diff --git a/features/mbedtls/targets/TARGET_CRYPTOCELL310/binaries/TOOLCHAIN_GCC_ARM/libcc_310_core.a b/features/mbedtls/targets/TARGET_CRYPTOCELL310/binaries/TOOLCHAIN_GCC_ARM/libcc_310_core.a index 85abc53827..4d0d895777 100644 Binary files a/features/mbedtls/targets/TARGET_CRYPTOCELL310/binaries/TOOLCHAIN_GCC_ARM/libcc_310_core.a and b/features/mbedtls/targets/TARGET_CRYPTOCELL310/binaries/TOOLCHAIN_GCC_ARM/libcc_310_core.a differ diff --git a/features/mbedtls/targets/TARGET_CRYPTOCELL310/cc_internal.c b/features/mbedtls/targets/TARGET_CRYPTOCELL310/cc_internal.c new file mode 100644 index 0000000000..5a3ece6687 --- /dev/null +++ b/features/mbedtls/targets/TARGET_CRYPTOCELL310/cc_internal.c @@ -0,0 +1,153 @@ +/* + * cc_internal.c + * + * Internal utility functions and definitions, + * used for converting mbedtls types to CC types, and vice versa + * + * Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "cc_internal.h" +#include "crys_ecpki_error.h" +#include "crys_ec_mont_edw_error.h" + +CRYS_ECPKI_DomainID_t convert_mbedtls_grp_id_to_crys_domain_id( mbedtls_ecp_group_id grp_id ) +{ + switch( grp_id ) + { + case MBEDTLS_ECP_DP_SECP192K1: + return ( CRYS_ECPKI_DomainID_secp192k1 ); + case MBEDTLS_ECP_DP_SECP192R1: + return ( CRYS_ECPKI_DomainID_secp192r1 ); + case MBEDTLS_ECP_DP_SECP224K1: + return ( CRYS_ECPKI_DomainID_secp224k1 ); + case MBEDTLS_ECP_DP_SECP224R1: + return ( CRYS_ECPKI_DomainID_secp224r1 ); + case MBEDTLS_ECP_DP_SECP256K1: + return ( CRYS_ECPKI_DomainID_secp256k1 ); + case MBEDTLS_ECP_DP_SECP256R1: + return ( CRYS_ECPKI_DomainID_secp256r1 ); + case MBEDTLS_ECP_DP_SECP384R1: + return ( CRYS_ECPKI_DomainID_secp384r1 ); + case MBEDTLS_ECP_DP_SECP521R1: + return ( CRYS_ECPKI_DomainID_secp521r1 ); + default: + return ( CRYS_ECPKI_DomainID_OffMode ); + } + +} + +uint32_t convert_mbedtls_to_cc_rand( void* mbedtls_rnd_ctx, uint16_t outSizeBytes, uint8_t* out_ptr ) +{ + uint16_t i = 0; + uint8_t temp = 0; + mbedtls_rand_func_container* mbedtls_rand = (mbedtls_rand_func_container*)mbedtls_rnd_ctx; + + if( mbedtls_rand->f_rng( mbedtls_rand->ctx, out_ptr, outSizeBytes ) != 0 ) + return ( MBEDTLS_ERR_ECP_RANDOM_FAILED ); + + /* + * CC requires the random data as LE, so reversing the data + * (although this is random, but test vectors are in specific Endianess) + */ + while ( i < ( outSizeBytes / 2 ) ) + { + temp = out_ptr[outSizeBytes - 1 - i]; + out_ptr[outSizeBytes - 1 - i] = out_ptr[i]; + out_ptr[i] = temp; + ++i; + } + /* + * CC increases the random data by one, to put the vector in the proper range (1 to n), + * The RFC tests supply a data buffer within range, and in order to generate the proper ephemeral key, + * need to decrease one from this data, before CC increases the data, so the output will be as expected + */ + i = 0; + while( out_ptr[i] == 0 ) + { + ++i; + } + while( i > 0 ) + { + --out_ptr[i]; + --i; + } + --out_ptr[0]; + return ( 0 ); +} + +int convert_CrysError_to_mbedtls_err( CRYSError_t Crys_err ) +{ + switch(Crys_err) + { + case CRYS_OK: + return ( 0 ); + + case CRYS_ECDH_SVDP_DH_INVALID_USER_PRIV_KEY_PTR_ERROR: + case CRYS_ECDH_SVDP_DH_USER_PRIV_KEY_VALID_TAG_ERROR: + case CRYS_ECDH_SVDP_DH_INVALID_PARTNER_PUBL_KEY_PTR_ERROR: + case CRYS_ECDH_SVDP_DH_PARTNER_PUBL_KEY_VALID_TAG_ERROR: + case CRYS_ECDH_SVDP_DH_INVALID_SHARED_SECRET_VALUE_PTR_ERROR: + case CRYS_ECDH_SVDP_DH_INVALID_TEMP_DATA_PTR_ERROR: + case CRYS_ECDH_SVDP_DH_INVALID_SHARED_SECRET_VALUE_SIZE_PTR_ERROR: + case CRYS_ECDH_SVDP_DH_NOT_CONCENT_PUBL_AND_PRIV_DOMAIN_ID_ERROR: + case CRYS_ECDH_SVDP_DH_INVALID_SHARED_SECRET_VALUE_SIZE_ERROR: + case CRYS_ECMONT_INVALID_INPUT_POINTER_ERROR: + case CRYS_ECMONT_INVALID_INPUT_SIZE_ERROR: + case CRYS_ECMONT_INVALID_DOMAIN_ID_ERROR: + case CRYS_ECDSA_SIGN_INVALID_USER_CONTEXT_PTR_ERROR: + case CRYS_ECDSA_SIGN_INVALID_USER_PRIV_KEY_PTR_ERROR: + case CRYS_ECDSA_SIGN_ILLEGAL_HASH_OP_MODE_ERROR: + case CRYS_ECDSA_SIGN_USER_PRIV_KEY_VALIDATION_TAG_ERROR: + case CRYS_ECDSA_SIGN_USER_CONTEXT_VALIDATION_TAG_ERROR: + case CRYS_ECDSA_SIGN_INVALID_MESSAGE_DATA_IN_PTR_ERROR: + case CRYS_ECDSA_SIGN_INVALID_MESSAGE_DATA_IN_SIZE_ERROR: + case CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_PTR_ERROR: + case CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_SIZE_PTR_ERROR: + case CRYS_ECDSA_SIGN_INVALID_IS_EPHEMER_KEY_INTERNAL_ERROR: + case CRYS_ECDSA_SIGN_INVALID_EPHEMERAL_KEY_PTR_ERROR: + case CRYS_ECDSA_VERIFY_INVALID_SIGNER_PUBL_KEY_PTR_ERROR: + case CRYS_ECDSA_VERIFY_SIGNER_PUBL_KEY_VALIDATION_TAG_ERROR: + case CRYS_ECDSA_VERIFY_INVALID_USER_CONTEXT_PTR_ERROR: + case CRYS_ECDSA_VERIFY_INVALID_SIGNATURE_IN_PTR_ERROR: + case CRYS_ECDSA_VERIFY_INVALID_SIGNATURE_SIZE_ERROR: + case CRYS_ECPKI_INVALID_RND_CTX_PTR_ERROR: + case CRYS_ECPKI_INVALID_RND_FUNC_PTR_ERROR: + case CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_SIZE_ERROR: + return ( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + + case CRYS_ECDSA_VERIFY_INCONSISTENT_VERIFY_ERROR: + return ( MBEDTLS_ERR_ECP_VERIFY_FAILED ); + + case CRYS_ECMONT_IS_NOT_SUPPORTED: + case CRYS_ECEDW_IS_NOT_SUPPORTED: + return ( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + + case CRYS_ECEDW_RND_GEN_VECTOR_FUNC_ERROR: + return ( MBEDTLS_ERR_ECP_RANDOM_FAILED ); + + case CRYS_ECPKI_GEN_KEY_INVALID_PRIVATE_KEY_PTR_ERROR: + case CRYS_ECPKI_EXPORT_PUBL_KEY_INVALID_PUBL_KEY_DATA_ERROR: + case CRYS_ECPKI_BUILD_KEY_INVALID_PRIV_KEY_DATA_ERROR: + return ( MBEDTLS_ERR_ECP_INVALID_KEY ); + + default: + return ( MBEDTLS_ERR_ECP_HW_ACCEL_FAILED ); + } + + +} diff --git a/features/mbedtls/targets/TARGET_CRYPTOCELL310/cc_internal.h b/features/mbedtls/targets/TARGET_CRYPTOCELL310/cc_internal.h new file mode 100644 index 0000000000..7eb8c4bde7 --- /dev/null +++ b/features/mbedtls/targets/TARGET_CRYPTOCELL310/cc_internal.h @@ -0,0 +1,131 @@ +/* + * cc_internal.h + * + * Internal utility functions and definitions, + * used for converting mbedtls types to CC types, and vice versa + * + * Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef __CC_INTERNAL_H__ +#define __CC_INTERNAL_H__ +#include "crys_ecpki_types.h" +#include "crys_ec_mont_api.h" +#include "mbedtls/ecp.h" +#include +#include + +#define CURVE_25519_KEY_SIZE 32 + +#ifdef __cplusplus +extern "C" { +#endif + +#define MAX_KEY_SIZE_IN_BYTES ( ( CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS ) * SASI_32BIT_WORD_SIZE) + +/* ECC utility functions and structures*/ +typedef struct cc_ecc_ws_keygen_params{ + CRYS_ECPKI_UserPublKey_t pubKey; + CRYS_ECPKI_UserPrivKey_t privKey; + CRYS_ECPKI_KG_TempData_t kgTempData; +} cc_ecc_ws_keygen_params_t; + +typedef struct cc_ecc_ws_comp_shared_params{ + CRYS_ECPKI_UserPublKey_t pubKey; + CRYS_ECPKI_UserPrivKey_t privKey; + CRYS_ECDH_TempData_t ecdhTempData; +} cc_ecc_ws_comp_shared_params_t; + +typedef struct cc_ecc_ws_verify_params{ + CRYS_ECPKI_UserPublKey_t pubKey; + CRYS_ECDSA_VerifyUserContext_t verifyContext; +} cc_ecc_ws_verify_params_t; + +typedef struct cc_ecc_ws_sign_params{ + CRYS_ECPKI_UserPrivKey_t privKey; + CRYS_ECDSA_SignUserContext_t signContext; +} cc_ecc_ws_sign_params_t; + +typedef struct cc_ecc_25519_keygen_params{ + uint8_t pubKey[CURVE_25519_KEY_SIZE]; + uint8_t privKey[CURVE_25519_KEY_SIZE]; + CRYS_ECMONT_TempBuff_t kgTempData; +} cc_ecc_25519_keygen_params_t; + +typedef cc_ecc_25519_keygen_params_t cc_ecc_25519_comp_shared_params_t; + +/** + * \brief This function converts mbedtls type mbedtls_ecp_group_id + * to Cryptocell type CRYS_ECPKI_DomainID_t + * + * \param grp_id The mbedtls mbedtls_ecp_group_id to convert + * + * \return \c The corresponding CRYS_ECPKI_DomainID_t. + * CRYS_ECPKI_DomainID_OffMode if not recognized. + */ +CRYS_ECPKI_DomainID_t convert_mbedtls_grp_id_to_crys_domain_id( mbedtls_ecp_group_id grp_id ); + +/* f_rng conversion from mbedtls type to cc type*/ +typedef struct +{ + int (*f_rng)( void* ctx, unsigned char* output, size_t outSizeBytes ); + void* ctx; + +}mbedtls_rand_func_container; + +/** + * \brief This function converts mbedtls f_rng type to + * Cryptocell f_rng type(SaSiRndGenerateVectWorkFunc_t) + * + * Note: The Mbed TLS type f_rng signature is: + * int (*f_rng)( void* ctx, unsigned char* output, size_t outSizeBytes ); + * while CC f_rng signature is: + * uint32_t (*SaSiRndGenerateVectWorkFunc_t)( + * void *rndState_ptr, + * uint16_t outSizeBytes, + * uint8_t *out_ptr) + * + * so the Mbed TLS f_rng can't be sent as is to the CC API. + * + * In addition, this function manipulates the different random data, + * to adjust between the way Cryptocell reads the random data. This is done for + * different standard tests to pass. + * + * + * \param grp_id The mbedtls mbedtls_ecp_group_id to convert + * + * \return \c The corresponding CRYS_ECPKI_DomainID_t. + * CRYS_ECPKI_DomainID_OffMode if not recognized. + */ + +uint32_t convert_mbedtls_to_cc_rand( void* mbedtls_rand, uint16_t outSizeBytes, uint8_t* out_ptr ); + +/** + * \brief This function convertsCryptocell error + * Mbed TLS related error. + * + * + * \return \c The corresponding Mbed TLS error, + * MBEDTLS_ERR_ECP_HW_ACCEL_FAILED as default, if none found + */ +int convert_CrysError_to_mbedtls_err( CRYSError_t Crys_err ); + +#ifdef __cplusplus +} +#endif + +#endif /* __CC_INTERNAL_H__ */ diff --git a/features/mbedtls/targets/TARGET_CRYPTOCELL310/cc_rand.h b/features/mbedtls/targets/TARGET_CRYPTOCELL310/cc_rand.h new file mode 100644 index 0000000000..f9c337d863 --- /dev/null +++ b/features/mbedtls/targets/TARGET_CRYPTOCELL310/cc_rand.h @@ -0,0 +1,73 @@ +/* + * cc_rand.h + * + * Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ +#ifndef __CC_RAND_H__ +#define __CC_RAND_H__ +#include +#include + +typedef struct +{ + int (*f_rng)(void* ctx, unsigned char* output, size_t outSizeBytes); + void* ctx; + +}mbedtls_rand_func_container; + + +uint32_t mbedtls_to_cc_rand_func( void *mbedtls_rnd_ctx, uint16_t outSizeBytes, uint8_t *out_ptr ) +{ + uint16_t i = 0; + uint8_t temp = 0; + mbedtls_rand_func_container* mbedtls_rand = (mbedtls_rand_func_container*)mbedtls_rnd_ctx; + uint32_t ret = mbedtls_rand->f_rng( mbedtls_rand->ctx, out_ptr, outSizeBytes ); + if( ret != 0 ) + return ret; + + /* + * CC requires the random data as LE, so reversing the data + * (although this is random, but test vectors are in specific Endianess) + */ + while ( i < ( outSizeBytes / 2 ) ) + { + temp = out_ptr[outSizeBytes - 1 - i]; + out_ptr[outSizeBytes - 1 - i] = out_ptr[i]; + out_ptr[i] = temp; + ++i; + } + /* + * CC increases the random data by one, to put the vector in the proper range (1 to n), + * The RFC tests supply a data buffer within range, and in order to generate the proper ephemeral key, + * need to decrease one from this data, before CC increases the data, so the output will be as expected + */ + i = 0; + while( out_ptr[i] == 0 ) + { + ++i; + } + while( i > 0 ) + { + --out_ptr[i]; + --i; + } + --out_ptr[0]; + return ret; +} + + +#endif/* __CC_RAND_H__ */ diff --git a/features/mbedtls/targets/TARGET_CRYPTOCELL310/ecdh_alt.c b/features/mbedtls/targets/TARGET_CRYPTOCELL310/ecdh_alt.c new file mode 100644 index 0000000000..7077223812 --- /dev/null +++ b/features/mbedtls/targets/TARGET_CRYPTOCELL310/ecdh_alt.c @@ -0,0 +1,256 @@ +/* + * ecdh_alt.c + * + * Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "mbedtls/ecdh.h" +#include +#include "crys_ecpki_dh.h" +#include "crys_ecpki_build.h" +#include "crys_common.h" +#include "crys_ecpki_kg.h" +#include "crys_ecpki_domain.h" +#include "crys_ec_mont_api.h" +#include "mbedtls/platform.h" +#include "cc_internal.h" + + +/* Implementation that should never be optimized out by the compiler */ +static void mbedtls_zeroize( void *v, size_t n ) { + volatile unsigned char *p = (unsigned char*)v; + while( n-- ) *p++ = 0; +} + +#if defined (MBEDTLS_ECDH_GEN_PUBLIC_ALT) +int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, + int ( *f_rng )( void *, unsigned char *, size_t ), + void *p_rng ) +{ + int ret = 0; + void* pHeap = NULL; + size_t heapSize = 0; + + uint32_t public_key_size = (2 * MAX_KEY_SIZE_IN_BYTES + 1); + const CRYS_ECPKI_Domain_t* pDomain = CRYS_ECPKI_GetEcDomain ( convert_mbedtls_grp_id_to_crys_domain_id( grp->id ) ); + mbedtls_rand_func_container cc_rand = { f_rng, p_rng }; + + if ( pDomain ) + { + uint8_t temp_buf[ 2 * MAX_KEY_SIZE_IN_BYTES + 1 ] = {0}; + cc_ecc_ws_keygen_params_t* kgParams = mbedtls_calloc( 1, sizeof(cc_ecc_ws_keygen_params_t) ); + + if ( kgParams == NULL ) + return ( MBEDTLS_ERR_ECP_ALLOC_FAILED ); + pHeap = kgParams; + heapSize = sizeof(cc_ecc_ws_keygen_params_t); + + ret = convert_CrysError_to_mbedtls_err( CRYS_ECPKI_GenKeyPair( &cc_rand, convert_mbedtls_to_cc_rand, + pDomain, &kgParams->privKey, + &kgParams->pubKey, + &kgParams->kgTempData, NULL ) ); + if( ret != 0 ) + { + goto cleanup; + } + + ret = convert_CrysError_to_mbedtls_err( CRYS_ECPKI_ExportPublKey( &kgParams->pubKey, + CRYS_EC_PointUncompressed,temp_buf, &public_key_size ) ); + if( ret != 0 ) + { + goto cleanup; + } + + + MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( grp, Q, temp_buf, public_key_size ) ); + memset ( temp_buf, 0 , sizeof(temp_buf) ); + + ret = convert_CrysError_to_mbedtls_err( CRYS_COMMON_ConvertLswMswWordsToMsbLsbBytes( temp_buf, (grp->nbits+7)/8, + kgParams->privKey.PrivKeyDbBuff, + 4*((((grp->nbits+7)/8)+3)/4) ) ); + if( ret != 0 ) + { + mbedtls_zeroize( temp_buf, sizeof( temp_buf ) ); + goto cleanup; + } + + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary( d, temp_buf, (grp->nbits+7)/8 ) ); + mbedtls_zeroize( temp_buf, sizeof( temp_buf ) ); + } + + /* if CRYS_ECPKI_GetEcDomain returns NULL, than the given curve is wither Montgomery 25519 + * or another curve which is not supported by CC310*/ + else if ( grp->id == MBEDTLS_ECP_DP_CURVE25519 ) + { + size_t priv_key_size = public_key_size = CURVE_25519_KEY_SIZE ; + + cc_ecc_25519_keygen_params_t* kgParams = mbedtls_calloc( 1, sizeof(cc_ecc_25519_keygen_params_t) ); + + if ( kgParams == NULL ) + return ( MBEDTLS_ERR_ECP_ALLOC_FAILED ); + pHeap = ( uint8_t* )kgParams; + heapSize = sizeof(cc_ecc_25519_keygen_params_t); + + ret = convert_CrysError_to_mbedtls_err( CRYS_ECMONT_KeyPair( kgParams->pubKey, ( size_t* )&public_key_size, kgParams->privKey, + &priv_key_size, &cc_rand, convert_mbedtls_to_cc_rand, + &kgParams->kgTempData ) ); + if( ret != 0 ) + { + goto cleanup; + } + + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( d, kgParams->privKey, priv_key_size ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &Q->X, kgParams->pubKey, public_key_size ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &Q->Z, 1 ) ); + } + else + ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + +cleanup: + + if ( pHeap ) + { + mbedtls_zeroize( pHeap, heapSize ); + mbedtls_free( pHeap ); + } + + return ( ret ); +} +#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */ + +/* + * Compute shared secret (SEC1 3.3.1) + */ +#if defined (MBEDTLS_ECDH_COMPUTE_SHARED_ALT) +int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z, + const mbedtls_ecp_point *Q, const mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int ret; + void* pHeap = NULL; + size_t heapSize = 0; + + size_t public_key_size = (grp->nbits+7)/8 ; + const CRYS_ECPKI_Domain_t* pDomain = CRYS_ECPKI_GetEcDomain ( convert_mbedtls_grp_id_to_crys_domain_id( grp->id ) ); + uint32_t secret_size = ( ( grp->nbits + 7 ) / 8 ) ; + const uint32_t secret_size_in_heap = secret_size; + uint8_t* secret = mbedtls_calloc( 1, secret_size_in_heap ); + if ( secret == NULL ) + return ( MBEDTLS_ERR_ECP_ALLOC_FAILED ); + + /* + * Make sure Q is a valid pubkey before using it + */ + MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) ); + if ( pDomain ) + { + uint8_t temp_buf[ 2 * MAX_KEY_SIZE_IN_BYTES + 1 ] = {0}; + cc_ecc_ws_comp_shared_params_t* ecdhParams = mbedtls_calloc( 1, sizeof(cc_ecc_ws_comp_shared_params_t) ); + + if ( ecdhParams == NULL ) + { + ret = MBEDTLS_ERR_ECP_ALLOC_FAILED; + goto cleanup; + } + + pHeap = ecdhParams; + heapSize = sizeof(cc_ecc_ws_comp_shared_params_t); + + + MBEDTLS_MPI_CHK( mbedtls_ecp_point_write_binary( grp, Q, MBEDTLS_ECP_PF_UNCOMPRESSED, + &public_key_size, temp_buf, sizeof(temp_buf) ) ); + + ret = convert_CrysError_to_mbedtls_err( CRYS_ECPKI_BuildPublKey( pDomain, temp_buf, public_key_size, + &ecdhParams->pubKey ) ); + if ( ret != 0 ) + { + goto cleanup; + } + + memset ( temp_buf, 0, sizeof(temp_buf) ); + + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, temp_buf, mbedtls_mpi_size( d ) ) ); + + ret = convert_CrysError_to_mbedtls_err( CRYS_ECPKI_BuildPrivKey( pDomain, + temp_buf, + mbedtls_mpi_size( d ), + &ecdhParams->privKey ) ); + mbedtls_zeroize( temp_buf, sizeof( temp_buf ) ); + if ( ret != 0 ) + { + goto cleanup; + } + + ret = convert_CrysError_to_mbedtls_err( CRYS_ECDH_SVDP_DH( &ecdhParams->pubKey, &ecdhParams->privKey, + secret, &secret_size, + &ecdhParams->ecdhTempData ) ); + if ( ret != 0 ) + { + goto cleanup; + } + } + else if ( grp->id == MBEDTLS_ECP_DP_CURVE25519 ) + { + cc_ecc_25519_comp_shared_params_t* ecdhParams = mbedtls_calloc( 1, sizeof(cc_ecc_25519_comp_shared_params_t) ); + if ( ecdhParams == NULL ) + { + ret = MBEDTLS_ERR_ECP_ALLOC_FAILED; + goto cleanup; + } + + pHeap = ecdhParams; + heapSize = sizeof(cc_ecc_25519_comp_shared_params_t); + + + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, ecdhParams->privKey, mbedtls_mpi_size( d ) ) ) ; + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &Q->X, ecdhParams->pubKey, public_key_size ) ); + + ret = convert_CrysError_to_mbedtls_err( CRYS_ECMONT_Scalarmult( secret, ( size_t* )&secret_size, + ecdhParams->privKey, CURVE_25519_KEY_SIZE , + ecdhParams->pubKey, CURVE_25519_KEY_SIZE , + &ecdhParams->kgTempData ) ); + if ( ret != 0 ) + { + goto cleanup; + } + } + else + { + ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + goto cleanup; + } + + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( z, secret, secret_size ) ); + +cleanup: + + if ( pHeap ) + { + mbedtls_zeroize( pHeap, heapSize ); + mbedtls_free ( pHeap ); + } + + if ( secret ) + { + mbedtls_zeroize( secret, secret_size_in_heap ); + mbedtls_free ( secret ); + } + + return ( ret ); +} +#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */ diff --git a/features/mbedtls/targets/TARGET_CRYPTOCELL310/ecdsa_alt.c b/features/mbedtls/targets/TARGET_CRYPTOCELL310/ecdsa_alt.c new file mode 100644 index 0000000000..36128fc70c --- /dev/null +++ b/features/mbedtls/targets/TARGET_CRYPTOCELL310/ecdsa_alt.c @@ -0,0 +1,332 @@ +/* + * ecdsa_alt.c + * + * Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "mbedtls/ecdsa.h" +#include +#include "crys_ecpki_ecdsa.h" +#include "crys_ecpki_build.h" +#include "crys_common.h" +#include "crys_ecpki_kg.h" +#include "crys_ecpki_domain.h" +#include "crys_ec_edw_api.h" +#include "mbedtls/platform.h" +#include "cc_internal.h" + +/* Implementation that should never be optimized out by the compiler */ +static void mbedtls_zeroize( void *v, size_t n ) { + volatile unsigned char *p = (unsigned char*)v; + while( n-- ) *p++ = 0; +} + +static CRYS_ECPKI_HASH_OpMode_t message_size_to_hash_mode( size_t blen ) +{ + CRYS_ECPKI_HASH_OpMode_t hash_mode; + switch( blen ) + { + case CRYS_HASH_SHA1_DIGEST_SIZE_IN_WORDS*sizeof(uint32_t): + hash_mode = CRYS_ECPKI_AFTER_HASH_SHA1_mode; + break; + case CRYS_HASH_SHA224_DIGEST_SIZE_IN_WORDS*sizeof(uint32_t): + hash_mode = CRYS_ECPKI_AFTER_HASH_SHA224_mode; + break; + case CRYS_HASH_SHA256_DIGEST_SIZE_IN_WORDS*sizeof(uint32_t): + hash_mode = CRYS_ECPKI_AFTER_HASH_SHA256_mode; + break; + case CRYS_HASH_SHA384_DIGEST_SIZE_IN_WORDS*sizeof(uint32_t): + hash_mode = CRYS_ECPKI_AFTER_HASH_SHA384_mode; + break; + case CRYS_HASH_SHA512_DIGEST_SIZE_IN_WORDS*sizeof(uint32_t): + hash_mode = CRYS_ECPKI_AFTER_HASH_SHA512_mode; + break; + default: + hash_mode = CRYS_ECPKI_HASH_OpModeLast; + } + + return hash_mode; +} + +#if defined(MBEDTLS_ECDSA_SIGN_ALT) +int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +{ + int ret = 0; + CRYSError_t CrysRet = CRYS_OK; + void* pHeap = NULL; + size_t heapSize = 0; + uint8_t* pSignature = NULL; + CRYS_ECPKI_HASH_OpMode_t hash_mode = message_size_to_hash_mode( blen ); + uint32_t signature_size = ( ( grp->nbits + 7 ) / 8 ) *2; + const uint32_t signature_size_for_heap = signature_size; + mbedtls_rand_func_container cc_rand = { f_rng, p_rng }; + const CRYS_ECPKI_Domain_t* pDomain = CRYS_ECPKI_GetEcDomain ( convert_mbedtls_grp_id_to_crys_domain_id( grp->id ) ); + + if( blen > 0xFFFFFFFF ) + { + ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + goto cleanup; + } + + if( blen > 0xFFFFFFFF ) + { + ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + goto cleanup; + } + + if ( pDomain != NULL ) + { + uint8_t temp_buf[ MAX_KEY_SIZE_IN_BYTES ] = {0}; + cc_ecc_ws_sign_params_t* signParams = mbedtls_calloc( 1, sizeof(cc_ecc_ws_sign_params_t) ); + if ( signParams == NULL) + return ( MBEDTLS_ERR_ECP_ALLOC_FAILED ); + pHeap = signParams; + heapSize = sizeof(cc_ecc_ws_sign_params_t); + + pSignature = mbedtls_calloc( 1, signature_size_for_heap ); + if ( pSignature == NULL) + { + ret = MBEDTLS_ERR_ECP_ALLOC_FAILED; + goto cleanup; + } + + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, temp_buf, mbedtls_mpi_size( d ) ) ); + + CrysRet = CRYS_ECPKI_BuildPrivKey( pDomain, + temp_buf, + mbedtls_mpi_size( d ), + &signParams->privKey); + if( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + mbedtls_zeroize( temp_buf, sizeof(temp_buf) ); + goto cleanup; + } + + CrysRet = CRYS_ECDSA_Sign( &cc_rand, + convert_mbedtls_to_cc_rand, + &signParams->signContext, + &signParams->privKey, + hash_mode, + (uint8_t*)buf, + blen, + pSignature, + &signature_size ); + mbedtls_zeroize( temp_buf, sizeof(temp_buf) ); + if( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + goto cleanup; + } + mbedtls_zeroize( temp_buf, sizeof(temp_buf) ); + } + else + { + ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + goto cleanup; + } + + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( r, pSignature, ( ( grp->nbits + 7 ) / 8 ) ) ); + + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( s, pSignature + ( ( grp->nbits + 7 ) / 8 ), ( ( grp->nbits + 7 ) / 8 ) ) ); + + +cleanup: + + if ( pHeap ) + { + mbedtls_zeroize( pHeap, heapSize ); + mbedtls_free( pHeap ); + } + + if( pSignature ) + { + mbedtls_zeroize( pSignature, signature_size_for_heap ); + mbedtls_free( pSignature ); + + } + + return ( ret ) ; +} +#endif /* MBEDTLS_ECDSA_SIGN_ALT*/ + +#if defined(MBEDTLS_ECDSA_VERIFY_ALT) +//need to normalize the coordinates +int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, + const unsigned char *buf, size_t blen, + const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s) +{ + int ret = 0; + CRYSError_t CrysRet = CRYS_OK; + void* pHeap = NULL; + size_t heapSize = 0; + uint8_t * pSignature = NULL; + CRYS_ECPKI_HASH_OpMode_t hash_mode = message_size_to_hash_mode( blen ); + size_t temp_size = 0; + uint32_t signature_size = ( ( grp->nbits + 7 ) / 8 ) * 2; + const CRYS_ECPKI_Domain_t* pDomain = CRYS_ECPKI_GetEcDomain ( convert_mbedtls_grp_id_to_crys_domain_id( grp->id ) ); + + if( blen > 0xFFFFFFFF ) + { + ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + goto cleanup; + } + + if ( pDomain ) + { + uint8_t temp_buf[ 2*MAX_KEY_SIZE_IN_BYTES + 1 ] = {0}; + + cc_ecc_ws_verify_params_t* verifyParams = mbedtls_calloc( 1, sizeof(cc_ecc_ws_verify_params_t) ); + if ( verifyParams == NULL) + return ( MBEDTLS_ERR_ECP_ALLOC_FAILED ); + pHeap = verifyParams; + heapSize = sizeof(cc_ecc_ws_verify_params_t); + + pSignature = mbedtls_calloc( 1, signature_size ); + if ( pSignature == NULL) + { + ret = MBEDTLS_ERR_ECP_ALLOC_FAILED; + goto cleanup; + } + + MBEDTLS_MPI_CHK( mbedtls_ecp_point_write_binary( grp, Q, MBEDTLS_ECP_PF_UNCOMPRESSED, + &temp_size, temp_buf, sizeof(temp_buf) ) ); + + CrysRet = CRYS_ECPKI_BuildPublKey(pDomain, temp_buf, temp_size, &verifyParams->pubKey); + if( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + goto cleanup; + } + + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( r, pSignature, ( ( grp->nbits + 7 ) / 8 ) ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( s, pSignature + ( ( grp->nbits + 7 ) / 8 ), ( ( grp->nbits + 7 ) / 8 ) ) ); + CrysRet = CRYS_ECDSA_Verify ( &verifyParams->verifyContext, + &verifyParams->pubKey, + hash_mode, + pSignature, + signature_size, + (uint8_t*)buf, + blen ); + if( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + goto cleanup; + } + } + else + ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + +cleanup: + + if( pHeap ) + { + mbedtls_zeroize( pHeap, heapSize ); + mbedtls_free( pHeap ); + } + + if( pSignature ) + { + mbedtls_zeroize( pSignature, signature_size ); + mbedtls_free( pSignature ); + + } + + return ret; +} +#endif /* MBEDTLS_ECDSA_VERIFY_ALT */ + +#if defined(MBEDTLS_ECDSA_GENKEY_ALT) +int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +{ + int ret = 0; + CRYSError_t CrysRet = CRYS_OK; + void* pHeap = NULL; + size_t heapSize = 0; + uint32_t key_size = 2*MAX_KEY_SIZE_IN_BYTES + 1; + const CRYS_ECPKI_Domain_t* pDomain = CRYS_ECPKI_GetEcDomain ( convert_mbedtls_grp_id_to_crys_domain_id( gid ) ); + mbedtls_rand_func_container cc_rand = { f_rng, p_rng }; + + + if ( pDomain ) + { + uint8_t temp_buf[ 2 * MAX_KEY_SIZE_IN_BYTES + 1 ] = {0}; + + cc_ecc_ws_keygen_params_t* kgParams = mbedtls_calloc( 1, sizeof(cc_ecc_ws_keygen_params_t) ); + if ( kgParams == NULL ) + return ( MBEDTLS_ERR_ECP_ALLOC_FAILED ); + + pHeap = kgParams; + heapSize = sizeof(cc_ecc_ws_keygen_params_t); + + CrysRet = CRYS_ECPKI_GenKeyPair( &cc_rand, convert_mbedtls_to_cc_rand, pDomain, + &kgParams->privKey, &kgParams->pubKey, + &kgParams->kgTempData, NULL ); + if ( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + goto cleanup; + } + + MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ctx->grp, gid ) ); + + CrysRet = CRYS_ECPKI_ExportPublKey( &kgParams->pubKey, CRYS_EC_PointUncompressed, temp_buf, &key_size ); + if ( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + goto cleanup; + } + + ret = mbedtls_ecp_point_read_binary( &ctx->grp, &ctx->Q, temp_buf, key_size ); + if ( ret != 0 ) + goto cleanup; + + memset ( temp_buf, 0 , sizeof(temp_buf) ); + + CrysRet = CRYS_COMMON_ConvertLswMswWordsToMsbLsbBytes( temp_buf, (ctx->grp.nbits+7)/8, + kgParams->privKey.PrivKeyDbBuff, + 4*((((ctx->grp.nbits+7)/8)+3)/4) ); + if ( CrysRet != CRYS_OK ) + { + ret = convert_CrysError_to_mbedtls_err( CrysRet ); + mbedtls_zeroize( temp_buf, sizeof(temp_buf) ); + goto cleanup; + } + + ret = mbedtls_mpi_read_binary( &ctx->d, temp_buf, (ctx->grp.nbits+7)/8 ); + mbedtls_zeroize( temp_buf, sizeof(temp_buf) ); + if ( ret != 0 ) + { + goto cleanup; + } + } + else + ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + + +cleanup: + if ( pHeap ) + { + mbedtls_zeroize( pHeap, heapSize ); + mbedtls_free ( pHeap ); + } + return ( ret ); +} +#endif /* MBEDTLS_ECDSA_GENKEY_ALT */ diff --git a/features/mbedtls/targets/TARGET_CRYPTOCELL310/include/crys_common.h b/features/mbedtls/targets/TARGET_CRYPTOCELL310/include/crys_common.h new file mode 100644 index 0000000000..74c6302e63 --- /dev/null +++ b/features/mbedtls/targets/TARGET_CRYPTOCELL310/include/crys_common.h @@ -0,0 +1,371 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + + +#ifndef CRYS_COMMON_H +#define CRYS_COMMON_H + +#include "crys_common_error.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/************************ Defines ******************************/ + +#define CRYS_AES_SECRET_KEY_SIZE_IN_WORDS 4 + +/* the ROT13 definition - relevant only on SW low level engines compiled in the ROT mode */ +#define CRYS_COMMON_ROT_13_OFFSET 13 + + + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Structs *****************************/ + +/************************ Public Variables *********************/ + +/************************ Public Functions *********************/ + + + +/*********************************************************************** + ** + * @brief This function executes a reverse bytes copying from one buffer to another buffer. + * + * Overlapping of buffers is not allowed, excluding the case, when destination and source + * buffers are the same. + * Example of a 5 byte buffer: + * + * dst_ptr[4] = src_ptr[0] + * dst_ptr[3] = src_ptr[1] + * dst_ptr[2] = src_ptr[2] + * dst_ptr[1] = src_ptr[3] + * dst_ptr[0] = src_ptr[4] + * + * @param[in] dst_ptr - The pointer to destination buffer. + * @param[in] src_ptr - The pointer to source buffer. + * @param[in] size - The size in bytes. + * + */ + CRYSError_t CRYS_COMMON_ReverseMemcpy( uint8_t *dst_ptr , uint8_t *src_ptr , uint32_t size ); + + +/*********************************************************************** + ** + * @brief This function converts aligned words array to bytes array/ + * + * 1. Assumed, that input buffer is aligned to 4-bytes word and + * bytes order is set according to machine endianness. + * 2. Output buffer receives data as bytes stream from LSB to MSB. + * For increasing performance on small buffers, the output data is given + * by rounded down pointer and alignment. + * 3. This implementation is given for both Big and Little endian machines. + * + * + * @param[in] in32_ptr - The pointer to aligned input buffer. + * @param[in] out32_ptr - The 32-bits pointer to output buffer (rounded down to 4 bytes) . + * @param[in] outAlignBits - The actual output data alignment; + * @param[in] sizeWords - The size in words (sizeWords >= 1). + * + * return - no return value. + */ + void CRYS_COMMON_AlignedWordsArrayToBytes( uint32_t *in32_ptr , uint32_t *out32_ptr , + uint32_t outAlignBits, uint32_t sizeWords ); + +/***********************************************************************/ + /** + * @brief This function converts in place words byffer to bytes buffer with + * reversed endianity of output array. + * + * The function can convert: + * - big endian bytes array to words array with little endian order + * of words and backward. + * + * Note: + * 1. Endianness of each word in words buffer should be set allways + * according to processor used. + * 2. Implementation is given for both big and little endianness of + * processor. + * + * @param[in] buf_ptr - The 32-bits pointer to input/output buffer. + * @param[in] sizeWords - The size in words (sizeWords > 0). + * + * @return - no return value. + */ +void CRYS_COMMON_InPlaceConvertBytesWordsAndArrayEndianness( + uint32_t *buf_ptr, + uint32_t sizeWords); + + +/***********************************************************************/ + /** + * @brief This function converts big endianness bytes array to aligned words + * array with words order according to little endian / + * + * 1. Assumed, that input bytes order is set according + * to big endianness: MS Byte is most left, i.e. order is from + * Msb to Lsb. + * 2. Output words array should set according to + * little endianness words order: LSWord is most left, i.e. order + * is from Lsw to Msw. Order bytes in each word - according to + * 3. Implementation is given for both big and little + * endianness of processor. + * + * @param[out] out32_ptr - The 32-bits pointer to output buffer. + * @param[in] sizeOutBuffBytes - The size in bytes of output buffer, must be + * aligned to 4 bytes and not less than sizeInBytes. + * @param[in] in8_ptr - The pointer to input buffer. + * @param[in] sizeInBytes - The size in bytes of input data(sizeBytes >= 1). + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in . + */ +CRYSError_t CRYS_COMMON_ConvertMsbLsbBytesToLswMswWords( + uint32_t *out32_ptr, + uint32_t sizeOutBuffBytes, + const uint8_t *in8_ptr, + uint32_t sizeInBytes); + + +/***********************************************************************/ + /** + * @brief This function converts LE 32bit-words array to BE bytes array. + * + * Note: The function allows output full size of the data and also output + * without leading zeros, if the user gives appropriate exact output + * size < input size. + * + * Assuming: + * 1. Output bytes order is according to big endianness: + * MS Byte is most left, i.e. order is from Msb to Lsb. + * 2. Input array words order is set according to + * little endianness words order: LSWord is most left, i.e. order + * is from Lsw to Msw. Bytes order in each word - according to + * processor endianness. + * 3. Owerlapping of buffers is not allowed, besides in + * place operation and size aligned to full words. + * 4. Implementation is given for both big and little + * endianness of processor. + * + * @param[in] out8_ptr - The bytes pointer to the output buffer. + * @param[in] sizeOutBuffBytes - The size of the data in bytes to output; must + * be not less, than sizeInBytes. + * @param[out] in32_ptr - The pointer to the input buffer. + * @param[in] sizeInpBytes - The size of the input data in bytes. The size must + * be > 0 and aligned to 4 bytes. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in . + */ +CRYSError_t CRYS_COMMON_ConvertLswMswWordsToMsbLsbBytes( + uint8_t *out8_ptr, + uint32_t sizeOutBytes, + uint32_t *in32_ptr, + uint32_t sizeInpBytes); + + +/***********************************************************************/ +/** + * @brief VOS_GetGlobalData get the global random key hidden inside the function + * the global data implemented for now are random key buffer and AES secret key buffer + * + * When no_rtos is declared then we allow a global data. The random key/AES secret key are hidden as static inside the function + * + * + * @param[in] Globalid select the buffer + * @param[in] GlobalDataSizeWords - the global data buffer size needed in words - this value must be a predetermined value + * @param[out] GlobalData_ptr - Pointer to the global buffer returned. The buffer must be at least GlobalDataSizeWords size + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure an Error as defined in VOS_error + */ +CRYSError_t CRYS_COMMON_GetGlobalData(uint16_t Globalid, uint32_t *GlobalData_ptr, uint16_t GlobalDataSizeWords); + + +/***********************************************************************/ +/** +* @brief CRYS_COMMON_StoreGlobalData store the global random key into the global buffer hidden inside the function +* the global data implemented for now are random key buffer and AES secret key buffer +* +* +* @param[in] Globalid - random key / AES secret key +* @param[in] GlobalDataSizeWords - the global data buffer size needed in words - this value must be a predetermined value +* @param[in] GlobalData_ptr - Pointer to the global buffer to be saved. The buffer must be at least GlobalDataSizeWords size +* +* Return Value: +*/ +CRYSError_t CRYS_COMMON_StoreGlobalData(uint16_t Globalid, uint32_t *GlobalData_ptr, uint16_t GlobalDataSizeWords); + + +/***********************************************************************/ +/** + * @brief The CRYS_COMMON_CutAndSaveEndOfLliData() function saves the data from end of source + * memory, pointed by LLI table, to destination memory, and decreases the LLI table accordingly. + * + * The function executes the following major steps: + * + * 1. Starts copy bytes from last byte of last chunk of source LLI table into + * last byte of destination memory. + * 2. Continues copy bytes in reverse order while not completes copying of all amount of data. + * 3. If last chunk of source or destination data is not enough, the function crosses + * to next chunk of LLI table. + * 4. Decreases the Data size of last updated LLI entry and sets the LAST bit. + * 5. Exits with the OK code. + * + * + * @param[in] SrcLliTab_ptr - The pointer to the LLI table, containing pointers and sizes of + * chunks of source data. The table need to be aligned and placed + * in SEP SRAM. + * @param[in] SrcLliTabSize_ptr - The pointer to buffer, containing th size of the LLI table in words. + * @param[in] Dest_ptr - The destination address for copying the data. + * @param[in] DataSize - The count of bytes to copy. + * + * @return CRYSError_t - On success CRYS_OK is returned, + * - CRYS_COMMON_ERROR_IN_SAVING_LLI_DATA_ERROR + * + * NOTE: 1. Because the function is intended for internal using, it is presumed that all input parameters + * are valid. + * 2. Assumed, that copied source not may to take more than two last chunks of source memory. + */ + CRYSError_t CRYS_COMMON_CutAndSaveEndOfLliData( + uint32_t *SrcLliTab_ptr, + uint32_t *SrcLliTabSize_ptr, + uint8_t *Dst_ptr, + uint32_t DataSize); + +/***********************************************************************/ +/** + * @brief The CRYS_COMMON_CutAndSaveBeginOfLliData() function saves the data from beginning of source + * memory, pointed by LLI table, to destination memory, and decreases the LLI table accordingly. + * + * The function executes the following major steps: + * + * 1. Starts copy bytes from first byte of first chunk of source LLI table into + * destination memory. + * 2. If first chunk of source is not enough, the function crosses + * to next chunk of LLI table. + * 3. Updates LLI table pointer and size according to copied amount of data. + * 5. Exits with the OK code. + * + * @param[in/out] SrcLliTab_ptr_ptr - The pointer to pointer to the LLI table, containing pointers and + * sizes of the chunks of source data. The table need to be aligned and + * placed in SRAM. + * @param[in/out] SrcLliTabSize_ptr - The pointer to buffer, containing th size of the LLI table in words. + * @param[in] Dest_ptr - The destination address for copying the data. + * @param[in] DataSize - The count of bytes to copy. + * + * @return - no return value. + * + * NOTE: 1. Because the function is intended for internal using, it is presumed that all input parameters + * are valid. + * 2. Assumed, that copied source not may to take more than two first chunks of source memory. + */ + void CRYS_COMMON_CutAndSaveBeginOfLliData( + uint32_t **SrcLliTab_ptr_ptr, + uint32_t *SrcLliTabSize_ptr, + uint8_t *Dst_ptr, + uint32_t DataSize); + +/***********************************************************************/ + /** + * @brief This function converts 32-bit words array with little endian + * order of words to bytes array with little endian (LE) order of bytes. + * + * Assuming: no buffers overlapping, in/out pointers and sizes not equall to NULL, + the buffer size must be not less, than input data size. + * + * @param[out] out8Le - The bytes pointer to output buffer. + * @param[in] in32Le - The pointer to input 32-bit words buffer. + * @param[in] sizeInWords - The size in words of input data (sizeWords >= 0). + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in . + */ +void CRYS_COMMON_ConvertLswMswWordsToLsbMsbBytes( + uint8_t *out8Le, + const uint32_t *in32Le, + size_t sizeInWords); + + +/***********************************************************************/ +/** + * @brief This function converts bytes array with little endian (LE) order of + * bytes to 32-bit words array with little endian order of words and bytes. + * + * Assuming: No owerlapping of buffers; in/out pointers and sizes are not equall to NULL. + * If is in-place conversion, then the size must be multiple of 4 bytes. + * @param[out] out32Le - The 32-bits pointer to output buffer. The buffer size must be + * not less, than input data size. + * @param[in] in8Le - The pointer to input buffer. + * @param[in] sizeInBytes - The size in bytes of input data(sizeBytes > 0). + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in . + */ +void CRYS_COMMON_ConvertLsbMsbBytesToLswMswWords( + uint32_t *out32Le, + const uint8_t *in8Le, + size_t sizeInBytes); + + +/** + * The function compares value of byte vector to null. + * + * @author reuvenl (6/20/2016) + * + * @param vect - a pointer to bytes vector. + * @param sizeBytes - size of the vector. + * + * @return uint32_t - if vector's value iz zero, then returns 1, else - 0; + */ +uint32_t CRYS_COMMON_CheckIsVectorZero(uint8_t *vect, uint32_t sizeBytes); + + + + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/features/mbedtls/targets/TARGET_CRYPTOCELL310/include/crys_common_error.h b/features/mbedtls/targets/TARGET_CRYPTOCELL310/include/crys_common_error.h new file mode 100644 index 0000000000..03c73c54d6 --- /dev/null +++ b/features/mbedtls/targets/TARGET_CRYPTOCELL310/include/crys_common_error.h @@ -0,0 +1,95 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + + #ifndef CRYS_COMMON_ERROR_H +#define CRYS_COMMON_ERROR_H + +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/************************ Defines ******************************/ + +/* CRYS COMMON module errors. Base address - 0x00F00D00 */ + +#define CRYS_COMMON_INIT_HW_SEM_CREATION_FAILURE (CRYS_COMMON_MODULE_ERROR_BASE + 0x0UL) +#define CRYS_COMMON_DATA_IN_POINTER_INVALID_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x4UL) +#define CRYS_COMMON_DATA_SIZE_ILLEGAL (CRYS_COMMON_MODULE_ERROR_BASE + 0x5UL) +#define CRYS_COMMON_DATA_OUT_DATA_IN_OVERLAP_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x6UL) +#define CRYS_COMMON_DATA_OUT_POINTER_INVALID_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x7UL) +#define CRYS_COMMON_OUTPUT_BUFF_SIZE_ILLEGAL (CRYS_COMMON_MODULE_ERROR_BASE + 0x9UL) + +#define CRYS_COMMON_TST_UTIL_CHUNK_SIZE_SMALL_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x10UL) +#define CRYS_COMMON_ERROR_IN_SAVING_LLI_DATA_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x11UL) + + +#define CRYS_COMMON_TST_UTIL_LLI_ENTRY_SIZE_TOO_SMALL_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x12UL) +#define CRYS_COMMON_TST_CSI_DATA_SIZE_EXCEED_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x13UL) +#define CRYS_COMMON_TST_CSI_MODULE_ID_OUT_OF_RANGE (CRYS_COMMON_MODULE_ERROR_BASE + 0x14UL) +#define CRYS_COMMON_TST_CSI_MEMORY_MAPPING_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x15UL) + +#define CRYS_COMMON_TERM_HW_SEM_DELETE_FAILURE (CRYS_COMMON_MODULE_ERROR_BASE + 0x16UL) + +#define CRYS_COMMON_TST_UTIL_NOT_INTEGER_CHAR_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x17UL) +#define CRYS_COMMON_TST_UTIL_BUFFER_IS_SMALL_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x18UL) +#define CRYS_COMMON_POINTER_NOT_ALIGNED_ERROR (CRYS_COMMON_MODULE_ERROR_BASE + 0x19UL) + + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/features/mbedtls/targets/TARGET_CRYPTOCELL310/include/crys_ecpki_domain.h b/features/mbedtls/targets/TARGET_CRYPTOCELL310/include/crys_ecpki_domain.h new file mode 100644 index 0000000000..8475d522e5 --- /dev/null +++ b/features/mbedtls/targets/TARGET_CRYPTOCELL310/include/crys_ecpki_domain.h @@ -0,0 +1,80 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef CRYS_ECPKI_DOMAIN_H +#define CRYS_ECPKI_DOMAIN_H + + +/*! +@file +@brief Defines the ecpki build domain API. +@defgroup crys_ecpki_domain CryptoCell ECC domain APIs +@{ +@ingroup cryptocell_ecpki +*/ + + +#include "crys_error.h" +#include "crys_ecpki_types.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + + + +/********************************************************************************** + * CRYS_ECPKI_GetEcDomain function * + **********************************************************************************/ + +/*! + * @brief The function returns a pointer to an ECDSA saved domain (one of the supported domains). + * + * @return Domain pointer on success. + * @return NULL on failure. + */ + +const CRYS_ECPKI_Domain_t *CRYS_ECPKI_GetEcDomain(CRYS_ECPKI_DomainID_t domainId /*!< [in] Index of one of the domain Id (must be one of the supported domains). */); + +#ifdef __cplusplus +} +#endif +/** +@} +*/ +#endif diff --git a/features/mbedtls/targets/TARGET_CRYPTOCELL310/include/ssi_pal_compiler.h b/features/mbedtls/targets/TARGET_CRYPTOCELL310/include/ssi_pal_compiler.h new file mode 100644 index 0000000000..3347adce35 --- /dev/null +++ b/features/mbedtls/targets/TARGET_CRYPTOCELL310/include/ssi_pal_compiler.h @@ -0,0 +1,147 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + +#ifndef __SSI_PAL_COMPILER_H__ +#define __SSI_PAL_COMPILER_H__ + +/*! +@file +@brief This file contains compiler related definitions. +@defgroup ssi_pal_compiler CryptoCell PAL platform dependant compiler specific definitions +@{ +@ingroup ssi_pal + +*/ + +#ifdef __GNUC__ + +/************************ Defines ******************************/ + +/*! Associate a symbol with a link section. */ +#define SASI_PAL_COMPILER_SECTION(sectionName) __attribute__((section(sectionName))) + +/*! Mark symbol as used, i.e., prevent garbage collector from dropping it. */ +#define SASI_PAL_COMPILER_KEEP_SYMBOL __attribute__((used)) + +/*! Make given data item aligned (alignment in bytes). */ +#define SASI_PAL_COMPILER_ALIGN(alignement) __attribute__((aligned(alignement))) + +/*! Mark function that never returns. */ +#define SASI_PAL_COMPILER_FUNC_NEVER_RETURNS __attribute__((noreturn)) + +/*! Prevent function from being inlined */ +#define SASI_PAL_COMPILER_FUNC_DONT_INLINE __attribute__((noinline)) + +/*! Given data type may cast (alias) another data type pointer. */ +/* (this is used for "superclass" struct casting) */ +#define SASI_PAL_COMPILER_TYPE_MAY_ALIAS __attribute__((__may_alias__)) + +/*! Get sizeof for a structure type member. */ +#define SASI_PAL_COMPILER_SIZEOF_STRUCT_MEMBER(type_name, member_name) \ + sizeof(((type_name *)0)->member_name) + +/*! Assertion. */ +#define SASI_ASSERT_CONCAT_(a, b) a##b +#define SASI_ASSERT_CONCAT(a, b) SASI_ASSERT_CONCAT_(a, b) +#define SASI_PAL_COMPILER_ASSERT(cond, message) \ + enum { SASI_ASSERT_CONCAT(assert_line_, __LINE__) = 1/(!!(cond)) } + +#elif defined(__ARM_DSM__) || defined(__CC_ARM) +#define inline +/*! Associate a symbol with a link section. */ +#define SASI_PAL_COMPILER_SECTION(sectionName) __attribute__((section(sectionName))) + +/*! Mark symbol as used, i.e., prevent garbage collector from dropping it. */ +#define SASI_PAL_COMPILER_KEEP_SYMBOL __attribute__((used)) + +/*! Make given data item aligned (alignment in bytes). */ +#define SASI_PAL_COMPILER_ALIGN(alignement) __attribute__((aligned(alignement))) + +/*! Mark function that never returns. */ +#define SASI_PAL_COMPILER_FUNC_NEVER_RETURNS __attribute__((noreturn)) + +/*! Prevent function from being inlined. */ +#define SASI_PAL_COMPILER_FUNC_DONT_INLINE __attribute__((noinline)) + +/*! Given data type may cast (alias) another data type pointer. */ +/* (this is used for "superclass" struct casting) */ +#define SASI_PAL_COMPILER_TYPE_MAY_ALIAS __attribute__((__may_alias__)) + +/*! Get sizeof for a structure type member. */ +#define SASI_PAL_COMPILER_SIZEOF_STRUCT_MEMBER(type_name, member_name) \ + sizeof(((type_name *)0)->member_name) + +/*! Assertion. */ +#define SASI_ASSERT_CONCAT_(a, b) a##b +#define SASI_ASSERT_CONCAT(a, b) SASI_ASSERT_CONCAT_(a, b) +#define SASI_PAL_COMPILER_ASSERT(cond, message) \ + enum { SASI_ASSERT_CONCAT(assert_line_, __LINE__) = 1/(!!(cond)) } +#elif defined(__ARM_DS__) +#define inline +/*! Associate a symbol with a link section. */ +#define SASI_PAL_COMPILER_SECTION(sectionName) __attribute__((section(sectionName))) + +/*! Mark symbol as used, i.e., prevent garbage collector from dropping it. */ +#define SASI_PAL_COMPILER_KEEP_SYMBOL __attribute__((used)) + +/*! Make given data item aligned (alignment in bytes). */ +#define SASI_PAL_COMPILER_ALIGN(alignement) __attribute__((aligned(alignement))) + +/*! Mark function that never returns. */ +#define SASI_PAL_COMPILER_FUNC_NEVER_RETURNS __attribute__((noreturn)) + +/*! Prevent function from being inlined. */ +#define SASI_PAL_COMPILER_FUNC_DONT_INLINE __attribute__((noinline)) + +/*! Given data type may cast (alias) another data type pointer. */ +/* (this is used for "superclass" struct casting) */ +#define SASI_PAL_COMPILER_TYPE_MAY_ALIAS + +/*! Get sizeof for a structure type member. */ +#define SASI_PAL_COMPILER_SIZEOF_STRUCT_MEMBER(type_name, member_name) \ + sizeof(((type_name *)0)->member_name) + +/*! Assertion. */ +#define SASI_ASSERT_CONCAT_(a, b) a##b +#define SASI_ASSERT_CONCAT(a, b) SASI_ASSERT_CONCAT_(a, b) +#define SASI_PAL_COMPILER_ASSERT(cond, message) \ + enum { SASI_ASSERT_CONCAT(assert_line_, __LINE__) = 1/(!!(cond)) } +#else +#error Unsupported compiler. +#endif +/** +@} + */ +#endif /*__SSI_PAL_COMPILER_H__*/ diff --git a/features/mbedtls/targets/TARGET_CRYPTOCELL310/include/ssi_pka_hw_plat_defs.h b/features/mbedtls/targets/TARGET_CRYPTOCELL310/include/ssi_pka_hw_plat_defs.h new file mode 100644 index 0000000000..c205919f5c --- /dev/null +++ b/features/mbedtls/targets/TARGET_CRYPTOCELL310/include/ssi_pka_hw_plat_defs.h @@ -0,0 +1,77 @@ +/************************************************************************************** +* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved * +* * +* This file and the related binary are licensed under the following license: * +* * +* ARM Object Code and Header Files License, v1.0 Redistribution. * +* * +* Redistribution and use of object code, header files, and documentation, without * +* modification, are permitted provided that the following conditions are met: * +* * +* 1) Redistributions must reproduce the above copyright notice and the * +* following disclaimer in the documentation and/or other materials * +* provided with the distribution. * +* * +* 2) Unless to the extent explicitly permitted by law, no reverse * +* engineering, decompilation, or disassembly of is permitted. * +* * +* 3) Redistribution and use is permitted solely for the purpose of * +* developing or executing applications that are targeted for use * +* on an ARM-based product. * +* * +* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * +* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT * +* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, * +* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * +* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * +* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * +* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * +* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * +* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * +* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * +* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * +**************************************************************************************/ + + + +#ifndef PKA_HW_PLAT_DEFS_H +#define PKA_HW_PLAT_DEFS_H + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*! +@file +@brief Contains the enums and definitions that are used in the PKA code (definitions that are platform dependent). +@defgroup ssi_pka_hw_plat_defs CryptoCell PKA specific types and definitions +@{ +@ingroup cryptocell_pka + +*/ + +/*! Size of PKA engine word.*/ +#define SASI_PKA_WORD_SIZE_IN_BITS 64 +/*! Maximal supported modulus size in bits. */ +#define CRYS_SRP_MAX_MODULUS_SIZE_IN_BITS 3072 +/*! Maximal supported modulus size in RSA in bits. */ +#define CRYS_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BITS 2048 +/*! Maximal supported key generation size in RSA in bits. */ +#define CRYS_RSA_MAX_KEY_GENERATION_HW_SIZE_BITS 2048 + +/*! PKA operations maximal count of extra bits. */ +#define PKA_EXTRA_BITS 8 +/*! PKA operations number of memory registers. */ +#define PKA_MAX_COUNT_OF_PHYS_MEM_REGS 32 + + +#ifdef __cplusplus +} +#endif +/** +@} + */ +#endif //PKA_HW_PLAT_DEFS_H + + diff --git a/features/mbedtls/targets/TARGET_CRYPTOCELL310/mbedtls_device.h b/features/mbedtls/targets/TARGET_CRYPTOCELL310/mbedtls_device.h index 4034356243..a8c66f9c02 100644 --- a/features/mbedtls/targets/TARGET_CRYPTOCELL310/mbedtls_device.h +++ b/features/mbedtls/targets/TARGET_CRYPTOCELL310/mbedtls_device.h @@ -26,5 +26,10 @@ #define MBEDTLS_SHA1_ALT #define MBEDTLS_SHA256_ALT #define MBEDTLS_CCM_ALT +#define MBEDTLS_ECDSA_VERIFY_ALT +#define MBEDTLS_ECDSA_SIGN_ALT +#define MBEDTLS_ECDSA_GENKEY_ALT +#define MBEDTLS_ECDH_GEN_PUBLIC_ALT +#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT #endif //__MBEDTLS_DEVICE__