beslan/mbed-os-hardfp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Import Mbed OS hard-float snapshot

Browse Source
This commit is contained in:
Beslan
2026-06-01 20:15:04 +03:00
commit d3738e2f89
16278 changed files with 10628036 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

308
connectivity/drivers/mbedtls/FEATURE_CRYPTOCELL310/source/aes_alt.c Normal file
View File

@@ -0,0 +1,308 @@
/*
* aes_alt.c
*
* Copyright (C) 2019, Arm Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
#include "mbedtls/aes.h"
#if defined(MBEDTLS_AES_ALT)
#include <string.h>
#include "ssi_aes_defs.h"
#include "mbedtls/platform.h"
#if defined(MBEDTLS_CIPHER_MODE_CFB)
/*
* AES-CFB128 buffer encryption/decryption
*/
int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
int mode,
size_t length,
size_t *iv_off,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output )
{
return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
}
/*
* AES-CFB8 buffer encryption/decryption
*/
int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output )
{
return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
}
#endif /*MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_XTS)
int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
const unsigned char *key,
unsigned int keybits )
{
return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
}
int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
const unsigned char *key,
unsigned int keybits )
{
return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
}
int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
int mode,
size_t length,
const unsigned char data_unit[16],
const unsigned char *input,
unsigned char *output )
{
return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
}
#endif /* MBEDTLS_CIPHER_MODE_XTS */
#if defined(MBEDTLS_CIPHER_MODE_OFB)
int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
size_t length,
size_t *iv_off,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
{
return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
}
#endif /* MBEDTLS_CIPHER_MODE_OFB */
void mbedtls_aes_init( mbedtls_aes_context *ctx )
{
memset( ctx, 0, sizeof( mbedtls_aes_context ) );
}
void mbedtls_aes_free( mbedtls_aes_context *ctx )
{
if( ctx == NULL )
return;
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_aes_context ) );
}
#if defined(MBEDTLS_CIPHER_MODE_XTS)
void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx ){}
void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx ){}
#endif /* MBEDTLS_CIPHER_MODE_XTS */
static int CC_aes_setkey( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits, SaSiAesEncryptMode_t cipher_flag )
{
int ret = 0;
if( ctx == NULL )
return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
switch( keybits )
{
case 128:
{
ctx->CC_cipherFlag = cipher_flag;
ctx->CC_keySizeInBytes = ( keybits / 8 );
memcpy( ctx->CC_Key, key, ctx->CC_keySizeInBytes );
}
break;
case 192:
case 256:
return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
default:
return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
}
return( 0 );
}
int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits )
{
return( CC_aes_setkey( ctx, key, keybits, SASI_AES_ENCRYPT ) );
}
int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits )
{
return( CC_aes_setkey( ctx, key, keybits, SASI_AES_DECRYPT ) );
}
static int CC_aes_cipher( mbedtls_aes_context *ctx,
int mode,
SaSiAesOperationMode_t aes_mode,
size_t length,
unsigned char* iv,
size_t iv_len,
const unsigned char *input,
unsigned char *output )
{
int ret = 0;
SaSiAesUserKeyData_t CC_KeyData = { ctx->CC_Key,
ctx->CC_keySizeInBytes };
ret = SaSi_AesInit( &ctx->CC_Context,
ctx->CC_cipherFlag,
aes_mode, SASI_AES_PADDING_NONE );
if( ret != 0 )
return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
ret = SaSi_AesSetKey( &ctx->CC_Context, SASI_AES_USER_KEY,
&CC_KeyData, sizeof( CC_KeyData ) );
if( ret != 0 )
return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
if( iv )
{
if( iv_len != SASI_AES_IV_SIZE_IN_BYTES )
return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
ret = SaSi_AesSetIv( &ctx->CC_Context, iv );
if( ret != 0 )
return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
}
ret = SaSi_AesFinish( &ctx->CC_Context, length,
( unsigned char* )input, length, output, &length );
if( ret != 0 )
return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
/* update the IV for next block
* For CTR mode, update the nonce only if the current length is a full AES block length
*/
if( ( ( aes_mode == SASI_AES_MODE_CBC ) ||
( (aes_mode == SASI_AES_MODE_CTR) && ( ( length % SASI_AES_BLOCK_SIZE_IN_BYTES) == 0) ) )
&& iv )
{
ret = SaSi_AesGetIv( &ctx->CC_Context, iv );
if( ret != 0 )
return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
}
ret = SaSi_AesFree( &ctx->CC_Context );
if( ret != 0 )
return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
return( 0 );
}
int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
int mode,
const unsigned char input[16],
unsigned char output[16] )
{
if( ctx == NULL )
return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
if( ( mode == MBEDTLS_AES_ENCRYPT && ctx->CC_cipherFlag != SASI_AES_ENCRYPT ) ||
( mode == MBEDTLS_AES_DECRYPT && ctx->CC_cipherFlag != SASI_AES_DECRYPT ) )
return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
return( CC_aes_cipher( ctx, mode, SASI_AES_MODE_ECB, 16, NULL, 0, input, output ) );
}
#if defined(MBEDTLS_CIPHER_MODE_CBC)
int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output )
{
if( ctx == NULL )
return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
if( length % SASI_AES_BLOCK_SIZE_IN_BYTES )
return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
if( ( mode != MBEDTLS_AES_ENCRYPT || ctx->CC_cipherFlag != SASI_AES_ENCRYPT ) &&
( mode != MBEDTLS_AES_DECRYPT || ctx->CC_cipherFlag != SASI_AES_DECRYPT ) )
return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
return( CC_aes_cipher( ctx, mode, SASI_AES_MODE_CBC, length, iv, 16, input, output ) );
}
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CTR)
int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
size_t length,
size_t *nc_off,
unsigned char nonce_counter[16],
unsigned char stream_block[16],
const unsigned char *input,
unsigned char *output )
{
int ret = 0;
int n = *nc_off, c, i;
size_t j;
if( ctx == NULL )
return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
if( *nc_off )
{
/* handle corner case where we are resuming a previous encryption,
* and we are resuming within current cipher stream(stream_block) */
while( n != 0 )
{
c = *input++;
*output++ = (unsigned char)( c ^ stream_block[n] );
n = ( n + 1) & 0x0F;
if( length > 0)
--length;
}
/*
* Increase the nonce_counter by 1 since we now passed one block
*/
for( i = 16; i > 0; i-- )
if( ++nonce_counter[i - 1] != 0 )
break;
}
if( CC_aes_cipher( ctx, MBEDTLS_AES_ENCRYPT, SASI_AES_MODE_CTR,
length, nonce_counter, SASI_AES_IV_SIZE_IN_BYTES, input, output ) != 0 )
{
ret = -1;
}
if( ( ( length % SASI_AES_BLOCK_SIZE_IN_BYTES ) != 0 ) && ret == 0 )
{
/* in case the length is not aligned, generate stream block for resuming
* increase nonce_block to the correct value*/
for( j = 0; j < ( length/SASI_AES_BLOCK_SIZE_IN_BYTES ); j++)
for( i = 16; i > 0; i-- )
if( ++nonce_counter[i - 1] != 0 )
break;
if( ( ret = CC_aes_cipher( ctx, MBEDTLS_AES_ENCRYPT, SASI_AES_MODE_ECB,
SASI_AES_BLOCK_SIZE_IN_BYTES, NULL, 0,
nonce_counter, stream_block ) ) != 0 )
{
goto exit;
}
}
*nc_off = ( length % SASI_AES_BLOCK_SIZE_IN_BYTES );
exit:
return( ret );
}
#endif /* MBEDTLS_CIPHER_MODE_CTR */
#endif/* MBEDTLS_AES_ALT */

156
connectivity/drivers/mbedtls/FEATURE_CRYPTOCELL310/source/cc_internal.c Normal file
View File

@@ -0,0 +1,156 @@
/*
* cc_internal.c
*
* Internal utility functions and definitions,
* used for converting mbedtls types to CC types, and vice versa
*
* Copyright (C) 2018, Arm Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
#include "cc_internal.h"
#include "crys_ecpki_error.h"
#include "crys_ec_mont_edw_error.h"
#include "mbedtls/platform.h"
CRYS_ECPKI_DomainID_t convert_mbedtls_grp_id_to_crys_domain_id( mbedtls_ecp_group_id grp_id )
{
switch( grp_id )
{
case MBEDTLS_ECP_DP_SECP192K1:
return ( CRYS_ECPKI_DomainID_secp192k1 );
case MBEDTLS_ECP_DP_SECP192R1:
return ( CRYS_ECPKI_DomainID_secp192r1 );
case MBEDTLS_ECP_DP_SECP224K1:
return ( CRYS_ECPKI_DomainID_secp224k1 );
case MBEDTLS_ECP_DP_SECP224R1:
return ( CRYS_ECPKI_DomainID_secp224r1 );
case MBEDTLS_ECP_DP_SECP256K1:
return ( CRYS_ECPKI_DomainID_secp256k1 );
case MBEDTLS_ECP_DP_SECP256R1:
return ( CRYS_ECPKI_DomainID_secp256r1 );
case MBEDTLS_ECP_DP_SECP384R1:
return ( CRYS_ECPKI_DomainID_secp384r1 );
case MBEDTLS_ECP_DP_SECP521R1:
return ( CRYS_ECPKI_DomainID_secp521r1 );
default:
return ( CRYS_ECPKI_DomainID_OffMode );
}
}
uint32_t convert_mbedtls_to_cc_rand( void* mbedtls_rnd_ctx, uint16_t outSizeBytes, uint8_t* out_ptr )
{
uint16_t i = 0;
uint8_t temp = 0;
mbedtls_rand_func_container* mbedtls_rand = (mbedtls_rand_func_container*)mbedtls_rnd_ctx;
if( mbedtls_rand->f_rng( mbedtls_rand->ctx, out_ptr, outSizeBytes ) != 0 )
return ( MBEDTLS_ERR_ECP_RANDOM_FAILED );
/*
* CC requires the random data as LE, so reversing the data
* (although this is random, but test vectors are in specific Endianess)
*/
while ( i < ( outSizeBytes / 2 ) )
{
temp = out_ptr[outSizeBytes - 1 - i];
out_ptr[outSizeBytes - 1 - i] = out_ptr[i];
out_ptr[i] = temp;
++i;
}
/*
* CC increases the random data by one, to put the vector in the proper range (1 to n),
* The RFC tests supply a data buffer within range, and in order to generate the proper ephemeral key,
* need to decrease one from this data, before CC increases the data, so the output will be as expected
*/
i = 0;
while( out_ptr[i] == 0 )
{
++i;
}
while( i > 0 )
{
--out_ptr[i];
--i;
}
--out_ptr[0];
return ( 0 );
}
int convert_CrysError_to_mbedtls_err( CRYSError_t Crys_err )
{
switch( Crys_err )
{
case CRYS_OK:
return ( 0 );
case CRYS_ECDH_SVDP_DH_INVALID_USER_PRIV_KEY_PTR_ERROR:
case CRYS_ECDH_SVDP_DH_USER_PRIV_KEY_VALID_TAG_ERROR:
case CRYS_ECDH_SVDP_DH_INVALID_PARTNER_PUBL_KEY_PTR_ERROR:
case CRYS_ECDH_SVDP_DH_PARTNER_PUBL_KEY_VALID_TAG_ERROR:
case CRYS_ECDH_SVDP_DH_INVALID_SHARED_SECRET_VALUE_PTR_ERROR:
case CRYS_ECDH_SVDP_DH_INVALID_TEMP_DATA_PTR_ERROR:
case CRYS_ECDH_SVDP_DH_INVALID_SHARED_SECRET_VALUE_SIZE_PTR_ERROR:
case CRYS_ECDH_SVDP_DH_NOT_CONCENT_PUBL_AND_PRIV_DOMAIN_ID_ERROR:
case CRYS_ECDH_SVDP_DH_INVALID_SHARED_SECRET_VALUE_SIZE_ERROR:
case CRYS_ECMONT_INVALID_INPUT_POINTER_ERROR:
case CRYS_ECMONT_INVALID_INPUT_SIZE_ERROR:
case CRYS_ECMONT_INVALID_DOMAIN_ID_ERROR:
case CRYS_ECDSA_SIGN_INVALID_USER_CONTEXT_PTR_ERROR:
case CRYS_ECDSA_SIGN_INVALID_USER_PRIV_KEY_PTR_ERROR:
case CRYS_ECDSA_SIGN_ILLEGAL_HASH_OP_MODE_ERROR:
case CRYS_ECDSA_SIGN_USER_PRIV_KEY_VALIDATION_TAG_ERROR:
case CRYS_ECDSA_SIGN_USER_CONTEXT_VALIDATION_TAG_ERROR:
case CRYS_ECDSA_SIGN_INVALID_MESSAGE_DATA_IN_PTR_ERROR:
case CRYS_ECDSA_SIGN_INVALID_MESSAGE_DATA_IN_SIZE_ERROR:
case CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_PTR_ERROR:
case CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_SIZE_PTR_ERROR:
case CRYS_ECDSA_SIGN_INVALID_IS_EPHEMER_KEY_INTERNAL_ERROR:
case CRYS_ECDSA_SIGN_INVALID_EPHEMERAL_KEY_PTR_ERROR:
case CRYS_ECDSA_VERIFY_INVALID_SIGNER_PUBL_KEY_PTR_ERROR:
case CRYS_ECDSA_VERIFY_SIGNER_PUBL_KEY_VALIDATION_TAG_ERROR:
case CRYS_ECDSA_VERIFY_INVALID_USER_CONTEXT_PTR_ERROR:
case CRYS_ECDSA_VERIFY_INVALID_SIGNATURE_IN_PTR_ERROR:
case CRYS_ECDSA_VERIFY_INVALID_SIGNATURE_SIZE_ERROR:
case CRYS_ECPKI_INVALID_RND_CTX_PTR_ERROR:
case CRYS_ECPKI_INVALID_RND_FUNC_PTR_ERROR:
case CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_SIZE_ERROR:
return ( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
case CRYS_ECDSA_VERIFY_INCONSISTENT_VERIFY_ERROR:
return ( MBEDTLS_ERR_ECP_VERIFY_FAILED );
case CRYS_ECMONT_IS_NOT_SUPPORTED:
case CRYS_ECEDW_IS_NOT_SUPPORTED:
return ( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
case CRYS_ECEDW_RND_GEN_VECTOR_FUNC_ERROR:
return ( MBEDTLS_ERR_ECP_RANDOM_FAILED );
case CRYS_ECPKI_GEN_KEY_INVALID_PRIVATE_KEY_PTR_ERROR:
case CRYS_ECPKI_EXPORT_PUBL_KEY_INVALID_PUBL_KEY_DATA_ERROR:
case CRYS_ECPKI_BUILD_KEY_INVALID_PRIV_KEY_DATA_ERROR:
case CRYS_ECPKI_BUILD_KEY_INVALID_PRIV_KEY_SIZE_ERROR:
case CRYS_ECPKI_BUILD_KEY_INVALID_PUBL_KEY_SIZE_ERROR:
return ( MBEDTLS_ERR_ECP_INVALID_KEY );
default:
return ( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
}
}

215
connectivity/drivers/mbedtls/FEATURE_CRYPTOCELL310/source/ccm_alt.c Normal file
View File

@@ -0,0 +1,215 @@
/*
* ccm_alt.c
*
* Copyright (C) 2018, Arm Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
#include "mbedtls/ccm.h"
#if defined(MBEDTLS_CCM_ALT)
#include <string.h>
#include "mbedtls/platform.h"
#include "mbedtls/platform_util.h"
#include "mbedtls/aes.h"
#include "crys_aesccm_error.h"
void mbedtls_ccm_init( mbedtls_ccm_context *ctx )
{
memset( ctx, 0, sizeof( mbedtls_ccm_context ) );
}
void mbedtls_ccm_free( mbedtls_ccm_context *ctx )
{
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ccm_context ) );
}
int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
mbedtls_cipher_id_t cipher,
const unsigned char *key,
unsigned int keybits )
{
if( ctx == NULL )
return( MBEDTLS_ERR_CCM_BAD_INPUT );
if( cipher != MBEDTLS_CIPHER_ID_AES )
{
return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
}
switch( keybits )
{
case 128:
{
memcpy( ctx->cipher_key , key, keybits / 8 );
ctx->key_size = CRYS_AES_Key128BitSize;
}
break;
case 192:
case 256:
return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
default:
return( MBEDTLS_ERR_CCM_BAD_INPUT );
}
return( 0 );
}
/*
* Authenticated encryption or decryption
*/
int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len,
const unsigned char *input,
unsigned char *output,
unsigned char *tag, size_t tag_len )
{
CRYSError_t crys_ret = CRYS_OK;
CRYS_AESCCM_Mac_Res_t cc_mac_res = { 0 };
int ret = 0;
/*
* Check length requirements: SP800-38C A.1
* Additional requirement: a < 2^16 - 2^8 to simplify the code.
* 'length' checked later (when writing it to the first block)
*/
if( tag_len < 4 || tag_len > 16 || tag_len % 2 != 0 )
return( MBEDTLS_ERR_CCM_BAD_INPUT );
if( tag_len > sizeof( cc_mac_res ) )
return( MBEDTLS_ERR_CCM_BAD_INPUT );
/* Also implies q is within bounds */
if( iv_len < 7 || iv_len > 13 )
return( MBEDTLS_ERR_CCM_BAD_INPUT );
#if SIZE_MAX > UINT_MAX
if( length > 0xFFFFFFFF || add_len > 0xFFFFFFFF )
return( MBEDTLS_ERR_CCM_BAD_INPUT );
#endif
crys_ret = CRYS_AESCCM( SASI_AES_ENCRYPT, ctx->cipher_key, ctx->key_size,
(uint8_t*)iv, iv_len, (uint8_t*)add, add_len,
(uint8_t*)input, length, output, tag_len,
cc_mac_res );
if( crys_ret == CRYS_AESCCM_ILLEGAL_PARAMETER_SIZE_ERROR )
{
ret = MBEDTLS_ERR_CCM_BAD_INPUT;
goto exit;
}
else if( crys_ret != CRYS_OK )
{
ret = MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
goto exit;
}
memcpy( tag, cc_mac_res, tag_len );
exit:
return( ret );
}
/*
* Authenticated decryption
*/
int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output,
const unsigned char *tag, size_t tag_len )
{
CRYSError_t crys_ret = CRYS_OK;
int ret = 0;
/*
* Check length requirements: SP800-38C A.1
* Additional requirement: a < 2^16 - 2^8 to simplify the code.
* 'length' checked later (when writing it to the first block)
*/
if( tag_len < 4 || tag_len > 16 || tag_len % 2 != 0 )
return( MBEDTLS_ERR_CCM_BAD_INPUT );
/* Also implies q is within bounds */
if( iv_len < 7 || iv_len > 13 )
return( MBEDTLS_ERR_CCM_BAD_INPUT );
#if SIZE_MAX > UINT_MAX
if( length > 0xFFFFFFFF || add_len > 0xFFFFFFFF )
return( MBEDTLS_ERR_CCM_BAD_INPUT );
#endif
crys_ret = CRYS_AESCCM( SASI_AES_DECRYPT, ctx->cipher_key, ctx->key_size,
(uint8_t*)iv, iv_len, (uint8_t*)add, add_len,
(uint8_t*)input, length, output, tag_len,
(uint8_t*)tag );
if( crys_ret == CRYS_AESCCM_ILLEGAL_PARAMETER_SIZE_ERROR )
{
/*
* When CRYS_AESCCM_ILLEGAL_PARAMETER_SIZE_ERROR is returned,
* no operation has occured, and no need to zeroize output.
* In addition, it could be that the message length is too big,
* returning this error code, and we don't want to overflow
* the output buffer.
*/
return( MBEDTLS_ERR_CCM_BAD_INPUT );
}
else if( crys_ret == CRYS_FATAL_ERROR )
{
/*
* Unfortunately, Crys AESCCM returns CRYS_FATAL_ERROR when
* MAC isn't as expected.
*/
ret = MBEDTLS_ERR_CCM_AUTH_FAILED;
goto exit;
}
else if( crys_ret != CRYS_OK )
{
ret = MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
goto exit;
}
exit:
if( ret != 0 )
mbedtls_platform_zeroize( output, length );
return( ret );
}
int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len,
const unsigned char *input,
unsigned char *output,
unsigned char *tag, size_t tag_len )
{
return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
}
int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len,
const unsigned char *input,
unsigned char *output,
const unsigned char *tag, size_t tag_len )
{
return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
}
#endif

294
connectivity/drivers/mbedtls/FEATURE_CRYPTOCELL310/source/cmac_alt.c Normal file
View File

@@ -0,0 +1,294 @@
/*
* cmac_alt.c
*
* Copyright (C) 2019, Arm Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
#include "mbedtls/cmac.h"
#if defined(MBEDTLS_CMAC_ALT)
#include "mbedtls/platform.h"
#include "mbedtls/platform_util.h"
#if defined(MBEDTLS_AES_C)
#include "mbedtls/aes.h"
#endif
#include "ssi_aes_defs.h"
#include <string.h>
static int init_cc( mbedtls_cmac_context_t *cmac_ctx )
{
int ret = 0;
SaSiAesUserKeyData_t CC_KeyData;
if( SaSi_AesInit( &cmac_ctx->CC_Context, SASI_AES_ENCRYPT,
SASI_AES_MODE_CMAC, SASI_AES_PADDING_NONE ) != 0 )
{
return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
}
CC_KeyData.pKey = cmac_ctx->CC_Key;
CC_KeyData.keySize = cmac_ctx->CC_keySizeInBytes;
if( SaSi_AesSetKey( &cmac_ctx->CC_Context, SASI_AES_USER_KEY,
&CC_KeyData, sizeof( CC_KeyData ) ) != 0 )
{
ret = MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
goto exit;
}
cmac_ctx->is_cc_initiated = 1;
exit:
return( ret );
}
static int deinit_cc( mbedtls_cmac_context_t *cmac_ctx )
{
if( cmac_ctx->is_cc_initiated == 1 &&
SaSi_AesFree( &cmac_ctx->CC_Context ) != 0 )
return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
return( 0 );
}
int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
const unsigned char *key, size_t keybits )
{
mbedtls_cmac_context_t *cmac_ctx;
mbedtls_cipher_type_t type;
if( ctx == NULL || ctx->cipher_info == NULL || key == NULL )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
type = ctx->cipher_info->type;
switch( type )
{
case MBEDTLS_CIPHER_AES_128_ECB:
break;
case MBEDTLS_CIPHER_AES_192_ECB:
case MBEDTLS_CIPHER_AES_256_ECB:
case MBEDTLS_CIPHER_DES_EDE3_ECB:
return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
default:
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
}
switch( keybits )
{
case 128:
/* Allocated and initialise in the cipher context memory for the CMAC
* context
*/
cmac_ctx = mbedtls_calloc( 1, sizeof( mbedtls_cmac_context_t ) );
if( cmac_ctx == NULL )
return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED );
cmac_ctx->CC_keySizeInBytes = ( keybits / 8 );
memcpy( cmac_ctx->CC_Key, key, cmac_ctx->CC_keySizeInBytes );
break;
case 192:
case 256:
return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
default:
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
}
ctx->cmac_ctx = cmac_ctx;
return( init_cc( cmac_ctx ) );
}
int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
const unsigned char *input, size_t ilen )
{
mbedtls_cmac_context_t *cmac_ctx;
int ret = 0;
size_t block_size;
if( ctx == NULL || ctx->cipher_info == NULL || input == NULL ||
ctx->cmac_ctx == NULL )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
if( ctx == NULL || ctx->cipher_info == NULL )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
block_size = ctx->cipher_info->block_size;
if( block_size != SASI_AES_BLOCK_SIZE_IN_BYTES )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
cmac_ctx = ctx->cmac_ctx;
/* Is there data still to process from the last call?
*/
if( cmac_ctx->unprocessed_len > 0 )
{
const size_t size_to_copy = ilen > ( block_size - cmac_ctx->unprocessed_len ) ?
block_size - cmac_ctx->unprocessed_len : ilen;
memcpy( &cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len],
input, size_to_copy );
cmac_ctx->unprocessed_len += size_to_copy;
input += size_to_copy;
ilen -= size_to_copy;
/*
* Process the unproccessed data, in case it reached a full AES block,
* and there is still input data.
*/
if( cmac_ctx->unprocessed_len == SASI_AES_BLOCK_SIZE_IN_BYTES && ilen > 0 )
{
if( SaSi_AesBlock( &cmac_ctx->CC_Context, cmac_ctx->unprocessed_block,
SASI_AES_BLOCK_SIZE_IN_BYTES, NULL ) != 0 )
{
ret = MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
goto exit;
}
cmac_ctx->unprocessed_len = 0;
}
}
if( ilen > 0 )
{
const size_t size_to_store = ( ilen % SASI_AES_BLOCK_SIZE_IN_BYTES == 0 ) ?
SASI_AES_BLOCK_SIZE_IN_BYTES : ilen % SASI_AES_BLOCK_SIZE_IN_BYTES;
memcpy( cmac_ctx->unprocessed_block,
input + ilen - size_to_store,
size_to_store );
cmac_ctx->unprocessed_len = size_to_store;
ilen -= size_to_store;
if( ilen > 0 )
{
if( SaSi_AesBlock( &cmac_ctx->CC_Context, (uint8_t *)input,
ilen, NULL ) != 0 )
{
ret = MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
goto exit;
}
}
}
exit:
if( ret != 0 )
{
deinit_cc( cmac_ctx );
mbedtls_platform_zeroize( cmac_ctx, sizeof( *cmac_ctx ) );
mbedtls_free( cmac_ctx );
}
return( ret );
}
int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
unsigned char *output )
{
mbedtls_cmac_context_t *cmac_ctx;
int ret = 0;
size_t olen = SASI_AES_BLOCK_SIZE_IN_BYTES;
if( ctx == NULL || ctx->cipher_info == NULL ||
ctx->cmac_ctx == NULL || output == NULL )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
cmac_ctx = ctx->cmac_ctx;
if( ( ret = SaSi_AesFinish( &cmac_ctx->CC_Context, cmac_ctx->unprocessed_len,
cmac_ctx->unprocessed_block,
cmac_ctx->unprocessed_len, output, &olen ) ) != 0 )
{
ret = MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
goto exit;
}
exit:
if( deinit_cc( cmac_ctx ) && ret == 0 )
{
ret = MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
}
return( ret );
}
int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx )
{
mbedtls_cmac_context_t *cmac_ctx;
if( ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
cmac_ctx = ctx->cmac_ctx;
/* Reset the internal state */
cmac_ctx->unprocessed_len = 0;
mbedtls_platform_zeroize( cmac_ctx->unprocessed_block,
sizeof( cmac_ctx->unprocessed_block ) );
if( deinit_cc( cmac_ctx ) != 0 )
return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
return( init_cc( cmac_ctx ) );
}
int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output )
{
int ret = 0;
mbedtls_cipher_context_t ctx;
size_t olen = SASI_AES_BLOCK_SIZE_IN_BYTES;
if( cipher_info == NULL || key == NULL ||
input == NULL || output == NULL )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
mbedtls_cipher_init( &ctx );
if( ( ret = mbedtls_cipher_setup( &ctx, cipher_info ) ) != 0 )
goto exit;
ret = mbedtls_cipher_cmac_starts( &ctx, key, keylen );
if( ret != 0 )
goto exit;
if( SaSi_AesFinish( &ctx.cmac_ctx->CC_Context, ilen, ( uint8_t * ) input,
ilen, output, &olen ) != 0 )
{
ret = MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
goto clear_cc;
}
clear_cc:
if( deinit_cc( ctx.cmac_ctx ) != 0 && ret == 0 )
{
ret = MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
}
exit:
mbedtls_cipher_free( &ctx );
return( ret );
}
#if defined(MBEDTLS_AES_C)
int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
const unsigned char *input, size_t in_len,
unsigned char output[16] )
{
return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
}
#endif /* MBEDTLS_AES_C */
#endif /* MBEDTLS_CMAC_ALT */

300
connectivity/drivers/mbedtls/FEATURE_CRYPTOCELL310/source/ecdh_alt.c Normal file
View File

@@ -0,0 +1,300 @@
/*
* ecdh_alt.c
*
* Copyright (C) 2018, Arm Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
#include "mbedtls/ecdh.h"
#include <string.h>
#include "crys_ecpki_dh.h"
#include "crys_ecpki_build.h"
#include "crys_common.h"
#include "crys_ecpki_kg.h"
#include "crys_ecpki_domain.h"
#include "crys_ec_mont_api.h"
#include "mbedtls/platform.h"
#include "mbedtls/platform_util.h"
#include "cc_internal.h"
#if defined (MBEDTLS_ECDH_GEN_PUBLIC_ALT)
int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
int ( *f_rng )( void *, unsigned char *, size_t ),
void *p_rng )
{
int ret = 0;
void* pHeap = NULL;
size_t heapSize = 0;
uint32_t public_key_size = (2 * MAX_KEY_SIZE_IN_BYTES + 1);
const CRYS_ECPKI_Domain_t* pDomain = CRYS_ECPKI_GetEcDomain ( convert_mbedtls_grp_id_to_crys_domain_id( grp->id ) );
mbedtls_rand_func_container cc_rand = { f_rng, p_rng };
if ( pDomain )
{
uint8_t temp_buf[ 2 * MAX_KEY_SIZE_IN_BYTES + 1 ] = {0};
cc_ecc_ws_keygen_params_t* kgParams = mbedtls_calloc( 1, sizeof( cc_ecc_ws_keygen_params_t ) );
if ( kgParams == NULL )
return ( MBEDTLS_ERR_ECP_ALLOC_FAILED );
pHeap = kgParams;
heapSize = sizeof( cc_ecc_ws_keygen_params_t );
ret = convert_CrysError_to_mbedtls_err( CRYS_ECPKI_GenKeyPair( &cc_rand, convert_mbedtls_to_cc_rand,
pDomain, &kgParams->privKey,
&kgParams->pubKey,
&kgParams->kgTempData, NULL ) );
if( ret != 0 )
{
goto cleanup;
}
ret = convert_CrysError_to_mbedtls_err( CRYS_ECPKI_ExportPublKey( &kgParams->pubKey,
CRYS_EC_PointUncompressed,temp_buf, &public_key_size ) );
if( ret != 0 )
{
goto cleanup;
}
MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( grp, Q, temp_buf, public_key_size ) );
memset ( temp_buf, 0 , sizeof(temp_buf) );
ret = convert_CrysError_to_mbedtls_err( CRYS_COMMON_ConvertLswMswWordsToMsbLsbBytes( temp_buf, (grp->nbits+7)/8,
kgParams->privKey.PrivKeyDbBuff,
4*((((grp->nbits+7)/8)+3)/4) ) );
if( ret != 0 )
{
mbedtls_platform_zeroize( temp_buf, sizeof( temp_buf ) );
goto cleanup;
}
MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary( d, temp_buf, (grp->nbits+7)/8 ) );
mbedtls_platform_zeroize( temp_buf, sizeof( temp_buf ) );
}
/* if CRYS_ECPKI_GetEcDomain returns NULL, then the given curve is either Montgomery 25519
* or another curve which is not supported by CC310*/
else if ( grp->id == MBEDTLS_ECP_DP_CURVE25519 )
{
size_t priv_key_size = public_key_size = CURVE_25519_KEY_SIZE ;
cc_ecc_25519_keygen_params_t* kgParams = mbedtls_calloc( 1, sizeof(cc_ecc_25519_keygen_params_t) );
if ( kgParams == NULL )
return ( MBEDTLS_ERR_ECP_ALLOC_FAILED );
pHeap = ( uint8_t* )kgParams;
heapSize = sizeof(cc_ecc_25519_keygen_params_t);
ret = convert_CrysError_to_mbedtls_err( CRYS_ECMONT_KeyPair( kgParams->pubKey, ( size_t* )&public_key_size, kgParams->privKey,
&priv_key_size, &cc_rand, convert_mbedtls_to_cc_rand,
&kgParams->kgTempData ) );
if( ret != 0 )
{
goto cleanup;
}
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( d, kgParams->privKey, priv_key_size ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &Q->X, kgParams->pubKey, public_key_size ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &Q->Z, 1 ) );
}
else
ret = MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED;
cleanup:
if ( pHeap )
{
mbedtls_platform_zeroize( pHeap, heapSize );
mbedtls_free( pHeap );
}
return ( ret );
}
#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */
/*
* Compute shared secret (SEC1 3.3.1)
*/
#if defined (MBEDTLS_ECDH_COMPUTE_SHARED_ALT)
int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
int ret;
void* pHeap = NULL;
size_t heapSize = 0;
size_t public_key_size = (grp->nbits+7)/8 ;
const CRYS_ECPKI_Domain_t* pDomain = CRYS_ECPKI_GetEcDomain ( convert_mbedtls_grp_id_to_crys_domain_id( grp->id ) );
uint32_t secret_size = ( ( grp->nbits + 7 ) / 8 ) ;
const uint32_t secret_size_in_heap = secret_size;
uint8_t* secret = mbedtls_calloc( 1, secret_size_in_heap );
if ( secret == NULL )
return ( MBEDTLS_ERR_ECP_ALLOC_FAILED );
/*
* Make sure Q is a valid pubkey before using it
*/
MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) );
if ( pDomain )
{
uint8_t temp_buf[ 2 * MAX_KEY_SIZE_IN_BYTES + 1 ] = {0};
cc_ecc_ws_comp_shared_params_t* ecdhParams = mbedtls_calloc( 1, sizeof(cc_ecc_ws_comp_shared_params_t) );
if ( ecdhParams == NULL )
{
ret = MBEDTLS_ERR_ECP_ALLOC_FAILED;
goto cleanup;
}
pHeap = ecdhParams;
heapSize = sizeof(cc_ecc_ws_comp_shared_params_t);
MBEDTLS_MPI_CHK( mbedtls_ecp_point_write_binary( grp, Q, MBEDTLS_ECP_PF_UNCOMPRESSED,
&public_key_size, temp_buf, sizeof(temp_buf) ) );
ret = convert_CrysError_to_mbedtls_err( CRYS_ECPKI_BuildPublKey( pDomain, temp_buf, public_key_size,
&ecdhParams->pubKey ) );
if ( ret != 0 )
{
goto cleanup;
}
memset ( temp_buf, 0, sizeof(temp_buf) );
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, temp_buf, mbedtls_mpi_size( d ) ) );
ret = convert_CrysError_to_mbedtls_err( CRYS_ECPKI_BuildPrivKey( pDomain,
temp_buf,
mbedtls_mpi_size( d ),
&ecdhParams->privKey ) );
mbedtls_platform_zeroize( temp_buf, sizeof( temp_buf ) );
if ( ret != 0 )
{
goto cleanup;
}
ret = convert_CrysError_to_mbedtls_err( CRYS_ECDH_SVDP_DH( &ecdhParams->pubKey, &ecdhParams->privKey,
secret, &secret_size,
&ecdhParams->ecdhTempData ) );
if ( ret != 0 )
{
goto cleanup;
}
}
else if ( grp->id == MBEDTLS_ECP_DP_CURVE25519 )
{
uint8_t temp_buf[CURVE_25519_KEY_SIZE] = {0};
cc_ecc_25519_comp_shared_params_t* ecdhParams = mbedtls_calloc( 1, sizeof(cc_ecc_25519_comp_shared_params_t) );
if ( ecdhParams == NULL )
{
ret = MBEDTLS_ERR_ECP_ALLOC_FAILED;
goto cleanup;
}
pHeap = ecdhParams;
heapSize = sizeof(cc_ecc_25519_comp_shared_params_t);
if( mbedtls_mpi_size( d ) != CURVE_25519_KEY_SIZE )
{
ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
goto cleanup;
}
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, temp_buf,
mbedtls_mpi_size( d ) ) ) ;
ret = convert_CrysError_to_mbedtls_err(
CRYS_COMMON_ConvertLswMswWordsToMsbLsbBytes( ecdhParams->privKey,
CURVE_25519_KEY_SIZE,
(uint32_t*)temp_buf,
sizeof( temp_buf) ) );
if ( ret != 0 )
{
mbedtls_platform_zeroize( temp_buf, sizeof(temp_buf) );
goto cleanup;
}
if( public_key_size != CURVE_25519_KEY_SIZE )
{
ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
goto cleanup;
}
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &Q->X, temp_buf, public_key_size ) );
ret = convert_CrysError_to_mbedtls_err(
CRYS_COMMON_ConvertLswMswWordsToMsbLsbBytes( ecdhParams->pubKey,
CURVE_25519_KEY_SIZE,
(uint32_t*)temp_buf,
sizeof( temp_buf) ) );
if ( ret != 0 )
{
mbedtls_platform_zeroize( temp_buf, sizeof(temp_buf) );
goto cleanup;
}
if( secret_size != CURVE_25519_KEY_SIZE )
{
ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
goto cleanup;
}
ret = convert_CrysError_to_mbedtls_err( CRYS_ECMONT_Scalarmult( temp_buf, ( size_t* )&secret_size,
ecdhParams->privKey, CURVE_25519_KEY_SIZE ,
ecdhParams->pubKey, CURVE_25519_KEY_SIZE ,
&ecdhParams->kgTempData ) );
if ( ret != 0 )
{
goto cleanup;
}
ret = convert_CrysError_to_mbedtls_err(
CRYS_COMMON_ConvertLswMswWordsToMsbLsbBytes( secret,
secret_size,
(uint32_t*)temp_buf,
CURVE_25519_KEY_SIZE ) );
if ( ret != 0 )
{
mbedtls_platform_zeroize( temp_buf, sizeof(temp_buf) );
goto cleanup;
}
}
else
{
ret = MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED;
goto cleanup;
}
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( z, secret, secret_size ) );
cleanup:
if ( pHeap )
{
mbedtls_platform_zeroize( pHeap, heapSize );
mbedtls_free ( pHeap );
}
if ( secret )
{
mbedtls_platform_zeroize( secret, secret_size_in_heap );
mbedtls_free ( secret );
}
return ( ret );
}
#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */

322
connectivity/drivers/mbedtls/FEATURE_CRYPTOCELL310/source/ecdsa_alt.c Normal file
View File

@@ -0,0 +1,322 @@
/*
* ecdsa_alt.c
*
* Copyright (C) 2018, Arm Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
#include "mbedtls/ecdsa.h"
#include <string.h>
#include "crys_ecpki_ecdsa.h"
#include "crys_ecpki_build.h"
#include "crys_common.h"
#include "crys_ecpki_kg.h"
#include "crys_ecpki_domain.h"
#include "crys_ec_edw_api.h"
#include "mbedtls/platform.h"
#include "mbedtls/platform_util.h"
#include "cc_internal.h"
static CRYS_ECPKI_HASH_OpMode_t message_size_to_hash_mode( size_t blen )
{
CRYS_ECPKI_HASH_OpMode_t hash_mode;
switch( blen )
{
case CRYS_HASH_SHA1_DIGEST_SIZE_IN_WORDS*sizeof(uint32_t):
hash_mode = CRYS_ECPKI_AFTER_HASH_SHA1_mode;
break;
case CRYS_HASH_SHA224_DIGEST_SIZE_IN_WORDS*sizeof(uint32_t):
hash_mode = CRYS_ECPKI_AFTER_HASH_SHA224_mode;
break;
case CRYS_HASH_SHA256_DIGEST_SIZE_IN_WORDS*sizeof(uint32_t):
hash_mode = CRYS_ECPKI_AFTER_HASH_SHA256_mode;
break;
case CRYS_HASH_SHA384_DIGEST_SIZE_IN_WORDS*sizeof(uint32_t):
hash_mode = CRYS_ECPKI_AFTER_HASH_SHA384_mode;
break;
case CRYS_HASH_SHA512_DIGEST_SIZE_IN_WORDS*sizeof(uint32_t):
hash_mode = CRYS_ECPKI_AFTER_HASH_SHA512_mode;
break;
default:
hash_mode = CRYS_ECPKI_HASH_OpModeLast;
}
return hash_mode;
}
#if defined(MBEDTLS_ECDSA_SIGN_ALT)
int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
int ret = 0;
CRYSError_t CrysRet = CRYS_OK;
void* pHeap = NULL;
size_t heapSize = 0;
uint8_t* pSignature = NULL;
CRYS_ECPKI_HASH_OpMode_t hash_mode = message_size_to_hash_mode( blen );
uint32_t signature_size = ( ( grp->nbits + 7 ) / 8 ) *2;
const uint32_t signature_size_for_heap = signature_size;
mbedtls_rand_func_container cc_rand = { f_rng, p_rng };
const CRYS_ECPKI_Domain_t* pDomain = CRYS_ECPKI_GetEcDomain ( convert_mbedtls_grp_id_to_crys_domain_id( grp->id ) );
#if SIZE_MAX > UINT_MAX
if( blen > 0xFFFFFFFF )
{
return ( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
}
#endif
if ( pDomain != NULL )
{
uint8_t temp_buf[ MAX_KEY_SIZE_IN_BYTES ] = {0};
cc_ecc_ws_sign_params_t* signParams = mbedtls_calloc( 1, sizeof(cc_ecc_ws_sign_params_t) );
if ( signParams == NULL)
return ( MBEDTLS_ERR_ECP_ALLOC_FAILED );
pHeap = signParams;
heapSize = sizeof(cc_ecc_ws_sign_params_t);
pSignature = mbedtls_calloc( 1, signature_size_for_heap );
if ( pSignature == NULL)
{
ret = MBEDTLS_ERR_ECP_ALLOC_FAILED;
goto cleanup;
}
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, temp_buf, mbedtls_mpi_size( d ) ) );
CrysRet = CRYS_ECPKI_BuildPrivKey( pDomain,
temp_buf,
mbedtls_mpi_size( d ),
&signParams->privKey);
if( CrysRet != CRYS_OK )
{
ret = convert_CrysError_to_mbedtls_err( CrysRet );
mbedtls_platform_zeroize( temp_buf, sizeof(temp_buf) );
goto cleanup;
}
CrysRet = CRYS_ECDSA_Sign( &cc_rand,
convert_mbedtls_to_cc_rand,
&signParams->signContext,
&signParams->privKey,
hash_mode,
(uint8_t*)buf,
blen,
pSignature,
&signature_size );
mbedtls_platform_zeroize( temp_buf, sizeof(temp_buf) );
if( CrysRet != CRYS_OK )
{
ret = convert_CrysError_to_mbedtls_err( CrysRet );
goto cleanup;
}
}
else
{
ret = MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED;
goto cleanup;
}
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( r, pSignature, ( ( grp->nbits + 7 ) / 8 ) ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( s, pSignature + ( ( grp->nbits + 7 ) / 8 ), ( ( grp->nbits + 7 ) / 8 ) ) );
cleanup:
if ( pHeap )
{
mbedtls_platform_zeroize( pHeap, heapSize );
mbedtls_free( pHeap );
}
if( pSignature )
{
mbedtls_platform_zeroize( pSignature, signature_size_for_heap );
mbedtls_free( pSignature );
}
return ( ret ) ;
}
#endif /* MBEDTLS_ECDSA_SIGN_ALT*/
#if defined(MBEDTLS_ECDSA_VERIFY_ALT)
//need to normalize the coordinates
int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
const unsigned char *buf, size_t blen,
const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s)
{
int ret = 0;
CRYSError_t CrysRet = CRYS_OK;
void* pHeap = NULL;
size_t heapSize = 0;
uint8_t * pSignature = NULL;
CRYS_ECPKI_HASH_OpMode_t hash_mode = message_size_to_hash_mode( blen );
size_t temp_size = 0;
uint32_t signature_size = ( ( grp->nbits + 7 ) / 8 ) * 2;
const CRYS_ECPKI_Domain_t* pDomain = CRYS_ECPKI_GetEcDomain ( convert_mbedtls_grp_id_to_crys_domain_id( grp->id ) );
#if SIZE_MAX > UINT_MAX
if( blen > 0xFFFFFFFF )
{
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
}
#endif
if ( pDomain )
{
uint8_t temp_buf[ 2*MAX_KEY_SIZE_IN_BYTES + 1 ] = {0};
cc_ecc_ws_verify_params_t* verifyParams = mbedtls_calloc( 1, sizeof(cc_ecc_ws_verify_params_t) );
if ( verifyParams == NULL)
return ( MBEDTLS_ERR_ECP_ALLOC_FAILED );
pHeap = verifyParams;
heapSize = sizeof(cc_ecc_ws_verify_params_t);
pSignature = mbedtls_calloc( 1, signature_size );
if ( pSignature == NULL)
{
ret = MBEDTLS_ERR_ECP_ALLOC_FAILED;
goto cleanup;
}
MBEDTLS_MPI_CHK( mbedtls_ecp_point_write_binary( grp, Q, MBEDTLS_ECP_PF_UNCOMPRESSED,
&temp_size, temp_buf, sizeof(temp_buf) ) );
CrysRet = CRYS_ECPKI_BuildPublKey(pDomain, temp_buf, temp_size, &verifyParams->pubKey);
if( CrysRet != CRYS_OK )
{
ret = convert_CrysError_to_mbedtls_err( CrysRet );
goto cleanup;
}
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( r, pSignature, ( ( grp->nbits + 7 ) / 8 ) ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( s, pSignature + ( ( grp->nbits + 7 ) / 8 ), ( ( grp->nbits + 7 ) / 8 ) ) );
CrysRet = CRYS_ECDSA_Verify ( &verifyParams->verifyContext,
&verifyParams->pubKey,
hash_mode,
pSignature,
signature_size,
(uint8_t*)buf,
blen );
if( CrysRet != CRYS_OK )
{
ret = convert_CrysError_to_mbedtls_err( CrysRet );
goto cleanup;
}
}
else
ret = MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED;
cleanup:
if( pHeap )
{
mbedtls_platform_zeroize( pHeap, heapSize );
mbedtls_free( pHeap );
}
if( pSignature )
{
mbedtls_platform_zeroize( pSignature, signature_size );
mbedtls_free( pSignature );
}
return ret;
}
#endif /* MBEDTLS_ECDSA_VERIFY_ALT */
#if defined(MBEDTLS_ECDSA_GENKEY_ALT)
int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
int ret = 0;
CRYSError_t CrysRet = CRYS_OK;
void* pHeap = NULL;
size_t heapSize = 0;
uint32_t key_size = 2*MAX_KEY_SIZE_IN_BYTES + 1;
const CRYS_ECPKI_Domain_t* pDomain = CRYS_ECPKI_GetEcDomain ( convert_mbedtls_grp_id_to_crys_domain_id( gid ) );
mbedtls_rand_func_container cc_rand = { f_rng, p_rng };
if ( pDomain )
{
uint8_t temp_buf[ 2 * MAX_KEY_SIZE_IN_BYTES + 1 ] = {0};
cc_ecc_ws_keygen_params_t* kgParams = mbedtls_calloc( 1, sizeof(cc_ecc_ws_keygen_params_t) );
if ( kgParams == NULL )
return ( MBEDTLS_ERR_ECP_ALLOC_FAILED );
pHeap = kgParams;
heapSize = sizeof(cc_ecc_ws_keygen_params_t);
CrysRet = CRYS_ECPKI_GenKeyPair( &cc_rand, convert_mbedtls_to_cc_rand, pDomain,
&kgParams->privKey, &kgParams->pubKey,
&kgParams->kgTempData, NULL );
if ( CrysRet != CRYS_OK )
{
ret = convert_CrysError_to_mbedtls_err( CrysRet );
goto cleanup;
}
MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ctx->grp, gid ) );
CrysRet = CRYS_ECPKI_ExportPublKey( &kgParams->pubKey, CRYS_EC_PointUncompressed, temp_buf, &key_size );
if ( CrysRet != CRYS_OK )
{
ret = convert_CrysError_to_mbedtls_err( CrysRet );
goto cleanup;
}
ret = mbedtls_ecp_point_read_binary( &ctx->grp, &ctx->Q, temp_buf, key_size );
if ( ret != 0 )
goto cleanup;
memset ( temp_buf, 0 , sizeof(temp_buf) );
CrysRet = CRYS_COMMON_ConvertLswMswWordsToMsbLsbBytes( temp_buf, (ctx->grp.nbits+7)/8,
kgParams->privKey.PrivKeyDbBuff,
4*((((ctx->grp.nbits+7)/8)+3)/4) );
if ( CrysRet != CRYS_OK )
{
ret = convert_CrysError_to_mbedtls_err( CrysRet );
mbedtls_platform_zeroize( temp_buf, sizeof(temp_buf) );
goto cleanup;
}
ret = mbedtls_mpi_read_binary( &ctx->d, temp_buf, (ctx->grp.nbits+7)/8 );
mbedtls_platform_zeroize( temp_buf, sizeof(temp_buf) );
if ( ret != 0 )
{
goto cleanup;
}
}
else
ret = MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED;
cleanup:
if ( pHeap )
{
mbedtls_platform_zeroize( pHeap, heapSize );
mbedtls_free ( pHeap );
}
return ( ret );
}
#endif /* MBEDTLS_ECDSA_GENKEY_ALT */

84
connectivity/drivers/mbedtls/FEATURE_CRYPTOCELL310/source/sha1_alt.c Normal file
View File

@@ -0,0 +1,84 @@
/*
* sha1_alt.c
*
* Copyright (C) 2018, Arm Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
#include "mbedtls/sha1.h"
#if defined(MBEDTLS_SHA1_ALT)
#include <string.h>
#include "mbedtls/platform.h"
void mbedtls_sha1_init( mbedtls_sha1_context *ctx )
{
memset( ctx, 0, sizeof( mbedtls_sha1_context ) );
}
void mbedtls_sha1_free( mbedtls_sha1_context *ctx )
{
if( ctx == NULL )
return;
CRYS_HASH_Free( &ctx->crys_hash_ctx );
memset( ctx, 0, sizeof( mbedtls_sha1_context ) );
}
void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
const mbedtls_sha1_context *src )
{
memcpy( dst, src, sizeof( mbedtls_sha1_context ) );
}
int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx )
{
if( CRYS_HASH_Init( &ctx->crys_hash_ctx, CRYS_HASH_SHA1_mode ) != CRYS_OK )
return ( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
return ( 0 );
}
int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
const unsigned char *input,
size_t ilen )
{
if( CRYS_HASH_Update( &ctx->crys_hash_ctx, (uint8_t*)input, ilen ) != CRYS_OK )
return ( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
return ( 0 );
}
int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
unsigned char output[20] )
{
CRYSError_t crys_err = CRYS_OK;
CRYS_HASH_Result_t crys_result = {0};
crys_err = CRYS_HASH_Finish( &ctx->crys_hash_ctx, crys_result );
if( crys_err == CRYS_OK )
{
memcpy( output, crys_result, 20 );
return ( 0 );
}
else
return ( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
}
int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
const unsigned char data[64] )
{
return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
}
#endif //MBEDTLS_SHA1_ALT

84
connectivity/drivers/mbedtls/FEATURE_CRYPTOCELL310/source/sha256_alt.c Normal file
View File

@@ -0,0 +1,84 @@
/*
* sha256_alt.c
*
* Copyright (C) 2018, Arm Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
#include "mbedtls/sha256.h"
#if defined(MBEDTLS_SHA256_ALT)
#include <string.h>
#include "mbedtls/platform.h"
void mbedtls_sha256_init( mbedtls_sha256_context *ctx )
{
memset( ctx, 0, sizeof( mbedtls_sha256_context ) );
}
void mbedtls_sha256_free( mbedtls_sha256_context *ctx )
{
if( ctx == NULL )
return;
CRYS_HASH_Free( &ctx->crys_hash_ctx );
memset( ctx, 0, sizeof( mbedtls_sha256_context ) );
}
void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
const mbedtls_sha256_context *src )
{
memcpy( dst, src, sizeof( mbedtls_sha256_context ) );
}
int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 )
{
if(CRYS_HASH_Init( &ctx->crys_hash_ctx, is224 ?
CRYS_HASH_SHA224_mode : CRYS_HASH_SHA256_mode ) != CRYS_OK )
return ( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
return ( 0 );
}
int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
const unsigned char data[64] )
{
return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
}
int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
const unsigned char *input,
size_t ilen )
{
if( CRYS_HASH_Update( &ctx->crys_hash_ctx, (uint8_t*)input, ilen ) != CRYS_OK )
return ( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
return ( 0 );
}
int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
unsigned char output[32] )
{
CRYSError_t crys_err = CRYS_OK;
CRYS_HASH_Result_t crys_result = {0};
crys_err = CRYS_HASH_Finish( &ctx->crys_hash_ctx, crys_result );
if( crys_err == CRYS_OK )
{
memcpy( output, crys_result, 32 );
return ( 0 );
}
else
return ( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
}
#endif //MBEDTLS_SHA256_ALT

84
connectivity/drivers/mbedtls/FEATURE_CRYPTOCELL310/source/sha512_alt.c Normal file
View File

@@ -0,0 +1,84 @@
/*
* sha512_alt.c
*
* Copyright (C) 2019, Arm Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
#include "mbedtls/sha512.h"
#if defined(MBEDTLS_SHA512_ALT)
#include <string.h>
#include "mbedtls/platform.h"
void mbedtls_sha512_init( mbedtls_sha512_context *ctx )
{
memset( ctx, 0, sizeof( mbedtls_sha512_context ) );
}
void mbedtls_sha512_free( mbedtls_sha512_context *ctx )
{
if( ctx == NULL )
return;
CRYS_HASH_Free( &ctx->crys_hash_ctx );
memset( ctx, 0, sizeof( mbedtls_sha512_context ) );
}
void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
const mbedtls_sha512_context *src )
{
memcpy(dst,src,sizeof(mbedtls_sha512_context));
}
int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 )
{
if( is384 )
return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
if( CRYS_HASH_Init( &ctx->crys_hash_ctx, CRYS_HASH_SHA512_mode ) != CRYS_OK )
return ( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
return ( 0 );
}
int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
const unsigned char data[128] )
{
return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
}
int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx,
const unsigned char *input,
size_t ilen )
{
if( CRYS_HASH_Update( &ctx->crys_hash_ctx, (uint8_t*)input, ilen ) != CRYS_OK )
return ( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
return ( 0 );
}
int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx,
unsigned char output[64] )
{
CRYSError_t crys_err = CRYS_OK;
CRYS_HASH_Result_t crys_result = {0};
crys_err = CRYS_HASH_Finish( &ctx->crys_hash_ctx, crys_result );
if( crys_err == CRYS_OK )
{
memcpy(output,crys_result,64);
return ( 0 );
}
else
return ( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
}
#endif //MBEDTLS_SHA512_ALT

90
connectivity/drivers/mbedtls/FEATURE_CRYPTOCELL310/source/trng.c Normal file
View File

@@ -0,0 +1,90 @@
/*
* trng.c
*
* Copyright (C) 2017, Arm Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
#if DEVICE_TRNG
#include <string.h>
#include "trng_api.h"
#include "mbedtls/platform.h"
extern mbedtls_platform_context plat_ctx;
static CRYS_RND_WorkBuff_t rndWorkBuff = { { 0 } };
/* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = (unsigned char*)v;
while( n-- ) *p++ = 0;
}
CRYSError_t RNG_PLAT_SetUserRngParameters(
CRYS_RND_State_t *pRndState,
CRYS_RND_Params_t *pTrngParams);
CRYSError_t LLF_RND_GetTrngSource(
CRYS_RND_State_t *rndState_ptr,
CRYS_RND_Params_t *trngParams_ptr,
SaSiBool_t isContinued,
uint32_t *entropySize_ptr,
uint32_t **sourceOut_ptr_ptr,
uint32_t *sourceOutSize_ptr,
uint32_t *rndWorkBuff_ptr);
void trng_init(trng_t *obj)
{
RNG_PLAT_SetUserRngParameters(&plat_ctx.platform_impl_ctx.rndState, obj);
}
void trng_free(trng_t *obj)
{
(void)obj;
}
int trng_get_bytes(trng_t *obj, uint8_t *output, size_t length, size_t *outputLength)
{
(void)obj;
int ret;
uint32_t entropySizeBits;
uint32_t *entrSource_ptr;
uint32_t actualLength;
ret = LLF_RND_GetTrngSource(
&plat_ctx.platform_impl_ctx.rndState , /*in/out*/
obj, /*in/out*/
0, /*in*/
&entropySizeBits, /*in/out*/
&entrSource_ptr, /*out*/
&actualLength, /*out*/
(uint32_t*)&rndWorkBuff.crysRndWorkBuff /*in*/);
if ( ret != 0 )
return -1;
if ( length < actualLength )
actualLength = length;
*outputLength = actualLength;
memcpy( output, entrSource_ptr + CRYS_RND_TRNG_SRC_INNER_OFFSET_WORDS, *outputLength );
mbedtls_zeroize( entrSource_ptr + CRYS_RND_TRNG_SRC_INNER_OFFSET_WORDS, *outputLength );
return 0;
}
#endif //DEVICE_TRNG