROR: + return NRF_ERROR_CRYPTO_CONTEXT_NOT_INITIALIZED; + + default: + return NRF_ERROR_CRYPTO_INTERNAL; + } +} + + +/** @internal @brief Returns domain value from @ref CRYS_ECPKI_DomainID_t enum based on + * value from info structure. + * + * @param[in] p_info Curve info. + * @returns Pointer to CC310 domain. + */ +static CRYS_ECPKI_Domain_t const * get_domain(nrf_crypto_ecc_curve_info_t const * p_info) +{ + CRYS_ECPKI_DomainID_t domain_id = (CRYS_ECPKI_DomainID_t)(intptr_t)p_info->p_backend_data; + const CRYS_ECPKI_Domain_t * domain = CRYS_ECPKI_GetEcDomain(domain_id); + return domain; +} + + +ret_code_t nrf_crypto_backend_cc310_ecc_public_key_convert( + nrf_crypto_backend_cc310_ecc_public_key_t * p_pub, + CRYS_ECPKI_BUILD_TempData_t * p_temp_data) +{ + ret_code_t result; + CRYSError_t crys_error; + CRYS_ECPKI_Domain_t const * p_domain; + uint8_t ucompressed_key[NRF_CRYPTO_ECC_RAW_PUBLIC_KEY_MAX_SIZE + 1]; + bool mutex_locked; + + nrf_crypto_ecc_curve_info_t const * p_info = p_pub->header.p_info; + + if (p_pub->key_converted) + { + return NRF_SUCCESS; + } + + p_domain = get_domain(p_info); + + // Tell CC310 library that this is raw public key in uncompressed format. + ucompressed_key[0] = CC310_UNCOMPRESSED_PUBLIC_KEY_ID_BYTE; + memcpy(&ucompressed_key[1], p_pub->key.raw_public_key, p_info->raw_public_key_size); + + mutex_locked = cc310_backend_mutex_trylock(); + if (!mutex_locked) + { + return NRF_ERROR_CRYPTO_BUSY; + } + + cc310_backend_enable(); + + crys_error = CRYS_ECPKI_BuildPublKeyFullCheck(p_domain, + ucompressed_key, + p_info->raw_public_key_size + 1, + &p_pub->key.cc310_public_key, + p_temp_data); + + cc310_backend_disable(); + + cc310_backend_mutex_unlock(); + + result = nrf_crypto_backend_cc310_ecc_error_convert(crys_error); + if (result == NRF_SUCCESS) + { + p_pub->key_converted = true; + } + else + { + memcpy(p_pub->key.raw_public_key, &ucompressed_key[1], p_info->raw_public_key_size); + } + + return result; +} + + +ret_code_t nrf_crypto_backend_cc310_key_pair_generate( + void * p_context, + void * p_private_key, + void * p_public_key) +{ + ret_code_t result; + CRYSError_t crys_error; + CRYS_ECPKI_Domain_t const * p_domain; + bool mutex_locked; + + nrf_crypto_backend_cc310_key_pair_generate_context_t * p_ctx = + (nrf_crypto_backend_cc310_key_pair_generate_context_t *)p_context; + + nrf_crypto_backend_cc310_ecc_private_key_t * p_prv = + (nrf_crypto_backend_cc310_ecc_private_key_t *)p_private_key; + + nrf_crypto_backend_cc310_ecc_public_key_t * p_pub = + (nrf_crypto_backend_cc310_ecc_public_key_t *)p_public_key; + + p_domain = get_domain(p_prv->header.p_info); + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + cc310_backend_enable(); + + crys_error = CRYS_ECPKI_GenKeyPair(p_context, + nrf_crypto_backend_cc310_rng, + p_domain, + &p_prv->private_key, + &p_pub->key.cc310_public_key, + &p_ctx->temp_data, + NULL); + cc310_backend_disable(); + + cc310_backend_mutex_unlock(); + + p_pub->key_converted = true; + + result = nrf_crypto_backend_cc310_ecc_error_convert(crys_error); + return result; +} + + +ret_code_t nrf_crypto_backend_cc310_private_key_from_raw( + void * p_private_key, + uint8_t const * p_raw_data) +{ + ret_code_t result; + CRYSError_t crys_error; + CRYS_ECPKI_Domain_t const * p_domain; + bool mutex_locked; + + nrf_crypto_backend_cc310_ecc_private_key_t * p_prv = + (nrf_crypto_backend_cc310_ecc_private_key_t *)p_private_key; + + nrf_crypto_ecc_curve_info_t const * p_info = p_prv->header.p_info; + + p_domain = get_domain(p_info); + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + crys_error = CRYS_ECPKI_BuildPrivKey(p_domain, + p_raw_data, + p_info->raw_private_key_size, + &p_prv->private_key); + + cc310_backend_mutex_unlock(); + + result = nrf_crypto_backend_cc310_ecc_error_convert(crys_error); + return result; +} + + +ret_code_t nrf_crypto_backend_cc310_private_key_to_raw( + void const * p_private_key, + uint8_t * p_raw_data) +{ + ret_code_t result; + CRYSError_t crys_error; + uint32_t key_size; + + nrf_crypto_backend_cc310_ecc_private_key_t * p_prv = + (nrf_crypto_backend_cc310_ecc_private_key_t *)p_private_key; + + nrf_crypto_ecc_curve_info_t const * p_info = p_prv->header.p_info; + + key_size = p_info->raw_private_key_size; + + crys_error = CRYS_ECPKI_ExportPrivKey(&p_prv->private_key, + p_raw_data, + &key_size); + + if (key_size != p_info->raw_private_key_size) + { + return NRF_ERROR_CRYPTO_INTERNAL; + } + + result = nrf_crypto_backend_cc310_ecc_error_convert(crys_error); + + return result; +} + + +ret_code_t nrf_crypto_backend_cc310_public_key_from_raw( + void * p_public_key, + uint8_t const * p_raw_data) +{ + nrf_crypto_backend_cc310_ecc_public_key_t * p_pub = + (nrf_crypto_backend_cc310_ecc_public_key_t *)p_public_key; + + nrf_crypto_ecc_curve_info_t const * p_info = p_pub->header.p_info; + + memcpy(p_pub->key.raw_public_key, p_raw_data, p_info->raw_public_key_size); + p_pub->key_converted = false; + + return NRF_SUCCESS; +} + + +ret_code_t nrf_crypto_backend_cc310_public_key_to_raw( + void const * p_public_key, + uint8_t * p_raw_data) +{ + ret_code_t result; + CRYSError_t crys_error; + uint8_t ucompressed_key[NRF_CRYPTO_ECC_RAW_PUBLIC_KEY_MAX_SIZE + 1]; + uint32_t key_size; + bool mutex_locked; + + nrf_crypto_backend_cc310_ecc_public_key_t * p_pub = + (nrf_crypto_backend_cc310_ecc_public_key_t *)p_public_key; + + nrf_crypto_ecc_curve_info_t const * p_info = p_pub->header.p_info; + + if (!p_pub->key_converted) + { + memcpy(p_raw_data, p_pub->key.raw_public_key, p_info->raw_public_key_size); + return NRF_SUCCESS; + } + + mutex_locked = cc310_backend_mutex_trylock(); + if (!mutex_locked) + { + return NRF_ERROR_CRYPTO_BUSY; + } + + key_size = p_info->raw_public_key_size + 1; + + crys_error = CRYS_ECPKI_ExportPublKey(&p_pub->key.cc310_public_key, + CRYS_EC_PointUncompressed, + ucompressed_key, + &key_size); + + cc310_backend_mutex_unlock(); + + if ((key_size != p_info->raw_public_key_size + 1) + || (ucompressed_key[0] != CC310_UNCOMPRESSED_PUBLIC_KEY_ID_BYTE)) + { + return NRF_ERROR_CRYPTO_INTERNAL; + } + + memcpy(p_raw_data, &ucompressed_key[1], p_info->raw_public_key_size); + + result = nrf_crypto_backend_cc310_ecc_error_convert(crys_error); + return result; +} + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP160R1) +const nrf_crypto_ecc_curve_info_t g_nrf_crypto_ecc_secp160r1_curve_info = +{ + .public_key_size = sizeof(nrf_crypto_backend_cc310_ecc_public_key_t), + .private_key_size = sizeof(nrf_crypto_backend_cc310_ecc_private_key_t), + .curve_type = NRF_CRYPTO_ECC_SECP160R1_CURVE_TYPE, + .raw_private_key_size = NRF_CRYPTO_ECC_SECP160R1_RAW_PRIVATE_KEY_SIZE, + .raw_public_key_size = NRF_CRYPTO_ECC_SECP160R1_RAW_PUBLIC_KEY_SIZE, + .p_backend_data = (void *)CRYS_ECPKI_DomainID_secp160r1, +}; +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP160R2) +const nrf_crypto_ecc_curve_info_t g_nrf_crypto_ecc_secp160r2_curve_info = +{ + .public_key_size = sizeof(nrf_crypto_backend_cc310_ecc_public_key_t), + .private_key_size = sizeof(nrf_crypto_backend_cc310_ecc_private_key_t), + .curve_type = NRF_CRYPTO_ECC_SECP160R2_CURVE_TYPE, + .raw_private_key_size = NRF_CRYPTO_ECC_SECP160R2_RAW_PRIVATE_KEY_SIZE, + .raw_public_key_size = NRF_CRYPTO_ECC_SECP160R2_RAW_PUBLIC_KEY_SIZE, + .p_backend_data = (void *)CRYS_ECPKI_DomainID_secp160r2, +}; +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP192R1) +const nrf_crypto_ecc_curve_info_t g_nrf_crypto_ecc_secp192r1_curve_info = +{ + .public_key_size = sizeof(nrf_crypto_backend_cc310_ecc_public_key_t), + .private_key_size = sizeof(nrf_crypto_backend_cc310_ecc_private_key_t), + .curve_type = NRF_CRYPTO_ECC_SECP192R1_CURVE_TYPE, + .raw_private_key_size = NRF_CRYPTO_ECC_SECP192R1_RAW_PRIVATE_KEY_SIZE, + .raw_public_key_size = NRF_CRYPTO_ECC_SECP192R1_RAW_PUBLIC_KEY_SIZE, + .p_backend_data = (void *)CRYS_ECPKI_DomainID_secp192r1, +}; +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP224R1) +const nrf_crypto_ecc_curve_info_t g_nrf_crypto_ecc_secp224r1_curve_info = +{ + .public_key_size = sizeof(nrf_crypto_backend_cc310_ecc_public_key_t), + .private_key_size = sizeof(nrf_crypto_backend_cc310_ecc_private_key_t), + .curve_type = NRF_CRYPTO_ECC_SECP224R1_CURVE_TYPE, + .raw_private_key_size = NRF_CRYPTO_ECC_SECP224R1_RAW_PRIVATE_KEY_SIZE, + .raw_public_key_size = NRF_CRYPTO_ECC_SECP224R1_RAW_PUBLIC_KEY_SIZE, + .p_backend_data = (void *)CRYS_ECPKI_DomainID_secp224r1, +}; +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP256R1) +const nrf_crypto_ecc_curve_info_t g_nrf_crypto_ecc_secp256r1_curve_info = +{ + .public_key_size = sizeof(nrf_crypto_backend_cc310_ecc_public_key_t), + .private_key_size = sizeof(nrf_crypto_backend_cc310_ecc_private_key_t), + .curve_type = NRF_CRYPTO_ECC_SECP256R1_CURVE_TYPE, + .raw_private_key_size = NRF_CRYPTO_ECC_SECP256R1_RAW_PRIVATE_KEY_SIZE, + .raw_public_key_size = NRF_CRYPTO_ECC_SECP256R1_RAW_PUBLIC_KEY_SIZE, + .p_backend_data = (void *)CRYS_ECPKI_DomainID_secp256r1, +}; +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP384R1) +const nrf_crypto_ecc_curve_info_t g_nrf_crypto_ecc_secp384r1_curve_info = +{ + .public_key_size = sizeof(nrf_crypto_backend_cc310_ecc_public_key_t), + .private_key_size = sizeof(nrf_crypto_backend_cc310_ecc_private_key_t), + .curve_type = NRF_CRYPTO_ECC_SECP384R1_CURVE_TYPE, + .raw_private_key_size = NRF_CRYPTO_ECC_SECP384R1_RAW_PRIVATE_KEY_SIZE, + .raw_public_key_size = NRF_CRYPTO_ECC_SECP384R1_RAW_PUBLIC_KEY_SIZE, + .p_backend_data = (void *)CRYS_ECPKI_DomainID_secp384r1, +}; +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP521R1) +const nrf_crypto_ecc_curve_info_t g_nrf_crypto_ecc_secp521r1_curve_info = +{ + .public_key_size = sizeof(nrf_crypto_backend_cc310_ecc_public_key_t), + .private_key_size = sizeof(nrf_crypto_backend_cc310_ecc_private_key_t), + .curve_type = NRF_CRYPTO_ECC_SECP521R1_CURVE_TYPE, + .raw_private_key_size = NRF_CRYPTO_ECC_SECP521R1_RAW_PRIVATE_KEY_SIZE, + .raw_public_key_size = NRF_CRYPTO_ECC_SECP521R1_RAW_PUBLIC_KEY_SIZE, + .p_backend_data = (void *)CRYS_ECPKI_DomainID_secp521r1, +}; +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP160K1) +const nrf_crypto_ecc_curve_info_t g_nrf_crypto_ecc_secp160k1_curve_info = +{ + .public_key_size = sizeof(nrf_crypto_backend_cc310_ecc_public_key_t), + .private_key_size = sizeof(nrf_crypto_backend_cc310_ecc_private_key_t), + .curve_type = NRF_CRYPTO_ECC_SECP160K1_CURVE_TYPE, + .raw_private_key_size = NRF_CRYPTO_ECC_SECP160K1_RAW_PRIVATE_KEY_SIZE, + .raw_public_key_size = NRF_CRYPTO_ECC_SECP160K1_RAW_PUBLIC_KEY_SIZE, + .p_backend_data = (void *)CRYS_ECPKI_DomainID_secp160k1, +}; +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP192K1) +const nrf_crypto_ecc_curve_info_t g_nrf_crypto_ecc_secp192k1_curve_info = +{ + .public_key_size = sizeof(nrf_crypto_backend_cc310_ecc_public_key_t), + .private_key_size = sizeof(nrf_crypto_backend_cc310_ecc_private_key_t), + .curve_type = NRF_CRYPTO_ECC_SECP192K1_CURVE_TYPE, + .raw_private_key_size = NRF_CRYPTO_ECC_SECP192K1_RAW_PRIVATE_KEY_SIZE, + .raw_public_key_size = NRF_CRYPTO_ECC_SECP192K1_RAW_PUBLIC_KEY_SIZE, + .p_backend_data = (void *)CRYS_ECPKI_DomainID_secp192k1, +}; +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP224K1) +const nrf_crypto_ecc_curve_info_t g_nrf_crypto_ecc_secp224k1_curve_info = +{ + .public_key_size = sizeof(nrf_crypto_backend_cc310_ecc_public_key_t), + .private_key_size = sizeof(nrf_crypto_backend_cc310_ecc_private_key_t), + .curve_type = NRF_CRYPTO_ECC_SECP224K1_CURVE_TYPE, + .raw_private_key_size = NRF_CRYPTO_ECC_SECP224K1_RAW_PRIVATE_KEY_SIZE, + .raw_public_key_size = NRF_CRYPTO_ECC_SECP224K1_RAW_PUBLIC_KEY_SIZE, + .p_backend_data = (void *)CRYS_ECPKI_DomainID_secp224k1, +}; +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP256K1) +const nrf_crypto_ecc_curve_info_t g_nrf_crypto_ecc_secp256k1_curve_info = +{ + .public_key_size = sizeof(nrf_crypto_backend_cc310_ecc_public_key_t), + .private_key_size = sizeof(nrf_crypto_backend_cc310_ecc_private_key_t), + .curve_type = NRF_CRYPTO_ECC_SECP256K1_CURVE_TYPE, + .raw_private_key_size = NRF_CRYPTO_ECC_SECP256K1_RAW_PRIVATE_KEY_SIZE, + .raw_public_key_size = NRF_CRYPTO_ECC_SECP256K1_RAW_PUBLIC_KEY_SIZE, + .p_backend_data = (void *)CRYS_ECPKI_DomainID_secp256k1, +}; +#endif + + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_ecc.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_ecc.h new file mode 100644 index 0000000..f9f20e2 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_ecc.h @@ -0,0 +1,548 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#ifndef CC310_BACKEND_ECC_H__ +#define CC310_BACKEND_ECC_H__ + +#include "sdk_config.h" +#include "nordic_common.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +#include <stdbool.h> +#include "nrf_crypto_ecc_shared.h" +#include "crys_ecpki_kg.h" + + +#ifdef __cplusplus +extern "C" { +#endif + +/** @internal @brief Common structure holding private key for CC310. + */ +typedef struct +{ + nrf_crypto_internal_ecc_key_header_t header; /**< @internal @brief Common ECC key header */ + CRYS_ECPKI_UserPrivKey_t private_key; /**< @internal @brief CC310 specific key representation */ +} nrf_crypto_backend_cc310_ecc_private_key_t; + + +/** @internal @brief Common structure holding public key for CC310. + */ +typedef struct +{ + nrf_crypto_internal_ecc_key_header_t header; /**< @internal @brief Common ECC key header */ + bool key_converted; /**< @internal @brief True if key was already converted from raw_public_key to cc310_public_key */ + union + { + CRYS_ECPKI_UserPublKey_t cc310_public_key; /**< @internal @brief CC310 specific key representation */ + uint8_t raw_public_key[132]; /**< @internal @brief raw key representation */ + } key; +} nrf_crypto_backend_cc310_ecc_public_key_t; + + +/** @internal @brief Common structure holding context for key pair generation. + */ +typedef struct +{ + CRYS_ECPKI_KG_TempData_t temp_data; /**< @internal @brief Temporary buffer for CC310 internal storage */ +} nrf_crypto_backend_cc310_key_pair_generate_context_t; + + +/** @internal See @ref nrf_crypto_backend_ecc_key_pair_generate_fn_t. + */ +ret_code_t nrf_crypto_backend_cc310_key_pair_generate( + void * p_context, + void * p_private_key, + void * p_public_key); + + +/** @internal See @ref nrf_crypto_backend_ecc_private_key_from_raw_fn_t. +*/ +ret_code_t nrf_crypto_backend_cc310_private_key_from_raw( + void * p_private_key, + uint8_t const * p_raw_data); + + +/** @internal See @ref nrf_crypto_backend_ecc_private_key_to_raw_fn_t. +*/ +ret_code_t nrf_crypto_backend_cc310_private_key_to_raw( + void const * p_private_key, + uint8_t * p_raw_data); + + +/** @internal See @ref nrf_crypto_backend_ecc_public_key_from_raw_fn_t. +*/ +ret_code_t nrf_crypto_backend_cc310_public_key_from_raw( + void * p_public_key, + uint8_t const * p_raw_data); + + +/** @internal See @ref nrf_crypto_backend_ecc_public_key_to_raw_fn_t. +*/ +ret_code_t nrf_crypto_backend_cc310_public_key_to_raw( + void const * p_public_key, + uint8_t * p_raw_data); + + +/** @internal @brief Convert error code from CC310 to nrf_crypto error code. + * + * @param[in] crys_error CC310 error code. + * @return nrf_crypto error code. + */ +ret_code_t nrf_crypto_backend_cc310_ecc_error_convert(uint32_t crys_error); + + +/** @internal @brief Converts public key from raw to CC310 representation if not converted already. + * + * Data are read from p_pub->key.raw_public_key to stored into p_pub->cc310_public_key. + * + * @param[in] p_pub Public key to convert. + * @param[in] p_temp_data Buffer for temporary data used by CC310 lib. + * @return nrf_crypto error code. + */ +ret_code_t nrf_crypto_backend_cc310_ecc_public_key_convert( + nrf_crypto_backend_cc310_ecc_public_key_t * p_pub, + CRYS_ECPKI_BUILD_TempData_t * p_temp_data); + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP160R1) + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_ECC_SECP160R1) +#error "More than one backend enabled for secp160r1 (NIST 160-bit)."); +#endif +#define NRF_CRYPTO_ECC_SECP160R1_ENABLED 1 + +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp160r1_key_pair_generate nrf_crypto_backend_cc310_key_pair_generate +#define nrf_crypto_backend_secp160r1_public_key_calculate NULL +#define nrf_crypto_backend_secp160r1_private_key_from_raw nrf_crypto_backend_cc310_private_key_from_raw +#define nrf_crypto_backend_secp160r1_private_key_to_raw nrf_crypto_backend_cc310_private_key_to_raw +#define nrf_crypto_backend_secp160r1_public_key_from_raw nrf_crypto_backend_cc310_public_key_from_raw +#define nrf_crypto_backend_secp160r1_public_key_to_raw nrf_crypto_backend_cc310_public_key_to_raw +#define nrf_crypto_backend_secp160r1_private_key_free NULL +#define nrf_crypto_backend_secp160r1_public_key_free NULL + +// Context sizes required by CC310 +#define NRF_CRYPTO_BACKEND_SECP160R1_KEY_PAIR_GENERATE_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_key_pair_generate_context_t) +#define NRF_CRYPTO_BACKEND_SECP160R1_PUBLIC_KEY_CALCULATE_CONTEXT_SIZE 0 + +// All CC310 curve types share the same data structures for keys +typedef nrf_crypto_backend_cc310_ecc_private_key_t nrf_crypto_backend_secp160r1_private_key_t; +typedef nrf_crypto_backend_cc310_ecc_public_key_t nrf_crypto_backend_secp160r1_public_key_t; + +// All CC310 curve types share the same data structures for context +typedef nrf_crypto_backend_cc310_key_pair_generate_context_t + nrf_crypto_backend_secp160r1_key_pair_generate_context_t; + +// Dummy typedef for unused context +typedef uint32_t nrf_crypto_backend_secp160r1_public_key_calculate_context_t; + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP160R1) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP160R2) + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_ECC_SECP160R2) +#error "More than one backend enabled for secp160r2 (NIST 160-bit)."); +#endif +#define NRF_CRYPTO_ECC_SECP160R2_ENABLED 1 + +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp160r2_key_pair_generate nrf_crypto_backend_cc310_key_pair_generate +#define nrf_crypto_backend_secp160r2_public_key_calculate NULL +#define nrf_crypto_backend_secp160r2_private_key_from_raw nrf_crypto_backend_cc310_private_key_from_raw +#define nrf_crypto_backend_secp160r2_private_key_to_raw nrf_crypto_backend_cc310_private_key_to_raw +#define nrf_crypto_backend_secp160r2_public_key_from_raw nrf_crypto_backend_cc310_public_key_from_raw +#define nrf_crypto_backend_secp160r2_public_key_to_raw nrf_crypto_backend_cc310_public_key_to_raw +#define nrf_crypto_backend_secp160r2_private_key_free NULL +#define nrf_crypto_backend_secp160r2_public_key_free NULL + +// Context sizes required by CC310 +#define NRF_CRYPTO_BACKEND_SECP160R2_KEY_PAIR_GENERATE_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_key_pair_generate_context_t) +#define NRF_CRYPTO_BACKEND_SECP160R2_PUBLIC_KEY_CALCULATE_CONTEXT_SIZE 0 + +// All CC310 curve types share the same data structures for keys +typedef nrf_crypto_backend_cc310_ecc_private_key_t nrf_crypto_backend_secp160r2_private_key_t; +typedef nrf_crypto_backend_cc310_ecc_public_key_t nrf_crypto_backend_secp160r2_public_key_t; + +// All CC310 curve types share the same data structures for context +typedef nrf_crypto_backend_cc310_key_pair_generate_context_t + nrf_crypto_backend_secp160r2_key_pair_generate_context_t; + +// Dummy typedef for unused context +typedef uint32_t nrf_crypto_backend_secp160r2_public_key_calculate_context_t; + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP160R2) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP192R1) + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_ECC_SECP192R1) +#error "More than one backend enabled for secp192r1 (NIST 192-bit)."); +#endif +#define NRF_CRYPTO_ECC_SECP192R1_ENABLED 1 + +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp192r1_key_pair_generate nrf_crypto_backend_cc310_key_pair_generate +#define nrf_crypto_backend_secp192r1_public_key_calculate NULL +#define nrf_crypto_backend_secp192r1_private_key_from_raw nrf_crypto_backend_cc310_private_key_from_raw +#define nrf_crypto_backend_secp192r1_private_key_to_raw nrf_crypto_backend_cc310_private_key_to_raw +#define nrf_crypto_backend_secp192r1_public_key_from_raw nrf_crypto_backend_cc310_public_key_from_raw +#define nrf_crypto_backend_secp192r1_public_key_to_raw nrf_crypto_backend_cc310_public_key_to_raw +#define nrf_crypto_backend_secp192r1_private_key_free NULL +#define nrf_crypto_backend_secp192r1_public_key_free NULL + +// Context sizes required by CC310 +#define NRF_CRYPTO_BACKEND_SECP192R1_KEY_PAIR_GENERATE_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_key_pair_generate_context_t) +#define NRF_CRYPTO_BACKEND_SECP192R1_PUBLIC_KEY_CALCULATE_CONTEXT_SIZE 0 + +// All CC310 curve types share the same data structures for keys +typedef nrf_crypto_backend_cc310_ecc_private_key_t nrf_crypto_backend_secp192r1_private_key_t; +typedef nrf_crypto_backend_cc310_ecc_public_key_t nrf_crypto_backend_secp192r1_public_key_t; + +// All CC310 curve types share the same data structures for context +typedef nrf_crypto_backend_cc310_key_pair_generate_context_t + nrf_crypto_backend_secp192r1_key_pair_generate_context_t; + +// Dummy typedef for unused context +typedef uint32_t nrf_crypto_backend_secp192r1_public_key_calculate_context_t; + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP192R1) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP224R1) + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_ECC_SECP224R1) +#error "More than one backend enabled for secp224r1 (NIST 224-bit)."); +#endif +#define NRF_CRYPTO_ECC_SECP224R1_ENABLED 1 + +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp224r1_key_pair_generate nrf_crypto_backend_cc310_key_pair_generate +#define nrf_crypto_backend_secp224r1_public_key_calculate NULL +#define nrf_crypto_backend_secp224r1_private_key_from_raw nrf_crypto_backend_cc310_private_key_from_raw +#define nrf_crypto_backend_secp224r1_private_key_to_raw nrf_crypto_backend_cc310_private_key_to_raw +#define nrf_crypto_backend_secp224r1_public_key_from_raw nrf_crypto_backend_cc310_public_key_from_raw +#define nrf_crypto_backend_secp224r1_public_key_to_raw nrf_crypto_backend_cc310_public_key_to_raw +#define nrf_crypto_backend_secp224r1_private_key_free NULL +#define nrf_crypto_backend_secp224r1_public_key_free NULL + +// Context sizes required by CC310 +#define NRF_CRYPTO_BACKEND_SECP224R1_KEY_PAIR_GENERATE_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_key_pair_generate_context_t) +#define NRF_CRYPTO_BACKEND_SECP224R1_PUBLIC_KEY_CALCULATE_CONTEXT_SIZE 0 + +// All CC310 curve types share the same data structures for keys +typedef nrf_crypto_backend_cc310_ecc_private_key_t nrf_crypto_backend_secp224r1_private_key_t; +typedef nrf_crypto_backend_cc310_ecc_public_key_t nrf_crypto_backend_secp224r1_public_key_t; + +// All CC310 curve types share the same data structures for context +typedef nrf_crypto_backend_cc310_key_pair_generate_context_t + nrf_crypto_backend_secp224r1_key_pair_generate_context_t; + +// Dummy typedef for unused context +typedef uint32_t nrf_crypto_backend_secp224r1_public_key_calculate_context_t; + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP224R1) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP256R1) + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_ECC_SECP256R1) +#error "More than one backend enabled for secp256r1 (NIST 256-bit)."); +#endif +#define NRF_CRYPTO_ECC_SECP256R1_ENABLED 1 + +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp256r1_key_pair_generate nrf_crypto_backend_cc310_key_pair_generate +#define nrf_crypto_backend_secp256r1_public_key_calculate NULL +#define nrf_crypto_backend_secp256r1_private_key_from_raw nrf_crypto_backend_cc310_private_key_from_raw +#define nrf_crypto_backend_secp256r1_private_key_to_raw nrf_crypto_backend_cc310_private_key_to_raw +#define nrf_crypto_backend_secp256r1_public_key_from_raw nrf_crypto_backend_cc310_public_key_from_raw +#define nrf_crypto_backend_secp256r1_public_key_to_raw nrf_crypto_backend_cc310_public_key_to_raw +#define nrf_crypto_backend_secp256r1_private_key_free NULL +#define nrf_crypto_backend_secp256r1_public_key_free NULL + +// Context sizes required by CC310 +#define NRF_CRYPTO_BACKEND_SECP256R1_KEY_PAIR_GENERATE_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_key_pair_generate_context_t) +#define NRF_CRYPTO_BACKEND_SECP256R1_PUBLIC_KEY_CALCULATE_CONTEXT_SIZE 0 + +// All CC310 curve types share the same data structures for keys +typedef nrf_crypto_backend_cc310_ecc_private_key_t nrf_crypto_backend_secp256r1_private_key_t; +typedef nrf_crypto_backend_cc310_ecc_public_key_t nrf_crypto_backend_secp256r1_public_key_t; + +// All CC310 curve types share the same data structures for context +typedef nrf_crypto_backend_cc310_key_pair_generate_context_t + nrf_crypto_backend_secp256r1_key_pair_generate_context_t; + +// Dummy typedef for unused context +typedef uint32_t nrf_crypto_backend_secp256r1_public_key_calculate_context_t; + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP256R1) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP384R1) + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_ECC_SECP384R1) +#error "More than one backend enabled for secp384r1 (NIST 384-bit)."); +#endif +#define NRF_CRYPTO_ECC_SECP384R1_ENABLED 1 + +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp384r1_key_pair_generate nrf_crypto_backend_cc310_key_pair_generate +#define nrf_crypto_backend_secp384r1_public_key_calculate NULL +#define nrf_crypto_backend_secp384r1_private_key_from_raw nrf_crypto_backend_cc310_private_key_from_raw +#define nrf_crypto_backend_secp384r1_private_key_to_raw nrf_crypto_backend_cc310_private_key_to_raw +#define nrf_crypto_backend_secp384r1_public_key_from_raw nrf_crypto_backend_cc310_public_key_from_raw +#define nrf_crypto_backend_secp384r1_public_key_to_raw nrf_crypto_backend_cc310_public_key_to_raw +#define nrf_crypto_backend_secp384r1_private_key_free NULL +#define nrf_crypto_backend_secp384r1_public_key_free NULL + +// Context sizes required by CC310 +#define NRF_CRYPTO_BACKEND_SECP384R1_KEY_PAIR_GENERATE_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_key_pair_generate_context_t) +#define NRF_CRYPTO_BACKEND_SECP384R1_PUBLIC_KEY_CALCULATE_CONTEXT_SIZE 0 + +// All CC310 curve types share the same data structures for keys +typedef nrf_crypto_backend_cc310_ecc_private_key_t nrf_crypto_backend_secp384r1_private_key_t; +typedef nrf_crypto_backend_cc310_ecc_public_key_t nrf_crypto_backend_secp384r1_public_key_t; + +// All CC310 curve types share the same data structures for context +typedef nrf_crypto_backend_cc310_key_pair_generate_context_t + nrf_crypto_backend_secp384r1_key_pair_generate_context_t; + +// Dummy typedef for unused context +typedef uint32_t nrf_crypto_backend_secp384r1_public_key_calculate_context_t; + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP384R1) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP521R1) + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_ECC_SECP521R1) +#error "More than one backend enabled for secp521r1 (NIST 521-bit)."); +#endif +#define NRF_CRYPTO_ECC_SECP521R1_ENABLED 1 + +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp521r1_key_pair_generate nrf_crypto_backend_cc310_key_pair_generate +#define nrf_crypto_backend_secp521r1_public_key_calculate NULL +#define nrf_crypto_backend_secp521r1_private_key_from_raw nrf_crypto_backend_cc310_private_key_from_raw +#define nrf_crypto_backend_secp521r1_private_key_to_raw nrf_crypto_backend_cc310_private_key_to_raw +#define nrf_crypto_backend_secp521r1_public_key_from_raw nrf_crypto_backend_cc310_public_key_from_raw +#define nrf_crypto_backend_secp521r1_public_key_to_raw nrf_crypto_backend_cc310_public_key_to_raw +#define nrf_crypto_backend_secp521r1_private_key_free NULL +#define nrf_crypto_backend_secp521r1_public_key_free NULL + +// Context sizes required by CC310 +#define NRF_CRYPTO_BACKEND_SECP521R1_KEY_PAIR_GENERATE_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_key_pair_generate_context_t) +#define NRF_CRYPTO_BACKEND_SECP521R1_PUBLIC_KEY_CALCULATE_CONTEXT_SIZE 0 + +// All CC310 curve types share the same data structures for keys +typedef nrf_crypto_backend_cc310_ecc_private_key_t nrf_crypto_backend_secp521r1_private_key_t; +typedef nrf_crypto_backend_cc310_ecc_public_key_t nrf_crypto_backend_secp521r1_public_key_t; + +// All CC310 curve types share the same data structures for context +typedef nrf_crypto_backend_cc310_key_pair_generate_context_t + nrf_crypto_backend_secp521r1_key_pair_generate_context_t; + +// Dummy typedef for unused context +typedef uint32_t nrf_crypto_backend_secp521r1_public_key_calculate_context_t; + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP521R1) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP160K1) + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_ECC_SECP160K1) +#error "More than one backend enabled for secp160k1 (Koblitz 160-bit)."); +#endif +#define NRF_CRYPTO_ECC_SECP160K1_ENABLED 1 + +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp160k1_key_pair_generate nrf_crypto_backend_cc310_key_pair_generate +#define nrf_crypto_backend_secp160k1_public_key_calculate NULL +#define nrf_crypto_backend_secp160k1_private_key_from_raw nrf_crypto_backend_cc310_private_key_from_raw +#define nrf_crypto_backend_secp160k1_private_key_to_raw nrf_crypto_backend_cc310_private_key_to_raw +#define nrf_crypto_backend_secp160k1_public_key_from_raw nrf_crypto_backend_cc310_public_key_from_raw +#define nrf_crypto_backend_secp160k1_public_key_to_raw nrf_crypto_backend_cc310_public_key_to_raw +#define nrf_crypto_backend_secp160k1_private_key_free NULL +#define nrf_crypto_backend_secp160k1_public_key_free NULL + +// Context sizes required by CC310 +#define NRF_CRYPTO_BACKEND_SECP160K1_KEY_PAIR_GENERATE_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_key_pair_generate_context_t) +#define NRF_CRYPTO_BACKEND_SECP160K1_PUBLIC_KEY_CALCULATE_CONTEXT_SIZE 0 + +// All CC310 curve types share the same data structures for keys +typedef nrf_crypto_backend_cc310_ecc_private_key_t nrf_crypto_backend_secp160k1_private_key_t; +typedef nrf_crypto_backend_cc310_ecc_public_key_t nrf_crypto_backend_secp160k1_public_key_t; + +// All CC310 curve types share the same data structures for context +typedef nrf_crypto_backend_cc310_key_pair_generate_context_t + nrf_crypto_backend_secp160k1_key_pair_generate_context_t; + +// Dummy typedef for unused context +typedef uint32_t nrf_crypto_backend_secp160k1_public_key_calculate_context_t; + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP160K1) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP192K1) + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_ECC_SECP192K1) +#error "More than one backend enabled for secp192k1 (Koblitz 192-bit)."); +#endif +#define NRF_CRYPTO_ECC_SECP192K1_ENABLED 1 + +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp192k1_key_pair_generate nrf_crypto_backend_cc310_key_pair_generate +#define nrf_crypto_backend_secp192k1_public_key_calculate NULL +#define nrf_crypto_backend_secp192k1_private_key_from_raw nrf_crypto_backend_cc310_private_key_from_raw +#define nrf_crypto_backend_secp192k1_private_key_to_raw nrf_crypto_backend_cc310_private_key_to_raw +#define nrf_crypto_backend_secp192k1_public_key_from_raw nrf_crypto_backend_cc310_public_key_from_raw +#define nrf_crypto_backend_secp192k1_public_key_to_raw nrf_crypto_backend_cc310_public_key_to_raw +#define nrf_crypto_backend_secp192k1_private_key_free NULL +#define nrf_crypto_backend_secp192k1_public_key_free NULL + +// Context sizes required by CC310 +#define NRF_CRYPTO_BACKEND_SECP192K1_KEY_PAIR_GENERATE_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_key_pair_generate_context_t) +#define NRF_CRYPTO_BACKEND_SECP192K1_PUBLIC_KEY_CALCULATE_CONTEXT_SIZE 0 + +// All CC310 curve types share the same data structures for keys +typedef nrf_crypto_backend_cc310_ecc_private_key_t nrf_crypto_backend_secp192k1_private_key_t; +typedef nrf_crypto_backend_cc310_ecc_public_key_t nrf_crypto_backend_secp192k1_public_key_t; + +// All CC310 curve types share the same data structures for context +typedef nrf_crypto_backend_cc310_key_pair_generate_context_t + nrf_crypto_backend_secp192k1_key_pair_generate_context_t; + +// Dummy typedef for unused context +typedef uint32_t nrf_crypto_backend_secp192k1_public_key_calculate_context_t; + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP192K1) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP224K1) + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_ECC_SECP224K1) +#error "More than one backend enabled for secp224k1 (Koblitz 224-bit)."); +#endif +#define NRF_CRYPTO_ECC_SECP224K1_ENABLED 1 + +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp224k1_key_pair_generate nrf_crypto_backend_cc310_key_pair_generate +#define nrf_crypto_backend_secp224k1_public_key_calculate NULL +#define nrf_crypto_backend_secp224k1_private_key_from_raw nrf_crypto_backend_cc310_private_key_from_raw +#define nrf_crypto_backend_secp224k1_private_key_to_raw nrf_crypto_backend_cc310_private_key_to_raw +#define nrf_crypto_backend_secp224k1_public_key_from_raw nrf_crypto_backend_cc310_public_key_from_raw +#define nrf_crypto_backend_secp224k1_public_key_to_raw nrf_crypto_backend_cc310_public_key_to_raw +#define nrf_crypto_backend_secp224k1_private_key_free NULL +#define nrf_crypto_backend_secp224k1_public_key_free NULL + +// Context sizes required by CC310 +#define NRF_CRYPTO_BACKEND_SECP224K1_KEY_PAIR_GENERATE_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_key_pair_generate_context_t) +#define NRF_CRYPTO_BACKEND_SECP224K1_PUBLIC_KEY_CALCULATE_CONTEXT_SIZE 0 + +// All CC310 curve types share the same data structures for keys +typedef nrf_crypto_backend_cc310_ecc_private_key_t nrf_crypto_backend_secp224k1_private_key_t; +typedef nrf_crypto_backend_cc310_ecc_public_key_t nrf_crypto_backend_secp224k1_public_key_t; + +// All CC310 curve types share the same data structures for context +typedef nrf_crypto_backend_cc310_key_pair_generate_context_t + nrf_crypto_backend_secp224k1_key_pair_generate_context_t; + +// Dummy typedef for unused context +typedef uint32_t nrf_crypto_backend_secp224k1_public_key_calculate_context_t; + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP224K1) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP256K1) + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_ECC_SECP256K1) +#error "More than one backend enabled for secp256k1 (Koblitz 256-bit)."); +#endif +#define NRF_CRYPTO_ECC_SECP256K1_ENABLED 1 + +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp256k1_key_pair_generate nrf_crypto_backend_cc310_key_pair_generate +#define nrf_crypto_backend_secp256k1_public_key_calculate NULL +#define nrf_crypto_backend_secp256k1_private_key_from_raw nrf_crypto_backend_cc310_private_key_from_raw +#define nrf_crypto_backend_secp256k1_private_key_to_raw nrf_crypto_backend_cc310_private_key_to_raw +#define nrf_crypto_backend_secp256k1_public_key_from_raw nrf_crypto_backend_cc310_public_key_from_raw +#define nrf_crypto_backend_secp256k1_public_key_to_raw nrf_crypto_backend_cc310_public_key_to_raw +#define nrf_crypto_backend_secp256k1_private_key_free NULL +#define nrf_crypto_backend_secp256k1_public_key_free NULL + +// Context sizes required by CC310 +#define NRF_CRYPTO_BACKEND_SECP256K1_KEY_PAIR_GENERATE_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_key_pair_generate_context_t) +#define NRF_CRYPTO_BACKEND_SECP256K1_PUBLIC_KEY_CALCULATE_CONTEXT_SIZE 0 + +// All CC310 curve types share the same data structures for keys +typedef nrf_crypto_backend_cc310_ecc_private_key_t nrf_crypto_backend_secp256k1_private_key_t; +typedef nrf_crypto_backend_cc310_ecc_public_key_t nrf_crypto_backend_secp256k1_public_key_t; + +// All CC310 curve types share the same data structures for context +typedef nrf_crypto_backend_cc310_key_pair_generate_context_t + nrf_crypto_backend_secp256k1_key_pair_generate_context_t; + +// Dummy typedef for unused context +typedef uint32_t nrf_crypto_backend_secp256k1_public_key_calculate_context_t; + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP256K1) + + +#ifdef __cplusplus +} +#endif + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +#endif // CC310_BACKEND_ECC_H__ diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_ecdh.c b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_ecdh.c new file mode 100644 index 0000000..48c2e5c --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_ecdh.c @@ -0,0 +1,131 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include "sdk_config.h" +#include "nordic_common.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +#include <string.h> + +#include "nrf_crypto_ecc_shared.h" +#include "nrf_crypto_ecdh_shared.h" +#include "nrf_crypto_ecdh.h" +#include "nrf_crypto_mem.h" +#include "cc310_backend_mutex.h" +#include "cc310_backend_shared.h" +#include "cc310_backend_ecdh.h" + + +ret_code_t nrf_crypto_backend_cc310_ecdh_compute( + void * p_context, + void const * p_private_key, + void const * p_public_key, + uint8_t * p_shared_secret) +{ + ret_code_t result; + CRYSError_t crys_error; + uint32_t shared_secret_size; + uint8_t aligned_buffer[(NRF_CRYPTO_ECDH_SHARED_SECRET_MAX_SIZE + 3) & ~3]; + uint8_t * p_output_buffer; + bool mutex_locked; + + nrf_crypto_backend_cc310_ecdh_compute_context_t * p_ctx = + (nrf_crypto_backend_cc310_ecdh_compute_context_t *)p_context; + + nrf_crypto_backend_cc310_ecc_private_key_t * p_prv = + (nrf_crypto_backend_cc310_ecc_private_key_t *)p_private_key; + + nrf_crypto_backend_cc310_ecc_public_key_t * p_pub = + (nrf_crypto_backend_cc310_ecc_public_key_t *)p_public_key; + + nrf_crypto_ecc_curve_info_t const * p_info = p_prv->header.p_info; + + result = nrf_crypto_backend_cc310_ecc_public_key_convert(p_pub, &p_ctx->key_build_temp_data); + if (result != NRF_SUCCESS) + { + return result; + } + + shared_secret_size = p_info->raw_private_key_size; + + if ((shared_secret_size & 3) != 0) // Check if shared_secret_size is word aligned + { + shared_secret_size = (shared_secret_size + 3) & ~3; + p_output_buffer = &aligned_buffer[0]; + } + else + { + p_output_buffer = p_shared_secret; + } + + mutex_locked = cc310_backend_mutex_trylock(); + if (!mutex_locked) + { + return NRF_ERROR_CRYPTO_BUSY; + } + + cc310_backend_enable(); + + crys_error = CRYS_ECDH_SVDP_DH(&p_pub->key.cc310_public_key, + &p_prv->private_key, + p_output_buffer, + &shared_secret_size, + &p_ctx->temp_data); + + cc310_backend_disable(); + + cc310_backend_mutex_unlock(); + + if (p_output_buffer != p_shared_secret) + { + //lint -save -e645 (Symbol 'aligned_buffer' may not have been initialized) + memcpy(p_shared_secret, + &aligned_buffer[3 - ((p_info->raw_private_key_size + 3) & 3)], // Bytes at the beginning that were added during padding are now skipped + p_info->raw_private_key_size); + //lint -restore + } + + result = nrf_crypto_backend_cc310_ecc_error_convert(crys_error); + return result; +} + + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_ecdh.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_ecdh.h new file mode 100644 index 0000000..0fe1dc4 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_ecdh.h @@ -0,0 +1,182 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#ifndef CC310_BACKEND_ECDH_H__ +#define CC310_BACKEND_ECDH_H__ + +#include "sdk_config.h" +#include "nordic_common.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +#include "nrf_crypto_ecc.h" +#include "nrf_crypto_ecdh_shared.h" +#include "crys_ecpki_dh.h" + + +#ifdef __cplusplus +extern "C" { +#endif + + +/** @internal @brief Common structure holding context for ECDH. + */ +typedef union +{ + CRYS_ECDH_TempData_t temp_data; /**< @internal @brief Temporary buffer for CC310 internal storage */ + CRYS_ECPKI_BUILD_TempData_t key_build_temp_data; /**< @internal @brief Temporary buffer for CC310 public key build */ +} nrf_crypto_backend_cc310_ecdh_compute_context_t; + + +/** @internal See @ref nrf_crypto_backend_ecdh_compute_fn_t. + */ +ret_code_t nrf_crypto_backend_cc310_ecdh_compute( + void * p_context, + void const * p_private_key, + void const * p_public_key, + uint8_t * p_shared_secret); + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP160R1) +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp160r1_ecdh_compute nrf_crypto_backend_cc310_ecdh_compute +#define NRF_CRYPTO_BACKEND_SECP160R1_ECDH_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_ecdh_compute_context_t) +typedef nrf_crypto_backend_cc310_ecdh_compute_context_t nrf_crypto_backend_secp160r1_ecdh_context_t; +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP160R1) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP160R2) +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp160r2_ecdh_compute nrf_crypto_backend_cc310_ecdh_compute +#define NRF_CRYPTO_BACKEND_SECP160R2_ECDH_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_ecdh_compute_context_t) +typedef nrf_crypto_backend_cc310_ecdh_compute_context_t nrf_crypto_backend_secp160r2_ecdh_context_t; +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP160R2) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP192R1) +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp192r1_ecdh_compute nrf_crypto_backend_cc310_ecdh_compute +#define NRF_CRYPTO_BACKEND_SECP192R1_ECDH_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_ecdh_compute_context_t) +typedef nrf_crypto_backend_cc310_ecdh_compute_context_t nrf_crypto_backend_secp192r1_ecdh_context_t; +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP192R1) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP224R1) +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp224r1_ecdh_compute nrf_crypto_backend_cc310_ecdh_compute +#define NRF_CRYPTO_BACKEND_SECP224R1_ECDH_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_ecdh_compute_context_t) +typedef nrf_crypto_backend_cc310_ecdh_compute_context_t nrf_crypto_backend_secp224r1_ecdh_context_t; +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP224R1) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP256R1) +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp256r1_ecdh_compute nrf_crypto_backend_cc310_ecdh_compute +#define NRF_CRYPTO_BACKEND_SECP256R1_ECDH_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_ecdh_compute_context_t) +typedef nrf_crypto_backend_cc310_ecdh_compute_context_t nrf_crypto_backend_secp256r1_ecdh_context_t; +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP256R1) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP384R1) +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp384r1_ecdh_compute nrf_crypto_backend_cc310_ecdh_compute +#define NRF_CRYPTO_BACKEND_SECP384R1_ECDH_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_ecdh_compute_context_t) +typedef nrf_crypto_backend_cc310_ecdh_compute_context_t nrf_crypto_backend_secp384r1_ecdh_context_t; +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP384R1) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP521R1) +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp521r1_ecdh_compute nrf_crypto_backend_cc310_ecdh_compute +#define NRF_CRYPTO_BACKEND_SECP521R1_ECDH_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_ecdh_compute_context_t) +typedef nrf_crypto_backend_cc310_ecdh_compute_context_t nrf_crypto_backend_secp521r1_ecdh_context_t; +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP521R1) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP160K1) +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp160k1_ecdh_compute nrf_crypto_backend_cc310_ecdh_compute +#define NRF_CRYPTO_BACKEND_SECP160K1_ECDH_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_ecdh_compute_context_t) +typedef nrf_crypto_backend_cc310_ecdh_compute_context_t nrf_crypto_backend_secp160k1_ecdh_context_t; +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP160K1) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP192K1) +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp192k1_ecdh_compute nrf_crypto_backend_cc310_ecdh_compute +#define NRF_CRYPTO_BACKEND_SECP192K1_ECDH_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_ecdh_compute_context_t) +typedef nrf_crypto_backend_cc310_ecdh_compute_context_t nrf_crypto_backend_secp192k1_ecdh_context_t; +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP192K1) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP224K1) +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp224k1_ecdh_compute nrf_crypto_backend_cc310_ecdh_compute +#define NRF_CRYPTO_BACKEND_SECP224K1_ECDH_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_ecdh_compute_context_t) +typedef nrf_crypto_backend_cc310_ecdh_compute_context_t nrf_crypto_backend_secp224k1_ecdh_context_t; +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP224K1) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP256K1) +// Aliases for one common CC310 implementation +#define nrf_crypto_backend_secp256k1_ecdh_compute nrf_crypto_backend_cc310_ecdh_compute +#define NRF_CRYPTO_BACKEND_SECP256K1_ECDH_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_ecdh_compute_context_t) +typedef nrf_crypto_backend_cc310_ecdh_compute_context_t nrf_crypto_backend_secp256k1_ecdh_context_t; +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP256K1) + + +#ifdef __cplusplus +} +#endif + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +#endif // CC310_BACKEND_ECDH_H__ diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_ecdsa.c b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_ecdsa.c new file mode 100644 index 0000000..69a1a86 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_ecdsa.c @@ -0,0 +1,223 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include "sdk_config.h" +#include "nordic_common.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +#include <string.h> +#include "ssi_pal_types.h" +#include "ssi_pal_mem.h" +#include "sns_silib.h" +#include "crys_rnd.h" +#include "crys_ecpki_ecdsa.h" +#include "crys_ecpki_error.h" +#include "crys_kdf_error.h" +#include "crys_hash_error.h" +#include "nrf_crypto_error.h" +#include "nrf_crypto_ecc_shared.h" +#include "nrf_crypto_ecdsa_shared.h" +#include "nrf_crypto_ecdsa.h" +#include "cc310_backend_ecdsa.h" +#include "cc310_backend_shared.h" +#include "cc310_backend_mutex.h" + + +#define CC310_SHA1_DIGEST_SIZE (160 / 8) /**< @internal @brief Digest size of SHA-1 */ +#define CC310_SHA224_DIGEST_SIZE (224 / 8) /**< @internal @brief Digest size of SHA-224 */ +#define CC310_SHA256_DIGEST_SIZE (256 / 8) /**< @internal @brief Digest size of SHA-256 */ +#define CC310_SHA384_DIGEST_SIZE (384 / 8) /**< @internal @brief Digest size of SHA-384 */ +#define CC310_SHA512_DIGEST_SIZE (512 / 8) /**< @internal @brief Digest size of SHA-512 */ + + +/** @internal @brief Returns enum value of @ref CRYS_ECPKI_HASH_OpMode_t based on provided hash size. + * + * @param[in] data_size Hash size + * @return Value from @ref CRYS_ECPKI_HASH_OpMode_t or CRYS_ECPKI_HASH_OpModeLast if + * cannot find implemented hash with provided size. + */ +static CRYS_ECPKI_HASH_OpMode_t hash_mode_from_size(uint32_t data_size) +{ + CRYS_ECPKI_HASH_OpMode_t hash_mode; + + switch (data_size) + { + case CC310_SHA1_DIGEST_SIZE: + hash_mode = CRYS_ECPKI_AFTER_HASH_SHA1_mode; + break; + + case CC310_SHA224_DIGEST_SIZE: + hash_mode = CRYS_ECPKI_AFTER_HASH_SHA224_mode; + break; + + case CC310_SHA256_DIGEST_SIZE: + hash_mode = CRYS_ECPKI_AFTER_HASH_SHA256_mode; + break; + + case CC310_SHA384_DIGEST_SIZE: + hash_mode = CRYS_ECPKI_AFTER_HASH_SHA384_mode; + break; + + case CC310_SHA512_DIGEST_SIZE: + hash_mode = CRYS_ECPKI_AFTER_HASH_SHA512_mode; + break; + + default: + hash_mode = CRYS_ECPKI_HASH_OpModeLast; + break; + } + + return hash_mode; +} + + +ret_code_t nrf_crypto_backend_cc310_sign( + void * p_context, + void const * p_private_key, + uint8_t const * p_data, + size_t data_size, + uint8_t * p_signature) +{ + ret_code_t result; + CRYSError_t crys_error; + uint32_t signature_size; + CRYS_ECPKI_HASH_OpMode_t hash_mode = hash_mode_from_size(data_size); + bool mutex_locked; + + nrf_crypto_backend_cc310_sign_context_t * p_ctx = + (nrf_crypto_backend_cc310_sign_context_t *)p_context; + + nrf_crypto_backend_cc310_ecc_private_key_t * p_prv = + (nrf_crypto_backend_cc310_ecc_private_key_t *)p_private_key; + + nrf_crypto_ecc_curve_info_t const * p_info = p_prv->header.p_info; + + if (hash_mode == CRYS_ECPKI_HASH_OpModeLast) + { + return NRF_ERROR_CRYPTO_INPUT_LENGTH; + } + + signature_size = p_info->raw_public_key_size; + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + cc310_backend_enable(); + + crys_error = CRYS_ECDSA_Sign(p_context, + nrf_crypto_backend_cc310_rng, + &p_ctx->user_context, + &p_prv->private_key, + hash_mode, + (uint8_t *)p_data, + data_size, + p_signature, + &signature_size); + + cc310_backend_disable(); + + cc310_backend_mutex_unlock(); + + result = nrf_crypto_backend_cc310_ecc_error_convert(crys_error); + + if (result == NRF_SUCCESS && signature_size != p_info->raw_public_key_size) + { + return NRF_ERROR_CRYPTO_INTERNAL; + } + + return result; +} + + +ret_code_t nrf_crypto_backend_cc310_verify( + void * p_context, + void const * p_public_key, + uint8_t const * p_data, + size_t data_size, + uint8_t const * p_signature) +{ + ret_code_t result; + CRYSError_t crys_error; + CRYS_ECPKI_HASH_OpMode_t hash_mode = hash_mode_from_size(data_size); + bool mutex_locked; + + nrf_crypto_backend_cc310_verify_context_t * p_ctx = + (nrf_crypto_backend_cc310_verify_context_t *)p_context; + + nrf_crypto_backend_cc310_ecc_public_key_t * p_pub = + (nrf_crypto_backend_cc310_ecc_public_key_t *)p_public_key; + + nrf_crypto_ecc_curve_info_t const * p_info = p_pub->header.p_info; + + result = nrf_crypto_backend_cc310_ecc_public_key_convert(p_pub, &p_ctx->key_build_temp_data); + if (result != NRF_SUCCESS) + { + return result; + } + + if (hash_mode == CRYS_ECPKI_HASH_OpModeLast) + { + return NRF_ERROR_CRYPTO_INPUT_LENGTH; + } + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + cc310_backend_enable(); + + crys_error = CRYS_ECDSA_Verify(&p_ctx->user_context, + &p_pub->key.cc310_public_key, + hash_mode, + (uint8_t *)p_signature, + p_info->raw_public_key_size, + (uint8_t *)p_data, + data_size); + + cc310_backend_disable(); + + cc310_backend_mutex_unlock(); + + result = nrf_crypto_backend_cc310_ecc_error_convert(crys_error); + return result; +} + + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_ecdsa.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_ecdsa.h new file mode 100644 index 0000000..b57c18e --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_ecdsa.h @@ -0,0 +1,234 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#ifndef CC310_BACKEND_ECDSA_H__ +#define CC310_BACKEND_ECDSA_H__ + +#include "sdk_config.h" +#include "nordic_common.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +#include "nrf_crypto_ecc_shared.h" +#include "nrf_crypto_ecdsa_shared.h" +#include "crys_ecpki_types.h" + + +#ifdef __cplusplus +extern "C" { +#endif + + +/** @internal @brief Common structure holding context for ECDSA sign. + */ +typedef struct +{ + CRYS_ECDSA_SignUserContext_t user_context; /**< @internal @brief Temporary buffer for CC310 internal storage */ +} nrf_crypto_backend_cc310_sign_context_t; + + +/** @internal @brief Common structure holding context for ECDSA verify. + */ +typedef union +{ + CRYS_ECDSA_VerifyUserContext_t user_context; /**< @internal @brief Temporary buffer for CC310 internal storage */ + CRYS_ECPKI_BUILD_TempData_t key_build_temp_data; /**< @internal @brief Temporary buffer for CC310 public key build */ +} nrf_crypto_backend_cc310_verify_context_t; + + +/** @internal See @ref nrf_crypto_backend_ecdsa_sign_fn_t. + */ +ret_code_t nrf_crypto_backend_cc310_sign( + void * p_context, + void const * p_private_key, + uint8_t const * p_data, + size_t data_size, + uint8_t * p_signature); + + +/** @internal See @ref nrf_crypto_backend_ecdsa_verify_fn_t. + */ +ret_code_t nrf_crypto_backend_cc310_verify( + void * p_context, + void const * p_public_key, + uint8_t const * p_data, + size_t data_size, + uint8_t const * p_signature); + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP160R1) +#define NRF_CRYPTO_BACKEND_SECP160R1_SIGN_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_sign_context_t) +#define NRF_CRYPTO_BACKEND_SECP160R1_VERIFY_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_verify_context_t) +typedef nrf_crypto_backend_cc310_sign_context_t nrf_crypto_backend_secp160r1_sign_context_t; +typedef nrf_crypto_backend_cc310_verify_context_t nrf_crypto_backend_secp160r1_verify_context_t; +#define nrf_crypto_backend_secp160r1_sign nrf_crypto_backend_cc310_sign +#define nrf_crypto_backend_secp160r1_verify nrf_crypto_backend_cc310_verify +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP160R2) +#define NRF_CRYPTO_BACKEND_SECP160R2_SIGN_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_sign_context_t) +#define NRF_CRYPTO_BACKEND_SECP160R2_VERIFY_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_verify_context_t) +typedef nrf_crypto_backend_cc310_sign_context_t nrf_crypto_backend_secp160r2_sign_context_t; +typedef nrf_crypto_backend_cc310_verify_context_t nrf_crypto_backend_secp160r2_verify_context_t; +#define nrf_crypto_backend_secp160r2_sign nrf_crypto_backend_cc310_sign +#define nrf_crypto_backend_secp160r2_verify nrf_crypto_backend_cc310_verify +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP192R1) +#define NRF_CRYPTO_BACKEND_SECP192R1_SIGN_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_sign_context_t) +#define NRF_CRYPTO_BACKEND_SECP192R1_VERIFY_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_verify_context_t) +typedef nrf_crypto_backend_cc310_sign_context_t nrf_crypto_backend_secp192r1_sign_context_t; +typedef nrf_crypto_backend_cc310_verify_context_t nrf_crypto_backend_secp192r1_verify_context_t; +#define nrf_crypto_backend_secp192r1_sign nrf_crypto_backend_cc310_sign +#define nrf_crypto_backend_secp192r1_verify nrf_crypto_backend_cc310_verify +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP224R1) +#define NRF_CRYPTO_BACKEND_SECP224R1_SIGN_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_sign_context_t) +#define NRF_CRYPTO_BACKEND_SECP224R1_VERIFY_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_verify_context_t) +typedef nrf_crypto_backend_cc310_sign_context_t nrf_crypto_backend_secp224r1_sign_context_t; +typedef nrf_crypto_backend_cc310_verify_context_t nrf_crypto_backend_secp224r1_verify_context_t; +#define nrf_crypto_backend_secp224r1_sign nrf_crypto_backend_cc310_sign +#define nrf_crypto_backend_secp224r1_verify nrf_crypto_backend_cc310_verify +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP256R1) +#define NRF_CRYPTO_BACKEND_SECP256R1_SIGN_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_sign_context_t) +#define NRF_CRYPTO_BACKEND_SECP256R1_VERIFY_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_verify_context_t) +typedef nrf_crypto_backend_cc310_sign_context_t nrf_crypto_backend_secp256r1_sign_context_t; +typedef nrf_crypto_backend_cc310_verify_context_t nrf_crypto_backend_secp256r1_verify_context_t; +#define nrf_crypto_backend_secp256r1_sign nrf_crypto_backend_cc310_sign +#define nrf_crypto_backend_secp256r1_verify nrf_crypto_backend_cc310_verify +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP384R1) +#define NRF_CRYPTO_BACKEND_SECP384R1_SIGN_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_sign_context_t) +#define NRF_CRYPTO_BACKEND_SECP384R1_VERIFY_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_verify_context_t) +typedef nrf_crypto_backend_cc310_sign_context_t nrf_crypto_backend_secp384r1_sign_context_t; +typedef nrf_crypto_backend_cc310_verify_context_t nrf_crypto_backend_secp384r1_verify_context_t; +#define nrf_crypto_backend_secp384r1_sign nrf_crypto_backend_cc310_sign +#define nrf_crypto_backend_secp384r1_verify nrf_crypto_backend_cc310_verify +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP521R1) +#define NRF_CRYPTO_BACKEND_SECP521R1_SIGN_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_sign_context_t) +#define NRF_CRYPTO_BACKEND_SECP521R1_VERIFY_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_verify_context_t) +typedef nrf_crypto_backend_cc310_sign_context_t nrf_crypto_backend_secp521r1_sign_context_t; +typedef nrf_crypto_backend_cc310_verify_context_t nrf_crypto_backend_secp521r1_verify_context_t; +#define nrf_crypto_backend_secp521r1_sign nrf_crypto_backend_cc310_sign +#define nrf_crypto_backend_secp521r1_verify nrf_crypto_backend_cc310_verify +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP160K1) +#define NRF_CRYPTO_BACKEND_SECP160K1_SIGN_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_sign_context_t) +#define NRF_CRYPTO_BACKEND_SECP160K1_VERIFY_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_verify_context_t) +typedef nrf_crypto_backend_cc310_sign_context_t nrf_crypto_backend_secp160k1_sign_context_t; +typedef nrf_crypto_backend_cc310_verify_context_t nrf_crypto_backend_secp160k1_verify_context_t; +#define nrf_crypto_backend_secp160k1_sign nrf_crypto_backend_cc310_sign +#define nrf_crypto_backend_secp160k1_verify nrf_crypto_backend_cc310_verify +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP192K1) +#define NRF_CRYPTO_BACKEND_SECP192K1_SIGN_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_sign_context_t) +#define NRF_CRYPTO_BACKEND_SECP192K1_VERIFY_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_verify_context_t) +typedef nrf_crypto_backend_cc310_sign_context_t nrf_crypto_backend_secp192k1_sign_context_t; +typedef nrf_crypto_backend_cc310_verify_context_t nrf_crypto_backend_secp192k1_verify_context_t; +#define nrf_crypto_backend_secp192k1_sign nrf_crypto_backend_cc310_sign +#define nrf_crypto_backend_secp192k1_verify nrf_crypto_backend_cc310_verify +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP224K1) +#define NRF_CRYPTO_BACKEND_SECP224K1_SIGN_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_sign_context_t) +#define NRF_CRYPTO_BACKEND_SECP224K1_VERIFY_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_verify_context_t) +typedef nrf_crypto_backend_cc310_sign_context_t nrf_crypto_backend_secp224k1_sign_context_t; +typedef nrf_crypto_backend_cc310_verify_context_t nrf_crypto_backend_secp224k1_verify_context_t; +#define nrf_crypto_backend_secp224k1_sign nrf_crypto_backend_cc310_sign +#define nrf_crypto_backend_secp224k1_verify nrf_crypto_backend_cc310_verify +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_ECC_SECP256K1) +#define NRF_CRYPTO_BACKEND_SECP256K1_SIGN_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_sign_context_t) +#define NRF_CRYPTO_BACKEND_SECP256K1_VERIFY_CONTEXT_SIZE \ + sizeof(nrf_crypto_backend_cc310_verify_context_t) +typedef nrf_crypto_backend_cc310_sign_context_t nrf_crypto_backend_secp256k1_sign_context_t; +typedef nrf_crypto_backend_cc310_verify_context_t nrf_crypto_backend_secp256k1_verify_context_t; +#define nrf_crypto_backend_secp256k1_sign nrf_crypto_backend_cc310_sign +#define nrf_crypto_backend_secp256k1_verify nrf_crypto_backend_cc310_verify +#endif + + +#ifdef __cplusplus +} +#endif + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +#endif // CC310_BACKEND_ECDSA_H__ diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_hash.c b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_hash.c new file mode 100644 index 0000000..b1f91e1 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_hash.c @@ -0,0 +1,311 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include "sdk_common.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +#include "nrf.h" +#include "cc310_backend_hash.h" +#include "crys_hash.h" +#include "crys_hash_error.h" +#include "nrf_crypto_init.h" +#include "nrf_crypto_types.h" +#include "nrf_crypto_error.h" +#include "nrf_crypto_hash_shared.h" +#include "sdk_macros.h" +#include "nrf_log.h" +#include "nrf_assert.h" +#include "cc310_backend_mutex.h" +#include "cc310_backend_shared.h" +#include <drivers/nrfx_common.h> + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HASH_SHA256) || \ + NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HASH_SHA512) + +static ret_code_t hash_result_get(CRYSError_t error) +{ + ret_code_t ret_val; + + switch (error) + { + case CRYS_OK: + ret_val = NRF_SUCCESS; + break; + + case CRYS_HASH_INVALID_USER_CONTEXT_POINTER_ERROR: + ret_val = NRF_ERROR_CRYPTO_CONTEXT_NULL; + break; + + case CRYS_HASH_ILLEGAL_OPERATION_MODE_ERROR: + ret_val = NRF_ERROR_CRYPTO_FEATURE_UNAVAILABLE; + break; + + case CRYS_HASH_USER_CONTEXT_CORRUPTED_ERROR: + ret_val = NRF_ERROR_CRYPTO_CONTEXT_NOT_INITIALIZED; + break; + + // May be added to specialized errors for hash. + case CRYS_HASH_LAST_BLOCK_ALREADY_PROCESSED_ERROR: + ret_val = NRF_ERROR_CRYPTO_INTERNAL; + break; + + case CRYS_HASH_IS_NOT_SUPPORTED: + ret_val = NRF_ERROR_CRYPTO_FEATURE_UNAVAILABLE; + break; + + default: + ret_val = NRF_ERROR_CRYPTO_INTERNAL; + break; + } + + return ret_val; +} + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HASH_SHA256) + +static ret_code_t cc310_backend_hash_sha256_init(void * const p_context) +{ + uint32_t ret_val; + CRYSError_t crys_error; + CRYS_HASH_OperationMode_t hash_mode = CRYS_HASH_SHA256_mode; + + // No parameter testing on this level. + // This has been done on upper level. + + CRYS_HASHUserContext_t * const p_backend_context + = &(((nrf_crypto_backend_hash_sha256_context_t *)p_context)->context); + + crys_error = CRYS_HASH_Init(p_backend_context, hash_mode); + + ret_val = hash_result_get(crys_error); + + return ret_val; +} + + +static ret_code_t cc310_backend_hash_sha256_update(void * const p_context, + uint8_t const * p_data, + size_t size) +{ + ret_code_t ret_val; + CRYSError_t crys_error; + bool mutex_locked; + size_t cur_len; + size_t len_left = size; + uint8_t const * p_cur = p_data; + + // Limited parameter testing on this level. + // This has been done on upper level. + + CRYS_HASHUserContext_t * const p_backend_context + = &(((nrf_crypto_backend_hash_sha256_context_t *)p_context)->context); + + // Data in flash could lead to silently calculating wrong Hash. + VERIFY_TRUE(nrfx_is_in_ram(p_data), NRF_ERROR_CRYPTO_INPUT_LOCATION); + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + cc310_backend_enable(); + + // If the input is larger than CC310_MAX_LENGTH_DMA_OPERATIONS, split into smaller + do + { + cur_len = (len_left > CC310_MAX_LENGTH_DMA_OPERATIONS) ? + CC310_MAX_LENGTH_DMA_OPERATIONS : len_left; + + crys_error = CRYS_HASH_Update(p_backend_context, (uint8_t *)p_cur, cur_len); + + len_left -= cur_len; + p_cur += cur_len; + + } while (crys_error == CRYS_OK && len_left > 0); + + cc310_backend_disable(); + + cc310_backend_mutex_unlock(); + + ret_val = hash_result_get(crys_error); + + + return ret_val; +} + + +static ret_code_t cc310_backend_hash_sha256_finalize(void * const p_context, + uint8_t * p_digest, + size_t * const p_digest_size) +{ + ret_code_t ret_val; + CRYSError_t crys_error; + bool mutex_locked; + CRYS_HASH_Result_t * p_int_digest = (CRYS_HASH_Result_t *)p_digest; + + // Limited parameter testing on this level. + // This has been done on upper level. + + CRYS_HASHUserContext_t * const p_backend_context + = &(((nrf_crypto_backend_hash_sha256_context_t * )p_context)->context); + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + // Do the hash finalize calculation + cc310_backend_enable(); + + crys_error = CRYS_HASH_Finish(p_backend_context, *p_int_digest); + + cc310_backend_disable(); + + cc310_backend_mutex_unlock(); + + ret_val = hash_result_get(crys_error); + if (ret_val == NRF_SUCCESS) + { + *p_digest_size = NRF_CRYPTO_HASH_SIZE_SHA256; + } + + return ret_val; +} + + +const nrf_crypto_hash_info_t g_nrf_crypto_hash_sha256_info = +{ + .init_fn = cc310_backend_hash_sha256_init, + .update_fn = cc310_backend_hash_sha256_update, + .finalize_fn = cc310_backend_hash_sha256_finalize, + .digest_size = NRF_CRYPTO_HASH_SIZE_SHA256, + .context_size = sizeof(nrf_crypto_backend_hash_sha256_context_t), + .hash_mode = NRF_CRYPTO_HASH_MODE_SHA256 +}; + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HASH_SHA256) + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HASH_SHA512) + +// SHA-512 does not use CC310 hardware and therefore will not use a mutex lock + +static ret_code_t cc310_backend_hash_sha512_init(void * p_context) +{ + uint32_t ret_val; + CRYSError_t crys_error; + CRYS_HASH_OperationMode_t hash_mode = CRYS_HASH_SHA512_mode; + + // No parameter testing on this level. + // This has been done on upper level. + + CRYS_HASHUserContext_t * const p_backend_context + = &(((nrf_crypto_backend_hash_sha512_context_t * ) p_context)->context); + + crys_error = CRYS_HASH_Init(p_backend_context, hash_mode); + ret_val = hash_result_get(crys_error); + + return ret_val; +} + + +static ret_code_t cc310_backend_hash_sha512_update(void * const p_context, + uint8_t const * p_data, + size_t size) +{ + ret_code_t ret_val; + CRYSError_t crys_error; + + // Limited parameter testing on this level. + // This has been done on upper level. + + CRYS_HASHUserContext_t * const p_backend_context + = &(((nrf_crypto_backend_hash_sha512_context_t *)p_context)->context); + + // Data in flash could lead to silently calculating wrong Hash. + VERIFY_TRUE(nrfx_is_in_ram(p_data), NRF_ERROR_CRYPTO_INPUT_LOCATION); + + crys_error = CRYS_HASH_Update(p_backend_context, (uint8_t *)p_data, size); + + ret_val = hash_result_get(crys_error); + + return ret_val; +} + + +static ret_code_t cc310_backend_hash_sha512_finalize(void * const p_context, + uint8_t * p_digest, + size_t * const p_digest_size) +{ + ret_code_t ret_val; + CRYSError_t crys_error; + CRYS_HASH_Result_t * p_int_digest = (CRYS_HASH_Result_t *)p_digest; + + // Limited parameter testing on this level. + // This has been done on upper level. + + CRYS_HASHUserContext_t * const p_backend_context + = &(((nrf_crypto_backend_hash_sha512_context_t *) p_context)->context); + + crys_error = CRYS_HASH_Finish(p_backend_context, *p_int_digest); + ret_val = hash_result_get(crys_error); + + if (ret_val == NRF_SUCCESS) + { + *p_digest_size = NRF_CRYPTO_HASH_SIZE_SHA512; + } + + return ret_val; +} + + +const nrf_crypto_hash_info_t g_nrf_crypto_hash_sha512_info = +{ + .init_fn = cc310_backend_hash_sha512_init, + .update_fn = cc310_backend_hash_sha512_update, + .finalize_fn = cc310_backend_hash_sha512_finalize, + .digest_size = NRF_CRYPTO_HASH_SIZE_SHA512, + .context_size = sizeof(nrf_crypto_backend_hash_sha512_context_t), + .hash_mode = NRF_CRYPTO_HASH_MODE_SHA512 +}; + + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HASH_SHA512) + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HASH_SHA256) || NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HASH_SHA512) + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) && #if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_hash.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_hash.h new file mode 100644 index 0000000..3da4dd3 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_hash.h @@ -0,0 +1,122 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#ifndef CC310_BACKEND_HASH_H__ +#define CC310_BACKEND_HASH_H__ + +/** @file + * + * @defgroup nrf_crypto_cc310_backend_hash nrf_crypto CC310 backend hash + * @{ + * @ingroup nrf_crypto_cc310_backend + * + * @brief Hash functionality provided by the nrf_crypto CC310 backend. + */ + +#include "sdk_common.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +#include "sdk_errors.h" +#include "nrf_crypto_hash_shared.h" +#include "crys_hash.h" + +#ifdef __cplusplus +extern "C" { +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HASH_SHA256) + +// Flag that nrf_crypto_hash frontend can be compiled +#undef NRF_CRYPTO_HASH_ENABLED +#define NRF_CRYPTO_HASH_ENABLED 1 + +// Flag that SHA-256 is enabled in backend +#if NRF_MODULE_ENABLED(NRF_CRYPTO_HASH_SHA256) +#error "Duplicate definition of SHA-256. More than one backend enabled"); +#endif +#define NRF_CRYPTO_HASH_SHA256_ENABLED 1 + + +/**@internal @brief nrf_crypto_hash context for SHA-256 in nrf_crypto CC310 backend. */ +typedef struct +{ + nrf_crypto_hash_internal_context_t header; /**< Common header for context. */ + CRYS_HASHUserContext_t context; /**< Hash context internal to CC310. */ +} nrf_crypto_backend_hash_sha256_context_t; + + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HASH_SHA256) + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HASH_SHA512) + +// Flag that nrf_crypto_hash frontend can be compiled +#undef NRF_CRYPTO_HASH_ENABLED +#define NRF_CRYPTO_HASH_ENABLED 1 + +// Duplicate backend enabled test for SHA-512 +#if NRF_MODULE_ENABLED(NRF_CRYPTO_HASH_SHA512) +#error "Duplicate definition of SHA-512. More than one backend enabled"); +#endif + +// Flag that SHA-512 is enabled in backend +#define NRF_CRYPTO_HASH_SHA512_ENABLED 1 + + +/**@internal @brief nrf_crypto_hash context for SHA-512 in nrf_crypto CC310 backend. */ +typedef struct +{ + nrf_crypto_hash_internal_context_t header; /**< Common header for context. */ + CRYS_HASHUserContext_t context; /**< Hash context internal to CC310. */ +} nrf_crypto_backend_hash_sha512_context_t; + + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HASH_SHA512) + +#ifdef __cplusplus +} +#endif + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +/**@} */ + +#endif // CC310_BACKEND_HASH_H__ diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_hmac.c b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_hmac.c new file mode 100644 index 0000000..2e909f9 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_hmac.c @@ -0,0 +1,273 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include "sdk_common.h" +#if NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +#include "sdk_common.h" +#include "nrf_log.h" +#include "nrf_crypto_hmac_shared.h" +#include "cc310_backend_hmac.h" +#include "nrf_crypto_error.h" +#include "nrf_crypto_types.h" +#include <drivers/nrfx_common.h> +#include "crys_hmac.h" +#include "crys_hmac_defs.h" +#include "crys_hmac_error.h" +#include "crys_hash.h" +#include "cc310_backend_mutex.h" +#include "cc310_backend_shared.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA256) || \ + NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA512) + +static ret_code_t result_get(CRYSError_t err_code) +{ + ret_code_t ret_val; + + switch (err_code) + { + case CRYS_OK: + ret_val = NRF_SUCCESS; + break; + + case CRYS_HMAC_INVALID_USER_CONTEXT_POINTER_ERROR: + ret_val = NRF_ERROR_CRYPTO_CONTEXT_NULL; + break; + + case CRYS_HMAC_USER_CONTEXT_CORRUPTED_ERROR: + ret_val = NRF_ERROR_CRYPTO_CONTEXT_NOT_INITIALIZED; + break; + + case CRYS_HMAC_DATA_IN_POINTER_INVALID_ERROR: + case CRYS_HMAC_INVALID_KEY_POINTER_ERROR: + ret_val = NRF_ERROR_CRYPTO_INPUT_NULL; + break; + + case CRYS_HMAC_INVALID_RESULT_BUFFER_POINTER_ERROR: + ret_val = NRF_ERROR_CRYPTO_OUTPUT_NULL; + break; + + case CRYS_HMAC_ILLEGAL_PARAMS_ERROR: + ret_val = NRF_ERROR_CRYPTO_INVALID_PARAM; + break; + + case CRYS_HMAC_UNVALID_KEY_SIZE_ERROR: + case CRYS_HMAC_DATA_SIZE_ILLEGAL: + ret_val = NRF_ERROR_CRYPTO_INPUT_LENGTH; + break; + + case CRYS_HMAC_ILLEGAL_OPERATION_MODE_ERROR: + case CRYS_HMAC_LAST_BLOCK_ALREADY_PROCESSED_ERROR: + case CRYS_HMAC_IS_NOT_SUPPORTED: + case CRYS_HMAC_CTX_SIZES_ERROR: + default: + ret_val = NRF_ERROR_CRYPTO_INTERNAL; + break; + } + return ret_val; +} + + +static ret_code_t cc310_backend_hmac_init(void * const p_context, + uint8_t const * p_key, + size_t key_size) +{ + CRYSError_t err_code; + CRYS_HASH_OperationMode_t hash_mode; + ret_code_t ret_val; + bool mutex_locked; + + + nrf_crypto_backend_cc310_hmac_context_t * p_ctx = + (nrf_crypto_backend_cc310_hmac_context_t *)p_context; + + switch (p_ctx->header.p_info->type) + { + case NRF_CRYPTO_HMAC_SHA256_TYPE: + { + hash_mode = CRYS_HASH_SHA256_mode; + } break; + case NRF_CRYPTO_HMAC_SHA512_TYPE: + { + hash_mode = CRYS_HASH_SHA512_mode; + } break; + default: + { + NRF_LOG_ERROR("Hash algorithm not supported by CC310 backend wrapper"); + return NRF_ERROR_CRYPTO_FEATURE_UNAVAILABLE; + } + } + + // Key in flash could lead to silently calculating wrong HMAC. + VERIFY_TRUE(nrfx_is_in_ram(p_key), NRF_ERROR_CRYPTO_INPUT_LOCATION); + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + cc310_backend_enable(); + + err_code = CRYS_HMAC_Init(&p_ctx->crys_context, hash_mode, (uint8_t *)p_key, key_size); + + cc310_backend_disable(); + + cc310_backend_mutex_unlock(); + + ret_val = result_get(err_code); + + return ret_val; +} + + +static ret_code_t cc310_backend_hmac_update(void * const p_context, + uint8_t const * p_data, + size_t size) +{ + CRYSError_t err_code; + ret_code_t ret_val; + bool mutex_locked; + size_t cur_len; + size_t len_left = size; + uint8_t const * p_cur = p_data; + + nrf_crypto_backend_cc310_hmac_context_t * p_ctx = + (nrf_crypto_backend_cc310_hmac_context_t *)p_context; + + // Data in flash could lead to silently calculating wrong HMAC. + VERIFY_TRUE(nrfx_is_in_ram(p_data), NRF_ERROR_CRYPTO_INPUT_LOCATION); + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + cc310_backend_enable(); + + // If the input is larger than CC310_MAX_LENGTH_DMA_OPERATIONS, split into smaller + do + { + cur_len = (len_left > CC310_MAX_LENGTH_DMA_OPERATIONS) ? + CC310_MAX_LENGTH_DMA_OPERATIONS : len_left; + + err_code = CRYS_HMAC_Update(&p_ctx->crys_context, (uint8_t *)p_cur, cur_len); + + len_left -= cur_len; + p_cur += cur_len; + + } while (err_code == CRYS_OK && len_left > 0); + + cc310_backend_disable(); + + cc310_backend_mutex_unlock(); + + ret_val = result_get(err_code); + + return ret_val; +} + + +static ret_code_t cc310_backend_hmac_finalize(void * const p_context, + uint8_t * p_digest, + size_t * const p_size) +{ + CRYSError_t err_code; + ret_code_t ret_val; + bool mutex_locked; + + nrf_crypto_backend_cc310_hmac_context_t * p_ctx = + (nrf_crypto_backend_cc310_hmac_context_t *)p_context; + + // Set the digest length to 0 so that this is used in case of any error. + *p_size = 0; + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + cc310_backend_enable(); + + err_code = CRYS_HMAC_Finish(&p_ctx->crys_context, p_ctx->crys_result); + + cc310_backend_disable(); + + cc310_backend_mutex_unlock(); + + ret_val = result_get(err_code); + if (err_code != NRF_SUCCESS) + { + return ret_val; + } + + *p_size = p_ctx->header.p_info->digest_size; + + memcpy(p_digest, p_ctx->crys_result, *p_size); + + return ret_val; +} + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA256) + +// Information structure for HMAC SHA256 using CC310 backend. +const nrf_crypto_hmac_info_t g_nrf_crypto_hmac_sha256_info = +{ + .init_fn = cc310_backend_hmac_init, + .update_fn = cc310_backend_hmac_update, + .finalize_fn = cc310_backend_hmac_finalize, + .digest_size = NRF_CRYPTO_HASH_SIZE_SHA256, + .context_size = sizeof(nrf_crypto_backend_hmac_sha256_context_t), + .type = NRF_CRYPTO_HMAC_SHA256_TYPE, +}; + +#endif // NRF_CRYPTO_BACKEND_CC310_HMAC_SHA256_ENABLED + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA512) + +// Information structure for HMAC SHA512 using CC310 backend. +const nrf_crypto_hmac_info_t g_nrf_crypto_hmac_sha512_info = +{ + .init_fn = cc310_backend_hmac_init, + .update_fn = cc310_backend_hmac_update, + .finalize_fn = cc310_backend_hmac_finalize, + .digest_size = NRF_CRYPTO_HASH_SIZE_SHA512, + .context_size = sizeof(nrf_crypto_backend_hmac_sha512_context_t), + .type = NRF_CRYPTO_HMAC_SHA512_TYPE, +}; + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA512) +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA256) || NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA512) +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_hmac.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_hmac.h new file mode 100644 index 0000000..ea065f1 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_hmac.h @@ -0,0 +1,123 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#ifndef CC310_BACKEND_HMAC_H__ +#define CC310_BACKEND_HMAC_H__ + +/** @file + * + * @defgroup nrf_crypto_cc310_backend_hmac CC310 backend for HMAC + * @{ + * @ingroup nrf_crypto_cc310_backend + * + * @brief Backend wrapper for CryptoCell (CC310). None of these types should be used directly by the + * application. + */ + +#include "sdk_common.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) && \ + ( NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA256) || \ + NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA512) ) + +#include "nrf_crypto_hmac_shared.h" +#include "crys_hmac.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#undef NRF_CRYPTO_HMAC_ENABLED +#define NRF_CRYPTO_HMAC_ENABLED 1 + + +/** + * @internal @brief Internal context object used by the CC310 backend wrapper. + * + * @details The same type is used for all variants (hash types). + * + * @note This should never be used directly. Use @ref nrf_crypto_backend_hmac_sha256_context_t or + * @ref nrf_crypto_backend_hmac_sha512_context_t instead. + */ +typedef struct +{ + nrf_crypto_hmac_internal_context_t header; //!< Internal nrf_crypto_hmac context header. + CRYS_HMACUserContext_t crys_context; //!< CC310 context object. + CRYS_HASH_Result_t crys_result; //!< Temporary result buffer needed as CC310 always requires a result buffer of 64 bytes, even when actual result is smaller. +} nrf_crypto_backend_cc310_hmac_context_t; + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA256) + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_HMAC_SHA256) +#error "Duplicate definition of HMAC SHA-256. More than one backend enabled" +#endif // NRF_CRYPTO_HMAC_SHA256_ENABLED +#define NRF_CRYPTO_HMAC_SHA256_ENABLED 1 + +/** + * @internal @brief Context for HMAC SHA256 using CC310 backend. + */ +typedef nrf_crypto_backend_cc310_hmac_context_t nrf_crypto_backend_hmac_sha256_context_t; + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA256) + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA512) + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_HMAC_SHA512) +#error "Duplicate definition of HMAC SHA-512. More than one backend enabled" +#endif // NRF_CRYPTO_HMAC_SHA512_ENABLED +#define NRF_CRYPTO_HMAC_SHA512_ENABLED 1 + +/** + * @internal @brief Context for HMAC SHA512 using CC310 backend. + */ +typedef nrf_crypto_backend_cc310_hmac_context_t nrf_crypto_backend_hmac_sha512_context_t; + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA256) + +#ifdef __cplusplus +} +#endif + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) && ( NRF_MODULE_ENABLED((NRF_CRYPTO_BACKEND_CC310_HMAC_SHA256) || NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_HMAC_SHA512) ) + +/**@} */ + +#endif // CC310_BACKEND_HMAC_H__ diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_init.c b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_init.c new file mode 100644 index 0000000..d930436 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_init.c @@ -0,0 +1,151 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include "sdk_common.h" +#if NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +#include "nrf.h" +#include "nrf_crypto_init.h" +#include "cc310_backend_shared.h" +#include "sns_silib.h" +#include "cc310_backend_mutex.h" +#include "nrf_crypto_rng.h" + +/**@internal @brief Function to enable CC310 (in HW) + */ +void cc310_backend_enable(void); + + +/**@internal @brief Function to disable CC310 (in HW) + */ +void cc310_backend_disable(void); + +static uint32_t init_result_get(uint32_t crys_error) +{ + uint32_t ret_val = NRF_ERROR_INTERNAL; + switch (crys_error) + { + case CRYS_OK: + ret_val = NRF_SUCCESS; + break; + + default: + ret_val = NRF_ERROR_INTERNAL; + break; + } + + return ret_val; +} + +static ret_code_t cc310_backend_init(void) +{ + uint32_t ret_val; + CRYSError_t crys_error; + + cc310_backend_mutex_init(); + + // Enable the CC310 HW. + NRF_CRYPTOCELL->ENABLE = 1; + + // Initialize the CC310 run-time library + crys_error = SaSi_LibInit(); + + // Shut down CC310 after initialization. + NRF_CRYPTOCELL->ENABLE = 0; + + ret_val = init_result_get(crys_error); + VERIFY_SUCCESS(ret_val); + +#if defined(NRF_CRYPTO_RNG_AUTO_INIT_ENABLED) && (NRF_CRYPTO_RNG_AUTO_INIT_ENABLED == 1) + + ret_val = nrf_crypto_rng_init(NULL, NULL); + VERIFY_SUCCESS(ret_val); + +#elif defined(NRF_CRYPTO_RNG_AUTO_INIT_ENABLED) && (NRF_CRYPTO_RNG_AUTO_INIT_ENABLED == 0) + + // Do nothing + +#else + + #warning NRF_CRYPTO_RNG_AUTO_INIT_ENABLED define not found in sdk_config.h (Is the sdk_config.h valid?). + +#endif // NRF_CRYPTO_RNG_AUTO_INIT_ENABLED + + return ret_val; +} + + +static ret_code_t cc310_backend_uninit(void) +{ +#if defined(NRF_CRYPTO_RNG_AUTO_INIT_ENABLED) && (NRF_CRYPTO_RNG_AUTO_INIT_ENABLED == 1) + + uint32_t ret_val; + ret_val = nrf_crypto_rng_init(NULL, NULL); + VERIFY_SUCCESS(ret_val); + +#elif defined(NRF_CRYPTO_RNG_AUTO_INIT_ENABLED) && (NRF_CRYPTO_RNG_AUTO_INIT_ENABLED == 0) + + // Do nothing + +#else + + #warning NRF_CRYPTO_RNG_AUTO_INIT_ENABLED define not found in sdk_config.h (Is the sdk_config.h valid?). + +#endif // NRF_CRYPTO_RNG_AUTO_INIT_ENABLED + + // Initialize the CC310 HW to do shutdown. + NRF_CRYPTOCELL->ENABLE = 1; + + SaSi_LibFini(); + + // Shut down CC310 after shutdown. + NRF_CRYPTOCELL->ENABLE = 0; + + return NRF_SUCCESS; +} + + +CRYPTO_BACKEND_REGISTER(nrf_crypto_backend_info_t const cc310_backend) = +{ + .init_fn = cc310_backend_init, + .uninit_fn = cc310_backend_uninit, +}; + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_mutex.c b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_mutex.c new file mode 100644 index 0000000..f383251 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_mutex.c @@ -0,0 +1,53 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include "sdk_common.h" +#include <drivers/nrfx_common.h> +#if NRF_MODULE_ENABLED(NRF_CRYPTO) + +#include <stdbool.h> +#include "cc310_backend_mutex.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +nrf_mtx_t g_cc310_mutex; + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_mutex.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_mutex.h new file mode 100644 index 0000000..3cd6241 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_mutex.h @@ -0,0 +1,111 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#ifndef CC310_BACKEND_MUTEX_H__ +#define CC310_BACKEND_MUTEX_H__ + +/** @file + * + * @defgroup nrf_crypto_cc310_backend_mutex nrf_crypto CC310 backend mutex. + * @{ + * @ingroup nrf_crypto_cc310_backend + * + * @brief Mutex control for the nrf_crypto CC310 backend. + */ + +#include "sdk_config.h" +#include "nrf_mtx.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) || NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_BL) + +#ifdef __cplusplus +extern "C" { +#endif + +extern nrf_mtx_t g_cc310_mutex; + +__STATIC_INLINE void cc310_backend_mutex_init(void); +__STATIC_INLINE bool cc310_backend_mutex_trylock(void); +__STATIC_INLINE void cc310_backend_mutex_unlock(void); + +#ifndef SUPPRESS_INLINE_IMPLEMENTATION +/**@internal @brief Function initializing CC310 mutex. + * + * This function _must_ be called before other mutex operations. + */ +__STATIC_INLINE void cc310_backend_mutex_init(void) +{ + nrf_mtx_init(&g_cc310_mutex); +} + +/**@internal @brief Function try to lock a CC310 mutex. + * + * @return true if lock was acquired, false if not. + */ +__STATIC_INLINE bool cc310_backend_mutex_trylock(void) +{ + return nrf_mtx_trylock(&g_cc310_mutex); +} + + +/**@internal @brief Unlock a CC310 mutex. + * + * This function _must_ only be called when holding the lock. Unlocking a mutex which you do not + * hold will give undefined behavior. + * + */ +__STATIC_INLINE void cc310_backend_mutex_unlock(void) +{ + nrf_mtx_unlock(&g_cc310_mutex); +} + +#endif // SUPPRESS_INLINE_IMPLEMENTATION + + +#ifdef __cplusplus +} +#endif + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) || NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_BL) + +/** @} */ + +#endif // CC310_BACKEND_MUTEX_H__ + diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_rng.c b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_rng.c new file mode 100644 index 0000000..25fd96e --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_rng.c @@ -0,0 +1,272 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include "sdk_common.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO) +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_RNG) + +#include "nrf_crypto_error.h" +#include "nrf_log.h" +#include "cc310_backend_mutex.h" +#include "cc310_backend_rng.h" +#include "crys_rnd.h" +#include "crys_rnd_error.h" +#include "cc310_backend_shared.h" + +static ret_code_t result_get(CRYSError_t err_code) +{ + ret_code_t ret_val; + + switch (err_code) + { + case CRYS_OK: + ret_val = NRF_SUCCESS; + break; + + case CRYS_RND_ILLEGAL_PARAMETER_ERROR: + ret_val = NRF_ERROR_CRYPTO_INVALID_PARAM; + break; + + case CRYS_RND_INIT_FAILED: + case CRYS_RND_STARTUP_FAILED: + case CRYS_RND_INSTANTIATION_ERROR: + ret_val = NRF_ERROR_CRYPTO_RNG_INIT_FAILED; + break; + + case CRYS_RND_IS_NOT_SUPPORTED: + case CRYS_RND_CAN_NOT_GENERATE_RAND_IN_RANGE: + case CRYS_RND_TRNG_KAT_NOT_SUPPORTED_ERROR: + case CRYS_RND_SRAM_NOT_SUPPORTED_ERROR: + case CRYS_RND_OPERATION_IS_NOT_SUPPORTED_ERROR: + ret_val = NRF_ERROR_CRYPTO_FEATURE_UNAVAILABLE; + break; + + case CRYS_RND_DATA_OUT_POINTER_INVALID_ERROR: + case CRYS_RND_VECTOR_OUT_PTR_ERROR: + ret_val = NRF_ERROR_CRYPTO_OUTPUT_NULL; + break; + + case CRYS_RND_ADDITIONAL_INPUT_BUFFER_NULL: + case CRYS_RND_WORK_BUFFER_PTR_INVALID_ERROR: + case CRYS_RND_ILLEGAL_DATA_PTR_ERROR: + ret_val = NRF_ERROR_CRYPTO_INPUT_NULL; + break; + + case CRYS_RND_DATA_SIZE_OVERFLOW_ERROR: + case CRYS_RND_ADDITIONAL_INPUT_SIZE_ERROR: + case CRYS_RND_ILLEGAL_DATA_SIZE_ERROR: + case CRYS_RND_MAX_VECTOR_IS_TOO_SMALL_ERROR: + ret_val = NRF_ERROR_CRYPTO_INPUT_LENGTH; + break; + + case CRYS_RND_ILLEGAL_AES_KEY_SIZE_ERROR: + case CRYS_RND_VECTOR_OUT_SIZE_ERROR: + case CRYS_RND_VECTOR_SIZE_ERROR: + ret_val = NRF_ERROR_CRYPTO_OUTPUT_LENGTH; + break; + + case CRYS_RND_CONTEXT_PTR_INVALID_ERROR: + case CRYS_RND_STATE_PTR_INVALID_ERROR: + ret_val = NRF_ERROR_CRYPTO_CONTEXT_NULL; + break; + + case CRYS_RND_INSTANTIATION_NOT_DONE_ERROR: + ret_val = NRF_ERROR_CRYPTO_CONTEXT_NOT_INITIALIZED; + break; + + case CRYS_RND_RESEED_COUNTER_OVERFLOW_ERROR: + ret_val = NRF_ERROR_CRYPTO_RNG_RESEED_REQUIRED; + break; + + case CRYS_RND_CPRNG_TEST_FAIL_ERROR: + case CRYS_RND_TRNG_LOSS_SAMPLES_ERROR: + case CRYS_RND_TRNG_TIME_EXCEED_ERROR: + case CRYS_RND_TRNG_LOSS_SAMPLES_AND_TIME_EXCEED_ERROR: + case CRYS_RND_IS_KAT_MODE_ERROR: + case CRYS_RND_STATE_VALIDATION_TAG_ERROR: + case CRYS_RND_GEN_VECTOR_FUNC_ERROR: + case CRYS_RND_TRNG_ERRORS_ERROR: + case CRYS_RND_KAT_DATA_PARAMS_ERROR: + case CRYS_RND_AES_ERROR: + default: + ret_val = NRF_ERROR_CRYPTO_INTERNAL; + break; + } + return ret_val; +} + + +ret_code_t nrf_crypto_rng_backend_init(void * const p_context, + void * const p_temp_buffer) +{ + bool mutex_locked; + CRYSError_t err_code; + ret_code_t ret_val; + CRYS_RND_WorkBuff_t * p_work_buffer = (CRYS_RND_WorkBuff_t *)p_temp_buffer; + nrf_crypto_backend_rng_context_t * p_ctx = (nrf_crypto_backend_rng_context_t *)p_context; + + // Save time by not reinitializing an already valid CC310 RNG context. + // (Useful for example in case the context was stored in retained memory during system OFF.) + if (p_ctx->header.init_value == NRF_CRYPTO_RNG_CONTEXT_INIT_MAGIC_VALUE) + { + return NRF_SUCCESS; + } + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + cc310_backend_enable(); + + err_code = CRYS_RndInit(&p_ctx->crys_rnd_state, p_work_buffer); + ret_val = result_get(err_code); + + cc310_backend_disable(); + + cc310_backend_mutex_unlock(); + + return ret_val; +} + + +ret_code_t nrf_crypto_rng_backend_uninit(void * const p_context) +{ + bool mutex_locked; + CRYSError_t err_code; + ret_code_t ret_val; + CRYS_RND_State_t * p_crys_rnd_state = + &((nrf_crypto_backend_rng_context_t *)p_context)->crys_rnd_state; + + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + cc310_backend_enable(); + + err_code = CRYS_RND_UnInstantiation(p_crys_rnd_state); + + cc310_backend_disable(); + + ret_val = result_get(err_code); + + cc310_backend_mutex_unlock(); + + return ret_val; +} + + +ret_code_t nrf_crypto_rng_backend_vector_generate(void * const p_context, + uint8_t * const p_target, + size_t size, + bool use_mutex) +{ + bool mutex_locked; + CRYSError_t err_code; + ret_code_t ret_val; + CRYS_RND_State_t * p_crys_rnd_state = + &((nrf_crypto_backend_rng_context_t *)p_context)->crys_rnd_state; + + if (use_mutex) + { + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + } + + cc310_backend_enable(); + + err_code = CRYS_RND_GenerateVector(p_crys_rnd_state, size, p_target); + + cc310_backend_disable(); + + ret_val = result_get(err_code); + + if (use_mutex) + { + cc310_backend_mutex_unlock(); + } + + return ret_val; +} + + +ret_code_t nrf_crypto_rng_backend_reseed(void * const p_context, + void * p_temp_buffer, + uint8_t * p_input_data, + size_t size) +{ + bool mutex_locked; + CRYSError_t err_code; + ret_code_t ret_val = NRF_SUCCESS; + CRYS_RND_WorkBuff_t * p_work_buffer = (CRYS_RND_WorkBuff_t *)p_temp_buffer; + CRYS_RND_State_t * p_crys_rnd_state = + &((nrf_crypto_backend_rng_context_t *)p_context)->crys_rnd_state; + + VERIFY_TRUE(size <= CRYS_RND_ADDITINAL_INPUT_MAX_SIZE_WORDS, NRF_ERROR_CRYPTO_INPUT_LENGTH); + VERIFY_TRUE((size & 0x3) == 0, NRF_ERROR_CRYPTO_INTERNAL); + + mutex_locked = cc310_backend_mutex_trylock(); + VERIFY_TRUE(mutex_locked, NRF_ERROR_CRYPTO_BUSY); + + cc310_backend_enable(); + + if (size > 0) + { + err_code = CRYS_RND_AddAdditionalInput(p_crys_rnd_state, p_input_data, size); + ret_val = result_get(err_code); + if (ret_val != NRF_SUCCESS) + { + goto exit; + } + } + + err_code = CRYS_RND_Reseeding(p_crys_rnd_state, p_work_buffer); + ret_val = result_get(err_code); + +exit: + cc310_backend_disable(); + cc310_backend_mutex_unlock(); + return ret_val; +} + + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_RNG) +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_rng.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_rng.h new file mode 100644 index 0000000..ab1806a --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_rng.h @@ -0,0 +1,97 @@ +/** + * Copyright (c) 2018 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#ifndef CC310_BACKEND_RNG_H__ +#define CC310_BACKEND_RNG_H__ + +/** @file + * + * @defgroup nrf_crypto_cc310_backend_rng nRF Crypto CC310 RNG backend + * @{ + * @ingroup nrf_crypto_cc310_backend + * + * @brief RNG functionality provided by the nrf_crypto CC310 backend. + */ + +#include "sdk_common.h" + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) +#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_RNG) + +#include "nrf_crypto_rng_shared.h" +#include "crys_rnd.h" + +#ifdef __cplusplus +extern "C" { +#endif + + +#if NRF_MODULE_ENABLED(NRF_CRYPTO_RNG) +#error "More than one RNG backend enabled." +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_RNG) +#define NRF_CRYPTO_RNG_ENABLED 1 + + +/** + * @internal @brief Internal context for CC310 RNG. + */ +typedef struct +{ + nrf_crypto_rng_internal_context_t header; //!< Internal common context header. + CRYS_RND_State_t crys_rnd_state; //!< CC310 RNG context +} nrf_crypto_backend_rng_context_t; + + +/** + * @internal @brief Temporary work buffer needed during initialization of the CC310 backend. + */ +typedef CRYS_RND_WorkBuff_t nrf_crypto_backend_rng_temp_buffer_t; + + +#ifdef __cplusplus +} +#endif + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310_RNG) +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +/**@} */ + +#endif // CC310_BACKEND_RNG_H__ diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_shared.c b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_shared.c new file mode 100644 index 0000000..d5f2351 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_shared.c @@ -0,0 +1,115 @@ +/** + * Copyright (c) 2017 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include "sdk_common.h" +#if NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) + +#include "nrf.h" +#include "cc310_backend_shared.h" +#include "nrf_crypto_error.h" +#include "nrf_crypto_rng.h" +#include "crys_rnd_error.h" +#include "nrf_crypto_shared.h" +#include "cc310_backend_shared.h" + + +static uint32_t m_use_count = 0; + +void cc310_backend_enable(void) +{ + m_use_count++; + + if (m_use_count == 1) + { + // Enable the CryptoCell hardware + NRF_CRYPTOCELL->ENABLE = 1; + + // Enable the CryptoCell IRQ + NVIC_EnableIRQ(CRYPTOCELL_IRQn); + } +} + +void cc310_backend_disable(void) +{ + m_use_count--; + + // If no more users. Disable HW/IRQ + if (m_use_count == 0) + { + // Disable the CryptoCell hardware + NRF_CRYPTOCELL->ENABLE = 0; + + // Disable the CryptoCell IRQ + NVIC_DisableIRQ(CRYPTOCELL_IRQn); + } +} + + +uint32_t nrf_crypto_backend_cc310_rng(void * p_state, uint16_t size, uint8_t * p_data) +{ +#if defined(NRF_CRYPTO_RNG_ENABLED) && (NRF_CRYPTO_RNG_ENABLED == 1) + + ret_code_t result = nrf_crypto_rng_vector_generate_no_mutex(p_data, (size_t)size); + if (result == NRF_SUCCESS) + { + return CRYS_OK; + } + else if (result == NRF_ERROR_CRYPTO_CONTEXT_NOT_INITIALIZED) + { + return CRYS_RND_INSTANTIATION_NOT_DONE_ERROR; + } + else + { + return CRYS_RND_IS_NOT_SUPPORTED; + } + +#elif defined(NRF_CRYPTO_RNG_ENABLED) && (NRF_CRYPTO_RNG_ENABLED == 0) + + return NRF_ERROR_CRYPTO_FEATURE_UNAVAILABLE; + +#else + + #warning NRF_CRYPTO_RNG_ENABLED define not found in sdk_config.h (Is the sdk_config.h valid?). + +#endif // NRF_CRYPTO_RNG_ENABLED +} + + +#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_CC310) diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_shared.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_shared.h new file mode 100644 index 0000000..56fae0e --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/components/libraries/crypto/backend/cc310/cc310_backend_shared.h @@ -0,0 +1,87 @@ +/** + * Copyright (c) 2017 - 2018, Nordic Semiconductor ASA + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form, except as embedded into a Nordic + * Semiconductor ASA integrated circuit in a product or a software update for + * such product, must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * 3. Neither the name of Nordic Semiconductor ASA nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * 4. This software, with or without modification, must only be used with a + * Nordic Semiconductor ASA integrated circuit. + * + * 5. Any software provided in binary form under this license must not be reverse + * engineered, decompiled, modified and/or disassembled. + * + * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#ifndef CC310_BACKEND_SHARED_H__ +#define CC310_BACKEND_SHARED_H__ + +/** @file + * + * @defgroup nrf_crypto_cc310_backend_shared nrf_crypto CC310 backend shared + * @{ + * @ingroup nrf_crypto_cc310_backend + * + * @brief Shared functionality for the nrf_crypto CC310 backend. + */ + +#ifdef __cplusplus +extern "C" { +#endif + +/**@internal @brief Macro definition for largest possible input data on CC310 DMA. */ +#define CC310_MAX_LENGTH_DMA_OPERATIONS (0xFFFF) +#define CC310_MAX_LENGTH_DMA_AES_OPERATIONS (0xFFF0) + + +/**@internal @brief Function to enable CC310 (in HW) + */ +void cc310_backend_enable(void); + + +/**@internal @brief Function to disable CC310 (in HW) + */ +void cc310_backend_disable(void); + + +/**@internal @brief Function to pass to CC310 library API as random number generator. It uses + * nrf_crypto libary frontend API to generate random number. + * @param[in,out] p_state Unused. Required by CC310 library API. + * @param[in] size Number of bytes in generated vector. + * @param[out] p_data Place where generated bytes will be written. + */ +uint32_t nrf_crypto_backend_cc310_rng(void * p_state, uint16_t size, uint8_t * p_data); + + +#ifdef __cplusplus +} +#endif + +/**@} */ + +#endif // CC310_BACKEND_SHARED_H__ |