diff options
Diffstat (limited to 'thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310/include/crys_ecpki_types.h')
| -rw-r--r-- | thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310/include/crys_ecpki_types.h | 478 |
1 files changed, 478 insertions, 0 deletions
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310/include/crys_ecpki_types.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310/include/crys_ecpki_types.h new file mode 100644 index 0000000..f32aa77 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310/include/crys_ecpki_types.h @@ -0,0 +1,478 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef CRYS_ECPKI_TYPES_H +#define CRYS_ECPKI_TYPES_H + +/*! +@file +@brief Contains all of the enums and definitions that are used for the CRYS ECPKI APIs. +@defgroup crys_ecpki_types CryptoCell ECC specific types +@{ +@ingroup cryptocell_ecpki +*/ + +#include "ssi_pal_types_plat.h" +#include "crys_hash.h" +#include "crys_pka_defs_hw.h" +#include "ssi_pal_compiler.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/************************ Defines ******************************/ +/*! Internal buffer size in words. */ +#define CRYS_PKA_DOMAIN_LLF_BUFF_SIZE_IN_WORDS (10 + 3*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS) + +/************************************************************************************** + * Enumerators + ***************************************************************************************/ + +/*------------------------------------------------------------------*/ +/*! Enumerator for the EC Domain idetifier + References: [13] - SEC 2: Recommended elliptic curve domain parameters. + Version 1.0. Certicom 2000. + [8] - WAP-261-WTLS-20010406-a, Version 06-April-2001. */ + +typedef enum +{ + /* For prime field */ + CRYS_ECPKI_DomainID_secp160k1, /*!< EC secp160r1 */ + CRYS_ECPKI_DomainID_secp160r1, /*!< EC secp160k1 */ + CRYS_ECPKI_DomainID_secp160r2, /*!< EC secp160r2 */ + CRYS_ECPKI_DomainID_secp192k1, /*!< EC secp192k1 */ + CRYS_ECPKI_DomainID_secp192r1, /*!< EC secp192r1 */ + CRYS_ECPKI_DomainID_secp224k1, /*!< EC secp224k1 */ + CRYS_ECPKI_DomainID_secp224r1, /*!< EC secp224r1 */ + CRYS_ECPKI_DomainID_secp256k1, /*!< EC secp256k1 */ + CRYS_ECPKI_DomainID_secp256r1, /*!< EC secp256r1 */ + CRYS_ECPKI_DomainID_secp384r1, /*!< EC secp384r1 */ + CRYS_ECPKI_DomainID_secp521r1, /*!< EC secp521r1 */ + + CRYS_ECPKI_DomainID_Builded, /*!< User given, not identified. */ + CRYS_ECPKI_DomainID_OffMode, /*!< Reserved.*/ + + CRYS_ECPKI_DomainIDLast = 0x7FFFFFFF, /*! Reserved.*/ + +}CRYS_ECPKI_DomainID_t; + + +/*------------------------------------------------------------------*/ +/*! Defines the enum for the HASH operation mode. + * The enumerator defines 6 HASH modes according to IEEE 1363. + * + */ +typedef enum +{ + CRYS_ECPKI_HASH_SHA1_mode = 0, /*!< The message data will be hashed with SHA1. */ + CRYS_ECPKI_HASH_SHA224_mode = 1, /*!< The message data will be hashed with SHA224. */ + CRYS_ECPKI_HASH_SHA256_mode = 2, /*!< The message data will be hashed with SHA256. */ + CRYS_ECPKI_HASH_SHA384_mode = 3, /*!< The message data will be hashed with SHA384. */ + CRYS_ECPKI_HASH_SHA512_mode = 4, /*!< The message data will be hashed with SHA512. */ + + CRYS_ECPKI_AFTER_HASH_SHA1_mode = 5, /*!< The message data is a digest of SHA1 and will not be hashed. */ + CRYS_ECPKI_AFTER_HASH_SHA224_mode = 6, /*!< The message data is a digest of SHA224 and will not be hashed. */ + CRYS_ECPKI_AFTER_HASH_SHA256_mode = 7, /*!< The message data is a digest of SHA256 and will not be hashed. */ + CRYS_ECPKI_AFTER_HASH_SHA384_mode = 8, /*!< The message data is a digest of SHA384 and will not be hashed. */ + CRYS_ECPKI_AFTER_HASH_SHA512_mode = 9, /*!< The message data is a digest of SHA512 and will not be hashed. */ + + + CRYS_ECPKI_HASH_NumOfModes, /*!< Maximal number of HASH modes. */ + CRYS_ECPKI_HASH_OpModeLast = 0x7FFFFFFF, /*!< Reserved. */ + +}CRYS_ECPKI_HASH_OpMode_t; + + +/*---------------------------------------------------*/ +/*! Enumerator for the EC point compression idetifier. */ +typedef enum +{ + CRYS_EC_PointCompressed = 2, /*!< Compressed point. */ + CRYS_EC_PointUncompressed = 4, /*!< Uncompressed point. */ + CRYS_EC_PointContWrong = 5, /*!< Wrong Point Control value. */ + CRYS_EC_PointHybrid = 6, /*!< Hybrid point. */ + + CRYS_EC_PointCompresOffMode = 8, /*!< Reserved. */ + + CRYS_ECPKI_PointCompressionLast= 0x7FFFFFFF, /*!< Reserved. */ + +}CRYS_ECPKI_PointCompression_t; + + +/*! EC key checks defintions. */ +typedef enum { + CheckPointersAndSizesOnly = 0, /*!< Only preliminary input parameters are checked. */ + ECpublKeyPartlyCheck = 1, /*!< Preliminary input parameters check and verify that EC PubKey point is on the curve. */ + ECpublKeyFullCheck = 2, /*!< All the above and in addition verifies that EC_GeneratorOrder*PubKey = O */ + + PublKeyChecingOffMode, /*! Reserved. */ + EC_PublKeyCheckModeLast = 0x7FFFFFFF, /*! Reserved. */ +}EC_PublKeyCheckMode_t; + +/*----------------------------------------------------*/ +/*! Defintion of sw SCA protection. */ +typedef enum { + SCAP_Inactive, /*! Inactive.*/ + SCAP_Active, /*! Active.*/ + SCAP_OFF_MODE, /*! Reserved. */ + SCAP_LAST = 0x7FFFFFFF /*! Reserved. */ +} CRYS_ECPKI_ScaProtection_t; + + +/************************************************************************************** + * EC Domain structure definition + ***************************************************************************************/ + +/*! The structure containing the EC domain parameters in little-endian form + EC equation: Y^2 = X^3 + A*X + B over prime fild GFp. */ +typedef struct { + + /*! EC modulus: P. */ + uint32_t ecP [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + /*! EC equation parameter a. */ + uint32_t ecA [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + /*! EC equation parameter b. */ + uint32_t ecB [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + /*! Order of generator. */ + uint32_t ecR [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 1]; + /*! EC cofactor EC_Cofactor_K + Generator (EC base point) coordinates in projective form. */ + uint32_t ecGx [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + /*! EC cofactor EC_Cofactor_K + Generator (EC base point) coordinates in projective form. */ + uint32_t ecGy [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + /*! EC cofactor EC_Cofactor_K + Generator (EC base point) coordinates in projective form. */ + uint32_t ecH; + /*! Specific fields that are used by the low level.*/ + uint32_t llfBuff[CRYS_PKA_DOMAIN_LLF_BUFF_SIZE_IN_WORDS]; + /*! Size of fields in bits. */ + uint32_t modSizeInBits; + /*! Order size in bits. */ + uint32_t ordSizeInBits; + /*! Size of each inserted Barret tag in words; 0 - if not inserted.*/ + uint32_t barrTagSizeInWords; + /*! EC Domain identifier.*/ + CRYS_ECPKI_DomainID_t DomainID; + + /*! Internal buffer. */ + int8_t name[20]; + +} CRYS_ECPKI_Domain_t; + + + +/************************************************************************************** + * EC point structures definitions + ***************************************************************************************/ + +/*! The structure containing the EC point in affine coordinates + and little endian form. */ +typedef struct +{ + /*! Point coordinate X. */ + uint32_t x[CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + /*! Point coordinate Y. */ + uint32_t y[CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + +}CRYS_ECPKI_PointAffine_t; + + +/************************************************************************************** + * ECPKI public and private key Structures + ***************************************************************************************/ + +/* --------------------------------------------------------------------- */ +/* .................. The public key structures definitions ............ */ +/* --------------------------------------------------------------------- */ + +/*! The structure containing the Public Key in affine coordinates.*/ +typedef struct +{ + /*! Public Key coordinate X.*/ + uint32_t x[CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + /*! Public Key coordinate Y.*/ + uint32_t y[CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + /*! EC Domain.*/ + CRYS_ECPKI_Domain_t domain; + /*! Point type.*/ + uint32_t pointType; +} CRYS_ECPKI_PublKey_t; + +/*! The EC public key's user structure prototype. This structure must be saved by the user, and is used as input to the ECC functions +(such as ::CRYS_ECDSA_Verify etc.). */ +typedef struct CRYS_ECPKI_UserPublKey_t +{ + /*! Validation tag.*/ + uint32_t valid_tag; + /*! Public key data. */ + uint32_t PublKeyDbBuff[(sizeof(CRYS_ECPKI_PublKey_t)+3)/4]; + +} CRYS_ECPKI_UserPublKey_t; + + +/* --------------------------------------------------------------------- */ +/* .................. The private key structures definitions ........... */ +/* --------------------------------------------------------------------- */ + +/*! Structure containing the Private key data. */ +typedef struct +{ + /*! Private Key data. */ + uint32_t PrivKey[CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 1]; + /*! Domain. */ + CRYS_ECPKI_Domain_t domain; + /*! SCA protection mode. */ + CRYS_ECPKI_ScaProtection_t scaProtection; + +}CRYS_ECPKI_PrivKey_t; + + +/*! The EC private key's user structure prototype. This structure must be saved by the user, and is used as input to the ECC functions +(such as ::CRYS_ECDSA_Sign etc.). */ +typedef struct CRYS_ECPKI_UserPrivKey_t +{ + /*! Validation tag. */ + uint32_t valid_tag; + /*! Private key data. */ + uint32_t PrivKeyDbBuff[(sizeof(CRYS_ECPKI_PrivKey_t)+3)/4]; + +} CRYS_ECPKI_UserPrivKey_t; + +/*! ECDH temporary data type */ +typedef struct CRYS_ECDH_TempData_t +{ + /*! Temporary buffers. */ + uint32_t crysEcdhIntBuff[CRYS_PKA_ECDH_BUFF_MAX_LENGTH_IN_WORDS]; +}CRYS_ECDH_TempData_t; + +/*! EC build temporary data. */ +typedef struct CRYS_ECPKI_BUILD_TempData_t +{ + /*! Temporary buffers. */ + uint32_t crysBuildTmpIntBuff[CRYS_PKA_ECPKI_BUILD_TMP_BUFF_MAX_LENGTH_IN_WORDS]; +}CRYS_ECPKI_BUILD_TempData_t; + + + +/************************************************************************** + * CRYS ECDSA context structures + **************************************************************************/ + +/* --------------------------------------------------------------------- */ +/* CRYS ECDSA Signing context structure */ +/* --------------------------------------------------------------------- */ +/*! Internal buffer used in the signing process. */ +typedef uint32_t CRYS_ECDSA_SignIntBuff[CRYS_PKA_ECDSA_SIGN_BUFF_MAX_LENGTH_IN_WORDS]; + +/*! Context definition for Signing operation. */ +typedef struct +{ + /*! Private Key data. */ + CRYS_ECPKI_UserPrivKey_t ECDSA_SignerPrivKey; + + /*! HASH context. */ + CRYS_HASHUserContext_t hashUserCtxBuff; + /*! HASH result buffer. */ + CRYS_HASH_Result_t hashResult; + /*! HASH result size in words. */ + uint32_t hashResultSizeWords; + /*! HASH mode. */ + CRYS_ECPKI_HASH_OpMode_t hashMode; + /*! Internal buffer. */ + CRYS_ECDSA_SignIntBuff crysEcdsaSignIntBuff; +}ECDSA_SignContext_t; + + +/* --------------------------------------------------------------------- */ +/* CRYS ECDSA Signing User context database */ +/* --------------------------------------------------------------------- */ + +/*! User's context definition for signing operation. The context saves the state of the operation and must be saved by the user + till the end of the APIs flow */ +typedef struct CRYS_ECDSA_SignUserContext_t +{ + /*! Signing process data. */ + uint32_t context_buff [(sizeof(ECDSA_SignContext_t)+3)/4]; + /*! Validation tag*/ + uint32_t valid_tag; +} CRYS_ECDSA_SignUserContext_t; + + + +/****************************************************************************/ + +/* --------------------------------------------------------------------- */ +/* CRYS ECDSA Verifying context structure */ +/* --------------------------------------------------------------------- */ +/*! Internal buffer used in the verification process. */ +typedef uint32_t CRYS_ECDSA_VerifyIntBuff[CRYS_PKA_ECDSA_VERIFY_BUFF_MAX_LENGTH_IN_WORDS]; + +/*! Context definition for verification operation. */ +typedef struct +{ + /*! Public key data. */ + CRYS_ECPKI_UserPublKey_t ECDSA_SignerPublKey; + + /*! HASH context. */ + CRYS_HASHUserContext_t hashUserCtxBuff; + /*! HASH result. */ + CRYS_HASH_Result_t hashResult; + /*! HASH result size in words. */ + uint32_t hashResultSizeWords; + /*! HASH mode. */ + CRYS_ECPKI_HASH_OpMode_t hashMode; + /*! Internal buffer. */ + CRYS_ECDSA_VerifyIntBuff crysEcdsaVerIntBuff; + +}ECDSA_VerifyContext_t; + + +/* --------------------------------------------------------------------- */ +/* CRYS ECDSA Verifying User context database */ +/* --------------------------------------------------------------------- */ +/*! User's context definition for verification operation. The context saves the state of the operation and must be saved by the user + till the end of the APIs flow */ +typedef struct CRYS_ECDSA_VerifyUserContext_t +{ + /*! Verification process data. */ + uint32_t context_buff[(sizeof(ECDSA_VerifyContext_t)+3)/4]; + /*! Validation tag. */ + uint32_t valid_tag; +}CRYS_ECDSA_VerifyUserContext_t; + + + + +/* --------------------------------------------------------------------- */ +/* .................. key generation temp buffer ........... */ +/* --------------------------------------------------------------------- */ + +/*! ECPKI KG temporary data type */ +typedef struct CRYS_ECPKI_KG_TempData_t +{ + /*! Internal buffer. */ + uint32_t crysKGIntBuff[CRYS_PKA_KG_BUFF_MAX_LENGTH_IN_WORDS]; +}CRYS_ECPKI_KG_TempData_t; + +/*! ECIES temporary data definition. */ +typedef struct CRYS_ECIES_TempData_t { + + /*! Private key data. */ + CRYS_ECPKI_UserPrivKey_t PrivKey; + /*! Public key data. */ + CRYS_ECPKI_UserPublKey_t PublKey; + /*! Internal buffer. */ + uint32_t zz[3*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 1]; + /*! Internal buffers. */ + union { + CRYS_ECPKI_BUILD_TempData_t buildTempbuff; + CRYS_ECPKI_KG_TempData_t KgTempBuff; + CRYS_ECDH_TempData_t DhTempBuff; + } tmp; + +}CRYS_ECIES_TempData_t; + + +/* --------------------------------------------------------------------- */ +/* .................. defines for FIPS ........... */ +/* --------------------------------------------------------------------- */ + +/*! Order length for the FIPS ECC tests. */ +#define CRYS_ECPKI_FIPS_ORDER_LENGTH (256/SASI_BITS_IN_BYTE) // the order of secp256r1 in bytes + +/*! Context definition required for internal FIPS verification for ECPKI key generation. */ +typedef struct CRYS_ECPKI_KG_FipsContext_t +{ + /*! Signing and verification data. */ + union { + CRYS_ECDSA_SignUserContext_t signCtx; + CRYS_ECDSA_VerifyUserContext_t verifyCtx; + }operationCtx; + /*! Internal buffer. */ + uint32_t signBuff[2*CRYS_ECPKI_ORDER_MAX_LENGTH_IN_WORDS]; +}CRYS_ECPKI_KG_FipsContext_t; + + + +/*! Context defintion, required for internal FIPS verification for ECDSA KAT. * +* The ECDSA KAT tests defined for domain 256r1. */ +typedef struct CRYS_ECDSAFipsKatContext_t{ + /*! Key data. */ + union { + /*! Private key data. */ + struct { + CRYS_ECPKI_UserPrivKey_t PrivKey; + CRYS_ECDSA_SignUserContext_t signCtx; + }userSignData; + /*! Public key data. */ + struct { + CRYS_ECPKI_UserPublKey_t PublKey; + union { + CRYS_ECDSA_VerifyUserContext_t verifyCtx; + CRYS_ECPKI_BUILD_TempData_t tempData; + }buildOrVerify; + }userVerifyData; + }keyContextData; + /*! Internal buffer. */ + uint8_t signBuff[2*CRYS_ECPKI_FIPS_ORDER_LENGTH]; +}CRYS_ECDSAFipsKatContext_t; + +/*! Context definition, required for internal FIPS verification for ECDH KAT. */ +typedef struct CRYS_ECDHFipsKatContext_t{ + /*! Public key data. */ + CRYS_ECPKI_UserPublKey_t pubKey; + /*! Private key data. */ + CRYS_ECPKI_UserPrivKey_t privKey; + /*! Internal buffers. */ + union { + CRYS_ECPKI_BUILD_TempData_t ecpkiTempData; + CRYS_ECDH_TempData_t ecdhTempBuff; + }tmpData; + /*! Buffer for the secret key. */ + uint8_t secretBuff[CRYS_ECPKI_FIPS_ORDER_LENGTH]; +}CRYS_ECDHFipsKatContext_t; + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif |