diff options
Diffstat (limited to 'thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include')
16 files changed, 2542 insertions, 0 deletions
diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/crys_aesccm.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/crys_aesccm.h new file mode 100644 index 0000000..c6a3392 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/crys_aesccm.h @@ -0,0 +1,315 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef CRYS_AESCCM_H +#define CRYS_AESCCM_H + +#include "ssi_pal_types.h" +#include "crys_error.h" + +#include "ssi_aes.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief This file contains all of the enums and definitions that are used for the CRYS AESCCM APIs, as well as the APIs themselves. +The API supports AES-CCM and AES-CCM* as defined in ieee-802.15.4. +@defgroup crys_aesccm CryptoCell AES-CCM APIs +@{ +@ingroup cryptocell_api + + +@note +Regarding the AES-CCM*, the API supports only AES-CCM* as defined in ieee-802.15.4-2011; With the instantiations as defined in B.3.2 and the nonce as defined in 7.3.2. +in case of AES-CCM* the flow should be as follows: +<ul><li>AES-CCM* integrated</li> + <ul><li>CRYS_AESCCMStar_NonceGenerate</li> + <li>CRYS_AESCCMStar</li></ul></ul> +<ul><li>AES-CCM* non-integrated</li> + <ul><li>CRYS_AESCCMStar_NonceGenerate</li> + <li>CRYS_AESCCMStar_Init</li> + <li>CRYS_AESCCM_BlockAdata</li> + <li>CRYS_AESCCM_BlockTextData</li> + <li>CRYS_AESCCM_Finish</li></ul></ul> +*/ + +/************************ Defines ******************************/ + +/*! AES CCM context size in words.*/ +#define CRYS_AESCCM_USER_CTX_SIZE_IN_WORDS (152/4) + +/*! AES CCM maximal key size in words. */ +#define CRYS_AESCCM_KEY_SIZE_WORDS 8 + +/* nonce and AESCCM-MAC sizes definitions */ +/*! AES CCM NONCE minimal size in bytes. */ +#define CRYS_AESCCM_NONCE_MIN_SIZE_BYTES 7 +/*! AES CCM NONCE maximal size in bytes. */ +#define CRYS_AESCCM_NONCE_MAX_SIZE_BYTES 13 +/*! AES CCM MAC minimal size in bytes..*/ +#define CRYS_AESCCM_MAC_MIN_SIZE_BYTES 4 +/*! AES CCM MAC maximal size in bytes. */ +#define CRYS_AESCCM_MAC_MAX_SIZE_BYTES 16 + +/*! AES CCM star NONCE size in bytes. */ +#define CRYS_AESCCM_STAR_NONCE_SIZE_BYTES 13 +/*! AES CCM star source address size in bytes. */ +#define CRYS_AESCCM_STAR_SOURCE_ADDRESS_SIZE_BYTES 8 + +/*! AES CCM mode - CCM. */ +#define CRYS_AESCCM_MODE_CCM 0 +/*! AES CCM mode - CCM STAR. */ +#define CRYS_AESCCM_MODE_STAR 1 + + +/************************ Typedefs ****************************/ +/*! AES CCM key sizes. */ +typedef enum { + /*! Key size 128 bits. */ + CRYS_AES_Key128BitSize = 0, + /*! Key size 192 bits. */ + CRYS_AES_Key192BitSize = 1, + /*! Key size 256 bits. */ + CRYS_AES_Key256BitSize = 2, + /*! Key size 512 bits. */ + CRYS_AES_Key512BitSize = 3, + /*! Number of optional key sizes. */ + CRYS_AES_KeySizeNumOfOptions, + /*! Reserved. */ + CRYS_AES_KeySizeLast = 0x7FFFFFFF, + +}CRYS_AESCCM_KeySize_t; + +/*! AES_CCM key buffer definition.*/ +typedef uint8_t CRYS_AESCCM_Key_t[CRYS_AESCCM_KEY_SIZE_WORDS * sizeof(uint32_t)]; +/*! AES_CCM MAC buffer definition.*/ +typedef uint8_t CRYS_AESCCM_Mac_Res_t[SASI_AES_BLOCK_SIZE_IN_BYTES]; + +/*! AES_CCM_STAR source address buffer defintion. */ +typedef uint8_t CRYS_AESCCMStar_SourceAddress_t[CRYS_AESCCM_STAR_SOURCE_ADDRESS_SIZE_BYTES]; +/*! AES_CCM_STAR Nonce buffer defintion. */ +typedef uint8_t CRYS_AESCCMStar_Nonce_t[CRYS_AESCCM_STAR_NONCE_SIZE_BYTES]; + +/******************* Context Structure ***********************/ +/*! The user's context structure - the argument type that is passed by the user to the AES CCM APIs */ +typedef struct CRYS_AESCCM_UserContext_t +{ + /*! AES CCM context buffer for internal usage. */ + uint32_t buff[CRYS_AESCCM_USER_CTX_SIZE_IN_WORDS]; +}CRYS_AESCCM_UserContext_t; + + +/************************ Public Functions **********************/ + +/*! +@brief This function initializes the AES CCM context. + +It formats of the input data, calculates AES-MAC value for the formatted B0 block containing control information and +CCM unique value (Nonce), and initializes the AES context structure including the initial CTR0 value. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_aesccm_error.h. +*/ +CRYSError_t CC_AESCCM_Init( + CRYS_AESCCM_UserContext_t *ContextID_ptr, /*!< [in] Pointer to the AES context buffer that is allocated by the user and is used for + the AES operation. */ + SaSiAesEncryptMode_t EncrDecrMode, /*!< [in] Flag specifying whether Encrypt (::SASI_AES_ENCRYPT) or Decrypt + (::SASI_AES_DECRYPT) operation should be performed. */ + CRYS_AESCCM_Key_t CCM_Key, /*!< [in] Pointer to the AES-CCM key. */ + CRYS_AESCCM_KeySize_t KeySizeId, /*!< [in] Enumerator defining the key size (only 128 bit is valid). */ + uint32_t AdataSize, /*!< [in] Full byte length of additional (associated) data. If set to zero, + calling ::CRYS_AESCCM_BlockAdata on the same context would return an error. */ + uint32_t TextSizeQ, /*!< [in] Full length of plain text data. */ + uint8_t *N_ptr, /*!< [in] Pointer to the Nonce. */ + uint8_t SizeOfN, /*!< [in] Nonce byte size. The valid values depend on the ccm mode: + <ul><li>CCM: valid values = [7 .. 13].</li> + <li>CCM*: valid values = [13].</li></ul> */ + uint8_t SizeOfT, /*!< [in] AES-CCM MAC (tag) byte size. The valid values depend on the ccm mode: + <ul><li>CCM: valid values = [4, 6, 8, 10, 12, 14, 16].</li> + <li>CCM*: valid values = [0, 4, 8, 16].</li></ul>*/ + uint32_t ccmMode /*!< [in] Flag specifying whether AES-CCM or AES-CCM* should be performed. */ +); + +/*! Macro defintion for CRYS_AESCCM_Init (AES CCM non-star implementation). */ +#define CRYS_AESCCM_Init(ContextID_ptr, EncrDecrMode, CCM_Key, KeySizeId, AdataSize, TextSizeQ, N_ptr, SizeOfN, SizeOfT) \ + CC_AESCCM_Init(ContextID_ptr, EncrDecrMode, CCM_Key, KeySizeId, AdataSize, TextSizeQ, N_ptr, SizeOfN, SizeOfT, CRYS_AESCCM_MODE_CCM) + +/*! Macro defintion CRYS_AESCCMStar_Init (AES CCM star implementation). */ +#define CRYS_AESCCMStar_Init(ContextID_ptr, EncrDecrMode, CCM_Key, KeySizeId, AdataSize, TextSizeQ, N_ptr, SizeOfN, SizeOfT) \ + CC_AESCCM_Init(ContextID_ptr, EncrDecrMode, CCM_Key, KeySizeId, AdataSize, TextSizeQ, N_ptr, SizeOfN, SizeOfT, CRYS_AESCCM_MODE_STAR) + +/*! +@brief This function receives a CCM context and a block of additional data, and adds it to the AES MAC +calculation. +This API can be called only once per operation context. It should not be called in case AdataSize was set to +zero in ::CC_AESCCM_Init. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_aesccm_error.h. +*/ +CRYSError_t CRYS_AESCCM_BlockAdata( + CRYS_AESCCM_UserContext_t *ContextID_ptr, /*!< [in] Pointer to the context buffer. */ + uint8_t *DataIn_ptr, /*!< [in] Pointer to the additional input data. The buffer must be contiguous. */ + uint32_t DataInSize /*!< [in] Byte size of the additional data. Must match AdataSize parameter provided to + ::CRYS_AESCCM_Init. */ +); + +/*! +@brief This function can be invoked for any block of Text data whose size is a multiple of 16 bytes, +excluding the last block that must be processed by ::CRYS_AESCCM_Finish. +<ul><li> If encrypting: + Continues calculation of the intermediate AES_MAC value of the text data, while simultaneously encrypting the text data using AES_CTR, + starting from CTR value = CTR0+1.</li> +<li>If decrypting: + Continues decryption of the text data, while calculating the intermediate AES_MAC value of decrypted data.</li></ul> + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_aesccm_error.h. +*/ +CRYSError_t CRYS_AESCCM_BlockTextData( + CRYS_AESCCM_UserContext_t *ContextID_ptr, /*!< [in] Pointer to the context buffer. */ + uint8_t *DataIn_ptr, /*!< [in] Pointer to the additional input data. The buffer must be contiguous. */ + uint32_t DataInSize, /*!< [in] Byte size of the text data block. Must be a multiple of 16 bytes. */ + uint8_t *DataOut_ptr /*!< [out] Pointer to the output data. The size of the output buffer must be at least DataInSize. + The buffer must be contiguous. */ +); + +/*! +@brief This function must be the last to be called on the text data. +It can either be called on the entire text data (if transferred as one block), or on the last block of the text data, +even if total size of text data is equal to 0. +It performs the same operations as ::CRYS_AESCCM_BlockTextData, but additionally: +<ul><li> If encrypting: </li> + <ul><li>If the size of text data is not in multiples of 16 bytes, it pads the remaining bytes with zeros to a full 16-bytes block and + processes the data using AES_MAC and AES_CTR algorithms.</li> + <li> Encrypts the AES_MAC result with AES_CTR using the CTR0 value saved in the context and places the SizeOfT bytes of MAC (tag) + at the end.</li></ul></ul> +<ul><li> If decrypting: </li> + <ul><li>Processes the text data, except for the last SizeOfT bytes (tag), using AES_CTR and then AES_MAC algorithms.</li> + <li>Encrypts the calculated MAC using AES_CTR based on the saved CTR0 value, and compares it with SizeOfT last bytes of input data (i.e. + tag value).</li> + <li>The function saves the validation result (Valid/Invalid) in the context.</li> + <li>Returns (as the error code) the final CCM-MAC verification result.</li></ul></ul> + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_aesccm_error.h. +*/ +CEXPORT_C CRYSError_t CRYS_AESCCM_Finish( + CRYS_AESCCM_UserContext_t *ContextID_ptr, /*!< [in] Pointer to the context buffer. */ + uint8_t *DataIn_ptr, /*!< [in] Pointer to the last input data. The buffer must be contiguous. */ + uint32_t DataInSize, /*!< [in] Byte size of the last text data block. Can be zero. */ + uint8_t *DataOut_ptr, /*!< [in] Pointer to the output (cipher or plain text data) data. The buffer must + be contiguous. If DataInSize = 0, output buffer is not required. */ + CRYS_AESCCM_Mac_Res_t MacRes, /*!< [in] MAC result buffer pointer. */ + uint8_t *SizeOfT /*!< [out] AES-CCM MAC byte size as defined in CRYS_AESCCM_Init. */ +); + +/****************************************************************************************************/ +/******** AESCCM FUNCTION ******/ +/****************************************************************************************************/ +/*! +@brief AES CCM combines Counter mode encryption with CBC-MAC authentication. +Input to CCM includes the following elements: +<ul><li> Payload - text data that is both authenticated and encrypted.</li> +<li> Associated data (Adata) - data that is authenticated but not encrypted, e.g., a header.</li> +<li> Nonce - A unique value that is assigned to the payload and the associated data.</li></ul> + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_aesccm_error.h. +*/ +CIMPORT_C CRYSError_t CC_AESCCM( + SaSiAesEncryptMode_t EncrDecrMode, /*!< [in] A flag specifying whether an AES Encrypt (::SASI_AES_ENCRYPT) or Decrypt + (::SASI_AES_DECRYPT) operation should be performed. */ + CRYS_AESCCM_Key_t CCM_Key, /*!< [in] Pointer to AES-CCM key. */ + CRYS_AESCCM_KeySize_t KeySizeId, /*!< [in] Enumerator defining the key size (only 128 bit is valid). */ + uint8_t *N_ptr, /*!< [in] Pointer to the Nonce. */ + uint8_t SizeOfN, /*!< [in] Nonce byte size. The valid values depend on the ccm mode: + <ul><li>CCM: valid values = [7 .. 13].</li> + <li>CCM*: valid values = [13].</li></ul> */ + uint8_t *ADataIn_ptr, /*!< [in] Pointer to the additional input data. The buffer must be contiguous. */ + uint32_t ADataInSize, /*!< [in] Byte size of the additional data. */ + uint8_t *TextDataIn_ptr, /*!< [in] Pointer to the plain-text data for encryption or cipher-text data for decryption. + The buffer must be contiguous. */ + uint32_t TextDataInSize, /*!< [in] Byte size of the full text data. */ + uint8_t *TextDataOut_ptr, /*!< [out] Pointer to the output (cipher or plain text data according to encrypt-decrypt mode) + data. The buffer must be contiguous. */ + uint8_t SizeOfT, /*!< [in] AES-CCM MAC (tag) byte size. The valid values depend on the ccm mode: + <ul><li>CCM: valid values = [4, 6, 8, 10, 12, 14, 16].</li> + <li>CCM*: valid values = [0, 4, 8, 16].</li></ul>*/ + CRYS_AESCCM_Mac_Res_t Mac_Res, /*!< [in/out] Pointer to the MAC result buffer. */ + uint32_t ccmMode /*!< [in] Flag specifying whether AES-CCM or AES-CCM* should be performed. */ +); + +/*! Macro defintion for CRYS_AESCCM (AES CCM non-star implementation). */ +#define CRYS_AESCCM(EncrDecrMode, CCM_Key, KeySizeId, N_ptr, SizeOfN, ADataIn_ptr, ADataInSize, TextDataIn_ptr, TextDataInSize, TextDataOut_ptr, SizeOfT, Mac_Res) \ + CC_AESCCM(EncrDecrMode, CCM_Key, KeySizeId, N_ptr, SizeOfN, ADataIn_ptr, ADataInSize, TextDataIn_ptr, TextDataInSize, TextDataOut_ptr, SizeOfT, Mac_Res, CRYS_AESCCM_MODE_CCM) + +/*! Macro defintion for CRYS_AESCCMStar (AES CCM star implementation). */ +#define CRYS_AESCCMStar(EncrDecrMode, CCM_Key, KeySizeId, N_ptr, SizeOfN, ADataIn_ptr, ADataInSize, TextDataIn_ptr, TextDataInSize, TextDataOut_ptr, SizeOfT, Mac_Res) \ + CC_AESCCM(EncrDecrMode, CCM_Key, KeySizeId, N_ptr, SizeOfN, ADataIn_ptr, ADataInSize, TextDataIn_ptr, TextDataInSize, TextDataOut_ptr, SizeOfT, Mac_Res, CRYS_AESCCM_MODE_STAR) + + +/*! +@brief This function receives the MAC source address, the frame counter and the MAC size +and returns the required nonce for AES-CCM* as defined in ieee-802.15.4. +This API should be called before CRYS_AESCCMStar and CRYS_AESCCMStar_Init, +and the generated nonce should be provided to these functions. + +@return CRYS_OK on success. +@return A non-zero value on failure as defined crys_aesccm_error.h. +*/ +CRYSError_t CRYS_AESCCMStar_NonceGenerate( + CRYS_AESCCMStar_SourceAddress_t srcAddr, /*!< [in] The MAC address in EUI-64 format. */ + uint32_t FrameCounter, /*!< [in] The MAC frame counter. */ + uint8_t SizeOfT, /*!< [in] AES-CCM* MAC (tag) byte size. Valid values = [0,4,8,16]. */ + CRYS_AESCCMStar_Nonce_t nonce /*!< [out] The required nonce for AES-CCM*. */ +); + +#ifdef __cplusplus +} +#endif + +/** +@} + */ + +#endif /*#ifndef CRYS_AESCCM_H*/ + diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/crys_error.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/crys_error.h new file mode 100644 index 0000000..bf5673f --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/crys_error.h @@ -0,0 +1,273 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +#ifndef CRYS_ERROR_H +#define CRYS_ERROR_H + +#include "ssi_pal_types.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! @file +@brief This module defines the error return code types and the numbering spaces of the error codes +for each module of the layers listed below. +@defgroup crys_error CryptoCell general base error codes +@{ +@ingroup cryptocell_api +*/ + +/*! The definitions of the error number space used for the different modules */ + +/* ........... Error base numeric mapping definitions ................... */ +/* ----------------------------------------------------------------------- */ + + /*! CRYS error base number. */ +#define CRYS_ERROR_BASE 0x00F00000UL + +/*! Error range number assigned for each layer. */ +#define CRYS_ERROR_LAYER_RANGE 0x00010000UL + +/*! Error range number assigned to each module on its specified layer. */ +#define CRYS_ERROR_MODULE_RANGE 0x00000100UL + +/* Defines the layer index for the error mapping. */ +/*! CRYS error layer index. */ +#define CRYS_LAYER_ERROR_IDX 0x00UL +/*! Low level functions error layer index. */ +#define LLF_LAYER_ERROR_IDX 0x01UL +/*! Generic error layer index. */ +#define GENERIC_ERROR_IDX 0x05UL + +/* Defines the module index for error mapping */ +/*! AES error index.*/ +#define AES_ERROR_IDX 0x00UL +/*! DES error index.*/ +#define DES_ERROR_IDX 0x01UL +/*! HASH error index.*/ +#define HASH_ERROR_IDX 0x02UL +/*! HMAC error index.*/ +#define HMAC_ERROR_IDX 0x03UL +/*! RSA error index.*/ +#define RSA_ERROR_IDX 0x04UL +/*! DH error index.*/ +#define DH_ERROR_IDX 0x05UL + +/*! ECPKI error index.*/ +#define ECPKI_ERROR_IDX 0x08UL +/*! RND error index.*/ +#define RND_ERROR_IDX 0x0CUL +/*! Common error index.*/ +#define COMMON_ERROR_IDX 0x0DUL +/*! KDF error index.*/ +#define KDF_ERROR_IDX 0x11UL +/*! HKDF error index.*/ +#define HKDF_ERROR_IDX 0x12UL +/*! AESCCM error index.*/ +#define AESCCM_ERROR_IDX 0x15UL +/*! FIPS error index.*/ +#define FIPS_ERROR_IDX 0x17UL + +/*! PKA error index.*/ +#define PKA_MODULE_ERROR_IDX 0x21UL +/*! CHACHA error index.*/ +#define CHACHA_ERROR_IDX 0x22UL +/*! EC montgomery and edwards error index.*/ +#define EC_MONT_EDW_ERROR_IDX 0x23UL +/*! CHACHA POLY error index.*/ +#define CHACHA_POLY_ERROR_IDX 0x24UL +/*! POLY error index.*/ +#define POLY_ERROR_IDX 0x25UL +/*! SRP error index.*/ +#define SRP_ERROR_IDX 0x26UL + + + +/* .......... defining the error spaces for each module on each layer ........... */ +/* ------------------------------------------------------------------------------ */ + +/*! AES module error base address - 0x00F00000. */ +#define CRYS_AES_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * AES_ERROR_IDX ) ) + +/*! DES module error base address - 0x00F00100. */ +#define CRYS_DES_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * DES_ERROR_IDX ) ) + +/*! HASH module error base address - 0x00F00200. */ +#define CRYS_HASH_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * HASH_ERROR_IDX ) ) + +/*! HMAC module error base address - 0x00F00300. */ +#define CRYS_HMAC_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * HMAC_ERROR_IDX ) ) + +/*! RSA module error base address - 0x00F00400. */ +#define CRYS_RSA_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * RSA_ERROR_IDX ) ) + +/*! DH module error base address - 0x00F00500. */ +#define CRYS_DH_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * DH_ERROR_IDX ) ) + +/*! ECPKI module error base address - 0x00F00800. */ +#define CRYS_ECPKI_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * ECPKI_ERROR_IDX ) ) + +/*! Low level ECPKI module error base address - 0x00F10800. */ +#define LLF_ECPKI_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * LLF_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * ECPKI_ERROR_IDX ) ) + +/*! RND module error base address - 0x00F00C00. */ +#define CRYS_RND_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * RND_ERROR_IDX ) ) + +/*! Low level RND module error base address - 0x00F10C00. */ +#define LLF_RND_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * LLF_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * RND_ERROR_IDX ) ) + +/*! COMMMON module error base address - 0x00F00D00. */ +#define CRYS_COMMON_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * COMMON_ERROR_IDX ) ) + +/*! KDF module error base address - 0x00F01100. */ +#define CRYS_KDF_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * KDF_ERROR_IDX ) ) + +/*! HKDF module error base address - 0x00F01100. */ +#define CRYS_HKDF_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * HKDF_ERROR_IDX ) ) + +/*! AESCCM module error base address - 0x00F01500. */ +#define CRYS_AESCCM_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * AESCCM_ERROR_IDX ) ) + +/*! FIPS module error base address - 0x00F01700. */ +#define CRYS_FIPS_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * FIPS_ERROR_IDX ) ) + +/*! PKA module error base address - 0x00F02100. */ +#define PKA_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * PKA_MODULE_ERROR_IDX ) ) + +/*! CHACHA module error base address - 0x00F02200. */ +#define CRYS_CHACHA_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * CHACHA_ERROR_IDX ) ) +/*! CHACHA POLY module error base address - 0x00F02400. */ +#define CRYS_CHACHA_POLY_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * CHACHA_POLY_ERROR_IDX ) ) +/*! POLY module error base address - 0x00F02500. */ +#define CRYS_POLY_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * POLY_ERROR_IDX ) ) + +/*! SRP module error base address - 0x00F02600. */ +#define CRYS_SRP_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * SRP_ERROR_IDX ) ) + + +/*! EC MONT_EDW module error base address - 0x00F02300. */ +#define CRYS_EC_MONT_EDW_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * EC_MONT_EDW_ERROR_IDX ) ) + + +/*! User generic error base address - 0x00F50000 */ +#define GENERIC_ERROR_BASE ( CRYS_ERROR_BASE + (CRYS_ERROR_LAYER_RANGE * GENERIC_ERROR_IDX) ) +/*! CRYS fatal error. */ +#define CRYS_FATAL_ERROR (GENERIC_ERROR_BASE + 0x00UL) +/*! CRYS out of resources error. */ +#define CRYS_OUT_OF_RESOURCE_ERROR (GENERIC_ERROR_BASE + 0x01UL) +/*! CRYS illegal resource value error. */ +#define CRYS_ILLEGAL_RESOURCE_VAL_ERROR (GENERIC_ERROR_BASE + 0x02UL) + + + +/* ............ The OK (success) definition ....................... */ +/*! Success defintion. */ +#define CRYS_OK 0 + +/*! MACRO that defines crys return value. */ +#define SASI_CRYS_RETURN_ERROR(retCode, retcodeInfo, funcHandler) \ + ((retCode) == 0 ? CRYS_OK : funcHandler(retCode, retcodeInfo)) + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + +/*! The typedef definition of all of the error codes that are returned from the CRYS functions */ +typedef uint32_t CRYSError_t; + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + + + + diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/crys_rnd.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/crys_rnd.h new file mode 100644 index 0000000..653768c --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/crys_rnd.h @@ -0,0 +1,398 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + + +#ifndef CRYS_RND_H +#define CRYS_RND_H + +#include "crys_error.h" +#include "ssi_aes.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief This file contains the CRYS APIs used for random number generation. +The random-number generation module implements referenced standard [SP800-90]. +@defgroup crys_rnd CryptoCell Random Generator APIs +@{ +@ingroup cryptocell_api +*/ + +/************************ Defines ******************************/ + +/*! Maximal reseed counter - indicates maximal number of +requests allowed between reseeds; according to NIST 800-90 +it is (2^48 - 1), our restriction is : (0xFFFFFFFF - 0xF).*/ +#define CRYS_RND_MAX_RESEED_COUNTER (0xFFFFFFFF - 0xF) + +/* Max size for one RNG generation (in bits) = + max_num_of_bits_per_request = 2^19 (FIPS 800-90 Tab.3) */ +/*! Maximal size of generated vector in bits. */ +#define CRYS_RND_MAX_GEN_VECTOR_SIZE_BITS 0x7FFFF +/*! Maximal size of generated vector in bytes. */ +#define CRYS_RND_MAX_GEN_VECTOR_SIZE_BYTES 0xFFFF + +/*! AES output block size in words. */ +#define CRYS_RND_AES_BLOCK_SIZE_IN_WORDS SASI_AES_BLOCK_SIZE_IN_WORDS + + +/* RND seed and additional input sizes */ +/*! Maximal size of random seed in words. */ +#define CRYS_RND_SEED_MAX_SIZE_WORDS 12 + +#ifndef CRYS_RND_ADDITINAL_INPUT_MAX_SIZE_WORDS +/*! Maximal size of additional input data in words. */ +#define CRYS_RND_ADDITINAL_INPUT_MAX_SIZE_WORDS CRYS_RND_SEED_MAX_SIZE_WORDS +#endif + +/* allowed sizes of AES Key, in words */ +/*! AES key size (128 bits) in words. */ +#define CRYS_RND_AES_KEY_128_SIZE_WORDS 4 +/*! AES key size (192 bits) in words. */ +#define CRYS_RND_AES_KEY_192_SIZE_WORDS 6 +/*! AES key size (256 bits) in words. */ +#define CRYS_RND_AES_KEY_256_SIZE_WORDS 8 + +/* Definitions of temp buffer for RND_DMA version of CRYS_RND */ +/*******************************************************************/ +/* Definitions of temp buffer for DMA version of CRYS_RND */ + +/*! Temporary buffer size in words. */ +#define CRYS_RND_WORK_BUFFER_SIZE_WORDS 1528 + +/*! A definition for RAM buffer to be internally used in instantiation (or reseeding) operation. */ +typedef struct +{ + /*! Internal buffer*/ + uint32_t crysRndWorkBuff[CRYS_RND_WORK_BUFFER_SIZE_WORDS]; +}CRYS_RND_WorkBuff_t; + +/*! A definition for entropy estimation data type. */ +#define CRYS_RND_EntropyEstimatData_t CRYS_RND_WorkBuff_t +/*! A definition for entropy estimation buffer. */ +#define crysRndEntrIntBuff crysRndWorkBuff + + +/* RND source buffer inner (entrpopy) offset */ +/*! An internal offset definition. */ +#define CRYS_RND_TRNG_SRC_INNER_OFFSET_WORDS 2 +/*! An internal offset definition. */ +#define CRYS_RND_TRNG_SRC_INNER_OFFSET_BYTES (CRYS_RND_TRNG_SRC_INNER_OFFSET_WORDS*sizeof(uint32_t)) + + + + +/* Size of the expected output buffer used by FIPS KAT */ +/*! FIPS Known answer test output size. */ +#define CRYS_PRNG_FIPS_KAT_OUT_DATA_SIZE 64 + +/************************ Enumerators ****************************/ + +/*! Definition of random operation modes. */ +typedef enum +{ + /*! SW entropy estimation mode. */ + CRYS_RND_Fast = 0, + /*! Full entropy mode. */ + CRYS_RND_Slow = 1, + /*! Reserved. */ + CRYS_RND_ModeLast = 0x7FFFFFFF, +} CRYS_RND_mode_t; + + + +/************************ Structs *****************************/ + + +/* The internal state of DRBG mechanism based on AES CTR and CBC-MAC + algorithms. It is set as global data defined by the following + structure */ +/*! RND state structure. Includes internal data that needs to be saved between boots by the user.*/ +typedef struct +{ + /* Seed buffer, consists from concatenated Key||V: max size 12 words */ + /*! Random Seed buffer */ + uint32_t Seed[CRYS_RND_SEED_MAX_SIZE_WORDS]; + /* Previous value for continuous test */ + /*! Previous random data (used for continuous test). */ + uint32_t PreviousRandValue[SASI_AES_BLOCK_SIZE_IN_WORDS]; + + /* AdditionalInput buffer max size = seed max size words + 4w for padding*/ + /*! Previous additional input buffer. */ + uint32_t PreviousAdditionalInput[CRYS_RND_ADDITINAL_INPUT_MAX_SIZE_WORDS+5]; + /*! Additional input buffer. */ + uint32_t AdditionalInput[CRYS_RND_ADDITINAL_INPUT_MAX_SIZE_WORDS+4]; + /*! Additional input size in words. */ + uint32_t AddInputSizeWords; /* size of additional data set by user, words */ + + /*! Entropy source size in words */ + uint32_t EntropySourceSizeWords; + + /*! Reseed counter (32 bits active) - indicates number of requests for entropy + since instantiation or reseeding */ + uint32_t ReseedCounter; + + /*! Key size: 4 or 8 words according to security strength 128 bits or 256 bits*/ + uint32_t KeySizeWords; + + /* State flag (see definition of StateFlag above), containing bit-fields, defining: + - b'0: instantiation steps: 0 - not done, 1 - done; + - 2b'9,8: working or testing mode: 0 - working, 1 - KAT DRBG test, 2 - + KAT TRNG test; + b'16: flag defining is Previous random valid or not: + 0 - not valid, 1 - valid */ + /*! State flag used internally in the code.*/ + uint32_t StateFlag; + + /* Trng processing flag - indicates which ROSC lengths are: + - allowed (bits 0-3); + - total started (bits 8-11); + - processed (bits 16-19); + - started, but not processed (bits24-27) */ + /*! TRNG process state used internally in the code */ + uint32_t TrngProcesState; + + /* validation tag */ + /*! Validation tag used internally in the code */ + uint32_t ValidTag; + + /*! Rnd source entropy size in bits */ + uint32_t EntropySizeBits; + +} CRYS_RND_State_t; + + +/*! The RND Generate vector function pointer type definition. + The prototype intendent for External and CRYS internal RND functions + pointers definitions. + Full description can be found in ::CRYS_RND_GenerateVector function API. */ +typedef uint32_t (*SaSiRndGenerateVectWorkFunc_t)( \ + void *rndState_ptr, /*context*/ \ + uint16_t outSizeBytes, /*in*/ \ + uint8_t *out_ptr /*out*/); + + + +/*! Data structure required for internal FIPS verification for PRNG KAT. */ +typedef struct +{ + /*! Internal working buffer. */ + CRYS_RND_WorkBuff_t rndWorkBuff; + /*! Output buffer. */ + uint8_t rndOutputBuff[CRYS_PRNG_FIPS_KAT_OUT_DATA_SIZE]; +} CRYS_PrngFipsKatCtx_t; + + +/*****************************************************************************/ +/********************** Public Functions *************************/ +/*****************************************************************************/ + +/*! +@brief This function needs to be called once. +It calls CRYS_RND_Instantiation to initialize the TRNG and the primary RND context. +An initialized RND context is required for calling RND APIs and asymmetric cryptography key generation and signatures. +The primary context returned by this function can be used as a single global context for all RND needs. +Alternatively, other contexts may be initialized and used with a more limited scope (for specific applications or specific threads). + +\note The Mutexes, if used, are initialized by this API. Therefore, unlike the other APIs in the library, +this API is not thread-safe. + +@param[in/out] rnd_ctx - Pointer to the RND state structure. +@param[in/out] rndWorkBuff_ptr - Pointer to the RND scratch buffer. +*/ +CEXPORT_C CRYSError_t CRYS_RndInit(void* rnd_ctx, /*!< [in/out] Pointer to the RND state buffer, + allocated by the user. This state must be saved and provided + as parameter to any API that uses the RND module.*/ + CRYS_RND_WorkBuff_t *rndWorkBuff_ptr /*!< [in] Scratchpad for the RND module's work. */); + +/*! +@brief This function initializes the RND context. +It must be called at least once prior to using this context with any API that requires it as a parameter (e.g., other RND APIs, asymmetric +cryptography key generation and signatures). +It is called as part of ARM TrustZone CryptoCell library initialization, which initializes and returns the primary RND context. +This primary context can be used as a single global context for all RND needs. +Alternatively, other contexts may be initialized and used with a more limited scope (for specific applications or specific threads). +The call to this function must be followed by a call to ::CRYS_RND_SetGenerateVectorFunc API to set the generate vector function. +It implements referenced standard [SP800-90] - 10.2.1.3.2 - CTR-DRBG Instantiate algorithm using AES (FIPS-PUB 197) and Derivation Function (DF). +\note Additional data can be mixed with the random seed (personalization data or nonce). If required, this data should be provided by calling ::CRYS_RND_AddAdditionalInput prior to using this API. + +@return CRYS_OK on success. +@return A non-zero value from crys_rnd_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_RND_Instantiation( + void *rndState_ptr, /*!< [in/out] Pointer to the RND state buffer allocated by the user, which is used to + maintain the RND state. This context state must be saved and provided as a + parameter to any API that uses the RND module. + \note the context must be cleared before sent to the function. */ + CRYS_RND_WorkBuff_t *rndWorkBuff_ptr /*!< [in/out] Scratchpad for the RND module's work. */ +); + + +/*! +@brief Clears existing RNG instantiation state. + +@return CRYS_OK on success. +@return A non-zero value from crys_rnd_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_RND_UnInstantiation( + void *rndState_ptr /*!< [in/out] Pointer to the RND context state buffer. */ +); + + +/*! +@brief This function is used for reseeding the RNG with additional entropy and additional user-provided input. +(additional data should be provided by calling ::CRYS_RND_AddAdditionalInput prior to using this API). +It implements referenced standard [SP800-90] - 10.2.1.4.2 - CTR-DRBG Reseeding algorithm, using AES (FIPS-PUB 197) and Derivation Function (DF). + +@return CRYS_OK on success. +@return A non-zero value from crys_rnd_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_RND_Reseeding( + void *rndState_ptr, /*!< [in/out] Pointer to the RND context buffer. */ + CRYS_RND_WorkBuff_t *rndWorkBuff_ptr /*!< [in/out] Scratchpad for the RND module's work. */ +); + + +/****************************************************************************************/ +/*! +@brief Generates a random vector according to the algorithm defined in referenced standard [SP800-90] - 10.2.1.5.2 - CTR-DRBG. +The generation algorithm uses AES (FIPS-PUB 197) and Derivation Function (DF). + +\note +<ul id="noteb"><li> The RND module must be instantiated prior to invocation of this API.</li> +<li> In the following cases, Reseeding operation must be performed prior to vector generation:</li> + <ul><li> Prediction resistance is required.</li> + <li> The function returns CRYS_RND_RESEED_COUNTER_OVERFLOW_ERROR, stating that the Reseed Counter has passed its upper-limit (2^32-2).</li></ul></ul> + +@return CRYS_OK on success. +@return A non-zero value from crys_rnd_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_RND_GenerateVector( + void *rndState_ptr, /*!< [in/out] Pointer to the RND state structure, which is part of the RND context structure. + Use rndContext->rndState field of the context for this parameter. */ + uint16_t outSizeBytes, /*!< [in] The size in bytes of the random vector required. The maximal size is 2^16 -1 bytes. */ + uint8_t *out_ptr /*!< [out] The pointer to output buffer. */ +); + + + +/**********************************************************************************************************/ +/*! +@brief Generates a random vector with specific limitations by testing candidates (described and used in FIPS 186-4: B.1.2, B.4.2 etc.). + +This function draws a random vector, compare it to the range limits, and if within range - return it in rndVect_ptr. +If outside the range, the function continues retrying until a conforming vector is found, or the maximal retries limit is exceeded. +If maxVect_ptr is provided, rndSizeInBits specifies its size, and the output vector must conform to the range [1 < rndVect < maxVect]. +If maxVect_ptr is NULL, rndSizeInBits specifies the exact required vector size, and the output vector must be the exact same +bit size (with its most significant bit = 1). +\note +The RND module must be instantiated prior to invocation of this API. + +@return CRYS_OK on success. +@return A non-zero value from crys_rnd_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_RND_GenerateVectorInRange( + void *rndState_ptr, /*!< [in/out] Pointer to the RND state structure. */ + SaSiRndGenerateVectWorkFunc_t rndGenerateVectFunc, /*!< [in] Pointer to the random vector generation function. */ + uint32_t rndSizeInBits, /*!< [in] The size in bits of the random vector required. The allowed size in range 2 <= rndSizeInBits < 2^19-1, bits. */ + uint8_t *maxVect_ptr, /*!< [in] Pointer to the vector defining the upper limit for the random vector output, Given as little-endian byte array. + If not NULL, its actual size is treated as [(rndSizeInBits+7)/8] bytes and its value must be in range (3, 2^19) */ + uint8_t *rndVect_ptr /*!< [in/out] Pointer to the output buffer for the random vector. Must be at least [(rndSizeInBits+7)/8] bytes. + Treated as little-endian byte array. */ +); + + +/*************************************************************************************/ +/*! +@brief Used for adding additional input/personalization data provided by the user, +to be later used by the ::CRYS_RND_Instantiation/::CRYS_RND_Reseeding/::CRYS_RND_GenerateVector functions. + +@return CRYS_OK on success. +@return A non-zero value from crys_rnd_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_RND_AddAdditionalInput( + void *rndState_ptr, /*!< [in/out] Pointer to the RND context state buffer. */ + uint8_t *additonalInput_ptr, /*!< [in] The Additional Input buffer. */ + uint16_t additonalInputSize /*!< [in] The size of the Additional Input buffer. It must + be <= CRYS_RND_ADDITINAL_INPUT_MAX_SIZE_WORDS and a multiple of 4. */ +); + +/*! +@brief The CRYS_RND_EnterKatMode function sets KAT mode bit into StateFlag of global CRYS_RND_WorkingState structure. + +The user must call this function before calling functions performing KAT tests. + +\note Total size of entropy and nonce must be not great than 126 words (maximal size of entropy and nonce). + +@return CRYS_OK on success. +@return A non-zero value from crys_rnd_error.h on failure. +*/ +CIMPORT_C CRYSError_t CRYS_RND_EnterKatMode( + void *rndState_ptr, /*!< [in/out] Pointer to the RND context state buffer. */ + uint8_t *entrData_ptr, /*!< [in] Entropy data. */ + uint32_t entrSize, /*!< [in] Entropy size in bytes. */ + uint8_t *nonce_ptr, /*!< [in] Nonce. */ + uint32_t nonceSize, /*!< [in] Entropy size in bytes. */ + CRYS_RND_WorkBuff_t *workBuff_ptr /*!< [out] RND working buffer, must be the same buffer, which should be passed into + Instantiation/Reseeding functions. */ +); + +/**********************************************************************************************************/ +/*! +@brief The CRYS_RND_DisableKatMode function disables KAT mode bit into StateFlag of global CRYS_RND_State_t structure. + +The user must call this function after KAT tests before actual using RND module (Instantiation etc.). + +@return CRYS_OK on success. +@return A non-zero value from crys_rnd_error.h on failure. +*/ +CIMPORT_C void CRYS_RND_DisableKatMode( + void *rndState_ptr /*!< [in/out] Pointer to the RND state buffer. */ +); + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif /* #ifndef CRYS_RND_H */ + diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/crys_rnd_error.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/crys_rnd_error.h new file mode 100644 index 0000000..417eaff --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/crys_rnd_error.h @@ -0,0 +1,160 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + + +#ifndef CRYS_RND_ERROR_H +#define CRYS_RND_ERROR_H + +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/*! +@file +@brief This module contains the definitions of the CRYS RND errors. +@defgroup crys_rnd_error CryptoCell RND specific errors +@{ +@ingroup crys_rnd +*/ + + + +/************************ Defines ******************************/ +/*! RND module on the CRYS layer base address - 0x00F00C00 */ + +/*! Illegal output pointer.*/ +#define CRYS_RND_DATA_OUT_POINTER_INVALID_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x0UL) +/*! Random generation in range failed .*/ +#define CRYS_RND_CAN_NOT_GENERATE_RAND_IN_RANGE (CRYS_RND_MODULE_ERROR_BASE + 0x1UL) +/*! CPRNGT test failed.*/ +#define CRYS_RND_CPRNG_TEST_FAIL_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x2UL) +/*! Illegal additional data buffer. */ +#define CRYS_RND_ADDITIONAL_INPUT_BUFFER_NULL (CRYS_RND_MODULE_ERROR_BASE + 0x3UL) +/*! Illegal additional data size. */ +#define CRYS_RND_ADDITIONAL_INPUT_SIZE_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x4UL) +/*! Data size overflow. */ +#define CRYS_RND_DATA_SIZE_OVERFLOW_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x5UL) +/*! Illegal vector size. */ +#define CRYS_RND_VECTOR_SIZE_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x6UL) +/*! Reseed counter overflow - in case this error was returned instantiation or reseeding operation must be called. */ +#define CRYS_RND_RESEED_COUNTER_OVERFLOW_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x7UL) +/*! Instantiation was not yet called. */ +#define CRYS_RND_INSTANTIATION_NOT_DONE_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x8UL) +/*! TRNG loss of samples. */ +#define CRYS_RND_TRNG_LOSS_SAMPLES_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x9UL) +/*! TRNG Time exceeded limitations. */ +#define CRYS_RND_TRNG_TIME_EXCEED_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0xAUL) +/*! TRNG loss of samples and time exceeded limitations. */ +#define CRYS_RND_TRNG_LOSS_SAMPLES_AND_TIME_EXCEED_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0xBUL) +/*! RND is in Known Answer Test mode. */ +#define CRYS_RND_IS_KAT_MODE_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0xCUL) +/*! RND operation not supported. */ +#define CRYS_RND_OPERATION_IS_NOT_SUPPORTED_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0xDUL) +/*! RND validity check failed. */ +#define CRYS_RND_STATE_VALIDATION_TAG_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0xEUL) +/*! RND is not supported. */ +#define CRYS_RND_IS_NOT_SUPPORTED (CRYS_RND_MODULE_ERROR_BASE + 0xFUL) +/*! RND Init failed. */ +#define CRYS_RND_INIT_FAILED (CRYS_RND_MODULE_ERROR_BASE + 0x10UL) +/*! RND Init failed. */ +#define CRYS_RND_STARTUP_FAILED (CRYS_RND_MODULE_ERROR_BASE + 0x11UL) +/*! Instantiation Failed. */ +#define CRYS_RND_INSTANTIATION_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x12L) + + +/*! Illegal generate vector function pointer. */ +#define CRYS_RND_GEN_VECTOR_FUNC_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x14UL) + +/*! Illegal work buffer pointer. */ +#define CRYS_RND_WORK_BUFFER_PTR_INVALID_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x20UL) +/*! Illegal AES key size. */ +#define CRYS_RND_ILLEGAL_AES_KEY_SIZE_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x21UL) +/*! Illegal data pointer. */ +#define CRYS_RND_ILLEGAL_DATA_PTR_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x22UL) +/*! Illegal data size. */ +#define CRYS_RND_ILLEGAL_DATA_SIZE_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x23UL) +/*! Illegal parameter. */ +#define CRYS_RND_ILLEGAL_PARAMETER_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x24UL) +/*! Illegal RND state pointer. */ +#define CRYS_RND_STATE_PTR_INVALID_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x25UL) +/*! TRNG errors. */ +#define CRYS_RND_TRNG_ERRORS_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x26UL) +/*! Illegal context pointer. */ +#define CRYS_RND_CONTEXT_PTR_INVALID_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x27UL) + +/*! Illegal output vector pointer. */ +#define CRYS_RND_VECTOR_OUT_PTR_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x30UL) +/*! Illegal output vector size. */ +#define CRYS_RND_VECTOR_OUT_SIZE_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x31UL) +/*! Maximal vector size is too small. */ +#define CRYS_RND_MAX_VECTOR_IS_TOO_SMALL_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x32UL) +/*! Illegal Known Answer Tests parameters. */ +#define CRYS_RND_KAT_DATA_PARAMS_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x33UL) +/*! TRNG Known Answer Test not supported. */ +#define CRYS_RND_TRNG_KAT_NOT_SUPPORTED_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x34UL) +/*! SRAM memory is not defined. */ +#define CRYS_RND_SRAM_NOT_SUPPORTED_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x35UL) +/*! AES operation failure. */ +#define CRYS_RND_AES_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x36UL) + + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif + + diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl.h new file mode 100644 index 0000000..b9fc491 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl.h @@ -0,0 +1,52 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ +#ifndef NRF_CC310_BL_H__ +#define NRF_CC310_BL_H__ + +/**@file + * + * @defgroup nrf_cc310_bl CC310 bootloader API (nrf_cc310_bl) + * @brief This is a customized version of the CC310 API tailored to work with the + * @ref lib_bootloader. + * @{ + */ + +#include "nrf_cc310_bl_init.h" +#include "nrf_cc310_bl_hash_sha256.h" +#include "nrf_cc310_bl_ecdsa_verify_secp224r1.h" +#include "nrf_cc310_bl_ecdsa_verify_secp256r1.h" + +/** @} */ + +#endif //NRF_CC310_BL_H__ diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl_ecdsa_verify_common.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl_ecdsa_verify_common.h new file mode 100644 index 0000000..9ad6d02 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl_ecdsa_verify_common.h @@ -0,0 +1,61 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ +#ifndef NRF_CC310_BL_ECDSA_VERIFY_COMMON_H__ +#define NRF_CC310_BL_ECDSA_VERIFY_COMMON_H__ + +/**@file + * + * @defgroup nrf_cc310_bl_ecdsa_verify_common nrf_cc310_bl ECDSA verify common declarations + * @ingroup nrf_cc310_bl + * @brief Common declarations for nrf_cc310_bl ECDSA verify APIs. + * @{ + */ + +#ifdef __cplusplus +extern "C" { +#endif + +#define NRF_CC310_BL_ECDSA_CONTEXT_INITIALIZED (0xBBAA55DD) + +#define NRF_CC310_BL_ECDSA_VERIFY_CONTEXT_SIZE_SECP224R1 (140) //!< Macro for the size of the ECDSA Verify context. +#define NRF_CC310_BL_ECDSA_VERIFY_CONTEXT_SIZE_SECP256R1 (160) //!< Macro for the size of the ECDSA Verify context. + +#ifdef __cplusplus +} +#endif + +/** @} */ + + +#endif // NRF_CC310_BL_ECDSA_VERIFY_COMMON_H__ diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl_ecdsa_verify_secp224r1.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl_ecdsa_verify_secp224r1.h new file mode 100644 index 0000000..8068c72 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl_ecdsa_verify_secp224r1.h @@ -0,0 +1,167 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ +#ifndef NRF_CC310_BL_ECDSA_VERIFY_SECP224R1_H__ +#define NRF_CC310_BL_ECDSA_VERIFY_SECP224R1_H__ + +/**@file + * + * @defgroup nrf_cc310_bl_ecdsa_verify_secp224r1 nrf_cc310_bl ECDSA verify secp224r1 types + * @ingroup nrf_cc310_bl + * @brief Type definitions and APIs for nrf_cc310_bl ECDSA verify using curve secp224r1. + * @{ + */ + +#include <stdint.h> +#include "crys_error.h" +#include "nrf_cc310_bl_ecdsa_verify_common.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/**@brief Structure holding the secp224r1 public key represented by X,Y coordinates (uncompressed). +*/ +typedef struct +{ + uint8_t x[28]; //!< Public key X coordinate in big-endian format. + uint8_t y[28]; //!< Public key Y coordinate in big-endian format. + +} nrf_cc310_bl_ecc_public_key_secp224r1_t; + + +/**@brief Structure holding secp224r1 signature represented by R,S. +*/ +typedef struct +{ + uint8_t r[28]; //!< Signature R part in big-endian format. + uint8_t s[28]; //!< Signature S part in big-endian format. + +} nrf_cc310_bl_ecc_signature_secp224r1_t; + + +/**@brief Type definition for a context structure for running an ECDSA verify operation using + * curve secp224r1. + */ +typedef struct +{ + uint32_t init_val; //!< Value indicating the initialized state of the context structure. + uint8_t context_buffer[NRF_CC310_BL_ECDSA_VERIFY_CONTEXT_SIZE_SECP224R1]; //!< Buffer containing the required memory for running the ECDSA verify operation. + +} nrf_cc310_bl_ecdsa_verify_context_secp224r1_t; + + +/**@brief Function for initializing the context information for an ECDSA verify operation + * using curve secp224r1. + * + * @note The memory that holds the context object must be allocated prior to this call. + * + * @param[in,out] p_context Pointer to the structure holding context information + * * for the ECDSA verify operation. + * @param[in] p_public_key Pointer to the structure holding the public key for the + * ECDSA verify operation. + * + * @retval CRYS_OK Context initialized succesfully. + * @retval CRYS_ECDSA_VERIFY_INVALID_USER_CONTEXT_PTR_ERROR p_context was NULL. + * @retval CRYS_ECDSA_VERIFY_SIGNER_PUBL_KEY_VALIDATION_TAG_ERROR p_public_key was NULL. + */ +CRYSError_t nrf_cc310_bl_ecdsa_verify_init_secp224r1( + nrf_cc310_bl_ecdsa_verify_context_secp224r1_t * const p_context, + nrf_cc310_bl_ecc_public_key_secp224r1_t const * const p_public_key); + + +/**@brief Function for executing an ECDSA verify on secp224r1 with hash input. + * + * @note The ECDSA verify context structure must be initialized prior to this call + * using @ref nrf_cc310_bl_ecdsa_verify_init_secp224r1. + * + * @param[in,out] p_context Pointer to the structure holding context information for + * the ECDSA verify operation. + * @param[in] p_signature Pointer to the structure holding the signature to use for the +* ECDSA verify operation. + * @param[in] p_hash Pointer to the hash to use in the ECDSA verify operation. + * @param[in] hash_len Length of the hash to verify. + * + * @retval CRYS_OK Signature was successfully verified. + * @retval CRYS_ECDSA_VERIFY_INVALID_USER_CONTEXT_PTR_ERROR p_context was NULL. + * @retval CRYS_ECDSA_VERIFY_USER_CONTEXT_VALIDATION_TAG_ERROR p_context was not initialized. + * @retval CRYS_ECDSA_VERIFY_INVALID_SIGNATURE_IN_PTR_ERROR p_signature was NULL. + * @retval CRYS_ECDSA_VERIFY_INVALID_MESSAGE_DATA_IN_PTR_ERROR p_hash was NULL. + * @retval CRYS_ECDSA_VERIFY_INVALID_MESSAGE_DATA_IN_SIZE_ERROR hash_len was invalid. + * @retval CRYS_ECDSA_VERIFY_INCONSISTENT_VERIFY_ERROR Signature verification failed. + */ +CRYSError_t nrf_cc310_bl_ecdsa_verify_hash_secp224r1( + nrf_cc310_bl_ecdsa_verify_context_secp224r1_t * const p_context, + nrf_cc310_bl_ecc_signature_secp224r1_t const * const p_signature, + uint8_t const * const p_hash, + uint32_t hash_len); + + +/**@brief Function for executing an ECDSA verify on secp224r1 with hash input in integrated form. + * + * @note This will run initialization of ECDSA context and run ECDSA verify in + * a single integrated step. + * + * @param[in,out] p_context Pointer to the structure holding context information + * for the ECDSA verify operation. + * @param[in] p_public_key Pointer to the structure holding the public key for + * the ECDSA verify operation. + * @param[in] p_signature Pointer to the structure holding the signature to use + * for the ECDSA verify operation. + * @param[in] p_hash Pointer to the hash to use in the ECDSA verify operation. + * @param[in] hash_len Length of the hash to verify. + * + * @retval CRYS_OK Signature was successfully verified. + * @retval CRYS_ECDSA_VERIFY_INVALID_USER_CONTEXT_PTR_ERROR p_context was NULL. + * @retval CRYS_ECDSA_VERIFY_USER_CONTEXT_VALIDATION_TAG_ERROR p_context was not initialized. + * @retval CRYS_ECDSA_VERIFY_SIGNER_PUBL_KEY_VALIDATION_TAG_ERROR + * p_public_key was NULL. + * @retval CRYS_ECDSA_VERIFY_INVALID_SIGNATURE_IN_PTR_ERROR p_signature was NULL. + * @retval CRYS_ECDSA_VERIFY_INVALID_MESSAGE_DATA_IN_PTR_ERROR p_hash was NULL. + * @retval CRYS_ECDSA_VERIFY_INVALID_MESSAGE_DATA_IN_SIZE_ERROR hash_len was invalid. + * @retval CRYS_ECDSA_VERIFY_INCONSISTENT_VERIFY_ERROR Signature verification failed. + */ +CRYSError_t nrf_cc310_bl_ecdsa_verify_secp224r1( + nrf_cc310_bl_ecdsa_verify_context_secp224r1_t * const p_context, + nrf_cc310_bl_ecc_public_key_secp224r1_t const * const p_public_key, + nrf_cc310_bl_ecc_signature_secp224r1_t const * const p_signature, + uint8_t const * const p_hash, + uint32_t hash_len); + +#ifdef __cplusplus +} +#endif + +/** @} */ + +#endif // NRF_CC310_BL_ECDSA_VERIFY_SECP224R1_H__ diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl_ecdsa_verify_secp256r1.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl_ecdsa_verify_secp256r1.h new file mode 100644 index 0000000..cc89c41 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl_ecdsa_verify_secp256r1.h @@ -0,0 +1,161 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ +#ifndef NRF_CC310_BL_ECDSA_VERIFY_SECP256R1_H__ +#define NRF_CC310_BL_ECDSA_VERIFY_SECP256R1_H__ + +/**@file + * + * @defgroup nrf_cc310_bl_ecdsa_verify_secp256r1 nrf_cc310_bl ECDSA verify secp256r1 types + * @ingroup nrf_cc310_bl + * @brief Type definitions and APIs for nrf_cc310_bl ECDSA verify using curve secp256r1. + * @{ + */ + +#include <stdint.h> +#include "crys_error.h" +#include "nrf_cc310_bl_ecdsa_verify_common.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/**@brief Structure holding the secp256r1 public key represented by X,Y coordinates. +*/ +typedef struct +{ + uint8_t x[32]; //!< Public key X coordinate in big-endian format. + uint8_t y[32]; //!< Public key Y coordinate in big-endian format. +} nrf_cc310_bl_ecc_public_key_secp256r1_t; + + +/**@brief Structure holding the secp256r1 signature represented by R,S values. +*/ +typedef struct +{ + uint8_t r[32]; //!< Signature R part in big-endian format. + uint8_t s[32]; //!< Signature S part in big-endian format. +} nrf_cc310_bl_ecc_signature_secp256r1_t; + + +/**@brief Structure holding memory required for allocation of CC310 ECDSA verify context + * using curve secp256r1. + */ +typedef struct +{ + uint32_t init_val; + uint8_t context_buffer[NRF_CC310_BL_ECDSA_VERIFY_CONTEXT_SIZE_SECP256R1]; +} nrf_cc310_bl_ecdsa_verify_context_secp256r1_t; + + +/**@brief Function for initializing the context information for an ECDSA verify operation. + * + * @note The memory that holds the context object must be allocated prior to this call. + * + * @param[in,out] p_context Pointer to the structure holding context information + * for the ECDSA verify operation. + * @param[in] p_public_key Pointer to the structure holding the public key for + * the ECDSA verify operation. + * + * @retval CRYS_ECDSA_VERIFY_INVALID_USER_CONTEXT_PTR_ERROR p_context was NULL. + * @retval CRYS_ECDSA_VERIFY_SIGNER_PUBL_KEY_VALIDATION_TAG_ERROR p_public_key was NULL. + */ +CRYSError_t nrf_cc310_bl_ecdsa_verify_init_secp256r1( + nrf_cc310_bl_ecdsa_verify_context_secp256r1_t * const p_context, + nrf_cc310_bl_ecc_public_key_secp256r1_t const * const p_public_key); + + +/**@brief Function for executing an ECDSA verify operation using secp256r1 with hash input. + * + * @note The ECDSA verify context structure must be initialized prior to this call using + * @ref nrf_cc310_bl_ecdsa_verify_init_secp256r1. + * + * @param[in,out] p_context Pointer to the structure holding context information + * for the ECDSA verify operation. + * @param[in] p_signature Pointer to the structure holding the signature to use for + * the ECDSA verify operation. + * @param[in] p_hash Pointer to the hash to use in the ECDSA verify operation. + * @param[in] hash_len Length of the hash to verify. + * + * @retval CRYS_OK Signature was successfully verified. + * @retval CRYS_ECDSA_VERIFY_INVALID_USER_CONTEXT_PTR_ERROR p_context was NULL. + * @retval CRYS_ECDSA_VERIFY_USER_CONTEXT_VALIDATION_TAG_ERROR p_context was not initialized. + * @retval CRYS_ECDSA_VERIFY_INVALID_SIGNATURE_IN_PTR_ERROR p_signature was NULL. + * @retval CRYS_ECDSA_VERIFY_INVALID_MESSAGE_DATA_IN_PTR_ERROR p_hash was NULL. + * @retval CRYS_ECDSA_VERIFY_INVALID_MESSAGE_DATA_IN_SIZE_ERROR hash_len was invalid. + * @retval CRYS_ECDSA_VERIFY_INCONSISTENT_VERIFY_ERROR Signature verification failed. + */ +CRYSError_t nrf_cc310_bl_ecdsa_verify_hash_secp256r1( + nrf_cc310_bl_ecdsa_verify_context_secp256r1_t * const p_context, + nrf_cc310_bl_ecc_signature_secp256r1_t const * const p_signature, + uint8_t const * const p_hash, + uint32_t hash_len); + +/**@brief Function for executing an ECDSA verify operation using secp256r1 with + * hash input in integrated form. + * + * @note This will run initialization of ECDSA context and run ECDSA verify in a single step. + * + * @param[in,out] p_context Pointer to the structure holding context information for + * the ECDSA verify operation. + * @param[in] p_public_key Pointer to the structure holding the public key for + * the ECDSA verify operation. + * @param[in] p_signature Pointer to the structure holding the signature to use + * for the ECDSA verify operation. + * @param[in] p_hash Pointer to the hash to use in the ECDSA verify operation. + * @param[in] hash_len Length of the hash to verify. + * + * @retval CRYS_OK Signature was successfully verified. + * @retval CRYS_ECDSA_VERIFY_INVALID_USER_CONTEXT_PTR_ERROR p_context was NULL. + * @retval CRYS_ECDSA_VERIFY_USER_CONTEXT_VALIDATION_TAG_ERROR p_context was not initialized. + * @retval CRYS_ECDSA_VERIFY_SIGNER_PUBL_KEY_VALIDATION_TAG_ERROR + * p_public_key was NULL. + * @retval CRYS_ECDSA_VERIFY_INVALID_SIGNATURE_IN_PTR_ERROR p_signature was NULL. + * @retval CRYS_ECDSA_VERIFY_INVALID_MESSAGE_DATA_IN_PTR_ERROR p_hash was NULL. + * @retval CRYS_ECDSA_VERIFY_INVALID_MESSAGE_DATA_IN_SIZE_ERROR hash_len was invalid. + * @retval CRYS_ECDSA_VERIFY_INCONSISTENT_VERIFY_ERROR Signature verification failed. + */ +CRYSError_t nrf_cc310_bl_ecdsa_verify_secp256r1( + nrf_cc310_bl_ecdsa_verify_context_secp256r1_t * const p_context, + nrf_cc310_bl_ecc_public_key_secp256r1_t const * const p_public_key, + nrf_cc310_bl_ecc_signature_secp256r1_t const * const p_signature, + uint8_t const * const p_hash, + uint32_t hash_len); + +#ifdef __cplusplus +} +#endif + +/** @} */ + +#endif // NRF_CC310_BL_ECDSA_VERIFY_SECP256R1_H__ diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl_hash_common.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl_hash_common.h new file mode 100644 index 0000000..3fa9dda --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl_hash_common.h @@ -0,0 +1,60 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ +#ifndef NRF_CC310_BL_HASH_COMMON_H__ +#define NRF_CC310_BL_HASH_COMMON_H__ + +/**@file + * + * @defgroup nrf_cc310_bl_hash_common nrf_crypto_bl Hash common declarations + * @ingroup nrf_cc310_bl + * @brief Shared declarations used by nrf_cc310_bl for hash APIs. + * @{ + */ + +#ifdef __cplusplus +extern "C" { +#endif + +#define NRF_CC310_BL_HASH_CONTEXT_INITIALIZED (0xBBAA55DD) //!< Value indicating that the hash context is initialized. +#define NRF_CC310_BL_HASH_CONTEXT_BUFFER_SIZE_SHA256 (112) //!< Size of internal representation of SHA-256 hash context. +#define NRF_CC310_BL_SHA256_DIGEST_SIZE_IN_WORDS (8) //!< Size of SHA-256 hash digest in words. +#define NRF_CC310_BL_SHA256_DIGEST_SIZE_IN_BYTES (32) //!< Size of SHA-256 hash digest in bytes. + +#ifdef __cplusplus +} +#endif + +/** @} */ + +#endif // NRF_CC310_BL_HASH_COMMON_H__ diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl_hash_sha256.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl_hash_sha256.h new file mode 100644 index 0000000..199911b --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl_hash_sha256.h @@ -0,0 +1,120 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ +#ifndef NRF_CC310_BL_HASH_SHA256_H__ +#define NRF_CC310_BL_HASH_SHA256_H__ + +/**@file + * + * @defgroup nrf_cc310_bl_hash_sha256 nrf_cc310_bl Hash SHA-256 API + * @ingroup nrf_cc310_bl + * @brief Type definitions and public APIs for nrf_cc310_bl HASH using SHA-256. + * @{ + */ + +#include <stdint.h> +#include "nrf_cc310_bl_hash_common.h" +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/**@brief Structure to hold SHA-256 context information. + */ +typedef struct +{ + uint32_t init_val; + uint8_t context_buffer[NRF_CC310_BL_HASH_CONTEXT_BUFFER_SIZE_SHA256]; +} nrf_cc310_bl_hash_context_sha256_t; + + +/**@brief Array to hold SHA-256 hash digest. + */ +typedef uint8_t nrf_cc310_bl_hash_digest_sha256_t[NRF_CC310_BL_SHA256_DIGEST_SIZE_IN_BYTES]; + + +/**@brief Function for initializing the SHA-256 context. + * + * @note Memory pointed to in hash context must be allocated prior to this call. + * + * @param[in,out] p_hash_context Structure holding context information for + * the SHA-256 operation. + * + * @retval CRYS_OK If call was successful. + * @retval CRYS_HASH_INVALID_USER_CONTEXT_POINTER_ERROR p_hash_context was NULL. + */ +CRYSError_t nrf_cc310_bl_hash_sha256_init( + nrf_cc310_bl_hash_context_sha256_t * const p_hash_context); + + +/** @brief Function for running an update to the SHA-256 hash calculation. + * + * @param[in,out] p_hash_context Structure holding context information + * for the SHA-256 operation. + * + * @retval CRYS_OK If call was successful. + * @retval CRYS_HASH_INVALID_USER_CONTEXT_POINTER_ERROR p_hash_context was NULL. + * @retval CRYS_HASH_USER_CONTEXT_CORRUPTED_ERROR p_hash_context not initialized. + * @retval CRYS_HASH_LAST_BLOCK_ALREADY_PROCESSED_ERROR p_hash_context already finalized. + */ +CRYSError_t nrf_cc310_bl_hash_sha256_update( + nrf_cc310_bl_hash_context_sha256_t * const p_hash_context, + uint8_t const * p_src, + uint32_t len); + + +/** @brief Function for finalizing the hash calculation. + * + * @note Memory pointed to in hash digest must be allocated prior to this call. + * + * @param[in,out] p_hash_context Structure holding context information for + * the SHA-256 operation. + * @param[in,out] p_hash_digest Pointer to the structure holding SHA-256 + * hash digest. Data pointed to must be 32 bytes long. + * + * @retval CRYS_HASH_INVALID_USER_CONTEXT_POINTER_ERROR p_hash_context was NULL. + * @retval CRYS_HASH_USER_CONTEXT_CORRUPTED_ERROR p_hash_context was corrupted. + * @retval CRYS_HASH_INVALID_RESULT_BUFFER_POINTER_ERROR p_digest was NULL. + */ +CRYSError_t nrf_cc310_bl_hash_sha256_finalize( + nrf_cc310_bl_hash_context_sha256_t * const p_hash_context, + nrf_cc310_bl_hash_digest_sha256_t * const p_digest); + +#ifdef __cplusplus +} +#endif + +/** @} */ + +#endif // NRF_CC310_BL_HASH_SHA256_H__ diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl_init.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl_init.h new file mode 100644 index 0000000..e8ae3bc --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/nrf_cc310_bl_init.h @@ -0,0 +1,62 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ +#ifndef NRF_CC310_BL_INIT_H__ +#define NRF_CC310_BL_INIT_H__ + +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/**@file + * + * @addtogroup nrf_cc310_bl + * @{ + * @brief Function for initializing the CC310 hardware and runtime library. + * + * @note Running this initialization is intended for cases where there + * is no direct requirement for the RNG subsystem (all operations are deterministic). + * + * @retval CRYS_OK Initialization was successful. + */ +CRYSError_t nrf_cc310_bl_init(void); + +#ifdef __cplusplus +} +#endif + +/** @} */ + + #endif // NRF_CC310_BL_INIT_H__ diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/ssi_aes.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/ssi_aes.h new file mode 100644 index 0000000..a42b65f --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/ssi_aes.h @@ -0,0 +1,325 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +/*! @file +@brief This file contains all of the enums and definitions that are used for the +CryptoCell AES APIs, as well as the APIs themselves. +@defgroup ssi_aes CryptoCell AES APIs +@{ +@ingroup cryptocell_api +*/ + +#ifndef SSI_AES_H +#define SSI_AES_H + +#include "ssi_pal_types.h" +#include "ssi_aes_error.h" +#include "ssi_aes_defs.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + +/************************ Defines ******************************/ + + +/************************ Enums ********************************/ + +/*! +Encrypt or Decrypt operation mode. +*/ +typedef enum { + /*! Encrypt operation. */ + SASI_AES_ENCRYPT = 0, + /*! Decrypt operation. */ + SASI_AES_DECRYPT = 1, + /*! Maximal number of operations. */ + SASI_AES_NUM_OF_ENCRYPT_MODES, + /*! Reserved. */ + SASI_AES_ENCRYPT_MODE_LAST = 0x7FFFFFFF +}SaSiAesEncryptMode_t; + +/*! +AES operation mode. +*/ +typedef enum { + SASI_AES_MODE_ECB = 0, /*!< ECB mode. */ + SASI_AES_MODE_CBC = 1, /*!< CBC mode. */ + SASI_AES_MODE_CBC_MAC = 2, /*!< CBC-MAC mode. */ + SASI_AES_MODE_CTR = 3, /*!< CTR mode. */ + SASI_AES_MODE_XCBC_MAC = 4, /*!< XCBC-MAC mode. */ + SASI_AES_MODE_CMAC = 5, /*!< CMAC mode. */ + SASI_AES_MODE_XTS = 6, /*!< XTS mode. */ + SASI_AES_MODE_CBC_CTS = 7, /*!< CBC-CTS mode. */ + SASI_AES_MODE_OFB = 8, /*!< OFB mode. */ + + /*! Maximal number of AES modes */ + SASI_AES_NUM_OF_OPERATION_MODES, + /*! Reserved. */ + SASI_AES_OPERATION_MODE_LAST = 0x7FFFFFFF +}SaSiAesOperationMode_t; + +/*! +AES padding type. +*/ +typedef enum { + SASI_AES_PADDING_NONE = 0, /*!< No padding. */ + SASI_AES_PADDING_PKCS7 = 1, /*!< PKCS7 padding. */ + + /*! Maximal number of AES padding modes */ + SASI_AES_NUM_OF_PADDING_TYPES, + /*! Reserved. */ + SASI_AES_PADDING_TYPE_LAST = 0x7FFFFFFF +}SaSiAesPaddingType_t; + +/*! +AES key type. +*/ +typedef enum { + SASI_AES_USER_KEY = 0, /*!< user key. */ + SASI_AES_PLATFORM_KEY = 1, /*!< Kplt hardware key. */ + SASI_AES_CUSTOMER_KEY = 2, /*!< Kcst hardware key. */ + + /*! Maximal number of AES key types */ + SASI_AES_NUM_OF_KEY_TYPES, + /*! Reserved. */ + SASI_AES_KEY_TYPE_LAST = 0x7FFFFFFF +}SaSiAesKeyType_t; + +/************************ Typedefs ****************************/ + +/*! Defines the IV buffer - 16 bytes array. */ +typedef uint8_t SaSiAesIv_t[SASI_AES_IV_SIZE_IN_BYTES]; + +/*! Defines the AES key data buffer. */ +typedef uint8_t SaSiAesKeyBuffer_t[SASI_AES_KEY_MAX_SIZE_IN_BYTES]; + +/************************ Structs ******************************/ + +/*! The user's context prototype - the argument type that is passed by the user + to the AES APIs. The context saves the state of the operation and must be saved by the user + till the end of the APIs flow*/ +typedef struct SaSiAesUserContext_t { + /*! Context buffer for internal usage. */ + uint32_t buff[SASI_AES_USER_CTX_SIZE_IN_WORDS]; +}SaSiAesUserContext_t; + + +/*! AES User Key Data. */ +typedef struct SaSiAesUserKeyData_t { + uint8_t * pKey; /*!< Pointer to the key. */ + size_t keySize; /*!< The key size in bytes. Valid values: + <ul><li> For XTS mode - 32 or 64 byte, indicating the full size of the double key (2x128 or 2x256 bit).</li> + <li>For XCBC-MAC mode - 16 byte (limited by the standard).</li> + <li>For all other modes - 16, 24 or 32 byte.</li></ul> */ +}SaSiAesUserKeyData_t; + +/*! AES HW Key Data - this structure is likely to be changed when we'll start using it. */ +typedef struct SaSiAesHwKeyData_t { + size_t slotNumber; /*!< Slot number. */ +}SaSiAesHwKeyData_t; + + +/************************ Functions *****************************/ + +/*! +@brief This function is used to initialize an AES operation context. + To operate the AES machine, this must be the first API called. + +@return SASI_OK on success, +@return A non-zero value from ssi_aes_error.h on failure. +*/ +CIMPORT_C SaSiError_t SaSi_AesInit( + SaSiAesUserContext_t * pContext, /*!< [in] Pointer to the AES context buffer that is allocated by the caller and initialized by this API. + Should be used in all subsequent calls that are part of the same operation. */ + SaSiAesEncryptMode_t encryptDecryptFlag, /*!< [in] A flag specifying whether an AES Encrypt (SASI_AES_Encrypt) or Decrypt (SASI_AES_Decrypt) operation should be performed. + Must be set to CRYS_AES_Encrypt in CBC-MAC, XCBC-MAC and CMAC modes. */ + SaSiAesOperationMode_t operationMode, /*!< [in] The operation cipher/mode. */ + SaSiAesPaddingType_t paddingType /*!< [in] The padding type for AES operation: + <ul><li> NONE - supported for all operation modes.</li> + <li> PKCS7 - supported for ECB, CBC, CBC-MAC operation modes.</li></ul> */ +); + + +/*! +@brief This function sets the key information for the AES operation, in the context that was initialized by SaSi_AesInit. +\note When FIPS certification mode is set to ON, and the mode is AES-XTS, weak keys are not allowed (128/256 lsb bits must be +different than 128/256 msb bits, according to the key size). +@return SASI_OK on success, +@return A non-zero value from ssi_aes_error.h on failure. +*/ +CIMPORT_C SaSiError_t SaSi_AesSetKey( + SaSiAesUserContext_t * pContext, /*!< [in] Pointer to the AES context, after it was initialized by SaSi_AesInit. */ + SaSiAesKeyType_t keyType, /*!< [in] The type of key to be used for the AES operation. + Currently only SASI_AES_USER_KEY is supported - the key is plaintext and provided in the pKeyData parameter. */ + void * pKeyData, /*!< [in] Pointer to the key data structure (to be casted to the relevant struct type). */ + size_t keyDataSize /*!< [in] The size of data passed in pKeyData in bytes. */ +); + + +/*! +@brief This function sets the IV, counter or tweak data for the following AES operation on the same context. + The context must be first initialized by SaSi_AesInit. + It must be called at least once prior to the first SaSi_AesBlock operation on the same context - for those ciphers that require it. + If needed, it can also be called to override the IV in the middle of a sequence of SaSi_AesBlock operations. + +@return SASI_OK on success, +@return A non-zero value from ssi_aes_error.h on failure. +*/ +CIMPORT_C SaSiError_t SaSi_AesSetIv( + SaSiAesUserContext_t * pContext, /*!< [in] Pointer to the AES context. */ + SaSiAesIv_t pIV /*!< [in] Pointer to the buffer of the IV, counter or tweak. + <ul><li> For CBC, CBC-CTS, OFB and CBC-MAC modes - the IV value.</li> + <li> For CTR mode - the counter.</li> + <li> For XTS mode - the tweak value.</li> + <li> For all other modes - N/A. </li></ul>*/ +); + + +/*! +@brief This function retrieves the current IV, counter or tweak from the AES context. + +@return SASI_OK on success, +@return A non-zero value from ssi_aes_error.h on failure. +*/ +CIMPORT_C SaSiError_t SaSi_AesGetIv( + SaSiAesUserContext_t * pContext, /*!< [in] Pointer to the AES context. */ + SaSiAesIv_t pIV /*!< [out] Pointer to the buffer of the IV, counter or tweak. + <ul><li> For CBC, CBC-CTS, OFB and CBC-MAC modes - the IV value.</li> + <li> For CTR mode - the counter.</li> + <li> For XTS mode - the tweak value.</li> + <li> For all other modes - N/A. </li></ul> */ +); + + +/*! +@brief This function performs an AES operation on an input data buffer, according to the configuration defined in the context parameter. + It can be called as many times as needed, until all the input data is processed. + SaSi_AesInit, SaSi_AesSetKey, and for some ciphers SaSi_AesSetIv, must be called before + the first call to this API with the same context. + +@return SASI_OK on success, +@return A non-zero value from ssi_aes_error.h on failure. +*/ +CIMPORT_C SaSiError_t SaSi_AesBlock( + SaSiAesUserContext_t * pContext, /*!< [in] Pointer to the AES context. */ + uint8_t * pDataIn, /*!< [in] Pointer to the buffer of the input data to the AES. The pointer does not need to be aligned. + For TZ, the size of the scatter/gather list representing the data buffer is limited to 128 entries, + and the size of each entry is limited to 64KB (fragments larger than 64KB are broken into fragments <= 64KB). + For ARM CryptoCell 3xx, The buffer must be contiguous and limited to 64KB. */ + size_t dataInSize, /*!< [in] Size of the input data in bytes. + <ul><li> For all modes except XTS, must be multiple of 16 bytes.</li> + <li> For XTS mode, only the following data sizes are supported: 64, 512, 520, 521, 1024 and 4096 bytes. + The data passed in a single SaSi_AesBlock call is considered to be a single XTS unit. + All subsequent calls to this API with the same context must use the same data size. </li></ul>*/ + uint8_t * pDataOut /*!< [out] Pointer to the output buffer. The pointer does not need to be aligned. + For CBC-MAC, XCBC-MAC, CMAC modes it may be NULL. + For TZ, the size of the scatter/gather list representing the data buffer is limited to 128 entries, + and the size of each entry is limited to 64KB (fragments larger than 64KB are broken into fragments <= 64KB). + For ARM CryptoCell 3xx, The buffer must be contiguous and limited to 64KB. */ +); + + +/*! +@brief This function is used to finish AES operation. + + It processes the last data block if needed, finalizes the AES operation (cipher-specific), + and produces operation results (for MAC operations). + \note In case AES padding is used (PKCS#7) Din and Dout user's buffers must include extra space for + the padding scheme. + +@return SASI_OK on success, +@return A non-zero value from ssi_aes_error.h on failure. +*/ +CIMPORT_C SaSiError_t SaSi_AesFinish( + SaSiAesUserContext_t * pContext, /*!< [in] Pointer to the AES context. */ + size_t dataSize, /*!< [in] The size of the input data in bytes. + <ul><li> For CBC-CTS mode, must be > 16. Can be <=16 only if this is the only data (no previous calls were + made to SaSi_AesBlock with the same context).</li> + <li> For XTS mode, the data size must conform to the dataInSize rules as listed for XTS under the + SaSi_AesBlock API, and match the data size passed in the previous calls to SaSi_AesBlock with the + same context.</li> + <li> For all other modes, zero is a valid size.</li> + <li> For ECB, CBC, CBC-MAC modes: </li> + <ul><li> Must be >= 0, if direction is SASI_AES_ENCRYPT and padding type is SASI_AES_PADDING_PKCS7.</li> + <li> Must be >= 16 and a multiple of 16 bytes, if direction is SASI_AES_DECRYPT and padding type + is SASI_AES_PADDING_PKCS7.</li> + <li> Must be a multiple of 16 bytes, otherwise. </li></ul></ul>*/ + uint8_t * pDataIn, /*!< [in] Pointer of the input data buffer. + For TZ, the size of the scatter/gather list representing the data buffer is limited to 128 entries, + and the size of each entry is limited to 64KB (fragments larger than 64KB are broken into fragments <= 64KB). + For ARM CryptoCell 3xx, The buffer must be contiguous and limited to 64KB. */ + size_t dataInBuffSize, /*!< [in] Size of pDataIn buffer in bytes. + <ul><li> Must be >= dataSize. </li> + <li> According to padding type, must be >= dataSize + padding. For PKCS7, padding size is + maximum SASI_AES_BLOCK_SIZE_IN_BYTES. </li></ul>*/ + uint8_t * pDataOut, /*!< [out] Pointer to the output buffer. + For TZ, the size of the scatter/gather list representing the data buffer is limited to 128 entries, + and the size of each entry is limited to 64KB (fragments larger than 64KB are broken into fragments <= 64KB). + For ARM CryptoCell 3xx, The buffer must be contiguous and limited to 64KB. */ + size_t * dataOutBuffSize /*!< [in,out] In - Size of pDataOut buffer in bytes. + The output buffer size must be no less than: + <ul><li> For CBC-MAC, XCBC-MAC, CMAC modes - 16 bytes (for MAC result).</li> + <li> For non-MAC modes - dataInBuffSize.</li></ul> + Out - The size in bytes of the actual output data: + <ul><li> If direction is SASI_AES_ENCRYPT and padding type is SASI_AES_PADDING_PKCS7, it is the actual size + with the padding.</li> + <li> If direction is SASI_AES_DECRYPT and padding type is SASI_AES_PADDING_PKCS7, it is the size without + the padding. </li> + <li> For CBC-MAC, XCBC-MAC, CMAC modes - always 16 bytes. </li></ul>*/ +); + + +/*! +@brief This function releases and crears resources after AES operations. + +@return SASI_OK on success, +@return A non-zero value from ssi_aes_error.h on failure. +*/ +CIMPORT_C SaSiError_t SaSi_AesFree( + SaSiAesUserContext_t * pContext /*!< [in] Pointer to the AES context. */ +); + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif /* #ifndef SSI_AES_H */ + diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/ssi_aes_defs.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/ssi_aes_defs.h new file mode 100644 index 0000000..02789d0 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/ssi_aes_defs.h @@ -0,0 +1,83 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +/*! +@file +@brief This file contains definitions that are used for the ARM CryptoCell 3xx version of the CryptoCell AES APIs. +@defgroup ssi_aes_defs CryptoCell AES definitions +@{ +@ingroup ssi_aes + +*/ + +#ifndef SSI_AES_DEFS_H +#define SSI_AES_DEFS_H + +#include "ssi_pal_types.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + +/************************ Defines ******************************/ + +/*! The size of the user's context prototype (see ::SaSiAesUserContext_t) in words. */ +#define SASI_AES_USER_CTX_SIZE_IN_WORDS (4+4+7+4) + +/*! The AES block size in words. */ +#define SASI_AES_BLOCK_SIZE_IN_WORDS 4 +/*! The AES block size in bytes. */ +#define SASI_AES_BLOCK_SIZE_IN_BYTES (SASI_AES_BLOCK_SIZE_IN_WORDS * sizeof(uint32_t)) + +/*! The size of the IV buffer in words. */ +#define SASI_AES_IV_SIZE_IN_WORDS SASI_AES_BLOCK_SIZE_IN_WORDS +/*! The size of the IV buffer in bytes. */ +#define SASI_AES_IV_SIZE_IN_BYTES (SASI_AES_IV_SIZE_IN_WORDS * sizeof(uint32_t)) + +/*! The maximum size of the AES KEY in words. */ +#define SASI_AES_KEY_MAX_SIZE_IN_WORDS 4 +/*! The maximum size of the AES KEY in bytes. */ +#define SASI_AES_KEY_MAX_SIZE_IN_BYTES (SASI_AES_KEY_MAX_SIZE_IN_WORDS * sizeof(uint32_t)) + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif /* #ifndef SSI_AES_DEFS_H */ diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/ssi_aes_error.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/ssi_aes_error.h new file mode 100644 index 0000000..11c6927 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/ssi_aes_error.h @@ -0,0 +1,133 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +/*! +@file +@brief This file contains the definitions of the CryptoCell AES errors. +@defgroup ssi_aes_error CryptoCell AES specific errors +@{ +@ingroup ssi_aes +*/ + +#ifndef SSI_AES_ERROR_H +#define SSI_AES_ERROR_H + +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/************************ Defines ******************************/ + +/* generic errors */ +/*! General fatal error. */ +#define SASI_FATAL_ERROR CRYS_FATAL_ERROR +/*! General out of resources error. */ +#define SASI_OUT_OF_RESOURCE_ERROR CRYS_OUT_OF_RESOURCE_ERROR +/*! General Illegal resource value error. */ +#define SASI_ILLEGAL_RESOURCE_VAL_ERROR CRYS_ILLEGAL_RESOURCE_VAL_ERROR + +/*! CRYS_AES_MODULE_ERROR_BASE - 0x00F00000. */ +/*! Illegal user context. */ +#define SASI_AES_INVALID_USER_CONTEXT_POINTER_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x00UL) +/*! Illegal IV or tweak pointer. */ +#define SASI_AES_INVALID_IV_OR_TWEAK_PTR_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x01UL) +/*! Illegal operation. */ +#define SASI_AES_ILLEGAL_OPERATION_MODE_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x02UL) +/*! Illegal key size. */ +#define SASI_AES_ILLEGAL_KEY_SIZE_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x03UL) +/*! Illegal key pointer. */ +#define SASI_AES_INVALID_KEY_POINTER_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x04UL) +/*! Unsupported key type. */ +#define SASI_AES_KEY_TYPE_NOT_SUPPORTED_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x05UL) +/*! Illegal operation. */ +#define SASI_AES_INVALID_ENCRYPT_MODE_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x06UL) +/*! User context corrupted. */ +#define SASI_AES_USER_CONTEXT_CORRUPTED_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x07UL) +/*! Illegal data in pointer. */ +#define SASI_AES_DATA_IN_POINTER_INVALID_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x08UL) +/*! Illegal data out pointer. */ +#define SASI_AES_DATA_OUT_POINTER_INVALID_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x09UL) +/*! Illegal data in size. */ +#define SASI_AES_DATA_IN_SIZE_ILLEGAL (CRYS_AES_MODULE_ERROR_BASE + 0x0AUL) +/*! Illegal data out address. */ +#define SASI_AES_DATA_OUT_DATA_IN_OVERLAP_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x0BUL) +/*! Illegal data in buffer size. */ +#define SASI_AES_DATA_IN_BUFFER_SIZE_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x0CUL) +/*! Illegal data out buffer size. */ +#define SASI_AES_DATA_OUT_BUFFER_SIZE_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x0DUL) +/*! Illegal padding type. */ +#define SASI_AES_ILLEGAL_PADDING_TYPE_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x0EUL) +/*! Incorrect padding. */ +#define SASI_AES_INCORRECT_PADDING_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x0FUL) +/*! Output is corrupted. */ +#define SASI_AES_CORRUPTED_OUTPUT_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x10UL) +/*! Illegal output size. */ +#define SASI_AES_DATA_OUT_SIZE_POINTER_INVALID_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x11UL) +/*! Decryption operation is not permitted in this mode. */ +#define SASI_AES_DECRYPTION_NOT_ALLOWED_ON_THIS_MODE (CRYS_AES_MODULE_ERROR_BASE + 0x12UL) +/*! Additional block operation is not permitted. */ +#define SASI_AES_ADDITIONAL_BLOCK_NOT_PERMITTED_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x15UL) +/*! Illegal context size. */ +#define SASI_AES_CTX_SIZES_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x16UL) + +/*! Illegal parameters. */ +#define SASI_AES_ILLEGAL_PARAMS_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x60UL) +/*! Illegal CTR block offset. */ +#define SASI_AES_CTR_ILLEGAL_BLOCK_OFFSET_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x70UL) +/*! Illegal counter (in CTR mode). */ +#define SASI_AES_CTR_ILLEGAL_COUNTER_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x71UL) +/*! AES is not supported. */ +#define SASI_AES_IS_NOT_SUPPORTED (CRYS_AES_MODULE_ERROR_BASE + 0xFFUL) + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Structs *****************************/ + +/************************ Public Variables *********************/ + +/************************ Public Functions *********************/ + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif /* #ifndef SSI_AES_ERROR_H */ diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/ssi_pal_types.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/ssi_pal_types.h new file mode 100644 index 0000000..ed9c333 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/ssi_pal_types.h @@ -0,0 +1,115 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +/*! +@file +@brief This file contains the platform dependent definitions and types. +@defgroup ssi_pal_types CryptoCell PAL platform dependant types +@{ +@ingroup ssi_pal +*/ + +#ifndef SSI_PAL_TYPES_H +#define SSI_PAL_TYPES_H + +#include "ssi_pal_types_plat.h" + +/*! Boolean definition.*/ +typedef enum { + /*! Boolean false definition.*/ + SASI_FALSE = 0, + /*! Boolean true definition.*/ + SASI_TRUE = 1 +} SaSiBool; + +/*! Success definition. */ +#define SASI_SUCCESS 0UL +/*! Failure definition. */ +#define SASI_FAIL 1UL + +/*! Defintion of 1KB in bytes. */ +#define SASI_1K_SIZE_IN_BYTES 1024 +/*! Defintion of number of bits in a byte. */ +#define SASI_BITS_IN_BYTE 8 +/*! Defintion of number of bits in a 32bits word. */ +#define SASI_BITS_IN_32BIT_WORD 32 +/*! Defintion of number of bytes in a 32bits word. */ +#define SASI_32BIT_WORD_SIZE (sizeof(uint32_t)) + +/*! Success (OK) defintion. */ +#define SASI_OK SASI_SUCCESS + +/*! Macro that handles unused parameters in the code (to avoid compilation warnings). */ +#define SASI_UNUSED_PARAM(prm) ((void)prm) + +/*! Maximal uint32 value.*/ +#define SASI_MAX_UINT32_VAL (0xFFFFFFFF) + + +/* Minimum and Maximum macros */ +#ifdef min +/*! Definition for minimum. */ +#define CRYS_MIN(a,b) min( a , b ) +#else +/*! Definition for minimum. */ +#define CRYS_MIN( a , b ) ( ( (a) < (b) ) ? (a) : (b) ) +#endif + +#ifdef max +/*! Definition for maximum. */ +#define CRYS_MAX(a,b) max( a , b ) +#else +/*! Definition for maximum. */ +#define CRYS_MAX( a , b ) ( ( (a) > (b) ) ? (a) : (b) ) +#endif + +/*! Macro that calculates number of full bytes from bits (i.e. 7 bits are 1 byte). */ +#define CALC_FULL_BYTES(numBits) (((numBits) + (SASI_BITS_IN_BYTE -1))/SASI_BITS_IN_BYTE) +/*! Macro that calculates number of full 32bits words from bits (i.e. 31 bits are 1 word). */ +#define CALC_FULL_32BIT_WORDS(numBits) (((numBits) + (SASI_BITS_IN_32BIT_WORD -1))/SASI_BITS_IN_32BIT_WORD) +/*! Macro that calculates number of full 32bits words from bytes (i.e. 3 bytes are 1 word). */ +#define CALC_32BIT_WORDS_FROM_BYTES(sizeBytes) (((sizeBytes) + SASI_32BIT_WORD_SIZE - 1) / SASI_32BIT_WORD_SIZE) +/*! Macro that round up bits to 32bits words. */ +#define ROUNDUP_BITS_TO_32BIT_WORD(numBits) (CALC_FULL_32BIT_WORDS(numBits)*SASI_BITS_IN_32BIT_WORD) +/*! Macro that round up bits to bytes. */ +#define ROUNDUP_BITS_TO_BYTES(numBits) (CALC_FULL_BYTES(numBits)*SASI_BITS_IN_BYTE) +/*! Macro that round up bytes to 32bits words. */ +#define ROUNDUP_BYTES_TO_32BIT_WORD(numBytes) (SASI_32BIT_WORD_SIZE*(((numBytes)+SASI_32BIT_WORD_SIZE-1)/SASI_32BIT_WORD_SIZE)) + + +/** +@} + */ +#endif diff --git a/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/ssi_pal_types_plat.h b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/ssi_pal_types_plat.h new file mode 100644 index 0000000..50e7e40 --- /dev/null +++ b/thirdparty/nRF5_SDK_15.0.0_a53641a/external/nrf_cc310_bl/include/ssi_pal_types_plat.h @@ -0,0 +1,57 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +/*! @file +@brief This file contains basic type definitions that are platform dependent. +*/ +#ifndef SSI_PAL_TYPES_PLAT_H +#define SSI_PAL_TYPES_PLAT_H +/* Host specific types for standard (ISO-C99) compilant platforms */ + +#include <stdint.h> +#include <stddef.h> +#include <stdbool.h> + +typedef uintptr_t SaSiVirtAddr_t; +typedef uint32_t SaSiBool_t; +typedef uint32_t SaSiStatus; + +#define SaSiError_t SaSiStatus +#define SASI_INFINITE 0xFFFFFFFF + +#define CEXPORT_C +#define CIMPORT_C + +#endif /*SSI_PAL_TYPES_PLAT_H*/ |