ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Initial commit to add mbedTLS hardware acceleration for Cypress chips to mbed-os sources

pull/11046/head
Kostiantyn Tkachov 2019-07-14 13:28:10 +03:00 committed by Roman Okhrimenko
parent 940d3fdf60
commit 7cbfa84625
19 changed files with 6511 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
features/mbedtls/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_PSOC6_01/sha1_alt.h Normal file
View File

@ -0,0 +1,50 @@
/*
* mbed Microcontroller Library
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* Copyright (C) 2019 Cypress Semiconductor Corporation
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* \file sha1_alt.h
* \version 1.0
*
* \brief header file - wrapper for mbedtls SHA1 HW acceleration
*
*/
#if !defined(SHA1_ALT_H)
#define SHA1_ALT_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "crypto_common.h"
#if defined(MBEDTLS_SHA1_ALT)
typedef struct mbedtls_sha1_context {
cy_hw_crypto_t obj;
cy_stc_crypto_sha_state_t hashState; /* Structure used by CY Crypto Driver */
cy_stc_crypto_v1_sha1_buffers_t shaBuffers; /* Structure used by CY Crypto Driver */
}
mbedtls_sha1_context;
#endif /* MBEDTLS_SHA1_ALT */
#endif /* (SHA1_ALT_H) */

51
features/mbedtls/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_PSOC6_01/sha256_alt.h Normal file
View File

@ -0,0 +1,51 @@
/*
* mbed Microcontroller Library
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* Copyright (C) 2019 Cypress Semiconductor Corporation
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* \file sha256_alt.h
* \version 1.0
*
* \brief header file - wrapper for mbedtls SHA256 HW acceleration
*
*/
#if !defined(SHA256_ALT_H)
#define SHA256_ALT_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "crypto_common.h"
#if defined(MBEDTLS_SHA256_ALT)
typedef struct mbedtls_sha256_context {
cy_hw_crypto_t obj;
cy_stc_crypto_sha_state_t hashState; /* Structure used by CY Crypto Driver */
cy_stc_crypto_v1_sha256_buffers_t shaBuffers; /* Structure used by CY Crypto Driver */
}
mbedtls_sha256_context;
#endif /* MBEDTLS_SHA256_ALT */
#endif /* (SHA256_ALT_H) */

50
features/mbedtls/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_PSOC6_01/sha512_alt.h Normal file
View File

@ -0,0 +1,50 @@
/*
* mbed Microcontroller Library
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* Copyright (C) 2019 Cypress Semiconductor Corporation
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* \file sha512_alt.h
* \version 1.0
*
* \brief header file - wrapper for mbedtls SHA512 HW acceleration
*
*/
#if !defined(SHA512_ALT_H)
#define SHA512_ALT_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "crypto_common.h"
#if defined(MBEDTLS_SHA512_ALT)
typedef struct mbedtls_sha512_context {
cy_hw_crypto_t obj;
cy_stc_crypto_sha_state_t hashState; /* Structure used by CY Crypto Driver */
cy_stc_crypto_v1_sha512_buffers_t shaBuffers; /* Structure used by CY Crypto Driver */
}
mbedtls_sha512_context;
#endif /* MBEDTLS_SHA512_ALT */
#endif /* (SHA512_ALT_H) */

50
features/mbedtls/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_PSOC6_02/sha1_alt.h Normal file
View File

@ -0,0 +1,50 @@
/*
* mbed Microcontroller Library
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* Copyright (C) 2019 Cypress Semiconductor Corporation
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* \file sha1_alt.h
* \version 1.0
*
* \brief header file - wrapper for mbedtls SHA1 HW acceleration
*
*/
#if !defined(SHA1_ALT_H)
#define SHA1_ALT_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "crypto_common.h"
#if defined(MBEDTLS_SHA1_ALT)
typedef struct mbedtls_sha1_context {
cy_hw_crypto_t obj;
cy_stc_crypto_sha_state_t hashState; /* Structure used by CY Crypto Driver */
cy_stc_crypto_v2_sha1_buffers_t shaBuffers; /* Structure used by CY Crypto Driver */
}
mbedtls_sha1_context;
#endif /* MBEDTLS_SHA1_ALT */
#endif /* (SHA1_ALT_H) */

51
features/mbedtls/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_PSOC6_02/sha256_alt.h Normal file
View File

@ -0,0 +1,51 @@
/*
* mbed Microcontroller Library
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* Copyright (C) 2019 Cypress Semiconductor Corporation
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* \file sha256_alt.h
* \version 1.0
*
* \brief header file - wrapper for mbedtls SHA256 HW acceleration
*
*/
#if !defined(SHA256_ALT_H)
#define SHA256_ALT_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "crypto_common.h"
#if defined(MBEDTLS_SHA256_ALT)
typedef struct mbedtls_sha256_context {
cy_hw_crypto_t obj;
cy_stc_crypto_sha_state_t hashState; /* Structure used by CY Crypto Driver */
cy_stc_crypto_v2_sha256_buffers_t shaBuffers; /* Structure used by CY Crypto Driver */
}
mbedtls_sha256_context;
#endif /* MBEDTLS_SHA256_ALT */
#endif /* (SHA256_ALT_H) */

50
features/mbedtls/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_PSOC6_02/sha512_alt.h Normal file
View File

@ -0,0 +1,50 @@
/*
* mbed Microcontroller Library
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* Copyright (C) 2019 Cypress Semiconductor Corporation
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* \file sha512_alt.h
* \version 1.0
*
* \brief header file - wrapper for mbedtls SHA512 HW acceleration
*
*/
#if !defined(SHA512_ALT_H)
#define SHA512_ALT_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "crypto_common.h"
#if defined(MBEDTLS_SHA512_ALT)
typedef struct mbedtls_sha512_context {
cy_hw_crypto_t obj;
cy_stc_crypto_sha_state_t hashState; /* Structure used by CY Crypto Driver */
cy_stc_crypto_v2_sha512_buffers_t shaBuffers; /* Structure used by CY Crypto Driver */
}
mbedtls_sha512_context;
#endif /* MBEDTLS_SHA512_ALT */
#endif /* (SHA512_ALT_H) */

747
features/mbedtls/targets/TARGET_Cypress/TARGET_PSOC6/aes_alt.c Normal file
View File

@ -0,0 +1,747 @@
/*
* Source file for mbedtls AES HW acceleration functions
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* Copyright (C) 2019 Cypress Semiconductor Corporation
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/*
* \file aes_alt.h
* \ version 1.0
*
* \brief This file contains AES functions implementation.
*
* The AES block cipher was designed by Vincent Rijmen and Joan Daemen.
*
* http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf
* http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
*/
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(MBEDTLS_AES_C)
#include <string.h>
#include "mbedtls/aes.h"
#include "mbedtls/platform.h"
#include "mbedtls/platform_util.h"
/* Parameter validation macros based on platform_util.h */
#define AES_VALIDATE_RET( cond ) \
MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_AES_BAD_INPUT_DATA )
#define AES_VALIDATE( cond ) \
MBEDTLS_INTERNAL_VALIDATE( cond )
#if defined(MBEDTLS_AES_ALT)
#include "crypto_common.h"
#include "cy_crypto_core.h"
void mbedtls_aes_init( mbedtls_aes_context *ctx )
{
AES_VALIDATE( ctx != NULL );
cy_hw_zeroize(ctx, sizeof( mbedtls_aes_context ) );
(void)cy_hw_crypto_reserve((cy_hw_crypto_t *)ctx, CYHAL_CRYPTO_COMMON);
}
void mbedtls_aes_free( mbedtls_aes_context *ctx )
{
if( ctx == NULL )
return;
if (ctx->aes_state.buffers != NULL) {
Cy_Crypto_Core_Aes_Free(ctx->obj.base, &ctx->aes_state);
}
cy_hw_crypto_release((cy_hw_crypto_t *)ctx);
cy_hw_zeroize(ctx, sizeof( mbedtls_aes_context ) );
}
#if defined(MBEDTLS_CIPHER_MODE_XTS)
void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx )
{
AES_VALIDATE( ctx != NULL );
mbedtls_aes_init( &ctx->crypt );
mbedtls_aes_init( &ctx->tweak );
}
void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx )
{
if( ctx == NULL )
return;
mbedtls_aes_free( &ctx->crypt );
mbedtls_aes_free( &ctx->tweak );
}
#endif /* MBEDTLS_CIPHER_MODE_XTS */
/*
* Set CY HW AES keys
*/
static int aes_set_keys( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits )
{
int ret = 0;
cy_en_crypto_aes_key_length_t key_length;
cy_en_crypto_status_t status;
AES_VALIDATE( ctx != NULL );
switch( keybits )
{
case 128: key_length = CY_CRYPTO_KEY_AES_128; break;
case 192: key_length = CY_CRYPTO_KEY_AES_192; break;
case 256: key_length = CY_CRYPTO_KEY_AES_256; break;
default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
}
status = Cy_Crypto_Core_Aes_InitContext(ctx->obj.base, key, key_length, &ctx->aes_state, &ctx->aes_buffers);
if (CY_CRYPTO_SUCCESS != status)
{
ret = MBEDTLS_ERR_AES_HW_ACCEL_FAILED;
goto exit;
}
exit:
return( ret );
}
/*
* AES key schedule (encryption)
*/
int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits )
{
AES_VALIDATE_RET( ctx != NULL );
AES_VALIDATE_RET( key != NULL );
return aes_set_keys( ctx, key, keybits );
}
/*
* AES key schedule (decryption)
*/
int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits )
{
AES_VALIDATE_RET( ctx != NULL );
AES_VALIDATE_RET( key != NULL );
return aes_set_keys( ctx, key, keybits );
}
#if defined(MBEDTLS_CIPHER_MODE_XTS)
static int mbedtls_aes_xts_decode_keys( const unsigned char *key,
unsigned int keybits,
const unsigned char **key1,
unsigned int *key1bits,
const unsigned char **key2,
unsigned int *key2bits )
{
const unsigned int half_keybits = keybits / 2;
const unsigned int half_keybytes = half_keybits / 8;
switch( keybits )
{
case 256: break;
case 512: break;
default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
}
*key1bits = half_keybits;
*key2bits = half_keybits;
*key1 = &key[0];
*key2 = &key[half_keybytes];
return 0;
}
int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
const unsigned char *key,
unsigned int keybits)
{
int ret;
const unsigned char *key1, *key2;
unsigned int key1bits, key2bits;
AES_VALIDATE_RET( ctx != NULL );
AES_VALIDATE_RET( key != NULL );
ret = mbedtls_aes_xts_decode_keys( key, keybits, &key1, &key1bits,
&key2, &key2bits );
if( ret != 0 )
return( ret );
/* Set the tweak key. Always set tweak key for the encryption mode. */
ret = mbedtls_aes_setkey_enc( &ctx->tweak, key2, key2bits );
if( ret != 0 )
return( ret );
/* Set crypt key for encryption. */
return mbedtls_aes_setkey_enc( &ctx->crypt, key1, key1bits );
}
int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
const unsigned char *key,
unsigned int keybits)
{
int ret;
const unsigned char *key1, *key2;
unsigned int key1bits, key2bits;
AES_VALIDATE_RET( ctx != NULL );
AES_VALIDATE_RET( key != NULL );
ret = mbedtls_aes_xts_decode_keys( key, keybits, &key1, &key1bits,
&key2, &key2bits );
if( ret != 0 )
return( ret );
/* Set the tweak key. Always set tweak key for encryption. */
ret = mbedtls_aes_setkey_enc( &ctx->tweak, key2, key2bits );
if( ret != 0 )
return( ret );
/* Set crypt key for decryption. */
return mbedtls_aes_setkey_dec( &ctx->crypt, key1, key1bits );
}
#endif /* MBEDTLS_CIPHER_MODE_XTS */
/*
* AES-ECB block encryption
*/
int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16] )
{
int ret = 0;
cy_en_crypto_status_t status;
AES_VALIDATE_RET( ctx != NULL );
AES_VALIDATE_RET( ctx->aes_state.buffers != NULL );
status = Cy_Crypto_Core_Aes_Ecb(ctx->obj.base, CY_CRYPTO_ENCRYPT, output, input, &ctx->aes_state);
if (CY_CRYPTO_SUCCESS != status)
{
ret = MBEDTLS_ERR_AES_HW_ACCEL_FAILED;
}
return( ret );
}
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16] )
{
mbedtls_internal_aes_encrypt( ctx, input, output );
}
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
/*
* AES-ECB block decryption
*/
int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16] )
{
int ret = 0;
cy_en_crypto_status_t status;
AES_VALIDATE_RET( ctx != NULL );
AES_VALIDATE_RET( ctx->aes_state.buffers != NULL );
status = Cy_Crypto_Core_Aes_Ecb(ctx->obj.base, CY_CRYPTO_DECRYPT, output, input, &ctx->aes_state);
if (CY_CRYPTO_SUCCESS != status)
{
ret = MBEDTLS_ERR_AES_HW_ACCEL_FAILED;
}
return( ret );
}
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
void mbedtls_aes_decrypt( mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16] )
{
mbedtls_internal_aes_decrypt( ctx, input, output );
}
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
/*
* AES-ECB block encryption/decryption
*/
int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
int mode,
const unsigned char input[16],
unsigned char output[16] )
{
AES_VALIDATE_RET( ctx != NULL );
AES_VALIDATE_RET( input != NULL );
AES_VALIDATE_RET( output != NULL );
AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
mode == MBEDTLS_AES_DECRYPT );
if( mode == MBEDTLS_AES_ENCRYPT )
return( mbedtls_internal_aes_encrypt( ctx, input, output ) );
else
return( mbedtls_internal_aes_decrypt( ctx, input, output ) );
}
#if defined(MBEDTLS_CIPHER_MODE_CBC)
/*
* AES-CBC buffer encryption/decryption
*/
int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output )
{
unsigned char temp[CY_CRYPTO_AES_BLOCK_SIZE];
int ret = 0;
cy_en_crypto_status_t status;
AES_VALIDATE_RET( ctx != NULL );
AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
mode == MBEDTLS_AES_DECRYPT );
AES_VALIDATE_RET( iv != NULL );
AES_VALIDATE_RET( input != NULL );
AES_VALIDATE_RET( output != NULL );
if( length % CY_CRYPTO_AES_BLOCK_SIZE )
return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
AES_VALIDATE_RET( ctx->aes_state.buffers != NULL);
if( mode == MBEDTLS_AES_DECRYPT )
{
while(( length > 0 ) && (ret == 0))
{
Cy_Crypto_Core_MemCpy(ctx->obj.base, temp, input, CY_CRYPTO_AES_BLOCK_SIZE);
status = Cy_Crypto_Core_Aes_Ecb(ctx->obj.base, CY_CRYPTO_DECRYPT, output, input, &ctx->aes_state);
Cy_Crypto_Core_MemXor(ctx->obj.base, output, output, iv, CY_CRYPTO_AES_BLOCK_SIZE);
Cy_Crypto_Core_MemCpy(ctx->obj.base, iv, temp, CY_CRYPTO_AES_BLOCK_SIZE);
input += CY_CRYPTO_AES_BLOCK_SIZE;
output += CY_CRYPTO_AES_BLOCK_SIZE;
length -= CY_CRYPTO_AES_BLOCK_SIZE;
if (CY_CRYPTO_SUCCESS != status)
{
ret = MBEDTLS_ERR_AES_HW_ACCEL_FAILED;
}
}
}
else
{
while(( length > 0 ) && (ret == 0))
{
Cy_Crypto_Core_MemXor(ctx->obj.base, output, input, iv, CY_CRYPTO_AES_BLOCK_SIZE);
status = Cy_Crypto_Core_Aes_Ecb(ctx->obj.base, CY_CRYPTO_ENCRYPT, output, output, &ctx->aes_state);
Cy_Crypto_Core_MemCpy(ctx->obj.base, iv, output, CY_CRYPTO_AES_BLOCK_SIZE);
input += CY_CRYPTO_AES_BLOCK_SIZE;
output += CY_CRYPTO_AES_BLOCK_SIZE;
length -= CY_CRYPTO_AES_BLOCK_SIZE;
if (CY_CRYPTO_SUCCESS != status)
{
ret = MBEDTLS_ERR_AES_HW_ACCEL_FAILED;
}
}
}
return( ret );
}
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_XTS)
/* Endianess with 64 bits values */
#ifndef GET_UINT64_LE
#define GET_UINT64_LE(n,b,i) \
{ \
(n) = ( (uint64_t) (b)[(i) + 7] << 56 ) \
| ( (uint64_t) (b)[(i) + 6] << 48 ) \
| ( (uint64_t) (b)[(i) + 5] << 40 ) \
| ( (uint64_t) (b)[(i) + 4] << 32 ) \
| ( (uint64_t) (b)[(i) + 3] << 24 ) \
| ( (uint64_t) (b)[(i) + 2] << 16 ) \
| ( (uint64_t) (b)[(i) + 1] << 8 ) \
| ( (uint64_t) (b)[(i) ] ); \
}
#endif
#ifndef PUT_UINT64_LE
#define PUT_UINT64_LE(n,b,i) \
{ \
(b)[(i) + 7] = (unsigned char) ( (n) >> 56 ); \
(b)[(i) + 6] = (unsigned char) ( (n) >> 48 ); \
(b)[(i) + 5] = (unsigned char) ( (n) >> 40 ); \
(b)[(i) + 4] = (unsigned char) ( (n) >> 32 ); \
(b)[(i) + 3] = (unsigned char) ( (n) >> 24 ); \
(b)[(i) + 2] = (unsigned char) ( (n) >> 16 ); \
(b)[(i) + 1] = (unsigned char) ( (n) >> 8 ); \
(b)[(i) ] = (unsigned char) ( (n) ); \
}
#endif
typedef unsigned char mbedtls_be128[16];
/*
* GF(2^128) multiplication function
*
* This function multiplies a field element by x in the polynomial field
* representation. It uses 64-bit word operations to gain speed but compensates
* for machine endianess and hence works correctly on both big and little
* endian machines.
*/
static void mbedtls_gf128mul_x_ble( unsigned char r[16],
const unsigned char x[16] )
{
uint64_t a, b, ra, rb;
GET_UINT64_LE( a, x, 0 );
GET_UINT64_LE( b, x, 8 );
ra = ( a << 1 ) ^ 0x0087 >> ( 8 - ( ( b >> 63 ) << 3 ) );
rb = ( a >> 63 ) | ( b << 1 );
PUT_UINT64_LE( ra, r, 0 );
PUT_UINT64_LE( rb, r, 8 );
}
/*
* AES-XTS buffer encryption/decryption
*/
int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
int mode,
size_t length,
const unsigned char data_unit[16],
const unsigned char *input,
unsigned char *output )
{
int ret;
size_t blocks = length / 16;
size_t leftover = length % 16;
unsigned char tweak[16];
unsigned char prev_tweak[16];
unsigned char tmp[16];
AES_VALIDATE_RET( ctx != NULL );
AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
mode == MBEDTLS_AES_DECRYPT );
AES_VALIDATE_RET( data_unit != NULL );
AES_VALIDATE_RET( input != NULL );
AES_VALIDATE_RET( output != NULL );
/* Data units must be at least 16 bytes long. */
if( length < 16 )
return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
/* NIST SP 800-38E disallows data units larger than 2**20 blocks. */
if( length > ( 1 << 20 ) * 16 )
return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
/* Compute the tweak. */
ret = mbedtls_aes_crypt_ecb( &ctx->tweak, MBEDTLS_AES_ENCRYPT,
data_unit, tweak );
if( ret != 0 )
return( ret );
while( blocks-- )
{
size_t i;
if( leftover && ( mode == MBEDTLS_AES_DECRYPT ) && blocks == 0 )
{
/* We are on the last block in a decrypt operation that has
* leftover bytes, so we need to use the next tweak for this block,
* and this tweak for the lefover bytes. Save the current tweak for
* the leftovers and then update the current tweak for use on this,
* the last full block. */
memcpy( prev_tweak, tweak, sizeof( tweak ) );
mbedtls_gf128mul_x_ble( tweak, tweak );
}
for( i = 0; i < 16; i++ )
tmp[i] = input[i] ^ tweak[i];
ret = mbedtls_aes_crypt_ecb( &ctx->crypt, mode, tmp, tmp );
if( ret != 0 )
return( ret );
for( i = 0; i < 16; i++ )
output[i] = tmp[i] ^ tweak[i];
/* Update the tweak for the next block. */
mbedtls_gf128mul_x_ble( tweak, tweak );
output += 16;
input += 16;
}
if( leftover )
{
/* If we are on the leftover bytes in a decrypt operation, we need to
* use the previous tweak for these bytes (as saved in prev_tweak). */
unsigned char *t = mode == MBEDTLS_AES_DECRYPT ? prev_tweak : tweak;
/* We are now on the final part of the data unit, which doesn't divide
* evenly by 16. It's time for ciphertext stealing. */
size_t i;
unsigned char *prev_output = output - 16;
/* Copy ciphertext bytes from the previous block to our output for each
* byte of cyphertext we won't steal. At the same time, copy the
* remainder of the input for this final round (since the loop bounds
* are the same). */
for( i = 0; i < leftover; i++ )
{
output[i] = prev_output[i];
tmp[i] = input[i] ^ t[i];
}
/* Copy ciphertext bytes from the previous block for input in this
* round. */
for( ; i < 16; i++ )
tmp[i] = prev_output[i] ^ t[i];
ret = mbedtls_aes_crypt_ecb( &ctx->crypt, mode, tmp, tmp );
if( ret != 0 )
return ret;
/* Write the result back to the previous block, overriding the previous
* output we copied. */
for( i = 0; i < 16; i++ )
prev_output[i] = tmp[i] ^ t[i];
}
return( 0 );
}
#endif /* MBEDTLS_CIPHER_MODE_XTS */
#if defined(MBEDTLS_CIPHER_MODE_CFB)
/*
* AES-CFB128 buffer encryption/decryption
*/
int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
int mode,
size_t length,
size_t *iv_off,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output )
{
int c;
size_t n = *iv_off;
AES_VALIDATE_RET( ctx != NULL );
AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
mode == MBEDTLS_AES_DECRYPT );
AES_VALIDATE_RET( iv_off != NULL );
AES_VALIDATE_RET( iv != NULL );
AES_VALIDATE_RET( input != NULL );
AES_VALIDATE_RET( output != NULL );
if( n > 15 )
return (MBEDTLS_ERR_AES_BAD_INPUT_DATA);
if( mode == MBEDTLS_AES_DECRYPT )
{
while( length-- )
{
if( n == 0 )
mbedtls_internal_aes_encrypt( ctx, iv, iv );
c = *input++;
*output++ = (unsigned char)( c ^ iv[n] );
iv[n] = (unsigned char) c;
n = ( n + 1 ) & 0x0F;
}
}
else
{
while( length-- )
{
if( n == 0 )
mbedtls_internal_aes_encrypt( ctx, iv, iv );
iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
n = ( n + 1 ) & 0x0F;
}
}
*iv_off = n;
return( 0 );
}
/*
* AES-CFB8 buffer encryption/decryption
*/
int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output )
{
unsigned char c;
unsigned char ov[17];
AES_VALIDATE_RET( ctx != NULL );
AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
mode == MBEDTLS_AES_DECRYPT );
AES_VALIDATE_RET( iv != NULL );
AES_VALIDATE_RET( input != NULL );
AES_VALIDATE_RET( output != NULL );
while( length-- )
{
memcpy( ov, iv, 16 );
mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
if( mode == MBEDTLS_AES_DECRYPT )
ov[16] = *input;
c = *output++ = (unsigned char)( iv[0] ^ *input++ );
if( mode == MBEDTLS_AES_ENCRYPT )
ov[16] = c;
memcpy( iv, ov + 1, 16 );
}
return( 0 );
}
#endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_OFB)
/*
* AES-OFB (Output Feedback Mode) buffer encryption/decryption
*/
int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
size_t length,
size_t *iv_off,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output )
{
int ret = 0;
size_t n = *iv_off;
AES_VALIDATE_RET( ctx != NULL );
AES_VALIDATE_RET( iv_off != NULL );
AES_VALIDATE_RET( iv != NULL );
AES_VALIDATE_RET( input != NULL );
AES_VALIDATE_RET( output != NULL );
if( n > 15 )
return (MBEDTLS_ERR_AES_BAD_INPUT_DATA);
while( length-- )
{
if( n == 0 )
{
ret = mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
if( ret != 0 )
goto exit;
}
*output++ = *input++ ^ iv[n];
n = ( n + 1 ) & 0x0F;
}
*iv_off = n;
exit:
return( ret );
}
#endif /* MBEDTLS_CIPHER_MODE_OFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR)
/*
* AES-CTR buffer encryption/decryption
*/
int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
size_t length,
size_t *nc_off,
unsigned char nonce_counter[16],
unsigned char stream_block[16],
const unsigned char *input,
unsigned char *output )
{
int c, i;
size_t n = *nc_off;
AES_VALIDATE_RET( ctx != NULL );
AES_VALIDATE_RET( nc_off != NULL );
AES_VALIDATE_RET( nonce_counter != NULL );
AES_VALIDATE_RET( stream_block != NULL );
AES_VALIDATE_RET( input != NULL );
AES_VALIDATE_RET( output != NULL );
if ( n > 0x0F )
return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
while( length-- )
{
if( n == 0 ) {
mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block );
for( i = 16; i > 0; i-- )
if( ++nonce_counter[i - 1] != 0 )
break;
}
c = *input++;
*output++ = (unsigned char)( c ^ stream_block[n] );
n = ( n + 1 ) & 0x0F;
}
*nc_off = n;
return( 0 );
}
#endif /* MBEDTLS_CIPHER_MODE_CTR */
#endif /* MBEDTLS_AES_ALT */
#endif /* MBEDTLS_AES_C */

84
features/mbedtls/targets/TARGET_Cypress/TARGET_PSOC6/aes_alt.h Normal file
View File

@ -0,0 +1,84 @@
/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* Copyright (C) 2019 Cypress Semiconductor Corporation
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* \file aes_alt.h
* \ version 1.0
*
* \brief This file contains AES definitions and functions.
*
* The Advanced Encryption Standard (AES) specifies a FIPS-approved
* cryptographic algorithm that can be used to protect electronic
* data.
*
* The AES algorithm is a symmetric block cipher that can
* encrypt and decrypt information. For more information, see
* <em>FIPS Publication 197: Advanced Encryption Standard</em> and
* <em>ISO/IEC 18033-2:2006: Information technology -- Security
* techniques -- Encryption algorithms -- Part 2: Asymmetric
* ciphers</em>.
*
* The AES-XTS block mode is standardized by NIST SP 800-38E
* <https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-38e.pdf>
* and described in detail by IEEE P1619
* <https://ieeexplore.ieee.org/servlet/opac?punumber=4375278>.
*/
#ifndef AES_ALT_H
#define AES_ALT_H
#if defined(MBEDTLS_AES_ALT)
// Regular implementation
#define CY_CIPHER_MODE_CBC_ALT
#include <cy_crypto_common.h>
#include <cy_crypto_core_aes.h>
#include "cy_syslib.h"
#include "crypto_common.h"
/**
* \brief The AES context-type definition.
*/
typedef struct mbedtls_aes_context
{
cy_hw_crypto_t obj;
cy_stc_crypto_aes_state_t aes_state;
cy_stc_crypto_aes_buffers_t aes_buffers;
}
mbedtls_aes_context;
#if defined(MBEDTLS_CIPHER_MODE_XTS)
/**
* \brief The AES XTS context-type definition.
*/
typedef struct mbedtls_aes_xts_context
{
mbedtls_aes_context crypt; /*!< The AES context to use for AES block
encryption or decryption. */
mbedtls_aes_context tweak; /*!< The AES context used for tweak
computation. */
} mbedtls_aes_xts_context;
#endif /* MBEDTLS_CIPHER_MODE_XTS */
#endif /* MBEDTLS_AES_ALT */
#endif /* aes_alt.h */

172
features/mbedtls/targets/TARGET_Cypress/TARGET_PSOC6/crypto_common.c Normal file
View File

@ -0,0 +1,172 @@
/*
* mbed Microcontroller Library
* Copyright (c) 2019 Cypress Semiconductor Corporation
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* \file crypto_common.c
* \version 1.0
*
* \brief Source file for common mbedtls acceleration functions
*
*/
#include <string.h>
#include "crypto_common.h"
#include "cy_crypto_common.h"
#include "cy_crypto_core_hw.h"
#include "cy_crypto_core_mem.h"
#define CY_CRYPTO_CHECK_PARAM(cond) do { \
if( !(cond) ) \
return; \
} while( 0 )
/*******************************************************************************
* Crypto object manage functions
*******************************************************************************/
bool cy_hw_crypto_reserve(cy_hw_crypto_t *obj, cyhal_crypto_feature_t feature)
{
cy_rslt_t status;
CY_ASSERT( obj != NULL );
status = cyhal_crypto_reserve(&(obj->base), &(obj->resource), feature);
if (CY_RSLT_SUCCESS == status)
{
obj->feature = feature;
}
return (CY_RSLT_SUCCESS == status);
}
void cy_hw_crypto_release(cy_hw_crypto_t *obj)
{
CY_ASSERT( obj != NULL );
if (obj->resource.type == CYHAL_RSC_CRYPTO)
{
cyhal_crypto_free(obj->base, &(obj->resource), obj->feature);
}
}
void cy_hw_zeroize(void *data, uint32_t dataSize)
{
cy_hw_crypto_t obj;
CY_CRYPTO_CHECK_PARAM( data != NULL );
CY_CRYPTO_CHECK_PARAM( dataSize > 0u );
if (cy_hw_crypto_reserve(&obj, CYHAL_CRYPTO_COMMON))
{
Cy_Crypto_Core_MemSet(obj.base, data, 0u, (uint16_t)dataSize);
}
cy_hw_crypto_release(&obj);
}
void cy_hw_sha_init(void *ctx, uint32_t ctxSize)
{
CY_CRYPTO_CHECK_PARAM( ctx != NULL );
CY_CRYPTO_CHECK_PARAM( ctxSize > 0u );
cy_hw_zeroize(ctx, ctxSize);
(void)cy_hw_crypto_reserve((cy_hw_crypto_t *)ctx, CYHAL_CRYPTO_COMMON);
}
void cy_hw_sha_free(void *ctx, uint32_t ctxSize)
{
CY_CRYPTO_CHECK_PARAM( ctx != NULL );
CY_CRYPTO_CHECK_PARAM( ctxSize > 0u);
cy_hw_crypto_release((cy_hw_crypto_t *)ctx);
cy_hw_zeroize(ctx, ctxSize);
}
int cy_hw_sha_start(cy_hw_crypto_t *obj, cy_stc_crypto_sha_state_t *hashState,
cy_en_crypto_sha_mode_t shaMode, void *shaBuffers)
{
cy_en_crypto_status_t status;
if ((hashState == NULL) || (shaBuffers == NULL))
return (-1);
status = Cy_Crypto_Core_Sha_Init(obj->base, hashState, shaMode, shaBuffers);
if (CY_CRYPTO_SUCCESS != status)
return (-1);
status = Cy_Crypto_Core_Sha_Start(obj->base, hashState);
if (CY_CRYPTO_SUCCESS != status)
return (-1);
return (0);
}
int cy_hw_sha_update(cy_hw_crypto_t *obj, cy_stc_crypto_sha_state_t *hashState,
const uint8_t *in, uint32_t inlen)
{
cy_en_crypto_status_t status;
if ((hashState == NULL) || (in == NULL))
return (-1);
if (hashState->blockSize == 0)
return (-1);
status = Cy_Crypto_Core_Sha_Update(obj->base, hashState, in, inlen);
if (CY_CRYPTO_SUCCESS != status)
return (-1);
return (0);
}
int cy_hw_sha_finish(cy_hw_crypto_t *obj, cy_stc_crypto_sha_state_t *hashState, uint8_t *output)
{
cy_en_crypto_status_t status;
if ((hashState == NULL) || (output == NULL))
return (-1);
if (hashState->blockSize == 0)
return (-1);
status = Cy_Crypto_Core_Sha_Finish(obj->base, hashState, output);
if (CY_CRYPTO_SUCCESS != status)
return (-1);
return (0);
}
int cy_hw_sha_process(cy_hw_crypto_t *obj, cy_stc_crypto_sha_state_t *hashState, const uint8_t *in)
{
cy_en_crypto_status_t status;
status = Cy_Crypto_Core_Sha_Update(obj->base, hashState, in, hashState->blockSize);
if (CY_CRYPTO_SUCCESS != status)
return (-1);
return (0);
}
void cy_hw_sha_clone( void *ctxDst, const void *ctxSrc, uint32_t ctxSize,
cy_stc_crypto_sha_state_t *hashStateDst, void *shaBuffersDst)
{
CY_CRYPTO_CHECK_PARAM( ctxDst != NULL );
CY_CRYPTO_CHECK_PARAM( ctxSrc != NULL );
CY_CRYPTO_CHECK_PARAM( hashStateDst != NULL );
CY_CRYPTO_CHECK_PARAM( shaBuffersDst != NULL );
Cy_Crypto_Core_MemCpy(((cy_hw_crypto_t *)ctxSrc)->base, ctxDst, ctxSrc, (uint16_t)ctxSize);
Cy_Crypto_Core_Sha_Init(((cy_hw_crypto_t *)ctxSrc)->base, hashStateDst, hashStateDst->mode, shaBuffersDst);
}

73
features/mbedtls/targets/TARGET_Cypress/TARGET_PSOC6/crypto_common.h Normal file
View File

@ -0,0 +1,73 @@
/*
* mbed Microcontroller Library
* Copyright (c) 2019 Cypress Semiconductor Corporation
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* \file crypto_common.h
* \version 1.0
*
* \brief Header file for common mbedtls acceleration functions
*
*/
#if !defined(CRYPTO_COMMON_H)
#define CRYPTO_COMMON_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "mbedtls/ecp.h"
#include "cy_crypto_core_sha.h"
#include "cyhal_crypto_common.h"
/** CRYPTO object */
typedef struct {
#if defined(CY_IP_MXCRYPTO_INSTANCES) || defined(CPUSS_CRYPTO_PRESENT)
CRYPTO_Type* base;
cyhal_resource_inst_t resource;
cyhal_crypto_feature_t feature;
#endif
} cy_hw_crypto_t;
bool cy_hw_crypto_reserve(cy_hw_crypto_t *obj, cyhal_crypto_feature_t feature);
void cy_hw_crypto_release(cy_hw_crypto_t *obj);
void cy_hw_zeroize(void *data, uint32_t dataSize);
void cy_hw_sha_init(void *ctx, uint32_t ctxSize);
void cy_hw_sha_free(void *ctx, uint32_t ctxSize);
int cy_hw_sha_start (cy_hw_crypto_t *obj, cy_stc_crypto_sha_state_t *hashState,
cy_en_crypto_sha_mode_t shaMode, void *shaBuffers);
int cy_hw_sha_update(cy_hw_crypto_t *obj, cy_stc_crypto_sha_state_t *hashState,
const uint8_t *in, uint32_t inlen);
int cy_hw_sha_finish(cy_hw_crypto_t *obj, cy_stc_crypto_sha_state_t *hashState,
uint8_t *output);
void cy_hw_sha_clone(void *ctxDst, const void *ctxSrc, uint32_t ctxSize,
cy_stc_crypto_sha_state_t *hashStateDst, void *shaBuffersDst);
int cy_hw_sha_process(cy_hw_crypto_t *obj, cy_stc_crypto_sha_state_t *hashState,
const uint8_t *in);
#endif /* (CRYPTO_COMMON_H) */

252
features/mbedtls/targets/TARGET_Cypress/TARGET_PSOC6/ecdsa_alt.c Normal file
View File

@ -0,0 +1,252 @@
/*
* ECDSA sign, verify and key generation functions
*
* Copyright (C) 2019 Cypress Semiconductor Corporation
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/*
* \file ecdsa_alt.c
* \version 1.0
*
* \brief This file provides an API for Elliptic Curves sign and verifications.
*
*/
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(MBEDTLS_ECDSA_C)
#include "mbedtls/ecdsa.h"
#include "mbedtls/asn1write.h"
#include "mbedtls/platform_util.h"
#if defined(MBEDTLS_ECDSA_SIGN_ALT)
#include "cy_crypto_core_ecc.h"
#include "cy_crypto_core_vu.h"
#include "crypto_common.h"
#include <string.h>
#include <stdlib.h>
/* Parameter validation macros based on platform_util.h */
#define ECDSA_VALIDATE_RET( cond ) \
MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA )
#define ECDSA_VALIDATE( cond ) \
MBEDTLS_INTERNAL_VALIDATE( cond )
/**
* \brief This function computes the ECDSA signature of a
* previously-hashed message.
*
* \note The deterministic version is usually preferred.
*
* \note If the bitlength of the message hash is larger than the
* bitlength of the group order, then the hash is truncated
* as defined in <em>Standards for Efficient Cryptography Group
* (SECG): SEC1 Elliptic Curve Cryptography</em>, section
* 4.1.3, step 5.
*
* \see ecp.h
*
* \param grp The ECP group.
* \param r The first output integer.
* \param s The second output integer.
* \param d The private signing key.
* \param buf The message hash.
* \param blen The length of \p buf.
* \param f_rng The RNG function.
* \param p_rng The RNG context.
*
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_ECP_XXX
* or \c MBEDTLS_MPI_XXX error code on failure.
*/
int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
int ret;
size_t bytesize;
uint8_t *sig = NULL;
uint8_t *tmp_k = NULL;
cy_hw_crypto_t crypto_obj;
cy_stc_crypto_ecc_key key;
cy_stc_crypto_ecc_dp_type *dp;
cy_en_crypto_status_t ecdsa_status;
ECDSA_VALIDATE_RET( grp != NULL );
ECDSA_VALIDATE_RET( r != NULL );
ECDSA_VALIDATE_RET( s != NULL );
ECDSA_VALIDATE_RET( d != NULL );
ECDSA_VALIDATE_RET( f_rng != NULL );
ECDSA_VALIDATE_RET( buf != NULL || blen == 0 );
/* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
if( grp->N.p == NULL )
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
key.curveID = cy_get_dp_idx(grp->id);
ECDSA_VALIDATE_RET( key.curveID != CY_CRYPTO_ECC_ECP_NONE);
/* Make sure d is in range 1..n-1 */
if( mbedtls_mpi_cmp_int( d, 1 ) < 0 || mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 )
return( MBEDTLS_ERR_ECP_INVALID_KEY );
/* Reserve the crypto hardware for the operation */
cy_hw_crypto_reserve(&crypto_obj, CYHAL_CRYPTO_VU);
dp = Cy_Crypto_Core_ECC_GetCurveParams(key.curveID);
bytesize = CY_CRYPTO_BYTE_SIZE_OF_BITS(dp->size);
key.k = malloc(bytesize);
MBEDTLS_MPI_CHK((key.k == NULL) ? MBEDTLS_ERR_ECP_ALLOC_FAILED : 0);
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, key.k, bytesize ) );
Cy_Crypto_Core_InvertEndianness(key.k, bytesize);
sig = malloc(2 * bytesize);
MBEDTLS_MPI_CHK((sig == NULL) ? MBEDTLS_ERR_ECP_ALLOC_FAILED : 0);
tmp_k = malloc(bytesize);
MBEDTLS_MPI_CHK((tmp_k == NULL) ? MBEDTLS_ERR_ECP_ALLOC_FAILED : 0);
ecdsa_status = Cy_Crypto_Core_ECC_MakePrivateKey(crypto_obj.base, key.curveID, tmp_k, f_rng, p_rng);
MBEDTLS_MPI_CHK((ecdsa_status == CY_CRYPTO_SUCCESS) ? 0 : MBEDTLS_ERR_ECP_HW_ACCEL_FAILED);
ecdsa_status = Cy_Crypto_Core_ECC_SignHash(crypto_obj.base, buf, blen, sig, &key, tmp_k);
MBEDTLS_MPI_CHK((ecdsa_status == CY_CRYPTO_SUCCESS) ? 0 : MBEDTLS_ERR_ECP_HW_ACCEL_FAILED);
/* Prepare a signature to load into an mpi format */
Cy_Crypto_Core_InvertEndianness(sig, bytesize);
Cy_Crypto_Core_InvertEndianness(sig + bytesize, bytesize);
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( r, sig, bytesize ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( s, sig + bytesize, bytesize ) );
cleanup:
/* Realease the crypto hardware */
cy_hw_crypto_release(&crypto_obj);
if (key.k != NULL)
{
mbedtls_platform_zeroize(key.k, bytesize);
free(key.k);
}
if (sig != NULL)
{
mbedtls_platform_zeroize(sig, 2 * bytesize);
free(sig);
}
if (tmp_k != NULL)
{
mbedtls_platform_zeroize(tmp_k, bytesize);
free(tmp_k);
}
return( ret );
}
#endif /* MBEDTLS_ECDSA_SIGN_ALT */
#if defined(MBEDTLS_ECDSA_VERIFY_ALT)
/*
* Verify ECDSA signature of hashed message (SEC1 4.1.4)
* Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message)
*/
int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
const unsigned char *buf, size_t blen,
const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s)
{
int ret;
uint8_t stat;
size_t bytesize;
size_t olen;
uint8_t *sig = NULL;
uint8_t *point_arr = NULL;
cy_hw_crypto_t crypto_obj;
cy_stc_crypto_ecc_key key;
cy_stc_crypto_ecc_dp_type *dp;
cy_en_crypto_status_t ecdsa_ver_status;
ECDSA_VALIDATE_RET( grp != NULL );
ECDSA_VALIDATE_RET( Q != NULL );
ECDSA_VALIDATE_RET( r != NULL );
ECDSA_VALIDATE_RET( s != NULL );
ECDSA_VALIDATE_RET( buf != NULL || blen == 0 );
/* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
if( grp->N.p == NULL )
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
key.curveID = cy_get_dp_idx(grp->id);
MBEDTLS_MPI_CHK( (key.curveID == CY_CRYPTO_ECC_ECP_NONE) ? MBEDTLS_ERR_ECP_BAD_INPUT_DATA : 0);
/* Reserve the crypto hardware for the operation */
cy_hw_crypto_reserve(&crypto_obj, CYHAL_CRYPTO_VU);
dp = Cy_Crypto_Core_ECC_GetCurveParams(key.curveID);
bytesize = CY_CRYPTO_BYTE_SIZE_OF_BITS(dp->size);
point_arr = malloc(2 * bytesize + 1u);
MBEDTLS_MPI_CHK((point_arr == NULL) ? MBEDTLS_ERR_ECP_ALLOC_FAILED : 0);
key.pubkey.x = point_arr + 1u;
key.pubkey.y = point_arr + bytesize + 1u;
sig = malloc(2 * bytesize);
MBEDTLS_MPI_CHK((sig == NULL) ? MBEDTLS_ERR_ECP_ALLOC_FAILED : 0);
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( r, sig, bytesize ) );
Cy_Crypto_Core_InvertEndianness(sig, bytesize);
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( s, sig + bytesize, bytesize ) );
Cy_Crypto_Core_InvertEndianness(sig + bytesize, bytesize);
/* Export a signature from an mpi format to verify */
MBEDTLS_MPI_CHK( mbedtls_ecp_point_write_binary( grp, Q, MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, point_arr, 2 * bytesize + 1) );
Cy_Crypto_Core_InvertEndianness(key.pubkey.x, bytesize);
Cy_Crypto_Core_InvertEndianness(key.pubkey.y, bytesize);
ecdsa_ver_status = Cy_Crypto_Core_ECC_VerifyHash(crypto_obj.base, sig, buf, blen, &stat, &key);
MBEDTLS_MPI_CHK((ecdsa_ver_status != CY_CRYPTO_SUCCESS) ? MBEDTLS_ERR_ECP_HW_ACCEL_FAILED : 0);
MBEDTLS_MPI_CHK((stat == 1) ? 0 : MBEDTLS_ERR_ECP_VERIFY_FAILED);
cleanup:
/* Realease the crypto hardware */
cy_hw_crypto_release(&crypto_obj);
if (point_arr != NULL)
{
mbedtls_platform_zeroize(point_arr, 2 * bytesize + 1u);
free(point_arr);
}
if (sig != NULL)
{
mbedtls_platform_zeroize(sig, 2 * bytesize);
free(sig);
}
return( ret );
}
#endif /* MBEDTLS_ECDSA_VERIFY_ALT */
#endif /* MBEDTLS_ECDSA_C */

2829
features/mbedtls/targets/TARGET_Cypress/TARGET_PSOC6/ecp_alt.c Normal file
View File

File diff suppressed because it is too large Load Diff

183
features/mbedtls/targets/TARGET_Cypress/TARGET_PSOC6/ecp_alt.h Normal file
View File

@ -0,0 +1,183 @@
/*
* mbed Microcontroller Library
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* Copyright (C) 2019 Cypress Semiconductor Corporation
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* \file ecp.h
* \version 1.0
*
* \brief This file provides an API for Elliptic Curves over GF(P) (ECP).
*
* The use of ECP in cryptography and TLS is defined in
* <em>Standards for Efficient Cryptography Group (SECG): SEC1
* Elliptic Curve Cryptography</em> and
* <em>RFC-4492: Elliptic Curve Cryptography (ECC) Cipher Suites
* for Transport Layer Security (TLS)</em>.
*
* <em>RFC-2409: The Internet Key Exchange (IKE)</em> defines ECP
* group types.
*
*/
#ifndef ECP_ALT_H
#define ECP_ALT_H
#include "bignum.h"
#ifdef __cplusplus
extern "C" {
#endif
#if defined(MBEDTLS_ECP_ALT)
#include "cy_crypto_core_ecc.h"
/*
* default mbed TLS elliptic curve arithmetic implementation
*
* (in case MBEDTLS_ECP_ALT is defined then the developer has to provide an
* alternative implementation for the whole module and it will replace this
* one.)
*/
/**
* \brief The ECP group structure.
*
* We consider two types of curve equations:
* <ul><li>Short Weierstrass: <code>y^2 = x^3 + A x + B mod P</code>
* (SEC1 + RFC-4492)</li>
* <li>Montgomery: <code>y^2 = x^3 + A x^2 + x mod P</code> (Curve25519,
* Curve448)</li></ul>
* In both cases, the generator (\p G) for a prime-order subgroup is fixed.
*
* For Short Weierstrass, this subgroup is the whole curve, and its
* cardinality is denoted by \p N. Our code requires that \p N is an
* odd prime as mbedtls_ecp_mul() requires an odd number, and
* mbedtls_ecdsa_sign() requires that it is prime for blinding purposes.
*
* For Montgomery curves, we do not store \p A, but <code>(A + 2) / 4</code>,
* which is the quantity used in the formulas. Additionally, \p nbits is
* not the size of \p N but the required size for private keys.
*
* If \p modp is NULL, reduction modulo \p P is done using a generic algorithm.
* Otherwise, \p modp must point to a function that takes an \p mbedtls_mpi in the
* range of <code>0..2^(2*pbits)-1</code>, and transforms it in-place to an integer
* which is congruent mod \p P to the given MPI, and is close enough to \p pbits
* in size, so that it may be efficiently brought in the 0..P-1 range by a few
* additions or subtractions. Therefore, it is only an approximative modular
* reduction. It must return 0 on success and non-zero on failure.
*
*/
typedef struct mbedtls_ecp_group
{
mbedtls_ecp_group_id id; /*!< An internal group identifier. */
mbedtls_mpi P; /*!< The prime modulus of the base field. */
mbedtls_mpi A; /*!< For Short Weierstrass: \p A in the equation. For
Montgomery curves: <code>(A + 2) / 4</code>. */
mbedtls_mpi B; /*!< For Short Weierstrass: \p B in the equation.
For Montgomery curves: unused. */
mbedtls_ecp_point G; /*!< The generator of the subgroup used. */
mbedtls_mpi N; /*!< The order of \p G. */
size_t pbits; /*!< The number of bits in \p P.*/
size_t nbits; /*!< For Short Weierstrass: The number of bits in \p P.
For Montgomery curves: the number of bits in the
private keys. */
unsigned int h; /*!< \internal 1 if the constants are static. */
int (*modp)(mbedtls_mpi *); /*!< The function for fast pseudo-reduction
mod \p P (see above).*/
int (*t_pre)(mbedtls_ecp_point *, void *); /*!< Unused. */
int (*t_post)(mbedtls_ecp_point *, void *); /*!< Unused. */
void *t_data; /*!< Unused. */
mbedtls_ecp_point *T; /*!< Pre-computed points for ecp_mul_comb(). */
size_t T_size; /*!< The number of pre-computed points. */
}
mbedtls_ecp_group;
#define MBEDTLS_ECP_BUDGET( ops ) /* no-op; for compatibility */
/* We want to declare restartable versions of existing functions anyway */
typedef void mbedtls_ecp_restart_ctx;
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h, or define them using the compiler command line.
* \{
*/
#if !defined(MBEDTLS_ECP_MAX_BITS)
/**
* The maximum size of the groups, that is, of \c N and \c P.
*/
#define MBEDTLS_ECP_MAX_BITS 521 /**< The maximum size of groups, in bits. */
#endif
#define MBEDTLS_ECP_MAX_BYTES ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 )
#define MBEDTLS_ECP_MAX_PT_LEN ( 2 * MBEDTLS_ECP_MAX_BYTES + 1 )
#if !defined(MBEDTLS_ECP_WINDOW_SIZE)
/*
* Maximum "window" size used for point multiplication.
* Default: 6.
* Minimum value: 2. Maximum value: 7.
*
* Result is an array of at most ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) )
* points used for point multiplication. This value is directly tied to EC
* peak memory usage, so decreasing it by one should roughly cut memory usage
* by two (if large curves are in use).
*
* Reduction in size may reduce speed, but larger curves are impacted first.
* Sample performances (in ECDHE handshakes/s, with FIXED_POINT_OPTIM = 1):
* w-size: 6 5 4 3 2
* 521 145 141 135 120 97
* 384 214 209 198 177 146
* 256 320 320 303 262 226
* 224 475 475 453 398 342
* 192 640 640 633 587 476
*/
#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< The maximum window size used. */
#endif /* MBEDTLS_ECP_WINDOW_SIZE */
#if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)
/*
* Trade memory for speed on fixed-point multiplication.
*
* This speeds up repeated multiplication of the generator (that is, the
* multiplication in ECDSA signatures, and half of the multiplications in
* ECDSA verification and ECDHE) by a factor roughly 3 to 4.
*
* The cost is increasing EC peak memory usage by a factor roughly 2.
*
* Change this value to 0 to reduce peak memory usage.
*/
#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up. */
#endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */
/* \} name SECTION: Module settings */
cy_en_crypto_ecc_curve_id_t cy_get_dp_idx(mbedtls_ecp_group_id gid);
#endif /* MBEDTLS_ECP_ALT */
#ifdef __cplusplus
}
#endif
#endif /* ecp_alt.h */

1476
features/mbedtls/targets/TARGET_Cypress/TARGET_PSOC6/ecp_curves_alt.c Normal file
View File

File diff suppressed because it is too large Load Diff

47
features/mbedtls/targets/TARGET_Cypress/TARGET_PSOC6/mbedtls_device.h Normal file
View File

@ -0,0 +1,47 @@
/*
* mbed Microcontroller Library
* Copyright (c) 2019 Cypress Semiconductor Corporation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef MBEDTLS_DEVICE_H
#define MBEDTLS_DEVICE_H
/* Currently this target supports SHA1 */
// #define MBEDTLS_SHA1_C
#define MBEDTLS_SHA1_ALT
#define MBEDTLS_SHA256_ALT
#define MBEDTLS_SHA512_ALT
/* Currently this target supports CBC, CFB, OFB, CTR and XTS cipher modes */
#define MBEDTLS_AES_ALT
// #define MBEDTLS_CIPHER_MODE_CBC
// #define MBEDTLS_CIPHER_MODE_CFB
// #define MBEDTLS_CIPHER_MODE_OFB
// #define MBEDTLS_CIPHER_MODE_CTR
// #define MBEDTLS_CIPHER_MODE_XTS
/* Only NIST-P curves are currently supported */
#define MBEDTLS_ECP_ALT
// #define MBEDTLS_ECP_DP_SECP192R1_ENABLED
// #define MBEDTLS_ECP_DP_SECP224R1_ENABLED
// #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
// #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
// #define MBEDTLS_ECP_DP_SECP521R1_ENABLED
#define MBEDTLS_ECDSA_SIGN_ALT
#define MBEDTLS_ECDSA_VERIFY_ALT
#endif /* MBEDTLS_DEVICE_H */

115
features/mbedtls/targets/TARGET_Cypress/TARGET_PSOC6/sha1_alt.c Normal file
View File

@ -0,0 +1,115 @@
/*
* mbed Microcontroller Library
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* Copyright (C) 2019 Cypress Semiconductor Corporation
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* \file sha1_alt.c
* \version 1.0
*
* \brief Source file - wrapper for mbedtls SHA1 HW acceleration
*
*/
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(MBEDTLS_SHA1_C)
#include "mbedtls/sha1.h"
#include "mbedtls/platform_util.h"
#include <string.h>
/* Parameter validation macros based on platform_util.h */
#define SHA1_VALIDATE_RET(cond) \
MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA1_BAD_INPUT_DATA )
#define SHA1_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE( cond )
#if defined(MBEDTLS_SHA1_ALT)
void mbedtls_sha1_init( mbedtls_sha1_context *ctx )
{
SHA1_VALIDATE( ctx != NULL );
cy_hw_sha_init(ctx, sizeof( mbedtls_sha1_context ));
}
void mbedtls_sha1_free( mbedtls_sha1_context *ctx )
{
SHA1_VALIDATE( ctx != NULL );
cy_hw_sha_free(ctx, sizeof( mbedtls_sha1_context ));
}
void mbedtls_sha1_clone( mbedtls_sha1_context *dst, const mbedtls_sha1_context *src )
{
SHA1_VALIDATE( dst != NULL );
SHA1_VALIDATE( src != NULL );
cy_hw_sha_clone(dst, src, sizeof(mbedtls_sha1_context), &dst->hashState, &dst->shaBuffers);
}
/*
* SHA-1 context setup
*/
int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx )
{
SHA1_VALIDATE_RET( ctx != NULL );
return cy_hw_sha_start(&ctx->obj, &ctx->hashState, CY_CRYPTO_MODE_SHA1, &ctx->shaBuffers);
}
/*
* SHA-1 process buffer
*/
int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
const unsigned char *input,
size_t ilen )
{
SHA1_VALIDATE_RET( ctx != NULL );
SHA1_VALIDATE_RET( ilen == 0 || input != NULL );
return cy_hw_sha_update(&ctx->obj, &ctx->hashState, input, ilen);
}
/*
* SHA-1 final digest
*/
int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, unsigned char output[20])
{
SHA1_VALIDATE_RET( ctx != NULL );
SHA1_VALIDATE_RET( (unsigned char *)output != NULL );
return cy_hw_sha_finish(&ctx->obj, &ctx->hashState, output);
}
int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[64] )
{
SHA1_VALIDATE_RET( ctx != NULL );
SHA1_VALIDATE_RET( (const unsigned char *)data != NULL );
return cy_hw_sha_process(&ctx->obj, &ctx->hashState, data);
}
#endif /* MBEDTLS_SHA1_ALT */
#endif /* MBEDTLS_SHA1_C */

115
features/mbedtls/targets/TARGET_Cypress/TARGET_PSOC6/sha256_alt.c Normal file
View File

@ -0,0 +1,115 @@
/*
* mbed Microcontroller Library
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* Copyright (C) 2019 Cypress Semiconductor Corporation
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* \file sha256_alt.c
* \version 1.0
*
* \brief Source file - wrapper for mbedtls SHA256 HW acceleration
*
*/
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(MBEDTLS_SHA256_C)
#include "mbedtls/sha256.h"
#include "mbedtls/platform_util.h"
#include <string.h>
/* Parameter validation macros based on platform_util.h */
#define SHA256_VALIDATE_RET(cond) \
MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA256_BAD_INPUT_DATA )
#define SHA256_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE( cond )
#if defined(MBEDTLS_SHA256_ALT)
void mbedtls_sha256_init( mbedtls_sha256_context *ctx )
{
SHA256_VALIDATE( ctx != NULL );
cy_hw_sha_init(ctx, sizeof( mbedtls_sha256_context ));
}
void mbedtls_sha256_free( mbedtls_sha256_context *ctx )
{
SHA256_VALIDATE ( ctx != NULL );
cy_hw_sha_free(ctx, sizeof( mbedtls_sha256_context ));
}
void mbedtls_sha256_clone( mbedtls_sha256_context *dst, const mbedtls_sha256_context *src )
{
SHA256_VALIDATE( dst != NULL );
SHA256_VALIDATE( src != NULL );
cy_hw_sha_clone(dst, src, sizeof(mbedtls_sha256_context), &dst->hashState, &dst->shaBuffers);
}
/*
* SHA-256 context setup
*/
int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224)
{
SHA256_VALIDATE_RET( ctx != NULL );
SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 );
return cy_hw_sha_start(&ctx->obj, &ctx->hashState,
( is224 == 0 ) ? CY_CRYPTO_MODE_SHA256 : CY_CRYPTO_MODE_SHA224,
&ctx->shaBuffers);
}
/*
* SHA-256 process buffer
*/
int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, const unsigned char *input, size_t ilen )
{
SHA256_VALIDATE_RET( ctx != NULL );
SHA256_VALIDATE_RET( ilen == 0 || input != NULL );
return cy_hw_sha_update(&ctx->obj, &ctx->hashState, (uint8_t *)input, ilen);
}
/*
* SHA-256 final digest
*/
int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, unsigned char output[32] )
{
SHA256_VALIDATE_RET( ctx != NULL );
SHA256_VALIDATE_RET( (unsigned char *)output != NULL );
return cy_hw_sha_finish(&ctx->obj, &ctx->hashState, output);
}
int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] )
{
SHA256_VALIDATE_RET( ctx != NULL );
SHA256_VALIDATE_RET( (const unsigned char *)data != NULL );
return cy_hw_sha_process(&ctx->obj, &ctx->hashState, (unsigned char *)data);
}
#endif /* MBEDTLS_SHA256_ALT */
#endif /* MBEDTLS_SHA256_C */

115
features/mbedtls/targets/TARGET_Cypress/TARGET_PSOC6/sha512_alt.c Normal file
View File

@ -0,0 +1,115 @@
/*
* mbed Microcontroller Library
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* Copyright (C) 2019 Cypress Semiconductor Corporation
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* \file sha512_alt.c
* \version 1.0
*
* \brief Source file - wrapper for mbedtls SHA512 HW acceleration
*
*/
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(MBEDTLS_SHA512_C)
#include "mbedtls/sha512.h"
#include "mbedtls/platform_util.h"
#include <string.h>
/* Parameter validation macros based on platform_util.h */
#define SHA512_VALIDATE_RET(cond) \
MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA512_BAD_INPUT_DATA )
#define SHA512_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE( cond )
#if defined(MBEDTLS_SHA512_ALT)
void mbedtls_sha512_init( mbedtls_sha512_context *ctx )
{
SHA512_VALIDATE( ctx != NULL );
cy_hw_sha_init(ctx, sizeof( mbedtls_sha512_context ));
}
void mbedtls_sha512_free( mbedtls_sha512_context *ctx )
{
SHA512_VALIDATE( ctx != NULL );
cy_hw_sha_free(ctx, sizeof( mbedtls_sha512_context ));
}
void mbedtls_sha512_clone( mbedtls_sha512_context *dst, const mbedtls_sha512_context *src )
{
SHA512_VALIDATE( dst != NULL );
SHA512_VALIDATE( src != NULL );
cy_hw_sha_clone(dst, src, sizeof(mbedtls_sha512_context), &dst->hashState, &dst->shaBuffers);
}
/*
* SHA-512 context setup
*/
int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384)
{
SHA512_VALIDATE_RET( ctx != NULL );
SHA512_VALIDATE_RET( is384 == 0 || is384 == 1 );
return cy_hw_sha_start(&ctx->obj, &ctx->hashState,
( is384 == 0 ) ? CY_CRYPTO_MODE_SHA512 : CY_CRYPTO_MODE_SHA384,
&ctx->shaBuffers);
}
/*
* SHA-512 process buffer
*/
int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, const unsigned char *input, size_t ilen )
{
SHA512_VALIDATE_RET( ctx != NULL );
SHA512_VALIDATE_RET( ilen == 0 || input != NULL );
return cy_hw_sha_update(&ctx->obj, &ctx->hashState, input, ilen);
}
/*
* SHA-512 final digest
*/
int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, unsigned char output[64] )
{
SHA512_VALIDATE_RET( ctx != NULL );
SHA512_VALIDATE_RET( (unsigned char *)output != NULL );
return cy_hw_sha_finish(&ctx->obj, &ctx->hashState, output);
}
int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] )
{
SHA512_VALIDATE_RET( ctx != NULL );
SHA512_VALIDATE_RET( (const unsigned char *)data != NULL );
return cy_hw_sha_process(&ctx->obj, &ctx->hashState, data);
}
#endif /* MBEDTLS_SHA512_ALT */
#endif /* MBEDTLS_SHA512_C */

2
targets/targets.json
View File

@ -8554,7 +8554,7 @@
}, },
"MCU_PSOC6": { "MCU_PSOC6": {
"inherits": ["Target"], "inherits": ["Target"],
"macros": ["MBED_MPU_CUSTOM", "LPTICKER_DELAY_TICKS=3"], "macros": ["MBED_MPU_CUSTOM", "MBEDTLS_CONFIG_HW_SUPPORT", "LPTICKER_DELAY_TICKS=3"],
"default_toolchain": "GCC_ARM", "default_toolchain": "GCC_ARM",
"supported_toolchains": ["ARM", "GCC_ARM", "IAR"], "supported_toolchains": ["ARM", "GCC_ARM", "IAR"],
"core": "Cortex-M4F", "core": "Cortex-M4F",