diff options
| author | Bruce Beare <bruce.j.beare@intel.com> | 2016-05-06 21:03:01 +0000 |
|---|---|---|
| committer | android-build-merger <android-build-merger@google.com> | 2016-05-06 21:03:01 +0000 |
| commit | 4cfb5f6f9d07112035bacdc3959a66feab938de1 (patch) | |
| tree | 3ed50767d3d56e219ad28969b890dcef060ce9c6 | |
| parent | 05e7f914c65bd600af14b56086983dd398148ecf (diff) | |
| parent | 2ffeae775dceb2e3540bb43ed0c2246376e2ec48 (diff) | |
| download | intel-4cfb5f6f9d07112035bacdc3959a66feab938de1.tar.gz | |
Reland "chaabi: initial commit for libcc54" am: 09bcc11a44
am: 2ffeae775d
* commit '2ffeae775dceb2e3540bb43ed0c2246376e2ec48':
Reland "chaabi: initial commit for libcc54"
Change-Id: Iaa5f9f63d3101b49c6aec644e292cfcdb5e9a2f4
171 files changed, 38700 insertions, 0 deletions
diff --git a/peripheral/keystore/chaabi/libcc54/Android.mk b/peripheral/keystore/chaabi/libcc54/Android.mk new file mode 100644 index 0000000..2afcdd3 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/Android.mk @@ -0,0 +1,102 @@ +# (c) Copyright 2011-2016 Intel Corporation. +# This file is licensed under the terms provided in the file +# libcc54/LICENSE in this directory or a parent directory + +LOCAL_PATH := $(call my-dir) + +ifeq ($(INTEL_CHAABI_KEYSTORE_SOURCE_BUILD),true) + +include $(CLEAR_VARS) +local_src_files := \ + dx_cclib.c \ + driver_interface/driver_interface.c \ + crys/crys_context_relocation.c \ + crys/crys_aes.c \ + crys/crys_hash.c \ + crys/crys_hmac.c \ + crys/crys_des.c \ + crys/crys_common.c \ + crys/crys_aesccm.c \ + crys/crys_combined.c \ + tee_client_api.c \ + tee_token_lib.c \ + tee_applet_loading_lib.c \ + generated/applet_mng_seprpc_stub.c \ + generated/crys_aes_seprpc_stub.c \ + generated/crys_ecc_seprpc_stub.c \ + generated/crys_rc4_seprpc_stub.c \ + generated/crys_rnd_seprpc_stub.c \ + generated/crys_rsa_seprpc_stub.c \ + generated/management_apis_seprpc_stub.c \ + generated/crys_kdf_seprpc_stub.c \ + generated/crys_dh_seprpc_stub.c \ + generated/crys_self_test_seprpc_stub.c \ + pal/linux/dx_pal_log.c \ + disk_enc.c \ + secure_channel/secure_channel.c + +ifeq ($(INTEL_FEATURE_ARKHAM),true) +local_src_files += hwk_crypto.c +endif + +local_c_includes := \ + $(LOCAL_PATH)/driver_interface \ + $(LOCAL_PATH)/include \ + $(LOCAL_PATH)/include/export \ + $(LOCAL_PATH)/include/crys \ + $(LOCAL_PATH)/include/generated \ + $(LOCAL_PATH)/include/pal \ + $(LOCAL_PATH)/include/pal/linux + +local_export_c_include_dirs := $(LOCAL_PATH)/include/export + +local_c_flags := -DDX_CC_HOST -DDX_CC54_SUPPORTED + + +################################################# +# Target dynamic library + +include $(CLEAR_VARS) +LOCAL_SRC_FILES := $(local_src_files) +LOCAL_C_INCLUDES += $(local_c_includes) +LOCAL_CFLAGS += $(local_c_flags) +LOCAL_EXPORT_C_INCLUDE_DIRS := $(local_export_c_include_dirs) +LOCAL_SHARED_LIBRARIES += libc +LOCAL_MODULE := libdx_cc7 +LOCAL_MODULE_TAGS := optional +ifeq ($(INTEL_FEATURE_ARKHAM),true) +LOCAL_COPY_HEADERS += include/export/hwk_crypto.h +endif +LOCAL_COPY_HEADERS_TO := libdx_cc7 +LOCAL_COPY_HEADERS += \ + include/export/dx_cclib.h \ + include/export/secure_channel.h \ + include/export/tee_client_api.h \ + include/export/tee_token_error.h \ + include/export/tee_token_if.h +include $(BUILD_SHARED_LIBRARY) + +############################################### +# Target static library + +include $(CLEAR_VARS) +LOCAL_SRC_FILES := $(local_src_files) +LOCAL_C_INCLUDES += $(local_c_includes) +LOCAL_CFLAGS += $(local_c_flags) +LOCAL_EXPORT_C_INCLUDE_DIRS := $(local_export_c_include_dirs) +LOCAL_STATIC_LIBRARIES += libc +LOCAL_MODULE := libdx_cc7_static +LOCAL_MODULE_TAGS := optional +ifeq ($(INTEL_FEATURE_ARKHAM),true) +LOCAL_COPY_HEADERS += include/export/hwk_crypto.h +endif +LOCAL_COPY_HEADERS_TO := libdx_cc7_static +LOCAL_COPY_HEADERS += \ + include/export/dx_cclib.h \ + include/export/secure_channel.h \ + include/export/tee_client_api.h \ + include/export/tee_token_error.h \ + include/export/tee_token_if.h +include $(BUILD_STATIC_LIBRARY) + +endif diff --git a/peripheral/keystore/chaabi/libcc54/Clib_Releasenotes.txt b/peripheral/keystore/chaabi/libcc54/Clib_Releasenotes.txt new file mode 100644 index 0000000..2f1b19b --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/Clib_Releasenotes.txt @@ -0,0 +1,10 @@ +Date: 25/01/2012 10:18AM EET (+2:00) +Component: CClib + Initial code release for CC-Lib for CHAABI support + + BZ:21025 + + This CC-Lib code is based on the alpha release from Discretix. + The flag "BUILD_WITH_CHAABI_SUPPORT" in the BoardConifig.mk file is set to "false" + to enable the compilation as the Chaabi hardware support is not yet available. + diff --git a/peripheral/keystore/chaabi/libcc54/LICENSE b/peripheral/keystore/chaabi/libcc54/LICENSE new file mode 100644 index 0000000..d829ea9 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/LICENSE @@ -0,0 +1,440 @@ +This software may be distributed under the terms of the Apache 2.0 license. +Alternatively, this software may be distributed under the terms of the GNU +General Public License ("GPL"), version 2 or later, as published by the Free +Software Foundation. All contributions to this software are assumed to be +provided under this dual-license. The texts of each of those license follow. + + +-------------------------- + +Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ + +TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + +1. Definitions. + +"License" shall mean the terms and conditions for use, reproduction, and +distribution as defined by Sections 1 through 9 of this document. + +"Licensor" shall mean the copyright owner or entity authorized by the +copyright owner that is granting the License. + +"Legal Entity" shall mean the union of the acting entity and all other +entities that control, are controlled by, or are under common control +with that entity. For the purposes of this definition, "control" means (i) +the power, direct or indirect, to cause the direction or management of such +entity, whether by contract or otherwise, or (ii) ownership of fifty percent +(50%) or more of the outstanding shares, or (iii) beneficial ownership of +such entity. + +"You" (or "Your") shall mean an individual or Legal Entity exercising +permissions granted by this License. + +"Source" form shall mean the preferred form for making modifications, +including but not limited to software source code, documentation source, +and configuration files. + +"Object" form shall mean any form resulting from mechanical transformation +or translation of a Source form, including but not limited to compiled +object code, generated documentation, and conversions to other media types. + +"Work" shall mean the work of authorship, whether in Source or Object form, +made available under the License, as indicated by a copyright notice that +is included in or attached to the work (an example is provided in the +Appendix below). + +"Derivative Works" shall mean any work, whether in Source or Object form, that +is based on (or derived from) the Work and for which the editorial revisions, +annotations, elaborations, or other modifications represent, as a whole, an +original work of authorship. For the purposes of this License, Derivative +Works shall not include works that remain separable from, or merely link +(or bind by name) to the interfaces of, the Work and Derivative Works thereof. + +"Contribution" shall mean any work of authorship, including the original +version of the Work and any modifications or additions to that Work or +Derivative Works thereof, that is intentionally submitted to Licensor +for inclusion in the Work by the copyright owner or by an individual or +Legal Entity authorized to submit on behalf of the copyright owner. For +the purposes of this definition, "submitted" means any form of electronic, +verbal, or written communication sent to the Licensor or its representatives, +including but not limited to communication on electronic mailing lists, +source code control systems, and issue tracking systems that are managed by, +or on behalf of, the Licensor for the purpose of discussing and improving the +Work, but excluding communication that is conspicuously marked or otherwise +designated in writing by the copyright owner as "Not a Contribution." + +"Contributor" shall mean Licensor and any individual or Legal Entity on +behalf of whom a Contribution has been received by Licensor and subsequently +incorporated within the Work. + +2. Grant of Copyright License. + +Subject to the terms and conditions of this License, each Contributor hereby +grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, +irrevocable copyright license to reproduce, prepare Derivative Works of, +publicly display, publicly perform, sublicense, and distribute the Work +and such Derivative Works in Source or Object form. + +3. Grant of Patent License. + +Subject to the terms and conditions of this License, each Contributor hereby +grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, +irrevocable (except as stated in this section) patent license to make, +have made, use, offer to sell, sell, import, and otherwise transfer the +Work, where such license applies only to those patent claims licensable by +such Contributor that are necessarily infringed by their Contribution(s) +alone or by combination of their Contribution(s) with the Work to which +such Contribution(s) was submitted. If You institute patent litigation +against any entity (including a cross-claim or counterclaim in a lawsuit) +alleging that the Work or a Contribution incorporated within the Work +constitutes direct or contributory patent infringement, then any patent +licenses granted to You under this License for that Work shall terminate +as of the date such litigation is filed. + +4. Redistribution. + +You may reproduce and distribute copies of the Work or Derivative Works +thereof in any medium, with or without modifications, and in Source or +Object form, provided that You meet the following conditions: + +You must give any other recipients of the Work or Derivative Works a copy +of this License; and You must cause any modified files to carry prominent +notices stating that You changed the files; and You must retain, in the +Source form of any Derivative Works that You distribute, all copyright, +patent, trademark, and attribution notices from the Source form of the +Work, excluding those notices that do not pertain to any part of the +Derivative Works; and If the Work includes a "NOTICE" text file as part +of its distribution, then any Derivative Works that You distribute must +include a readable copy of the attribution notices contained within such +NOTICE file, excluding those notices that do not pertain to any part of the +Derivative Works, in at least one of the following places: within a NOTICE +text file distributed as part of the Derivative Works; within the Source +form or documentation, if provided along with the Derivative Works; or, +within a display generated by the Derivative Works, if and wherever such +third-party notices normally appear. The contents of the NOTICE file are +for informational purposes only and do not modify the License. You may add +Your own attribution notices within Derivative Works that You distribute, +alongside or as an addendum to the NOTICE text from the Work, provided that +such additional attribution notices cannot be construed as modifying the +License. You may add Your own copyright statement to Your modifications +and may provide additional or different license terms and conditions for +use, reproduction, or distribution of Your modifications, or for any such +Derivative Works as a whole, provided Your use, reproduction, and distribution +of the Work otherwise complies with the conditions stated in this License. + +5. Submission of Contributions. + +Unless You explicitly state otherwise, any Contribution intentionally +submitted for inclusion in the Work by You to the Licensor shall be under +the terms and conditions of this License, without any additional terms or +conditions. Notwithstanding the above, nothing herein shall supersede or +modify the terms of any separate license agreement you may have executed +with Licensor regarding such Contributions. + +6. Trademarks. + +This License does not grant permission to use the trade names, trademarks, +service marks, or product names of the Licensor, except as required for +reasonable and customary use in describing the origin of the Work and +reproducing the content of the NOTICE file. + +7. Disclaimer of Warranty. + +Unless required by applicable law or agreed to in writing, Licensor provides +the Work (and each Contributor provides its Contributions) on an "AS IS" +BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +implied, including, without limitation, any warranties or conditions of +TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR +PURPOSE. You are solely responsible for determining the appropriateness of +using or redistributing the Work and assume any risks associated with Your +exercise of permissions under this License. + +8. Limitation of Liability. + +In no event and under no legal theory, whether in tort (including negligence), +contract, or otherwise, unless required by applicable law (such as deliberate +and grossly negligent acts) or agreed to in writing, shall any Contributor +be liable to You for damages, including any direct, indirect, special, +incidental, or consequential damages of any character arising as a result +of this License or out of the use or inability to use the Work (including +but not limited to damages for loss of goodwill, work stoppage, computer +failure or malfunction, or any and all other commercial damages or losses), +even if such Contributor has been advised of the possibility of such damages. + +9. Accepting Warranty or Additional Liability. + +While redistributing the Work or Derivative Works thereof, You may +choose to offer, and charge a fee for, acceptance of support, warranty, +indemnity, or other liability obligations and/or rights consistent with +this License. However, in accepting such obligations, You may act only +on Your own behalf and on Your sole responsibility, not on behalf of any +other Contributor, and only if You agree to indemnify, defend, and hold +each Contributor harmless for any liability incurred by, or claims asserted +against, such Contributor by reason of your accepting any such warranty or +additional liability. + +END OF TERMS AND CONDITIONS + + +-------------------------- + +GNU GENERAL PUBLIC LICENSE Version 2, June 1991 + +Copyright (C) 1989, 1991 Free Software Foundation, Inc. 51 Franklin Street, +Fifth Floor, Boston, MA 02110-1301 USA + +Everyone is permitted to copy and distribute verbatim copies of this license +document, but changing it is not allowed. + +Preamble + +The licenses for most software are designed to take away your freedom +to share and change it. By contrast, the GNU General Public License is +intended to guarantee your freedom to share and change free software--to +make sure the software is free for all its users. This General Public +License applies to most of the Free Software Foundation's software and +to any other program whose authors commit to using it. (Some other Free +Software Foundation software is covered by the GNU Library General Public +License instead.) You can apply it to your programs, too. + +When we speak of free software, we are referring to freedom, not price. Our +General Public Licenses are designed to make sure that you have the freedom +to distribute copies of free software (and charge for this service if you +wish), that you receive source code or can get it if you want it, that you +can change the software or use pieces of it in new free programs; and that +you know you can do these things. + +To protect your rights, we need to make restrictions that forbid anyone +to deny you these rights or to ask you to surrender the rights. These +restrictions translate to certain responsibilities for you if you distribute +copies of the software, or if you modify it. + +For example, if you distribute copies of such a program, whether gratis or +for a fee, you must give the recipients all the rights that you have. You +must make sure that they, too, receive or can get the source code. And you +must show them these terms so they know their rights. + +We protect your rights with two steps: (1) copyright the software, and (2) +offer you this license which gives you legal permission to copy, distribute +and/or modify the software. + +Also, for each author's protection and ours, we want to make certain that +everyone understands that there is no warranty for this free software. If the +software is modified by someone else and passed on, we want its recipients +to know that what they have is not the original, so that any problems +introduced by others will not reflect on the original authors' reputations. + +Finally, any free program is threatened constantly by software patents. We +wish to avoid the danger that redistributors of a free program will +individually obtain patent licenses, in effect making the program +proprietary. To prevent this, we have made it clear that any patent must +be licensed for everyone's free use or not licensed at all. + +The precise terms and conditions for copying, distribution and modification +follow. + +TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + +0. This License applies to any program or other work which contains a +notice placed by the copyright holder saying it may be distributed under +the terms of this General Public License. The "Program", below, refers to +any such program or work, and a "work based on the Program" means either +the Program or any derivative work under copyright law: that is to say, +a work containing the Program or a portion of it, either verbatim or +with modifications and/or translated into another language. (Hereinafter, +translation is included without limitation in the term "modification".) Each +licensee is addressed as "you". + +Activities other than copying, distribution and modification are not covered +by this License; they are outside its scope. The act of running the Program +is not restricted, and the output from the Program is covered only if its +contents constitute a work based on the Program (independent of having +been made by running the Program). Whether that is true depends on what +the Program does. + +1. You may copy and distribute verbatim copies of the Program's source +code as you receive it, in any medium, provided that you conspicuously +and appropriately publish on each copy an appropriate copyright notice +and disclaimer of warranty; keep intact all the notices that refer to this +License and to the absence of any warranty; and give any other recipients +of the Program a copy of this License along with the Program. + +You may charge a fee for the physical act of transferring a copy, and you +may at your option offer warranty protection in exchange for a fee. + +2. You may modify your copy or copies of the Program or any portion of it, +thus forming a work based on the Program, and copy and distribute such +modifications or work under the terms of Section 1 above, provided that +you also meet all of these conditions: + +a) You must cause the modified files to carry prominent notices stating +that you changed the files and the date of any change. + +b) You must cause any work that you distribute or publish, that in whole +or in part contains or is derived from the Program or any part thereof, +to be licensed as a whole at no charge to all third parties under the terms +of this License. + +c) If the modified program normally reads commands interactively when run, +you must cause it, when started running for such interactive use in the most +ordinary way, to print or display an announcement including an appropriate +copyright notice and a notice that there is no warranty (or else, saying +that you provide a warranty) and that users may redistribute the program +under these conditions, and telling the user how to view a copy of this +License. (Exception: if the Program itself is interactive but does not +normally print such an announcement, your work based on the Program is +not required to print an announcement.) These requirements apply to the +modified work as a whole. If identifiable sections of that work are not +derived from the Program, and can be reasonably considered independent and +separate works in themselves, then this License, and its terms, do not apply +to those sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based on +the Program, the distribution of the whole must be on the terms of this +License, whose permissions for other licensees extend to the entire whole, +and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest your +rights to work written entirely by you; rather, the intent is to exercise +the right to control the distribution of derivative or collective works +based on the Program. + +In addition, mere aggregation of another work not based on the Program with +the Program (or with a work based on the Program) on a volume of a storage +or distribution medium does not bring the other work under the scope of +this License. + +3. You may copy and distribute the Program (or a work based on it, under +Section 2) in object code or executable form under the terms of Sections +1 and 2 above provided that you also do one of the following: + +a) Accompany it with the complete corresponding machine-readable source +code, which must be distributed under the terms of Sections 1 and 2 above +on a medium customarily used for software interchange; or, + +b) Accompany it with a written offer, valid for at least three years, to +give any third party, for a charge no more than your cost of physically +performing source distribution, a complete machine-readable copy of the +corresponding source code, to be distributed under the terms of Sections +1 and 2 above on a medium customarily used for software interchange; or, + +c) Accompany it with the information you received as to the offer to +distribute corresponding source code. (This alternative is allowed only +for noncommercial distribution and only if you received the program in +object code or executable form with such an offer, in accord with Subsection +b above.) The source code for a work means the preferred form of the work +for making modifications to it. For an executable work, complete source code +means all the source code for all modules it contains, plus any associated +interface definition files, plus the scripts used to control compilation and +installation of the executable. However, as a special exception, the source +code distributed need not include anything that is normally distributed +(in either source or binary form) with the major components (compiler, +kernel, and so on) of the operating system on which the executable runs, +unless that component itself accompanies the executable. + +If distribution of executable or object code is made by offering access to +copy from a designated place, then offering equivalent access to copy the +source code from the same place counts as distribution of the source code, +even though third parties are not compelled to copy the source along with +the object code. + +4. You may not copy, modify, sublicense, or distribute the Program except +as expressly provided under this License. Any attempt otherwise to copy, +modify, sublicense or distribute the Program is void, and will automatically +terminate your rights under this License. However, parties who have received +copies, or rights, from you under this License will not have their licenses +terminated so long as such parties remain in full compliance. + +5. You are not required to accept this License, since you have not signed +it. However, nothing else grants you permission to modify or distribute the +Program or its derivative works. These actions are prohibited by law if you +do not accept this License. Therefore, by modifying or distributing the +Program (or any work based on the Program), you indicate your acceptance +of this License to do so, and all its terms and conditions for copying, +distributing or modifying the Program or works based on it. + +6. Each time you redistribute the Program (or any work based on the Program), +the recipient automatically receives a license from the original licensor +to copy, distribute or modify the Program subject to these terms and +conditions. You may not impose any further restrictions on the recipients' +exercise of the rights granted herein. You are not responsible for enforcing +compliance by third parties to this License. + +7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or otherwise) +that contradict the conditions of this License, they do not excuse you from +the conditions of this License. If you cannot distribute so as to satisfy +simultaneously your obligations under this License and any other pertinent +obligations, then as a consequence you may not distribute the Program +at all. For example, if a patent license would not permit royalty-free +redistribution of the Program by all those who receive copies directly or +indirectly through you, then the only way you could satisfy both it and +this License would be to refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under any +particular circumstance, the balance of the section is intended to apply +and the section as a whole is intended to apply in other circumstances. + +It is not the purpose of this section to induce you to infringe any patents +or other property right claims or to contest validity of any such claims; +this section has the sole purpose of protecting the integrity of the +free software distribution system, which is implemented by public license +practices. Many people have made generous contributions to the wide range +of software distributed through that system in reliance on consistent +application of that system; it is up to the author/donor to decide if he +or she is willing to distribute software through any other system and a +licensee cannot impose that choice. + +This section is intended to make thoroughly clear what is believed to be +a consequence of the rest of this License. + +8. If the distribution and/or use of the Program is restricted in certain +countries either by patents or by copyrighted interfaces, the original +copyright holder who places the Program under this License may add an +explicit geographical distribution limitation excluding those countries, +so that distribution is permitted only in or among countries not thus +excluded. In such case, this License incorporates the limitation as if +written in the body of this License. + +9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of this License, +you may choose any version ever published by the Free Software Foundation. + +10. If you wish to incorporate parts of the Program into other free programs +whose distribution conditions are different, write to the author to ask for +permission. For software which is copyrighted by the Free Software Foundation, +write to the Free Software Foundation; we sometimes make exceptions for +this. Our decision will be guided by the two goals of preserving the free +status of all derivatives of our free software and of promoting the sharing +and reuse of software generally. + +NO WARRANTY + +11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR +THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE +STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE +PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, +INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY +AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND +PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, +YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + +12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL +ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + +END OF TERMS AND CONDITIONS diff --git a/peripheral/keystore/chaabi/libcc54/Makefile b/peripheral/keystore/chaabi/libcc54/Makefile new file mode 100644 index 0000000..3081744 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/Makefile @@ -0,0 +1,43 @@ +HOST_PROJ_ROOT ?= $(shell pwd)/../.. +include $(HOST_PROJ_ROOT)/Makefile.defs + +TARGET_LIBS = libdx_cc7 +# A Makefile for building CC library (archive) + +# Currently only these modules are working for CC54 project +cclib_sources = driver_interface.c dx_cclib.c crys_aes.c crys_hash.c crys_hmac.c crys_des.c crys_context_relocation.c crys_aesccm.c crys_combined.c dx_pal_log.c + +# SeP RPC stubs (generated source files) +cclib_sources += $(BUILDDIR)/crys_aes_seprpc_stub.c $(BUILDDIR)/applet_mng_seprpc_stub.c $(BUILDDIR)/crys_rsa_seprpc_stub.c $(BUILDDIR)/crys_ecc_seprpc_stub.c $(BUILDDIR)/crys_rc4_seprpc_stub.c $(BUILDDIR)/management_apis_seprpc_stub.c $(BUILDDIR)/crys_rnd_seprpc_stub.c $(BUILDDIR)/crys_kdf_seprpc_stub.c $(BUILDDIR)/crys_dh_seprpc_stub.c $(BUILDDIR)/crys_self_test_seprpc_stub.c + +cclib_sources += tee_client_api.c + +SOURCES_libdx_cc7 = $(filter-out $(CCLIB_EXCLUDED_SOURCES),$(cclib_sources)) + +INCDIRS_EXTRA = $(CODESAFE_SRCDIR)/pal/$(OS) driver_interface $(SHARED_INCDIR)/crys crys +# Add BUILDDIR for generated RPC stubs +INCDIRS_EXTRA += $(BUILDDIR) + +INCDIRS_EXTRA += $(CODESAFE_SRCDIR)/crys/gen/inc $(CODESAFE_SRCDIR)/crys/rsa/llf_pki/inc $(CODESAFE_SRCDIR)/crys/ecc/llf_pki_ec/inc $(CODESAFE_SRCDIR)/crys/ecc/crys_ecc/ecc_common/inc +# Generate API stubs/wrappers for host +SEP_RPC_GEN = $(UTILS_SRCDIR)/sep_rpc_gen/sep_rpc_gen.py +# SeP RPC APIs to build (path to API header file without file extension - where its API XML is also located) +SEP_RPC_APIS += $(SHARED_INCDIR)/crys/crys_aes $(SHARED_INCDIR)/applet_mng $(SHARED_INCDIR)/crys/crys_rsa $(SHARED_INCDIR)/crys/crys_ecc $(SHARED_INCDIR)/crys/crys_rc4 $(SHARED_INCDIR)/management_apis $(SHARED_INCDIR)/crys/crys_rnd $(SHARED_INCDIR)/crys/crys_kdf $(SHARED_INCDIR)/crys/crys_dh $(SHARED_INCDIR)/crys/crys_self_test +# Generate APIs dependencies +$(foreach api,$(SEP_RPC_APIS),$(eval $(BUILDDIR)/$(notdir $(api))_seprpc_stub.c: $(api).xml $(call DEPENDENCY_ON_EXISTENCE_OF,$(BUILDDIR)) $(SEP_RPC_GEN))) +# SeP RPC stub generation rule +$(BUILDDIR)/%_seprpc_stub.c: + @$(ECHO) [RPC] $< --\> $@ + @$(call exec_logged,python3 $(SEP_RPC_GEN) --spec=$< --o-api-h=$(BUILDDIR) --o-host-c=$(BUILDDIR)) + + +#PUBLIC_INCLUDES = +# Additional "private" H files required because of inclusion in API h files +#PUBLIC_INCLUDES += crys7_components/LLF_AES/CC54_LLF_AES/inc/LLF_AES_context_def.h + +# We should flatten the components source trees to avoid long search paths... +vpath %.c driver_interface cclib_interface crys ../pal/$(OS) + +include $(HOST_PROJ_ROOT)/Makefile.rules + + diff --git a/peripheral/keystore/chaabi/libcc54/copy_includes.sh b/peripheral/keystore/chaabi/libcc54/copy_includes.sh new file mode 100644 index 0000000..5911edc --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/copy_includes.sh @@ -0,0 +1,16 @@ +# (c) Copyright 2011-2016 Intel Corporation. +# This file is licensed under the terms provided in the file +# libcc54/LICENSE in this directory or a parent directory + +#!/bin/bash + +SHARED_DIR='../../../shared' +SHARED_INC=$SHARED_DIR'/dx/include' +SHARED_CODESAFE=$SHARED_DIR'/dx/codesafe/src' + +DESTINATION='.' +#mkdir $DESTINATION + +cp -a $SHARED_INC $DESTINATION +cp $SHARED_CODESAFE'/'crys/gen/inc/crys_host_rpc_config.h $DESTINATION'/include' +cp ../../kernel/cc_driver/dx_driver_abi.h $DESTINATION'/include' diff --git a/peripheral/keystore/chaabi/libcc54/crys/crys_aes.c b/peripheral/keystore/chaabi/libcc54/crys/crys_aes.c new file mode 100644 index 0000000..0eeb6ee --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/crys/crys_aes.c @@ -0,0 +1,798 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#define DX_PAL_LOG_CUR_COMPONENT DX_LOG_MASK_CRYS_API + +/************* Include Files ****************/ +#include <stdio.h> +#include <unistd.h> +//#include "error.h" +#include "crys_aes_error.h" +#include "crys_aes.h" +#include "driver_interface.h" +#include "crys_context_relocation.h" +#include "sep_ctx.h" +#include "dx_pal_mem.h" + + +/************* Private function prototype ****************/ + +/*! + * Convert from DxDI return code to CRYS return code + * + * \param diRc: Driver Interface returned error. + * \param errorInfo: Additional error information. + * + */ +static CRYSError_t DX_AesDiErr2CrysErr(DxDI_RetCode_t diRc, DxUint32_t errorInfo) +{ + switch (diRc) { + case DXDI_RET_ENODEV: + case DXDI_RET_EINTERNAL: + case DXDI_RET_ENOTSUP: + case DXDI_RET_ENOPERM: + case DXDI_RET_EINVAL: + case DXDI_RET_ENORSC: + case DXDI_RET_EHW: + /* DXDI errors are below CRYS_ERROR_BASE - let's reuse... */ + switch (errorInfo) { + case DXDI_ERROR_BAD_CTX: + return CRYS_AES_INVALID_USER_CONTEXT_POINTER_ERROR; + case DXDI_ERROR_UNSUP: + return CRYS_AES_IS_NOT_SUPPORTED; + case DXDI_ERROR_INVAL_MODE: + return CRYS_AES_ILLEGAL_OPERATION_MODE_ERROR; + case DXDI_ERROR_INVAL_DIRECTION: + return CRYS_AES_ILLEGAL_PARAMS_ERROR; + case DXDI_ERROR_INVAL_KEY_SIZE: + return CRYS_AES_ILLEGAL_KEY_SIZE_ERROR; + case DXDI_ERROR_INVAL_DIN_PTR: + return CRYS_AES_DATA_IN_POINTER_INVALID_ERROR; + case DXDI_ERROR_INVAL_DOUT_PTR: + return CRYS_AES_DATA_OUT_POINTER_INVALID_ERROR; + case DXDI_ERROR_INVAL_DATA_SIZE: + return CRYS_AES_DATA_IN_SIZE_ILLEGAL; + case DXDI_ERROR_DIN_DOUT_OVERLAP: + return CRYS_AES_DATA_OUT_DATA_IN_OVERLAP_ERROR; + case DXDI_ERROR_NO_RESOURCE: + return CRYS_OUT_OF_RESOURCE_ERROR; + case DXDI_ERROR_INTERNAL: + case DXDI_ERROR_FATAL: + default: + return CRYS_FATAL_ERROR; + } + case DXDI_RET_ESEP: + /* Pass through SeP error code */ + return errorInfo; + default: + /* ??? */ + return CRYS_FATAL_ERROR; + } +} + +/*! + * Get the actual context size of given AES mode + * + * \param mode + * + * \return DxUint32_t Context size in bytes + */ +static DxUint32_t GetContextSize(CRYS_AES_OperationMode_t mode) +{ + /* Sizes are cached to avoid IOCTL on each size query */ + /* Uninitialized - to be initialized on first invocation */ + static DxUint32_t aes_ecb_ctx_size = UINT32_MAX; + static DxUint32_t aes_cbc_ctx_size = UINT32_MAX; + static DxUint32_t aes_mac_ctx_size = UINT32_MAX; + static DxUint32_t aes_ctr_ctx_size = UINT32_MAX; + static DxUint32_t aes_xcbc_mac_ctx_size = UINT32_MAX; + static DxUint32_t aes_cmac_ctx_size = UINT32_MAX; + static DxUint32_t aes_xts_ctx_size = UINT32_MAX; + + /* For each mode we check if size is already "cached" */ + /* DxDI is queried only if size is not cached already */ + switch (mode) { + case CRYS_AES_ECB_mode: + if (aes_ecb_ctx_size == UINT32_MAX) + aes_ecb_ctx_size = + DxDI_GetSymCipherCtxSize(DXDI_SYMCIPHER_AES_ECB); + return aes_ecb_ctx_size; + + case CRYS_AES_CBC_mode: + if (aes_cbc_ctx_size == UINT32_MAX) + aes_cbc_ctx_size = + DxDI_GetSymCipherCtxSize(DXDI_SYMCIPHER_AES_CBC); + return aes_cbc_ctx_size; + + case CRYS_AES_MAC_mode: + if (aes_mac_ctx_size == UINT32_MAX) + aes_mac_ctx_size = + DxDI_GetMacCtxSize(DXDI_MAC_AES_MAC); + return aes_mac_ctx_size; + + case CRYS_AES_CTR_mode: + if (aes_ctr_ctx_size == UINT32_MAX) + aes_ctr_ctx_size = + DxDI_GetSymCipherCtxSize(DXDI_SYMCIPHER_AES_CTR); + return aes_ctr_ctx_size; + + case CRYS_AES_XCBC_MAC_mode: + if (aes_xcbc_mac_ctx_size == UINT32_MAX) + aes_xcbc_mac_ctx_size = + DxDI_GetMacCtxSize(DXDI_MAC_AES_XCBC_MAC); + return aes_xcbc_mac_ctx_size; + + case CRYS_AES_CMAC_mode: + if (aes_cmac_ctx_size == UINT32_MAX) + aes_cmac_ctx_size = + DxDI_GetMacCtxSize(DXDI_MAC_AES_CMAC); + return aes_cmac_ctx_size; + + case CRYS_AES_XTS_mode: + if (aes_xts_ctx_size == UINT32_MAX) + aes_xts_ctx_size = + DxDI_GetSymCipherCtxSize(DXDI_SYMCIPHER_AES_XTS); + return aes_xts_ctx_size; + + default: + return 0; + } +} + +static CRYSError_t InitAesParams(CRYS_AESUserContext_t *ContextID_ptr, + CRYS_AES_IvCounter_t IVCounter_ptr, + CRYS_AES_Key_t Key_ptr, + CRYS_AES_KeySize_t KeySizeID, + CRYS_AES_EncryptMode_t EncryptDecryptFlag, + CRYS_AES_OperationMode_t OperationMode, + DxUint8_t *Aes_Props, + DxUint32_t **InternalCnxtPtr) +{ + DxUint32_t realContextSize; + DxUint32_t keySizeInBytes; + struct dxdi_sym_cipher_props *cipher_props = DX_NULL; + struct dxdi_mac_props *mac_props = DX_NULL; + + + /* check if the operation mode is legal */ + if (OperationMode >= CRYS_AES_NumOfModes) + return CRYS_AES_ILLEGAL_OPERATION_MODE_ERROR; + + realContextSize = GetContextSize(OperationMode); + if (realContextSize == 0) + return CRYS_AES_ILLEGAL_OPERATION_MODE_ERROR; + + /* if the users context ID pointer is DX_NULL return an error */ + if (ContextID_ptr == DX_NULL) + return CRYS_AES_INVALID_USER_CONTEXT_POINTER_ERROR; + + /* Get pointer within the buffer that can accomodate context without + crossing a page */ + *InternalCnxtPtr = DX_InitUserCtxLocation(ContextID_ptr, + sizeof(CRYS_AESUserContext_t), + realContextSize); + if (*InternalCnxtPtr == 0) + return CRYS_AES_INVALID_USER_CONTEXT_POINTER_ERROR; + + + /* if the operation mode selected is CBC, MAC, CTR or XTS then check the validity of + the IV counter pointer (note: on XTS mode it is the Tweak pointer) */ + if ((OperationMode == CRYS_AES_CBC_mode || + OperationMode == CRYS_AES_MAC_mode || + OperationMode == CRYS_AES_CTR_mode || + OperationMode == CRYS_AES_XTS_mode) && + IVCounter_ptr == DX_NULL) { + return CRYS_AES_INVALID_IV_OR_TWEAK_PTR_ERROR; + } + + /* check the Encrypt / Decrypt flag validity */ + if (EncryptDecryptFlag >= CRYS_AES_EncryptNumOfOptions) + return CRYS_AES_INVALID_ENCRYPT_MODE_ERROR; + + /* in MAC,XCBC,CMAC,CTR modes enable only encrypt mode */ + if ((OperationMode == CRYS_AES_XCBC_MAC_mode || OperationMode == CRYS_AES_CMAC_mode || + OperationMode == CRYS_AES_MAC_mode) && + EncryptDecryptFlag != CRYS_AES_Encrypt) + return CRYS_AES_DECRYPTION_NOT_ALLOWED_ON_THIS_MODE; + + + switch (KeySizeID) { + case CRYS_AES_Key128BitSize: + keySizeInBytes = 16; + break; + case CRYS_AES_Key192BitSize: + keySizeInBytes = 24; + break; + case CRYS_AES_Key256BitSize: + keySizeInBytes = 32; + break; + case CRYS_AES_Key512BitSize: + keySizeInBytes = 64; + break; + default: + return CRYS_AES_ILLEGAL_KEY_SIZE_ERROR; + /* TODO: Secret key support */ + } + + if (OperationMode == CRYS_AES_XTS_mode || + OperationMode == CRYS_AES_ECB_mode || + OperationMode == CRYS_AES_CBC_mode || + OperationMode == CRYS_AES_CTR_mode) { + + cipher_props = (struct dxdi_sym_cipher_props *)Aes_Props; + cipher_props->direction = EncryptDecryptFlag == CRYS_AES_Encrypt ? + DXDI_CDIR_ENC : DXDI_CDIR_DEC; + cipher_props->key_size = keySizeInBytes; + DX_PAL_MemCopy(cipher_props->key,Key_ptr,keySizeInBytes); + } else { + mac_props = (struct dxdi_mac_props *)Aes_Props; + mac_props->key_size = keySizeInBytes; + DX_PAL_MemCopy(mac_props->key,Key_ptr,keySizeInBytes); + } + + switch (OperationMode) { + case CRYS_AES_ECB_mode: + cipher_props->cipher_type = DXDI_SYMCIPHER_AES_ECB; + break; + case CRYS_AES_CBC_mode: + cipher_props->cipher_type = DXDI_SYMCIPHER_AES_CBC; + DX_PAL_MemCopy(cipher_props->alg_specific.aes_cbc.iv,IVCounter_ptr,CRYS_AES_IV_COUNTER_SIZE_IN_BYTES); + break; + case CRYS_AES_MAC_mode: + mac_props->mac_type = DXDI_MAC_AES_MAC; + DX_PAL_MemCopy(mac_props->alg_specific.aes_mac.iv,IVCounter_ptr,CRYS_AES_IV_COUNTER_SIZE_IN_BYTES); + break; + case CRYS_AES_CTR_mode: + cipher_props->cipher_type = DXDI_SYMCIPHER_AES_CTR; + DX_PAL_MemCopy(cipher_props->alg_specific.aes_ctr.cntr,IVCounter_ptr,CRYS_AES_IV_COUNTER_SIZE_IN_BYTES); + break; + case CRYS_AES_XCBC_MAC_mode: + if (KeySizeID != CRYS_AES_Key128BitSize) + return CRYS_AES_ILLEGAL_KEY_SIZE_ERROR; + mac_props->mac_type = DXDI_MAC_AES_XCBC_MAC; + break; + case CRYS_AES_CMAC_mode: + mac_props->mac_type = DXDI_MAC_AES_CMAC; + break; + case CRYS_AES_XTS_mode: + if ((KeySizeID != CRYS_AES_Key256BitSize) && + (KeySizeID != CRYS_AES_Key512BitSize)) + return CRYS_AES_ILLEGAL_KEY_SIZE_ERROR; + cipher_props->cipher_type = DXDI_SYMCIPHER_AES_XTS; + DX_PAL_MemCopy(cipher_props->alg_specific.aes_xts.init_tweak,IVCounter_ptr,CRYS_AES_IV_COUNTER_SIZE_IN_BYTES); + /* CRYS has no information on XTS data unit size. + Setting this field to 0 tells the driver to set + the data_unit_size based on size of first data unit */ + cipher_props->alg_specific.aes_xts.data_unit_size = 0; + break; + default: + return CRYS_AES_INVALID_ENCRYPT_MODE_ERROR; + } + + return CRYS_OK; +} + +/****************************************************************************************************/ + +/************************ Public Functions ******************************/ + + +/****************************************************************************************************/ +/** + * @brief This function is used to initialize the AES machine. + * In order to operate the AES machine the first function that should be + * called is this function. + * + * The actual macros that will be used by the users are: + * + * CRYS_AES_Init - initializing with a key from the user. + * CRYS_AES_InitSecretKey - initializing with the secret key. + * + * The function executes the following major steps: + * + * 1. Validates all of the inputs of the function. If one of the received + * parameters is not valid it shall return an error: + * + * - verifying that the context pointer is not DX_NULL (*ContextID_ptr). + * - verifying the pointer of the IV counter is not DX_NULL + * if one of the modes that is selected are CBC , MAC or CTR. + * - verifying that the pointer to the key buffer is not DX_NULL + * if the secret key is not enabled. + * - verifying the values of the key size is valid ( 0- 2 ). + * - verifying the value of the operation mode is valid ( 0 - 2 ) + * 2. Decrypting the received context to the working context after capturing + * the working context by calling the CRYS_CCM_GetContext() call. + * + * 3. Initializing the working context by the following: + * - loading the keys. + * - loading the IV counters. + * - loading the control field + * - loading the operation mode. + * - loading the DecryptEncrypt flag and the key size. + * - loading the key size. + * 4. Encrypting the information in the working context and storing + * it to the users received context. After then the working context is released. + * This state is operated by calling the CRYS_CCM_EncryptAndReleaseContext call. + * 5. Exit the handler with the OK code. + * + * NOTE: In XCBC and CMAC modes: IVCounter_ptr = DX_NULL, EncryptDecrypt mode = Encrypt. + * The parameters checking in + * these modes is performed accordingly. + * + * @param[in] ContextID_ptr - A pointer to the AES context buffer that is allocated by the user + * and is used for the AES machine operation. + * @param[in] IVCounter_ptr - A buffer containing an initial value: IV, Counter or Tweak according + * to operation mode: + * - on ECB, XCBC, CMAC mode this parameter is not used and may be NULL, + * - on CBC and MAC modes it contains the IV value, + * - on CTR mode it contains the init counter, + * - on XTS mode it contains the initial tweak value - 128-bit consecutive number + * of data unit (in little endian). + * @param[in] Key_ptr - A pointer to the user's key buffer (set to NULL for secret key utilization). + * @param[in] KeySizeID - An enum parameter, defines size of used key (128, 192, 256, 512 bits): + * On XCBC mode allowed 128 bit size only, on XTS - 256 or 512 bit, on other modes <= 256 bit. + * @param[in] EncryptDecryptFlag - A flag specifying whether the AES should perform an Encrypt operation (0) + * or a Decrypt operation (1). In XCBC and CMAC modes it must be Encrypt. + * @param[in] OperationMode - The operation mode: ECB, CBC, MAC, CTR, XCBC (PRF and 96), CMAC. + * + * @return CRYSError_t - On success the value CRYS_OK is returned, and on failure - a value from crys_aes_error.h + */ + +CEXPORT_C CRYSError_t CRYS_AES_Init( CRYS_AESUserContext_t *ContextID_ptr, + CRYS_AES_IvCounter_t IVCounter_ptr, + CRYS_AES_Key_t Key_ptr, + CRYS_AES_KeySize_t KeySizeID, + CRYS_AES_EncryptMode_t EncryptDecryptFlag, + CRYS_AES_OperationMode_t OperationMode) +{ +#ifndef CRYS_NO_AES_SUPPORT + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + CRYSError_t crysRc; + DxUint32_t *contextPtr; + struct dxdi_sym_cipher_props aes_cipher_props = {0}; + struct dxdi_mac_props aes_mac_props = {0}; + + /* FUNCTION LOGIC */ + + /* ............... checking the parameters validity ................... */ + /* -------------------------------------------------------------------- */ + + + + if (OperationMode == CRYS_AES_XTS_mode || + OperationMode == CRYS_AES_ECB_mode || + OperationMode == CRYS_AES_CBC_mode || + OperationMode == CRYS_AES_CTR_mode) { + + crysRc = InitAesParams(ContextID_ptr, + IVCounter_ptr, + Key_ptr, + KeySizeID, + EncryptDecryptFlag, + OperationMode, + (DxUint8_t*)&aes_cipher_props, + &contextPtr); + if (crysRc != CRYS_OK) + return crysRc; + + /* Initialize context for given symmetric cipher configuration*/ + diRc = DxDI_SymCipherInit(contextPtr, + &aes_cipher_props, + &errorInfo); + } else { + crysRc = InitAesParams(ContextID_ptr, + IVCounter_ptr, + Key_ptr, + KeySizeID, + EncryptDecryptFlag, + OperationMode, + (DxUint8_t*)&aes_mac_props, + &contextPtr); + + if (crysRc != CRYS_OK) + return crysRc; + + diRc = DxDI_MacInit(contextPtr, + &aes_mac_props, + &errorInfo); + } + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_AesDiErr2CrysErr); + +#else + return CRYS_AES_IS_NOT_SUPPORTED + +#endif /* !CRYS_NO_AES_SUPPORT */ + +}/* END OF CRYS_AES_Init */ + + +/****************************************************************************************************/ +/** + * @brief This function is used to operate a block of data on the SW or on AES machine. + * This function should be called after the appropriate CRYS AES init function + * (according to used AES operation mode). + * + * The function executes the following major steps: + * + * 1.Checks the validity of all inputs of the function. + * If one of the received parameters is not valid it shall return an error. + * + * The major checkers that are run over the received parameters: + * - verifying that the context pointer is not DX_NULL (*ContextID_ptr). + * - verifying the pointer of the data_in buffer is not DX_NULL. + * - in all modes besides XCBC and CMAC: + * verifying that the pointer to the data_out buffer is not DX_NULL, + * verifying that the DataInSize is not 0 and is a multiple of 16 bytes. + * + * 2.Decrypts the received context to the working context after + * capturing the working context by calling the CRYS_CCM_GetContext() call. + * 3.Executes the AES operation on the software or hardware by calling the + * low level AES function LLF_AES_Block. + * 4.Encrypts the working context and stores it to the users received context. + * Releases the working context by calling the CRYS_CCM_ReleaseContext call. + * 5.Exits the handler with the OK code. + * + * + * @param[in] ContextID_ptr - A pointer to the AES context buffer allocated by the user that + * is used for the AES machine operation. This should be the same context that was + * used on the previous call of this session. + * + * @param[in] DataIn_ptr - A pointer to the buffer of the input data to the AES. The pointer does + * not need to be aligned. + * + * @param[in] DataInSize - A size of the input data must be multiple of 16 bytes and not 0, + * on all modes. Note last chunk (block) of data must be processed by + * CRYS_AES_Finish function and not by CRYS_AES_Block function; + * + * @param[out] DataOut_ptr - A pointer to the buffer of the output data from the AES. The pointer does not + * need to be aligned. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* crys_aes_error.h + * + * + */ +CRYSError_t CRYS_AES_Block( CRYS_AESUserContext_t *ContextID_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr ) +{ +#ifndef CRYS_NO_AES_SUPPORT + + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + DxUint32_t *contextPtr; + + + /* Checking the parameters validity */ + + /* if the users context ID pointer is DX_NULL return an error */ + if (ContextID_ptr == DX_NULL) + return CRYS_AES_INVALID_USER_CONTEXT_POINTER_ERROR; + + /* DO NOT validate data size is a block multiple because XTS allows non block multiples */ + + /* Size zero is not a valid block operation */ + if (DataInSize == 0) + return CRYS_AES_DATA_IN_SIZE_ILLEGAL; + + /* No need to validate buffers overlap, it is already done in the driver */ + + /* Get pointer within the buffer that can accomodate context without + crossing a page */ + contextPtr = DX_GetUserCtxLocation(ContextID_ptr); + + if (contextPtr == 0) + return CRYS_AES_INVALID_USER_CONTEXT_POINTER_ERROR; + + diRc = DxDI_ProcessDataBlock(contextPtr, + DXDI_DATA_TYPE_TEXT, + DataIn_ptr, + DataOut_ptr, + DataInSize, + &errorInfo); + + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_AesDiErr2CrysErr); + +#else + return CRYS_AES_IS_NOT_SUPPORTED +#endif + +}/* END OF _DX_AES_Block */ + + +/****************************************************************************************************/ +/** + * @brief This function is used as finish operation on all AES modes. + * + * The function must be called after AES_Block operations (or instead) for last chunck + * of data with size > 0. + * + * The function performs all operations, including specific operations for last blocks of + * data on some modes (XCBC, CMAC, MAC) and puts out the result. After all operations + * the function cleanes the secure sensitive data from context. + * + * 1. Checks the validation of all of the inputs of the function. + * If one of the received parameters is not valid it shall return an error. + * 2. Decrypts the received context to the working context by calling the + * CRYS_CCM_GetContext function. + * 3. Calls the LLF_AES_Finish function. + * 4. Outputs the result and cleans working context. + * 5. Exits + * + * + * @param[in] ContextID_ptr - A pointer to the AES context buffer allocated by the user that + * should be the same context that was used on the previous call + * of this session. + * @param[in] DataIn_ptr - A pointer to the buffer of the input data to the AES. The pointer does + * not need to be aligned. On CSI input mode the pointer must be equal to + * value (0xFFFFFFFC | DataInAlignment). + * @param[in] DataInSize - A size of the input data must be: DataInSize >= minimalSize, where: + * minimalSize = + * - 1 byte for CTR, XCBC, CMAC mode; + * - 16 bytes for other modes. + * On ECB,CBC and MAC modes the data size must be also a multiple of 16 bytes. + * @param[out] DataOut_ptr - A pointer to the output buffer. The pointer does not need to be aligned. + * On CSI output mode the pointer must be equal to value + * (0xFFFFFFFC | DataOutAlignment). On some modes (MAC,XCBC,CMAC,XTS) + * CSI output is not allowed. Temporarily is not allowed, that both the + * Input and the output are on CSI mode simultaneously. + * The size of the output buffer must be not less than: + * - 16 bytes for MAC, XCBC, CMAC modes; + * - DataInSize for ECB,CBC,CTR,XTS modes. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure - a value defined in crys_aes_error.h. + * + */ + + +CEXPORT_C CRYSError_t CRYS_AES_Finish(CRYS_AESUserContext_t *ContextID_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr ) +{ +#ifndef CRYS_NO_AES_SUPPORT + + /* FUNCTION DECLARATIONS */ + + /* The return error identifier */ + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + DxUint8_t macSize; + DxUint32_t *contextPtr; + + /*----------------------- + FUNCTION LOGIC + ------------------------*/ + + /* ............... checking the parameters validity ................... */ + /* -------------------------------------------------------------------- */ + + /* if the users context ID pointer is DX_NULL return an error */ + if (ContextID_ptr == DX_NULL) + return CRYS_AES_INVALID_USER_CONTEXT_POINTER_ERROR; + + /* No need to validate buffers overlap, it is already done in the driver */ + + /* Get pointer within the buffer that can accomodate context without + crossing a page */ + contextPtr = DX_GetUserCtxLocation(ContextID_ptr); + if (contextPtr == 0) + return CRYS_AES_INVALID_USER_CONTEXT_POINTER_ERROR; + + /* ............. call the CRYS_AES specific functions ................. */ + /* -------------------------------------------------------------------- */ + diRc = DxDI_ProcessLastDataBlock(contextPtr, + DataIn_ptr, + DataOut_ptr, + DataInSize, + DataOut_ptr, + &macSize, + &errorInfo); + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_AesDiErr2CrysErr); + +#else + return CRYS_AES_IS_NOT_SUPPORTED +#endif +}/* END OF CRYS_AES_Finish */ + +/****************************************************************************************************/ +/** + * @brief This function is used to operate the AES machine in one integrated operation. + * + * The actual macros that will be used by the users are: + * + * CRYS_AES_ - Operating the integrated AES with a key from the user. + * + * @param[in,out] IVCounter_ptr - this parameter is the buffer of the IV or counters on mode CTR. + * In ECB mode this parameter has no use. + * In CBC and MAC modes this parameter should containe the IV values. + * in CTR mode this value shuld contain the init counter. + * + * @param[in] Key_ptr - a pointer to the users key buffer. + * + * @param[in] KeySize - The size of the KEY used on the AES : 128 , 196 or 256 bits as defined in the enum. + * + * @param[in] EncryptDecryptFlag - This flag determains if the AES shall perform an Encrypt operation [0] or a + * Decrypt operation [1]. + * + * @param[in] OperationMode - The operation mode : ECB , CBC , MAC or CTR. + * + * @param[in] DataIn_ptr - The pointer to the buffer of the input data to the AES. + * The pointer's value does not need to be word-aligned. + * + * @param[in] DataInSize - Size of the input data in bytes. + * DataInSize must to be > 0 on all modes excluding AES-CMAC. + * In addition: + * - on ECB,CBC,MAC modes - the size is a multiple of 16 bytes; + * - on XTS - the size must be not less than 16 bytes. + * + * @param[in,out] DataOut_ptr - The pointer to the buffer of the output data from the AES. + * The pointer's value does not need to be word-aligned. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* crys_aes_error.h + */ +CEXPORT_C CRYSError_t CRYS_AES( CRYS_AES_IvCounter_t IVCounter_ptr, + CRYS_AES_Key_t Key_ptr, + CRYS_AES_KeySize_t KeySize, + CRYS_AES_EncryptMode_t EncryptDecryptFlag, + CRYS_AES_OperationMode_t OperationMode , + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr ) +{ +#ifndef CRYS_NO_AES_SUPPORT + + /* FUNCTION DECLARATIONS */ + + /* The return error identifier */ + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + CRYSError_t crysRc; + CRYS_AESUserContext_t ContextID; + DxUint32_t *contextPtr; + + struct dxdi_sym_cipher_props aes_cipher_props = {0}; + struct dxdi_mac_props aes_mac_props = {0}; + + /*----------------------- + FUNCTION LOGIC + ------------------------*/ + + /* check, that data size is multiple of 16 bytes on relevant modes */ + if (((DataInSize % CRYS_AES_BLOCK_SIZE_IN_BYTES) != 0) && + ((OperationMode == CRYS_AES_ECB_mode) || + (OperationMode == CRYS_AES_CBC_mode) || + (OperationMode == CRYS_AES_MAC_mode))) { + return CRYS_AES_DATA_IN_SIZE_ILLEGAL; + } + + + /* check the minimum data size according to mode */ + if ((OperationMode == CRYS_AES_XTS_mode) && (DataInSize < 2*CRYS_AES_BLOCK_SIZE_IN_BYTES)) { + return CRYS_AES_DATA_IN_SIZE_ILLEGAL; + } + + /* No need to validate buffers overlap, it is already done in the driver */ + + if (OperationMode == CRYS_AES_XTS_mode || + OperationMode == CRYS_AES_ECB_mode || + OperationMode == CRYS_AES_CBC_mode || + OperationMode == CRYS_AES_CTR_mode) { + crysRc = InitAesParams(&ContextID, + IVCounter_ptr, + Key_ptr, + KeySize, + EncryptDecryptFlag, + OperationMode, + (DxUint8_t*)&aes_cipher_props, + &contextPtr); + + if (crysRc != CRYS_OK) + return crysRc; + + /* Initialize context for given symmetric cipher configuration */ + diRc = DxDI_SymCipherProcess(contextPtr, + &aes_cipher_props, + DataIn_ptr, + DataOut_ptr, + DataInSize, + &errorInfo); + } else { + crysRc = InitAesParams(&ContextID, + IVCounter_ptr, + Key_ptr, + KeySize, + EncryptDecryptFlag, + OperationMode, + (DxUint8_t*)&aes_mac_props, + &contextPtr); + + if (crysRc != CRYS_OK) + return crysRc; + diRc = DxDI_MacProcess(contextPtr, + &aes_mac_props, + DataIn_ptr, + DataInSize, + DataOut_ptr, + &errorInfo); + } + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_AesDiErr2CrysErr); + +#else + return CRYS_AES_IS_NOT_SUPPORTED +#endif +}/* END OF _DX_AES */ + +/************************************************************************** + * CRYS_AES_SetIv function * + **************************************************************************/ +/** + @brief The CRYS_AES_SetIv function puts a new initial vector into + an existing context. + + Inputs: New IV vector + + Outputs: Result + + @param[in/out] ContextID_ptr - A pointer to the AES context buffer that is allocated by the user + and is used for the AES machine operation. + + @return CRYSError_t - CRYS_OK, or error message + CRYS_AES_INVALID_USER_CONTEXT_POINTER_ERROR + +*/ +CIMPORT_C CRYSError_t CRYS_AES_SetIv(CRYS_AESUserContext_t *ContextID_ptr, + DxUint8_t *iv_ptr) +{ + DxDI_RetCode_t diRc; + DxUint32_t *contextPtr = DX_GetUserCtxLocation(ContextID_ptr); + + diRc = DxDI_SetInitialVector(contextPtr, + iv_ptr); + + return DX_CRYS_RETURN_ERROR(diRc, 0, DX_AesDiErr2CrysErr); +} + + + +/************************************************************************** + * CRYS_AES_GetIv function * + **************************************************************************/ +/** + @brief The CRYS_AES_GetIv function retrieves the initial vector from + the context. + + Inputs: IV vector buffer + + Outputs: Result + + @param[in/out] ContextID_ptr - A pointer to the AES context buffer that is allocated by the user + and is used for the AES machine operation. + + @return CRYSError_t - CRYS_OK, or error message + CRYS_AES_INVALID_USER_CONTEXT_POINTER_ERROR + +*/ +CIMPORT_C CRYSError_t CRYS_AES_GetIv(CRYS_AESUserContext_t *ContextID_ptr, + DxUint8_t *iv_ptr) +{ + DxDI_RetCode_t diRc; + DxUint32_t *contextPtr = DX_GetUserCtxLocation(ContextID_ptr); + + diRc = DxDI_GetInitialVector(contextPtr, + iv_ptr); + + return DX_CRYS_RETURN_ERROR(diRc, 0, DX_AesDiErr2CrysErr); +} + + + diff --git a/peripheral/keystore/chaabi/libcc54/crys/crys_aesccm.c b/peripheral/keystore/chaabi/libcc54/crys/crys_aesccm.c new file mode 100644 index 0000000..4c7b971 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/crys/crys_aesccm.c @@ -0,0 +1,586 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#define DX_PAL_LOG_CUR_COMPONENT DX_LOG_MASK_CRYS_API + + +/************* Include Files ****************/ + +#include <stdio.h> +#include <unistd.h> +//#include "error.h" +#include "crys_aesccm_error.h" +#include "crys_aesccm.h" +#include "driver_interface.h" +#include "crys_context_relocation.h" +#include "sep_ctx.h" +#include "dx_pal_mem.h" +#include "dx_bitops.h" + + +/********************* Private functions *******************************/ + +/*! + * Convert from DxDI return code to CRYS return code + * + * \param diRc: Driver Interface returned error. + * \param errorInfo: Additional error information. + * + */ +static CRYSError_t DX_AesCcmDiErr2CrysErr(DxDI_RetCode_t diRc, DxUint32_t errorInfo) +{ + switch (diRc) { + case DXDI_RET_OK: + return CRYS_OK; + case DXDI_RET_ENODEV: + case DXDI_RET_EINTERNAL: + case DXDI_RET_ENOTSUP: + case DXDI_RET_ENOPERM: + case DXDI_RET_EINVAL: + case DXDI_RET_ENORSC: + case DXDI_RET_EHW: + /* DXDI errors are below CRYS_ERROR_BASE - let's reuse... */ + switch (errorInfo) { + case DXDI_ERROR_BAD_CTX: + return CRYS_AESCCM_INVALID_USER_CONTEXT_POINTER_ERROR; + case DXDI_ERROR_UNSUP: + return CRYS_AESCCM_IS_NOT_SUPPORTED; + case DXDI_ERROR_INVAL_DIRECTION: + return CRYS_AESCCM_INVALID_ENCRYPT_MODE_ERROR; + case DXDI_ERROR_INVAL_KEY_SIZE: + return CRYS_AESCCM_ILLEGAL_KEY_SIZE_ERROR; + case DXDI_ERROR_INVAL_DIN_PTR: + return CRYS_AESCCM_DATA_IN_POINTER_INVALID_ERROR; + case DXDI_ERROR_INVAL_DOUT_PTR: + return CRYS_AESCCM_DATA_OUT_POINTER_INVALID_ERROR; + case DXDI_ERROR_INVAL_DATA_SIZE: + return CRYS_AESCCM_DATA_IN_SIZE_ILLEGAL; + case DXDI_ERROR_DIN_DOUT_OVERLAP: + return CRYS_AESCCM_DATA_OUT_DATA_IN_OVERLAP_ERROR; + case DXDI_ERROR_INVAL_NONCE_SIZE: + return CRYS_AESCCM_ILLEGAL_NONCE_SIZE_ERROR; + case DXDI_ERROR_INVAL_TAG_SIZE: + return CRYS_AESCCM_ILLEGAL_TAG_SIZE_ERROR; + case DXDI_ERROR_NO_RESOURCE: + return CRYS_OUT_OF_RESOURCE_ERROR; + case DXDI_ERROR_INTERNAL: + case DXDI_ERROR_FATAL: + default: + return CRYS_FATAL_ERROR; + } + case DXDI_RET_ESEP: + /* Pass through SeP error code */ + return errorInfo; + default: + /* ??? */ + return CRYS_FATAL_ERROR; + } +} + +static CRYSError_t DataPtrValidation(DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr) +{ + if (((DataIn_ptr < DataOut_ptr) && + ((DataIn_ptr + DataInSize) > DataOut_ptr)) || + ((DataOut_ptr < DataIn_ptr) && + ((DataOut_ptr + DataInSize) > DataIn_ptr))) { + return CRYS_AESCCM_DATA_OUT_DATA_IN_OVERLAP_ERROR; + } + + return CRYS_OK; +} + +static CRYSError_t InitAesCcmParams( + CRYS_AESCCM_UserContext_t *ContextID_ptr, + CRYS_AES_EncryptMode_t EncrDecrMode, + CRYS_AESCCM_Key_t CCM_Key, + CRYS_AESCCM_KeySize_t KeySizeId, + DxUint32_t AdataSize, + DxUint32_t TextSize, + DxUint8_t *N_ptr, + DxUint8_t SizeOfN, + DxUint8_t SizeOfT, + struct dxdi_auth_enc_props *AesCcmProps, + DxUint32_t **InternalCnxtPtr) +{ + DxUint32_t realContextSize; + DxUint32_t keySizeInBytes; + DxUint8_t QFieldSize = 15 - SizeOfN; + + /* -------------------------------------------------------------------- */ + /* ............... checking the parameters validity ................... */ + /* -------------------------------------------------------------------- */ + + /* if the users context ID pointer is DX_NULL return an error */ + if( ContextID_ptr == DX_NULL ) + return CRYS_AESCCM_INVALID_USER_CONTEXT_POINTER_ERROR; + + /* Check the Encrypt / Decrypt mode */ + if( EncrDecrMode >= CRYS_AES_EncryptNumOfOptions ) + return CRYS_AESCCM_INVALID_ENCRYPT_MODE_ERROR; + + /* check key pointer */ + if ( CCM_Key == DX_NULL ) { + return CRYS_AESCCM_ILLEGAL_PARAMETER_PTR_ERROR; + } + /* check Nonce pointer */ + if( N_ptr == DX_NULL ) + return CRYS_AESCCM_ILLEGAL_PARAMETER_PTR_ERROR; + + /* check the Q field size: according to our implementation QFieldSize <= 4*/ + if( QFieldSize < 2 || QFieldSize > 8 ) + return CRYS_AESCCM_ILLEGAL_PARAMETER_SIZE_ERROR; + + /* Check that TextSize fits into Q field (i.e., there are enough bits) */ + if ((BITMASK(QFieldSize * 8) & TextSize) != TextSize) + return CRYS_AESCCM_ILLEGAL_PARAMETER_SIZE_ERROR; + + /* check Nonce size. Note: QFieldSize + SizeOfN <= 15 */ + if( SizeOfN < 7 || SizeOfN > 15 - QFieldSize ) + return CRYS_AESCCM_ILLEGAL_PARAMETER_SIZE_ERROR; + + /* check CCM MAC size: [4,6,8,10,12,14,16] */ + if( SizeOfT < 4 || SizeOfT > 16 || (SizeOfT & 1) != 0 ) + return CRYS_AESCCM_ILLEGAL_PARAMETER_SIZE_ERROR; + + /* check Key size ID */ + if( KeySizeId > CRYS_AES_Key256BitSize ) + return CRYS_AESCCM_ILLEGAL_KEY_SIZE_ERROR; + + /* get context size */ + realContextSize = DxDI_GetAuthEncCtxSize(DXDI_AUTHENC_AES_CCM); + if (realContextSize == 0) + return CRYS_AESCCM_USER_CONTEXT_CORRUPTED_ERROR; + + /* Get pointer within the buffer that can accomodate context without + crossing a page */ + *InternalCnxtPtr = DX_InitUserCtxLocation(ContextID_ptr, + sizeof(CRYS_AESCCM_UserContext_t), + realContextSize); + if (*InternalCnxtPtr == 0) + return CRYS_AESCCM_INVALID_USER_CONTEXT_POINTER_ERROR; + + switch (KeySizeId) { + case CRYS_AES_Key128BitSize: + keySizeInBytes = 16; + break; + case CRYS_AES_Key192BitSize: + keySizeInBytes = 24; + break; + case CRYS_AES_Key256BitSize: + keySizeInBytes = 32; + break; + default: + return CRYS_AESCCM_ILLEGAL_KEY_SIZE_ERROR; + } + + /* init user params */ + DX_PAL_MemSetZero(AesCcmProps, sizeof(struct dxdi_auth_enc_props)); + AesCcmProps->direction = (EncrDecrMode == CRYS_AESCCM_Encrypt) ? + DXDI_CDIR_ENC : DXDI_CDIR_DEC; + AesCcmProps->key_size = keySizeInBytes; + DX_PAL_MemCopy(AesCcmProps->key, CCM_Key, keySizeInBytes); + AesCcmProps->ae_type = DXDI_AUTHENC_AES_CCM; + AesCcmProps->adata_size = AdataSize; + AesCcmProps->nonce_size = SizeOfN; + DX_PAL_MemCopy(AesCcmProps->nonce, N_ptr, SizeOfN); + AesCcmProps->tag_size = SizeOfT; + AesCcmProps->text_size = TextSize; + + return CRYS_OK; +} + +/************************ Public Functions ******************************/ + + +/** +* @brief This function transfers the AESCCM_init function parameters from HOST to +* SEP and backwards for operating AESCCM_init. +* +* @param[in] ContextID_ptr - A pointer to the AESCCM context buffer, that is allocated by the user +* and is used for the AESCCM operations. +* @param[in] EncrDecrMode - Enumerator variable defining operation mode (0 - encrypt; 1 - decrypt). +* @param[in] CCM_Key - A buffer, containing the AESCCM key passed by user (predefined size 128 bits). +* @param[in] KeySizeID - An enum parameter, defines size of used key (128, 192, 256). +* @param[in] AdataSize - Full size of additional data in bytes, which must be processed. +* Limitation in our implementation is: AdataSize < 2^32. If Adata is absent, +* then AdataSize = 0. +* @param[in] TextSize - The full size of text data (in bytes), which must be processed by CCM. +* +* @param[in] N_ptr - A pointer to Nonce - unique value assigned to all data passed into CCM. +* Bytes order - big endian form (MSB is the first). +* @param[in] SizeOfN - The size of the user passed Nonce (in bytes). +* It is an element of {7,8,9,10,11,12,13}. +* @param[in] SizeOfT - Size of AESCCM MAC output T in bytes. Valid values: [4,6,8,10,12,14,16]. +* +* +* @return CRYSError_t - On success CRYS_OK is returned, on failure an error according to CRYS_AESCCM_error.h +* +*/ +CEXPORT_C CRYSError_t CRYS_AESCCM_Init( + CRYS_AESCCM_UserContext_t *ContextID_ptr, + CRYS_AES_EncryptMode_t EncrDecrMode, + CRYS_AESCCM_Key_t CCM_Key, + CRYS_AESCCM_KeySize_t KeySizeId, + DxUint32_t AdataSize, + DxUint32_t TextSize, + DxUint8_t *N_ptr, + DxUint8_t SizeOfN, + DxUint8_t SizeOfT ) +{ +#if !(defined CRYS_NO_AESCCM_SUPPORT || defined CRYS_NO_AES_SUPPORT) + + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + CRYSError_t crysRc; + DxUint32_t *contextPtr; + struct dxdi_auth_enc_props aesccm_cipher_props; + + /* check & initialize user params */ + crysRc = InitAesCcmParams(ContextID_ptr, EncrDecrMode, + CCM_Key, KeySizeId, AdataSize, + TextSize, N_ptr, SizeOfN, SizeOfT, + &aesccm_cipher_props, &contextPtr); + if (crysRc != CRYS_OK) + return crysRc; + + /* Initialize context for given symmetric cipher configuration*/ + diRc = DxDI_AuthEncInit(contextPtr, &aesccm_cipher_props, &errorInfo); + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_AesCcmDiErr2CrysErr); + +#else + return CRYS_AESCCM_IS_NOT_SUPPORTED; +#endif /* !CRYS_NO_AESCCM_SUPPORT */ +} + +/** +* @brief This function transfers the CRYS_AESCCM_BlockAdata function parameters from HOST to +* SEP and backwards for operating CRYS_AESCCM_BlockAdata on SEP. +* +* @param[in] ContextID_ptr - A pointer to the AESCCM context buffer allocated by the user that +* is used for the AESCCM machine operation. This should be the same +* context that was used on the previous call of this session. +* @param[in] DataIn_ptr - A pointer to the buffer of the input additional data. +* The pointer does not need to be aligned. +* @param[in] DataInSize - A size of the additional data in bytes. +* +* @return CRYSError_t - On success CRYS_OK is returned, on failure an error according to +* CRYS_AESCCM_error.h +* Restrictions: +* 1. The entire input data MUST pass in a single invocation. +* 2. Size of input data may have any size. +* +*/ +CEXPORT_C CRYSError_t CRYS_AESCCM_BlockAdata( + CRYS_AESCCM_UserContext_t *ContextID_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize) +{ +#if !(defined CRYS_NO_AESCCM_SUPPORT || defined CRYS_NO_AES_SUPPORT) + + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + DxUint32_t *contextPtr; + + /* -------------------------------------------------------------------- */ + /* ............... checking the parameters validity ................... */ + /* -------------------------------------------------------------------- */ + + /* if the users context ID pointer is DX_NULL return an error */ + if( ContextID_ptr == DX_NULL ) + return CRYS_AESCCM_INVALID_USER_CONTEXT_POINTER_ERROR; + + /* if the users Data In pointer is illegal return an error */ + if( DataIn_ptr == DX_NULL ) + return CRYS_AESCCM_DATA_IN_POINTER_INVALID_ERROR; + + /* if the data size is illegal return an error */ + if( DataInSize == 0 ) + return CRYS_AESCCM_DATA_IN_SIZE_ILLEGAL; + + /* Get pointer within the buffer that can accomodate context without + crossing a page */ + contextPtr = DX_GetUserCtxLocation(ContextID_ptr); + if (contextPtr == 0) + return CRYS_AESCCM_INVALID_USER_CONTEXT_POINTER_ERROR; + + diRc = DxDI_ProcessDataBlock(contextPtr, + DXDI_DATA_TYPE_ADATA, + DataIn_ptr, + DX_NULL, + DataInSize, + &errorInfo); + + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_AesCcmDiErr2CrysErr); +#else + return CRYS_AESCCM_IS_NOT_SUPPORTED; +#endif /* !CRYS_NO_AESCCM_SUPPORT */ +} + + +/** +* @brief This function transfers the CRYS_AESCCM_BlockTextData function parameters from HOST to +* SEP and backwards for operating CRYS_AESCCM_BlockTextData on SEP. +* +* @param[in] ContextID_ptr - A pointer to the AESCCM context buffer allocated by the user that +* is used for the AES machine operation. This should be the same +* context that was used on the previous call of this session. +* @param[in] DataIn_ptr - A pointer to the buffer of the input data (plain or cipher text). +* The pointer does not need to be aligned. +* @param[in] DataInSize - A size of the data block in bytes: must be multiple of 16 bytes and not 0. +* The block of data must be not a last block, that means: +* - on Encrypt mode: DataInSize < CCM_Context->RemainTextSize; +* - on Decrypt mode: DataInSize < CCM_Context->RemainTextSize - SizeOfT; +* @param[out] DataOut_ptr - A pointer to the output buffer (cipher or plain text). +* The pointer does not need to be aligned. +* Size of the output buffer must be not less, than DataInSize. +* +* @return CRYSError_t - On success CRYS_OK is returned, on failure a +* value MODULE_* CRYS_AESCCM_error.h +* Notes: +* 1. Overlapping of the in-out buffers is not allowed, excluding the in placement case: +* DataIn_ptr = DataOut_ptr. +*/ +CEXPORT_C CRYSError_t CRYS_AESCCM_BlockTextData( + CRYS_AESCCM_UserContext_t *ContextID_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr ) +{ +#if !(defined CRYS_NO_AESCCM_SUPPORT || defined CRYS_NO_AES_SUPPORT) + + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + CRYSError_t crysRc; + DxUint32_t *contextPtr; + + /* ............... first checking the parameters ...................... */ + /* -------------------------------------------------------------------- */ + + + /* if the users context ID pointer is DX_NULL return an error */ + if( ContextID_ptr == DX_NULL ) + return CRYS_AESCCM_INVALID_USER_CONTEXT_POINTER_ERROR; + + /* if the users Data In pointer is illegal return an error */ + if( DataIn_ptr == DX_NULL ) + return CRYS_AESCCM_DATA_IN_POINTER_INVALID_ERROR; + + /* if the Data In size is 0, return an error */ + if( DataInSize == 0 ) + return CRYS_AESCCM_DATA_IN_SIZE_ILLEGAL; + + /* if the users Data Out pointer is illegal return an error */ + if( DataOut_ptr == DX_NULL ) + return CRYS_AESCCM_DATA_OUT_POINTER_INVALID_ERROR; + + crysRc = DataPtrValidation(DataIn_ptr, DataInSize, DataOut_ptr); + if (crysRc != CRYS_OK) + return crysRc; + + /* Get pointer within the buffer that can accomodate context without + crossing a page */ + contextPtr = DX_GetUserCtxLocation(ContextID_ptr); + + if (contextPtr == 0) + return CRYS_AESCCM_INVALID_USER_CONTEXT_POINTER_ERROR; + + diRc = DxDI_ProcessDataBlock(contextPtr, + DXDI_DATA_TYPE_TEXT, + DataIn_ptr, + DataOut_ptr, + DataInSize, + &errorInfo); + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_AesCcmDiErr2CrysErr); +#else + return CRYS_AESCCM_IS_NOT_SUPPORTED; +#endif /* !CRYS_NO_AESCCM_SUPPORT */ +} + +/** +* @brief This function transfers the CRYS_AESCCM_BlockLastTextData function parameters from HOST to +* SEP and backwards for operating CRYS_AESCCM_BlockLastTextData on SEP. +* +* @param[in] ContextID_ptr - A pointer to the AESCCM context buffer, allocated by the user, +* that is used for the AESCCM operations. This should be the same +* context that was used on the previous call of this session. +* @param[in] DataIn_ptr - A pointer to the buffer of the input data (plain or cipher text). +* The pointer does not need to be aligned. +* @param[in] DataInSize - A size of the data block in bytes. The size must be equal to remaining +* size value, saved in the context. +* @param[in] DataOut_ptr - A pointer to the output buffer (cipher or plain text). If +* user passes DataInSize 0 bytes the DataOut_ptr may be equal to NULL. +* The pointer does not need to be aligned. +* @param[in] MacRes - A pointer to the Mac buffer. +* @param[out] SizeOfT - size of MAC in bytes as defined in CRYS_AESCCM_Init function. +* +* @return CRYSError_t - On success CRYS_OK is returned, on failure a +* value MODULE_* CRYS_AESCCM_error.h +* Notes: +* 1. Overlapping of the in-out buffers is not allowed, excluding the in placement case: +* DataIn_ptr = DataOut_ptr. +*/ +CEXPORT_C CRYSError_t CRYS_AESCCM_Finish(CRYS_AESCCM_UserContext_t *ContextID_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr, + CRYS_AESCCM_Mac_Res_t MacRes, + DxUint8_t *SizeOfT) +{ + +#if !(defined CRYS_NO_AESCCM_SUPPORT || defined CRYS_NO_AES_SUPPORT) + + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + CRYSError_t crysRc; + DxUint32_t *contextPtr; + + /* -------------------------------------------------------------------- */ + /* ............... checking the parameters validity ................... */ + /* -------------------------------------------------------------------- */ + + /* if the users context ID pointer is DX_NULL return an error */ + if( ContextID_ptr == DX_NULL ) + return CRYS_AESCCM_INVALID_USER_CONTEXT_POINTER_ERROR; + + /* if the users Data In pointer is illegal return an error */ + if( DataIn_ptr == DX_NULL && DataInSize != 0) + return CRYS_AESCCM_DATA_IN_POINTER_INVALID_ERROR; + + /* if the users Data Out pointer is illegal return an error */ + if( DataOut_ptr == DX_NULL && DataInSize != 0) + return CRYS_AESCCM_DATA_OUT_POINTER_INVALID_ERROR; + + + /* ............... checking the parameters validity ................... */ + /* -------------------------------------------------------------------- */ + + /* if the users context ID pointer is DX_NULL return an error */ + if (ContextID_ptr == DX_NULL) + return CRYS_AESCCM_INVALID_USER_CONTEXT_POINTER_ERROR; + + /* check overlapping pointers */ + crysRc = DataPtrValidation(DataIn_ptr, DataInSize, DataOut_ptr); + if (crysRc != CRYS_OK) + return crysRc; + + /* Get pointer within the buffer that can accomodate context without + crossing a page */ + contextPtr = DX_GetUserCtxLocation(ContextID_ptr); + if (contextPtr == 0) + return CRYS_AESCCM_INVALID_USER_CONTEXT_POINTER_ERROR; + + /* ............. call the CRYS_AES specific functions ................. */ + /* -------------------------------------------------------------------- */ + diRc = DxDI_ProcessLastDataBlock(contextPtr, + DataIn_ptr, + DataOut_ptr, + DataInSize, + MacRes, + SizeOfT, + &errorInfo); + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_AesCcmDiErr2CrysErr); +#else + return CRYS_AESCCM_IS_NOT_SUPPORTED; +#endif /* !CRYS_NO_AESCCM_SUPPORT */ +} + +/** + * @brief This function is used to perform the AES_CCM operation in one integrated process. + * + * The function preforms CCM algorithm according to NIST 800-38C by call the CRYS_CCM + * Init, Block and Finish functions. + * + * The input-output parameters of the function are the following: + * + * @param[in] EncrDecrMode - Enumerator variable defining operation mode (0 - encrypt; 1 - decrypt). + * @param[in] CCM_Key - A buffer, containing the AESCCM key passed by user (predefined size 128 bits). + * @param[in] KeySizeId - An ID of AESCCM key size (according to 128, 192, or 256 bits size). + * @param[in] N_ptr - A pointer to Nonce - unique value assigned to all data passed into CCM. + * Bytes order - big endian form (MSB is the first). + * @param[in] SizeOfN - The size of the user passed Nonce (in bytes). + * It is an element of {7,8,9,10,11,12,13}. + * @param[in] ADataIn_ptr - A pointer to the additional data buffer. The pointer does + * not need to be aligned. + * @param[in] ADataInSize - The size of the additional data in bytes; + * @param[in] TextDataIn_ptr - A pointer to the input text data buffer (plain or cipher according to + * encrypt-decrypt mode). The pointer does not need to be aligned. + * @param[in] TextDataInSize - The size of the input text data in bytes: + * - on encrypt mode: (2^32 - SizeOfT) > DataInSize >= 0; + * - on Decrypt mode: 2^32 > DataInSize >= SizeOfT (SizeOfT from context). + * @param[out] TextDataOut_ptr - The output text data pointer (cipher or plain text data). + * + * @param[in] SizeOfT - Size of AES-CCM MAC output T in bytes. Valid values: [4,6,8,10,12,14,16]. + * + * @param[in/out] Mac_Res - AES-CCM MAC input/output . + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a value defined in CRYS_AESCCM_error.h + * + */ +CIMPORT_C CRYSError_t CRYS_AESCCM( + CRYS_AES_EncryptMode_t EncrDecrMode, + CRYS_AESCCM_Key_t CCM_Key, + CRYS_AESCCM_KeySize_t KeySizeId, + DxUint8_t *N_ptr, + DxUint8_t SizeOfN, + DxUint8_t *ADataIn_ptr, + DxUint32_t ADataInSize, + DxUint8_t *TextDataIn_ptr, + DxUint32_t TextDataInSize, + DxUint8_t *TextDataOut_ptr, + DxUint8_t SizeOfT, + CRYS_AESCCM_Mac_Res_t MacRes) +{ +#if !(defined CRYS_NO_AESCCM_SUPPORT || defined CRYS_NO_AES_SUPPORT) + /* The return error identifier */ + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + CRYSError_t crysRc; + CRYS_AESCCM_UserContext_t ContextID; + DxUint32_t *contextPtr; + struct dxdi_auth_enc_props aesccm_cipher_props; + + + /* check overlapping data pointers */ + crysRc = DataPtrValidation(TextDataIn_ptr, + TextDataInSize, + TextDataOut_ptr); + if (crysRc != CRYS_OK) + return crysRc; + + /* check & initialize user params */ + crysRc = InitAesCcmParams(&ContextID, EncrDecrMode, + CCM_Key, KeySizeId, ADataInSize, + TextDataInSize, N_ptr, SizeOfN, SizeOfT, + &aesccm_cipher_props, &contextPtr); + if (crysRc != CRYS_OK) + return crysRc; + + /* Get pointer within the buffer that can accomodate context without + crossing a page */ + contextPtr = DX_GetUserCtxLocation(&ContextID); + if (contextPtr == 0) + return CRYS_AESCCM_INVALID_USER_CONTEXT_POINTER_ERROR; + + diRc = DxDI_AuthEncProcess(contextPtr, + &aesccm_cipher_props, + ADataIn_ptr, + TextDataIn_ptr, + TextDataOut_ptr, + MacRes, + &errorInfo); + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_AesCcmDiErr2CrysErr); +#else + return CRYS_AESCCM_IS_NOT_SUPPORTED; +#endif /* !CRYS_NO_AES_SUPPORT || !CRYS_NO_AESCCM_SUPPORT */ +} + diff --git a/peripheral/keystore/chaabi/libcc54/crys/crys_callback.c b/peripheral/keystore/chaabi/libcc54/crys/crys_callback.c new file mode 100644 index 0000000..14a4ef5 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/crys/crys_callback.c @@ -0,0 +1,156 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#define DX_PAL_LOG_CUR_COMPONENT DX_LOG_MASK_CRYS_API + + /* + * Object %name : % + * State : %state% + * Creation date : Wed Nov 17 17:25:55 2004 + * Last modified : %modify_time% + */ + /** @file + * \brief A brief description of this module + * + * \version CRYS_AES.c#1:csrc:6 + * \author adams + */ + + + +/************* Include Files ****************/ + +/* .............. CRYS level includes ................. */ + +#include "DX_VOS_Mem.h" +#include "DX_VOS_Memmap.h" +#include "DX_VOS_Sem.h" +#include "error.h" +#include "crys_aes_error.h" +#include "crys_aes.h" +#include "CRYS_COMMON.h" +#include "CRYS_EXT_IF_OTF.h" +#include "SEPDriver.h" +#include "csi_host_op_code.h" +#include "gen.h" +/************************ Defines ******************************/ + + + +/************************ MACROS ******************************/ + + + +/************************ Global Data ******************************/ + + +/************* Private function prototype ****************/ + +/****************************************************************************************************/ +/** + * @brief This function is called by the SEP driver for CRYS callbacks + */ +CRYSError_t CRYS_CALLBACK_Handler() +{ + /* offset */ + DxUint32_t sramOffset; + + /* The return error identifier */ + CRYSError_t Error; + + /* message param */ + DxUint32_t messageParam[2]; + + /* CSI status */ + DxUint32_t CSI_Status; + + /* data size */ + DxUint32_t dataSize; + + /*---------------------- + CODE + -----------------------*/ + + /* new message arrived - parse it */ + + /* start the message */ + Error = SEPDriver_StartIncomingMessage(&sramOffset); + if(Error != DX_OK && Error != DX_FAILED_CRC_IN_MESSAGE_ERR) + { + return; + } + + /* read opcode */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam, + sizeof(DxUint32_t), + sizeof(DxUint32_t), + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + return; + } + + + switch(messageParam[0]) + { + case DX_SEP_OP_CODE_CSI_START_OPERATION: + + /* read data size */ + SEPDriver_ReadParamater((DxUint32_t)&dataSize, + sizeof(DxUint32_t), + sizeof(DxUint32_t), + &sramOffset , + DX_FALSE); + + /* call CSI operation */ + CSI_StartOperation(dataSize); + break; + + case DX_SEP_OP_CODE_CSI_START_OUTPUT_OPERATION: + + /* read data size */ + SEPDriver_ReadParamater((DxUint32_t)&dataSize, + sizeof(DxUint32_t), + sizeof(DxUint32_t), + &sramOffset , + DX_FALSE); + + /* call CSI operation */ + CSI_StartOutputOperation(dataSize); + break; + + case DX_SEP_OP_CODE_CSI_GET_STATUS: + do + { + CSI_GetStatus( &CSI_Status ); + }while( CSI_Status != CSI_DONE); + break; + + default: + break; + } + + /* write the response back */ + SEPDriver_StartMessage(&sramOffset); + + /************************************************************************/ + /* Send message */ + /************************************************************************/ + + SEPDriver_WriteParamater((DxUint32_t)messageParam, + sizeof(DxUint32_t), + sizeof(DxUint32_t), + &sramOffset , + DX_FALSE); + + + /************************************************************************/ + /* End message (signal the SEP) */ + /************************************************************************/ + SEPDriver_EndReplyMessage(sramOffset); +} + diff --git a/peripheral/keystore/chaabi/libcc54/crys/crys_cmla_schemes.c b/peripheral/keystore/chaabi/libcc54/crys/crys_cmla_schemes.c new file mode 100644 index 0000000..167ecca --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/crys/crys_cmla_schemes.c @@ -0,0 +1,1107 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#define DX_PAL_LOG_CUR_COMPONENT DX_LOG_MASK_CRYS_API + + /* + * Object %CRYS_SMLA_SCHEMES.c : % + * State : %state% + * Creation date : Wed Aug 23 2006 + * Last modified : %modify_time% + */ + /** @file + * \brief This module contains the routines performing SMLA schemes operations. + * + * This module implements algorithms of SMLA_KDF - key derivation, + * CMLA Key Wrap and Unwrap Schemes, CMLA RSA Encryption and Decryption Schemes. + * as they are described in "CMLA Technical Specification. Version: v1.0-05-12-21. + * + * This material also contains confidential information which may not be disclosed + * to others without the prior written consent of CMLA, LLC. + * + * \version CRYS_SMLA_SCHEMES.c#1:csrc:1 + * \author R.Levin. + */ + + + +/************* Include Files ****************/ + +/* .............. CRYS level includes ................. */ + +#include "DX_VOS_Mem.h" +#include "crys_aes.h" +#include "crys_aes_error.h" +#include "CRYS_CMLA.h" +#include "error.h" +#include "crys_host_op_code.h" +#include "SEPDriver.h" + +/************************ Defines *************************************/ + +/************************ Enums ***************************************/ + +/************************ Typedefs ************************************/ + +/************************ Global Data *********************************/ + + +/************* Private function prototype *****************************/ + + +/************************ Public Functions ****************************/ + + +/******************************************************************************************** + * CRYS_CMLA_KDF function * + ********************************************************************************************/ +/** + @brief CMLA Key Derivation Function produce the Key Encrypting Key according to + CMLA v1.0-051221. + + CRYS_CMLA_KDF operates on an octet string of length 128. + The input splits in two blocks of equal length. A constant value is concatenated + to the first block. Then SHA-1 is applied to the preceding result. The result + and two integers derived from the second block are used in a modulus calculation + to produce the Key Encrypting Key. The output shall be 16 bytes. + + Input: x - Seed value, an octet string of length 128. + Output: KEK - Key Encryption Key, an octet string of length 16. + + Steps: + 1. Let x = x0 || x1, where each xi consists of 64 bytes octet for i=0,1. + 2. Let C=(0x)00 00 00 01 (4 bytes). + 3. Compute Y = SHA-1(x0|| C) (160 bits). + 4. Let A be the first 32 bytes and B be the last 32 bytes of x1, respectively . + 5. Regarding Y, A, and B as integers, derive key encryption key KEK taking + the least significant 128 bits of A*Y+B mod p, where p = 2^192-2^64-1. + 6. Output KEK. + + @param[in] SeedX - Seed value, an octet string of length 128. + @param[out] KEK - Key Encryption Key, an octet string of length 16. + @param[in] TempBuff - Temporary buffer of length 46*(32-bits words). + + @return CRYSError_t - CRYS_OK, + CRYS_CMLA_KDF_INVALID_SEED_PTR_ERROR + CRYS_CMLA_KDF_INVALID_KEK_PTR_ERROR + CRYS_CMLA_KDF_INVALID_TEMP_BUFF_PTR_ERROR + +*/ +CEXPORT_C CRYSError_t CRYS_CMLA_KDF( CRYS_CMLA_SEED_t SeedX, /*in*/ + CRYS_CMLA_KEK_t KEK, /*out*/ + CRYS_CMLA_KDF_TEMP_t TempBuff /*in*/ ) +{ + + /* the return error identifier */ + CRYSError_t Error; + + /* offset */ + DxUint32_t sramOffset; + + /* read parameter */ + DxUint32_t messageParam[2]; + + /* max length */ + DxUint32_t maxLength; + + /*--------------------------------- + CODE + ---------------------------------*/ + + #if( !( defined(CRYS_NO_HASH_SUPPORT) || defined(CRYS_NO_PKI_SUPPORT) || \ + defined(CRYS_NO_CMLA_SUPPORT) || defined(CRYS_NO_AES_SUPPORT) ) ) + + Error = CRYS_OK; + + /****************** Check input parameters *********************/ + + if( SeedX == DX_NULL) + { + Error = CRYS_CMLA_KDF_INVALID_SEED_PTR_ERROR; + goto end_function; + } + + if( KEK == DX_NULL) + { + Error = CRYS_CMLA_KDF_INVALID_KEK_PTR_ERROR; + goto end_function; + } + + if( TempBuff == DX_NULL) + { + Error = CRYS_CMLA_KDF_INVALID_TEMP_BUFF_PTR_ERROR; + goto end_function; + } + + /* lock access to the SEP */ + Error = SEPDriver_Lock(); + + if(Error != DX_OK) + { + goto end_function; + } + + + /*---------------------------- + start sending message to SEP + -----------------------------*/ + sramOffset = 0; + + /* start the message */ + SEPDriver_StartMessage(&sramOffset); + + /* prepare params */ + messageParam[0] = DX_SEP_HOST_SEP_PROTOCOL_HOST_CMLA_KDF_OP_CODE; + + /* send params */ + Error = SEPDriver_WriteParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t), + sizeof(DxUint32_t), + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* send seedX */ + maxLength = ((sizeof(CRYS_CMLA_SEED_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_WriteParamater((DxUint32_t)SeedX , + sizeof(CRYS_CMLA_SEED_t), + maxLength, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + SEPDriver_EndMessage(sramOffset); + + /* wait for the response */ + Error = SEPDriver_POLL_FOR_REPONSE(); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /*------------------- + start reading message from the SEP + ---------------------*/ + + /* start the message */ + Error = SEPDriver_StartIncomingMessage(&sramOffset); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* read opcode + status */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* check the opcode */ + if(messageParam[0] != DX_SEP_HOST_SEP_PROTOCOL_HOST_CMLA_KDF_OP_CODE) + { + Error = DX_WRONG_OPCODE_FROM_SEP_ERR; + goto end_function_unlock; + } + + /* check the status */ + if(messageParam[1] != CRYS_OK) + { + Error = messageParam[1]; + goto end_function_unlock; + } + + /* read the kek */ + maxLength = ((sizeof(CRYS_CMLA_KEK_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_ReadParamater((DxUint32_t)KEK, + sizeof(CRYS_CMLA_KEK_t), + maxLength, + &sramOffset, + DX_TRUE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* ...................... end of function ................................ */ + +end_function_unlock: + + /* lock access to the SEP */ + SEPDriver_Unlock(); + + +end_function: + + return Error; + + #endif /* CRYS_CMLA SUPPRTED */ + +} /* End of CRYS_CMLA_KDF */ + + +/******************************************************************************************** + * CRYS_CMLA_Wrap function * + ********************************************************************************************/ +/** + @brief The CRYS_CMLA_Wrap primitive composing CRYS AES Key Wrap Algorithm + and CMLA_DDT_Perm according to CMLA algorithm CMLA v1.0-051221. + + Input: KEK - Key Encryption Key, an octet string of length 16 bytes + Key - Key to be wrapped, an octet string of length 32 bytes + Output: WrapKey - An octet string of length 40 bytes. + + Steps: + 1. Let Key = K0 || K1, where each Ki consists of 16 bytes octet + for i = 0,1. + 2. Apply _DX_CMLA_DDT_Perm to the first 8 bytes of Ki, keeping + the rest of Ki unchanged, to produce 16-byte octet string ki + for i=0,1. + 3. Let k = k0 || k1. + 4. Compute CRYS_AES_Wrap (KEK, k) to produce an octet + string WrapKey of 40 bytes. + 5. Output WrapKey. + + @param[in] KEK - Key Encryption Key, an octet string of length 16 bytes. + @param[in] Key - Plain key, an octet string of length 32 bytes. + @param[out] WrapKey - Wrapped Key, an octet string of length 40 bytes. + + @return CRYSError_t - CRYS_OK, + CRYS_CMLA_WRAP_ILLEGAL_KEK_PTR_ERROR + CRYS_CMLA_WRAP_ILLEGAL_KEY_PTR_ERROR + CRYS_CMLA_WRAP_ILLEGAL_WRAPPED_KEY_PTR_ERROR + +*/ +CEXPORT_C CRYSError_t CRYS_CMLA_Wrap(CRYS_CMLA_KEK_t KEK, /*in*/ + CRYS_CMLA_UNWRAPPED_KEY_t Key, /*in*/ + CRYS_CMLA_WRAPPED_KEY_t WrapKey /*out*/ ) +{ + /* The return error identifier */ + CRYSError_t Error; + + /* offset */ + DxUint32_t sramOffset; + + /* read parameter */ + DxUint32_t messageParam[2+(CRYS_CMLA_WRAPPED_KEY_SIZE_IN_BYTES/4)]; /*12 words*/ + + /* max length */ + DxUint32_t maxLength; + + /*------------------------------- + CODE + ----------------------------------*/ + + #if( !(defined(CRYS_NO_HASH_SUPPORT) || defined(CRYS_NO_PKI_SUPPORT) || \ + defined(CRYS_NO_CMLA_SUPPORT) || defined(CRYS_NO_AES_SUPPORT) )) + + + Error = CRYS_OK; + + /****************** Check input parameters *******************/ + + if( KEK == DX_NULL) + { + Error = CRYS_CMLA_WRAP_ILLEGAL_KEK_PTR_ERROR; + goto end_function; + } + + if( Key == DX_NULL) + { + Error = CRYS_CMLA_WRAP_ILLEGAL_KEY_PTR_ERROR; + goto end_function; + } + + if( WrapKey == DX_NULL) + { + Error = CRYS_CMLA_WRAP_ILLEGAL_WRAPPED_KEY_PTR_ERROR; + goto end_function; + } + + /* lock access to the SEP */ + Error = SEPDriver_Lock(); + + if(Error != DX_OK) + { + goto end_function; + } + + /*---------------------------- + start sending message to SEP + -----------------------------*/ + sramOffset = 0; + + /* start the message */ + SEPDriver_StartMessage(&sramOffset); + + /* prepare params */ + messageParam[0] = DX_SEP_HOST_SEP_PROTOCOL_HOST_CMLA_WRAP_OP_CODE; + + /* send params */ + Error = SEPDriver_WriteParamater( + (DxUint32_t)messageParam , + sizeof(DxUint32_t), + sizeof(DxUint32_t), + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* send kek */ + maxLength = ((sizeof(CRYS_CMLA_KEK_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + DX_VOS_FastMemCpy( messageParam, KEK, sizeof(CRYS_CMLA_KEK_t) ); + Error = SEPDriver_WriteParamater( + (DxUint32_t)messageParam, + sizeof(CRYS_CMLA_KEK_t), + maxLength, + &sramOffset , + DX_TRUE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* send unwrap key */ + maxLength = ((sizeof(CRYS_CMLA_UNWRAPPED_KEY_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + DX_VOS_FastMemCpy( messageParam, Key, sizeof(CRYS_CMLA_UNWRAPPED_KEY_t) ); + Error = SEPDriver_WriteParamater( + (DxUint32_t)messageParam , + sizeof(CRYS_CMLA_UNWRAPPED_KEY_t), + maxLength, + &sramOffset , + DX_TRUE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + SEPDriver_EndMessage(sramOffset); + + /* wait for the response */ + Error = SEPDriver_POLL_FOR_REPONSE(); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /*------------------- + start reading message from the SEP + ---------------------*/ + + /* start the message */ + Error = SEPDriver_StartIncomingMessage(&sramOffset); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* read opcode + status */ + Error = SEPDriver_ReadParamater( + (DxUint32_t)messageParam , + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* check the opcode */ + if(messageParam[0] != DX_SEP_HOST_SEP_PROTOCOL_HOST_CMLA_WRAP_OP_CODE) + { + Error = DX_WRONG_OPCODE_FROM_SEP_ERR; + goto end_function_unlock; + } + + /* check the status */ + if(messageParam[1] != CRYS_OK) + { + Error = messageParam[1]; + goto end_function_unlock; + } + + /* read the wrapped key */ + maxLength = ((sizeof(CRYS_CMLA_WRAPPED_KEY_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_ReadParamater( + (DxUint32_t)messageParam , + sizeof(CRYS_CMLA_WRAPPED_KEY_t), + maxLength, + &sramOffset, + DX_TRUE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* copy data into output */ + DX_VOS_FastMemCpy( WrapKey, messageParam, sizeof(CRYS_CMLA_WRAPPED_KEY_t) ); + + /* ...................... end of function ................................ */ + +end_function_unlock: + + /* lock access to the SEP */ + SEPDriver_Unlock(); + + +end_function: + + return Error; + + #endif /* CRYS_CMLA supported */ + +} /* End of CRYS_CMLA_Wrap */ + + +/******************************************************************************************** + * CRYS_CMLA_Unwrap function * + ********************************************************************************************/ +/** + @brief The CRYS_CMLA_Unwrap() function performs inverse CRYS_CMLA_Wrap transformation + and implements the following algorithm [CMLA v1.0-051221]: + + Input: KEK - Key Encryption Key, an octet string of length 16 + KWrap - key to be unwrapped, an octet string of length 40 + + Output: K - Unwrapped key an octet string of length 32. + + Steps: + 1. Compute CRYS_AES_Unwrap(KEK, KWrap) to produce an octet string K of length 32 octets. + 2. Let K = K0 || K1, where each Ki consists of 16 bytes for i = 0,1. + 3. Apply CRYS_CMLA_DDT_PermInv to the first 8 bytes of Ki, keeping the rest of Ki unchanged, to produce 16-byte octet string Ki for i = 0,1. + 4. Let K = K0 || K1. + 5. Output K. + + @param[in] KEK - Key Encryption Key, an octet string of length 16 bytes. + @param[in] WrapKey - Wrapped key (Kwrap), an octet string of length 40 bytes. + @param[out] Key - Unwrapped key (K), an octet string of length 32 bytes. + + @return CRYSError_t - CRYS_OK, + CRYS_CMLA_WRAP_ILLEGAL_KEK_PTR_ERROR + CRYS_CMLA_WRAP_ILLEGAL_KEY_PTR_ERROR + CRYS_CMLA_WRAP_ILLEGAL_WRAPPED_KEY_PTR_ERROR + +*/ +CEXPORT_C CRYSError_t CRYS_CMLA_Unwrap(CRYS_CMLA_KEK_t KEK, /*in*/ + CRYS_CMLA_WRAPPED_KEY_t WrapKey, /*in*/ + CRYS_CMLA_UNWRAPPED_KEY_t Key /*out*/ ) +{ + + /* The return error identifier */ + CRYSError_t Error; + + /* offset */ + DxUint32_t sramOffset; + + /* read parameter */ + DxUint32_t messageParam[2]; + + /* max length */ + DxUint32_t maxLength; + + /*------------------------------ + CODE + --------------------------------*/ + #if( !( defined(CRYS_NO_HASH_SUPPORT) || defined(CRYS_NO_PKI_SUPPORT) || \ + defined(CRYS_NO_CMLA_SUPPORT) || defined(CRYS_NO_AES_SUPPORT) ) ) + + /****************** Check input parameters *******************/ + + Error = CRYS_OK; + + if( KEK == DX_NULL) + { + Error = CRYS_CMLA_UNWRAP_ILLEGAL_KEK_PTR_ERROR; + goto end_function; + } + + if( Key == DX_NULL) + { + Error = CRYS_CMLA_UNWRAP_ILLEGAL_KEY_PTR_ERROR; + goto end_function; + } + + if( WrapKey == DX_NULL) + { + Error = CRYS_CMLA_UNWRAP_ILLEGAL_WRAPPED_KEY_PTR_ERROR; + goto end_function; + } + + /* lock access to the SEP */ + Error = SEPDriver_Lock(); + + if(Error != DX_OK) + { + goto end_function; + } + + /*---------------------------- + start sending message to SEP + -----------------------------*/ + sramOffset = 0; + + /* start the message */ + SEPDriver_StartMessage(&sramOffset); + + /*prepare params */ + messageParam[0] = DX_SEP_HOST_SEP_PROTOCOL_HOST_CMLA_UNWRAP_OP_CODE; + + /* send params */ + Error = SEPDriver_WriteParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t), + sizeof(DxUint32_t), + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* send kek */ + maxLength = ((sizeof(CRYS_CMLA_KEK_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_WriteParamater((DxUint32_t)KEK , + sizeof(CRYS_CMLA_KEK_t) , + maxLength, + &sramOffset , + DX_TRUE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* send wrapped key */ + maxLength = ((sizeof(CRYS_CMLA_WRAPPED_KEY_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_WriteParamater((DxUint32_t)WrapKey , + sizeof(CRYS_CMLA_WRAPPED_KEY_t) , + maxLength, + &sramOffset , + DX_TRUE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + SEPDriver_EndMessage(sramOffset); + + /* wait for the response */ + Error = SEPDriver_POLL_FOR_REPONSE(); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /*------------------- + start reading message from the SEP + ---------------------*/ + + /* start the message */ + Error = SEPDriver_StartIncomingMessage(&sramOffset); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* read opcode + status */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* check the opcode */ + if(messageParam[0] != DX_SEP_HOST_SEP_PROTOCOL_HOST_CMLA_UNWRAP_OP_CODE) + { + Error = DX_WRONG_OPCODE_FROM_SEP_ERR; + goto end_function_unlock; + } + + /* check the status */ + if(messageParam[1] != CRYS_OK) + { + Error = messageParam[1]; + goto end_function_unlock; + } + + /* read the key */ + maxLength = ((sizeof(CRYS_CMLA_UNWRAPPED_KEY_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_ReadParamater((DxUint32_t)Key, + sizeof(CRYS_CMLA_UNWRAPPED_KEY_t), + maxLength, + &sramOffset, + DX_TRUE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* ...................... end of function ................................ */ + +end_function_unlock: + + /* lock access to the SEP */ + SEPDriver_Unlock(); + + +end_function: + + return Error; + + #endif /* if CRYS_CMLA not supported */ + +} /* End of CRYS_CMLA_Unwrap */ + + +/************************************************************************** + * CRYS_CMLA_RSA_Encrypt function * + **************************************************************************/ +/** + @brief The CRYS_CMLA_RSA_Encrypt primitive implements the following algorithm + [CMLA v1.0-051221]:: + + Input: PubKey - Device's RSA public key, + M - Message to be encrypted, an octet string of length 128 bytes. + Output: C - Cipher text, an octet string of length 128. + + Steps: + 1. Let M = M0 || M1, where each Mi consists of 64 bytes octet for i = 0,1. + 2. Apply CRYS_CMLA_DDT_Exp to the first 3 bytes of Mi, keeping the rest of Mi + unchanged, to produce octet string mi for i = 0,1. + 3. Let m = m0 || m1. + 4. If the integer representative of m is not strictly less than the RSA modulus, + output "integer too long" and stop. + 5. Encrypt m under device public key PubKey with CRYS_RSA_PRIM_Encrypt to produce + the octet string C of length 128: C = RSA_Encrypt (pubKey, m). + 6. Output C. + + @param[in] PublKey - A pointer to to structure containing user RSA Public Key. + @param[in] Message - A pointer to message of length 128 bytes. + @param[out] EncrMessage - A pointer to output encrypted message of length 128 bytes. + @param[in] TempBuf - A pointer to structure containing temp buffers for CRYS_CMLA_RSA operation + + @return CRYSError_t - CRYS_OK, or error message + CRYS_CMLA_IS_NOT_SUPPORTED + CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_PUB_KEY_PTR_ERROR + CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_MESSAGE_PTR_ERROR + CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_ENCR_MESSAGE_PTR_ERROR + CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_TEMP_BUFF_PTR_ERROR + CRYS_CMLA_RSA_ENCRYPT_MESSAGE_INTEGER_TOO_LONG_ERROR + +*/ +CEXPORT_C CRYSError_t CRYS_CMLA_RSA_Encrypt(CRYS_RSAUserPubKey_t* UserPublKey_ptr, /*in*/ + CRYS_CMLA_RSA_MESSAGE_t Message, /*in*/ + CRYS_CMLA_RSA_MESSAGE_t EncrMessage, /*out*/ + CRYS_CMLA_RSA_TempBuff_t* TempBuff_ptr /*in */) +{ + /* The return error identifier */ + CRYSError_t Error; + + /* offset */ + DxUint32_t sramOffset; + + /* read parameter */ + DxUint32_t messageParam[2]; + + /* max length */ + DxUint32_t maxLength; + + + #if( !(defined(CRYS_NO_HASH_SUPPORT) || defined(CRYS_NO_PKI_SUPPORT) || \ + defined(CRYS_NO_CMLA_SUPPORT) || defined(CRYS_NO_AES_SUPPORT) ) ) + + + /*---------------------------- + CODE + -------------------------------*/ + + Error = CRYS_OK; + + /****************** Check input parameters *******************/ + + if( UserPublKey_ptr == DX_NULL) + { + Error = CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_PUB_KEY_PTR_ERROR; + goto end_function; + } + + if( Message == DX_NULL) + { + Error = CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_MESSAGE_PTR_ERROR; + goto end_function; + } + + if( EncrMessage == DX_NULL) + { + Error = CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_ENCR_MESSAGE_PTR_ERROR; + goto end_function; + } + + if( TempBuff_ptr == DX_NULL) + { + Error = CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_TEMP_BUFF_PTR_ERROR; + goto end_function; + } + + /* lock access to the SEP */ + Error = SEPDriver_Lock(); + + if(Error != DX_OK) + { + goto end_function; + } + + /*---------------------------- + start sending message to SEP + -----------------------------*/ + sramOffset = 0; + + /* start the message */ + SEPDriver_StartMessage(&sramOffset); + + /* prepare params */ + messageParam[0] = DX_SEP_HOST_SEP_PROTOCOL_HOST_CMLA_RSA_ENCRYPT_OP_CODE; + + /* send params */ + Error = SEPDriver_WriteParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t), + sizeof(DxUint32_t), + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* send message */ + maxLength = ((sizeof(CRYS_CMLA_RSA_MESSAGE_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_WriteParamater((DxUint32_t)Message , + sizeof(CRYS_CMLA_RSA_MESSAGE_t) , + maxLength, + &sramOffset , + DX_TRUE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* send public key */ + maxLength = ((sizeof(CRYS_RSAUserPubKey_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_WriteParamater((DxUint32_t)UserPublKey_ptr , + sizeof(CRYS_RSAUserPubKey_t) , + maxLength, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + SEPDriver_EndMessage(sramOffset); + + /* wait for the response */ + Error = SEPDriver_POLL_FOR_REPONSE(); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /*------------------- + start reading message from the SEP + ---------------------*/ + + /* start the message */ + Error = SEPDriver_StartIncomingMessage(&sramOffset); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* read opcode + status */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* check the opcode */ + if(messageParam[0] != DX_SEP_HOST_SEP_PROTOCOL_HOST_CMLA_RSA_ENCRYPT_OP_CODE) + { + Error = DX_WRONG_OPCODE_FROM_SEP_ERR; + goto end_function_unlock; + } + + /* check the status */ + if(messageParam[1] != CRYS_OK) + { + Error = messageParam[1]; + goto end_function_unlock; + } + + /* read the encrypted message */ + maxLength = ((sizeof(CRYS_CMLA_RSA_MESSAGE_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_ReadParamater((DxUint32_t)EncrMessage, + sizeof(CRYS_CMLA_RSA_MESSAGE_t), + maxLength, + &sramOffset, + DX_TRUE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* ...................... end of function ................................ */ + +end_function_unlock: + + /* lock access to the SEP */ + SEPDriver_Unlock(); + + +end_function: + + return Error; + + #endif /* if CRYS_CMLA not supported */ + +} /* End of CRYS_CMLA_RSA_Encrypt */ + + +/************************************************************************** + * CRYS_CMLA_RSA_Decrypt function * + **************************************************************************/ +/** + @brief The CRYS_CMLA_RSA_Decrypt primitive implements the following algorithm + [CMLA v1.0-051221]: + + Input: PrivKey - Device's RSA private key, + C - Cipher text, an octet string of length 128. + Output: M - Encrypted message, an octet string of length 128. + Steps: + 1. Decrypt C under device private key PrivKey with CRYS_RSA_PRIM_Decrypt + to produce the octet string m of length 128: + m = RSA.DECRYPT (PrivKey, C). + + 2. Let m = m0 || m1, where each mi consists of 64 bytes octet for i = 0,1. + 3. Apply CRYS_CMLA_DDT_ExpInv to the first 3 bytes of mi, keeping the + rest of mi unchanged, to produce octet string Mi for i = 0,1. + 4. Let M = M0 || M1. + 5. Output M - message plain text. + + @param[in] PrivKey - A pointer to to structure containing user RSA Private Key. + @param[in] EncrMessage - A pointer to input encrypted message of length 128 bytes. + @param[out] Message - A pointer to output decrypted message of length 128 bytes. + @param[in] TempBuf - A pointer to structure containing temp buffers for CRYS_CMLA_RSA + operation. + + @return CRYSError_t - CRYS_OK, or error message + CRYS_CMLA_IS_NOT_SUPPORTED + CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_PRIV_KEY_PTR_ERROR + CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_MESSAGE_PTR_ERROR + CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_ENCR_MESSAGE_PTR_ERROR + CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_TEMP_BUFF_PTR_ERROR +*/ +CEXPORT_C CRYSError_t CRYS_CMLA_RSA_Decrypt(CRYS_RSAUserPrivKey_t* UserPrivKey_ptr, /*in*/ + CRYS_CMLA_RSA_MESSAGE_t EncrMessage, /*in*/ + CRYS_CMLA_RSA_MESSAGE_t Message, /*out*/ + CRYS_CMLA_RSA_TempBuff_t* TempBuff_ptr /*in */) +{ + /* The return error identifier */ + CRYSError_t Error; + + /* offset */ + DxUint32_t sramOffset; + + /* read parameter */ + DxUint32_t messageParam[2]; + + /* max length */ + DxUint32_t maxLength; + + #if( !(defined(CRYS_NO_HASH_SUPPORT) || defined(CRYS_NO_PKI_SUPPORT) || \ + defined(CRYS_NO_CMLA_SUPPORT) || defined(CRYS_NO_AES_SUPPORT) )) + + /*------------------------------------- + CODE + ---------------------------------*/ + + Error = CRYS_OK; + + /****************** Check input parameters *******************/ + + if( UserPrivKey_ptr == DX_NULL) + { + Error = CRYS_CMLA_RSA_DECRYPT_ILLEGAL_PRIV_KEY_PTR_ERROR; + goto end_function; + } + + if( Message == DX_NULL) + { + Error = CRYS_CMLA_RSA_DECRYPT_ILLEGAL_ENCR_MESSAGE_PTR_ERROR; + goto end_function; + } + + if( EncrMessage == DX_NULL) + { + Error = CRYS_CMLA_RSA_DECRYPT_ILLEGAL_DECR_MESSAGE_PTR_ERROR; + goto end_function; + } + + if( TempBuff_ptr == DX_NULL) + { + Error = CRYS_CMLA_RSA_DECRYPT_ILLEGAL_TEMP_BUFF_PTR_ERROR; + goto end_function; + } + + + /* lock access to the SEP */ + Error = SEPDriver_Lock(); + + if(Error != DX_OK) + { + goto end_function; + } + + /*---------------------------- + start sending message to SEP + -----------------------------*/ + sramOffset = 0; + + /* start the message */ + SEPDriver_StartMessage(&sramOffset); + + /* prepare params */ + messageParam[0] = DX_SEP_HOST_SEP_PROTOCOL_HOST_CMLA_RSA_DECRYPT_OP_CODE; + + /* send params */ + Error = SEPDriver_WriteParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t), + sizeof(DxUint32_t), + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* send message */ + maxLength = ((sizeof(CRYS_CMLA_RSA_MESSAGE_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_WriteParamater((DxUint32_t)EncrMessage , + sizeof(CRYS_CMLA_RSA_MESSAGE_t) , + maxLength, + &sramOffset , + DX_TRUE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* send private key */ + maxLength = ((sizeof(CRYS_RSAUserPrivKey_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_WriteParamater((DxUint32_t)UserPrivKey_ptr , + sizeof(CRYS_RSAUserPrivKey_t) , + maxLength, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + SEPDriver_EndMessage(sramOffset); + + /* wait for the response */ + Error = SEPDriver_POLL_FOR_REPONSE(); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /*------------------- + start reading message from the SEP + ---------------------*/ + + /* start the message */ + Error = SEPDriver_StartIncomingMessage(&sramOffset); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* read opcode + status */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* check the opcode */ + if(messageParam[0] != DX_SEP_HOST_SEP_PROTOCOL_HOST_CMLA_RSA_DECRYPT_OP_CODE) + { + Error = DX_WRONG_OPCODE_FROM_SEP_ERR; + goto end_function_unlock; + } + + /* check the status */ + if(messageParam[1] != CRYS_OK) + { + Error = messageParam[1]; + goto end_function_unlock; + } + + /* read the decrypted message */ + maxLength = ((sizeof(CRYS_CMLA_RSA_MESSAGE_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_ReadParamater((DxUint32_t)Message, + sizeof(CRYS_CMLA_RSA_MESSAGE_t), + maxLength, + &sramOffset, + DX_TRUE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* ...................... end of function ................................ */ + +end_function_unlock: + + /* lock access to the SEP */ + SEPDriver_Unlock(); + + +end_function: + + return Error; + + #endif /* if CRYS_CMLA not supported */ + +} /* End of CRYS_CMLA_RSA_Decrypt */ + + + diff --git a/peripheral/keystore/chaabi/libcc54/crys/crys_combined.c b/peripheral/keystore/chaabi/libcc54/crys/crys_combined.c new file mode 100644 index 0000000..1f4acd3 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/crys/crys_combined.c @@ -0,0 +1,501 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#define DX_PAL_LOG_CUR_COMPONENT DX_LOG_MASK_CRYS_API + +/** @file + * \brief This file contains functions that are used for the + * CRYS combined and tunneling modes operations processing on SEP + * controlled by the HOST. + * + */ + +/************* Include Files ****************/ + +/* .............. CRYS level includes ................. */ + +#include "dx_pal_types.h" +#include "dx_pal_mem.h" +#include "crys_combined_error.h" +#include "crys_combined.h" +#include "driver_interface.h" +#include "crys_context_relocation.h" +#include "sep_ctx.h" +//#include "error.h" + + +/************* Private functions prototypes ****************/ + +/*! + * Convert from DxDI return code to CRYS return code + * + * \param diRc: Driver Interface returned error. + * \param errorInfo: Additional error information. + * + */ +static CRYSError_t DX_CombinedDiErr2CrysErr(DxDI_RetCode_t diRc, DxUint32_t errorInfo) +{ + switch (diRc) { + case DXDI_RET_ENODEV: + case DXDI_RET_EINTERNAL: + case DXDI_RET_ENOTSUP: + case DXDI_RET_ENOPERM: + case DXDI_RET_EINVAL: + case DXDI_RET_ENORSC: + case DXDI_RET_EHW: + /* DXDI errors are below CRYS_ERROR_BASE - let's reuse... */ + switch (errorInfo) { + case DXDI_ERROR_UNSUP: + return CRYS_COMBINED_IS_NOT_SUPPORTED; + case DXDI_ERROR_INVAL_MODE: + return CRYS_COMBINED_ILLEGAL_OPERATION_MODE_ERROR; + case DXDI_ERROR_INVAL_DIRECTION: + return CRYS_COMBINED_ILLEGAL_PARAMS_ERROR; + case DXDI_ERROR_INVAL_KEY_SIZE: + return CRYS_COMBINED_ILLEGAL_PARAMS_ERROR; + case DXDI_ERROR_INVAL_DIN_PTR: + return CRYS_COMBINED_DATA_IN_POINTER_INVALID_ERROR; + case DXDI_ERROR_INVAL_DOUT_PTR: + return CRYS_COMBINED_DATA_OUT_POINTER_INVALID_ERROR; + case DXDI_ERROR_INVAL_DATA_SIZE: + return CRYS_COMBINED_DATA_IN_SIZE_ILLEGAL; + case DXDI_ERROR_DIN_DOUT_OVERLAP: + return CRYS_COMBINED_DATA_OUT_DATA_IN_OVERLAP_ERROR; + case DXDI_ERROR_NO_RESOURCE: + return CRYS_OUT_OF_RESOURCE_ERROR; + case DXDI_ERROR_INTERNAL: + case DXDI_ERROR_FATAL: + default: + return CRYS_FATAL_ERROR; + } + case DXDI_RET_ESEP: + /* Pass through SeP error code */ + return errorInfo; + default: + /* ??? */ + return CRYS_FATAL_ERROR; + } +} + +static CRYSError_t DataPtrValidation(DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr) +{ + /* check that there is no overlapping between the data input and data output buffers, + except the inplace case that is legal */ + if (DataIn_ptr != DataOut_ptr) { + /* checking the case that the input buffer is in a higher address than the output buffer */ + if (DataIn_ptr > DataOut_ptr) { + if (DataOut_ptr + DataInSize > DataIn_ptr) + return CRYS_COMBINED_DATA_OUT_DATA_IN_OVERLAP_ERROR; + } + + /* checking the case that the output buffer is in a higher address than the input buffer */ + else { + if (DataIn_ptr + DataInSize > DataOut_ptr) + return CRYS_COMBINED_DATA_OUT_DATA_IN_OVERLAP_ERROR; + } + } + + return CRYS_OK; +} + + +/*! + * This function feeds in the combined configuration scheme into the driver + * interface data entity as user requested. It also retains each given context + * in a non crossing page. + * + * \param pConfig The user configuration scheme. + * \param props The driver interface data entity. + * + * \return CRYSError_t On success the value CRYS_OK is returned, + * and on failure - a value from crys_combined_error.h + */ +static CRYSError_t BoxConfigScheme( + CrysCombinedConfig_t *pConfig, + struct dxdi_combined_props *props) +{ + int cfgNode; + + /* clear the dxdi data structure */ + memset(props, 0, sizeof(struct dxdi_combined_props)); + + for (cfgNode = 0; cfgNode < CRYS_COMBINED_MAX_NODES; cfgNode++) { + DxUint32_t *contextPtr = NULL; + + /* Get pointer within the buffer that can accomodate context without + crossing a page */ + if (pConfig->node[cfgNode].pContext != NULL) { + contextPtr = DX_GetUserCtxLocation(pConfig->node[cfgNode].pContext); + if (contextPtr == NULL) { + return CRYS_COMBINED_INVALID_USER_SUB_CONTEXT_POINTER_ERROR; + } + } + /* set the context pointer into the dxdi properties */ + props->node_props[cfgNode].context = contextPtr; + /* set the engine input into the dxdi properties */ + props->node_props[cfgNode].eng_input = pConfig->node[cfgNode].engineSrc; + } + + return CRYS_OK; +} + +/*************************** Public Functions ***************************/ + +/*! + * Clears the configuration nodes. + * + * \param pConfig A pointer to the configuration scheme array + */ +CIMPORT_C void CrysCombinedConfigInit(CrysCombinedConfig_t *pConfig) +{ + DX_PAL_MemSetZero(pConfig, sizeof(CrysCombinedConfig_t)); +} + +/************************************************************************/ +/*! + * This function is used to initilize the combined (tunneling) operations. + * + * The function initializes user's combined mode configuration structure, + * used during current process sequence (Init-Block-Finish). + * + * Before processing the combined mode and calling this function the user must + * initialize all needed sub operations contexts (AES, AES-MAC, HASH) included into + * this combined operation and perform the following: + * + * - allocate combined mode configuration structure of type CrysCombinedConfig_t; + * The structure containing MAX_NUM_NODES (see define) nodes of type CrysCombinedNodeConfig_t, + * each of them contains pointer to sub operation context and input data source + * indication according to DMA data flow in configuration, as follows: + * { {pCtxt1; src1;}, {pCtxt2; src2}, .... {NULL; srcForDout} }, where: + * - pCtxtX - pointer to context of current sub operation X or NULL for indication + * of DOUT (DMA output) or end node in the configuration; + * - srcX is number of previous engine (sub operation), which output is used + * as input to engine (or DOUT) X; + * - allocate CRYS contexts for each sub operation (AES...HASH) included into + * combined configuration - maximum count of operations is MAX_NUM_NODES-1 (one node - for + * DMA autput or indication of end of the configuration); + * - call appropriate CRYS Init functions for each sub operation (CRYS_AES_Init or + * CRYS_HASH_Init) according to combined mode and given operations parameters; + * - initialize (clean) the configuration structure by calling macro CrysCombinedConfigInit(); + * - set all needed configuration nodes by calling macro CrysCombinedConfigSet() for each sub + * operation involved into combined mode; the input source indication for each engine + * should be set according to engines order defined by the user in the configuration + * structure. + * - set indication of ending (last) node and DMA output source by calling the same macro + * CrysCombinedConfigSet() with appropriate input parameters: + * - context pointer ctxPtrX = NULL; + * - indication (type: CrysCombinedEngineSource_e) of engine, which output + * should be transferred to DMA DOUT; if DMA output is not used there, + * then srcX = INPUT_NULL; + * + * Then the user may call this function to initialize the allocated combined + * user context. + * + * + * \param pConfig A pointer to the Configuration Nodes array (NodesConfig). + * This array represents the user combined scheme. + * + * \return CIMPORT_C CRYSError_t On success the value CRYS_OK is returned, + * and on failure - a value from crys_combined_error.h + */ +CEXPORT_C CRYSError_t CRYS_Combined_Init(CrysCombinedConfig_t *pConfig) +{ + +#ifndef CRYS_NO_COMBINED_SUPPORT + + DxDI_RetCode_t diRc; + CRYSError_t crysRc; + DxUint32_t errorInfo; + struct dxdi_combined_props props; + + if(pConfig == DX_NULL) { + return CRYS_COMBINED_INVALID_NODES_CONFIG_POINTER_ERROR; + } + + /* accomodate configuration scheme in dxdi entity */ + crysRc = BoxConfigScheme(pConfig, &props); + if (crysRc != CRYS_OK) + return crysRc; + + diRc = DxDI_CombinedInit(&props, &errorInfo); + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_CombinedDiErr2CrysErr); +#else + return CRYS_COMBINED_IS_NOT_SUPPORTED; + +#endif /* !CRYS_NO_COMBINED_SUPPORT */ +} + + +/***************************************************************************/ +/*! + * This function is used to process block of data in the combined (tunneling) mode. + * + * \param pConfig A pointer to the Configuration Nodes array. + * This array represents the user combined scheme. + * \param cipherOffset Relevant in cases where the authenticated data resides in + * a different offset from the cipher data. + * Note: currently an error returned for any value other than zero. + * \param pDataIn A pointer to a block of input data ready for processing. + * \param dataInSize The size of the input data. + * \param pDataOut A pointer to output data. Could be the same as input data + * pointer (for inplace operations) or NULL if there is + * only authentication for output. + * + * \return CIMPORT_C CRYSError_t On success the value CRYS_OK is returned, + * and on failure - a value from crys_combined_error.h + */ +CEXPORT_C CRYSError_t CRYS_Combined_Process( + CrysCombinedConfig_t *pConfig, + DxUint32_t cipherOffset, + DxUint8_t *pDataIn, + DxUint32_t dataInSize, + DxUint8_t *pDataOut) +{ +#ifndef CRYS_NO_COMBINED_SUPPORT + + struct dxdi_combined_props props; + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + CRYSError_t crysRc; + + /* check the users Configuration structure pointer */ + if (pConfig == DX_NULL) { + return CRYS_COMBINED_INVALID_NODES_CONFIG_POINTER_ERROR; + } + if (pDataIn == DX_NULL) { + return CRYS_COMBINED_DATA_IN_POINTER_INVALID_ERROR; + } + if (cipherOffset != 0) { + return CRYS_COMBINED_CIPHER_OFFSET_ILLEGAL; + } + /* validate data size */ + if (dataInSize == 0) { + return CRYS_COMBINED_DATA_IN_SIZE_ILLEGAL; + } + /* if DMA output is needed then validate buffers overflow */ + if (pDataOut != DX_NULL) { + crysRc = DataPtrValidation(pDataIn, + dataInSize, + pDataOut); + if (crysRc != CRYS_OK) { + return crysRc; + } + } + + /* accomodate configuration scheme in dxdi entity */ + crysRc = BoxConfigScheme(pConfig, &props); + if (crysRc != CRYS_OK) + return crysRc; + + diRc = DxDI_CombinedProcessDblk( + &props, + pDataIn, + dataInSize, + pDataOut, + &errorInfo); + + /* check errors */ + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_CombinedDiErr2CrysErr); +#else + return CRYS_COMBINED_IS_NOT_SUPPORTED; +#endif +} + + +/***************************************************************************/ +/*! + * This function is used to finish the combined or tunneling operations + * It releases all used contexts (including sub operation ones). + * + * \param pConfig A pointer to the Configuration Nodes array. + * This array represents the user given sequence of combined operations. + * \param cipherOffset Relevant in cases where the authenticated data resides in + * a different offset from the cipher data. + * Note: currently an error returned for any value other than zero. + * \param pDataIn A pointer on a block of input data ready for processing. + * \param dataInSize The size of the input data. + * \param pDataOut A pointer to output data. Could be the same as input data pointer + * (for inplace operations) or NULL if there is only + * authentication result for output. + * \param pAuthData A pointer to authentication or digest result output. + * \param pAuthDataSize A pointer to size of user given output buffer [in] + * and actual size [out] of authentication or digest result . + * + * \return CIMPORT_C CRYSError_t On success the value CRYS_OK is returned, + * and on failure - a value from crys_combined_error.h + */ +CEXPORT_C CRYSError_t CRYS_Combined_Finish( + CrysCombinedConfig_t *pConfig, + DxUint32_t cipherOffset, + DxUint8_t *pDataIn, + DxUint32_t dataInSize, + DxUint8_t *pDataOut, + DxUint8_t *pAuthData, + DxUint32_t *pAuthDataSize) +{ +#ifndef CRYS_NO_CONBINED_SUPPORT + + struct dxdi_combined_props props; + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + CRYSError_t crysRc; + DxUint32_t actualAuthDataSize; + + /* check the users Configuration structure pointer */ + if (pConfig == DX_NULL) { + return CRYS_COMBINED_INVALID_NODES_CONFIG_POINTER_ERROR; + } + if (cipherOffset != 0) { + return CRYS_COMBINED_CIPHER_OFFSET_ILLEGAL; + } + /* if dataInSize > 0 then validate buffers overflow */ + if ((dataInSize > 0) && (pDataOut != DX_NULL)) { + crysRc = DataPtrValidation(pDataIn, + dataInSize, + pDataOut); + if (crysRc != CRYS_OK) { + return crysRc; + } + } + + /* accomodate configuration scheme in dxdi entity */ + crysRc = BoxConfigScheme(pConfig, &props); + if (crysRc != CRYS_OK) + return crysRc; + + actualAuthDataSize = *pAuthDataSize; + + diRc = DxDI_CombinedFinalize( + &props, + pDataIn, + dataInSize, + pDataOut, + pAuthData, + &actualAuthDataSize, + &errorInfo); + + /* check errors */ + crysRc = DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_CombinedDiErr2CrysErr); + + if (crysRc != CRYS_OK) + goto End; + + /* check the size of the buffer for authentication data and set its actual size */ + if (pAuthData != DX_NULL){ + if (*pAuthDataSize < actualAuthDataSize) { + *pAuthDataSize = actualAuthDataSize; + crysRc = CRYS_COMBINED_DATA_AUTH_BUFFER_SIZE_INVALID_ERROR; + } else { + *pAuthDataSize = actualAuthDataSize; + } + } + +End: + return crysRc; +#else + return CRYS_COMBINED_IS_NOT_SUPPORTED; +#endif +} + +/***************************************************************************/ +/*! + * This function is used to perform the combined or tunneling operations with + * one function call. + * + * \param pConfig A pointer to the Configuration Nodes array. + * This array represents the user given combined operation. + * \param cipherOffset Relevant in cases where the authenticated data resides in + * a different offset from the cipher data. + * Note: currently an error returned for any value other than zero. + * \param pDataIn A pointer on a block of input data ready for processing. + * \param dataInSize The size of the input data. + * \param pDataOut A pointer to output data. Could be the same as input data pointer + * (for inplace operations) or NULL if there is only + * authentication result for output. + * \param pAuthData A pointer to authentication or digest result output. + * \param pAuthDataSize A pointer to size of user given output buffer [in] + * and actual size [out] of authentication or digest result . + * + * \return CIMPORT_C CRYSError_t On success the value CRYS_OK is returned, + * and on failure - a value from crys_combined_error.h + */ +CEXPORT_C CRYSError_t CRYS_Combined( + CrysCombinedConfig_t *pConfig, + DxUint32_t cipherOffset, + DxUint8_t *pDataIn, + DxUint32_t dataInSize, + DxUint8_t *pDataOut, + DxUint8_t *pAuthData, + DxUint32_t *pAuthDataSize) +{ +#ifndef CRYS_NO_CONBINED_SUPPORT + struct dxdi_combined_props props; + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + CRYSError_t crysRc; + DxUint32_t actualAuthDataSize; + + /* check the users Configuration structure pointer */ + if (pConfig == DX_NULL) { + return CRYS_COMBINED_INVALID_NODES_CONFIG_POINTER_ERROR; + } + if ((pDataIn == DX_NULL) && (dataInSize > 0)) { + return CRYS_COMBINED_DATA_IN_POINTER_INVALID_ERROR; + } + if (cipherOffset != 0) { + return CRYS_COMBINED_CIPHER_OFFSET_ILLEGAL; + } + /* if dataInSize > 0 then validate buffers overflow */ + if (pDataOut != DX_NULL) { + crysRc = DataPtrValidation(pDataIn, + dataInSize, + pDataOut); + if (crysRc != CRYS_OK) { + return crysRc; + } + } + + /* accomodate configuration scheme in dxdi entity */ + crysRc = BoxConfigScheme(pConfig, &props); + if (crysRc != CRYS_OK) + return crysRc; + + actualAuthDataSize = *pAuthDataSize; + + diRc = DxDI_Combined( + &props, + pDataIn, + dataInSize, + pDataOut, + pAuthData, + &actualAuthDataSize, + &errorInfo); + + /* check errors */ + crysRc = DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_CombinedDiErr2CrysErr); + if (crysRc != CRYS_OK) { + goto End; + } + + /* check size of the buffer for authentication data and set its actual size */ + if (pAuthData != DX_NULL) { + if (*pAuthDataSize < actualAuthDataSize) { + *pAuthDataSize = actualAuthDataSize; + crysRc = CRYS_COMBINED_DATA_AUTH_BUFFER_SIZE_INVALID_ERROR; + } else { + *pAuthDataSize = actualAuthDataSize; + } + } +End: + return crysRc; +#else + return CRYS_COMBINED_IS_NOT_SUPPORTED; +#endif +} + diff --git a/peripheral/keystore/chaabi/libcc54/crys/crys_common.c b/peripheral/keystore/chaabi/libcc54/crys/crys_common.c new file mode 100644 index 0000000..494c826 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/crys/crys_common.c @@ -0,0 +1,43 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#define DX_PAL_LOG_CUR_COMPONENT DX_LOG_MASK_CRYS_API + +/***************************************************************************** + \file CRYS_common.c * + CRYS infrastructure functions common to all the modules (on host) * +*****************************************************************************/ +#include "driver_interface.h" +#include "crys_error.h" + +/*! + * Convert from DxDI return code to CRYS return code + * + * \param diRc + * \param sepRetCode + */ +CRYSError_t DX_DiErr2CrysErr(DxDI_RetCode_t diRc, DxUint32_t sepRetCode) +{ + switch (diRc) { + case DXDI_RET_OK: + return CRYS_OK; + case DXDI_RET_ENODEV: + case DXDI_RET_EINTERNAL: + case DXDI_RET_ENOTSUP: + case DXDI_RET_ENOPERM: + case DXDI_RET_EINVAL: + case DXDI_RET_ENORSC: + case DXDI_RET_EHW: + + return diRc; + case DXDI_RET_ESEP: + /* Pass through SeP/CRYS error code */ + return sepRetCode; + default: + /* ??? */ + return diRc; + } +} diff --git a/peripheral/keystore/chaabi/libcc54/crys/crys_context_relocation.c b/peripheral/keystore/chaabi/libcc54/crys/crys_context_relocation.c new file mode 100644 index 0000000..87a4a16 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/crys/crys_context_relocation.c @@ -0,0 +1,177 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#define DX_PAL_LOG_CUR_COMPONENT DX_LOG_MASK_CRYS_API + +/*! \file CRYS_context_relocation.c + * Handle relocation of crypto context in the context buffer given + * by the user to assure it does not cross a page boundary + */ +#include <stdio.h> +#include <string.h> +#include "crys_context_relocation.h" + +/* Assume standard 4KB page size */ +#define PAGE_SHIFT 12 +#define PAGE_SIZE (1<<PAGE_SHIFT) +#define PAGE_MASK (~(PAGE_SIZE-1)) +/* "natural" 4B alignment */ +#define CONTEXT_ALIGNMENT_SHIFT 2 +#define CONTEXT_ALIGNMENT_SIZE (1<<CONTEXT_ALIGNMENT_SHIFT) +#define CONTEXT_ALIGNMENT_MASK (~((1<<CONTEXT_ALIGNMENT_SHIFT) - 1)) +#define CONTEXT_ALIGN(addr) \ + (((unsigned long)(addr)+CONTEXT_ALIGNMENT_SIZE-1) & CONTEXT_ALIGNMENT_MASK) + +#define IS_BUF_CROSS_PAGE(start, size) \ + (((unsigned long)(start) >> PAGE_SHIFT) < (((unsigned long)(start) + (size) - 1) >> PAGE_SHIFT)) + +/* Context buffer properties */ +/* this data is always saved at the original start of user context buffer */ +typedef struct { + unsigned long bufSize; /* Original user buffer size in bytes */ + unsigned long ctxSize; /* Contained context actual size in bytes */ + unsigned long ctxOffset;/* Byte offset of the contained context */ +} CRYS_CtxBufProps_t; + +/*! + * Find a good offset in given buffer to accomodate given context size + * without crossing a page boundary + * Note: this function does not take into account the "bufProps" data + * that we locate in the buffer's start, so it should get + * bufferStart at the location that follows that data. + * + * \param bufferStart The pointer to the context buffer given by the user + * (offseted to accomodate the bufProps data) + * \param bufferSize The total size of pointed buffer + * \param contextSize The size of a context to place in the buffer + * + * \return Offset of the context in the given buffer + */ +static unsigned long GetNonCrossingOffset(unsigned long bufferStart, + unsigned long bufferSize, + unsigned long contextSize) +{ + const unsigned long bufStartNextPage = + (bufferStart + PAGE_SIZE) & PAGE_MASK; + const unsigned long bufEndPage = + (bufferStart + bufferSize - 1) & PAGE_MASK; + unsigned long goodLocation; + + if (bufStartNextPage > bufEndPage) { + /* Buffer does not cross a page */ + /* Just assure alignment of buffer start */ + goodLocation = CONTEXT_ALIGN(bufferStart); + } else if (bufStartNextPage == bufEndPage) { + /* Buffer crosses one page boundary */ + /* Return part that can accomodate context */ + goodLocation = CONTEXT_ALIGN(bufferStart); + if ((bufStartNextPage - goodLocation) < contextSize) { + /* First part is too small, pick the start of the second page */ + goodLocation = bufEndPage; /* Page is always aligned... */ + } + } else { + /* Buffer crosses two page boundaries */ + /* Pick the start of the full page in the middle */ + goodLocation = bufStartNextPage; + } + +#ifdef DEBUG + printf("GetNonCrossingOffset: start=0x%08lX buf_size=%lu ctx_size=%lu ==> offset=0x%lX\n", + bufferStart, bufferSize, contextSize, + goodLocation - bufferStart); +#endif + + return goodLocation - bufferStart; +} + +/*! + * Initialize the context offset for a new buffer given to INIT phase + * + * \param bufferStart The address of the context buffer given by the user + * \param bufferSize The size of the user buffer in bytes + * \param contextSize The required size (in bytes) of the context + * + * \return The address of the context within the buffer + */ +void *DX_InitUserCtxLocation(void *bufferStart, + unsigned long bufferSize, + unsigned long contextSize) +{ + /* Buffer must accomodate the BufProps and 2*contextSize to + assure at least contextSize bytes are not crossing page boundary */ + const unsigned long requested_buf_size = + sizeof(CRYS_CtxBufProps_t) + 2*contextSize; + unsigned long contextOffset; + void *contextStart; + CRYS_CtxBufProps_t *bufProps = (CRYS_CtxBufProps_t *)bufferStart; + /* Buffer properties are save at reserved space at buffer's start */ + + /* Verify given sizes validity*/ + if ((contextSize > PAGE_SIZE) || (bufferSize < requested_buf_size)) { +#ifdef DEBUG + fprintf(stderr, "DX_InitUserCtxLocation: Given buffer size (%lu B) " + "is too small for required context size (%lu B) - " + "must be at least %lu B\n", + bufferSize, contextSize, requested_buf_size); +#endif + return NULL; + } + + /* Get good location (starting from buffer_ptr + sizeof(void*))*/ + contextOffset = GetNonCrossingOffset((unsigned long)bufferStart + + sizeof(CRYS_CtxBufProps_t), + bufferSize, contextSize); + /* The actual offset is after the CRYS_CtxBufProps_t structure */ + contextOffset += sizeof(CRYS_CtxBufProps_t); + /* Save buffer properties */ + bufProps->bufSize = bufferSize; + bufProps->ctxSize = contextSize; + bufProps->ctxOffset = contextOffset; + + contextStart = (void*)((unsigned long)bufferStart + contextOffset); + return contextStart; +} + +/*! + * Return the context address in the given buffer + * If previous context offset is now crossing a page the context data + * would be moved to a good location. + * + * \param bufferStart The address of the context buffer given by the user + * + * \return The address of the context within the buffer + */ +void *DX_GetUserCtxLocation(void *bufferStart) +{ + /* Calculate current context location based on offset in buffer props */ + CRYS_CtxBufProps_t *bufProps = (CRYS_CtxBufProps_t *)bufferStart; + void *curContextLocation = (void *) + ((unsigned long)bufferStart + bufProps->ctxOffset); + unsigned long newContextOffset; + void *newContextLocation; + + /* Verify current location */ + if (!IS_BUF_CROSS_PAGE(curContextLocation, bufProps->ctxSize)) { + /* If context does not cross page boundary - keep it where it is */ + return curContextLocation; + } + + /* If current location crosses a page boundary, find a new location */ + newContextOffset = GetNonCrossingOffset( + (unsigned long)bufferStart + sizeof(CRYS_CtxBufProps_t), + bufProps->bufSize, bufProps->ctxSize); + /* The actual offset is after the bufProps structure */ + newContextOffset += sizeof(CRYS_CtxBufProps_t); + newContextLocation = (void*)((unsigned long)bufferStart + newContextOffset); + + /* memmove context from original location to new location */ + memmove(newContextLocation, curContextLocation, bufProps->ctxSize); + /* update new location in start of buffer */ + bufProps->ctxOffset = newContextOffset; + + return newContextLocation; +} + diff --git a/peripheral/keystore/chaabi/libcc54/crys/crys_context_relocation.h b/peripheral/keystore/chaabi/libcc54/crys/crys_context_relocation.h new file mode 100644 index 0000000..7150ef1 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/crys/crys_context_relocation.h @@ -0,0 +1,39 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/*! \file crys_context_relocation.h + * Handle relocation of crypto context in the context buffer given + * by the user to assure it does not cross a page boundary + */ + +#ifndef _CRYS_CONTEXT_RELOCATION_H_ +#define _CRYS_CONTEXT_RELOCATION_H_ + +/*! + * Initialize the context offset for a new buffer given to INIT phase + * + * \param bufferStart The address of the context buffer given by the user + * \param bufferSize The size of the user buffer in bytes + * \param contextSize The required size (in bytes) of the context + * + * \return The address of the context within the buffer + */ +void *DX_InitUserCtxLocation(void *bufferStart, + unsigned long bufferSize, + unsigned long contextSize); + +/*! + * Return the context address in the given buffer + * If previous context offset is now crossing a page the context data + * would be moved to a good location. + * + * \param bufferStart The address of the context buffer given by the user + * + * \return The address of the context within the buffer + */ +void *DX_GetUserCtxLocation(void *bufferStart); + +#endif /*_CRYS_CONTEXT_RELOCATION_H_*/ diff --git a/peripheral/keystore/chaabi/libcc54/crys/crys_des.c b/peripheral/keystore/chaabi/libcc54/crys/crys_des.c new file mode 100644 index 0000000..0473a73 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/crys/crys_des.c @@ -0,0 +1,563 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#define DX_PAL_LOG_CUR_COMPONENT DX_LOG_MASK_CRYS_API + +/** @file + * \brief A brief description of this module + * + * \version CRYS_DES.c#1:csrc:6 + * \author adams + */ + + +/************* Include Files ****************/ +//#include "error.h" +#include "crys_des_error.h" +#include "crys_des.h" +#include <stdio.h> +#include <unistd.h> +//#include "error.h" + +#include "driver_interface.h" +#include "crys_context_relocation.h" +#include "sep_ctx.h" +#include "dx_pal_mem.h" + + +/************* Private function prototype ****************/ + +/*! + * Convert from DxDI return code to CRYS return code + * + * \param diRc: Driver Interface returned error. + * \param errorInfo: Additional error information. + * + */ +static CRYSError_t DX_DesDiErr2CrysErr(DxDI_RetCode_t diRc, DxUint32_t errorInfo) +{ + switch (diRc) { + case DXDI_RET_ENODEV: + case DXDI_RET_EINTERNAL: + case DXDI_RET_ENOTSUP: + case DXDI_RET_ENOPERM: + case DXDI_RET_EINVAL: + case DXDI_RET_ENORSC: + case DXDI_RET_EHW: + /* DXDI errors are below CRYS_ERROR_BASE - let's reuse... */ + switch (errorInfo) { + case DXDI_ERROR_BAD_CTX: + return CRYS_DES_INVALID_USER_CONTEXT_POINTER_ERROR; + case DXDI_ERROR_UNSUP: + return CRYS_DES_IS_NOT_SUPPORTED; + case DXDI_ERROR_INVAL_MODE: + return CRYS_DES_ILLEGAL_OPERATION_MODE_ERROR; + case DXDI_ERROR_INVAL_DIRECTION: + return CRYS_DES_INVALID_ENCRYPT_MODE_ERROR; + case DXDI_ERROR_INVAL_KEY_SIZE: + return CRYS_DES_ILLEGAL_PARAMS_ERROR; + case DXDI_ERROR_INVAL_DIN_PTR: + return CRYS_DES_DATA_IN_POINTER_INVALID_ERROR; + case DXDI_ERROR_INVAL_DOUT_PTR: + return CRYS_DES_DATA_OUT_POINTER_INVALID_ERROR; + case DXDI_ERROR_INVAL_DATA_SIZE: + return CRYS_DES_DATA_SIZE_ILLEGAL; + case DXDI_ERROR_DIN_DOUT_OVERLAP: + return CRYS_DES_DATA_OUT_DATA_IN_OVERLAP_ERROR; + case DXDI_ERROR_NO_RESOURCE: + return CRYS_OUT_OF_RESOURCE_ERROR; + case DXDI_ERROR_INTERNAL: + case DXDI_ERROR_FATAL: + default: + return CRYS_FATAL_ERROR; + } + case DXDI_RET_ESEP: + /* Pass through SeP error code */ + return errorInfo; + default: + /* ??? */ + return CRYS_FATAL_ERROR; + } +} + +/*! + * Get the actual context size of given DES mode + * + * \param mode + * + * \return DxUint32_t Context size in bytes + */ +static DxUint32_t GetContextSize(CRYS_DES_OperationMode_t mode) +{ + /* Sizes are cached to avoid IOCTL on each size query */ + /* Uninitialized - to be initialized on first invocation */ + static DxUint32_t des_ecb_ctx_size = UINT32_MAX; + static DxUint32_t des_cbc_ctx_size = UINT32_MAX; + + + /* For each mode we check if size is already "cached" */ + /* DxDI is queried only if size is not cached already */ + + switch (mode) { + case CRYS_DES_ECB_mode: + if (des_ecb_ctx_size == UINT32_MAX) + des_ecb_ctx_size = + DxDI_GetSymCipherCtxSize(DXDI_SYMCIPHER_DES_ECB); + + return des_ecb_ctx_size; + + case CRYS_DES_CBC_mode: + if (des_cbc_ctx_size == UINT32_MAX) + des_cbc_ctx_size = + DxDI_GetSymCipherCtxSize(DXDI_SYMCIPHER_DES_CBC); + + return des_cbc_ctx_size; + + default: + return 0; + } +} + +static CRYSError_t InitDesParams( CRYS_DESUserContext_t* ContextID_ptr, + CRYS_DES_Iv_t IV_ptr, + CRYS_DES_Key_t* Key_ptr, + CRYS_DES_NumOfKeys_t NumOfKeys, + CRYS_DES_EncryptMode_t EncryptDecryptFlag, + CRYS_DES_OperationMode_t OperationMode, + DxUint32_t** InternalCnxtPtr, + struct dxdi_sym_cipher_props* DesProps) +{ + DxUint32_t realContextSize; + + /* if the users context ID pointer is DX_NULL return an error */ + if (ContextID_ptr == DX_NULL) + return CRYS_DES_INVALID_USER_CONTEXT_POINTER_ERROR; + + + /* check if the operation mode is legal */ + if (OperationMode >= CRYS_DES_NumOfModes) + return CRYS_DES_ILLEGAL_OPERATION_MODE_ERROR; + + + /* if the operation mode selected is CBC then check the validity of + the IV counter pointer */ + if (OperationMode == CRYS_DES_CBC_mode && IV_ptr == DX_NULL) + return CRYS_DES_INVALID_IV_PTR_ON_NON_ECB_MODE_ERROR; + + /* If the number of keys in invalid return an error */ + if (NumOfKeys >= CRYS_DES_NumOfKeysOptions || NumOfKeys == 0) + return CRYS_DES_ILLEGAL_NUM_OF_KEYS_ERROR; + + + /*check the valisity of the key pointer */ + if (Key_ptr == DX_NULL) + return CRYS_DES_INVALID_KEY_POINTER_ERROR; + + + /* Check the Encrypt / Decrypt flag validity */ + if (EncryptDecryptFlag >= CRYS_DES_EncryptNumOfOptions) + return CRYS_DES_INVALID_ENCRYPT_MODE_ERROR; + + realContextSize = GetContextSize(OperationMode); + if (realContextSize == 0) + return CRYS_DES_ILLEGAL_OPERATION_MODE_ERROR; + + /* Get pointer within the buffer that can accomodate context without + crossing a page */ + *InternalCnxtPtr = DX_InitUserCtxLocation(ContextID_ptr, + sizeof(CRYS_DESUserContext_t), + realContextSize); + if (*InternalCnxtPtr == 0) + return CRYS_DES_INVALID_USER_CONTEXT_POINTER_ERROR; + + if (OperationMode == CRYS_DES_ECB_mode) + DesProps->cipher_type = DXDI_SYMCIPHER_DES_ECB; + else { + DesProps->cipher_type = DXDI_SYMCIPHER_DES_CBC; + DX_PAL_MemCopy(DesProps->alg_specific.des_cbc.iv ,IV_ptr,CRYS_DES_IV_SIZE_IN_BYTES); + } + DesProps->direction = EncryptDecryptFlag == CRYS_DES_Encrypt ? + DXDI_CDIR_ENC : DXDI_CDIR_DEC; + + DesProps->key_size = CRYS_DES_KEY_SIZE_IN_BYTES*NumOfKeys; + DX_PAL_MemCopy(DesProps->key ,Key_ptr,CRYS_DES_KEY_SIZE_IN_BYTES*NumOfKeys); + + return CRYS_OK; +} + + +static CRYSError_t DataValidation(DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr) +{ + /* if the users Data In pointer is illegal return an error */ + if (DataIn_ptr == DX_NULL) + return CRYS_DES_DATA_IN_POINTER_INVALID_ERROR; + + /* if the users Data Out pointer is illegal return an error */ + if (DataOut_ptr == DX_NULL) + return CRYS_DES_DATA_OUT_POINTER_INVALID_ERROR; + + + /* if the data size is zero or not a multiple of 16 bytes return error */ + if (DataInSize % CRYS_DES_BLOCK_SIZE_IN_BYTES != 0) + return CRYS_DES_DATA_SIZE_ILLEGAL; + + /* No need to validate buffers overlap, it is already done in the driver */ + + return CRYS_OK; +} + +/****************************************************************************************************/ + + +/************************ Public Functions ******************************/ + +/* ------------------------------------------------------------ + * @brief This function is used to initialize the DES machine. + * In order to operate the DES machine the first function that should be + * called is this function. + * + * The function executes the following major steps: + * + * 1. Validates all of the inputs of the function. If one of the received + * parameters is not valid it shall return an error: + * + * - verifying that the context pointer is not DX_NULL (*ContextID_ptr). + * - verifying the pointer of the IV counter is not DX_NULL + * if the modes that is selected are CBC. + * - verifying that the pointer to the key buffer is not DX_NULL + * - verifying the values of the number of keys is valid ( 0- 2 ). + * - verifying the value of the operation mode is valid ( 0 - 2 ) + * 2. Decrypting the received context to the working context after capturing + * the working context by calling the CRYS_CCM_GetContext() call. + * + * 3. Initializing the working context by the following: + * - loading the keys. + * - loading the IV counters. + * - loading the control field + * - loading the operation mode. + * - loading the DecryptEncrypt flag and the key size. + * - loading the key size. + * 4. Encrypting the information in the working context and storing + * it to the users received context. After then the working context is released. + * This state is operated by calling the CRYS_CCM_EncryptAndReleaseContext call. + * 5. Exit the handler with the OK code. + * + * + * + * @param[in] ContextID_ptr - a pointer to the DES context buffer allocated by the user that + * is used for the DES machine operation. + * + * @param[in,out] IV_ptr - this parameter is the buffer of the IV or counters on mode CTR. + * On ECB mode this parameter has no use. + * On CBC this parameter should containe the IV values. + * + * @param[in] Key_ptr - a pointer to the users key buffer. + * + * @param[in] NumOfKeys - the number of keys used by the module ( 1 - 3 ) + * + * @param[in] EncryptDecryptFlag - This flag determains if the DES shall perform an Encrypt operation [0] or a + * Decrypt operation [1]. + * + * @param[in] OperationMode - The operation mode : ECB or CBC. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* crys_des_error.h + */ + +CEXPORT_C CRYSError_t CRYS_DES_Init( CRYS_DESUserContext_t* ContextID_ptr, + CRYS_DES_Iv_t IV_ptr, + CRYS_DES_Key_t* Key_ptr, + CRYS_DES_NumOfKeys_t NumOfKeys, + CRYS_DES_EncryptMode_t EncryptDecryptFlag, + CRYS_DES_OperationMode_t OperationMode ) +{ + /* The return error identifier */ + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + CRYSError_t crysRc; + DxUint32_t *contextPtr; + struct dxdi_sym_cipher_props des_cipher_props; + + /*----------------------------- + CODE + --------------------------------*/ + +#ifndef CRYS_NO_DES_SUPPORT + + /* ............... checking the parameters validity and init des params................... */ + + crysRc = InitDesParams(ContextID_ptr, + IV_ptr, + Key_ptr, + NumOfKeys, + EncryptDecryptFlag, + OperationMode, + &contextPtr, + &des_cipher_props); + if (crysRc != CRYS_OK) + return crysRc; + + + /* Initialize context for given symmetric cipher configuration*/ + diRc = DxDI_SymCipherInit(contextPtr, + &des_cipher_props, + &errorInfo); + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_DesDiErr2CrysErr); + +#endif /* CRYS_NO_DES_SUPPORT */ + +}/* END OF DES_Init */ + +/** ------------------------------------------------------------ + * @brief This function is used to operate a block on the DES machine. + * This function should be called after the CRYS_DES_Init function + * was called. + * + * The function executes the following major steps: + * + * 1.Checks the validation of all of the inputs of the function. + * If one of the received parameters is not valid it shall return an error. + * + * The major checkers that are run over the received parameters: + * - verifying that the context pointer is not DX_NULL (*ContextID_ptr). + * - verifying the pointer of the data_in buffer is not DX_NULL. + * - verifying that the pointer to the data_out buffer is not DX_NULL. + * - verifying the values of the data_in buffers size is not 0 and a multiple of 16 bytes. + * + * 2.Decrypting the received context to the working context after + * capturing the working context by calling the CRYS_CCM_GetContext() call. + * + * 3.executing the DES operation on the hardware by calling the + * low level DES function LLF_DES_Block. + * 4.Encrypting the information in the working context and storing it + * to the users received context. After then the working context is released. + * This state is operated by calling the CRYS_CCM_ReleaseContext call. + * 5.Exit the handler with the OK code. + * + * + * @param[in] ContextID_ptr - a pointer to the DES context buffer allocated by the user that + * is used for the DES machine operation. this should be the same context that was + * used on the previous call of this session. + * + * + * @param[in] DataIn_ptr - The pointer to the buffer of the input data to the DES. The pointer does + * not need to be aligned. + * + * @param[in] DataInSize - The size of the input data(must be not 0 and must be multiple of 8 bytes). + * + * @param[in/out] DataOut_ptr - The pointer to the buffer of the output data from the DES. The pointer does not + * need to be aligned to 32 bits. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* crys_des_error.h + */ +CEXPORT_C CRYSError_t CRYS_DES_Block( CRYS_DESUserContext_t* ContextID_ptr, + DxUint8_t* DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t* DataOut_ptr ) +{ + /* The return error identifiers */ + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + CRYSError_t crysRc; + DxUint32_t *contextPtr; + + /*------------------- + CODE + ----------------------*/ + + +#ifndef CRYS_NO_DES_SUPPORT + + /* ............... checking the parameters validity ................... */ + + /* if the users context ID pointer is DX_NULL return an error */ + if (ContextID_ptr == DX_NULL) + return CRYS_DES_INVALID_USER_CONTEXT_POINTER_ERROR; + + crysRc = DataValidation(DataIn_ptr, + DataInSize, + DataOut_ptr); + if (crysRc != CRYS_OK) + return crysRc; + + + /* Get pointer within the buffer that can accomodate context without + crossing a page */ + contextPtr = DX_GetUserCtxLocation(ContextID_ptr); + + if (contextPtr == 0) + return CRYS_DES_INVALID_USER_CONTEXT_POINTER_ERROR; + + diRc = DxDI_ProcessDataBlock(contextPtr, + DXDI_DATA_TYPE_TEXT, + DataIn_ptr, + DataOut_ptr, + DataInSize, + &errorInfo); + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_DesDiErr2CrysErr); + +#endif /* CRYS_NO_DES_SUPPORT */ + +}/* END OF CRYS_DES_Block */ + +/** + * @brief This function is used to end the DES operation seesion. + * It is the last function called on the DES operation. + * + * + * The function executes the following major steps: + * + * 1. Checks the validity of all of the inputs of the function. + * If one of the received parameters is not valid it shall return an error. + * + * The major checkers that are run over the received parameters: + * - verifying that the context pointer is not DX_NULL (*ContextID_ptr). + * 2. Clearing the users context. + * 3. Exit the handler with the OK code. + * + * + * @param[in] ContextID_ptr - a pointer to the DES context buffer allocated by the user that + * is used for the DES machine operation. this should be the same context that was + * used on the previous call of this session. + * + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* crys_des_error.h + */ +CEXPORT_C CRYSError_t CRYS_DES_Free(CRYS_DESUserContext_t *ContextID_ptr ) +{ + + + /* The return error identifier */ + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + DxUint32_t *contextPtr; + + /*----------------------- + CODE + --------------------------*/ + +#ifndef CRYS_NO_DES_SUPPORT + + /* if the users context ID pointer is DX_NULL return an error */ + if (ContextID_ptr == DX_NULL) + return CRYS_DES_INVALID_USER_CONTEXT_POINTER_ERROR; + + /* Get pointer within the buffer that can accomodate context without + crossing a page */ + contextPtr = DX_GetUserCtxLocation(ContextID_ptr); + if (contextPtr == 0) + return CRYS_DES_INVALID_USER_CONTEXT_POINTER_ERROR; + + + /* ............. call the CRYS_AES specific functions ................. */ + /* -------------------------------------------------------------------- */ + diRc = DxDI_ProcessLastDataBlock(contextPtr, + DX_NULL, + DX_NULL, + 0, + DX_NULL, + 0, + &errorInfo); + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_DesDiErr2CrysErr); + +#endif /* CRYS_NO_DES_SUPPORT */ + +}/* END OF CRYS_DES_Free */ + +/** + * @brief This function is used to operate the DES machine in one integrated operation. + * + * The actual macros that will be used by the users are: + * + * + * @param[in,out] IVCounter_ptr - this parameter is the buffer of the IV or counters on mode CTR. + * On ECB mode this parameter has no use. + * On CBC mode this parameter should containe the IV values. + * + * @param[in] Key_ptr - a pointer to the users key buffer. + * + * @param[in] KeySize - Thenumber of keys used by the DES as defined in the enum. + * + * @param[in] EncryptDecryptFlag - This flag determains if the DES shall perform an Encrypt operation [0] or a + * Decrypt operation [1]. + * + * @param[in] OperationMode - The operation mode : ECB or CBC. + * + * @param[in] DataIn_ptr - The pointer to the buffer of the input data to the DES. + * The pointer does not need to be word-aligned. + * + * @param[in] DataInSize - The size of the input data (must be not 0 and must be multiple of 8 bytes). + * + * @param[in,out] DataOut_ptr - The pointer to the buffer of the output data from the DES. + * The pointer does not need to be word-aligned. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* crys_des_error.h + */ +CEXPORT_C CRYSError_t CRYS_DES(CRYS_DES_Iv_t IV_ptr, + CRYS_DES_Key_t* Key_ptr, + CRYS_DES_NumOfKeys_t NumOfKeys, + CRYS_DES_EncryptMode_t EncryptDecryptFlag, + CRYS_DES_OperationMode_t OperationMode, + DxUint8_t* DataIn_ptr, /* in */ + DxUint32_t DataInSize, /* in */ + DxUint8_t* DataOut_ptr ) /* in / out */ +{ + /* The return error identifier */ + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + CRYSError_t crysRc; + CRYS_DESUserContext_t ContextID; + DxUint32_t *contextPtr; + + struct dxdi_sym_cipher_props des_cipher_props; + + /*-------------------------------- + CODE + ---------------------------------*/ + +#ifndef CRYS_NO_DES_SUPPORT + + /* ............... checking the parameters validity and init des params................... */ + + crysRc = InitDesParams(&ContextID, + IV_ptr, + Key_ptr, + NumOfKeys, + EncryptDecryptFlag, + OperationMode, + &contextPtr, + &des_cipher_props); + if (crysRc != CRYS_OK) + return crysRc; + + crysRc = DataValidation(DataIn_ptr, + DataInSize, + DataOut_ptr); + if (crysRc != CRYS_OK) + return crysRc; + + /* Initialize context for given symmetric cipher configuration*/ + diRc = DxDI_SymCipherProcess(contextPtr, + &des_cipher_props, + DataIn_ptr, + DataOut_ptr, + DataInSize, + &errorInfo); + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_DesDiErr2CrysErr); + +#endif /* CRYS_NO_DES_SUPPORT */ + +}/* END OF CRYS_DES */ + diff --git a/peripheral/keystore/chaabi/libcc54/crys/crys_hash.c b/peripheral/keystore/chaabi/libcc54/crys/crys_hash.c new file mode 100644 index 0000000..d590650 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/crys/crys_hash.c @@ -0,0 +1,538 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#define DX_PAL_LOG_CUR_COMPONENT DX_LOG_MASK_CRYS_API + +/** @file + * \brief A brief description of this module + * + * \version CRYS_HASH.c#1:csrc:6 + * \author adams + */ + + +/************* Include Files ****************/ +#include "crys_hash_error.h" +#include "crys_hash.h" + +#include <stdio.h> +#include <unistd.h> +//#include "error.h" + +#include "driver_interface.h" +#include "crys_context_relocation.h" +#include "sep_ctx.h" +#include "dx_pal_mem.h" + + +/************* Private function prototype ****************/ + +/*! + * Convert from DxDI return code to CRYS return code + * + * \param diRc: Driver Interface returned error. + * \param errorInfo: Additional error information. + * + */ +static CRYSError_t DX_HashDiErr2CrysErr(DxDI_RetCode_t diRc, DxUint32_t errorInfo) +{ + switch (diRc) { + case DXDI_RET_ENODEV: + case DXDI_RET_EINTERNAL: + case DXDI_RET_ENOTSUP: + case DXDI_RET_ENOPERM: + case DXDI_RET_EINVAL: + case DXDI_RET_ENORSC: + case DXDI_RET_EHW: + /* DXDI errors are below CRYS_ERROR_BASE - let's reuse... */ + switch (errorInfo) { + case DXDI_ERROR_BAD_CTX: + return CRYS_HASH_INVALID_USER_CONTEXT_POINTER_ERROR; + case DXDI_ERROR_UNSUP: + return CRYS_HASH_IS_NOT_SUPPORTED; + case DXDI_ERROR_INVAL_MODE: + return CRYS_HASH_ILLEGAL_OPERATION_MODE_ERROR; + case DXDI_ERROR_INVAL_DIN_PTR: + return CRYS_HASH_DATA_IN_POINTER_INVALID_ERROR; + case DXDI_ERROR_INVAL_DATA_SIZE: + return CRYS_HASH_DATA_SIZE_ILLEGAL; + case DXDI_ERROR_NO_RESOURCE: + return CRYS_OUT_OF_RESOURCE_ERROR; + case DXDI_ERROR_INTERNAL: + case DXDI_ERROR_FATAL: + default: + return CRYS_FATAL_ERROR; + } + case DXDI_RET_ESEP: + /* Pass through SeP error code */ + return errorInfo; + default: + /* ??? */ + return CRYS_FATAL_ERROR; + } +} + +/*! + * Get the actual context size of given AES mode + * + * \param mode + * + * \return DxUint32_t Context size in bytes + */ +static DxUint32_t GetContextSize(CRYS_HASH_OperationMode_t mode) +{ + /* Sizes are cached to avoid IOCTL on each size query */ + /* Uninitialized - to be initialized on first invocation */ + static DxUint32_t sha1_ctx_size = UINT32_MAX; + static DxUint32_t sha224_ctx_size = UINT32_MAX; + static DxUint32_t sha256_ctx_size = UINT32_MAX; + static DxUint32_t sha384_ctx_size = UINT32_MAX; + static DxUint32_t sha512_ctx_size = UINT32_MAX; + static DxUint32_t md5_ctx_size = UINT32_MAX; + + /* For each mode we check if size is already "cached" */ + /* DxDI is queried only if size is not cached already */ + switch (mode) { + case CRYS_HASH_SHA1_mode: + if (sha1_ctx_size == UINT32_MAX) + sha1_ctx_size = DxDI_GetHashCtxSize(DXDI_HASH_SHA1); + return sha1_ctx_size; + case CRYS_HASH_SHA224_mode: + if (sha224_ctx_size == UINT32_MAX) + sha224_ctx_size = DxDI_GetHashCtxSize(DXDI_HASH_SHA224); + return sha224_ctx_size; + case CRYS_HASH_SHA256_mode: + if (sha256_ctx_size == UINT32_MAX) + sha256_ctx_size = DxDI_GetHashCtxSize(DXDI_HASH_SHA256); + return sha256_ctx_size; + case CRYS_HASH_SHA384_mode: + if (sha384_ctx_size == UINT32_MAX) + sha384_ctx_size = DxDI_GetHashCtxSize(DXDI_HASH_SHA384); + return sha384_ctx_size; + case CRYS_HASH_SHA512_mode: + if (sha512_ctx_size == UINT32_MAX) + sha512_ctx_size = DxDI_GetHashCtxSize(DXDI_HASH_SHA512); + return sha512_ctx_size; + case CRYS_HASH_MD5_mode: + if (md5_ctx_size == UINT32_MAX) + md5_ctx_size = DxDI_GetHashCtxSize(DXDI_HASH_MD5); + return md5_ctx_size; + default: + return 0; + } +} + +static CRYSError_t InitHashParams(CRYS_HASHUserContext_t* ContextID_ptr, + CRYS_HASH_OperationMode_t OperationMode, + enum dxdi_hash_type* HashType, + DxUint32_t** InternalCnxtPtr) +{ + unsigned long realContextSize; + + /* if the users context ID pointer is DX_NULL return an error */ + if (ContextID_ptr == DX_NULL) + return CRYS_HASH_INVALID_USER_CONTEXT_POINTER_ERROR; + + /* check if the operation mode is legal */ + if (OperationMode >= CRYS_HASH_NumOfModes) + return CRYS_HASH_ILLEGAL_OPERATION_MODE_ERROR; + + realContextSize = GetContextSize(OperationMode); + if (realContextSize == 0) + return CRYS_HASH_ILLEGAL_OPERATION_MODE_ERROR; + + /* Get pointer within the buffer that can accomodate context without + crossing a page */ + *InternalCnxtPtr = DX_InitUserCtxLocation(ContextID_ptr, + sizeof(*ContextID_ptr), + realContextSize); + + if (*InternalCnxtPtr == 0) + return CRYS_HASH_INVALID_USER_CONTEXT_POINTER_ERROR; + + switch (OperationMode) { + case CRYS_HASH_SHA1_mode: + *HashType = DXDI_HASH_SHA1; + break; + case CRYS_HASH_SHA224_mode: + *HashType = DXDI_HASH_SHA224; + break; + case CRYS_HASH_SHA256_mode: + *HashType = DXDI_HASH_SHA256; + break; + case CRYS_HASH_SHA384_mode: + *HashType = DXDI_HASH_SHA384; + break; + case CRYS_HASH_SHA512_mode: + *HashType = DXDI_HASH_SHA512; + break; + case CRYS_HASH_MD5_mode: + *HashType = DXDI_HASH_MD5; + break; + default: + return CRYS_HASH_ILLEGAL_OPERATION_MODE_ERROR; + } + return CRYS_OK; + +} +/************************ Public Functions ******************************/ + +/** + * This function initializes the HASH machine on the CRYS level. + * + * This function allocates and initializes the HASH Context . + * The function receives as input a pointer to store the context handle to HASH Context , + * it initializes the + * HASH Context with the cryptographic attributes that are needed for + * the HASH block operation ( initialize H's value for the HASH algorithm ). + * + * The function flow: + * + * 1) checking the validity of the arguments - returnes an error on an illegal argument case. + * 2) Aquiring the working context from the CCM manager. + * 3) Initializing the context with the parameters passed by the user and with the init values + * of the HASH. + * 4) loading the user tag to the context. + * 5) release the CCM context. + * + * @param[in] ContextID_ptr - a pointer to the HASH context buffer allocated by the user that + * is used for the HASH machine operation. + * + * @param[in] OperationMode - The operation mode : MD5 or SHA1. + * + * @return CRYSError_t on success the function returns CRYS_OK else non ZERO error. + * + */ +CEXPORT_C CRYSError_t CRYS_HASH_Init(CRYS_HASHUserContext_t* ContextID_ptr, + CRYS_HASH_OperationMode_t OperationMode) +{ + /* The return error identifier */ + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + CRYSError_t crysRc; + DxUint32_t *contextPtr; + enum dxdi_hash_type hashType; + + /*--------------------------- + CODE + -----------------------------*/ + +#ifndef CRYS_NO_HASH_SUPPORT + + /* ............... checking the parameters validity and init ................... */ + /* -------------------------------------------------------------------- */ + + crysRc = InitHashParams(ContextID_ptr, + OperationMode, + &hashType, + &contextPtr); + if (crysRc != CRYS_OK) + return crysRc; + + diRc = DxDI_HashInit(contextPtr, + hashType, + &errorInfo); + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_HashDiErr2CrysErr); + +#endif /*!CRYS_NO_HASH_SUPPORT*/ + +}/* END OF CRYS_HASH_Init */ + +/** + * This function process a block of data via the HASH Hardware. + * The function receives as input an handle to the HASH Context , that was initialized before + * by an CRYS_HASH_Init function or by other CRYS_HASH_Update function. \n + * The function Sets the hardware with the last H's value that where stored in + * the CRYS HASH context and then process the data block using the hardware + * and in the end of the process stores in the HASH context the H's value + * HASH Context with the cryptographic attributes that are needed for + * the HASH block operation ( initialize H's value for the HASH algorithm ). + * This function is used in cases not all the data is arrange in one + * continues buffer . \n + * + * The function flow: + * + * 1) checking the parameters validty if there is an error the function shall exit with an error code. + * 2) Aquiring the working context from the CCM manager. + * 3) If there isnt enouth data in the previous update data buff in the context plus the received data + * load it to the context buffer and exit the function. + * 4) fill the previous update data buffer to contain an entire block. + * 5) Calling the hardware low level function to execute the update. + * 6) fill the previous update data buffer with the data not processed at the end of the received data. + * 7) release the CCM context. + * + * @param[in] ContextID_ptr - a pointer to the HASH context buffer allocated by the user that + * is used for the HASH machine operation. + * + * @param DataIn_ptr a pointer to the buffer that stores the data to be + * hashed . + * + * @param DataInSize The size of the data to be hashed in bytes. + * + * @return CRYSError_t on success the function returns CRYS_OK else non ZERO error. + * + */ + +CEXPORT_C CRYSError_t CRYS_HASH_Update(CRYS_HASHUserContext_t* ContextID_ptr, + DxUint8_t* DataIn_ptr, + DxUint32_t DataInSize ) +{ + /* The return error identifier */ + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + DxUint32_t *contextPtr; + + /*----------------------------------- + CODE + --------------------------------------*/ + + + +#ifndef CRYS_NO_HASH_SUPPORT + + /* ............... checking the parameters validity ................... */ + + /* if the users context ID pointer is DX_NULL return an error */ + if (ContextID_ptr == DX_NULL) + return CRYS_HASH_INVALID_USER_CONTEXT_POINTER_ERROR; + + /* if the data size is zero return CRYS_OK - we just do not need to process any data */ + if (DataInSize == 0) + return CRYS_OK; + + /* if the users Data In pointer is illegal and the data size is larger then 0 return an error */ + if (DataIn_ptr == DX_NULL) + return CRYS_HASH_DATA_IN_POINTER_INVALID_ERROR; + + /* larger then 2^29 (to prevant an overflow on the transition to bits ) + return error */ + if (DataInSize >= (1 << 29)) + return CRYS_HASH_DATA_SIZE_ILLEGAL; + + /* Get pointer within the buffer that can accomodate context without + crossing a page */ + contextPtr = DX_GetUserCtxLocation(ContextID_ptr); + + if (contextPtr == 0) + return CRYS_HASH_INVALID_USER_CONTEXT_POINTER_ERROR; + + diRc = DxDI_ProcessDataBlock(contextPtr, + DXDI_DATA_TYPE_TEXT, + DataIn_ptr, + DX_NULL, + DataInSize, + &errorInfo); + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_HashDiErr2CrysErr); + +#endif /* !CRYS_NO_HASH_SUPPORT */ + +}/* END OF CRYS_HASH_Update */ + +/** + * This function finalize the hashing process of data block. + * The function receives as input an handle to the HASH Context , that was initialized before + * by an CRYS_HASH_Init function or by CRYS_HASH_Update function. + * The function "adds" an header to the data block as the specific hash standard + * specifics , then it loads the hardware and reads the final message digest. + * + * the function flow: + * + * 1) checking the parameters validty if there is an error the function shall exit with an error code. + * 2) Aquiring the working context from the CCM manager. + * 3) Setting the padding buffer to load. + * 4) Calling the hardware low level function to execute the finish. + * 5) fill the previous update data buffer with the data not processed at the end of the received data. + * 6) release the CCM context. + * + * @param[in] ContextID_ptr - a pointer to the HASH context buffer allocated by the user that + * is used for the HASH machine operation. + * + * @retval HashResultBuff a pointer to the target buffer where the + * HASE result stored in the context is loaded to. + * + * @return CRYSError_t on success the function returns CRYS_OK else non ZERO error. + */ + +CEXPORT_C CRYSError_t CRYS_HASH_Finish( CRYS_HASHUserContext_t* ContextID_ptr , + CRYS_HASH_Result_t HashResultBuff ) +{ + /* The return error identifier */ + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + DxUint32_t *contextPtr; + DxUint8_t digestOrMacSize; + + + /*--------------------------------- + CODE + -----------------------------------*/ + + +#ifndef CRYS_NO_HASH_SUPPORT + + /* ............... checking the parameters validity ................... */ + + /* if the users context ID pointer is DX_NULL return an error */ + if (ContextID_ptr == DX_NULL) + return CRYS_HASH_INVALID_USER_CONTEXT_POINTER_ERROR; + + /* if the result buffer DX_NULL return an error */ + if (HashResultBuff == DX_NULL) + return CRYS_HASH_INVALID_RESULT_BUFFER_POINTER_ERROR; + + /* Get pointer within the buffer that can accomodate context without + crossing a page */ + contextPtr = DX_GetUserCtxLocation(ContextID_ptr); + if (contextPtr == 0) + return CRYS_HASH_INVALID_USER_CONTEXT_POINTER_ERROR; + + diRc = DxDI_ProcessLastDataBlock(contextPtr, + DX_NULL, + DX_NULL, + 0, + (DxUint8_t*)HashResultBuff, + &digestOrMacSize, + &errorInfo); + + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_HashDiErr2CrysErr); + +#endif /* !CRYS_NO_HASH_SUPPORT*/ + +}/* END OF CRYS_HASH_Finish */ + +/** + * @brief This function is a service function that frees the context if the operation has + * failed. + * + * The function executes the following major steps: + * + * 1. Checks the validity of all of the inputs of the function. + * If one of the received parameters is not valid it shall return an error. + * + * The major checkers that are run over the received parameters: + * - verifying that the context pointer is not DX_NULL (*ContextID_ptr). + * 2. Clearing the users context. + * 3. Exit the handler with the OK code. + * + * + * @param[in] ContextID_ptr - a pointer to the HASH context buffer allocated by the user that + * is used for the HASH machine operation. this should be the same context that was + * used on the previous call of this session. + * + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* crys_hash_error.h + */ +CEXPORT_C CRYSError_t CRYS_HASH_Free(CRYS_HASHUserContext_t *ContextID_ptr ) +{ + /* The return error identifier */ + CRYSError_t Error; + + + + /*--------------------------- + CODE + -----------------------------*/ + + /* ............... local initializations .............................. */ + + Error = CRYS_OK; + +#ifndef CRYS_NO_HASH_SUPPORT + + /* ............... checking the parameters validity ................... */ + + /* if the users context ID pointer is DX_NULL return an error */ + if (ContextID_ptr == DX_NULL) + return CRYS_HASH_INVALID_USER_CONTEXT_POINTER_ERROR; + + /* .............. clearing the users context .......................... */ + DX_PAL_MemSet( ContextID_ptr , 0,sizeof(CRYS_HASHUserContext_t) ); + + /* ................. end of function ..................................... */ + /* ----------------------------------------------------------------------- */ + + return Error; + +#endif /* !CRYS_NO_HASH_SUPPORT */ + +}/* END OF CRYS_HASH_Free */ + +/** + * This function provide HASH function to process one buffer of data. + * The function allocates an internal HASH Context , it initializes the + * HASH Context with the cryptographic attributes that are needed for + * the HASH block operation ( initialize H's value for the HASH algorithm ). + * Then the function loads the Hardware with the initializing values and after + * that process the data block using the hardware to do hash . + * At the end the function return the message digest of the data buffer . + * + * + * @param[in] OperationMode - The operation mode : MD5 or SHA1. + * + * @param DataIn_ptr a pointer to the buffer that stores the data to be + * hashed . + * + * @param DataInSize The size of the data to be hashed in bytes. + * + * @retval HashResultBuff a pointer to the target buffer where the + * HASE result stored in the context is loaded to. + * + * @return CRYSError_t on success the function returns CRYS_OK else non ZERO error. + * + */ +CEXPORT_C CRYSError_t CRYS_HASH ( CRYS_HASH_OperationMode_t OperationMode, + DxUint8_t* DataIn_ptr, + DxUint32_t DataSize, + CRYS_HASH_Result_t HashResultBuff ) +{ + + /* The return error identifier */ + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + CRYSError_t crysRc; + DxUint32_t *contextPtr; + CRYS_HASHUserContext_t ContextID; + enum dxdi_hash_type hashType; + +#ifndef CRYS_NO_HASH_SUPPORT + + /* if the users Data In pointer is illegal and the data size is larger then 0 return an error */ + if ((DataIn_ptr == DX_NULL) && + (DataSize != 0)) + return CRYS_HASH_DATA_IN_POINTER_INVALID_ERROR; + + /* larger then 2^29 (to prevant an overflow on the transition to bits ) + return error */ + if (DataSize >= (1 << 29)) + return CRYS_HASH_DATA_SIZE_ILLEGAL; + + /* if the result buffer DX_NULL return an error */ + if (HashResultBuff == DX_NULL) + return CRYS_HASH_INVALID_RESULT_BUFFER_POINTER_ERROR; + + crysRc = InitHashParams(&ContextID, + OperationMode, + &hashType, + &contextPtr); + if (crysRc != CRYS_OK) + return crysRc; + + diRc = DxDI_HashProcess(contextPtr, + hashType, + DataIn_ptr, + DataSize, + (DxUint8_t*)HashResultBuff, + &errorInfo); + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_HashDiErr2CrysErr); + +#endif /* !CRYS_NO_HASH_SUPPORT */ + +}/* END OF CRYS_HASH */ diff --git a/peripheral/keystore/chaabi/libcc54/crys/crys_hmac.c b/peripheral/keystore/chaabi/libcc54/crys/crys_hmac.c new file mode 100644 index 0000000..5e4aca6 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/crys/crys_hmac.c @@ -0,0 +1,553 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#define DX_PAL_LOG_CUR_COMPONENT DX_LOG_MASK_CRYS_API + +/** @file + * \brief A brief description of this module + * + * \version CRYS_HMAC.c#1:csrc:4 + * \author adams + */ + + +/************* Include Files ****************/ +#include "crys_hmac_error.h" +#include "crys_hash.h" +#include "crys_hmac.h" +//#include "error.h" + +#include <stdio.h> +#include <unistd.h> +//#include "error.h" + +#include "driver_interface.h" +#include "crys_context_relocation.h" +#include "sep_ctx.h" +#include "dx_pal_mem.h" + + +/************* Private function prototype ****************/ + + +/*! + * Convert from DxDI return code to CRYS return code + * + * \param diRc: Driver Interface returned error. + * \param errorInfo: Additional error information. + * + */ +static CRYSError_t DX_HmacDiErr2CrysErr(DxDI_RetCode_t diRc, DxUint32_t errorInfo) +{ + switch (diRc) { + case DXDI_RET_ENODEV: + case DXDI_RET_EINTERNAL: + case DXDI_RET_ENOTSUP: + case DXDI_RET_ENOPERM: + case DXDI_RET_EINVAL: + case DXDI_RET_ENORSC: + case DXDI_RET_EHW: + /* DXDI errors are below CRYS_ERROR_BASE - let's reuse... */ + switch (errorInfo) { + case DXDI_ERROR_BAD_CTX: + return CRYS_HMAC_INVALID_USER_CONTEXT_POINTER_ERROR; + case DXDI_ERROR_UNSUP: + return CRYS_HMAC_IS_NOT_SUPPORTED; + case DXDI_ERROR_INVAL_MODE: + return CRYS_HMAC_ILLEGAL_OPERATION_MODE_ERROR; + case DXDI_ERROR_INVAL_KEY_SIZE: + return CRYS_HMAC_UNVALID_KEY_SIZE_ERROR; + case DXDI_ERROR_INVAL_DIN_PTR: + return CRYS_HMAC_DATA_IN_POINTER_INVALID_ERROR; + case DXDI_ERROR_INVAL_DATA_SIZE: + return CRYS_HMAC_DATA_SIZE_ILLEGAL; + case DXDI_ERROR_NO_RESOURCE: + return CRYS_OUT_OF_RESOURCE_ERROR; + case DXDI_ERROR_INTERNAL: + case DXDI_ERROR_FATAL: + default: + return CRYS_FATAL_ERROR; + } + case DXDI_RET_ESEP: + /* Pass through SeP error code */ + return errorInfo; + default: + /* ??? */ + return CRYS_FATAL_ERROR; + } +} + +/*! + * Get the actual context size of given AES mode + * + * \param mode + * + * \return DxUint32_t Context size in bytes + */ +static DxUint32_t GetContextSize(CRYS_HASH_OperationMode_t mode) +{ + /* Sizes are cached to avoid IOCTL on each size query */ + /* Uninitialized - to be initialized on first invocation */ + static DxUint32_t hmac_ctx_size = UINT32_MAX; + + + /* For each mode we check if size is already "cached" */ + /* DxDI is queried only if size is not cached already */ + if (hmac_ctx_size == UINT32_MAX) + hmac_ctx_size = DxDI_GetMacCtxSize(DXDI_MAC_HMAC); + + return hmac_ctx_size; + +} +static CRYSError_t InitHmacParams(CRYS_HMACUserContext_t* ContextID_ptr, + CRYS_HASH_OperationMode_t OperationMode, + DxUint8_t* key_ptr, + DxUint16_t keySize, + struct dxdi_mac_props* macProps, + DxUint32_t** InternalCnxtPtr) +{ + unsigned long realContextSize; + /* the length of the hash digest */ + DxUint16_t hashDigestLen; + /* the length of the hash block (max. K0 size) */ + DxUint16_t maxK0Len; + /* the KEY hash result - relevant if the key is larger then 64 bytes */ + CRYS_HASH_Result_t keyHashResult = {0}; + CRYSError_t crysRc; + + /* if the users context ID pointer is DX_NULL return an error */ + if (ContextID_ptr == DX_NULL) + return CRYS_HMAC_INVALID_USER_CONTEXT_POINTER_ERROR; + + /* check if the key pointer is valid */ + if (key_ptr == DX_NULL) + return CRYS_HMAC_INVALID_KEY_POINTER_ERROR; + + /* check if the key size is valid */ + if (keySize == 0) + return CRYS_HMAC_UNVALID_KEY_SIZE_ERROR; + + + realContextSize = GetContextSize(OperationMode); + if (realContextSize == 0) + return CRYS_HMAC_ILLEGAL_OPERATION_MODE_ERROR; + + /* Get pointer within the buffer that can accomodate context without + crossing a page */ + *InternalCnxtPtr = DX_InitUserCtxLocation(ContextID_ptr, + sizeof(*ContextID_ptr), + realContextSize); + + + if (*InternalCnxtPtr == 0) + return CRYS_HMAC_INVALID_USER_CONTEXT_POINTER_ERROR; + + /* Get key size limit */ + switch (OperationMode) { + case CRYS_HASH_SHA1_mode: + case CRYS_HASH_SHA224_mode: + case CRYS_HASH_SHA256_mode: + maxK0Len = CRYS_HMAC_KEY_SIZE_IN_BYTES; + break; + case CRYS_HASH_SHA384_mode: + case CRYS_HASH_SHA512_mode: + maxK0Len = CRYS_HMAC_SHA2_1024BIT_KEY_SIZE_IN_BYTES; + break; + default: return CRYS_HMAC_ILLEGAL_OPERATION_MODE_ERROR; + } + + /* Digest key if too long */ + if (keySize > maxK0Len) { + crysRc = CRYS_HASH(OperationMode, + key_ptr, + keySize, + keyHashResult); + + if (crysRc != CRYS_OK) + return crysRc; + + /* Get key hash digest length in case key needs to be hashed into K0 */ + switch (OperationMode) { + case CRYS_HASH_SHA1_mode: hashDigestLen = CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES; break; + case CRYS_HASH_SHA224_mode: hashDigestLen = CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES; break; + case CRYS_HASH_SHA256_mode: hashDigestLen = CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES; break; + case CRYS_HASH_SHA384_mode: hashDigestLen = CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES; break; + case CRYS_HASH_SHA512_mode: hashDigestLen = CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES; break; + default: return CRYS_HMAC_ILLEGAL_OPERATION_MODE_ERROR; + } + + DX_PAL_MemCopy(macProps->key,keyHashResult,hashDigestLen); + macProps->key_size = hashDigestLen; + } else { + DX_PAL_MemCopy(macProps->key,key_ptr,keySize); + macProps->key_size = keySize; + } + + switch (OperationMode) { + case CRYS_HASH_SHA1_mode: + macProps->alg_specific.hmac.hash_type = DXDI_HASH_SHA1; + break; + case CRYS_HASH_SHA224_mode: + macProps->alg_specific.hmac.hash_type = DXDI_HASH_SHA224; + break; + case CRYS_HASH_SHA256_mode: + macProps->alg_specific.hmac.hash_type = DXDI_HASH_SHA256; + break; + case CRYS_HASH_SHA384_mode: + macProps->alg_specific.hmac.hash_type = DXDI_HASH_SHA384; + break; + case CRYS_HASH_SHA512_mode: + macProps->alg_specific.hmac.hash_type = DXDI_HASH_SHA512; + break; + case CRYS_HASH_MD5_mode: + macProps->alg_specific.hmac.hash_type = DXDI_HASH_MD5; + break; + default: + return CRYS_HMAC_ILLEGAL_OPERATION_MODE_ERROR; + } + macProps->mac_type = DXDI_MAC_HMAC; + + return CRYS_OK; +} +/************************ Public Functions ******************************/ + +/** + * This function initializes the HMAC machine on the CRYS level. + * + * This function allocates and initializes the HMAC Context . + * The function receives as input a pointer to store the context handle to HMAC Context. + * + * If the key is larger then 64 bytes it performs on it a HASH operation. + * then the function executed a HASH_init session and processes a HASH update + * on the Key XOR ipad and stores it on the context. + * + * the context. + * + * @param[in] ContextID_ptr - a pointer to the HMAC context buffer allocated by the user that + * is used for the HMAC machine operation. + * + * @param[in] OperationMode - The operation mode : MD5 or SHA1. + * + * @param[in] key_ptr - The pointer to the users key buffer. + * + * @oaram[in] keySize - The size of the received key. + * + * @return CRYSError_t on success the function returns CRYS_OK else non ZERO error. + * + */ +CEXPORT_C CRYSError_t CRYS_HMAC_Init(CRYS_HMACUserContext_t* ContextID_ptr, + CRYS_HASH_OperationMode_t OperationMode, + DxUint8_t* key_ptr, + DxUint16_t keySize ) +{ + /* The return error identifier */ + DxDI_RetCode_t diRc; + CRYSError_t crysRc; + DxUint32_t errorInfo; + DxUint32_t *contextPtr; + struct dxdi_mac_props mac_props = {0}; + + + /*-------------------- + CODE + ----------------------*/ + +#ifndef CRYS_NO_HASH_SUPPORT + + /* ............... checking the parameters validity and init parameters................... */ + crysRc = InitHmacParams(ContextID_ptr, + OperationMode, + key_ptr, + keySize, + &mac_props, + &contextPtr); + if (crysRc != CRYS_OK) + return crysRc; + + diRc = DxDI_MacInit(contextPtr, + &mac_props, + &errorInfo); + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_HmacDiErr2CrysErr); + +#endif /* !CRYS_NO_HASH_SUPPORT */ + +}/* END OF CRYS_HMAC_Init */ + +/** + * This function process a HMAC block of data via the HASH Hardware. + * The function receives as input an handle to the HMAC Context , and operated the HASH update on the data + * below. + * + * @param[in] ContextID_ptr - a pointer to the HMAC context buffer allocated by the user that + * is used for the HMAC machine operation. + * + * @param DataIn_ptr a pointer to the buffer that stores the data to be + * hashed . + * + * @param DataInSize The size of the data to be hashed in bytes. + * + * @return CRYSError_t on success the function returns CRYS_OK else non ZERO error. + * + */ + +CEXPORT_C CRYSError_t CRYS_HMAC_Update(CRYS_HMACUserContext_t* ContextID_ptr, + DxUint8_t* DataIn_ptr, + DxUint32_t DataInSize ) +{ + + /* The return error identifier */ + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + DxUint32_t *contextPtr; + /*---------------------------------- + CODE + -----------------------------------*/ + +#ifndef CRYS_NO_HASH_SUPPORT + + /* ............... checking the parameters validity ................... */ + + /* if the users context ID pointer is DX_NULL return an error */ + if (ContextID_ptr == DX_NULL) + return CRYS_HMAC_INVALID_USER_CONTEXT_POINTER_ERROR; + + /* if the data size is zero no need to execute an update , return CRYS_OK */ + if (DataInSize == 0) + return CRYS_OK; + + /* if the users Data In pointer is illegal and the size is not 0 return an error */ + if (DataIn_ptr == DX_NULL) + return CRYS_HMAC_DATA_IN_POINTER_INVALID_ERROR; + + /* Get pointer within the buffer that can accomodate context without + crossing a page */ + contextPtr = DX_GetUserCtxLocation(ContextID_ptr); + + if (contextPtr == 0) + return CRYS_HMAC_INVALID_USER_CONTEXT_POINTER_ERROR; + + diRc = DxDI_ProcessDataBlock(contextPtr, + DXDI_DATA_TYPE_TEXT, + DataIn_ptr, + DX_NULL, + DataInSize, + &errorInfo); + + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_HmacDiErr2CrysErr); + +#endif /* !CRYS_NO_HASH_SUPPORT */ + +}/* END OF CRYS_HMAC_Update */ + +/** + * This function finalize the HMAC process of data block. + * The function receives as input an handle to the HMAC Context , that was initialized before + * by an CRYS_HMAC_Init function or by CRYS_HMAC_Update function. + * The function finishes the HASH operation on the ipad and text then + * executes a new hash operation with the key XOR opad and the previous HASH operation result. + * + * @param[in] ContextID_ptr - a pointer to the HMAC context buffer allocated by the user that + * is used for the HMAC machine operation. + * + * @retval HmacResultBuff a pointer to the target buffer where the + * HMAC result stored in the context is loaded to. + * + * @return CRYSError_t on success the function returns CRYS_OK else non ZERO error. + */ + +CEXPORT_C CRYSError_t CRYS_HMAC_Finish( CRYS_HMACUserContext_t* ContextID_ptr , + CRYS_HASH_Result_t HmacResultBuff ) +{ + + /* The return error identifier */ + DxDI_RetCode_t diRc; + DxUint32_t errorInfo; + DxUint32_t *contextPtr; + DxUint8_t digestOrMacSize; + + /*------------------------------ + CODE + --------------------------------*/ + +#ifndef CRYS_NO_HASH_SUPPORT + + /* ............... checking the parameters validity ................... */ + + /* if the users context ID pointer is DX_NULL return an error */ + if (ContextID_ptr == DX_NULL) + return CRYS_HMAC_INVALID_USER_CONTEXT_POINTER_ERROR; + + /* if the result buffer DX_NULL return an error */ + if (HmacResultBuff == DX_NULL) + return CRYS_HMAC_INVALID_RESULT_BUFFER_POINTER_ERROR; + + /* Get pointer within the buffer that can accomodate context without + crossing a page */ + contextPtr = DX_GetUserCtxLocation(ContextID_ptr); + if (contextPtr == 0) + return CRYS_HMAC_INVALID_USER_CONTEXT_POINTER_ERROR; + + + diRc = DxDI_ProcessLastDataBlock(contextPtr, + DX_NULL, + DX_NULL, + 0, + (DxUint8_t*)HmacResultBuff, + &digestOrMacSize, + &errorInfo); + + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_HmacDiErr2CrysErr); + +#endif /* !CRYS_NO_HASH_SUPPORT */ + +}/* END OF CRYS_HMAC_Finish */ + +/** + * @brief This function is a service function that frees the context if the operation has + * failed. + * + * The function executes the following major steps: + * + * 1. Checks the validity of all of the inputs of the function. + * If one of the received parameters is not valid it shall return an error. + * + * The major checkers that are run over the received parameters: + * - verifying that the context pointer is not DX_NULL (*ContextID_ptr). + * 2. Clearing the users context. + * 3. Exit the handler with the OK code. + * + * + * @param[in] ContextID_ptr - a pointer to the HMAC context buffer allocated by the user that + * is used for the HMAC machine operation. this should be the same context that was + * used on the previous call of this session. + * + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* crys_hmac_error.h + */ + +CEXPORT_C CRYSError_t CRYS_HMAC_Free(CRYS_HMACUserContext_t* ContextID_ptr ) +{ + /* The return error identifier */ + CRYSError_t Error; + + /*-------------------- + CODE + -----------------------*/ + Error = CRYS_OK; + + + +#ifndef CRYS_NO_HASH_SUPPORT + + /* ............... checking the parameters validity ................... */ + + /* if the users context ID pointer is DX_NULL return an error */ + if (ContextID_ptr == DX_NULL) + return CRYS_HMAC_INVALID_USER_CONTEXT_POINTER_ERROR; + + + /* .............. clearing the users context .......................... */ + /* -------------------------------------------------------------------- */ + + DX_PAL_MemSet( ContextID_ptr , 0 , sizeof(CRYS_HMACUserContext_t) ); + + return Error; + +#endif /* !CRYS_NO_HASH_SUPPORT */ + +}/* END OF CRYS_HMAC_Free */ + +/** + * This function provide HASH function to process one buffer of data. + * The function allocates an internal HASH Context , it initializes the + * HASH Context with the cryptographic attributes that are needed for + * the HASH block operation ( initialize H's value for the HASH algorithm ). + * Then the function loads the Hardware with the initializing values and after + * that process the data block using the hardware to do hash . + * At the end the function return the message digest of the data buffer . + * + * + * @param[in] OperationMode - The operation mode : MD5 or SHA1. + * + * @param[in] key_ptr - The pointer to the users key buffer. + * + * @oaram[in] keySize - The size of the received key. + * + * @param DataIn_ptr a pointer to the buffer that stores the data to be + * hashed . + * + * @param DataInSize The size of the data to be hashed in bytes. + * + * @retval HashResultBuff a pointer to the target buffer where the + * HMAC result stored in the context is loaded to. + * + * @return CRYSError_t on success the function returns CRYS_OK else non ZERO error. + * + */ +CEXPORT_C CRYSError_t CRYS_HMAC ( CRYS_HASH_OperationMode_t OperationMode, + DxUint8_t* key_ptr, + DxUint16_t keySize, + DxUint8_t* DataIn_ptr, + DxUint32_t DataSize, + CRYS_HASH_Result_t HmacResultBuff ) +{ + /* The return error identifier */ + DxDI_RetCode_t diRc; + CRYSError_t crysRc; + DxUint32_t errorInfo; + DxUint32_t *contextPtr; + CRYS_HMACUserContext_t contextID; + struct dxdi_mac_props mac_props = {0}; + + + /*----------------------------- + CODE + -------------------------------*/ + + /* ............... local initializations .............................. */ + + /* if the users Data In pointer is illegal and the size is not 0 return an error */ + if (DataIn_ptr == DX_NULL && DataSize) + return CRYS_HMAC_DATA_IN_POINTER_INVALID_ERROR; + + + /* larger then 2^29 (to prevant an overflow on the transition to bits ) + return error */ + if (DataSize >= (1 << 29)) + return CRYS_HMAC_DATA_SIZE_ILLEGAL; + + /* if the result buffer DX_NULL return an error */ + if (HmacResultBuff == DX_NULL) + return CRYS_HMAC_INVALID_RESULT_BUFFER_POINTER_ERROR; + +#ifndef CRYS_NO_HASH_SUPPORT + /* ............... checking the parameters validity and init parameters................... */ + crysRc = InitHmacParams(&contextID, + OperationMode, + key_ptr, + keySize, + &mac_props, + &contextPtr); + if (crysRc != CRYS_OK) + return crysRc; + + diRc = DxDI_MacProcess(contextPtr, + &mac_props, + DataIn_ptr, + DataSize, + (DxUint8_t*) HmacResultBuff, + &errorInfo); + + + return DX_CRYS_RETURN_ERROR(diRc, errorInfo, DX_HmacDiErr2CrysErr); +#endif /* !CRYS_NO_HASH_SUPPORT */ + +}/* END OF CRYS_HMAC */ + diff --git a/peripheral/keystore/chaabi/libcc54/crys/crys_init.c b/peripheral/keystore/chaabi/libcc54/crys/crys_init.c new file mode 100644 index 0000000..15c5ffd --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/crys/crys_init.c @@ -0,0 +1,95 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#define DX_PAL_LOG_CUR_COMPONENT DX_LOG_MASK_CRYS_API + + + /* + * Object %name : % + * State : %state% + * Creation date : Wed Nov 17 17:25:55 2004 + * Last modified : %modify_time% + */ + /** @file + * \brief A brief description of this module + * + * \version CRYS_AES.c#1:csrc:6 + * \author adams + */ + + + +/************* Include Files ****************/ + +/* .............. CRYS level includes ................. */ + +#include "DX_VOS_Mem.h" +#include "DX_VOS_Memmap.h" +#include "DX_VOS_Sem.h" +#include "error.h" +#include "CRYS_init.h" +//#include "SystemDefs.h" +#include "SEPDriver.h" +/************************ Defines ******************************/ + + + +/************************ MACROS ******************************/ + +/* this macro is required to remove compilers warnings if the AES is not supported */ + +/************************ Global Data ******************************/ + + + +/************* Private function prototype ****************/ + + +/************************ Public Functions ******************************/ + + +/** + * @brief This function initializes the CRYS SW. + * + * The function calls the init functions of all of the modules in the CRYS. + * + * @param[in] - HwBaseAddress the hardware base address. + * @param[in] - param_PTR - pointer to parameter for the CRYS_Init (the seed used to create the SK - relevant only on CRYS_SW). + * @param[in] - param - parameter by value (the size of the seed in bytes when seed is in param_PTR) + * + * \note The last two arguments are only used in software implementations of CRYS. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in ... + */ + +CIMPORT_C CRYSError_t CRYS_Init(DxUint32_t CryptoCellBaseAddress , DxUint8_t *param_PTR , DxUint16_t param ) +{ + /*------------------- + CODE + --------------------*/ + CryptoCellBaseAddress=CryptoCellBaseAddress; + param_PTR=param_PTR; + param=param; + + return CRYS_OK; +} + + +/** + * @brief This function terminates the CRYS SW. + * + * The function calls the terminate functions of all of the modules in the CRYS. + * + * + * @return CRYSError_t - On success CRYS_OK is returned + */ + +CIMPORT_C CRYSError_t CRYS_Terminate() +{ + + return CRYS_OK; +} diff --git a/peripheral/keystore/chaabi/libcc54/crys/crys_otf.c b/peripheral/keystore/chaabi/libcc54/crys/crys_otf.c new file mode 100644 index 0000000..2e305a4 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/crys/crys_otf.c @@ -0,0 +1,794 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#define DX_PAL_LOG_CUR_COMPONENT DX_LOG_MASK_CRYS_API + + /* + * Object %CRYS_OTF.c : % + * State : %state% + * Creation date : Wed July 18 17:25:55 2007 + * Last modified : %modify_time% + */ + /** @file + * \brief this function contain the OTF functions. + * + * \version CRYS_OTF.c#1:csrc:1 + * \author yakovg + */ + + + +/************* Include Files ****************/ + +/* .............. CRYS level includes ................. */ + +#include "DX_VOS_Mem.h" +#include "CRYS_COMMON.h" +#include "CRYS_COMMON_math.h" +#include "PLAT_SystemDep.h" +#include "CRYS_OTF.h" +#include "CRYS_OTF_error.h" +#include "crys_des.h" +#include "error.h" +#include "crys_host_op_code.h" +#include "SEPDriver.h" + + + +/************************ Enums ******************************/ + +/************************ Typedefs ******************************/ + +/************************ Global Data ******************************/ + +/************************ Private Functions ******************************/ + + +/************************ Public Functions ******************************/ + + +/************************************************************************************************** + * @brief CRYS_OTF_InitOperation - This function sets the OTF context with the + * required operation scenario, mode of operation, keys and Ivs. + * + * @param[in] OTFContext_ptr - Pointer to the OTF context. + * + * @param[in] CRYS_OTFEngCfg - The mode of the engine to configure the Crypto Flashfor the process. + * The engine modes are defined at the CRYS_OTFEngCfg_t type. + * + * @param[in] CRYS_OTFKeysInfo_ptr - A pointer to a structure contains the Key and IV. + * + * @param[in] CRYS_OTFEngMode_ptr - Pointer to CRYS_OTFEngMode_t array. + * Each cell in the array indicates on the mode of operation of + * this stage in the path from DIN to DOUT/CPU. + * The mode is the mode to set the Crypto Flash hardware operation. + * The operation mode are defined in the CRYS_OTFEngMode_t type. + * + * @return CRYSError_t - On success the value CRYS_OK is returned, and on failure - a value from crys_aes_error.h + * + **************************************************************************************************/ + +CEXPORT_C CRYSError_t CRYS_OTF_InitOperation (CRYS_OTFUserContext_t* ContextID_ptr, + CRYS_OTFEngCfg_t OTFEngCfg, + CRYS_OTFUserKeysInfo_t* OTFUserKeysInfo_ptr, + CRYS_OTFEngMode_t* OTFEngMode_ptr) +{ + /* The return error identifiers */ + CRYSError_t Error; + + /* offset into SRAM */ + DxUint32_t sramOffset; + + /* read param */ + DxUint32_t messageParam[9]; + + /* max length */ + DxUint32_t maxLength; + + + /*---------------------------------------- + CODE + --------------------------------------------*/ + + /* initializing the Error to O.K */ + Error = CRYS_OK; + + + #ifndef CRYS_NO_OTF_SUPPORT + + /* ............... checking the parameters validity ................... */ + /* -------------------------------------------------------------------- */ + + + /* check input parameters */ + if( ContextID_ptr == DX_NULL ) + { + Error = CRYS_OTF_INVALID_USER_CONTEXT_POINTER_ERROR; + goto end_function; + } + + if( OTFUserKeysInfo_ptr == DX_NULL ) + { + Error = CRYS_OTF_INVALID_USER_KEYS_POINTER_ERROR; + goto end_function; + } + + if( OTFEngMode_ptr == DX_NULL ) + { + Error = CRYS_OTF_INVALID_ENG_MODE_POINTER_ERROR; + goto end_function; + } + + + /* lock access to the SEP */ + Error = SEPDriver_Lock(); + + if(Error != DX_OK) + { + goto end_function; + } + + /*---------------------------- + start sending message to SEP + -----------------------------*/ + sramOffset = 0; + + /* start the message */ + SEPDriver_StartMessage(&sramOffset); + + /* prepare message */ + messageParam[0] = DX_SEP_HOST_SEP_PROTOCOL_HOST_OTF_INIT_OPERATION_OP_CODE; + messageParam[1] = OTFEngCfg; + messageParam[2] = OTFEngMode_ptr[0]; + messageParam[3] = OTFEngMode_ptr[1]; + messageParam[4] = OTFEngMode_ptr[2]; + messageParam[5] = OTFUserKeysInfo_ptr->Key0Size; + messageParam[6] = OTFUserKeysInfo_ptr->Iv0Size; + messageParam[7] = OTFUserKeysInfo_ptr->Key1Size; + messageParam[8] = OTFUserKeysInfo_ptr->Iv1Size; + + /* send params */ + Error = SEPDriver_WriteParamater((DxUint32_t)messageParam, + sizeof(DxUint32_t) * 9, + sizeof(DxUint32_t) * 9, + &sramOffset, + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* send key 0 */ + Error = SEPDriver_WriteParamater((DxUint32_t)&OTFUserKeysInfo_ptr->Key0[0] , + CRYS_OTF_MAX_KEY_SIZE_IN_BYTES, + CRYS_OTF_MAX_KEY_SIZE_IN_BYTES, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + /* send iv 0 */ + Error = SEPDriver_WriteParamater((DxUint32_t)&OTFUserKeysInfo_ptr->Iv0[0] , + CRYS_OTF_MAX_IV_SIZE_IN_BYTES, + CRYS_OTF_MAX_IV_SIZE_IN_BYTES, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* send key 1 */ + Error = SEPDriver_WriteParamater((DxUint32_t)&OTFUserKeysInfo_ptr->Key1[0] , + CRYS_OTF_MAX_KEY_SIZE_IN_BYTES, + CRYS_OTF_MAX_KEY_SIZE_IN_BYTES, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + /* send iv 1 */ + Error = SEPDriver_WriteParamater((DxUint32_t)&OTFUserKeysInfo_ptr->Iv1[0] , + CRYS_OTF_MAX_IV_SIZE_IN_BYTES, + CRYS_OTF_MAX_IV_SIZE_IN_BYTES, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* end message */ + SEPDriver_EndMessage(sramOffset); + + /* wait for the response */ + Error = SEPDriver_POLL_FOR_REPONSE(); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /*------------------- + start reading message from the SEP + ---------------------*/ + + /* start the message */ + Error = SEPDriver_StartIncomingMessage(&sramOffset); + if(Error) + { + goto end_function_unlock; + } + + /* read opcode + status */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam, + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* check the opcode */ + if(messageParam[0] != DX_SEP_HOST_SEP_PROTOCOL_HOST_OTF_INIT_OPERATION_OP_CODE) + { + Error = DX_WRONG_OPCODE_FROM_SEP_ERR; + goto end_function_unlock; + } + + /* check status */ + if(messageParam[1] != CRYS_OK) + { + Error = messageParam[1]; + goto end_function_unlock; + } + + /* read the context */ + maxLength = ((sizeof(CRYS_OTFUserContext_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_ReadParamater((DxUint32_t)ContextID_ptr, + sizeof(CRYS_OTFUserContext_t), + maxLength, + &sramOffset, + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* ...................... end of function ................................ */ + +end_function_unlock: + + /* lock access to the SEP */ + SEPDriver_Unlock(); + + +end_function: + + return Error; + +#endif /* !CRYS_NO_OTF_SUPPORT */ + +} /* end CRYS_OTF_InitOperation function */ + + +/************************************************************************************************** + * @brief CRYS_OTF_SuspendOperation - This function stop the hw operation started in the Init operation. + * The function store the last state to enable the user + * to resume to this state exactly by the CRYS_OTF_ResumeOperation + * @param[in] OTFContext_ptr - Pointer to the OTF context. + * + * + * @return CRYSError_t - On success the value CRYS_OK is returned, and on failure - a value from crys_aes_error.h + * + **************************************************************************************************/ +CEXPORT_C CRYSError_t CRYS_OTF_SuspendOperation (CRYS_OTFUserContext_t *ContextID_ptr) +{ + /* The return error identifiers */ + CRYSError_t Error; + + /* offset into SRAM */ + DxUint32_t sramOffset; + + /* read param */ + DxUint32_t messageParam[2]; + + /* max length */ + DxUint32_t maxLength; + + + /*--------------------------- + CODE + --------------------------------*/ + + /* initializing the Error to O.K */ + Error = CRYS_OK; + + + #ifndef CRYS_NO_OTF_SUPPORT + + /* ............... checking the parameters validity ................... */ + /* -------------------------------------------------------------------- */ + + /* if the users context ID pointer is DX_NULL return an error */ + if( ContextID_ptr == DX_NULL ) + { + Error = CRYS_OTF_INVALID_USER_CONTEXT_POINTER_ERROR; + } + + /* lock access to the SEP */ + Error = SEPDriver_Lock(); + + if(Error != DX_OK) + { + goto end_function; + } + + /*---------------------------- + start sending message to SEP + -----------------------------*/ + sramOffset = 0; + + /* start the message */ + SEPDriver_StartMessage(&sramOffset); + + /* prepare message */ + messageParam[0] = DX_SEP_HOST_SEP_PROTOCOL_HOST_OTF_SUSPEND_OPERATION_OP_CODE; + + /* send params */ + Error = SEPDriver_WriteParamater((DxUint32_t)messageParam, + sizeof(DxUint32_t), + sizeof(DxUint32_t), + &sramOffset, + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* send context */ + maxLength = ((sizeof(CRYS_OTFUserContext_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_WriteParamater((DxUint32_t)ContextID_ptr , + sizeof(CRYS_OTFUserContext_t), + maxLength, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* end message */ + SEPDriver_EndMessage(sramOffset); + + /* wait for the response */ + Error = SEPDriver_POLL_FOR_REPONSE(); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /*------------------- + start reading message from the SEP + ---------------------*/ + + /* start the message */ + Error = SEPDriver_StartIncomingMessage(&sramOffset); + if(Error) + { + goto end_function_unlock; + } + + /* read opcode + status */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam, + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* check the opcode */ + if(messageParam[0] != DX_SEP_HOST_SEP_PROTOCOL_HOST_OTF_SUSPEND_OPERATION_OP_CODE) + { + Error = DX_WRONG_OPCODE_FROM_SEP_ERR; + goto end_function_unlock; + } + + /* check status */ + if(messageParam[1] != CRYS_OK) + { + Error = messageParam[1]; + goto end_function_unlock; + } + + /* read the context */ + maxLength = ((sizeof(CRYS_OTFUserContext_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_ReadParamater((DxUint32_t)ContextID_ptr, + sizeof(CRYS_OTFUserContext_t), + maxLength, + &sramOffset, + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* ...................... end of function ................................ */ + +end_function_unlock: + + /* lock access to the SEP */ + SEPDriver_Unlock(); + + +end_function: + + return Error; + +#endif /* !CRYS_NO_OTF_SUPPORT */ + +} /* end CRYS_OTF_SuspendOperation function */ + + + +/************************************************************************************************** + * @brief CRYS_OTF_ResumeOperation - This function restart the hw operation stopped by the Rsume operation. + * The function load to the HW the last state stored in the given context + * and continue the operation exactly from the point it stopped in the Suspend function. + * @param[in] OTFContext_ptr - Pointer to the OTF user context. + * + * + * @return CRYSError_t - On success the value CRYS_OK is returned, and on failure - a value from crys_aes_error.h + * + **************************************************************************************************/ +CEXPORT_C CRYSError_t CRYS_OTF_ResumeOperation (CRYS_OTFUserContext_t *ContextID_ptr) +{ + /* The return error identifiers */ + CRYSError_t Error; + + /* offset into SRAM */ + DxUint32_t sramOffset; + + /* read param */ + DxUint32_t messageParam[2]; + + /* max length */ + DxUint32_t maxLength; + + + /*--------------------------- + CODE + --------------------------------*/ + + /* initializing the Error to O.K */ + Error = CRYS_OK; + + +#ifndef CRYS_NO_OTF_SUPPORT + + + /* ............... checking the parameters validity ................... */ + /* -------------------------------------------------------------------- */ + + /* if the users context ID pointer is DX_NULL return an error */ + if( ContextID_ptr == DX_NULL ) + { + Error = CRYS_OTF_INVALID_USER_CONTEXT_POINTER_ERROR; + } + + /* lock access to the SEP */ + Error = SEPDriver_Lock(); + + if(Error != DX_OK) + { + goto end_function; + } + + /*---------------------------- + start sending message to SEP + -----------------------------*/ + sramOffset = 0; + + /* start the message */ + SEPDriver_StartMessage(&sramOffset); + + /* prepare message */ + messageParam[0] = DX_SEP_HOST_SEP_PROTOCOL_HOST_OTF_RESUME_OPERATION_OP_CODE; + + /* send params */ + Error = SEPDriver_WriteParamater((DxUint32_t)messageParam, + sizeof(DxUint32_t), + sizeof(DxUint32_t), + &sramOffset, + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* send context */ + maxLength = ((sizeof(CRYS_OTFUserContext_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_WriteParamater((DxUint32_t)ContextID_ptr , + sizeof(CRYS_OTFUserContext_t), + maxLength, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* end message */ + SEPDriver_EndMessage(sramOffset); + + /* wait for the response */ + Error = SEPDriver_POLL_FOR_REPONSE(); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /*------------------- + start reading message from the SEP + ---------------------*/ + + /* start the message */ + Error = SEPDriver_StartIncomingMessage(&sramOffset); + if(Error) + { + goto end_function_unlock; + } + + /* read opcode + status */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam, + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* check the opcode */ + if(messageParam[0] != DX_SEP_HOST_SEP_PROTOCOL_HOST_OTF_RESUME_OPERATION_OP_CODE) + { + Error = DX_WRONG_OPCODE_FROM_SEP_ERR; + goto end_function_unlock; + } + + /* check status */ + if(messageParam[1] != CRYS_OK) + { + Error = messageParam[1]; + goto end_function_unlock; + } + + /* read the context */ + maxLength = ((sizeof(CRYS_OTFUserContext_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_ReadParamater((DxUint32_t)ContextID_ptr, + sizeof(CRYS_OTFUserContext_t), + maxLength, + &sramOffset, + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* ...................... end of function ................................ */ + +end_function_unlock: + + /* lock access to the SEP */ + SEPDriver_Unlock(); + + +end_function: + + return Error; + +#endif + +} + + +/************************************************************************************************** + * @brief CRYS_OTF_EndOperation - This function stop the hw operation. + * The function read the last data to the user + * + * @param[in] OTFContext_ptr - Pointer to the OTF context. + * + * + * @return CRYSError_t - On success the value CRYS_OK is returned, and on failure - a value from crys_aes_error.h + * + **************************************************************************************************/ +CEXPORT_C CRYSError_t CRYS_OTF_EndOperation(CRYS_OTFUserContext_t* ContextID_ptr, + CRYS_HASH_Result_t HashResultBuff, + CRYS_AES_MAX_MAC_RESULT_t MacResult) +{ + + /* The return error identifiers */ + CRYSError_t Error; + + /* offset into SRAM */ + DxUint32_t sramOffset; + + /* read param */ + DxUint32_t messageParam[2]; + + /* max length */ + DxUint32_t maxLength; + + /*------------------------------ + CODE + --------------------------------*/ + + /* initializing the Error to O.K */ + Error = CRYS_OK; + + + #ifndef CRYS_NO_OTF_SUPPORT + + + /* ............... checking the parameters validity ................... */ + /* -------------------------------------------------------------------- */ + + + /* if the users context ID pointer is DX_NULL return an error */ + if( ContextID_ptr == DX_NULL ) + { + Error = CRYS_OTF_INVALID_USER_CONTEXT_POINTER_ERROR; + } + + + /* lock access to the SEP */ + Error = SEPDriver_Lock(); + + if(Error != DX_OK) + { + goto end_function; + } + + /*---------------------------- + start sending message to SEP + -----------------------------*/ + sramOffset = 0; + + /* start the message */ + SEPDriver_StartMessage(&sramOffset); + + /* prepare message */ + messageParam[0] = DX_SEP_HOST_SEP_PROTOCOL_HOST_OTF_END_OPERATION_OP_CODE; + + /* send params */ + Error = SEPDriver_WriteParamater((DxUint32_t)messageParam, + sizeof(DxUint32_t), + sizeof(DxUint32_t), + &sramOffset, + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* send context */ + maxLength = ((sizeof(CRYS_OTFUserContext_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_WriteParamater((DxUint32_t)ContextID_ptr , + sizeof(CRYS_OTFUserContext_t), + maxLength, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* end message */ + SEPDriver_EndMessage(sramOffset); + + /* wait for the response */ + Error = SEPDriver_POLL_FOR_REPONSE(); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /*------------------- + start reading message from the SEP + ---------------------*/ + + /* start the message */ + Error = SEPDriver_StartIncomingMessage(&sramOffset); + if(Error) + { + goto end_function_unlock; + } + + /* read opcode + status */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam, + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* check the opcode */ + if(messageParam[0] != DX_SEP_HOST_SEP_PROTOCOL_HOST_OTF_END_OPERATION_OP_CODE) + { + Error = DX_WRONG_OPCODE_FROM_SEP_ERR; + goto end_function_unlock; + } + + /* check status */ + if(messageParam[1] != CRYS_OK) + { + Error = messageParam[1]; + goto end_function_unlock; + } + + switch( ((OTFContext_t*)ContextID_ptr->context_buff)->OTFEngCfg) + { + case OTF_DIN_TO_HASH: + case OTF_DIN_TO_HASH_AND_DOUT: + case OTF_DIN_TO_AES_TO_HASH: + case OTF_DIN_TO_AES_AND_HASH_TO_DOUT: + case OTF_DIN_TO_AES_TO_HASH_AND_DOUT: + case OTF_DIN_TO_DES_TO_HASH: + case OTF_DIN_TO_DES_AND_HASH_TO_DOUT: + case OTF_DIN_TO_DES_TO_HASH_AND_DOUT: + /* read the hash result */ + maxLength = ((sizeof(CRYS_HASH_Result_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_ReadParamater((DxUint32_t)HashResultBuff, + sizeof(CRYS_HASH_Result_t), + maxLength, + &sramOffset, + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + break; + + default: + /* read the mac result */ + maxLength = ((sizeof(CRYS_AES_MAX_MAC_RESULT_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_ReadParamater((DxUint32_t)MacResult, + sizeof(CRYS_AES_MAX_MAC_RESULT_t), + maxLength, + &sramOffset, + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + } + + /* ...................... end of function ................................ */ + +end_function_unlock: + + /* lock access to the SEP */ + SEPDriver_Unlock(); + + +end_function: + + return Error; + +#endif /* !CRYS_NO_OTF_SUPPORT */ + +} diff --git a/peripheral/keystore/chaabi/libcc54/crys/crys_self_test.c b/peripheral/keystore/chaabi/libcc54/crys/crys_self_test.c new file mode 100644 index 0000000..305b148 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/crys/crys_self_test.c @@ -0,0 +1,199 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + + /* + * Object %name : % + * State : %state% + * Creation date : Wed Nov 17 17:10:59 2004 + * Last modified : %modify_time% + */ + /** @file + * \brief A brief description of this module + * + * \version PLAT_SystemDep.c#1:csrc:2 + * \author adams + */ + + + +/************* Include Files ****************/ + +#include "CRYS_SELF_TEST.h" +#include "PLAT_SystemDep.h" +#include "CRYS_Defs.h" +#include "DX_VOS_Mem.h" +#include "CRYS_COMMON_error.h" +#include "CRYS_RND.h" +#include "error.h" +#include "crys_host_op_code.h" +#include "SEPDriver.h" + + + +/* canceling the lint warning: + Unusual pointer cast (incompatible indirect types) */ +/*lint --e{785} */ +/*lint --e{740} */ + +/************************ Defines ******************************/ + +/************************ Enums ******************************/ + +/************************ Typedefs ******************************/ + +/************************ Global Data ******************************/ + +/** + * @brief This function executes the CRYS self test. + * + * + * + * @param[in] EnginesSelect - selecting the engines to activate according to the following values: + * + * CRYS_SELF_TEST_AES_BIT + * CRYS_SELF_TEST_DES_BIT + * CRYS_SELF_TEST_HASH_BIT + * CRYS_SELF_TEST_HMAC_BIT + * CRYS_SELF_TEST_RSA_ENCDEC_BIT + * CRYS_SELF_TEST_RND_BIT + * CRYS_SELF_TEST_ALL_BIT + * + * @param[in] EnginesTestResult_ptr - a bit field describing the test results of the engines. + * the bit field is the same as described above. + * on each bit : 0 - test passes , 1 - test failure. + * + * @param[in] TempData_ptr - a temp pointer of a temp buffer required for the self test. + * + * @return CRYSError_t - On success the function returns the value CRYS_OK, + * and on failure a non-ZERO error. + + */ + +CRYSError_t CRYS_SelfTest(DxUint16_t EnginesSelect, + DxUint16_t* EnginesTestResult_ptr, + CRYS_SelfTestData_t* TempData_ptr ) +{ + /* The return error identifier */ + CRYSError_t Error; + + /* offset */ + DxUint32_t sramOffset; + + /* word parameter */ + DxUint32_t messageParam[2]; + + /*--------------------------- + CODE + -----------------------------*/ + + TempData_ptr = TempData_ptr; + + /* initializing the Error to O.K */ + Error = CRYS_OK; + + + /* lock access to the SEP */ + Error = SEPDriver_Lock(); + + if(Error != DX_OK) + { + goto end_function_no_unlock; + } + + /*---------------------------- + start sending message to SEP + -----------------------------*/ + sramOffset = 0; + + /* start the message */ + SEPDriver_StartMessage(&sramOffset); + + /* prepare message */ + messageParam[0] = DX_SEP_HOST_SEP_PROTOCOL_HOST_SELF_TEST_OP_CODE; + messageParam[1] = EnginesSelect; + + /* send message */ + Error = SEPDriver_WriteParamater((DxUint32_t)messageParam, + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + SEPDriver_EndMessage(sramOffset); + + /* wait for the response */ + Error = SEPDriver_POLL_FOR_REPONSE(); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /*------------------- + start reading message from the SEP + ---------------------*/ + + /* start the message */ + Error = SEPDriver_StartIncomingMessage(&sramOffset); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* read opcode + status */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam, + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* check the opcode */ + if(messageParam[0] != DX_SEP_HOST_SEP_PROTOCOL_HOST_SELF_TEST_OP_CODE) + { + Error = DX_WRONG_OPCODE_FROM_SEP_ERR; + goto end_function_unlock; + } + + /* check the status */ + if(messageParam[1] != CRYS_OK) + { + Error = messageParam[1]; + goto end_function_unlock; + } + + /* read test status */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam, + sizeof(DxUint32_t), + sizeof(DxUint32_t), + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + *EnginesTestResult_ptr = (DxUint16_t)messageParam[0]; + + /* ...................... end of function ................................ */ + +end_function_unlock: + + /* lock access to the SEP */ + SEPDriver_Unlock(); + +end_function_no_unlock: + + return Error; +}/* END OF CRYS_SelfTest function */ + + diff --git a/peripheral/keystore/chaabi/libcc54/crys/crys_sst_kg.c b/peripheral/keystore/chaabi/libcc54/crys/crys_sst_kg.c new file mode 100644 index 0000000..20ac535 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/crys/crys_sst_kg.c @@ -0,0 +1,979 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#define DX_PAL_LOG_CUR_COMPONENT DX_LOG_MASK_CRYS_API + + /* + * Object % CRYS_SST_KG.c : % + * State : %state% + * Creation date : Thu Aug 23 11:29:00 2007 + * Last modified : %modify_time% + */ + /** @file + * \brief This file contains the implementation of the Host side of the Host-Sep CRYS_SST key generation operations. + * + * \version CRYS_SST.c#1:incl:13 + * \author arield + */ + +#include "error.h" +#include "crys_aes_error.h" +#include "crys_des_error.h" +/*#include "crys_hmac_error.h" +#include "CRYS_RSA_error.h"*/ +#include "SEPDriver.h" +#include "crys_host_op_code.h" + +#include "CRYS_SST.h" +#include "CRYS_SST_KG.h" +#include "CRYS_SST_error.h" + +#ifdef SST_SEP_SIMULATOR_ENV +#include "crys_sst_native_duplicate_wrapper.h" +#endif +/************************ Defines ******************************/ +#define CRYS_SST_MAX_HMAC_KEY_LEN_IN_BYTES 256 +#define CRYS_SST_RSA_MAX_KEYSIZE_IN_BYTES 256 +/************************ Enums ********************************/ +/************************ Typedefs ****************************/ +/************************ Context Structs *********************/ +/************************ Public Variables *********************/ +/************************ Public Functions *********************/ +/** + * @brief The function creates AES key saves it in the SST and + * return the handle to it. + * + * + * @param[in] TransactionId the opened atransaction for the SST changes. + * + * @param[in] SessionId the opened authenticator SessionId. + * + * @param[in] MasterAuthHandle - the master authenticator that has all of the + * access writes on the new inserted data including + * binding writes to additional authenticators. + * + * @param[in] DataType user depend for internal SST use. + * + * @param[in] KeySize - type of AES key (128,192 or 256 bits). + * + * @param[in/out] KeyHandle_ptr - handle to SST entry.The user can enter an empty handle + * and get a new handle, or enter handle and force the SST to use it + * if possible. + * + * @return CRYSError_t - On success the value CRYS_OK is returned, + * and on failure a value from crys_aes_error.h TBD + */ + +CIMPORT_C CRYSError_t CRYS_SST_KG_AES( DxUint32_t TransactionId, + SSTSessionId_t SessionId, + SSTHandle_t MasterAuthHandle, + SSTDataType_t DataType, + CRYS_AES_KeySize_t KeySize, + SSTHandle_t *KeyHandle_ptr, + DxUint8_t* aWorkspace_ptr, + DxUint32_t aWorkspaceSizeInBytes) +{ + /* The return error identifier */ + CRYSError_t Error; + + /* offset */ + DxUint32_t sramOffset; + + /* read parameter */ + DxUint32_t messageParam[9]; + + /*---------------------- + CODE + ------------------------*/ + /* eliminating compiler warnings: */ + aWorkspace_ptr = aWorkspace_ptr; + aWorkspaceSizeInBytes = aWorkspaceSizeInBytes; + + Error = CRYS_OK; + + #ifndef CRYS_NO_AES_SUPPORT + + if( KeySize >= CRYS_AES_KeySizeNumOfOptions ) + { + Error = CRYS_AES_ILLEGAL_KEY_SIZE_ERROR; + goto end_function; + } + + if (KeyHandle_ptr == DX_NULL) + { + Error = SST_RC_ERROR_INVALID_PARAM; + goto end_function; + } + + /* lock access to the SEP */ + Error = SEPDriver_Lock(); + + if(Error != DX_OK) + { + goto end_function; + } + + /*---------------------------- + start sending message to SEP + -----------------------------*/ + sramOffset = 0; + + /* start the message */ + SEPDriver_StartMessage(&sramOffset); + + /* prepare message */ + messageParam[0] = DX_SEP_HOST_SEP_PROTOCOL_HOST_SST_KG_AES_OP_CODE; + messageParam[1] = TransactionId; + messageParam[2] = SessionId; + messageParam[3] = MasterAuthHandle.objDigest; + messageParam[4] = MasterAuthHandle.objId; + messageParam[5] = DataType; + messageParam[6] = KeySize; + messageParam[7] = KeyHandle_ptr->objDigest; + messageParam[8] = KeyHandle_ptr->objId; + + + /* send params */ + Error = SEPDriver_WriteParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t) * 9, + sizeof(DxUint32_t) * 9, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + SEPDriver_EndMessage(sramOffset); + + /* wait for the response */ + Error = SEPDriver_POLL_FOR_REPONSE(); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /*------------------- + start reading message from the SEP + ---------------------*/ + + /* start the message */ + Error = SEPDriver_StartIncomingMessage(&sramOffset); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* read opcode + status */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* check the opcode */ + if(messageParam[0] != DX_SEP_HOST_SEP_PROTOCOL_HOST_SST_KG_AES_OP_CODE) + { + Error = DX_WRONG_OPCODE_FROM_SEP_ERR; + goto end_function_unlock; + } + + /* check the status */ + if(messageParam[1] != CRYS_OK) + { + Error = messageParam[1]; + goto end_function_unlock; + } + + /* read key handle */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + KeyHandle_ptr->objDigest = messageParam[0]; + KeyHandle_ptr->objId = messageParam[1]; + +end_function_unlock: + + /* unlock access to the SEP */ + SEPDriver_Unlock(); + +end_function: + + return Error; + + #endif /* !CRYS_NO_AES_SUPPORT */ + +}/* END OF CRYS_SST_KG_AES */ + +/** + * @brief The function creates DES key saves it in the SST and + * return the handle to it. + * + * + * @param[in] TransactionId the opened atransaction for the SST changes. + * + * @param[in] SessionId the opened authenticator SessionId. + * + * @param[in] MasterAuthHandle - the master authenticator that has all of the + * access writes on the new inserted data including + * binding writes to additional authenticators. + * + * @param[in] DataType user depand for internal SST use. + * + * @param[in,out] NumOfKeys - type of DES key (DES or 3DES). + * + * @param[in/out] KeyHandle_ptr - handle to SST entry.The user can enter an empty handle + * and get a new handle, or enter handle and force the SST to use it + * if possible. + * + * @return CRYSError_t - On success the value CRYS_OK is returned, + * and on failure a value from crys_aes_error.h TBD + */ + +CIMPORT_C CRYSError_t CRYS_SST_KG_DES( DxUint32_t TransactionId, + SSTSessionId_t SessionId, + SSTHandle_t MasterAuthHandle, + SSTDataType_t DataType, + CRYS_DES_NumOfKeys_t NumOfKeys, + SSTHandle_t *KeyHandle_ptr, + DxUint8_t* aWorkspace_ptr, + DxUint32_t aWorkspaceSizeInBytes) +{ + /* The return error identifier */ + CRYSError_t Error; + + /* offset */ + DxUint32_t sramOffset; + + /* read parameter */ + DxUint32_t messageParam[9]; + + /*---------------------- + CODE + ------------------------*/ + /* eliminating compiler warnings: */ + aWorkspace_ptr = aWorkspace_ptr; + aWorkspaceSizeInBytes = aWorkspaceSizeInBytes; + + Error = CRYS_OK; + + #ifndef CRYS_NO_DES_SUPPORT + + if( NumOfKeys >= CRYS_DES_NumOfKeysOptions ) + { + Error = CRYS_DES_ILLEGAL_NUM_OF_KEYS_ERROR; + goto end_function; + } + + if (KeyHandle_ptr == DX_NULL) + { + Error = SST_RC_ERROR_INVALID_PARAM; + goto end_function; + } + + /* lock access to the SEP */ + Error = SEPDriver_Lock(); + + if(Error != DX_OK) + { + goto end_function; + } + + /*---------------------------- + start sending message to SEP + -----------------------------*/ + sramOffset = 0; + + /* start the message */ + SEPDriver_StartMessage(&sramOffset); + + /* prepare message */ + messageParam[0] = DX_SEP_HOST_SEP_PROTOCOL_HOST_SST_KG_DES_OP_CODE; + messageParam[1] = TransactionId; + messageParam[2] = SessionId; + messageParam[3] = MasterAuthHandle.objDigest; + messageParam[4] = MasterAuthHandle.objId; + messageParam[5] = DataType; + messageParam[6] = NumOfKeys; + messageParam[7] = KeyHandle_ptr->objDigest; + messageParam[8] = KeyHandle_ptr->objId; + + + /* send params */ + Error = SEPDriver_WriteParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t) * 9, + sizeof(DxUint32_t) * 9, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + SEPDriver_EndMessage(sramOffset); + + /* wait for the response */ + Error = SEPDriver_POLL_FOR_REPONSE(); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /*------------------- + start reading message from the SEP + ---------------------*/ + + /* start the message */ + Error = SEPDriver_StartIncomingMessage(&sramOffset); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* read opcode + status */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* check the opcode */ + if(messageParam[0] != DX_SEP_HOST_SEP_PROTOCOL_HOST_SST_KG_DES_OP_CODE) + { + Error = DX_WRONG_OPCODE_FROM_SEP_ERR; + goto end_function_unlock; + } + + /* check the status */ + if(messageParam[1] != CRYS_OK) + { + Error = messageParam[1]; + goto end_function_unlock; + } + + /* read key handle */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + KeyHandle_ptr->objDigest = messageParam[0]; + KeyHandle_ptr->objId = messageParam[1]; + +end_function_unlock: + + /* unlock access to the SEP */ + SEPDriver_Unlock(); + +end_function: + + return Error; + + #endif /* !CRYS_NO_DES_SUPPORT */ + +}/* END OF CRYS_SST_KG_DES */ + + +/** + * @brief The function creates HMAC key saves it in the SST and + * return the handle to it. + * + * + * @param[in] TransactionId the opened transaction for the SST changes. + * + * @param[in] SessionId the opened authenticator SessionId. + * + * @param[in] MasterAuthHandle - the master authenticator that has all of the + * access writes on the new inserted data including + * binding writes to additional authenticators. + * + * @param[in] DataType user depend for internal SST use. + * + * @param[in] KeySize - HMAC key len in bytes. + * + * @param[in/out] KeyHandle_ptr - handle to SST entry.The user can enter an empty handle + * and get a new handle, or enter handle and force the SST to use it + * if possible. + * + * @return CRYSError_t - On success the value CRYS_OK is returned, + * and on failure a value from crys_aes_error.h TDB + */ + +CIMPORT_C CRYSError_t CRYS_SST_KG_HMAC( DxUint32_t TransactionId, + SSTSessionId_t SessionId, + SSTHandle_t MasterAuthHandle, + SSTDataType_t DataType, + DxUint32_t KeySize, + SSTHandle_t *KeyHandle_ptr, + DxUint8_t* aWorkspace_ptr, + DxUint32_t aWorkspaceSizeInBytes) +{ + /* The return error identifier */ + CRYSError_t Error; + + /* offset */ + DxUint32_t sramOffset; + + /* read parameter */ + DxUint32_t messageParam[9]; + + /*---------------------- + CODE + ------------------------*/ + /* eliminating compiler warnings: */ + aWorkspace_ptr = aWorkspace_ptr; + aWorkspaceSizeInBytes = aWorkspaceSizeInBytes; + + Error = CRYS_OK; + + #ifndef CRYS_NO_HASH_SUPPORT + + if( KeySize > CRYS_SST_MAX_HMAC_KEY_LEN_IN_BYTES ) + { + Error = CRYS_SST_MODULE_WRONG_HMAC_KEY_SIZE; + goto end_function; + } + + if (KeyHandle_ptr == DX_NULL) + { + Error = SST_RC_ERROR_INVALID_PARAM; + goto end_function; + } + + /* lock access to the SEP */ + Error = SEPDriver_Lock(); + + if(Error != DX_OK) + { + goto end_function; + } + + /*---------------------------- + start sending message to SEP + -----------------------------*/ + sramOffset = 0; + + /* start the message */ + SEPDriver_StartMessage(&sramOffset); + + /* prepare message */ + messageParam[0] = DX_SEP_HOST_SEP_PROTOCOL_HOST_SST_KG_HMAC_OP_CODE; + messageParam[1] = TransactionId; + messageParam[2] = SessionId; + messageParam[3] = MasterAuthHandle.objDigest; + messageParam[4] = MasterAuthHandle.objId; + messageParam[5] = DataType; + messageParam[6] = KeySize; + messageParam[7] = KeyHandle_ptr->objDigest; + messageParam[8] = KeyHandle_ptr->objId; + + + /* send params */ + Error = SEPDriver_WriteParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t) * 9, + sizeof(DxUint32_t) * 9, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + SEPDriver_EndMessage(sramOffset); + + /* wait for the response */ + Error = SEPDriver_POLL_FOR_REPONSE(); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /*------------------- + start reading message from the SEP + ---------------------*/ + + /* start the message */ + Error = SEPDriver_StartIncomingMessage(&sramOffset); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* read opcode + status */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* check the opcode */ + if(messageParam[0] != DX_SEP_HOST_SEP_PROTOCOL_HOST_SST_KG_HMAC_OP_CODE) + { + Error = DX_WRONG_OPCODE_FROM_SEP_ERR; + goto end_function_unlock; + } + + /* check the status */ + if(messageParam[1] != CRYS_OK) + { + Error = messageParam[1]; + goto end_function_unlock; + } + + /* read key handle */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + KeyHandle_ptr->objDigest = messageParam[0]; + KeyHandle_ptr->objId = messageParam[1]; + +end_function_unlock: + + /* unlock access to the SEP */ + SEPDriver_Unlock(); + +end_function: + + return Error; + + #endif /* !CRYS_NO_HASH_SUPPORT */ + +}/* END OF CRYS_SST_KG_HMAC */ + + +/** + * @brief The function creates RSA key pair saves it in the SST and + * return the handle to it. + * + * + * @param[in] TransactionId the opened atransaction for the SST changes. + * + * @param[in] SessionId the opened authenticator SessionId. + * + * @param[in] MasterAuthHandle - the master authenticator that has all of the + * access writes on the new inserted data including + * binding writes to additional authenticators. + * + * @param[in] DataType user depand for internal SST use. + * + * @param[in/out] KeyHandle_ptr - handle to SST entry.The user can enter an empty handle + * and get a new handle, or enter handle and force the SST to use it + * if possible. + * + * @param[in] PubExp_ptr - public exponent + * + * @param[in] PubExpSizeInBytes - size of public exponent in bytes. + * + * @param[in] KeySize - size of the modulus. + * + * @param[in] KeyGenData_ptr - internal buffer for the key gen operation. + * + * @return CRYSError_t - On success the value CRYS_OK is returned, + * and on failure a value from crys_aes_error.h TBD + */ + +CIMPORT_C CRYSError_t CRYS_SST_RSA_KG_GenerateKeyPair(DxUint32_t TransactionId, + SSTSessionId_t SessionId, + SSTHandle_t MasterAuthHandle, + SSTDataType_t DataType, + SSTHandle_t *KeyHandle_ptr, + DxUint8_t *PubExp_ptr, + DxUint16_t PubExpSizeInBytes, + DxUint32_t KeySize, + CRYS_SST_RSA_keys_and_data_container_t *KeyGenData_ptr) +{ + /* The return error identifier */ + CRYSError_t Error; + + /* offset */ + DxUint32_t sramOffset; + + /* read parameter */ + DxUint32_t messageParam[10]; + + /* max length (padding to words) */ + DxUint32_t maxLength; + + /*---------------------- + CODE + ------------------------*/ + /* eliminating compiler warnings: */ + KeyGenData_ptr = KeyGenData_ptr; + + Error = CRYS_OK; + + #ifndef CRYS_NO_PKI_SUPPORT + + if( (KeySize/8) > CRYS_SST_RSA_MAX_KEYSIZE_IN_BYTES ) + { + Error = CRYS_SST_MODULE_WRONG_RSA_KEY_SIZE; + goto end_function; + } + + if (KeyHandle_ptr == DX_NULL) + { + Error = SST_RC_ERROR_INVALID_PARAM; + goto end_function; + } + + /* lock access to the SEP */ + Error = SEPDriver_Lock(); + + if(Error != DX_OK) + { + goto end_function; + } + + /*---------------------------- + start sending message to SEP + -----------------------------*/ + sramOffset = 0; + + /* start the message */ + SEPDriver_StartMessage(&sramOffset); + + /* prepare message */ + messageParam[0] = DX_SEP_HOST_SEP_PROTOCOL_HOST_SST_KG_RSA_OP_CODE; + messageParam[1] = TransactionId; + messageParam[2] = SessionId; + messageParam[3] = MasterAuthHandle.objDigest; + messageParam[4] = MasterAuthHandle.objId; + messageParam[5] = DataType; + messageParam[6] = KeyHandle_ptr->objDigest; + messageParam[7] = KeyHandle_ptr->objId; + messageParam[8] = PubExpSizeInBytes; + messageParam[9] = KeySize; + + + /* send params */ + + Error = SEPDriver_WriteParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t) * 10, + sizeof(DxUint32_t) * 10, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + + /* send exponent */ + maxLength = ((PubExpSizeInBytes + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_WriteParamater((DxUint32_t)PubExp_ptr , + PubExpSizeInBytes, + maxLength, + &sramOffset , + DX_TRUE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + SEPDriver_EndMessage(sramOffset); + + /* wait for the response */ + Error = SEPDriver_POLL_FOR_REPONSE(); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /*------------------- + start reading message from the SEP + ---------------------*/ + + /* start the message */ + Error = SEPDriver_StartIncomingMessage(&sramOffset); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* read opcode + status */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* check the opcode */ + if(messageParam[0] != DX_SEP_HOST_SEP_PROTOCOL_HOST_SST_KG_RSA_OP_CODE) + { + Error = DX_WRONG_OPCODE_FROM_SEP_ERR; + goto end_function_unlock; + } + + /* check the status */ + if(messageParam[1] != CRYS_OK) + { + Error = messageParam[1]; + goto end_function_unlock; + } + + /* read key handle */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + KeyHandle_ptr->objDigest = messageParam[0]; + KeyHandle_ptr->objId = messageParam[1]; + +end_function_unlock: + + /* unlock access to the SEP */ + SEPDriver_Unlock(); + +end_function: + + return Error; + + #endif /* !CRYS_NO_PKI_SUPPORT */ + +}/* END OF CRYS_SST_RSA_KG_GenerateKeyPair */ + + +/** + * @brief The function creates RSA key pair with CRT format ,saves it in the SST and + * return the handle to it. + * + * + * @param[in] TransactionId the opened atransaction for the SST changes. + * + * @param[in] SessionId the opened authenticator SessionId. + * + * @param[in] MasterAuthHandle - the master authenticator that has all of the + * access writes on the new inserted data including + * binding writes to additional authenticators. + * + * @param[in] DataType user depand for internal SST use. + * + * @param[in/out] KeyHandle_ptr - handle to SST entry.The user can enter an empty handle + * and get a new handle, or enter handle and force the SST to use it + * if possible. + * + * @param[in] PubExp_ptr - public exponent + * + * @param[in] PubExpSizeInBytes - size of public exponent in bytes. + * + * @param[in] KeySize - size of the modulus. + * + * @param[in] KeyGenData_ptr - internal buffer for the key gen operation. + * + * @return CRYSError_t - On success the value CRYS_OK is returned, + * and on failure a value from crys_aes_error.h TBD + */ + +CIMPORT_C CRYSError_t CRYS_SST_RSA_KG_GenerateKeyPairCRT(DxUint32_t TransactionId, + SSTSessionId_t SessionId, + SSTHandle_t MasterAuthHandle, + SSTDataType_t DataType, + SSTHandle_t *KeyHandle_ptr, + DxUint8_t *PubExp_ptr, + DxUint16_t PubExpSizeInBytes, + DxUint32_t KeySize, + CRYS_SST_RSA_keys_and_data_container_t *KeyGenData_ptr) +{ + /* The return error identifier */ + CRYSError_t Error; + + /* offset */ + DxUint32_t sramOffset; + + /* read parameter */ + DxUint32_t messageParam[10]; + + /* max length (padding to words) */ + DxUint32_t maxLength; + + /*---------------------- + CODE + ------------------------*/ + /* eliminating compiler warnings: */ + KeyGenData_ptr = KeyGenData_ptr; + + Error = CRYS_OK; + + #ifndef CRYS_NO_PKI_SUPPORT + + if( (KeySize/8) > CRYS_SST_RSA_MAX_KEYSIZE_IN_BYTES ) + { + Error = CRYS_SST_MODULE_WRONG_RSA_KEY_SIZE; + goto end_function; + } + + if (KeyHandle_ptr == DX_NULL) + { + Error = SST_RC_ERROR_INVALID_PARAM; + goto end_function; + } + + /* lock access to the SEP */ + Error = SEPDriver_Lock(); + + if(Error != DX_OK) + { + goto end_function; + } + + /*---------------------------- + start sending message to SEP + -----------------------------*/ + sramOffset = 0; + + /* start the message */ + SEPDriver_StartMessage(&sramOffset); + + /* prepare message */ + messageParam[0] = DX_SEP_HOST_SEP_PROTOCOL_HOST_SST_KG_RSA_CRT_OP_CODE; + messageParam[1] = TransactionId; + messageParam[2] = SessionId; + messageParam[3] = MasterAuthHandle.objDigest; + messageParam[4] = MasterAuthHandle.objId; + messageParam[5] = DataType; + messageParam[6] = KeyHandle_ptr->objDigest; + messageParam[7] = KeyHandle_ptr->objId; + messageParam[8] = PubExpSizeInBytes; + messageParam[9] = KeySize; + + + /* send params */ + Error = SEPDriver_WriteParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t) * 10, + sizeof(DxUint32_t) * 10, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + + /* send exponent */ + maxLength = ((PubExpSizeInBytes + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_WriteParamater((DxUint32_t)PubExp_ptr , + PubExpSizeInBytes, + maxLength, + &sramOffset , + DX_TRUE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + SEPDriver_EndMessage(sramOffset); + + /* wait for the response */ + Error = SEPDriver_POLL_FOR_REPONSE(); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /*------------------- + start reading message from the SEP + ---------------------*/ + + /* start the message */ + Error = SEPDriver_StartIncomingMessage(&sramOffset); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* read opcode + status */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* check the opcode */ + if(messageParam[0] != DX_SEP_HOST_SEP_PROTOCOL_HOST_SST_KG_RSA_CRT_OP_CODE) + { + Error = DX_WRONG_OPCODE_FROM_SEP_ERR; + goto end_function_unlock; + } + + /* check the status */ + if(messageParam[1] != CRYS_OK) + { + Error = messageParam[1]; + goto end_function_unlock; + } + + /* read key handle */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam , + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + KeyHandle_ptr->objDigest = messageParam[0]; + KeyHandle_ptr->objId = messageParam[1]; + +end_function_unlock: + + /* unlock access to the SEP */ + SEPDriver_Unlock(); + +end_function: + + return Error; + + #endif /* !CRYS_NO_PKI_SUPPORT */ + +}/* END OF CRYS_SST_RSA_KG_GenerateKeyPairCRT */ + diff --git a/peripheral/keystore/chaabi/libcc54/crys/crys_version.c b/peripheral/keystore/chaabi/libcc54/crys/crys_version.c new file mode 100644 index 0000000..425e929 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/crys/crys_version.c @@ -0,0 +1,190 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#define DX_PAL_LOG_CUR_COMPONENT DX_LOG_MASK_CRYS_API + + /* + * Object %CRYS_COMMON_version.c : % + * State : %state% + * Creation date : Mon Nov 22 10:22:57 2004 + * Last modified : %modify_time% + */ + /** @file + * \brief This file containes all of the common variables and function needed to operate + * all of the CRYS functionality. + * + * \version CRYS_COMMON_version.c.#1:csrc:1 + * \author adams + */ + + + +/************* Include Files ****************/ + +/* .................. CRYS level includes ............. */ + +#include "DX_VOS_Mem.h" +#include "CRYS_version.h" +#include "SEPDriver.h" +#include "crys_host_op_code.h" +#include "error.h" + + +/************************ Enums ******************************/ + + +/************************ Typedefs ******************************/ + + +/************************ Global Data ******************************/ + +/************* Private function prototype ****************/ + + +/************************ Public Functions ******************************/ + +/** + * @brief This Api returnes the CRYS version. + * + * The version containes the following: + * + * component string - a string describing the nature of the release. + * release type : 'D' - development , 'A' - alpha (passed to the Q.A) , + * 'B' - beta , 'R' - release , after Q.A testing. + * + * major , minor , sub , internal - the release digits. + * + * each component : CRYS , LLF machines receives this database. + * + * @param[in] version_ptr - a pointer to the version structure. + * + */ + +void CRYS_GetVersion(CRYS_Version_t *version_ptr) +{ + /* offset into SRAM */ + DxUint32_t sramOffset; + + /* read param */ + DxUint32_t messageParam[2]; + + /* max length */ + DxUint32_t maxLength; + + /* error */ + DxError_t Error; + + /*------------------------------ + CODE + ----------------------------------*/ + + /* ............... Check input parameter ................... */ + + if(version_ptr == (CRYS_Version_t *)DX_NULL) + { + return; + } + + /* lock access to the SEP */ + Error = SEPDriver_Lock(); + + if(Error != DX_OK) + { + goto end_function; + } + + /*---------------------------- + start sending message to SEP + -----------------------------*/ + sramOffset = 0; + + /* start the message */ + SEPDriver_StartMessage(&sramOffset); + + /* prepare message */ + messageParam[0] = DX_SEP_HOST_SEP_PROTOCOL_HOST_GET_VERSION_OP_CODE; + + /* send opcode */ + Error = SEPDriver_WriteParamater((DxUint32_t)messageParam, + sizeof(DxUint32_t), + sizeof(DxUint32_t), + &sramOffset, + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* end message */ + SEPDriver_EndMessage(sramOffset); + + /* wait for the response */ + Error = SEPDriver_POLL_FOR_REPONSE(); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /*------------------- + start reading message from the SEP + ---------------------*/ + + /* start the message */ + Error = SEPDriver_StartIncomingMessage(&sramOffset); + if(Error) + { + goto end_function_unlock; + } + + /* read opcode + status */ + Error = SEPDriver_ReadParamater((DxUint32_t)messageParam, + sizeof(DxUint32_t) * 2, + sizeof(DxUint32_t) * 2, + &sramOffset , + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* check the opcode */ + if(messageParam[0] != DX_SEP_HOST_SEP_PROTOCOL_HOST_GET_VERSION_OP_CODE) + { + Error = DX_WRONG_OPCODE_FROM_SEP_ERR; + goto end_function_unlock; + } + + /* check status */ + if(messageParam[1] != DX_OK) + { + Error = messageParam[1]; + goto end_function_unlock; + } + + /* read the version */ + maxLength = ((sizeof(CRYS_Version_t) + 3) / sizeof(DxUint32_t)) * sizeof(DxUint32_t); + Error = SEPDriver_ReadParamater((DxUint32_t)version_ptr, + sizeof(CRYS_Version_t), + maxLength, + &sramOffset, + DX_FALSE); + if(Error != DX_OK) + { + goto end_function_unlock; + } + + /* ...................... end of function ................................ */ + +end_function_unlock: + + /* lock access to the SEP */ + SEPDriver_Unlock(); + +end_function: + + return; +}/* END OF CRYS_GetVersion */ + diff --git a/peripheral/keystore/chaabi/libcc54/disk_enc.c b/peripheral/keystore/chaabi/libcc54/disk_enc.c new file mode 100644 index 0000000..bce694f --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/disk_enc.c @@ -0,0 +1,142 @@ +/******************************************************************* +* (c) Copyright 2013-2016 Intel Corporation. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#include "tee_client_api.h" +#include "dx_cclib.h" +#include <string.h> + +#define DISK_ENC_APPLET_UUID "INTEL DISK ENC01" +#define DISK_ENC_CMD_CREATE_NEW_HMAC_KEY 1 +#define DISK_ENC_CMD_HMAC_IKEY 2 +#define DISK_ENC_CMD_RUN_UNIT_TESTS 3 +#define DISK_ENC_CMD_IMPORT_KEY 4 +#define DISK_ENC_CMD_CREATE_KEY 5 +#define DISK_ENC_CMD_VERIFY_MASTERKEY 6 +#define DISK_ENC_CMD_DO_CRYPTO 7 + +#define MASTERKEY_SIZE 16 + +int32_t tee_create_disk_enc_key(uint8_t* masterkey) +{ + TEEC_Context context; + TEEC_SharedMemory sharedMem; + TEEC_Session session; + TEEC_Operation operation; + static const uint8_t destination[] = DISK_ENC_APPLET_UUID; + TEEC_Result ret; + uint32_t returnOrigin = 0; + + if (NULL == masterkey) + return TEEC_ERROR_NO_DATA; + + ret = DX_CclibInit(); + if (TEEC_SUCCESS != ret ) + return ret; + + ret = TEEC_InitializeContext(NULL, /* default TEE */ + &context); + if (TEEC_SUCCESS != ret ) + goto CclibFini; + + ret = TEEC_OpenSession(&context, + &session, + (TEEC_UUID*)&destination, + TEEC_LOGIN_PUBLIC, + NULL, + NULL, + &returnOrigin); + if (TEEC_SUCCESS != ret ) + goto FinalizeContext; + + sharedMem.buffer = (void *)masterkey; + sharedMem.size = MASTERKEY_SIZE; + sharedMem.flags = TEEC_MEM_INPUT; + + ret = TEEC_RegisterSharedMemory(&context, + &sharedMem); + if (TEEC_SUCCESS != ret ) + goto CloseSession; + + memset(&operation, 0, sizeof(operation)); + TEEC_PARAM_TYPE_SET(operation.paramTypes,0,TEEC_MEMREF_WHOLE); + operation.params[0].memref.parent = &sharedMem; + + ret = TEEC_InvokeCommand(&session, + DISK_ENC_CMD_CREATE_KEY, + &operation, + &returnOrigin); + + TEEC_ReleaseSharedMemory (&sharedMem); +CloseSession: + TEEC_CloseSession (&session); +FinalizeContext: + TEEC_FinalizeContext(&context); +CclibFini: + DX_CclibFini(); + + return ret; +} + +int32_t tee_verify_disk_enc_masterkey(uint8_t* masterkey) +{ + TEEC_Context context; + TEEC_SharedMemory sharedMem; + TEEC_Session session; + TEEC_Operation operation; + static const uint8_t destination[] = DISK_ENC_APPLET_UUID; + TEEC_Result ret; + uint32_t returnOrigin = 0; + + if (NULL == masterkey) + return TEEC_ERROR_NO_DATA; + + ret = DX_CclibInit(); + if (TEEC_SUCCESS != ret ) + return ret; + + ret = TEEC_InitializeContext(NULL, /* default TEE */ + &context); + if (TEEC_SUCCESS != ret ) + goto CclibFini; + + ret = TEEC_OpenSession(&context, + &session, + (TEEC_UUID*)&destination, + TEEC_LOGIN_PUBLIC, + NULL, + NULL, + &returnOrigin); + if (TEEC_SUCCESS != ret ) + goto FinalizeContext; + + sharedMem.buffer = (void *)masterkey; + sharedMem.size = MASTERKEY_SIZE; + sharedMem.flags = TEEC_MEM_INPUT; + + ret = TEEC_RegisterSharedMemory(&context, + &sharedMem); + if (TEEC_SUCCESS != ret ) + goto CloseSession; + + memset(&operation, 0, sizeof(operation)); + TEEC_PARAM_TYPE_SET(operation.paramTypes,0,TEEC_MEMREF_WHOLE); + operation.params[0].memref.parent = &sharedMem; + + ret = TEEC_InvokeCommand(&session, + DISK_ENC_CMD_VERIFY_MASTERKEY, + &operation, + &returnOrigin); + + TEEC_ReleaseSharedMemory (&sharedMem); +CloseSession: + TEEC_CloseSession (&session); +FinalizeContext: + TEEC_FinalizeContext(&context); +CclibFini: + DX_CclibFini(); + + return ret; +} diff --git a/peripheral/keystore/chaabi/libcc54/driver_interface/driver_interface.c b/peripheral/keystore/chaabi/libcc54/driver_interface/driver_interface.c new file mode 100644 index 0000000..b9c4753 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/driver_interface/driver_interface.c @@ -0,0 +1,1315 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#define DX_PAL_LOG_CUR_COMPONENT DX_LOG_MASK_DRIVER_INTERFACE + +#include <fcntl.h> +#include <unistd.h> +#include <stdio.h> +#include <sys/ioctl.h> +#include <string.h> +#include <errno.h> +#include <syslog.h> +#include "dx_pal_types.h" +#include "dx_pal_compiler.h" +#include "driver_interface.h" + +#define DXDI_LOG(level, format,...) syslog(level, "%s: " format, __func__, ##__VA_ARGS__) +#define DXDI_LOG_ON(cond, format, ...) \ + if (cond) DXDI_LOG(format, ##__VA_ARGS__) +#define DXDI_LOG_ERR(format,...) DXDI_LOG(LOG_ERR, format, ##__VA_ARGS__) +#ifdef DEBUG +#define SYSLOG_OPTIONS (LOG_CONS | LOG_NDELAY | LOG_PID | LOG_PERROR) +#define DXDI_LOG_DEBUG(format,...) DXDI_LOG(LOG_DEBUG, format, ##__VA_ARGS__) +#else +#define SYSLOG_OPTIONS (LOG_CONS | LOG_NDELAY | LOG_PID) +#define DXDI_LOG_DEBUG(format,...) do {} while (0) +#endif +#define DXDI_LOG_ERR_ON(cond, format, ...) if (cond) DXDI_LOG_ERR(format, ##__VA_ARGS__) +#define DXDI_LOG_DEBUG_ON(cond, format, ...) if (cond) DXDI_LOG_DEBUG(format, ##__VA_ARGS__) + + +/*** DI state variables ***/ +static int diFileH = -1; +static int rpcFileH = -1; /* Dedicated file handle for SeP RPC - must be on priority 0 */ +static DxUint32_t abiVerMajor; +static DxUint32_t abiVerMinor; + +/*! + * Convert errno to DxDI_RetCode + * + * \param err The errno value + * + * \return DxDI_RetCode + */ +static DxDI_RetCode_t Errno2RetCode(int err, const char* errContext) +{ + DXDI_LOG_DEBUG_ON(err != 0, + "DxDI::%s: %s (%d)\n", errContext, strerror(err), err); + + switch (err) { + case 0: + return DXDI_RET_OK; + case ENODEV: + case ENOENT: + return DXDI_RET_ENODEV; + case ENOTTY: + case ENOSYS: + return DXDI_RET_ENOTSUP; + case EINVAL: + return DXDI_RET_EINVAL; + case EFAULT: + case EPERM: + case EACCES: + return DXDI_RET_ENOPERM; + case ENOMEM: + case EAGAIN: + return DXDI_RET_ENORSC; + case EIO: + return DXDI_RET_EHW; + case EBUG: + return DXDI_RET_EINTERNAL; + default: + return DXDI_RET_EINTERNAL; + } +} + +/*! + * Wrapper for the common IOCTL invocation in DxDI where return code is + * DxDI_RetCode_t (and not some value, e.g., context size) + * + * \param cmdName String to describe IOCTL command for error messages + * \param cmd IOCTL command code + * \param params Pointer to parameters structure (arg) + * \param retCodeSrc Pointer in params where retCode is returned + * \param retCodeDst Pointer where to return returned code + * + * \return DxDI_RetCode_t + */ +static DxDI_RetCode_t doIoctl(int fileH, + const char *cmdName, int cmd, void *params, + uint32_t *errInfoSrc, uint32_t *errInfoDst) +{ + int rc, err; + + if (fileH < 0) return DXDI_RET_ENODEV; + + rc = ioctl(fileH, cmd, params); + if (rc < 0) { + if (rc == -1) + err = errno; /* Record errno */ + else /* Proprietary errors are returned as is in rc */ + err = -rc; + } else { + err = rc; /* supposed to be 0, but just in case not take rc */ + } + + /* Set the additional error info */ + if ((errInfoDst != NULL) && (errInfoSrc != NULL)) + *errInfoDst = *errInfoSrc; + + /* In case of SeP operation, fetch the SeP return code */ + if ((err == 0) && (errInfoDst != NULL)) { + if (*errInfoDst != 0) { + DXDI_LOG_ERR("DxDI::%s: DXDI_RET_ESEP (0x%08X)\n", + cmdName, *errInfoDst); + return DXDI_RET_ESEP; + } + } + + return Errno2RetCode(err, cmdName); +} + +/*! + * Open the given device node + * + * + * \param devPriority Device priority (queue) + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_Open(DxDI_DevPriority_t devPriority) +{ + int errno_save; + DxDI_RetCode_t rc; + char *devName; + + /* Use syslog */ + openlog("DxDI", SYSLOG_OPTIONS, LOG_USER); + + /* Open device file if not already opened */ + if (diFileH >= 0) { /* already opened */ + return DXDI_RET_OK; + } + switch (devPriority) { + case DXDI_PRIO0: + devName = DXDI_DEVNAME_PRIO0; + break; + case DXDI_PRIO1: + devName = DXDI_DEVNAME_PRIO1; + break; + default: + DXDI_LOG_ERR("Invalid device priority: %d\n", devPriority); + return DXDI_RET_EINVAL; + } + + diFileH = open(devName, O_SYNC); + if (diFileH < 0) { + errno_save = errno; /* Save errno of "open" before logging */ + DXDI_LOG_ERR("Failed opening devName=%s (errno=%d)\n", devName, errno_save); + return Errno2RetCode(errno_save, "open"); + } + (void)fcntl(diFileH, F_SETFD, FD_CLOEXEC); + /* Get version info. */ + if (ioctl(diFileH, DXDI_IOC_GET_VER_MAJOR, &abiVerMajor) < 0) { + rc = Errno2RetCode(errno, "GET_VER_MAJOR"); goto OpenErr; + } + if (abiVerMajor != DXDI_VER_MAJOR) { + rc = DXDI_RET_ENOTSUP; goto OpenErr; + } + if (ioctl(diFileH, DXDI_IOC_GET_VER_MINOR, &abiVerMinor) < 0) { + rc = Errno2RetCode(errno, "GET_VER_MINOR"); goto OpenErr; + } + + /* Open a dedicated device file for SeP RPC - if priority is not 0 */ + if (devPriority == DXDI_PRIO0) { + rpcFileH = diFileH; + } else { + rpcFileH = open(DXDI_DEVNAME_PRIO0, O_SYNC); + if (rpcFileH < 0) { + errno_save = errno; /* Save errno of "open" before logging */ + DXDI_LOG_ERR("Failed opening devName=%s (errno=%d)\n", DXDI_DEVNAME_PRIO0, errno_save); + rc = Errno2RetCode(errno_save, "open(rpc)"); + goto OpenErr; + } + (void)fcntl(rpcFileH, F_SETFD, FD_CLOEXEC); + } + return DXDI_RET_OK; + +OpenErr: + close(diFileH); + diFileH = -1; + return rc; +} + +/*! + * Check if the given device node is open + * + * + * \param + * + * \return TRUE/FALSE + */ +uint8_t DxDI_IsOpen(void) +{ + if (diFileH >= 0) /* already opened */ + return 1; + else + return 0; +} + + +/*! + * Close the driver interface (file) + * + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_Close(void) +{ + if (diFileH < 0) return DXDI_RET_ENODEV; + + if (rpcFileH != diFileH) { + close(rpcFileH); + } + rpcFileH = -1; + close(diFileH); + diFileH = -1; + closelog(); + return DXDI_RET_OK; +} + +/*! + * Get ABI version number + * + * \param verMajor Returned major version number + * \param verMinor Returned minor version number + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_GetAbiVersion(uint32_t *verMajor, uint32_t *verMinor) +{ + if (diFileH < 0) return DXDI_RET_ENODEV; + + if (verMajor != NULL) *verMajor = abiVerMajor; + if (verMinor != NULL) *verMinor = abiVerMinor; + return DXDI_RET_OK; +} + +/*! + * Get context size of given symmetric cipher + * + * \param cipherType The queried cipher type + * + * \return uint32_t The context buffer size required + */ +uint32_t DxDI_GetSymCipherCtxSize(enum dxdi_sym_cipher_type cipherType) +{ + struct dxdi_get_sym_cipher_ctx_size_params params; + int err = 0, rc; + + if (diFileH < 0) return 0; + + params.sym_cipher_type = cipherType; + rc = ioctl(diFileH, DXDI_IOC_GET_SYMCIPHER_CTX_SIZE, ¶ms); + if (rc < 0) { + if (rc == -1) + err = errno; /* Record errno */ + else /* Proprietary errors are returned as is in rc */ + err = -rc; + DXDI_LOG_ERR("ioctl failed (rc=%d,errno=%d)\n", rc, errno); + } + + return err ? 0 : params.ctx_size; +} + + +/*! + * Get context size of given MAC algorithm + * + * \param aeType The queries Auth. Enc. algorithm + * + * \return uint32_t The context buffer size required + */ +uint32_t DxDI_GetAuthEncCtxSize(enum dxdi_auth_enc_type aeType) +{ + struct dxdi_get_auth_enc_ctx_size_params params; + int err = 0, rc; + + if (diFileH < 0) return 0; + + params.ae_type = aeType; + rc = ioctl(diFileH, DXDI_IOC_GET_AUTH_ENC_CTX_SIZE, ¶ms); + if (rc < 0) { + if (rc == -1) + err = errno; /* Record errno */ + else /* Proprietary errors are returned as is in rc */ + err = -rc; + DXDI_LOG_ERR("ioctl failed (rc=%d,errno=%d)\n", rc, errno); + } + + return err ? 0 : params.ctx_size; +} + + +/*! + * Get context size of given MAC algorithm + * + * \param macType + * + * \return uint32_t The context buffer size required + */ +uint32_t DxDI_GetMacCtxSize(enum dxdi_mac_type macType) +{ + struct dxdi_get_mac_ctx_size_params params; + int err = 0, rc; + + if (diFileH < 0) return 0; + + params.mac_type = macType; + rc = ioctl(diFileH, DXDI_IOC_GET_MAC_CTX_SIZE, ¶ms); + if (rc < 0) { + if (rc == -1) + err = errno; /* Record errno */ + else /* Proprietary errors are returned as is in rc */ + err = -rc; + DXDI_LOG_ERR("ioctl failed (rc=%d,errno=%d)\n", rc, errno); + } + + + return err ? 0 : params.ctx_size; +} + +/*! + * Get context size of given hash type + * + * \param hashType The queried hash type + * + * \return uint32_t The context buffer size required + */ +uint32_t DxDI_GetHashCtxSize(enum dxdi_hash_type hashType) +{ + struct dxdi_get_mac_ctx_size_params params; + int err = 0, rc; + + if (diFileH < 0) return 0; + + params.mac_type = hashType; + rc = ioctl(diFileH, DXDI_IOC_GET_HASH_CTX_SIZE, ¶ms); + if (rc < 0) { + if (rc == -1) + err = errno; /* Record errno */ + else /* Proprietary errors are returned as is in rc */ + err = -rc; + DXDI_LOG_ERR("ioctl failed (rc=%d,errno=%d)\n", rc, errno); + } + + return err ? 0 : params.ctx_size; +} + +/*! + * Initialize context for given symmetric cipher configuration + * + * \param contextBuf A pointer to a context buffer (phys. contig.) + * \param props The cipher configuration properties + * \param errorInfo Returned SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_SymCipherInit( + uint32_t *contextBuf, + struct dxdi_sym_cipher_props *props, + uint32_t *errorInfo +) +{ + struct dxdi_sym_cipher_init_params params; + + params.context_buf = contextBuf; + memcpy(&(params.props), props, sizeof(struct dxdi_sym_cipher_props)); + + return doIoctl(diFileH, "SYMCIPHER_INIT", DXDI_IOC_SYMCIPHER_INIT, + ¶ms, ¶ms.error_info, errorInfo); +} + +/*! + * Initialize context for Authenticated-Encryption configuration + * + * \param contextBuf A pointer to a context buffer (phys. contig.) + * \param props Auth. Enc. algorithm configuration properties + * \param errorInfo SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_AuthEncInit( + uint32_t *contextBuf, + struct dxdi_auth_enc_props *props, + uint32_t *errorInfo +) +{ + struct dxdi_auth_enc_init_params params; + + params.context_buf = contextBuf; + memcpy(&(params.props), props, sizeof(struct dxdi_auth_enc_props)); + + return doIoctl(diFileH, "AUTH_ENC_INIT", DXDI_IOC_AUTH_ENC_INIT, + ¶ms, ¶ms.error_info, errorInfo); +} + +/*! + * Initialize context for MAC configuration + * + * \param contextBuf A pointer to a context buffer (phys. contig.) + * \param props MAC algorithm configuration properties + * \param errorInfo SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_MacInit( + uint32_t *contextBuf, + struct dxdi_mac_props *props, + uint32_t *errorInfo +) +{ + struct dxdi_mac_init_params params; + + params.context_buf = contextBuf; + memcpy(&(params.props), props, sizeof(struct dxdi_mac_props)); + + return doIoctl(diFileH, "MAC_INIT", DXDI_IOC_MAC_INIT, ¶ms, + ¶ms.error_info, errorInfo); +} + +/*! + * Initialize context for given hash type + * + * \param contextBuf A pointer to a context buffer (phys. contig.) + * \param hashType The hash algorithm type + * \param errorInfo SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_HashInit( + uint32_t *contextBuf, + enum dxdi_hash_type hashType, + uint32_t *errorInfo +) +{ + struct dxdi_hash_init_params params; + + params.context_buf = contextBuf; + params.hash_type = hashType; + + return doIoctl(diFileH, "HASH_INIT", DXDI_IOC_HASH_INIT, ¶ms, + ¶ms.error_info, errorInfo); +} + + +/*! + * Process given data block in given context + * + * \param contextBuf A pointer to a context buffer + * \param dataBlockType Indicator of special data type (primarily Adata@CCM) + * \param dataIn User pointer of input data + * \param dataOut User pointer of output data buffer (when applicable) + * \param dataInSize Size (in octets) of input data + * \param errorInfo SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_ProcessDataBlock( + uint32_t *contextBuf, + enum dxdi_data_block_type dataBlockType, + uint8_t *dataIn, + uint8_t *dataOut, + uint32_t dataInSize, + uint32_t *errorInfo +) +{ + struct dxdi_process_dblk_params params; + + params.context_buf = contextBuf; + params.data_block_type = dataBlockType; + params.data_in = dataIn; + params.data_out = dataOut; + params.data_in_size = dataInSize; + + return doIoctl(diFileH, "PROC_DBLK", DXDI_IOC_PROC_DBLK, ¶ms, + ¶ms.error_info, errorInfo); +} + +/*! + * Sets initial vector + * + * \param contextBuf A pointer to a context buffer + * \param iv_ptr Source IV buffer + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_SetInitialVector( + uint32_t *contextBuf, + uint8_t *iv_ptr) +{ + struct dxdi_aes_iv_params params; + + memcpy(params.iv_ptr, iv_ptr, DXDI_AES_IV_SIZE); + params.context_buf = contextBuf; + + return doIoctl(diFileH, "SET_IV", DXDI_IOC_SET_IV, ¶ms, + NULL, NULL); +} + +/*! + * Gets initial vector + * + * \param contextBuf A pointer to a context buffer + * \param iv_ptr Destination IV buffer + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_GetInitialVector( + uint32_t *contextBuf, + uint8_t *iv_ptr) +{ + struct dxdi_aes_iv_params params; + int rc; + + params.context_buf = contextBuf; + + rc = doIoctl(diFileH, "GET_IV", DXDI_IOC_GET_IV, ¶ms, + NULL, NULL); + + if (rc == DXDI_RET_OK) + memcpy(iv_ptr, params.iv_ptr, DXDI_AES_IV_SIZE); + + return rc; +} + +/*! + * Process last data block of processed stream and release resources + * associated with given context. + * Input data may be NULL in most symmetric-crypto algorithm. In that + * case this function only deals with releasing resources. + * + * \param contextBuf A pointer to a context buffer + * \param dataIn User pointer of input data + * \param dataOut User pointer of output data buffer (when applicable) + * \param dataInSize Size (in octets) of input data + * \param digestOrMac Pointer for returning digest (hash) or MAC data. + * \param digestOrMacSize Pointer for returning digest/MAC size (in octets) + * \param errorInfo SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_ProcessLastDataBlock( + uint32_t *contextBuf, + uint8_t *dataIn, + uint8_t *dataOut, + uint32_t dataInSize, + uint8_t *digestOrMac, + uint8_t *digestOrMacSize, + uint32_t *errorInfo +) +{ + struct dxdi_fin_process_params params; + DxDI_RetCode_t rc; + + params.context_buf = contextBuf; + params.data_in = dataIn; + params.data_out = dataOut; + params.data_in_size = dataInSize; + + rc = doIoctl(diFileH, "FIN_PROC", DXDI_IOC_FIN_PROC, ¶ms, + ¶ms.error_info, errorInfo); + if (rc == DXDI_RET_OK) { + /* Successful SeP operation: Get results */ + if (digestOrMacSize != NULL) + *digestOrMacSize = params.digest_or_mac_size; + if ((params.digest_or_mac_size > 0) && (digestOrMacSize != NULL)) /* Get digest/MAC results */ + memcpy(digestOrMac, &(params.digest_or_mac), *digestOrMacSize); + } + + return rc; +} + +/*! + * Process data with given symmetric-cipher configuration (init.+proc.+fin.) + * + * \param contextBuf A pointer to a context buffer (phys. contig.) + * \param props The cipher configuration properties + * \param dataIn User pointer of input data + * \param dataOut User pointer of output data buffer (when applicable) + * \param dataInSize Size (in octets) of input data + * \param errorInfo Returned SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_SymCipherProcess( + uint32_t *contextBuf, + struct dxdi_sym_cipher_props *props, + uint8_t *dataIn, + uint8_t *dataOut, + uint32_t dataInSize, + uint32_t *errorInfo +) +{ + struct dxdi_sym_cipher_proc_params params; + + params.context_buf = contextBuf; + memcpy(&(params.props), props, sizeof(struct dxdi_sym_cipher_props)); + params.data_in = dataIn; + params.data_out = dataOut; + params.data_in_size = dataInSize; + return doIoctl(diFileH, "SYMCIPHER_PROC", DXDI_IOC_SYMCIPHER_PROC, + ¶ms, ¶ms.error_info, errorInfo); +} + +/*! + * Process data with given Authenticated-Encryption configuration + * (init.+proc.+fin.) + * + * \param contextBuf A pointer to a context buffer (phys. contig.) + * \param props Auth. Enc. algorithm configuration properties + * \param aData User pointer of additional/associated data (aDataSize octets) + * \param textDataIn User pointer of input text data (textSize octets) + * \param dataOut User pointer of output data buffer + * \param tag The returned calculated authentication Tag/MAC (T) + * \param errorInfo SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_AuthEncProcess( + uint32_t *contextBuf, + struct dxdi_auth_enc_props *props, + uint8_t *aData, + uint8_t *textDataIn, + uint8_t *dataOut, + uint8_t *tag, + uint32_t *errorInfo +) +{ + struct dxdi_auth_enc_proc_params params; + DxDI_RetCode_t rc; + + params.context_buf = contextBuf; + memcpy(&(params.props), props, sizeof(struct dxdi_auth_enc_props)); + params.adata = aData; + params.text_data = textDataIn; + params.data_out = dataOut; + rc = doIoctl(diFileH, "SYM_AUTH_ENC_PROC", DXDI_IOC_AUTH_ENC_PROC, + ¶ms, ¶ms.error_info, errorInfo); + + if (rc == DXDI_RET_OK) { + /* Successful SeP operation: Get results */ + memcpy(tag, params.tag, props->tag_size); + } + + return rc; +} + +/*! + * Process data with given MAC configuration (init.+proc.+fin.) + * + * \param contextBuf A pointer to a context buffer (phys. contig.) + * \param props MAC algorithm configuration properties + * \param dataIn User pointer of input data + * \param dataInSize Size (in octets) of input data + * \param mac User pointer to return MAC into (of required MAC size) + * \param errorInfo SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_MacProcess( + uint32_t *contextBuf, + struct dxdi_mac_props *props, + uint8_t *dataIn, + uint32_t dataInSize, + uint8_t *mac, + uint32_t *errorInfo +) +{ + struct dxdi_mac_proc_params params; + DxDI_RetCode_t rc; + + if ((props == NULL) || (mac == NULL)) { + DXDI_LOG_ERR("DxDI_MacProcess: props/mac parameter missing\n"); + return DXDI_RET_EINVAL; + } + + params.context_buf = contextBuf; + memcpy(&(params.props), props, sizeof(struct dxdi_mac_props)); + params.data_in = dataIn; + params.data_in_size = dataInSize; + + rc = doIoctl(diFileH, "MAC_PROC", DXDI_IOC_MAC_PROC, ¶ms, + ¶ms.error_info, errorInfo); + + if (rc == DXDI_RET_OK) { + /* Successful SeP operation: Get results */ + if ((params.mac_size > 0) && + (params.mac_size <= DXDI_DIGEST_SIZE_MAX)) { + memcpy(mac, &(params.mac), params.mac_size); + DXDI_LOG_DEBUG("MAC size is %d B!\n", params.mac_size); + } else { + DXDI_LOG_ERR("Invalid MAC size %d B!\n", params.mac_size); + return DXDI_RET_EINTERNAL; + } + } + + return rc; +} + +/*! + * Process data with given hash type (init.+proc.+fin.) + * + * \param contextBuf A pointer to a context buffer (phys. contig.) + * \param HashType The hash algorithm type + * \param dataIn User pointer of input data + * \param dataInSize Size (in octets) of input data + * \param digest User pointer to return digest into (of required digest size) + * \param errorInfo SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_HashProcess( + uint32_t *contextBuf, + enum dxdi_hash_type hashType, + uint8_t *dataIn, + uint32_t dataInSize, + uint8_t *digest, + uint32_t *errorInfo +) +{ + struct dxdi_hash_proc_params params; + DxDI_RetCode_t rc; + + if (digest == NULL) { + DXDI_LOG_ERR("DxDI_HashProcess: digest parameter missing\n"); + return DXDI_RET_EINVAL; + } + + params.context_buf = contextBuf; + params.hash_type = hashType; + params.data_in = dataIn; + params.data_in_size = dataInSize; + + rc = doIoctl(diFileH, "HASH_PROC", DXDI_IOC_HASH_PROC, ¶ms, + ¶ms.error_info, errorInfo); + if (rc == DXDI_RET_OK) { + /* Successful SeP operation: Get results */ + if ((params.digest_size > 0) && + (params.digest_size <= DXDI_DIGEST_SIZE_MAX)) { + memcpy(digest, &(params.digest), params.digest_size); + DXDI_LOG_DEBUG("Digest size is %d B\n", params.digest_size); + } else { + DXDI_LOG_ERR("Invalid digest size %d B!\n", params.digest_size); + return DXDI_RET_EINTERNAL; + } + } + + return rc; +} + + +/************************************************************************/ +/*** COMBINED MODE PROCESSING **/ +/************************************************************************/ + +/*! + * Initialization of Combined mode according to given configuration + * + * \param props The cipher configuration properties + * \param errorInfo Returned SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_CombinedInit( + struct dxdi_combined_props *props, + uint32_t *errorInfo +) +{ + struct dxdi_combined_init_params params; + + memcpy(&(params.props), props, sizeof(struct dxdi_combined_props)); + + return doIoctl(diFileH, "COMBINED_INIT", DXDI_IOC_COMBINED_INIT, + ¶ms, ¶ms.error_info, errorInfo); +} + + +/*! + * Process given data block in Combined mode according to configuration. + * + * \param props The cipher configuration properties + * \param dataIn User pointer of input data + * \param dataOut User pointer of output data buffer (when applicable) + * \param dataInSize Size (in octets) of input data + * \param errorInfo SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_CombinedProcessDblk( + struct dxdi_combined_props *props, + uint8_t *pDataIn, + uint32_t dataInSize, + uint8_t *pDataOut, + uint32_t *errorInfo +) +{ + struct dxdi_combined_proc_dblk_params params; + + params.data_in = pDataIn; + params.data_out = pDataOut; + params.data_in_size = dataInSize; + + memcpy(&(params.props), props, sizeof(struct dxdi_combined_props)); + + return doIoctl(diFileH, "COMBINED_PROC_DBLK", DXDI_IOC_COMBINED_PROC_DBLK, ¶ms, + ¶ms.error_info, errorInfo); +} + +/*! + * Finalize processing of last data with given Combined mode configuration + * + * \param props The cipher configuration properties + * \param pDataIn User pointer of input data + * \param pDataOut User pointer of output data buffer (when applicable) + * \param dataInSize Size (in octets) of input data + * \param macOrDigest User pointer to return MAC or HASH (size according to used + * MAC or HASH) + * \param macOrDigestSize A pointer to size (in octets) of MAC or HASH output + * \param errorInfo SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_CombinedFinalize( + struct dxdi_combined_props *props, + uint8_t *pDataIn, + uint32_t dataInSize, + uint8_t *pDataOut, + uint8_t *pAuthData, + uint32_t *pAuthDataSize, + uint32_t *errorInfo +) +{ + struct dxdi_combined_proc_params params; + DxDI_RetCode_t rc; + + params.data_in = pDataIn; + params.data_out = pDataOut; + params.data_in_size = dataInSize; + params.auth_data_size = *pAuthDataSize; + + memcpy(&(params.props), props, sizeof(struct dxdi_combined_props)); + + rc = doIoctl(diFileH, "COMBINED_FIN", DXDI_IOC_COMBINED_PROC_FIN, ¶ms, + ¶ms.error_info, errorInfo); + + if (rc == DXDI_RET_OK && pAuthData != 0) { + /* Successful SeP operation: Get results */ + if ((*pAuthDataSize > 0) && + (params.auth_data_size <= DXDI_DIGEST_SIZE_MAX) && + (params.auth_data_size <= *pAuthDataSize)) { + memcpy(pAuthData, params.auth_data, params.auth_data_size); + DXDI_LOG_DEBUG("MAC/HASH size is %d B\n", params.auth_data_size); + *pAuthDataSize = params.auth_data_size; + } else { + DXDI_LOG_ERR("Invalid MAC/HASH size %d B!\n", params.auth_data_size); + *pAuthDataSize = params.auth_data_size; + return DXDI_RET_EINTERNAL; + } + } + + return rc; +} + +/*! + * Pprocesses the data with given Combined mode configuration as one integrated + * operation (init+fin.) + * + * \param props The cipher configuration properties + * \param combined configuration properties + * \param pDataIn User pointer of input data + * \param pDataOut User pointer of output data buffer (when applicable) + * \param dataInSize Size (in octets) of input data + * \param pAuthData User pointer to return Authentication data (size according + * to used MAC or HASH) + * \param pAuthDataSize A pointer to size (in octets) of Authentication data + * output + * \param errorInfo SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_Combined( + struct dxdi_combined_props *props, + uint8_t *pDataIn, + uint32_t dataInSize, + uint8_t *pDataOut, + uint8_t *pAuthData, + uint32_t *pAuthDataSize, + uint32_t *errorInfo +) +{ + struct dxdi_combined_proc_params params; + DxDI_RetCode_t rc; + + params.data_in = pDataIn; + params.data_out = pDataOut; + params.data_in_size = dataInSize; + params.auth_data_size = *pAuthDataSize; + + memcpy(&(params.props), props, sizeof(struct dxdi_combined_props)); + + rc = doIoctl(diFileH, "COMBINED", DXDI_IOC_COMBINED_PROC, ¶ms, + ¶ms.error_info, errorInfo); + + if (rc == DXDI_RET_OK && pAuthData != 0) { + /* Successful SeP operation: Get results */ + if ((*pAuthDataSize > 0) && + (params.auth_data_size <= DXDI_DIGEST_SIZE_MAX) && + (params.auth_data_size <= *pAuthDataSize)) { + memcpy(pAuthData, params.auth_data, params.auth_data_size); + DXDI_LOG_DEBUG("MAC/HASH size is %d B\n", params.auth_data_size); + *pAuthDataSize = params.auth_data_size; + } else { + DXDI_LOG_ERR("Invalid MAC/HASH size %d B!\n", params.auth_data_size); + *pAuthDataSize = params.auth_data_size; + return DXDI_RET_EINTERNAL; + } + } + + return rc; +} + + +/*! + * Invoke SeP RPC + * + * \param agentId SeP RPC agent (API) ID + * \param funcId Function ID + * \param memRefs Array of user memory references to be mapped for DMA by the host driver + * \param rpcParamsSize Size of rpcParams + * \param rpcParams The RPC parameters structure (function specific) + * \param Return code from SeP (Given in the SW descriptor from RPC infrastructure) + * + * \return DxDI_RetCode_t + */ +DxDI_RetCode_t DxDI_SepRpcCall( + seprpc_agent_id_t agentId, + seprpc_func_id_t funcId, + struct dxdi_memref *memRefs, + unsigned long rpcParamsSize, + struct seprpc_params *rpcParams, + seprpc_retcode_t *errorInfo +) +{ + struct dxdi_sep_rpc_params params; + const unsigned int numOfMemRefs = le32_to_cpu(rpcParams->num_of_memrefs); + + if (numOfMemRefs > SEP_RPC_MAX_MEMREF_PER_FUNC) + return DXDI_RET_EINVAL; + + params.agent_id = agentId; + params.func_id = funcId; + if (numOfMemRefs > 0) + memcpy(&(params.mem_refs), memRefs, sizeof(struct dxdi_memref) * numOfMemRefs); + params.rpc_params_size = rpcParamsSize; + params.rpc_params = rpcParams; + + return doIoctl(rpcFileH, "SEP_RPC", DXDI_IOC_SEP_RPC, + ¶ms, ¶ms.error_info, errorInfo); +} + +/*! + * Get the file handle of the given SeP Applet context + * + * \param contextP + * + * \return int The file handle (-1 on error) + */ +static inline int GetSepAppContextFile(DxDI_SepAppContext_t *contextP) +{ + if (contextP == NULL) { + return -1; + } + return *((int*)contextP); +} + +/*! + * Register a user memory buffer for future DMA operations + * + * \param contextP Associated SeP Applet context or NULL if to be used for SeP RPC + * \param memRef The memory buffer to register + * \param memRefIdP The returned registered memory reference ID + * + * \return DxDI_RetCode_t + */ +DxDI_RetCode_t DxDI_RegisterMemForDma( + DxDI_SepAppContext_t *contextP, + struct dxdi_memref *memRef, + dxdi_memref_id_t *memRefIdP +) +{ + DxDI_RetCode_t rc; + int devFileH; + struct dxdi_register_mem4dma_params params; + + if ((contextP == NULL) || (memRefIdP == NULL) || (memRef == NULL)) { + DXDI_LOG_ERR("Got NULL pointers for parameters\n"); + return DXDI_RET_EINVAL; + } + + devFileH = GetSepAppContextFile(contextP); + if (devFileH < 0) { /* Default if no context is provided - RPC use */ + devFileH = rpcFileH; + } + + /* copy input parameter */ + memcpy(¶ms.memref, memRef, sizeof(struct dxdi_memref)); + + rc = doIoctl(devFileH, "REGISTER_MEM4DMA", DXDI_IOC_REGISTER_MEM4DMA, ¶ms, NULL, NULL); + + *memRefIdP = params.memref_id; + return rc; +} + +/*! + * Allocate DMA coherent memory + * + * \param contextP Associated SeP Applet context or NULL if to be used for SeP RPC + * \param size Size in bytes of request memory buffer + * \param memMapAddrP Returned pointer to mapping of allocated memory in this process address space + * \param memRefIdP The returned registered memory reference ID + * + * \return DxDI_RetCode_t + */ +DxDI_RetCode_t DxDI_AllocMemForDma( + DxDI_SepAppContext_t *contextP, + unsigned long size, + void **memMapAddrP, + dxdi_memref_id_t *memRefIdP +) +{ + return DXDI_RET_ENOTSUP; /* Not supported, yet */ +} + +/*! + * Free registered user memory resources (deregister). + * + * \param contextP Associated SeP Applet context or NULL if to be used for SeP RPC + * \param memRefId The registered memory reference ID + * + * \return DxDI_RetCode_t + */ +DxDI_RetCode_t DxDI_FreeMemForDma( + DxDI_SepAppContext_t *contextP, + dxdi_memref_id_t memRefId +) +{ + int devFileH; + DxDI_RetCode_t rc; + struct dxdi_free_mem4dma_params params; + + devFileH = GetSepAppContextFile(contextP); + if (devFileH < 0) { /* Default if no context is provided - RPC use */ + devFileH = rpcFileH; + } + + /* copy input parameter */ + params.memref_id = memRefId; + + rc = doIoctl(devFileH, "FREE_MEM4DMA", DXDI_IOC_FREE_MEM4DMA, ¶ms, NULL, NULL); + + return rc; +} + +/*! + * Allocate a context for SeP Applet communication + * + * \param contextP A reference to a context container buffer (to be initialized with context info.) + * + * \return DxDI_RetCode_t + */ +DxDI_RetCode_t DxDI_SepAppContextAlloc(const char *name, DxDI_SepAppContext_t *contextP) +{ + int newFileH; + int errno_save; + + if (contextP == NULL) { + DXDI_LOG_ERR_ON(contextP == NULL, "Invoked with contextP=NULL\n"); + return DXDI_RET_EINVAL; + } + + /* SeP Applet operations are always processed in SW queue #0 */ + if (name == NULL) + newFileH = open(DXDI_DEVNAME_PRIO0, O_SYNC); + else + newFileH = open(name, O_SYNC); + + if (newFileH < 0) { + errno_save = errno; /* Save errno of "open" before logging */ + DXDI_LOG_ERR("Failed opening devName=%s (errno=%d)\n", DXDI_DEVNAME_PRIO0, errno_save); + return Errno2RetCode(errno_save, "open"); + } + (void)fcntl(newFileH, F_SETFD, FD_CLOEXEC); + + /* Save file handle in the context container */ + *((int*)contextP) = newFileH; + return DXDI_RET_OK; +} + +/*! + * Free resources associated with given SeP Applet communication context + * + * \param contextP A reference to a context data buffer initialized with DxDI_SepAppContextAlloc + */ +void DxDI_SepAppContextFree(DxDI_SepAppContext_t *contextP) +{ + int contextFileH = GetSepAppContextFile(contextP); + + if (contextFileH < 0) { + DXDI_LOG_ERR("Invoked for closed file."); + } else { + close(contextFileH); + *((int*)contextP) = -1; + } +} + +/*! + * Copy "by value" output parameters from IOCTL arg buffer back to user buffer + * + * \param ioctl The IOCTL copy of the parameters + * \param user The user copy of the parameters + */ +static void copyBackAppValParams(struct dxdi_sepapp_params *ioctl, struct dxdi_sepapp_params *user) +{ + int i; + + for (i = 0; i < SEP_APP_PARAMS_MAX; i++) { + if ((user->params_types[i] == DXDI_SEPAPP_PARAM_VAL) && + (user->params[i].val.copy_dir & DXDI_DATA_FROM_DEVICE)) { + user->params[i].val.data[0] = ioctl->params[i].val.data[0]; + user->params[i].val.data[1] = ioctl->params[i].val.data[1]; + } + } +} + +/*! + * Open a session with selected Applet + * + * \param contextP A reference to a context data buffer initialized with DxDI_SepAppContextAlloc + * \param appletUuid Unique Applet ID + * \param authMethod Session connection authentication method. + * Any value with bit 31 cleared must one of DXDI_SEPAPP_AUTH_* constants. + * Any value with bit 31 set is Applet-specific method with optional parameters in sepAppAuthData + * \param authData A pointer to optional authentication parameter in case of authMethod from DXDI_SEPAPP_AUTH_*. + * \param sepAppAuthData A set of SeP Applet parameters for Applet specific connection data (optional). + * \param sessionIdP The returned new session ID (handle) + * \param sepRetOrigin Encoding of the source of the errorInfo in case of error. + * \param errorInfo Indication of error event in SeP. 0 on success. + * + * \return DxDI_RetCode_t DI return/error code + */ +DxDI_RetCode_t DxDI_SepAppSessionOpen( + DxDI_SepAppContext_t *contextP, + dxdi_sepapp_uuid_t *appletUuid, + uint32_t authMethod, + void *authData, + struct dxdi_sepapp_params *sepAppAuthData, + dxdi_sepapp_session_id_t *sessionIdP, + enum dxdi_sep_module *sepRetOrigin, + uint32_t *errorInfo +) +{ + int contextFileH = GetSepAppContextFile(contextP); + DxDI_RetCode_t rc; + struct dxdi_sepapp_session_open_params params; + + if (contextFileH < 0) { + DXDI_LOG_ERR("Invalid contextP\n"); + return DXDI_RET_EINVAL; + } + /* Check NULL pointers */ + if ((contextP == NULL) || (appletUuid == NULL) || (sessionIdP == NULL) || (errorInfo == NULL)) { + DXDI_LOG_ERR("Got NULL pointers for required parameters\n"); + return DXDI_RET_EINVAL; + } + if (!(authMethod & DXDI_SEPAPP_AUTH_METHOD_PRIV_MASK)) { + /* Handle non-private authentication methods */ + /* Currently only "PUBLIC" method is supported (nothing to do...) */ + if (authMethod != DXDI_SEPAPP_AUTH_METHOD_PUBLIC) + DXDI_LOG_ERR("Authentication method 0x%08X is not supported.\n", + authMethod); + } + + if (sepAppAuthData != NULL) { + /* Verify that given memory references are */ + memcpy(¶ms.app_auth_data, sepAppAuthData, sizeof(struct dxdi_sepapp_params)); + } else {/* Make all user parametes to be NULL */ + memset(¶ms.app_auth_data, 0, sizeof(struct dxdi_sepapp_params)); + } + + memcpy(¶ms.app_uuid, appletUuid, sizeof(dxdi_sepapp_uuid_t)); + params.auth_method = authMethod; + /* Ignore auth_data - infrastructure-aware auth. methods are not supported, yet */ + params.sep_ret_origin = DXDI_SEP_MODULE_HOST_DRIVER; /* default if driver does not change */ + + rc = doIoctl(contextFileH, "SEPAPP_SESSION_OPEN", DXDI_IOC_SEPAPP_SESSION_OPEN, + ¶ms, ¶ms.error_info, errorInfo); + + if (rc == DXDI_RET_OK) + /* Save new session info. */ + *sessionIdP = params.session_id; + else + *sessionIdP = DXDI_SEPAPP_SESSION_INVALID; + + if ((rc == DXDI_RET_OK) || + ((rc == DXDI_RET_ESEP) && (params.sep_ret_origin == DXDI_SEP_MODULE_APP))) { + /* Success or failure in Applet layer */ + if (sepAppAuthData != NULL) /* copy back output values */ + copyBackAppValParams(¶ms.app_auth_data, sepAppAuthData); + if (sepRetOrigin != NULL) + *sepRetOrigin = DXDI_SEP_MODULE_APP; + + } else { /* Driver Failure or SeP failure not in the Applet layer */ + if (sepRetOrigin != NULL) + *sepRetOrigin = params.sep_ret_origin; + } + + return rc; +} + +/*! + * Close a session with an Applet + * + * \param contextP A reference to a context data buffer initialized with DxDI_SepAppContextAlloc + * \param sessionId A session ID as return from DxDI_SepAppSessionOpen + * + * \return DxDI_RetCode_t + */ +DxDI_RetCode_t DxDI_SepAppSessionClose( + DxDI_SepAppContext_t *contextP, + dxdi_sepapp_session_id_t sessionId) +{ + int contextFileH = GetSepAppContextFile(contextP); + DxDI_RetCode_t rc; + struct dxdi_sepapp_session_close_params params; + + if (contextFileH < 0) { /* This denotes closed session */ + DXDI_LOG_ERR("Given session is not opened!\n"); + return DXDI_RET_EINVAL; + } + + params.session_id = sessionId; + rc = doIoctl(contextFileH, "SEPAPP_SESSION_CLOSE", DXDI_IOC_SEPAPP_SESSION_CLOSE, + ¶ms, NULL, NULL); + + return rc; +} + +/*! + * Dispatch a command to a SeP Applet over given session + * + * \param contextP A reference to a context data buffer initialized with DxDI_SepAppContextAlloc + * \param sessionId A session ID as return from DxDI_SepAppSessionOpen + * \param commandId An applet specific command ID + * \param commandParams Parameters for given command + * \param sepRetOrigin Encoding of the source of the errorInfo in case of error. + * \param errorInfo Indication of error event in SeP. 0 on success. + * + * \return DxDI_RetCode_t + */ +DxDI_RetCode_t DxDI_SepAppCommandInvoke( + DxDI_SepAppContext_t *contextP, + dxdi_sepapp_session_id_t sessionId, + uint32_t commandId, + struct dxdi_sepapp_params *commandParams, + enum dxdi_sep_module *sepRetOrigin, + uint32_t *errorInfo) +{ + int contextFileH = GetSepAppContextFile(contextP); + DxDI_RetCode_t rc; + struct dxdi_sepapp_command_invoke_params params; + + if (contextFileH < 0) { /* This denotes closed session */ + DXDI_LOG_ERR("Given session is not opened!\n"); + return DXDI_RET_EINVAL; + } + + params.session_id = sessionId; + params.command_id = commandId; + if (commandParams != NULL) + memcpy(¶ms.command_params, commandParams, sizeof(struct dxdi_sepapp_params)); + else /* NULLify all user parameters */ + memset(¶ms.command_params, 0, sizeof(struct dxdi_sepapp_params)); + params.sep_ret_origin = DXDI_SEP_MODULE_HOST_DRIVER; /* default if driver does not change */ + rc = doIoctl(contextFileH, "SEPAPP_COMMAND_INVOKE", DXDI_IOC_SEPAPP_COMMAND_INVOKE, + ¶ms, ¶ms.error_info, errorInfo); + + if ((rc == DXDI_RET_OK) || + ((rc == DXDI_RET_ESEP) && (params.sep_ret_origin == DXDI_SEP_MODULE_APP))) { + /* Success or failure in Applet layer */ + if (commandParams != NULL) /* copy back output values */ + copyBackAppValParams(¶ms.command_params, commandParams); + if (sepRetOrigin != NULL) + *sepRetOrigin = DXDI_SEP_MODULE_APP; + } else { /* Driver Failure or SeP failure not in the Applet layer */ + if (sepRetOrigin != NULL) + *sepRetOrigin = params.sep_ret_origin; + } + + return rc; +} + diff --git a/peripheral/keystore/chaabi/libcc54/driver_interface/driver_interface.h b/peripheral/keystore/chaabi/libcc54/driver_interface/driver_interface.h new file mode 100644 index 0000000..5449005 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/driver_interface/driver_interface.h @@ -0,0 +1,581 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef __DRIVER_INTERFACE_H__ +#define __DRIVER_INTERFACE_H__ + +#include <stdint.h> +#include "dx_pal_types.h" +/* For unknown reason in user space (usr/include/asm/ioctl.h) the macro + _IOWR is named _IORW. In order to use kernel ABI IOCTL defs. we map + the kernel space macro to the user space name */ +#define _IORW _IOWR +#include "dx_driver_abi.h" +#include "sep_rpc.h" + +/* SeP driver device file names (per priority) */ +#define DXDI_DEVNAME_PRIO0 "/dev/dx_sep_q0" +#define DXDI_DEVNAME_PRIO1 "/dev/dx_sep_q1" + +#define DXDI_SEPAPP_AUTH_METHOD_PUBLIC 0 /* Public/Free access.. */ +/* SeP Applet private authentication method (ignored by the driver and auth_data is invalid) */ +#define DXDI_SEPAPP_AUTH_METHOD_PRIV_BIT 31 +#define DXDI_SEPAPP_AUTH_METHOD_PRIV_MASK (1UL << DXDI_SEPAPP_AUTH_METHOD_PRIV_BIT) + + +typedef enum { + DXDI_RET_OK = 0, + DXDI_RET_ENODEV, /* Device not opened or does not exist */ + DXDI_RET_EINTERNAL, /* Internal driver error (check system log) */ + DXDI_RET_ENOTSUP, /* Unsupported function/option */ + DXDI_RET_ENOPERM, /* Not enough permissions for request */ + DXDI_RET_EINVAL, /* Invalid parameters */ + DXDI_RET_ENORSC, /* No resources available (e.g., memory) */ + DXDI_RET_ESEP, /* SeP operation error (see SeP error code) */ + DXDI_RET_EHW, /* HW level error (e.g., Operation timeout) */ + DXDI_RESERVE32B = INT32_MAX +} DxDI_RetCode_t; + +typedef enum { + DXDI_PRIO_MIN = 0, + DXDI_PRIO0 = DXDI_PRIO_MIN, + DXDI_PRIO1, + DXDI_PRIO_MAX = DXDI_PRIO1 +} DxDI_DevPriority_t; + +/* In current implementation this holds the device file handle */ +typedef int DxDI_SepAppContext_t; + +#define DX_OK DXDI_RET_OK + +/*! + * Open the given device node + * + * + * \param devPriority Device priority (queue) + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_Open(DxDI_DevPriority_t devPriority); + +/*! + * Check if the given device node is open + * + * + * \param + * + * \return true/false + */ +uint8_t DxDI_IsOpen(void); + + +/*! + * Close the driver interface (file) + * + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_Close(void); + +/*! + * Get ABI version number + * + * \param verMajor Returned major version number + * \param verMinor Returned minor version number + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_GetAbiVersion(uint32_t *verMajor, uint32_t *verMinor); + +/*! + * Sets initial vector + * + * \param contextBuf A pointer to a context buffer + * \param iv_ptr Source IV buffer + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_SetInitialVector(uint32_t *contextBuf, uint8_t *iv_ptr); + +/*! + * Get context size of given symmetric cipher + * + * \param cipherType The queried cipher type + * + * \return uint32_t The context buffer size required + */ +uint32_t DxDI_GetSymCipherCtxSize(enum dxdi_sym_cipher_type cipherType); + + +/*! + * Get context size of given MAC algorithm + * + * \param aeType The queries Auth. Enc. algorithm + * + * \return uint32_t The context buffer size required + */ +uint32_t DxDI_GetAuthEncCtxSize(enum dxdi_auth_enc_type aeType); + +/*! + * Get context size of given MAC algorithm + * + * \param macType + * + * \return uint32_t The context buffer size required + */ +uint32_t DxDI_GetMacCtxSize(enum dxdi_mac_type macType); + +/*! + * Get context size of given hash type + * + * \param hashType The queried hash type + * + * \return uint32_t The context buffer size required + */ +uint32_t DxDI_GetHashCtxSize(enum dxdi_hash_type hashType); + +/*! + * Gets initial vector + * + * \param contextBuf A pointer to a context buffer + * \param iv_ptr Destination IV buffer + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_GetInitialVector( + uint32_t *contextBuf, + uint8_t *iv_ptr); + +/*! + * Initialize context for given symmetric cipher configuration + * + * \param contextBuf A pointer to a context buffer (phys. contig.) + * \param props The cipher configuration properties + * \param sepRetCode Returned SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_SymCipherInit( + uint32_t *contextBuf, + struct dxdi_sym_cipher_props *props, + uint32_t *sepRetCode +); + + +/*! + * Initialize context for Authenticated-Encryption configuration + * + * \param contextBuf A pointer to a context buffer (phys. contig.) + * \param props Auth. Enc. algorithm configuration properties + * \param sepRetCode SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_AuthEncInit( + uint32_t *contextBuf, + struct dxdi_auth_enc_props *props, + uint32_t *sepRetCode +); + +/*! + * Initialize context for MAC configuration + * + * \param contextBuf A pointer to a context buffer (phys. contig.) + * \param props MAC algorithm configuration properties + * \param sepRetCode SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_MacInit( + uint32_t *contextBuf, + struct dxdi_mac_props *props, + uint32_t *sepRetCode +); + +/*! + * Initialize context for given hash type + * + * \param contextBuf A pointer to a context buffer (phys. contig.) + * \param hashType The hash algorithm type + * \param sepRetCode SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_HashInit( + uint32_t *contextBuf, + enum dxdi_hash_type hashType, + uint32_t *sepRetCode +); + +/*! + * Process given data block in given context + * + * \param contextBuf A pointer to a context buffer + * \param dataBlockType Indicator of special data type (primarily Adata@CCM) + * \param dataIn User pointer of input data + * \param dataOut User pointer of output data buffer (when applicable) + * \param dataInSize Size (in octets) of input data + * \param sepRetCode SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_ProcessDataBlock( + uint32_t *contextBuf, + enum dxdi_data_block_type dataBlockType, + uint8_t *dataIn, + uint8_t *dataOut, + uint32_t dataInSize, + uint32_t *sepRetCode +); + +/*! + * Process last data block of processed stream and release resources + * associated with given context. + * Input data may be NULL in most symmetric-crypto algorithm. In that + * case this function only deals with releasing resources. + * + * \param contextBuf A pointer to a context buffer + * \param dataIn User pointer of input data + * \param dataOut User pointer of output data buffer (when applicable) + * \param dataInSize Size (in octets) of input data + * \param digestOrMac Pointer for returning digest (hash) or MAC data. + * \param digestOrMacSize Pointer for returning digest/MAC size (in octets) + * \param sepRetCode SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_ProcessLastDataBlock( + uint32_t *contextBuf, + uint8_t *dataIn, + uint8_t *dataOut, + uint32_t dataInSize, + uint8_t *digestOrMac, + uint8_t *digestOrMacSize, + uint32_t *sepRetCode +); + +/*! + * Process data with given symmetric-cipher configuration (init.+proc.+fin.) + * + * \param contextBuf A pointer to a context buffer (phys. contig.) + * \param props The cipher configuration properties + * \param dataIn User pointer of input data + * \param dataOut User pointer of output data buffer (when applicable) + * \param dataInSize Size (in octets) of input data + * \param sepRetCode Returned SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_SymCipherProcess( + uint32_t *contextBuf, + struct dxdi_sym_cipher_props *props, + uint8_t *dataIn, + uint8_t *dataOut, + uint32_t dataInSize, + uint32_t *sepRetCode +); + + +/*! + * Process data with given Authenticated-Encryption configuration + * (init.+proc.+fin.) + * + * \param contextBuf A pointer to a context buffer (phys. contig.) + * \param props Auth. Enc. algorithm configuration properties + * \param aData User pointer of additional/associated data (aDataSize octets) + * \param textDataIn User pointer of input text data (textSize octets) + * \param dataOut User pointer of output data buffer + * \param tag The returned calculated authentication Tag/MAC (T) + * \param sepRetCode SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_AuthEncProcess( + uint32_t *contextBuf, + struct dxdi_auth_enc_props *props, + uint8_t *aData, + uint8_t *textDataIn, + uint8_t *dataOut, + uint8_t *tag, + uint32_t *sepRetCode +); + +/*! + * Process data with given MAC configuration (init.+proc.+fin.) + * + * \param contextBuf A pointer to a context buffer (phys. contig.) + * \param props MAC algorithm configuration properties + * \param dataIn User pointer of input data + * \param dataInSize Size (in octets) of input data + * \param mac User pointer to return MAC into (of required MAC size) + * \param sepRetCode SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_MacProcess( + uint32_t *contextBuf, + struct dxdi_mac_props *props, + uint8_t *dataIn, + uint32_t dataInSize, + uint8_t *mac, + uint32_t *sepRetCode +); + +/*! + * Process data with given hash type (init.+proc.+fin.) + * + * \param contextBuf A pointer to a context buffer (phys. contig.) + * \param HashType The hash algorithm type + * \param dataIn User pointer of input data + * \param dataInSize Size (in octets) of input data + * \param digest User pointer to return digest into (of required digest size) + * \param sepRetCode SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_HashProcess( + uint32_t *contextBuf, + enum dxdi_hash_type hashType, + uint8_t *dataIn, + uint32_t dataInSize, + uint8_t *digest, + uint32_t *sepRetCode +); + +/************************************************************************/ +/*** COMBINED MODE PROCESSING **/ +/************************************************************************/ + +/*! + * Initialization of Combined mode according to given configuration + * + * \param props The cipher configuration properties + * \param sepRetCode Returned SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_CombinedInit( + struct dxdi_combined_props *props, + uint32_t *sepRetCode +); + +/*! + * Process given data block in Combined mode according to configuration. + * + * \param props The cipher configuration properties + * \param dataIn User pointer of input data + * \param dataInSize Size (in octets) of input data + * \param dataOut User pointer of output data buffer (when applicable) + * \param sepRetCode SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_CombinedProcessDblk( + struct dxdi_combined_props *props, + uint8_t *dataIn, + uint32_t dataInSize, + uint8_t *dataOut, + uint32_t *sepRetCode +); + + +/*! + * Finalize processing of last data with given Combined mode configuration + * + * \param props The cipher configuration properties + * \param combined configuration properties + * \param pDataIn User pointer of input data + * \param dataInSize Size (in octets) of input data + * \param pDataOut User pointer of output data buffer (when applicable) + * \param macOrDigest User pointer to return MAC or HASH (size according to used + * MAC or HASH) + * \param macOrDigestSize A pointer to size (in octets) of MAC or HASH output + * \param sepRetCode SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_CombinedFinalize( + struct dxdi_combined_props *props, + uint8_t *pDataIn, + uint32_t dataInSize, + uint8_t *pDataOut, + uint8_t *pAuthData, + uint32_t *pAuthDataSize, + uint32_t *sepRetCode +); + + +/*! + * Pprocesses the data with given Combined mode configuration as one integrated + * operation (init+fin.) + * + * \param props The cipher configuration properties + * \param combined configuration properties + * \param pDataIn User pointer of input data + * \param dataInSize Size (in octets) of input data + * \param pDataOut User pointer of output data buffer (when applicable) + * \param pAuthData User pointer to return Authentication data (size according + * to used MAC or HASH) + * \param pAuthDataSize A pointer to size (in octets) of Authentication data + * output + * \param sepRetCode SeP return code + * + * \return DxDI_RetCode + */ +DxDI_RetCode_t DxDI_Combined( + struct dxdi_combined_props *props, + uint8_t *pDataIn, + uint32_t dataInSize, + uint8_t *pDataOut, + uint8_t *pAuthData, + uint32_t *pAuthDataSize, + uint32_t *sepRetCode +); + +/*! + * Invoke SeP RPC + * + * \param agentId SeP RPC agent (API) ID + * \param funcId Function ID + * \param memRefs Array of user memory references to be mapped for DMA by the host driver + * \param rpcParamsSize Size of rpcParams + * \param rpcParams The RPC parameters structure (function specific) + * \param Return code from SeP (Given in the SW descriptor from RPC infrastructure) + * + * \return DxDI_RetCode_t + */ +DxDI_RetCode_t DxDI_SepRpcCall( + seprpc_agent_id_t agentId, + seprpc_func_id_t funcId, + struct dxdi_memref *memRefs, + unsigned long rpcParamsSize, + struct seprpc_params *rpcParams, + seprpc_retcode_t *sepRetCode +); + + +/*! + * Register a user memory buffer for future DMA operations + * + * \param contextP Associated SeP Applet context or NULL if to be used for SeP RPC + * \param memRef The memory buffer to register + * \param memRefIdP The returned registered memory reference ID + * + * \return DxDI_RetCode_t + */ +DxDI_RetCode_t DxDI_RegisterMemForDma( + DxDI_SepAppContext_t *contextP, + struct dxdi_memref *memRef, + dxdi_memref_id_t *memRefIdP +); + +/*! + * Allocate DMA coherent memory + * + * \param contextP Associated SeP Applet context or NULL if to be used for SeP RPC + * \param size Size in bytes of request memory buffer + * \param memMapAddrP Returned pointer to mapping of allocated memory in this process address space + * \param memRefIdP The returned registered memory reference ID + * + * \return DxDI_RetCode_t + */ +DxDI_RetCode_t DxDI_AllocMemForDma( + DxDI_SepAppContext_t *contextP, + unsigned long size, + void **memMapAddrP, + dxdi_memref_id_t *memRefIdP +); + +/*! + * Free registered user memory resources (deregister). + * + * \param contextP Associated SeP Applet context or NULL if to be used for SeP RPC + * \param memRefId The registered memory reference ID + * + * \return DxDI_RetCode_t + */ +DxDI_RetCode_t DxDI_FreeMemForDma( + DxDI_SepAppContext_t *contextP, + dxdi_memref_id_t memRefId +); + +/*! + * Allocate a context for SeP Applet communication + * + * \param contextP A reference to a context container buffer (to be initialized with context info.) + * + * \return DxDI_RetCode_t + */ +DxDI_RetCode_t DxDI_SepAppContextAlloc(const char *name, DxDI_SepAppContext_t *contextP); + +/*! + * Free resources associated with given SeP Applet communication context + * + * \param contextP A reference to a context data buffer initialized with DxDI_SepAppContextAlloc + */ +void DxDI_SepAppContextFree(DxDI_SepAppContext_t *contextP); + +/*! + * Open a session with selected Applet + * + * \param contextP A reference to a context data buffer initialized with DxDI_SepAppContextAlloc + * \param appletUuid Unique Applet ID + * \param authMethod Session connection authentication method. + * Any value with bit 31 cleared must one of DXDI_SEPAPP_AUTH_* constants. + * Any value with bit 31 set is Applet-specific method with optional parameters in sepAppAuthData + * \param authData A pointer to optional authentication parameter in case of authMethod from DXDI_SEPAPP_AUTH_*. + * \param sepAppAuthData A set of SeP Applet parameters for Applet specific connection data (optional). + * \param sessionIdP The returned new session ID (handle) + * \param sepRetOrigin Encoding of the source of the sepRetCode in case of error. + * \param sepRetCode Indication of error event in SeP. 0 on success. + * + * \return DxDI_RetCode_t DI return/error code + */ +DxDI_RetCode_t DxDI_SepAppSessionOpen( + DxDI_SepAppContext_t *contextP, + dxdi_sepapp_uuid_t *appletUuid, + uint32_t authMethod, + void *authData, + struct dxdi_sepapp_params *sepAppAuthData, + dxdi_sepapp_session_id_t *sessionIdP, + enum dxdi_sep_module *sepRetOrigin, + uint32_t *sepRetCode +); + +/*! + * Close a session with an Applet + * + * \param contextP A reference to a context data buffer initialized with DxDI_SepAppContextAlloc + * \param sessionId A session ID as return from DxDI_SepAppSessionOpen + * + * \return DxDI_RetCode_t + */ +DxDI_RetCode_t DxDI_SepAppSessionClose( + DxDI_SepAppContext_t *contextP, + dxdi_sepapp_session_id_t sessionId); + +/*! + * Dispatch a command to a SeP Applet over given session + * + * \param contextP A reference to a context data buffer initialized with DxDI_SepAppContextAlloc + * \param sessionId A session ID as return from DxDI_SepAppSessionOpen + * \param commandId An applet specific command ID + * \param commandParams Parameters for given command + * \param sepRetOrigin Encoding of the source of the sepRetCode in case of error. + * \param sepRetCode Indication of error event in SeP. 0 on success. + * + * \return DxDI_RetCode_t + */ +DxDI_RetCode_t DxDI_SepAppCommandInvoke( + DxDI_SepAppContext_t *contextP, + dxdi_sepapp_session_id_t sessionId, + uint32_t commandId, + struct dxdi_sepapp_params *commandParams, + enum dxdi_sep_module *sepRetOrigin, + uint32_t *sepRetCode); + +#endif + diff --git a/peripheral/keystore/chaabi/libcc54/dx_cclib.c b/peripheral/keystore/chaabi/libcc54/dx_cclib.c new file mode 100644 index 0000000..ea80905 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/dx_cclib.c @@ -0,0 +1,129 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#define DX_PAL_LOG_CUR_COMPONENT DX_LOG_MASK_CCLIB + +#define _MAIN_C_ /*declare PAL's globals*/ +#include <fcntl.h> +#include <unistd.h> +#include <stdio.h> +#include <sys/ioctl.h> +#include <string.h> +#include <errno.h> +#include "dx_pal_types.h" +#include "dx_pal_log.h" +#include "driver_interface.h" +#include "dx_cclib.h" +#include "dx_pal_types.h" + +/*** Cclib state variables ***/ +static uint32_t devPriority = DXDI_PRIO_MIN; + + +/*! + * Convert errno to DxDI_RetCode + * + * \param err The errno value + * + * \return DxDI_RetCode + */ +static DX_CclibRetCode_t ConvErr2RetCode(int err, const char* errContext) +{ + if (err != 0) { + DX_PAL_LOG_ERR("%s: (%d)\n", errContext, err); + } + switch (err) { + case 0: + return DX_CCLIB_RET_OK; + case DXDI_RET_ENODEV: + return DX_CCLIB_RET_ENODEV; + case DXDI_RET_ENOTSUP: + return DX_CCLIB_RET_ENOTSUP; + case DXDI_RET_EINVAL: + return DX_CCLIB_RET_EINVAL; + case DXDI_RET_ENOPERM: + return DX_CCLIB_RET_ENOPERM; + case DXDI_RET_EINTERNAL: + return DX_CCLIB_RET_EINTERNAL; + default: + return DX_CCLIB_RET_EINTERNAL; + } +} + +/*! + * Init OS driver + * + * + * \param + * + * \return DxCclib_RetCode + */ +DX_CclibRetCode_t DX_CclibInit() +{ + DxDI_RetCode_t rc; + + DX_PAL_LogInit(); + + rc = DxDI_Open(devPriority); + return ConvErr2RetCode(rc, "DxCclib_Init: Open OS driver "); +} + + +/*! + * Finalize OS driver context - release associated resources + */ +void DX_CclibFini(void) +{ + (void)DxDI_Close(); +} + + +/*! + * Set requested CryptoCell priority queue + * This function must be invoked before DX_CclibInit + * + * \param priority Requested priority queue + * + * \return DxCclib_RetCode + */ +DX_CclibRetCode_t DX_CclibSetPriority(uint32_t priority) +{ + if (DxDI_IsOpen()) { + DX_PAL_LOG_DEBUG("DxCclib_SetPriority: Devise is open.\n"); + return DX_CCLIB_RET_ENOPERM; + } + if (priority > DXDI_PRIO_MAX){ + DX_PAL_LOG_DEBUG("DxCclib_SetPriority: Ilegal Priority\n"); + return DX_CCLIB_RET_ENOTSUP; + } + devPriority = (DxDI_DevPriority_t)priority; + return DX_CCLIB_RET_OK; +} + +/*! + * Get selected priority + * (as set by DX_CclibSetPriority or default if it was not invoked) + * + * + * \return DX_CclibDevPriority + */ +uint32_t DX_CclibGetPriority(void) +{ + DX_PAL_LOG_DEBUG("DxCclib_GetPriority: priority (%d)\n",devPriority); + return devPriority; +} + + +/*! + * Get the highest priority supported + * + * \return DX_CclibDevPriority + */ +uint32_t DX_CclibGetMaxPriority(void) +{ + return DXDI_PRIO_MAX; + /* TODO: Return actually max. priority as reported by the driver */ +} diff --git a/peripheral/keystore/chaabi/libcc54/dx_log_mask.h b/peripheral/keystore/chaabi/libcc54/dx_log_mask.h new file mode 100644 index 0000000..02981bb --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/dx_log_mask.h @@ -0,0 +1,17 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _DX_LOG_MASK_H_ +#define _DX_LOG_MASK_H_ + +/* CCLIB4 specific component masks */ +#define DX_LOG_MASK_CCLIB (1) +#define DX_LOG_MASK_DRIVER_INTERFACE (1<<1) +#define DX_LOG_MASK_CRYS_API (1<<2) + + +#endif /*_DX_LOG_MASK_H_*/ + diff --git a/peripheral/keystore/chaabi/libcc54/generated/applet_mng_seprpc.h b/peripheral/keystore/chaabi/libcc54/generated/applet_mng_seprpc.h new file mode 100644 index 0000000..0df4e05 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/generated/applet_mng_seprpc.h @@ -0,0 +1,75 @@ +/* Generated file - DO NOT EDIT! */ +/* Generated by utils/src/sep_rpc_gen/sep_rpc_gen.py@2451 at 2012-09-20 11:55:35.521996 */ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file applet_mng_seprpc.h + * SeP-RPC header file for AppletMngLoad API */ + +#ifndef __APPLET_MNG_SEPRPC_H__ +#define __APPLET_MNG_SEPRPC_H__ + +#define SEPRPC_AGENT_ID_AppletMngLoad 3 + +#include "dx_applet_mng_load.h" +#include "applet_mgr_error.h" +#include "sep_rpc.h" +#include "dx_pal_compiler.h" + + +/************ DX_CC_LoadApplet ***************/ +#define SEPRPC_FUNC_ID_DX_CC_LoadApplet 1 +/* +DxUint32_t DX_CC_LoadApplet( + DxUint32_t vrlAddr, + DxUint32_t magicNum, + DxUint32_t verKeyIndex, + DxUint32_t flags, + DxUint32_t appletImageAddr, + DxUint32_t userParam) +*/ + +#define SEPRPC_MEMREF_NUM_DX_CC_LoadApplet 0 +#if SEPRPC_MEMREF_NUM_DX_CC_LoadApplet > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_DX_CC_LoadApplet is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_DX_CC_LoadAppletParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + /*le32*/DxUint32_t vrlAddr; + /*le32*/DxUint32_t magicNum; + /*le32*/DxUint32_t verKeyIndex; + /*le32*/DxUint32_t flags; + /*le32*/DxUint32_t appletImageAddr; + /*le32*/DxUint32_t userParam; + DxUint32_t _funcRetCode; +} SepRpc_DX_CC_LoadAppletParams_s; + + + +/************ DX_CC_UnloadApplet ***************/ +#define SEPRPC_FUNC_ID_DX_CC_UnloadApplet 2 +/* +DxUint32_t DX_CC_UnloadApplet( + DxUint8_t uuid[]) +*/ + +#define SEPRPC_MEMREF_NUM_DX_CC_UnloadApplet 0 +#if SEPRPC_MEMREF_NUM_DX_CC_UnloadApplet > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_DX_CC_UnloadApplet is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_DX_CC_UnloadAppletParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t uuid[sizeof(DX_SepAppUuid_t)]; + DxUint8_t uuid_null_flag; + DxUint32_t _funcRetCode; +} SepRpc_DX_CC_UnloadAppletParams_s; + + +#endif /*__APPLET_MNG_SEPRPC_H__*/ diff --git a/peripheral/keystore/chaabi/libcc54/generated/applet_mng_seprpc_stub.c b/peripheral/keystore/chaabi/libcc54/generated/applet_mng_seprpc_stub.c new file mode 100644 index 0000000..bf0a8b5 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/generated/applet_mng_seprpc_stub.c @@ -0,0 +1,101 @@ +/* Generated file - DO NOT EDIT! */ +/* Generated by utils/src/sep_rpc_gen/sep_rpc_gen.py@2451 at 2012-09-20 11:55:35.522641 */ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file applet_mng_seprpc_stub.c + * SeP-RPC host wrappers/stubs implementation for AppletMngLoad API */ + +#include <string.h> +#include "dx_applet_mng_load.h" +#include "applet_mgr_error.h" +#include "sep_rpc.h" +#include "driver_interface.h" +#include "applet_mng_seprpc.h" + + +/************ DX_CC_LoadApplet ***************/ +DxUint32_t DX_CC_LoadApplet( + DxUint32_t vrlAddr, + DxUint32_t magicNum, + DxUint32_t verKeyIndex, + DxUint32_t flags, + DxUint32_t appletImageAddr, + DxUint32_t userParam) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_DX_CC_LoadAppletParams params; + + /* Verify input parameters and copy into params. struct. */ + params.vrlAddr = cpu_to_le32(vrlAddr); + params.magicNum = cpu_to_le32(magicNum); + params.verKeyIndex = cpu_to_le32(verKeyIndex); + params.flags = cpu_to_le32(flags); + params.appletImageAddr = cpu_to_le32(appletImageAddr); + params.userParam = cpu_to_le32(userParam); + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_DX_CC_LoadApplet); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_AppletMngLoad, SEPRPC_FUNC_ID_DX_CC_LoadApplet, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, DX_APP_MNG_ILLEGAL_PARAM_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of DX_CC_LoadApplet failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return DX_APP_MNG_ILLEGAL_PARAM_ERROR; + case SEPRPC_RET_ENORSC: + return DX_APP_MNG_ILLEGAL_PARAM_ERROR; + default: + return DX_APP_MNG_ILLEGAL_PARAM_ERROR; + } + } + + return le32_to_cpu(params._funcRetCode); +} /* DX_CC_LoadApplet */ + + + +/************ DX_CC_UnloadApplet ***************/ +DxUint32_t DX_CC_UnloadApplet( + DxUint8_t uuid[]) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_DX_CC_UnloadAppletParams params; + + /* Verify input parameters and copy into params. struct. */ + if (uuid == NULL) { + params.uuid_null_flag = 1; + } else { + memcpy(params.uuid, uuid, sizeof(DxUint8_t) * (sizeof(DX_SepAppUuid_t))); + params.uuid_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_DX_CC_UnloadApplet); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_AppletMngLoad, SEPRPC_FUNC_ID_DX_CC_UnloadApplet, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, DX_APP_MNG_ILLEGAL_PARAM_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of DX_CC_UnloadApplet failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return DX_APP_MNG_ILLEGAL_PARAM_ERROR; + case SEPRPC_RET_ENORSC: + return DX_APP_MNG_ILLEGAL_PARAM_ERROR; + default: + return DX_APP_MNG_ILLEGAL_PARAM_ERROR; + } + } + + return le32_to_cpu(params._funcRetCode); +} /* DX_CC_UnloadApplet */ + diff --git a/peripheral/keystore/chaabi/libcc54/generated/crys_aes_seprpc.h b/peripheral/keystore/chaabi/libcc54/generated/crys_aes_seprpc.h new file mode 100644 index 0000000..e4598b9 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/generated/crys_aes_seprpc.h @@ -0,0 +1,100 @@ +/* Generated file - DO NOT EDIT! */ +/* Generated by utils/src/sep_rpc_gen/sep_rpc_gen.py@2451 at 2012-09-20 11:54:02.082285 */ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file crys_aes_seprpc.h + * SeP-RPC header file for CrysAes API */ + +#ifndef __CRYS_AES_SEPRPC_H__ +#define __CRYS_AES_SEPRPC_H__ + +#define SEPRPC_AGENT_ID_CrysAes 1 + +#include "crys_aes.h" +#include "crys_aes_error.h" +#include "sep_rpc.h" +#include "dx_pal_compiler.h" + + +/************ CRYS_AES_Wrap ***************/ +#define SEPRPC_FUNC_ID_CRYS_AES_Wrap 1 +/* +CRYSError_t CRYS_AES_Wrap( + DxUint8_t DataIn_ptr[], + DxUint32_t DataInLen, + DxUint8_t KeyData[], + CRYS_AES_KeySize_t KeySize, + DxInt8_t Reserved, + DxUint8_t WrapDataOut_ptr[], + DxUint32_t *WrapDataLen_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_AES_Wrap 0 +#if SEPRPC_MEMREF_NUM_CRYS_AES_Wrap > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_AES_Wrap is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_AES_WrapParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t DataIn_ptr[CRYS_AES_WRAP_DATA_MAX_SIZE_IN_BYTES]; + DxUint8_t DataIn_ptr_null_flag; + /*le32*/DxUint32_t DataInLen; + DxUint8_t KeyData[32]; + DxUint8_t KeyData_null_flag; + /*le32*/CRYS_AES_KeySize_t KeySize; + DxInt8_t Reserved; + /* Input/Output */ + /*le32*/DxUint32_t __WrapDataLen_ptr; + DxUint8_t __WrapDataLen_ptr_null_flag; + /* Output */ + DxUint8_t WrapDataOut_ptr[(CRYS_AES_WRAP_DATA_MAX_SIZE_IN_BYTES+CRYS_AES_WRAP_BLOCK_SIZE_IN_BYTES)]; + DxUint8_t WrapDataOut_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_AES_WrapParams_s; + + + +/************ CRYS_AES_Unwrap ***************/ +#define SEPRPC_FUNC_ID_CRYS_AES_Unwrap 2 +/* +CRYSError_t CRYS_AES_Unwrap( + DxUint8_t WrapDataIn_ptr[], + DxUint32_t WrapDataInLen, + DxUint8_t KeyData[], + CRYS_AES_KeySize_t KeySize, + DxInt8_t Reserved, + DxUint8_t DataOut_ptr[], + DxUint32_t *DataOutLen_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_AES_Unwrap 0 +#if SEPRPC_MEMREF_NUM_CRYS_AES_Unwrap > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_AES_Unwrap is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_AES_UnwrapParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t WrapDataIn_ptr[ (CRYS_AES_WRAP_DATA_MAX_SIZE_IN_BYTES + CRYS_AES_WRAP_BLOCK_SIZE_IN_BYTES)]; + DxUint8_t WrapDataIn_ptr_null_flag; + /*le32*/DxUint32_t WrapDataInLen; + DxUint8_t KeyData[32]; + DxUint8_t KeyData_null_flag; + /*le32*/CRYS_AES_KeySize_t KeySize; + DxInt8_t Reserved; + /* Input/Output */ + /*le32*/DxUint32_t __DataOutLen_ptr; + DxUint8_t __DataOutLen_ptr_null_flag; + /* Output */ + DxUint8_t DataOut_ptr[CRYS_AES_WRAP_DATA_MAX_SIZE_IN_BYTES]; + DxUint8_t DataOut_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_AES_UnwrapParams_s; + + +#endif /*__CRYS_AES_SEPRPC_H__*/ diff --git a/peripheral/keystore/chaabi/libcc54/generated/crys_aes_seprpc_stub.c b/peripheral/keystore/chaabi/libcc54/generated/crys_aes_seprpc_stub.c new file mode 100644 index 0000000..cfba2b7 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/generated/crys_aes_seprpc_stub.c @@ -0,0 +1,195 @@ +/* Generated file - DO NOT EDIT! */ +/* Generated by utils/src/sep_rpc_gen/sep_rpc_gen.py@2451 at 2012-09-20 11:54:02.083935 */ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file crys_aes_seprpc_stub.c + * SeP-RPC host wrappers/stubs implementation for CrysAes API */ + +#include <string.h> +#include "crys_aes.h" +#include "crys_aes_error.h" +#include "sep_rpc.h" +#include "driver_interface.h" +#include "crys_aes_seprpc.h" + + +/************ CRYS_AES_Wrap ***************/ +CRYSError_t CRYS_AES_Wrap( + DxUint8_t DataIn_ptr[], + DxUint32_t DataInLen, + DxUint8_t KeyData[], + CRYS_AES_KeySize_t KeySize, + DxInt8_t Reserved, + DxUint8_t WrapDataOut_ptr[], + DxUint32_t *WrapDataLen_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_AES_WrapParams params; + + /* Verify input parameters and copy into params. struct. */ + if (DataIn_ptr == NULL) { + params.DataIn_ptr_null_flag = 1; + } else { + /* Verify array size of DataIn_ptr */ + SEP_RPC_ASSERT((DataInLen) <= (CRYS_AES_WRAP_DATA_MAX_SIZE_IN_BYTES), CRYS_AES_WRAP_DATA_LENGTH_ERROR); + memcpy(params.DataIn_ptr, DataIn_ptr, sizeof(DxUint8_t) * (DataInLen)); + params.DataIn_ptr_null_flag = 0; + } + + params.DataInLen = cpu_to_le32(DataInLen); + if (KeyData == NULL) { + params.KeyData_null_flag = 1; + } else { + memcpy(params.KeyData, KeyData, sizeof(DxUint8_t) * (32)); + params.KeyData_null_flag = 0; + } + + params.KeySize = cpu_to_le32(KeySize); + params.Reserved = Reserved; + if (WrapDataLen_ptr == NULL) { + params.__WrapDataLen_ptr_null_flag = 1; + } else { + params.__WrapDataLen_ptr = cpu_to_le32(*(WrapDataLen_ptr)); + params.__WrapDataLen_ptr_null_flag = 0; + } + + if (WrapDataOut_ptr == NULL) { + params.WrapDataOut_ptr_null_flag = 1; + } else if (WrapDataLen_ptr != NULL) { + /* Verify array size of WrapDataOut_ptr */ + SEP_RPC_ASSERT(((*WrapDataLen_ptr)) <= ((CRYS_AES_WRAP_DATA_MAX_SIZE_IN_BYTES+CRYS_AES_WRAP_BLOCK_SIZE_IN_BYTES)), CRYS_AES_WRAP_DATA_LENGTH_ERROR); + params.WrapDataOut_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_AES_Wrap); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysAes, SEPRPC_FUNC_ID_CRYS_AES_Wrap, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_AES_UNWRAP_FUNCTION_FAILED_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_AES_Wrap failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_AES_WRAP_DATA_LENGTH_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_AES_WRAP_ILLEGAL_DATA_PTR_ERROR; + default: + return CRYS_AES_UNWRAP_FUNCTION_FAILED_ERROR; + } + } + + /* Copy back output parameters */ + if (WrapDataLen_ptr == NULL) { + params.__WrapDataLen_ptr_null_flag = 1; + } else { + *(WrapDataLen_ptr) = le32_to_cpu(params.__WrapDataLen_ptr); + params.__WrapDataLen_ptr_null_flag = 0; + } + + if (WrapDataOut_ptr == NULL) { + params.WrapDataOut_ptr_null_flag = 1; + } else if (WrapDataLen_ptr != NULL) { + memcpy(WrapDataOut_ptr, params.WrapDataOut_ptr, sizeof(DxUint8_t) * ((*WrapDataLen_ptr))); + params.WrapDataOut_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_AES_Wrap */ + + + +/************ CRYS_AES_Unwrap ***************/ +CRYSError_t CRYS_AES_Unwrap( + DxUint8_t WrapDataIn_ptr[], + DxUint32_t WrapDataInLen, + DxUint8_t KeyData[], + CRYS_AES_KeySize_t KeySize, + DxInt8_t Reserved, + DxUint8_t DataOut_ptr[], + DxUint32_t *DataOutLen_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_AES_UnwrapParams params; + + /* Verify input parameters and copy into params. struct. */ + if (WrapDataIn_ptr == NULL) { + params.WrapDataIn_ptr_null_flag = 1; + } else { + /* Verify array size of WrapDataIn_ptr */ + SEP_RPC_ASSERT((WrapDataInLen) <= ( (CRYS_AES_WRAP_DATA_MAX_SIZE_IN_BYTES + CRYS_AES_WRAP_BLOCK_SIZE_IN_BYTES)), CRYS_AES_WRAP_DATA_LENGTH_ERROR); + memcpy(params.WrapDataIn_ptr, WrapDataIn_ptr, sizeof(DxUint8_t) * (WrapDataInLen)); + params.WrapDataIn_ptr_null_flag = 0; + } + + params.WrapDataInLen = cpu_to_le32(WrapDataInLen); + if (KeyData == NULL) { + params.KeyData_null_flag = 1; + } else { + memcpy(params.KeyData, KeyData, sizeof(DxUint8_t) * (32)); + params.KeyData_null_flag = 0; + } + + params.KeySize = cpu_to_le32(KeySize); + params.Reserved = Reserved; + if (DataOutLen_ptr == NULL) { + params.__DataOutLen_ptr_null_flag = 1; + } else { + params.__DataOutLen_ptr = cpu_to_le32(*(DataOutLen_ptr)); + params.__DataOutLen_ptr_null_flag = 0; + } + + if (DataOut_ptr == NULL) { + params.DataOut_ptr_null_flag = 1; + } else if (DataOutLen_ptr != NULL) { + /* Verify array size of DataOut_ptr */ + SEP_RPC_ASSERT(((*DataOutLen_ptr)) <= (CRYS_AES_WRAP_DATA_MAX_SIZE_IN_BYTES), CRYS_AES_WRAP_DATA_LENGTH_ERROR); + params.DataOut_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_AES_Unwrap); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysAes, SEPRPC_FUNC_ID_CRYS_AES_Unwrap, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_AES_UNWRAP_FUNCTION_FAILED_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_AES_Unwrap failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_AES_WRAP_DATA_LENGTH_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_AES_WRAP_ILLEGAL_DATA_PTR_ERROR; + default: + return CRYS_AES_UNWRAP_FUNCTION_FAILED_ERROR; + } + } + + /* Copy back output parameters */ + if (DataOutLen_ptr == NULL) { + params.__DataOutLen_ptr_null_flag = 1; + } else { + *(DataOutLen_ptr) = le32_to_cpu(params.__DataOutLen_ptr); + params.__DataOutLen_ptr_null_flag = 0; + } + + if (DataOut_ptr == NULL) { + params.DataOut_ptr_null_flag = 1; + } else if (DataOutLen_ptr != NULL) { + memcpy(DataOut_ptr, params.DataOut_ptr, sizeof(DxUint8_t) * ((*DataOutLen_ptr))); + params.DataOut_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_AES_Unwrap */ + diff --git a/peripheral/keystore/chaabi/libcc54/generated/crys_dh_seprpc.h b/peripheral/keystore/chaabi/libcc54/generated/crys_dh_seprpc.h new file mode 100644 index 0000000..680ede8 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/generated/crys_dh_seprpc.h @@ -0,0 +1,370 @@ +/* Generated file - DO NOT EDIT! */ +/* Generated by utils/src/sep_rpc_gen/sep_rpc_gen.py@2451 at 2012-09-20 12:33:41.575692 */ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file crys_dh_seprpc.h + * SeP-RPC header file for CrysDh API */ + +#ifndef __CRYS_DH_SEPRPC_H__ +#define __CRYS_DH_SEPRPC_H__ + +#define SEPRPC_AGENT_ID_CrysDh 9 + +#include "crys_dh.h" +#include "crys_dh_error.h" +#include "crys_dh_kg.h" +#include "crys_rsa_prim.h" +#include "sep_rpc.h" +#include "dx_pal_compiler.h" + + +/************ _DX_DH_GeneratePubPrv ***************/ +#define SEPRPC_FUNC_ID__DX_DH_GeneratePubPrv 1 +/* +CRYSError_t _DX_DH_GeneratePubPrv( + DxUint8_t Generator_ptr[], + DxUint16_t GeneratorSize, + DxUint8_t Prime_ptr[], + DxUint16_t PrimeSize, + DxUint16_t L, + DxUint8_t Q_ptr[], + DxUint16_t QSize, + CRYS_DH_OpMode_t DH_mode, + CRYS_DHUserPubKey_t *tmpPubKey_ptr, + CRYS_DHPrimeData_t *tmpPrimeData_ptr, + DxUint8_t ClientPrvKey_ptr[], + DxUint16_t *ClientPrvKeySize_ptr, + DxUint8_t ClientPub1_ptr[], + DxUint16_t *ClientPubSize_ptr) +*/ + +#define SEPRPC_MEMREF_NUM__DX_DH_GeneratePubPrv 0 +#if SEPRPC_MEMREF_NUM__DX_DH_GeneratePubPrv > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM__DX_DH_GeneratePubPrv is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc__DX_DH_GeneratePubPrvParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t Generator_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t Generator_ptr_null_flag; + /*le16*/DxUint16_t GeneratorSize; + DxUint8_t Prime_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t Prime_ptr_null_flag; + /*le16*/DxUint16_t PrimeSize; + /*le16*/DxUint16_t L; + DxUint8_t Q_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t Q_ptr_null_flag; + /*le16*/DxUint16_t QSize; + /*le32*/CRYS_DH_OpMode_t DH_mode; + CRYS_DHUserPubKey_t __tmpPubKey_ptr; + DxUint8_t __tmpPubKey_ptr_null_flag; + DxUint32_t tmpPrimeData_ptr_size; + /* Input/Output */ + /*le16*/DxUint16_t __ClientPrvKeySize_ptr; + DxUint8_t __ClientPrvKeySize_ptr_null_flag; + /*le16*/DxUint16_t __ClientPubSize_ptr; + DxUint8_t __ClientPubSize_ptr_null_flag; + /* Output */ + DxUint8_t ClientPrvKey_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t ClientPrvKey_ptr_null_flag; + DxUint8_t ClientPub1_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t ClientPub1_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc__DX_DH_GeneratePubPrvParams_s; + + + +/************ CRYS_DH_GetSecretKey ***************/ +#define SEPRPC_FUNC_ID_CRYS_DH_GetSecretKey 2 +/* +CRYSError_t CRYS_DH_GetSecretKey( + DxUint8_t ClientPrvKey_ptr[], + DxUint16_t ClientPrvKeySize, + DxUint8_t ServerPubKey_ptr[], + DxUint16_t ServerPubKeySize, + DxUint8_t Prime_ptr[], + DxUint16_t PrimeSize, + CRYS_DHUserPubKey_t *tmpPubKey_ptr, + CRYS_DHPrimeData_t *tmpPrimeData_ptr, + DxUint8_t SecretKey_ptr[], + DxUint16_t *SecretKeySize_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_DH_GetSecretKey 0 +#if SEPRPC_MEMREF_NUM_CRYS_DH_GetSecretKey > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_DH_GetSecretKey is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_DH_GetSecretKeyParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t ClientPrvKey_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t ClientPrvKey_ptr_null_flag; + /*le16*/DxUint16_t ClientPrvKeySize; + DxUint8_t ServerPubKey_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t ServerPubKey_ptr_null_flag; + /*le16*/DxUint16_t ServerPubKeySize; + DxUint8_t Prime_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t Prime_ptr_null_flag; + /*le16*/DxUint16_t PrimeSize; + CRYS_DHUserPubKey_t __tmpPubKey_ptr; + DxUint8_t __tmpPubKey_ptr_null_flag; + DxUint32_t tmpPrimeData_ptr_size; + /* Input/Output */ + /*le16*/DxUint16_t __SecretKeySize_ptr; + DxUint8_t __SecretKeySize_ptr_null_flag; + /* Output */ + DxUint8_t SecretKey_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t SecretKey_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_DH_GetSecretKeyParams_s; + + + +/************ CRYS_DH_CheckPubKey ***************/ +#define SEPRPC_FUNC_ID_CRYS_DH_CheckPubKey 3 +/* +CRYSError_t CRYS_DH_CheckPubKey( + DxUint8_t modP_ptr[], + DxUint32_t modPsizeBytes, + DxUint8_t orderQ_ptr[], + DxUint32_t orderQsizeBytes, + DxUint8_t pubKey_ptr[], + DxUint32_t pubKeySizeBytes, + CRYS_DH_Temp_t *tempBuff_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_DH_CheckPubKey 0 +#if SEPRPC_MEMREF_NUM_CRYS_DH_CheckPubKey > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_DH_CheckPubKey is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_DH_CheckPubKeyParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t modP_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t modP_ptr_null_flag; + /*le32*/DxUint32_t modPsizeBytes; + DxUint8_t orderQ_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t orderQ_ptr_null_flag; + /*le32*/DxUint32_t orderQsizeBytes; + DxUint8_t pubKey_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t pubKey_ptr_null_flag; + /*le32*/DxUint32_t pubKeySizeBytes; + DxUint32_t tempBuff_ptr_size; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_DH_CheckPubKeyParams_s; + + + +/************ CRYS_DH_X942_GetSecretData ***************/ +#define SEPRPC_FUNC_ID_CRYS_DH_X942_GetSecretData 4 +/* +CRYSError_t CRYS_DH_X942_GetSecretData( + DxUint8_t ClientPrvKey_ptr[], + DxUint16_t ClientPrvKeySize, + DxUint8_t ServerPubKey_ptr[], + DxUint16_t ServerPubKeySize, + DxUint8_t Prime_ptr[], + DxUint16_t PrimeSize, + CRYS_DH_OtherInfo_t *otherInfo_ptr, + CRYS_DH_HASH_OpMode_t hashMode, + CRYS_DH_DerivationFunc_Mode DerivFunc_mode, + CRYS_DH_Temp_t *tmpBuff_ptr, + DxUint8_t SecretKeyingData_ptr[], + DxUint16_t SecretKeyingDataSize) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_DH_X942_GetSecretData 0 +#if SEPRPC_MEMREF_NUM_CRYS_DH_X942_GetSecretData > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_DH_X942_GetSecretData is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_DH_X942_GetSecretDataParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t ClientPrvKey_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t ClientPrvKey_ptr_null_flag; + /*le16*/DxUint16_t ClientPrvKeySize; + DxUint8_t ServerPubKey_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t ServerPubKey_ptr_null_flag; + /*le16*/DxUint16_t ServerPubKeySize; + DxUint8_t Prime_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t Prime_ptr_null_flag; + /*le16*/DxUint16_t PrimeSize; + CRYS_DH_OtherInfo_t __otherInfo_ptr; + DxUint8_t __otherInfo_ptr_null_flag; + /*le32*/CRYS_DH_HASH_OpMode_t hashMode; + /*le32*/CRYS_DH_DerivationFunc_Mode DerivFunc_mode; + DxUint32_t tmpBuff_ptr_size; + /*le16*/DxUint16_t SecretKeyingDataSize; + /* Output */ + DxUint8_t SecretKeyingData_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t SecretKeyingData_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_DH_X942_GetSecretDataParams_s; + + + +/************ CRYS_DH_X942_HybridGetSecretData ***************/ +#define SEPRPC_FUNC_ID_CRYS_DH_X942_HybridGetSecretData 5 +/* +CRYSError_t CRYS_DH_X942_HybridGetSecretData( + DxUint8_t ClientPrvKey_ptr1[], + DxUint16_t ClientPrvKeySize1, + DxUint8_t ClientPrvKey_ptr2[], + DxUint16_t ClientPrvKeySize2, + DxUint8_t ServerPubKey_ptr1[], + DxUint16_t ServerPubKeySize1, + DxUint8_t ServerPubKey_ptr2[], + DxUint16_t ServerPubKeySize2, + DxUint8_t Prime_ptr[], + DxUint16_t PrimeSize, + CRYS_DH_OtherInfo_t *otherInfo_ptr, + CRYS_DH_HASH_OpMode_t hashMode, + CRYS_DH_DerivationFunc_Mode DerivFunc_mode, + CRYS_DH_HybrTemp_t *tmpDhHybr_ptr, + DxUint8_t SecretKeyingData_ptr[], + DxUint16_t SecretKeyingDataSize) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_DH_X942_HybridGetSecretData 0 +#if SEPRPC_MEMREF_NUM_CRYS_DH_X942_HybridGetSecretData > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_DH_X942_HybridGetSecretData is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_DH_X942_HybridGetSecretDataParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t ClientPrvKey_ptr1[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t ClientPrvKey_ptr1_null_flag; + /*le16*/DxUint16_t ClientPrvKeySize1; + DxUint8_t ClientPrvKey_ptr2[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t ClientPrvKey_ptr2_null_flag; + /*le16*/DxUint16_t ClientPrvKeySize2; + DxUint8_t ServerPubKey_ptr1[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t ServerPubKey_ptr1_null_flag; + /*le16*/DxUint16_t ServerPubKeySize1; + DxUint8_t ServerPubKey_ptr2[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t ServerPubKey_ptr2_null_flag; + /*le16*/DxUint16_t ServerPubKeySize2; + DxUint8_t Prime_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t Prime_ptr_null_flag; + /*le16*/DxUint16_t PrimeSize; + CRYS_DH_OtherInfo_t __otherInfo_ptr; + DxUint8_t __otherInfo_ptr_null_flag; + /*le32*/CRYS_DH_HASH_OpMode_t hashMode; + /*le32*/CRYS_DH_DerivationFunc_Mode DerivFunc_mode; + DxUint32_t tmpDhHybr_ptr_size; + /*le16*/DxUint16_t SecretKeyingDataSize; + /* Output */ + DxUint8_t SecretKeyingData_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t SecretKeyingData_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_DH_X942_HybridGetSecretDataParams_s; + + + +/************ CRYS_DH_CreateDomainParams ***************/ +#define SEPRPC_FUNC_ID_CRYS_DH_CreateDomainParams 6 +/* +CRYSError_t CRYS_DH_CreateDomainParams( + DxUint32_t modPsizeBits, + DxUint32_t orderQsizeBits, + DxUint32_t seedSizeBits, + DxUint8_t modP_ptr[], + DxUint8_t orderQ_ptr[], + DxUint8_t generatorG_ptr[], + DxUint32_t *generGsizeBytes_ptr, + DxUint8_t factorJ_ptr[], + DxUint32_t *JsizeBytes_ptr, + DxUint8_t seedS_ptr[], + DxInt8_t generateSeed, + DxUint32_t *pgenCounter_ptr, + CRYS_DHKGData_t *DHKGbuff_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_DH_CreateDomainParams 0 +#if SEPRPC_MEMREF_NUM_CRYS_DH_CreateDomainParams > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_DH_CreateDomainParams is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_DH_CreateDomainParamsParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + /*le32*/DxUint32_t modPsizeBits; + /*le32*/DxUint32_t orderQsizeBits; + /*le32*/DxUint32_t seedSizeBits; + DxInt8_t generateSeed; + DxUint32_t DHKGbuff_ptr_size; + /* Input/Output */ + /*le32*/DxUint32_t __generGsizeBytes_ptr; + DxUint8_t __generGsizeBytes_ptr_null_flag; + /*le32*/DxUint32_t __JsizeBytes_ptr; + DxUint8_t __JsizeBytes_ptr_null_flag; + DxUint8_t seedS_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t seedS_ptr_null_flag; + /* Output */ + DxUint8_t modP_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t modP_ptr_null_flag; + DxUint8_t orderQ_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t orderQ_ptr_null_flag; + DxUint8_t generatorG_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t generatorG_ptr_null_flag; + DxUint8_t factorJ_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t factorJ_ptr_null_flag; + /*le32*/DxUint32_t __pgenCounter_ptr; + DxUint8_t __pgenCounter_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_DH_CreateDomainParamsParams_s; + + + +/************ CRYS_DH_CheckDomainParams ***************/ +#define SEPRPC_FUNC_ID_CRYS_DH_CheckDomainParams 7 +/* +CRYSError_t CRYS_DH_CheckDomainParams( + DxUint8_t modP_ptr[], + DxUint32_t modPsizeBytes, + DxUint8_t orderQ_ptr[], + DxUint32_t orderQsizeBytes, + DxUint8_t generatorG_ptr[], + DxUint32_t generatorSizeBytes, + DxUint8_t seedS_ptr[], + DxUint32_t seedSizeBits, + DxUint32_t pgenCounter, + CRYS_DHKG_CheckTemp_t *checkTempBuff_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_DH_CheckDomainParams 0 +#if SEPRPC_MEMREF_NUM_CRYS_DH_CheckDomainParams > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_DH_CheckDomainParams is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_DH_CheckDomainParamsParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t modP_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t modP_ptr_null_flag; + /*le32*/DxUint32_t modPsizeBytes; + DxUint8_t orderQ_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t orderQ_ptr_null_flag; + /*le32*/DxUint32_t orderQsizeBytes; + DxUint8_t generatorG_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t generatorG_ptr_null_flag; + /*le32*/DxUint32_t generatorSizeBytes; + DxUint8_t seedS_ptr[CRYS_DH_MAX_MOD_SIZE_IN_BYTES]; + DxUint8_t seedS_ptr_null_flag; + /*le32*/DxUint32_t seedSizeBits; + /*le32*/DxUint32_t pgenCounter; + DxUint32_t checkTempBuff_ptr_size; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_DH_CheckDomainParamsParams_s; + + +#endif /*__CRYS_DH_SEPRPC_H__*/ diff --git a/peripheral/keystore/chaabi/libcc54/generated/crys_dh_seprpc_stub.c b/peripheral/keystore/chaabi/libcc54/generated/crys_dh_seprpc_stub.c new file mode 100644 index 0000000..b7d309f --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/generated/crys_dh_seprpc_stub.c @@ -0,0 +1,865 @@ +/* Generated file - DO NOT EDIT! */ +/* Generated by utils/src/sep_rpc_gen/sep_rpc_gen.py@2451 at 2012-09-20 12:33:41.580095 */ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file crys_dh_seprpc_stub.c + * SeP-RPC host wrappers/stubs implementation for CrysDh API */ + +#include <string.h> +#include "crys_dh.h" +#include "crys_dh_error.h" +#include "crys_dh_kg.h" +#include "crys_rsa_prim.h" +#include "sep_rpc.h" +#include "driver_interface.h" +#include "crys_dh_seprpc.h" + + +/************ _DX_DH_GeneratePubPrv ***************/ +CRYSError_t _DX_DH_GeneratePubPrv( + DxUint8_t Generator_ptr[], + DxUint16_t GeneratorSize, + DxUint8_t Prime_ptr[], + DxUint16_t PrimeSize, + DxUint16_t L, + DxUint8_t Q_ptr[], + DxUint16_t QSize, + CRYS_DH_OpMode_t DH_mode, + CRYS_DHUserPubKey_t *tmpPubKey_ptr, + CRYS_DHPrimeData_t *tmpPrimeData_ptr, + DxUint8_t ClientPrvKey_ptr[], + DxUint16_t *ClientPrvKeySize_ptr, + DxUint8_t ClientPub1_ptr[], + DxUint16_t *ClientPubSize_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc__DX_DH_GeneratePubPrvParams params; + + /* Verify input parameters and copy into params. struct. */ + if (Generator_ptr == NULL) { + params.Generator_ptr_null_flag = 1; + } else { + /* Verify array size of Generator_ptr */ + SEP_RPC_ASSERT((GeneratorSize) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.Generator_ptr, Generator_ptr, sizeof(DxUint8_t) * (GeneratorSize)); + params.Generator_ptr_null_flag = 0; + } + + params.GeneratorSize = cpu_to_le16(GeneratorSize); + if (Prime_ptr == NULL) { + params.Prime_ptr_null_flag = 1; + } else { + /* Verify array size of Prime_ptr */ + SEP_RPC_ASSERT((PrimeSize) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.Prime_ptr, Prime_ptr, sizeof(DxUint8_t) * (PrimeSize)); + params.Prime_ptr_null_flag = 0; + } + + params.PrimeSize = cpu_to_le16(PrimeSize); + params.L = cpu_to_le16(L); + if (Q_ptr == NULL) { + params.Q_ptr_null_flag = 1; + } else { + /* Verify array size of Q_ptr */ + SEP_RPC_ASSERT((QSize) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.Q_ptr, Q_ptr, sizeof(DxUint8_t) * (QSize)); + params.Q_ptr_null_flag = 0; + } + + params.QSize = cpu_to_le16(QSize); + params.DH_mode = cpu_to_le32(DH_mode); + if (tmpPubKey_ptr == NULL) { + params.__tmpPubKey_ptr_null_flag = 1; + } else { + params.__tmpPubKey_ptr = *(tmpPubKey_ptr); + params.__tmpPubKey_ptr_null_flag = 0; + } + + params.tmpPrimeData_ptr_size = cpu_to_le32((sizeof(CRYS_DHPrimeData_t))); + if (ClientPrvKeySize_ptr == NULL) { + params.__ClientPrvKeySize_ptr_null_flag = 1; + } else { + params.__ClientPrvKeySize_ptr = cpu_to_le16(*(ClientPrvKeySize_ptr)); + params.__ClientPrvKeySize_ptr_null_flag = 0; + } + + if (ClientPubSize_ptr == NULL) { + params.__ClientPubSize_ptr_null_flag = 1; + } else { + params.__ClientPubSize_ptr = cpu_to_le16(*(ClientPubSize_ptr)); + params.__ClientPubSize_ptr_null_flag = 0; + } + + if (ClientPrvKey_ptr == NULL) { + params.ClientPrvKey_ptr_null_flag = 1; + } else if (ClientPrvKeySize_ptr != NULL) { + /* Verify array size of ClientPrvKey_ptr */ + SEP_RPC_ASSERT((*ClientPrvKeySize_ptr) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + params.ClientPrvKey_ptr_null_flag = 0; + } + + if (ClientPub1_ptr == NULL) { + params.ClientPub1_ptr_null_flag = 1; + } else if (ClientPubSize_ptr != NULL) { + /* Verify array size of ClientPub1_ptr */ + SEP_RPC_ASSERT((*ClientPubSize_ptr) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + params.ClientPub1_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM__DX_DH_GeneratePubPrv); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysDh, SEPRPC_FUNC_ID__DX_DH_GeneratePubPrv, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_DH_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of _DX_DH_GeneratePubPrv failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_DH_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_DH_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (ClientPrvKeySize_ptr == NULL) { + params.__ClientPrvKeySize_ptr_null_flag = 1; + } else { + *(ClientPrvKeySize_ptr) = le16_to_cpu(params.__ClientPrvKeySize_ptr); + params.__ClientPrvKeySize_ptr_null_flag = 0; + } + + if (ClientPubSize_ptr == NULL) { + params.__ClientPubSize_ptr_null_flag = 1; + } else { + *(ClientPubSize_ptr) = le16_to_cpu(params.__ClientPubSize_ptr); + params.__ClientPubSize_ptr_null_flag = 0; + } + + if (ClientPrvKey_ptr == NULL) { + params.ClientPrvKey_ptr_null_flag = 1; + } else if (ClientPrvKeySize_ptr != NULL && (*ClientPrvKeySize_ptr <= (sizeof(params.ClientPrvKey_ptr) / sizeof(params.ClientPrvKey_ptr[0])))) { + memcpy(ClientPrvKey_ptr, params.ClientPrvKey_ptr, sizeof(DxUint8_t) * (*ClientPrvKeySize_ptr)); + params.ClientPrvKey_ptr_null_flag = 0; + } + + if (ClientPub1_ptr == NULL) { + params.ClientPub1_ptr_null_flag = 1; + } else if (ClientPubSize_ptr != NULL && (*ClientPubSize_ptr <= (sizeof(params.ClientPub1_ptr) / sizeof(params.ClientPub1_ptr[0])))) { + memcpy(ClientPub1_ptr, params.ClientPub1_ptr, sizeof(DxUint8_t) * (*ClientPubSize_ptr)); + params.ClientPub1_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* _DX_DH_GeneratePubPrv */ + + + +/************ CRYS_DH_GetSecretKey ***************/ +CRYSError_t CRYS_DH_GetSecretKey( + DxUint8_t ClientPrvKey_ptr[], + DxUint16_t ClientPrvKeySize, + DxUint8_t ServerPubKey_ptr[], + DxUint16_t ServerPubKeySize, + DxUint8_t Prime_ptr[], + DxUint16_t PrimeSize, + CRYS_DHUserPubKey_t *tmpPubKey_ptr, + CRYS_DHPrimeData_t *tmpPrimeData_ptr, + DxUint8_t SecretKey_ptr[], + DxUint16_t *SecretKeySize_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_DH_GetSecretKeyParams params; + + /* Verify input parameters and copy into params. struct. */ + if (ClientPrvKey_ptr == NULL) { + params.ClientPrvKey_ptr_null_flag = 1; + } else { + /* Verify array size of ClientPrvKey_ptr */ + SEP_RPC_ASSERT((ClientPrvKeySize) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.ClientPrvKey_ptr, ClientPrvKey_ptr, sizeof(DxUint8_t) * (ClientPrvKeySize)); + params.ClientPrvKey_ptr_null_flag = 0; + } + + params.ClientPrvKeySize = cpu_to_le16(ClientPrvKeySize); + if (ServerPubKey_ptr == NULL) { + params.ServerPubKey_ptr_null_flag = 1; + } else { + /* Verify array size of ServerPubKey_ptr */ + SEP_RPC_ASSERT((ServerPubKeySize) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.ServerPubKey_ptr, ServerPubKey_ptr, sizeof(DxUint8_t) * (ServerPubKeySize)); + params.ServerPubKey_ptr_null_flag = 0; + } + + params.ServerPubKeySize = cpu_to_le16(ServerPubKeySize); + if (Prime_ptr == NULL) { + params.Prime_ptr_null_flag = 1; + } else { + /* Verify array size of Prime_ptr */ + SEP_RPC_ASSERT((PrimeSize) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.Prime_ptr, Prime_ptr, sizeof(DxUint8_t) * (PrimeSize)); + params.Prime_ptr_null_flag = 0; + } + + params.PrimeSize = cpu_to_le16(PrimeSize); + if (tmpPubKey_ptr == NULL) { + params.__tmpPubKey_ptr_null_flag = 1; + } else { + params.__tmpPubKey_ptr = *(tmpPubKey_ptr); + params.__tmpPubKey_ptr_null_flag = 0; + } + + params.tmpPrimeData_ptr_size = cpu_to_le32((sizeof(CRYS_DHPrimeData_t))); + if (SecretKeySize_ptr == NULL) { + params.__SecretKeySize_ptr_null_flag = 1; + } else { + params.__SecretKeySize_ptr = cpu_to_le16(*(SecretKeySize_ptr)); + params.__SecretKeySize_ptr_null_flag = 0; + } + + if (SecretKey_ptr == NULL) { + params.SecretKey_ptr_null_flag = 1; + } else if (SecretKeySize_ptr != NULL) { + /* Verify array size of SecretKey_ptr */ + SEP_RPC_ASSERT((*SecretKeySize_ptr) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + params.SecretKey_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_DH_GetSecretKey); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysDh, SEPRPC_FUNC_ID_CRYS_DH_GetSecretKey, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_DH_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_DH_GetSecretKey failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_DH_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_DH_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (SecretKeySize_ptr == NULL) { + params.__SecretKeySize_ptr_null_flag = 1; + } else { + *(SecretKeySize_ptr) = le16_to_cpu(params.__SecretKeySize_ptr); + params.__SecretKeySize_ptr_null_flag = 0; + } + + if (SecretKey_ptr == NULL) { + params.SecretKey_ptr_null_flag = 1; + } else if (SecretKeySize_ptr != NULL && (*SecretKeySize_ptr <= (sizeof(params.SecretKey_ptr) / sizeof(params.SecretKey_ptr[0])))) { + memcpy(SecretKey_ptr, params.SecretKey_ptr, sizeof(DxUint8_t) * (*SecretKeySize_ptr)); + params.SecretKey_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_DH_GetSecretKey */ + + + +/************ CRYS_DH_CheckPubKey ***************/ +CRYSError_t CRYS_DH_CheckPubKey( + DxUint8_t modP_ptr[], + DxUint32_t modPsizeBytes, + DxUint8_t orderQ_ptr[], + DxUint32_t orderQsizeBytes, + DxUint8_t pubKey_ptr[], + DxUint32_t pubKeySizeBytes, + CRYS_DH_Temp_t *tempBuff_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_DH_CheckPubKeyParams params; + + /* Verify input parameters and copy into params. struct. */ + if (modP_ptr == NULL) { + params.modP_ptr_null_flag = 1; + } else { + /* Verify array size of modP_ptr */ + SEP_RPC_ASSERT((modPsizeBytes) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.modP_ptr, modP_ptr, sizeof(DxUint8_t) * (modPsizeBytes)); + params.modP_ptr_null_flag = 0; + } + + params.modPsizeBytes = cpu_to_le32(modPsizeBytes); + if (orderQ_ptr == NULL) { + params.orderQ_ptr_null_flag = 1; + } else { + /* Verify array size of orderQ_ptr */ + SEP_RPC_ASSERT((orderQsizeBytes) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.orderQ_ptr, orderQ_ptr, sizeof(DxUint8_t) * (orderQsizeBytes)); + params.orderQ_ptr_null_flag = 0; + } + + params.orderQsizeBytes = cpu_to_le32(orderQsizeBytes); + if (pubKey_ptr == NULL) { + params.pubKey_ptr_null_flag = 1; + } else { + /* Verify array size of pubKey_ptr */ + SEP_RPC_ASSERT((pubKeySizeBytes) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.pubKey_ptr, pubKey_ptr, sizeof(DxUint8_t) * (pubKeySizeBytes)); + params.pubKey_ptr_null_flag = 0; + } + + params.pubKeySizeBytes = cpu_to_le32(pubKeySizeBytes); + params.tempBuff_ptr_size = cpu_to_le32((sizeof(CRYS_DH_ExpTemp_t))); + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_DH_CheckPubKey); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysDh, SEPRPC_FUNC_ID_CRYS_DH_CheckPubKey, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_DH_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_DH_CheckPubKey failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_DH_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_DH_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_DH_CheckPubKey */ + + + +/************ CRYS_DH_X942_GetSecretData ***************/ +CRYSError_t CRYS_DH_X942_GetSecretData( + DxUint8_t ClientPrvKey_ptr[], + DxUint16_t ClientPrvKeySize, + DxUint8_t ServerPubKey_ptr[], + DxUint16_t ServerPubKeySize, + DxUint8_t Prime_ptr[], + DxUint16_t PrimeSize, + CRYS_DH_OtherInfo_t *otherInfo_ptr, + CRYS_DH_HASH_OpMode_t hashMode, + CRYS_DH_DerivationFunc_Mode DerivFunc_mode, + CRYS_DH_Temp_t *tmpBuff_ptr, + DxUint8_t SecretKeyingData_ptr[], + DxUint16_t SecretKeyingDataSize) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_DH_X942_GetSecretDataParams params; + + /* Verify input parameters and copy into params. struct. */ + if (ClientPrvKey_ptr == NULL) { + params.ClientPrvKey_ptr_null_flag = 1; + } else { + /* Verify array size of ClientPrvKey_ptr */ + SEP_RPC_ASSERT((ClientPrvKeySize) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.ClientPrvKey_ptr, ClientPrvKey_ptr, sizeof(DxUint8_t) * (ClientPrvKeySize)); + params.ClientPrvKey_ptr_null_flag = 0; + } + + params.ClientPrvKeySize = cpu_to_le16(ClientPrvKeySize); + if (ServerPubKey_ptr == NULL) { + params.ServerPubKey_ptr_null_flag = 1; + } else { + /* Verify array size of ServerPubKey_ptr */ + SEP_RPC_ASSERT((ServerPubKeySize) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.ServerPubKey_ptr, ServerPubKey_ptr, sizeof(DxUint8_t) * (ServerPubKeySize)); + params.ServerPubKey_ptr_null_flag = 0; + } + + params.ServerPubKeySize = cpu_to_le16(ServerPubKeySize); + if (Prime_ptr == NULL) { + params.Prime_ptr_null_flag = 1; + } else { + /* Verify array size of Prime_ptr */ + SEP_RPC_ASSERT((PrimeSize) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.Prime_ptr, Prime_ptr, sizeof(DxUint8_t) * (PrimeSize)); + params.Prime_ptr_null_flag = 0; + } + + params.PrimeSize = cpu_to_le16(PrimeSize); + if (otherInfo_ptr == NULL) { + params.__otherInfo_ptr_null_flag = 1; + } else { + /* Verify array size of AlgorithmID */ + SEP_RPC_ASSERT((otherInfo_ptr->SizeOfAlgorithmID) <= (CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.__otherInfo_ptr.AlgorithmID, otherInfo_ptr->AlgorithmID, sizeof(DxUint8_t) * (otherInfo_ptr->SizeOfAlgorithmID)); + params.__otherInfo_ptr.SizeOfAlgorithmID = cpu_to_le32(otherInfo_ptr->SizeOfAlgorithmID); + /* Verify array size of PartyUInfo */ + SEP_RPC_ASSERT((otherInfo_ptr->SizeOfPartyUInfo) <= (CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.__otherInfo_ptr.PartyUInfo, otherInfo_ptr->PartyUInfo, sizeof(DxUint8_t) * (otherInfo_ptr->SizeOfPartyUInfo)); + params.__otherInfo_ptr.SizeOfPartyUInfo = cpu_to_le32(otherInfo_ptr->SizeOfPartyUInfo); + /* Verify array size of PartyVInfo */ + SEP_RPC_ASSERT((otherInfo_ptr->SizeOfPartyVInfo) <= (CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.__otherInfo_ptr.PartyVInfo, otherInfo_ptr->PartyVInfo, sizeof(DxUint8_t) * (otherInfo_ptr->SizeOfPartyVInfo)); + params.__otherInfo_ptr.SizeOfPartyVInfo = cpu_to_le32(otherInfo_ptr->SizeOfPartyVInfo); + /* Verify array size of SuppPrivInfo */ + SEP_RPC_ASSERT((otherInfo_ptr->SizeOfSuppPrivInfo) <= (CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.__otherInfo_ptr.SuppPrivInfo, otherInfo_ptr->SuppPrivInfo, sizeof(DxUint8_t) * (otherInfo_ptr->SizeOfSuppPrivInfo)); + params.__otherInfo_ptr.SizeOfSuppPrivInfo = cpu_to_le32(otherInfo_ptr->SizeOfSuppPrivInfo); + /* Verify array size of SuppPubInfo */ + SEP_RPC_ASSERT((otherInfo_ptr->SizeOfSuppPubInfo) <= (CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.__otherInfo_ptr.SuppPubInfo, otherInfo_ptr->SuppPubInfo, sizeof(DxUint8_t) * (otherInfo_ptr->SizeOfSuppPubInfo)); + params.__otherInfo_ptr.SizeOfSuppPubInfo = cpu_to_le32(otherInfo_ptr->SizeOfSuppPubInfo); + params.__otherInfo_ptr_null_flag = 0; + } + + params.hashMode = cpu_to_le32(hashMode); + params.DerivFunc_mode = cpu_to_le32(DerivFunc_mode); + params.tmpBuff_ptr_size = cpu_to_le32((sizeof(CRYS_DHPrimeData_t))); + params.SecretKeyingDataSize = cpu_to_le16(SecretKeyingDataSize); + if (SecretKeyingData_ptr == NULL) { + params.SecretKeyingData_ptr_null_flag = 1; + } else { + /* Verify array size of SecretKeyingData_ptr */ + SEP_RPC_ASSERT((SecretKeyingDataSize) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + params.SecretKeyingData_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_DH_X942_GetSecretData); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysDh, SEPRPC_FUNC_ID_CRYS_DH_X942_GetSecretData, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_DH_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_DH_X942_GetSecretData failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_DH_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_DH_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (SecretKeyingData_ptr == NULL) { + params.SecretKeyingData_ptr_null_flag = 1; + } else if (SecretKeyingDataSize <= (sizeof(params.SecretKeyingData_ptr) / sizeof(params.SecretKeyingData_ptr[0]))) { + memcpy(SecretKeyingData_ptr, params.SecretKeyingData_ptr, sizeof(DxUint8_t) * (SecretKeyingDataSize)); + params.SecretKeyingData_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_DH_X942_GetSecretData */ + + + +/************ CRYS_DH_X942_HybridGetSecretData ***************/ +CRYSError_t CRYS_DH_X942_HybridGetSecretData( + DxUint8_t ClientPrvKey_ptr1[], + DxUint16_t ClientPrvKeySize1, + DxUint8_t ClientPrvKey_ptr2[], + DxUint16_t ClientPrvKeySize2, + DxUint8_t ServerPubKey_ptr1[], + DxUint16_t ServerPubKeySize1, + DxUint8_t ServerPubKey_ptr2[], + DxUint16_t ServerPubKeySize2, + DxUint8_t Prime_ptr[], + DxUint16_t PrimeSize, + CRYS_DH_OtherInfo_t *otherInfo_ptr, + CRYS_DH_HASH_OpMode_t hashMode, + CRYS_DH_DerivationFunc_Mode DerivFunc_mode, + CRYS_DH_HybrTemp_t *tmpDhHybr_ptr, + DxUint8_t SecretKeyingData_ptr[], + DxUint16_t SecretKeyingDataSize) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_DH_X942_HybridGetSecretDataParams params; + + /* Verify input parameters and copy into params. struct. */ + if (ClientPrvKey_ptr1 == NULL) { + params.ClientPrvKey_ptr1_null_flag = 1; + } else { + /* Verify array size of ClientPrvKey_ptr1 */ + SEP_RPC_ASSERT((ClientPrvKeySize1) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.ClientPrvKey_ptr1, ClientPrvKey_ptr1, sizeof(DxUint8_t) * (ClientPrvKeySize1)); + params.ClientPrvKey_ptr1_null_flag = 0; + } + + params.ClientPrvKeySize1 = cpu_to_le16(ClientPrvKeySize1); + if (ClientPrvKey_ptr2 == NULL) { + params.ClientPrvKey_ptr2_null_flag = 1; + } else { + /* Verify array size of ClientPrvKey_ptr2 */ + SEP_RPC_ASSERT((ClientPrvKeySize2) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.ClientPrvKey_ptr2, ClientPrvKey_ptr2, sizeof(DxUint8_t) * (ClientPrvKeySize2)); + params.ClientPrvKey_ptr2_null_flag = 0; + } + + params.ClientPrvKeySize2 = cpu_to_le16(ClientPrvKeySize2); + if (ServerPubKey_ptr1 == NULL) { + params.ServerPubKey_ptr1_null_flag = 1; + } else { + /* Verify array size of ServerPubKey_ptr1 */ + SEP_RPC_ASSERT((ServerPubKeySize1) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.ServerPubKey_ptr1, ServerPubKey_ptr1, sizeof(DxUint8_t) * (ServerPubKeySize1)); + params.ServerPubKey_ptr1_null_flag = 0; + } + + params.ServerPubKeySize1 = cpu_to_le16(ServerPubKeySize1); + if (ServerPubKey_ptr2 == NULL) { + params.ServerPubKey_ptr2_null_flag = 1; + } else { + /* Verify array size of ServerPubKey_ptr2 */ + SEP_RPC_ASSERT((ServerPubKeySize2) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.ServerPubKey_ptr2, ServerPubKey_ptr2, sizeof(DxUint8_t) * (ServerPubKeySize2)); + params.ServerPubKey_ptr2_null_flag = 0; + } + + params.ServerPubKeySize2 = cpu_to_le16(ServerPubKeySize2); + if (Prime_ptr == NULL) { + params.Prime_ptr_null_flag = 1; + } else { + /* Verify array size of Prime_ptr */ + SEP_RPC_ASSERT((PrimeSize) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.Prime_ptr, Prime_ptr, sizeof(DxUint8_t) * (PrimeSize)); + params.Prime_ptr_null_flag = 0; + } + + params.PrimeSize = cpu_to_le16(PrimeSize); + if (otherInfo_ptr == NULL) { + params.__otherInfo_ptr_null_flag = 1; + } else { + /* Verify array size of AlgorithmID */ + SEP_RPC_ASSERT((otherInfo_ptr->SizeOfAlgorithmID) <= (CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.__otherInfo_ptr.AlgorithmID, otherInfo_ptr->AlgorithmID, sizeof(DxUint8_t) * (otherInfo_ptr->SizeOfAlgorithmID)); + params.__otherInfo_ptr.SizeOfAlgorithmID = cpu_to_le32(otherInfo_ptr->SizeOfAlgorithmID); + /* Verify array size of PartyUInfo */ + SEP_RPC_ASSERT((otherInfo_ptr->SizeOfPartyUInfo) <= (CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.__otherInfo_ptr.PartyUInfo, otherInfo_ptr->PartyUInfo, sizeof(DxUint8_t) * (otherInfo_ptr->SizeOfPartyUInfo)); + params.__otherInfo_ptr.SizeOfPartyUInfo = cpu_to_le32(otherInfo_ptr->SizeOfPartyUInfo); + /* Verify array size of PartyVInfo */ + SEP_RPC_ASSERT((otherInfo_ptr->SizeOfPartyVInfo) <= (CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.__otherInfo_ptr.PartyVInfo, otherInfo_ptr->PartyVInfo, sizeof(DxUint8_t) * (otherInfo_ptr->SizeOfPartyVInfo)); + params.__otherInfo_ptr.SizeOfPartyVInfo = cpu_to_le32(otherInfo_ptr->SizeOfPartyVInfo); + /* Verify array size of SuppPrivInfo */ + SEP_RPC_ASSERT((otherInfo_ptr->SizeOfSuppPrivInfo) <= (CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.__otherInfo_ptr.SuppPrivInfo, otherInfo_ptr->SuppPrivInfo, sizeof(DxUint8_t) * (otherInfo_ptr->SizeOfSuppPrivInfo)); + params.__otherInfo_ptr.SizeOfSuppPrivInfo = cpu_to_le32(otherInfo_ptr->SizeOfSuppPrivInfo); + /* Verify array size of SuppPubInfo */ + SEP_RPC_ASSERT((otherInfo_ptr->SizeOfSuppPubInfo) <= (CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.__otherInfo_ptr.SuppPubInfo, otherInfo_ptr->SuppPubInfo, sizeof(DxUint8_t) * (otherInfo_ptr->SizeOfSuppPubInfo)); + params.__otherInfo_ptr.SizeOfSuppPubInfo = cpu_to_le32(otherInfo_ptr->SizeOfSuppPubInfo); + params.__otherInfo_ptr_null_flag = 0; + } + + params.hashMode = cpu_to_le32(hashMode); + params.DerivFunc_mode = cpu_to_le32(DerivFunc_mode); + params.tmpDhHybr_ptr_size = cpu_to_le32((sizeof(CRYS_DHPrimeData_t))); + params.SecretKeyingDataSize = cpu_to_le16(SecretKeyingDataSize); + if (SecretKeyingData_ptr == NULL) { + params.SecretKeyingData_ptr_null_flag = 1; + } else { + /* Verify array size of SecretKeyingData_ptr */ + SEP_RPC_ASSERT((SecretKeyingDataSize) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + params.SecretKeyingData_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_DH_X942_HybridGetSecretData); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysDh, SEPRPC_FUNC_ID_CRYS_DH_X942_HybridGetSecretData, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_DH_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_DH_X942_HybridGetSecretData failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_DH_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_DH_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (SecretKeyingData_ptr == NULL) { + params.SecretKeyingData_ptr_null_flag = 1; + } else if (SecretKeyingDataSize <= (sizeof(params.SecretKeyingData_ptr) / sizeof(params.SecretKeyingData_ptr[0]))) { + memcpy(SecretKeyingData_ptr, params.SecretKeyingData_ptr, sizeof(DxUint8_t) * (SecretKeyingDataSize)); + params.SecretKeyingData_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_DH_X942_HybridGetSecretData */ + + + +/************ CRYS_DH_CreateDomainParams ***************/ +CRYSError_t CRYS_DH_CreateDomainParams( + DxUint32_t modPsizeBits, + DxUint32_t orderQsizeBits, + DxUint32_t seedSizeBits, + DxUint8_t modP_ptr[], + DxUint8_t orderQ_ptr[], + DxUint8_t generatorG_ptr[], + DxUint32_t *generGsizeBytes_ptr, + DxUint8_t factorJ_ptr[], + DxUint32_t *JsizeBytes_ptr, + DxUint8_t seedS_ptr[], + DxInt8_t generateSeed, + DxUint32_t *pgenCounter_ptr, + CRYS_DHKGData_t *DHKGbuff_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_DH_CreateDomainParamsParams params; + + /* Verify input parameters and copy into params. struct. */ + params.modPsizeBits = cpu_to_le32(modPsizeBits); + params.orderQsizeBits = cpu_to_le32(orderQsizeBits); + params.seedSizeBits = cpu_to_le32(seedSizeBits); + params.generateSeed = generateSeed; + params.DHKGbuff_ptr_size = cpu_to_le32((sizeof(CRYS_DHKGData_t))); + if (generGsizeBytes_ptr == NULL) { + params.__generGsizeBytes_ptr_null_flag = 1; + } else { + params.__generGsizeBytes_ptr = cpu_to_le32(*(generGsizeBytes_ptr)); + params.__generGsizeBytes_ptr_null_flag = 0; + } + + if (JsizeBytes_ptr == NULL) { + params.__JsizeBytes_ptr_null_flag = 1; + } else { + params.__JsizeBytes_ptr = cpu_to_le32(*(JsizeBytes_ptr)); + params.__JsizeBytes_ptr_null_flag = 0; + } + + if (seedS_ptr == NULL) { + params.seedS_ptr_null_flag = 1; + } else { + /* Verify array size of seedS_ptr */ + SEP_RPC_ASSERT(((seedSizeBits+7)/8) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.seedS_ptr, seedS_ptr, sizeof(DxUint8_t) * ((seedSizeBits+7)/8)); + params.seedS_ptr_null_flag = 0; + } + + if (modP_ptr == NULL) { + params.modP_ptr_null_flag = 1; + } else { + /* Verify array size of modP_ptr */ + SEP_RPC_ASSERT(((modPsizeBits+7)/8) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + params.modP_ptr_null_flag = 0; + } + + if (orderQ_ptr == NULL) { + params.orderQ_ptr_null_flag = 1; + } else { + /* Verify array size of orderQ_ptr */ + SEP_RPC_ASSERT(((orderQsizeBits+7)/8) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + params.orderQ_ptr_null_flag = 0; + } + + if (generatorG_ptr == NULL) { + params.generatorG_ptr_null_flag = 1; + } else if (generGsizeBytes_ptr != NULL) { + /* Verify array size of generatorG_ptr */ + SEP_RPC_ASSERT((*generGsizeBytes_ptr) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + params.generatorG_ptr_null_flag = 0; + } + + if (factorJ_ptr == NULL) { + params.factorJ_ptr_null_flag = 1; + } else if (JsizeBytes_ptr != NULL) { + /* Verify array size of factorJ_ptr */ + SEP_RPC_ASSERT((*JsizeBytes_ptr) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + params.factorJ_ptr_null_flag = 0; + } + + if (pgenCounter_ptr == NULL) { + params.__pgenCounter_ptr_null_flag = 1; + } else { + params.__pgenCounter_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_DH_CreateDomainParams); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysDh, SEPRPC_FUNC_ID_CRYS_DH_CreateDomainParams, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_DH_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_DH_CreateDomainParams failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_DH_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_DH_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (generGsizeBytes_ptr == NULL) { + params.__generGsizeBytes_ptr_null_flag = 1; + } else { + *(generGsizeBytes_ptr) = le32_to_cpu(params.__generGsizeBytes_ptr); + params.__generGsizeBytes_ptr_null_flag = 0; + } + + if (JsizeBytes_ptr == NULL) { + params.__JsizeBytes_ptr_null_flag = 1; + } else { + *(JsizeBytes_ptr) = le32_to_cpu(params.__JsizeBytes_ptr); + params.__JsizeBytes_ptr_null_flag = 0; + } + + if (seedS_ptr == NULL) { + params.seedS_ptr_null_flag = 1; + } else { + memcpy(seedS_ptr, params.seedS_ptr, sizeof(DxUint8_t) * ((seedSizeBits+7)/8)); + params.seedS_ptr_null_flag = 0; + } + + if (modP_ptr == NULL) { + params.modP_ptr_null_flag = 1; + } else { + memcpy(modP_ptr, params.modP_ptr, sizeof(DxUint8_t) * ((modPsizeBits+7)/8)); + params.modP_ptr_null_flag = 0; + } + + if (orderQ_ptr == NULL) { + params.orderQ_ptr_null_flag = 1; + } else { + memcpy(orderQ_ptr, params.orderQ_ptr, sizeof(DxUint8_t) * ((orderQsizeBits+7)/8)); + params.orderQ_ptr_null_flag = 0; + } + + if (generatorG_ptr == NULL) { + params.generatorG_ptr_null_flag = 1; + } else if (generGsizeBytes_ptr != NULL) { + memcpy(generatorG_ptr, params.generatorG_ptr, sizeof(DxUint8_t) * (*generGsizeBytes_ptr)); + params.generatorG_ptr_null_flag = 0; + } + + if (factorJ_ptr == NULL) { + params.factorJ_ptr_null_flag = 1; + } else if (JsizeBytes_ptr != NULL) { + memcpy(factorJ_ptr, params.factorJ_ptr, sizeof(DxUint8_t) * (*JsizeBytes_ptr)); + params.factorJ_ptr_null_flag = 0; + } + + if (pgenCounter_ptr == NULL) { + params.__pgenCounter_ptr_null_flag = 1; + } else { + *(pgenCounter_ptr) = le32_to_cpu(params.__pgenCounter_ptr); + params.__pgenCounter_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_DH_CreateDomainParams */ + + + +/************ CRYS_DH_CheckDomainParams ***************/ +CRYSError_t CRYS_DH_CheckDomainParams( + DxUint8_t modP_ptr[], + DxUint32_t modPsizeBytes, + DxUint8_t orderQ_ptr[], + DxUint32_t orderQsizeBytes, + DxUint8_t generatorG_ptr[], + DxUint32_t generatorSizeBytes, + DxUint8_t seedS_ptr[], + DxUint32_t seedSizeBits, + DxUint32_t pgenCounter, + CRYS_DHKG_CheckTemp_t *checkTempBuff_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_DH_CheckDomainParamsParams params; + + /* Verify input parameters and copy into params. struct. */ + if (modP_ptr == NULL) { + params.modP_ptr_null_flag = 1; + } else { + /* Verify array size of modP_ptr */ + SEP_RPC_ASSERT((modPsizeBytes) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.modP_ptr, modP_ptr, sizeof(DxUint8_t) * (modPsizeBytes)); + params.modP_ptr_null_flag = 0; + } + + params.modPsizeBytes = cpu_to_le32(modPsizeBytes); + if (orderQ_ptr == NULL) { + params.orderQ_ptr_null_flag = 1; + } else { + /* Verify array size of orderQ_ptr */ + SEP_RPC_ASSERT((orderQsizeBytes) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.orderQ_ptr, orderQ_ptr, sizeof(DxUint8_t) * (orderQsizeBytes)); + params.orderQ_ptr_null_flag = 0; + } + + params.orderQsizeBytes = cpu_to_le32(orderQsizeBytes); + if (generatorG_ptr == NULL) { + params.generatorG_ptr_null_flag = 1; + } else { + /* Verify array size of generatorG_ptr */ + SEP_RPC_ASSERT((generatorSizeBytes) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.generatorG_ptr, generatorG_ptr, sizeof(DxUint8_t) * (generatorSizeBytes)); + params.generatorG_ptr_null_flag = 0; + } + + params.generatorSizeBytes = cpu_to_le32(generatorSizeBytes); + if (seedS_ptr == NULL) { + params.seedS_ptr_null_flag = 1; + } else { + /* Verify array size of seedS_ptr */ + SEP_RPC_ASSERT(((seedSizeBits+7)/8) <= (CRYS_DH_MAX_MOD_SIZE_IN_BYTES), CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.seedS_ptr, seedS_ptr, sizeof(DxUint8_t) * ((seedSizeBits+7)/8)); + params.seedS_ptr_null_flag = 0; + } + + params.seedSizeBits = cpu_to_le32(seedSizeBits); + params.pgenCounter = cpu_to_le32(pgenCounter); + params.checkTempBuff_ptr_size = cpu_to_le32((sizeof(CRYS_DHKG_CheckTemp_t))); + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_DH_CheckDomainParams); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysDh, SEPRPC_FUNC_ID_CRYS_DH_CheckDomainParams, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_DH_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_DH_CheckDomainParams failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_DH_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_DH_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_DH_CheckDomainParams */ + diff --git a/peripheral/keystore/chaabi/libcc54/generated/crys_ecc_seprpc.h b/peripheral/keystore/chaabi/libcc54/generated/crys_ecc_seprpc.h new file mode 100644 index 0000000..c1a2af9 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/generated/crys_ecc_seprpc.h @@ -0,0 +1,521 @@ +/* Generated file - DO NOT EDIT! */ +/* Generated by utils/src/sep_rpc_gen/sep_rpc_gen.py@2451 at 2012-09-20 11:56:58.509141 */ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file crys_ecc_seprpc.h + * SeP-RPC header file for CrysEcc API */ + +#ifndef __CRYS_ECC_SEPRPC_H__ +#define __CRYS_ECC_SEPRPC_H__ + +#define SEPRPC_AGENT_ID_CrysEcc 4 + +#include "crys_host_rpc_config.h" +#include "crys_ecpki_error.h" +#include "crys_ecpki_build.h" +#include "crys_ecpki_types.h" +#include "crys_ecpki_ecdsa.h" +#include "crys_ecpki_elgamal.h" +#include "crys_ecpki_kg.h" +#include "crys_ecpki_dh.h" +#include "sep_rpc.h" +#include "dx_pal_compiler.h" + + +/************ CRYS_ECPKI_BuildPrivKey ***************/ +#define SEPRPC_FUNC_ID_CRYS_ECPKI_BuildPrivKey 1 +/* +CRYSError_t CRYS_ECPKI_BuildPrivKey( + CRYS_ECPKI_DomainID_t DomainID, + DxUint8_t PrivKeyIn_ptr[], + DxUint32_t PrivKeySizeInBytes, + CRYS_ECPKI_UserPrivKey_t *UserPrivKey_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_ECPKI_BuildPrivKey 0 +#if SEPRPC_MEMREF_NUM_CRYS_ECPKI_BuildPrivKey > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_ECPKI_BuildPrivKey is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_ECPKI_BuildPrivKeyParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + /*le32*/CRYS_ECPKI_DomainID_t DomainID; + DxUint8_t PrivKeyIn_ptr[4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+2]; + DxUint8_t PrivKeyIn_ptr_null_flag; + /*le32*/DxUint32_t PrivKeySizeInBytes; + /* Output */ + CRYS_ECPKI_UserPrivKey_t __UserPrivKey_ptr; + DxUint8_t __UserPrivKey_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_ECPKI_BuildPrivKeyParams_s; + + + +/************ _DX_ECPKI_BuildPublKey ***************/ +#define SEPRPC_FUNC_ID__DX_ECPKI_BuildPublKey 2 +/* +CRYSError_t _DX_ECPKI_BuildPublKey( + CRYS_ECPKI_DomainID_t DomainID, + DxUint8_t PublKeyIn_ptr[], + DxUint32_t PublKeySizeInBytes, + EC_PublKeyCheckMode_t CheckMode, + CRYS_ECPKI_UserPublKey_t *UserPublKey_ptr, + CRYS_ECPKI_BUILD_TempData_t *TempBuff_ptr) +*/ + +#define SEPRPC_MEMREF_NUM__DX_ECPKI_BuildPublKey 0 +#if SEPRPC_MEMREF_NUM__DX_ECPKI_BuildPublKey > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM__DX_ECPKI_BuildPublKey is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc__DX_ECPKI_BuildPublKeyParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + /*le32*/CRYS_ECPKI_DomainID_t DomainID; + DxUint8_t PublKeyIn_ptr[4*2*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+2]; + DxUint8_t PublKeyIn_ptr_null_flag; + /*le32*/DxUint32_t PublKeySizeInBytes; + /*le32*/EC_PublKeyCheckMode_t CheckMode; + DxUint32_t TempBuff_ptr_size; + /* Output */ + CRYS_ECPKI_UserPublKey_t __UserPublKey_ptr; + DxUint8_t __UserPublKey_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc__DX_ECPKI_BuildPublKeyParams_s; + + + +/************ CRYS_ECDSA_SignInit ***************/ +#define SEPRPC_FUNC_ID_CRYS_ECDSA_SignInit 3 +/* +CRYSError_t CRYS_ECDSA_SignInit( + CRYS_ECDSA_SignUserContext_t *SignUserContext_ptr, + CRYS_ECPKI_UserPrivKey_t *SignerPrivKey_ptr, + CRYS_ECPKI_HASH_OpMode_t HashMode) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_ECDSA_SignInit 0 +#if SEPRPC_MEMREF_NUM_CRYS_ECDSA_SignInit > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_ECDSA_SignInit is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_ECDSA_SignInitParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + CRYS_ECPKI_UserPrivKey_t __SignerPrivKey_ptr; + DxUint8_t __SignerPrivKey_ptr_null_flag; + /*le32*/CRYS_ECPKI_HASH_OpMode_t HashMode; + /* Input/Output */ + CRYS_ECDSA_SignUserContext_t __SignUserContext_ptr; + DxUint8_t __SignUserContext_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_ECDSA_SignInitParams_s; + + + +/************ CRYS_ECDSA_SignUpdate ***************/ +#define SEPRPC_FUNC_ID_CRYS_ECDSA_SignUpdate 4 +/* +CRYSError_t CRYS_ECDSA_SignUpdate( + CRYS_ECDSA_SignUserContext_t *SignUserContext_ptr, + DxUint8_t *MessageDataIn_ptr, + DxUint32_t DataInSize) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_ECDSA_SignUpdate 1 +#if SEPRPC_MEMREF_NUM_CRYS_ECDSA_SignUpdate > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_ECDSA_SignUpdate is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif +#define SEPRPC_MEMREF_IDX_MessageDataIn_ptr 0 + +typedef struct SepRpc_CRYS_ECDSA_SignUpdateParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + struct seprpc_memref memref[SEPRPC_MEMREF_NUM_CRYS_ECDSA_SignUpdate]; + /* Input */ + /*le32*/DxUint32_t DataInSize; + /* Input/Output */ + CRYS_ECDSA_SignUserContext_t __SignUserContext_ptr; + DxUint8_t __SignUserContext_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_ECDSA_SignUpdateParams_s; + + + +/************ _DX_ECDSA_SignFinish ***************/ +#define SEPRPC_FUNC_ID__DX_ECDSA_SignFinish 5 +/* +CRYSError_t _DX_ECDSA_SignFinish( + CRYS_ECDSA_SignUserContext_t *SignUserContext_ptr, + DxUint8_t SignatureOut_ptr[], + DxUint32_t *SignatureOutSize_ptr, + DxInt8_t IsEphemerKeyInternal, + DxUint32_t EphemerKeyData_ptr[]) +*/ + +#define SEPRPC_MEMREF_NUM__DX_ECDSA_SignFinish 0 +#if SEPRPC_MEMREF_NUM__DX_ECDSA_SignFinish > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM__DX_ECDSA_SignFinish is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc__DX_ECDSA_SignFinishParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + CRYS_ECDSA_SignUserContext_t __SignUserContext_ptr; + DxUint8_t __SignUserContext_ptr_null_flag; + DxInt8_t IsEphemerKeyInternal; + DxUint32_t EphemerKeyData_ptr[4*(CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+1)+2*4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + DxUint8_t EphemerKeyData_ptr_null_flag; + /* Input/Output */ + /*le32*/DxUint32_t __SignatureOutSize_ptr; + DxUint8_t __SignatureOutSize_ptr_null_flag; + /* Output */ + DxUint8_t SignatureOut_ptr[4*2*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+2]; + DxUint8_t SignatureOut_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc__DX_ECDSA_SignFinishParams_s; + + + +/************ CRYS_ECDSA_Sign ***************/ +#define SEPRPC_FUNC_ID_CRYS_ECDSA_Sign 6 +/* +CRYSError_t CRYS_ECDSA_Sign( + CRYS_ECDSA_SignUserContext_t *SignUserContext_ptr, + CRYS_ECPKI_UserPrivKey_t *SignerPrivKey_ptr, + CRYS_ECPKI_HASH_OpMode_t HashMode, + DxUint8_t *MessageDataIn_ptr, + DxUint32_t MessageSizeInBytes, + DxUint8_t SignatureOut_ptr[], + DxUint32_t *SignatureOutSize_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_ECDSA_Sign 1 +#if SEPRPC_MEMREF_NUM_CRYS_ECDSA_Sign > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_ECDSA_Sign is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif +#define SEPRPC_MEMREF_IDX_MessageDataIn_ptr 0 + +typedef struct SepRpc_CRYS_ECDSA_SignParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + struct seprpc_memref memref[SEPRPC_MEMREF_NUM_CRYS_ECDSA_Sign]; + /* Input */ + DxUint32_t SignUserContext_ptr_size; + CRYS_ECPKI_UserPrivKey_t __SignerPrivKey_ptr; + DxUint8_t __SignerPrivKey_ptr_null_flag; + /*le32*/CRYS_ECPKI_HASH_OpMode_t HashMode; + /*le32*/DxUint32_t MessageSizeInBytes; + /* Input/Output */ + /*le32*/DxUint32_t __SignatureOutSize_ptr; + DxUint8_t __SignatureOutSize_ptr_null_flag; + /* Output */ + DxUint8_t SignatureOut_ptr[4*2*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+2]; + DxUint8_t SignatureOut_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_ECDSA_SignParams_s; + + + +/************ CRYS_ECDSA_VerifyInit ***************/ +#define SEPRPC_FUNC_ID_CRYS_ECDSA_VerifyInit 7 +/* +CRYSError_t CRYS_ECDSA_VerifyInit( + CRYS_ECDSA_VerifyUserContext_t *VerifyUserContext_ptr, + CRYS_ECPKI_UserPublKey_t *SignerPublKey_ptr, + CRYS_ECPKI_HASH_OpMode_t HashMode) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_ECDSA_VerifyInit 0 +#if SEPRPC_MEMREF_NUM_CRYS_ECDSA_VerifyInit > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_ECDSA_VerifyInit is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_ECDSA_VerifyInitParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + CRYS_ECPKI_UserPublKey_t __SignerPublKey_ptr; + DxUint8_t __SignerPublKey_ptr_null_flag; + /*le32*/CRYS_ECPKI_HASH_OpMode_t HashMode; + /* Input/Output */ + CRYS_ECDSA_VerifyUserContext_t __VerifyUserContext_ptr; + DxUint8_t __VerifyUserContext_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_ECDSA_VerifyInitParams_s; + + + +/************ CRYS_ECDSA_VerifyUpdate ***************/ +#define SEPRPC_FUNC_ID_CRYS_ECDSA_VerifyUpdate 8 +/* +CRYSError_t CRYS_ECDSA_VerifyUpdate( + CRYS_ECDSA_VerifyUserContext_t *VerifyUserContext_ptr, + DxUint8_t *MessageDataIn_ptr, + DxUint32_t DataInSize) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_ECDSA_VerifyUpdate 1 +#if SEPRPC_MEMREF_NUM_CRYS_ECDSA_VerifyUpdate > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_ECDSA_VerifyUpdate is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif +#define SEPRPC_MEMREF_IDX_MessageDataIn_ptr 0 + +typedef struct SepRpc_CRYS_ECDSA_VerifyUpdateParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + struct seprpc_memref memref[SEPRPC_MEMREF_NUM_CRYS_ECDSA_VerifyUpdate]; + /* Input */ + /*le32*/DxUint32_t DataInSize; + /* Input/Output */ + CRYS_ECDSA_VerifyUserContext_t __VerifyUserContext_ptr; + DxUint8_t __VerifyUserContext_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_ECDSA_VerifyUpdateParams_s; + + + +/************ CRYS_ECDSA_VerifyFinish ***************/ +#define SEPRPC_FUNC_ID_CRYS_ECDSA_VerifyFinish 9 +/* +CRYSError_t CRYS_ECDSA_VerifyFinish( + CRYS_ECDSA_VerifyUserContext_t *VerifyUserContext_ptr, + DxUint8_t SignatureIn_ptr[], + DxUint32_t SignatureSizeBytes) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_ECDSA_VerifyFinish 0 +#if SEPRPC_MEMREF_NUM_CRYS_ECDSA_VerifyFinish > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_ECDSA_VerifyFinish is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_ECDSA_VerifyFinishParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t SignatureIn_ptr[4*2*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + DxUint8_t SignatureIn_ptr_null_flag; + /*le32*/DxUint32_t SignatureSizeBytes; + /* Input/Output */ + CRYS_ECDSA_VerifyUserContext_t __VerifyUserContext_ptr; + DxUint8_t __VerifyUserContext_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_ECDSA_VerifyFinishParams_s; + + + +/************ CRYS_ECDSA_Verify ***************/ +#define SEPRPC_FUNC_ID_CRYS_ECDSA_Verify 10 +/* +CRYSError_t CRYS_ECDSA_Verify( + CRYS_ECDSA_VerifyUserContext_t *VerifyUserContext_ptr, + CRYS_ECPKI_UserPublKey_t *UserPublKey_ptr, + CRYS_ECPKI_HASH_OpMode_t HashMode, + DxUint8_t SignatureIn_ptr[], + DxUint32_t SignatureSizeBytes, + DxUint8_t *MessageDataIn_ptr, + DxUint32_t MessageSizeInBytes) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_ECDSA_Verify 1 +#if SEPRPC_MEMREF_NUM_CRYS_ECDSA_Verify > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_ECDSA_Verify is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif +#define SEPRPC_MEMREF_IDX_MessageDataIn_ptr 0 + +typedef struct SepRpc_CRYS_ECDSA_VerifyParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + struct seprpc_memref memref[SEPRPC_MEMREF_NUM_CRYS_ECDSA_Verify]; + /* Input */ + DxUint32_t VerifyUserContext_ptr_size; + CRYS_ECPKI_UserPublKey_t __UserPublKey_ptr; + DxUint8_t __UserPublKey_ptr_null_flag; + /*le32*/CRYS_ECPKI_HASH_OpMode_t HashMode; + DxUint8_t SignatureIn_ptr[4*2*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + DxUint8_t SignatureIn_ptr_null_flag; + /*le32*/DxUint32_t SignatureSizeBytes; + /*le32*/DxUint32_t MessageSizeInBytes; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_ECDSA_VerifyParams_s; + + + +/************ _DX_ECPKI_ELGAMAL_Encrypt ***************/ +#define SEPRPC_FUNC_ID__DX_ECPKI_ELGAMAL_Encrypt 11 +/* +CRYSError_t _DX_ECPKI_ELGAMAL_Encrypt( + CRYS_ECPKI_UserPublKey_t *ReceiverUserPublKey_ptr, + DxUint8_t MessageIn_ptr[], + DxUint32_t MessageInSizeBytes, + DxUint8_t EncrMessageOut_ptr[], + DxUint32_t *EncrMessOutSize_ptr, + DxInt8_t IsEphemerKeyInternal, + DxUint8_t EphemerPrivKeyIn_ptr[], + DxUint32_t EphemerPrivKeySizeBytes, + CRYS_EC_ELGAMAL_TempData_t *TempData_ptr) +*/ + +#define SEPRPC_MEMREF_NUM__DX_ECPKI_ELGAMAL_Encrypt 0 +#if SEPRPC_MEMREF_NUM__DX_ECPKI_ELGAMAL_Encrypt > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM__DX_ECPKI_ELGAMAL_Encrypt is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc__DX_ECPKI_ELGAMAL_EncryptParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + CRYS_ECPKI_UserPublKey_t __ReceiverUserPublKey_ptr; + DxUint8_t __ReceiverUserPublKey_ptr_null_flag; + DxUint8_t MessageIn_ptr[4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + DxUint8_t MessageIn_ptr_null_flag; + /*le32*/DxUint32_t MessageInSizeBytes; + DxInt8_t IsEphemerKeyInternal; + DxUint8_t EphemerPrivKeyIn_ptr[4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + DxUint8_t EphemerPrivKeyIn_ptr_null_flag; + /*le32*/DxUint32_t EphemerPrivKeySizeBytes; + CRYS_EC_ELGAMAL_TempData_t __TempData_ptr; + DxUint8_t __TempData_ptr_null_flag; + /* Input/Output */ + /*le32*/DxUint32_t __EncrMessOutSize_ptr; + DxUint8_t __EncrMessOutSize_ptr_null_flag; + /* Output */ + DxUint8_t EncrMessageOut_ptr[4*4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + DxUint8_t EncrMessageOut_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc__DX_ECPKI_ELGAMAL_EncryptParams_s; + + + +/************ CRYS_ECPKI_ELGAMAL_Decrypt ***************/ +#define SEPRPC_FUNC_ID_CRYS_ECPKI_ELGAMAL_Decrypt 12 +/* +CRYSError_t CRYS_ECPKI_ELGAMAL_Decrypt( + CRYS_ECPKI_UserPrivKey_t *ReceiverUserPrivKey_ptr, + DxUint8_t EncrMessageIn_ptr[], + DxUint32_t EncrMessageSizeInBytes, + DxUint8_t DecrMessageOut_ptr[], + DxUint32_t *DecrMessageOutSize_ptr, + CRYS_EC_ELGAMAL_TempData_t *TempData_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_ECPKI_ELGAMAL_Decrypt 0 +#if SEPRPC_MEMREF_NUM_CRYS_ECPKI_ELGAMAL_Decrypt > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_ECPKI_ELGAMAL_Decrypt is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_ECPKI_ELGAMAL_DecryptParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + CRYS_ECPKI_UserPrivKey_t __ReceiverUserPrivKey_ptr; + DxUint8_t __ReceiverUserPrivKey_ptr_null_flag; + DxUint8_t EncrMessageIn_ptr[4*4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + DxUint8_t EncrMessageIn_ptr_null_flag; + /*le32*/DxUint32_t EncrMessageSizeInBytes; + DxUint32_t TempData_ptr_size; + /* Input/Output */ + /*le32*/DxUint32_t __DecrMessageOutSize_ptr; + DxUint8_t __DecrMessageOutSize_ptr_null_flag; + /* Output */ + DxUint8_t DecrMessageOut_ptr[4*4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + DxUint8_t DecrMessageOut_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_ECPKI_ELGAMAL_DecryptParams_s; + + + +/************ CRYS_ECDH_SVDP_DH ***************/ +#define SEPRPC_FUNC_ID_CRYS_ECDH_SVDP_DH 13 +/* +CRYSError_t CRYS_ECDH_SVDP_DH( + CRYS_ECPKI_UserPublKey_t *PartnerPublKey_ptr, + CRYS_ECPKI_UserPrivKey_t *UserPrivKey_ptr, + DxUint8_t SharedSecretValue_ptr[], + DxUint32_t *SharedSecrValSize_ptr, + CRYS_ECDH_TempData_t *TempBuff_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_ECDH_SVDP_DH 0 +#if SEPRPC_MEMREF_NUM_CRYS_ECDH_SVDP_DH > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_ECDH_SVDP_DH is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_ECDH_SVDP_DHParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + CRYS_ECPKI_UserPublKey_t __PartnerPublKey_ptr; + DxUint8_t __PartnerPublKey_ptr_null_flag; + CRYS_ECPKI_UserPrivKey_t __UserPrivKey_ptr; + DxUint8_t __UserPrivKey_ptr_null_flag; + DxUint32_t TempBuff_ptr_size; + /* Input/Output */ + /*le32*/DxUint32_t __SharedSecrValSize_ptr; + DxUint8_t __SharedSecrValSize_ptr_null_flag; + /* Output */ + DxUint8_t SharedSecretValue_ptr[4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + DxUint8_t SharedSecretValue_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_ECDH_SVDP_DHParams_s; + + + +/************ CRYS_ECPKI_ExportPublKey ***************/ +#define SEPRPC_FUNC_ID_CRYS_ECPKI_ExportPublKey 14 +/* +CRYSError_t CRYS_ECPKI_ExportPublKey( + CRYS_ECPKI_UserPublKey_t *UserPublKey_ptr, + CRYS_ECPKI_PointCompression_t Compression, + DxUint8_t ExternPublKey_ptr[], + DxUint32_t *PublKeySizeInBytes_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_ECPKI_ExportPublKey 0 +#if SEPRPC_MEMREF_NUM_CRYS_ECPKI_ExportPublKey > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_ECPKI_ExportPublKey is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_ECPKI_ExportPublKeyParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + CRYS_ECPKI_UserPublKey_t __UserPublKey_ptr; + DxUint8_t __UserPublKey_ptr_null_flag; + /*le32*/CRYS_ECPKI_PointCompression_t Compression; + /* Input/Output */ + /*le32*/DxUint32_t __PublKeySizeInBytes_ptr; + DxUint8_t __PublKeySizeInBytes_ptr_null_flag; + /* Output */ + DxUint8_t ExternPublKey_ptr[4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS*2+1]; + DxUint8_t ExternPublKey_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_ECPKI_ExportPublKeyParams_s; + + + +/************ CRYS_ECPKI_GenKeyPair ***************/ +#define SEPRPC_FUNC_ID_CRYS_ECPKI_GenKeyPair 15 +/* +CRYSError_t CRYS_ECPKI_GenKeyPair( + CRYS_ECPKI_DomainID_t DomainID, + CRYS_ECPKI_UserPrivKey_t *UserPrivKey_ptr, + CRYS_ECPKI_UserPublKey_t *UserPublKey_ptr, + CRYS_ECPKI_KG_TempData_t *TempData_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_ECPKI_GenKeyPair 0 +#if SEPRPC_MEMREF_NUM_CRYS_ECPKI_GenKeyPair > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_ECPKI_GenKeyPair is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_ECPKI_GenKeyPairParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + /*le32*/CRYS_ECPKI_DomainID_t DomainID; + DxUint32_t TempData_ptr_size; + /* Output */ + CRYS_ECPKI_UserPrivKey_t __UserPrivKey_ptr; + DxUint8_t __UserPrivKey_ptr_null_flag; + CRYS_ECPKI_UserPublKey_t __UserPublKey_ptr; + DxUint8_t __UserPublKey_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_ECPKI_GenKeyPairParams_s; + + +#endif /*__CRYS_ECC_SEPRPC_H__*/ diff --git a/peripheral/keystore/chaabi/libcc54/generated/crys_ecc_seprpc_stub.c b/peripheral/keystore/chaabi/libcc54/generated/crys_ecc_seprpc_stub.c new file mode 100644 index 0000000..111a994 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/generated/crys_ecc_seprpc_stub.c @@ -0,0 +1,1141 @@ +/* Generated file - DO NOT EDIT! */ +/* Generated by utils/src/sep_rpc_gen/sep_rpc_gen.py@2451 at 2012-09-20 11:56:58.512004 */ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file crys_ecc_seprpc_stub.c + * SeP-RPC host wrappers/stubs implementation for CrysEcc API */ + +#include <string.h> +#include "crys_host_rpc_config.h" +#include "crys_ecpki_error.h" +#include "crys_ecpki_build.h" +#include "crys_ecpki_types.h" +#include "crys_ecpki_ecdsa.h" +#include "crys_ecpki_elgamal.h" +#include "crys_ecpki_kg.h" +#include "crys_ecpki_dh.h" +#include "sep_rpc.h" +#include "driver_interface.h" +#include "crys_ecc_seprpc.h" + + +/************ CRYS_ECPKI_BuildPrivKey ***************/ +CRYSError_t CRYS_ECPKI_BuildPrivKey( + CRYS_ECPKI_DomainID_t DomainID, + DxUint8_t PrivKeyIn_ptr[], + DxUint32_t PrivKeySizeInBytes, + CRYS_ECPKI_UserPrivKey_t *UserPrivKey_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_ECPKI_BuildPrivKeyParams params; + + /* Verify input parameters and copy into params. struct. */ + params.DomainID = cpu_to_le32(DomainID); + if (PrivKeyIn_ptr == NULL) { + params.PrivKeyIn_ptr_null_flag = 1; + } else { + /* Verify array size of PrivKeyIn_ptr */ + SEP_RPC_ASSERT((PrivKeySizeInBytes) <= (4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+2), CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.PrivKeyIn_ptr, PrivKeyIn_ptr, sizeof(DxUint8_t) * (PrivKeySizeInBytes)); + params.PrivKeyIn_ptr_null_flag = 0; + } + + params.PrivKeySizeInBytes = cpu_to_le32(PrivKeySizeInBytes); + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + params.__UserPrivKey_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_ECPKI_BuildPrivKey); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysEcc, SEPRPC_FUNC_ID_CRYS_ECPKI_BuildPrivKey, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_ECPKI_BuildPrivKey failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + UserPrivKey_ptr->valid_tag = le32_to_cpu(params.__UserPrivKey_ptr.valid_tag); + memcpy(UserPrivKey_ptr->PrivKeyDbBuff, params.__UserPrivKey_ptr.PrivKeyDbBuff, sizeof(DxUint8_t) * (sizeof(CRYS_ECPKI_PrivKey_t))); + params.__UserPrivKey_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_ECPKI_BuildPrivKey */ + + + +/************ _DX_ECPKI_BuildPublKey ***************/ +CRYSError_t _DX_ECPKI_BuildPublKey( + CRYS_ECPKI_DomainID_t DomainID, + DxUint8_t PublKeyIn_ptr[], + DxUint32_t PublKeySizeInBytes, + EC_PublKeyCheckMode_t CheckMode, + CRYS_ECPKI_UserPublKey_t *UserPublKey_ptr, + CRYS_ECPKI_BUILD_TempData_t *TempBuff_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc__DX_ECPKI_BuildPublKeyParams params; + + /* Verify input parameters and copy into params. struct. */ + params.DomainID = cpu_to_le32(DomainID); + if (PublKeyIn_ptr == NULL) { + params.PublKeyIn_ptr_null_flag = 1; + } else { + /* Verify array size of PublKeyIn_ptr */ + SEP_RPC_ASSERT((PublKeySizeInBytes) <= (4*2*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+2), CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.PublKeyIn_ptr, PublKeyIn_ptr, sizeof(DxUint8_t) * (PublKeySizeInBytes)); + params.PublKeyIn_ptr_null_flag = 0; + } + + params.PublKeySizeInBytes = cpu_to_le32(PublKeySizeInBytes); + params.CheckMode = cpu_to_le32(CheckMode); + params.TempBuff_ptr_size = cpu_to_le32((sizeof(CRYS_ECPKI_BUILD_TempData_t))); + if (UserPublKey_ptr == NULL) { + params.__UserPublKey_ptr_null_flag = 1; + } else { + params.__UserPublKey_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM__DX_ECPKI_BuildPublKey); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysEcc, SEPRPC_FUNC_ID__DX_ECPKI_BuildPublKey, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of _DX_ECPKI_BuildPublKey failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (UserPublKey_ptr == NULL) { + params.__UserPublKey_ptr_null_flag = 1; + } else { + UserPublKey_ptr->valid_tag = le32_to_cpu(params.__UserPublKey_ptr.valid_tag); + memcpy(UserPublKey_ptr->PublKeyDbBuff, params.__UserPublKey_ptr.PublKeyDbBuff, sizeof(DxUint8_t) * (sizeof(CRYS_ECPKI_PublKey_t))); + params.__UserPublKey_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* _DX_ECPKI_BuildPublKey */ + + + +/************ CRYS_ECDSA_SignInit ***************/ +CRYSError_t CRYS_ECDSA_SignInit( + CRYS_ECDSA_SignUserContext_t *SignUserContext_ptr, + CRYS_ECPKI_UserPrivKey_t *SignerPrivKey_ptr, + CRYS_ECPKI_HASH_OpMode_t HashMode) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_ECDSA_SignInitParams params; + + /* Verify input parameters and copy into params. struct. */ + if (SignerPrivKey_ptr == NULL) { + params.__SignerPrivKey_ptr_null_flag = 1; + } else { + params.__SignerPrivKey_ptr.valid_tag = cpu_to_le32(SignerPrivKey_ptr->valid_tag); + memcpy(params.__SignerPrivKey_ptr.PrivKeyDbBuff, SignerPrivKey_ptr->PrivKeyDbBuff, sizeof(DxUint8_t) * (sizeof(CRYS_ECPKI_PrivKey_t))); + params.__SignerPrivKey_ptr_null_flag = 0; + } + + params.HashMode = cpu_to_le32(HashMode); + if (SignUserContext_ptr == NULL) { + params.__SignUserContext_ptr_null_flag = 1; + } else { + params.__SignUserContext_ptr.valid_tag = cpu_to_le32(SignUserContext_ptr->valid_tag); + params.__SignUserContext_ptr.AES_iv = cpu_to_le32(SignUserContext_ptr->AES_iv); + memcpy(params.__SignUserContext_ptr.context_buff, SignUserContext_ptr->context_buff, sizeof(DxUint8_t) * (sizeof(ECDSA_SignContext_t))); + params.__SignUserContext_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_ECDSA_SignInit); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysEcc, SEPRPC_FUNC_ID_CRYS_ECDSA_SignInit, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_ECDSA_SignInit failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (SignUserContext_ptr == NULL) { + params.__SignUserContext_ptr_null_flag = 1; + } else { + SignUserContext_ptr->valid_tag = le32_to_cpu(params.__SignUserContext_ptr.valid_tag); + SignUserContext_ptr->AES_iv = le32_to_cpu(params.__SignUserContext_ptr.AES_iv); + memcpy(SignUserContext_ptr->context_buff, params.__SignUserContext_ptr.context_buff, sizeof(DxUint8_t) * (sizeof(ECDSA_SignContext_t))); + params.__SignUserContext_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_ECDSA_SignInit */ + + + +/************ CRYS_ECDSA_SignUpdate ***************/ +CRYSError_t CRYS_ECDSA_SignUpdate( + CRYS_ECDSA_SignUserContext_t *SignUserContext_ptr, + DxUint8_t *MessageDataIn_ptr, + DxUint32_t DataInSize) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct dxdi_memref memRefs[SEPRPC_MEMREF_NUM_CRYS_ECDSA_SignUpdate]; + struct SepRpc_CRYS_ECDSA_SignUpdateParams params; + + /* Verify input parameters and copy into params. struct. */ + params.DataInSize = cpu_to_le32(DataInSize); + if (SignUserContext_ptr == NULL) { + params.__SignUserContext_ptr_null_flag = 1; + } else { + params.__SignUserContext_ptr.valid_tag = cpu_to_le32(SignUserContext_ptr->valid_tag); + params.__SignUserContext_ptr.AES_iv = cpu_to_le32(SignUserContext_ptr->AES_iv); + memcpy(params.__SignUserContext_ptr.context_buff, SignUserContext_ptr->context_buff, sizeof(DxUint8_t) * (sizeof(ECDSA_SignContext_t))); + params.__SignUserContext_ptr_null_flag = 0; + } + + + /* User DMA buffers (memory references) */ + /* MessageDataIn_ptr */ + memRefs[SEPRPC_MEMREF_IDX_MessageDataIn_ptr].start_or_offset = (unsigned long)MessageDataIn_ptr; + memRefs[SEPRPC_MEMREF_IDX_MessageDataIn_ptr].size = DataInSize; + memRefs[SEPRPC_MEMREF_IDX_MessageDataIn_ptr].dma_direction = DXDI_DATA_TO_DEVICE; + memRefs[SEPRPC_MEMREF_IDX_MessageDataIn_ptr].ref_id = DXDI_MEMREF_ID_NULL; + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_ECDSA_SignUpdate); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysEcc, SEPRPC_FUNC_ID_CRYS_ECDSA_SignUpdate, + memRefs, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_ECDSA_SignUpdate failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (SignUserContext_ptr == NULL) { + params.__SignUserContext_ptr_null_flag = 1; + } else { + SignUserContext_ptr->valid_tag = le32_to_cpu(params.__SignUserContext_ptr.valid_tag); + SignUserContext_ptr->AES_iv = le32_to_cpu(params.__SignUserContext_ptr.AES_iv); + memcpy(SignUserContext_ptr->context_buff, params.__SignUserContext_ptr.context_buff, sizeof(DxUint8_t) * (sizeof(ECDSA_SignContext_t))); + params.__SignUserContext_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_ECDSA_SignUpdate */ + + + +/************ _DX_ECDSA_SignFinish ***************/ +CRYSError_t _DX_ECDSA_SignFinish( + CRYS_ECDSA_SignUserContext_t *SignUserContext_ptr, + DxUint8_t SignatureOut_ptr[], + DxUint32_t *SignatureOutSize_ptr, + DxInt8_t IsEphemerKeyInternal, + DxUint32_t EphemerKeyData_ptr[]) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc__DX_ECDSA_SignFinishParams params; + + /* Verify input parameters and copy into params. struct. */ + if (SignUserContext_ptr == NULL) { + params.__SignUserContext_ptr_null_flag = 1; + } else { + params.__SignUserContext_ptr.valid_tag = cpu_to_le32(SignUserContext_ptr->valid_tag); + params.__SignUserContext_ptr.AES_iv = cpu_to_le32(SignUserContext_ptr->AES_iv); + memcpy(params.__SignUserContext_ptr.context_buff, SignUserContext_ptr->context_buff, sizeof(DxUint8_t) * (sizeof(ECDSA_SignContext_t))); + params.__SignUserContext_ptr_null_flag = 0; + } + + params.IsEphemerKeyInternal = IsEphemerKeyInternal; + if (EphemerKeyData_ptr == NULL) { + params.EphemerKeyData_ptr_null_flag = 1; + } else { + memcpy(params.EphemerKeyData_ptr, EphemerKeyData_ptr, sizeof(DxUint32_t) * (4*(CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+1)+2*4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS)); + params.EphemerKeyData_ptr_null_flag = 0; + } + + if (SignatureOutSize_ptr == NULL) { + params.__SignatureOutSize_ptr_null_flag = 1; + } else { + params.__SignatureOutSize_ptr = cpu_to_le32(*(SignatureOutSize_ptr)); + params.__SignatureOutSize_ptr_null_flag = 0; + } + + if (SignatureOut_ptr == NULL) { + params.SignatureOut_ptr_null_flag = 1; + } else if (SignatureOutSize_ptr != NULL) { + /* Verify array size of SignatureOut_ptr */ + SEP_RPC_ASSERT((*SignatureOutSize_ptr) <= (4*2*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+2), CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR); + params.SignatureOut_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM__DX_ECDSA_SignFinish); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysEcc, SEPRPC_FUNC_ID__DX_ECDSA_SignFinish, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of _DX_ECDSA_SignFinish failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (SignatureOutSize_ptr == NULL) { + params.__SignatureOutSize_ptr_null_flag = 1; + } else { + *(SignatureOutSize_ptr) = le32_to_cpu(params.__SignatureOutSize_ptr); + params.__SignatureOutSize_ptr_null_flag = 0; + } + + if (SignatureOut_ptr == NULL) { + params.SignatureOut_ptr_null_flag = 1; + } else if (SignatureOutSize_ptr != NULL) { + memcpy(SignatureOut_ptr, params.SignatureOut_ptr, sizeof(DxUint8_t) * (*SignatureOutSize_ptr)); + params.SignatureOut_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* _DX_ECDSA_SignFinish */ + + + +/************ CRYS_ECDSA_Sign ***************/ +CRYSError_t CRYS_ECDSA_Sign( + CRYS_ECDSA_SignUserContext_t *SignUserContext_ptr, + CRYS_ECPKI_UserPrivKey_t *SignerPrivKey_ptr, + CRYS_ECPKI_HASH_OpMode_t HashMode, + DxUint8_t *MessageDataIn_ptr, + DxUint32_t MessageSizeInBytes, + DxUint8_t SignatureOut_ptr[], + DxUint32_t *SignatureOutSize_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct dxdi_memref memRefs[SEPRPC_MEMREF_NUM_CRYS_ECDSA_Sign]; + struct SepRpc_CRYS_ECDSA_SignParams params; + + /* Verify input parameters and copy into params. struct. */ + params.SignUserContext_ptr_size = cpu_to_le32((sizeof(CRYS_ECDSA_SignUserContext_t))); + if (SignerPrivKey_ptr == NULL) { + params.__SignerPrivKey_ptr_null_flag = 1; + } else { + params.__SignerPrivKey_ptr.valid_tag = cpu_to_le32(SignerPrivKey_ptr->valid_tag); + memcpy(params.__SignerPrivKey_ptr.PrivKeyDbBuff, SignerPrivKey_ptr->PrivKeyDbBuff, sizeof(DxUint8_t) * (sizeof(CRYS_ECPKI_PrivKey_t))); + params.__SignerPrivKey_ptr_null_flag = 0; + } + + params.HashMode = cpu_to_le32(HashMode); + params.MessageSizeInBytes = cpu_to_le32(MessageSizeInBytes); + if (SignatureOutSize_ptr == NULL) { + params.__SignatureOutSize_ptr_null_flag = 1; + } else { + params.__SignatureOutSize_ptr = cpu_to_le32(*(SignatureOutSize_ptr)); + params.__SignatureOutSize_ptr_null_flag = 0; + } + + if (SignatureOut_ptr == NULL) { + params.SignatureOut_ptr_null_flag = 1; + } else if (SignatureOutSize_ptr != NULL) { + /* Verify array size of SignatureOut_ptr */ + SEP_RPC_ASSERT(((*SignatureOutSize_ptr)) <= (4*2*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+2), CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR); + params.SignatureOut_ptr_null_flag = 0; + } + + + /* User DMA buffers (memory references) */ + /* MessageDataIn_ptr */ + memRefs[SEPRPC_MEMREF_IDX_MessageDataIn_ptr].start_or_offset = (unsigned long)MessageDataIn_ptr; + memRefs[SEPRPC_MEMREF_IDX_MessageDataIn_ptr].size = MessageSizeInBytes; + memRefs[SEPRPC_MEMREF_IDX_MessageDataIn_ptr].dma_direction = DXDI_DATA_TO_DEVICE; + memRefs[SEPRPC_MEMREF_IDX_MessageDataIn_ptr].ref_id = DXDI_MEMREF_ID_NULL; + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_ECDSA_Sign); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysEcc, SEPRPC_FUNC_ID_CRYS_ECDSA_Sign, + memRefs, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_ECDSA_Sign failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (SignatureOutSize_ptr == NULL) { + params.__SignatureOutSize_ptr_null_flag = 1; + } else { + *(SignatureOutSize_ptr) = le32_to_cpu(params.__SignatureOutSize_ptr); + params.__SignatureOutSize_ptr_null_flag = 0; + } + + if (SignatureOut_ptr == NULL) { + params.SignatureOut_ptr_null_flag = 1; + } else if (SignatureOutSize_ptr != NULL) { + memcpy(SignatureOut_ptr, params.SignatureOut_ptr, sizeof(DxUint8_t) * ((*SignatureOutSize_ptr))); + params.SignatureOut_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_ECDSA_Sign */ + + + +/************ CRYS_ECDSA_VerifyInit ***************/ +CRYSError_t CRYS_ECDSA_VerifyInit( + CRYS_ECDSA_VerifyUserContext_t *VerifyUserContext_ptr, + CRYS_ECPKI_UserPublKey_t *SignerPublKey_ptr, + CRYS_ECPKI_HASH_OpMode_t HashMode) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_ECDSA_VerifyInitParams params; + + /* Verify input parameters and copy into params. struct. */ + if (SignerPublKey_ptr == NULL) { + params.__SignerPublKey_ptr_null_flag = 1; + } else { + params.__SignerPublKey_ptr.valid_tag = cpu_to_le32(SignerPublKey_ptr->valid_tag); + memcpy(params.__SignerPublKey_ptr.PublKeyDbBuff, SignerPublKey_ptr->PublKeyDbBuff, sizeof(DxUint8_t) * (sizeof(CRYS_ECPKI_PublKey_t))); + params.__SignerPublKey_ptr_null_flag = 0; + } + + params.HashMode = cpu_to_le32(HashMode); + if (VerifyUserContext_ptr == NULL) { + params.__VerifyUserContext_ptr_null_flag = 1; + } else { + params.__VerifyUserContext_ptr.valid_tag = cpu_to_le32(VerifyUserContext_ptr->valid_tag); + params.__VerifyUserContext_ptr.AES_iv = cpu_to_le32(VerifyUserContext_ptr->AES_iv); + memcpy(params.__VerifyUserContext_ptr.context_buff, VerifyUserContext_ptr->context_buff, sizeof(DxUint8_t) * (sizeof(ECDSA_VerifyContext_t))); + params.__VerifyUserContext_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_ECDSA_VerifyInit); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysEcc, SEPRPC_FUNC_ID_CRYS_ECDSA_VerifyInit, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_ECDSA_VerifyInit failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (VerifyUserContext_ptr == NULL) { + params.__VerifyUserContext_ptr_null_flag = 1; + } else { + VerifyUserContext_ptr->valid_tag = le32_to_cpu(params.__VerifyUserContext_ptr.valid_tag); + VerifyUserContext_ptr->AES_iv = le32_to_cpu(params.__VerifyUserContext_ptr.AES_iv); + memcpy(VerifyUserContext_ptr->context_buff, params.__VerifyUserContext_ptr.context_buff, sizeof(DxUint8_t) * (sizeof(ECDSA_VerifyContext_t))); + params.__VerifyUserContext_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_ECDSA_VerifyInit */ + + + +/************ CRYS_ECDSA_VerifyUpdate ***************/ +CRYSError_t CRYS_ECDSA_VerifyUpdate( + CRYS_ECDSA_VerifyUserContext_t *VerifyUserContext_ptr, + DxUint8_t *MessageDataIn_ptr, + DxUint32_t DataInSize) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct dxdi_memref memRefs[SEPRPC_MEMREF_NUM_CRYS_ECDSA_VerifyUpdate]; + struct SepRpc_CRYS_ECDSA_VerifyUpdateParams params; + + /* Verify input parameters and copy into params. struct. */ + params.DataInSize = cpu_to_le32(DataInSize); + if (VerifyUserContext_ptr == NULL) { + params.__VerifyUserContext_ptr_null_flag = 1; + } else { + params.__VerifyUserContext_ptr.valid_tag = cpu_to_le32(VerifyUserContext_ptr->valid_tag); + params.__VerifyUserContext_ptr.AES_iv = cpu_to_le32(VerifyUserContext_ptr->AES_iv); + memcpy(params.__VerifyUserContext_ptr.context_buff, VerifyUserContext_ptr->context_buff, sizeof(DxUint8_t) * (sizeof(ECDSA_VerifyContext_t))); + params.__VerifyUserContext_ptr_null_flag = 0; + } + + + /* User DMA buffers (memory references) */ + /* MessageDataIn_ptr */ + memRefs[SEPRPC_MEMREF_IDX_MessageDataIn_ptr].start_or_offset = (unsigned long)MessageDataIn_ptr; + memRefs[SEPRPC_MEMREF_IDX_MessageDataIn_ptr].size = DataInSize; + memRefs[SEPRPC_MEMREF_IDX_MessageDataIn_ptr].dma_direction = DXDI_DATA_TO_DEVICE; + memRefs[SEPRPC_MEMREF_IDX_MessageDataIn_ptr].ref_id = DXDI_MEMREF_ID_NULL; + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_ECDSA_VerifyUpdate); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysEcc, SEPRPC_FUNC_ID_CRYS_ECDSA_VerifyUpdate, + memRefs, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_ECDSA_VerifyUpdate failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (VerifyUserContext_ptr == NULL) { + params.__VerifyUserContext_ptr_null_flag = 1; + } else { + VerifyUserContext_ptr->valid_tag = le32_to_cpu(params.__VerifyUserContext_ptr.valid_tag); + VerifyUserContext_ptr->AES_iv = le32_to_cpu(params.__VerifyUserContext_ptr.AES_iv); + memcpy(VerifyUserContext_ptr->context_buff, params.__VerifyUserContext_ptr.context_buff, sizeof(DxUint8_t) * (sizeof(ECDSA_VerifyContext_t))); + params.__VerifyUserContext_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_ECDSA_VerifyUpdate */ + + + +/************ CRYS_ECDSA_VerifyFinish ***************/ +CRYSError_t CRYS_ECDSA_VerifyFinish( + CRYS_ECDSA_VerifyUserContext_t *VerifyUserContext_ptr, + DxUint8_t SignatureIn_ptr[], + DxUint32_t SignatureSizeBytes) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_ECDSA_VerifyFinishParams params; + + /* Verify input parameters and copy into params. struct. */ + if (SignatureIn_ptr == NULL) { + params.SignatureIn_ptr_null_flag = 1; + } else { + /* Verify array size of SignatureIn_ptr */ + SEP_RPC_ASSERT((SignatureSizeBytes) <= (4*2*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS), CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.SignatureIn_ptr, SignatureIn_ptr, sizeof(DxUint8_t) * (SignatureSizeBytes)); + params.SignatureIn_ptr_null_flag = 0; + } + + params.SignatureSizeBytes = cpu_to_le32(SignatureSizeBytes); + if (VerifyUserContext_ptr == NULL) { + params.__VerifyUserContext_ptr_null_flag = 1; + } else { + params.__VerifyUserContext_ptr.valid_tag = cpu_to_le32(VerifyUserContext_ptr->valid_tag); + params.__VerifyUserContext_ptr.AES_iv = cpu_to_le32(VerifyUserContext_ptr->AES_iv); + memcpy(params.__VerifyUserContext_ptr.context_buff, VerifyUserContext_ptr->context_buff, sizeof(DxUint8_t) * (sizeof(ECDSA_VerifyContext_t))); + params.__VerifyUserContext_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_ECDSA_VerifyFinish); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysEcc, SEPRPC_FUNC_ID_CRYS_ECDSA_VerifyFinish, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_ECDSA_VerifyFinish failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (VerifyUserContext_ptr == NULL) { + params.__VerifyUserContext_ptr_null_flag = 1; + } else { + VerifyUserContext_ptr->valid_tag = le32_to_cpu(params.__VerifyUserContext_ptr.valid_tag); + VerifyUserContext_ptr->AES_iv = le32_to_cpu(params.__VerifyUserContext_ptr.AES_iv); + memcpy(VerifyUserContext_ptr->context_buff, params.__VerifyUserContext_ptr.context_buff, sizeof(DxUint8_t) * (sizeof(ECDSA_VerifyContext_t))); + params.__VerifyUserContext_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_ECDSA_VerifyFinish */ + + + +/************ CRYS_ECDSA_Verify ***************/ +CRYSError_t CRYS_ECDSA_Verify( + CRYS_ECDSA_VerifyUserContext_t *VerifyUserContext_ptr, + CRYS_ECPKI_UserPublKey_t *UserPublKey_ptr, + CRYS_ECPKI_HASH_OpMode_t HashMode, + DxUint8_t SignatureIn_ptr[], + DxUint32_t SignatureSizeBytes, + DxUint8_t *MessageDataIn_ptr, + DxUint32_t MessageSizeInBytes) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct dxdi_memref memRefs[SEPRPC_MEMREF_NUM_CRYS_ECDSA_Verify]; + struct SepRpc_CRYS_ECDSA_VerifyParams params; + + /* Verify input parameters and copy into params. struct. */ + params.VerifyUserContext_ptr_size = cpu_to_le32((sizeof(CRYS_ECDSA_VerifyUserContext_t))); + if (UserPublKey_ptr == NULL) { + params.__UserPublKey_ptr_null_flag = 1; + } else { + params.__UserPublKey_ptr.valid_tag = cpu_to_le32(UserPublKey_ptr->valid_tag); + memcpy(params.__UserPublKey_ptr.PublKeyDbBuff, UserPublKey_ptr->PublKeyDbBuff, sizeof(DxUint8_t) * (sizeof(CRYS_ECPKI_PublKey_t))); + params.__UserPublKey_ptr_null_flag = 0; + } + + params.HashMode = cpu_to_le32(HashMode); + if (SignatureIn_ptr == NULL) { + params.SignatureIn_ptr_null_flag = 1; + } else { + /* Verify array size of SignatureIn_ptr */ + SEP_RPC_ASSERT((SignatureSizeBytes) <= (4*2*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS), CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.SignatureIn_ptr, SignatureIn_ptr, sizeof(DxUint8_t) * (SignatureSizeBytes)); + params.SignatureIn_ptr_null_flag = 0; + } + + params.SignatureSizeBytes = cpu_to_le32(SignatureSizeBytes); + params.MessageSizeInBytes = cpu_to_le32(MessageSizeInBytes); + + /* User DMA buffers (memory references) */ + /* MessageDataIn_ptr */ + memRefs[SEPRPC_MEMREF_IDX_MessageDataIn_ptr].start_or_offset = (unsigned long)MessageDataIn_ptr; + memRefs[SEPRPC_MEMREF_IDX_MessageDataIn_ptr].size = MessageSizeInBytes; + memRefs[SEPRPC_MEMREF_IDX_MessageDataIn_ptr].dma_direction = DXDI_DATA_TO_DEVICE; + memRefs[SEPRPC_MEMREF_IDX_MessageDataIn_ptr].ref_id = DXDI_MEMREF_ID_NULL; + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_ECDSA_Verify); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysEcc, SEPRPC_FUNC_ID_CRYS_ECDSA_Verify, + memRefs, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_ECDSA_Verify failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_ECDSA_Verify */ + + + +/************ _DX_ECPKI_ELGAMAL_Encrypt ***************/ +CRYSError_t _DX_ECPKI_ELGAMAL_Encrypt( + CRYS_ECPKI_UserPublKey_t *ReceiverUserPublKey_ptr, + DxUint8_t MessageIn_ptr[], + DxUint32_t MessageInSizeBytes, + DxUint8_t EncrMessageOut_ptr[], + DxUint32_t *EncrMessOutSize_ptr, + DxInt8_t IsEphemerKeyInternal, + DxUint8_t EphemerPrivKeyIn_ptr[], + DxUint32_t EphemerPrivKeySizeBytes, + CRYS_EC_ELGAMAL_TempData_t *TempData_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc__DX_ECPKI_ELGAMAL_EncryptParams params; + + /* Verify input parameters and copy into params. struct. */ + if (ReceiverUserPublKey_ptr == NULL) { + params.__ReceiverUserPublKey_ptr_null_flag = 1; + } else { + params.__ReceiverUserPublKey_ptr.valid_tag = cpu_to_le32(ReceiverUserPublKey_ptr->valid_tag); + memcpy(params.__ReceiverUserPublKey_ptr.PublKeyDbBuff, ReceiverUserPublKey_ptr->PublKeyDbBuff, sizeof(DxUint8_t) * (sizeof(CRYS_ECPKI_PublKey_t))); + params.__ReceiverUserPublKey_ptr_null_flag = 0; + } + + if (MessageIn_ptr == NULL) { + params.MessageIn_ptr_null_flag = 1; + } else { + /* Verify array size of MessageIn_ptr */ + SEP_RPC_ASSERT((MessageInSizeBytes) <= (4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS), CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.MessageIn_ptr, MessageIn_ptr, sizeof(DxUint8_t) * (MessageInSizeBytes)); + params.MessageIn_ptr_null_flag = 0; + } + + params.MessageInSizeBytes = cpu_to_le32(MessageInSizeBytes); + params.IsEphemerKeyInternal = IsEphemerKeyInternal; + if (EphemerPrivKeyIn_ptr == NULL) { + params.EphemerPrivKeyIn_ptr_null_flag = 1; + } else { + /* Verify array size of EphemerPrivKeyIn_ptr */ + SEP_RPC_ASSERT((EphemerPrivKeySizeBytes) <= (4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS), CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.EphemerPrivKeyIn_ptr, EphemerPrivKeyIn_ptr, sizeof(DxUint8_t) * (EphemerPrivKeySizeBytes)); + params.EphemerPrivKeyIn_ptr_null_flag = 0; + } + + params.EphemerPrivKeySizeBytes = cpu_to_le32(EphemerPrivKeySizeBytes); + if (TempData_ptr == NULL) { + params.__TempData_ptr_null_flag = 1; + } else { + params.__TempData_ptr = *(TempData_ptr); + params.__TempData_ptr_null_flag = 0; + } + + if (EncrMessOutSize_ptr == NULL) { + params.__EncrMessOutSize_ptr_null_flag = 1; + } else { + params.__EncrMessOutSize_ptr = cpu_to_le32(*(EncrMessOutSize_ptr)); + params.__EncrMessOutSize_ptr_null_flag = 0; + } + + if (EncrMessageOut_ptr == NULL) { + params.EncrMessageOut_ptr_null_flag = 1; + } else if (EncrMessOutSize_ptr != NULL) { + /* Verify array size of EncrMessageOut_ptr */ + SEP_RPC_ASSERT((*EncrMessOutSize_ptr) <= (4*4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS), CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR); + params.EncrMessageOut_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM__DX_ECPKI_ELGAMAL_Encrypt); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysEcc, SEPRPC_FUNC_ID__DX_ECPKI_ELGAMAL_Encrypt, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of _DX_ECPKI_ELGAMAL_Encrypt failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (EncrMessOutSize_ptr == NULL) { + params.__EncrMessOutSize_ptr_null_flag = 1; + } else { + *(EncrMessOutSize_ptr) = le32_to_cpu(params.__EncrMessOutSize_ptr); + params.__EncrMessOutSize_ptr_null_flag = 0; + } + + if (EncrMessageOut_ptr == NULL) { + params.EncrMessageOut_ptr_null_flag = 1; + } else if (EncrMessOutSize_ptr != NULL) { + memcpy(EncrMessageOut_ptr, params.EncrMessageOut_ptr, sizeof(DxUint8_t) * (*EncrMessOutSize_ptr)); + params.EncrMessageOut_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* _DX_ECPKI_ELGAMAL_Encrypt */ + + + +/************ CRYS_ECPKI_ELGAMAL_Decrypt ***************/ +CRYSError_t CRYS_ECPKI_ELGAMAL_Decrypt( + CRYS_ECPKI_UserPrivKey_t *ReceiverUserPrivKey_ptr, + DxUint8_t EncrMessageIn_ptr[], + DxUint32_t EncrMessageSizeInBytes, + DxUint8_t DecrMessageOut_ptr[], + DxUint32_t *DecrMessageOutSize_ptr, + CRYS_EC_ELGAMAL_TempData_t *TempData_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_ECPKI_ELGAMAL_DecryptParams params; + + /* Verify input parameters and copy into params. struct. */ + if (ReceiverUserPrivKey_ptr == NULL) { + params.__ReceiverUserPrivKey_ptr_null_flag = 1; + } else { + params.__ReceiverUserPrivKey_ptr.valid_tag = cpu_to_le32(ReceiverUserPrivKey_ptr->valid_tag); + memcpy(params.__ReceiverUserPrivKey_ptr.PrivKeyDbBuff, ReceiverUserPrivKey_ptr->PrivKeyDbBuff, sizeof(DxUint8_t) * (sizeof(CRYS_ECPKI_PrivKey_t))); + params.__ReceiverUserPrivKey_ptr_null_flag = 0; + } + + if (EncrMessageIn_ptr == NULL) { + params.EncrMessageIn_ptr_null_flag = 1; + } else { + /* Verify array size of EncrMessageIn_ptr */ + SEP_RPC_ASSERT((EncrMessageSizeInBytes) <= (4*4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS), CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.EncrMessageIn_ptr, EncrMessageIn_ptr, sizeof(DxUint8_t) * (EncrMessageSizeInBytes)); + params.EncrMessageIn_ptr_null_flag = 0; + } + + params.EncrMessageSizeInBytes = cpu_to_le32(EncrMessageSizeInBytes); + params.TempData_ptr_size = cpu_to_le32((sizeof(CRYS_EC_ELGAMAL_TempData_t))); + if (DecrMessageOutSize_ptr == NULL) { + params.__DecrMessageOutSize_ptr_null_flag = 1; + } else { + params.__DecrMessageOutSize_ptr = cpu_to_le32(*(DecrMessageOutSize_ptr)); + params.__DecrMessageOutSize_ptr_null_flag = 0; + } + + if (DecrMessageOut_ptr == NULL) { + params.DecrMessageOut_ptr_null_flag = 1; + } else if (DecrMessageOutSize_ptr != NULL) { + /* Verify array size of DecrMessageOut_ptr */ + SEP_RPC_ASSERT((*DecrMessageOutSize_ptr) <= (4*4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS), CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR); + params.DecrMessageOut_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_ECPKI_ELGAMAL_Decrypt); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysEcc, SEPRPC_FUNC_ID_CRYS_ECPKI_ELGAMAL_Decrypt, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_ECPKI_ELGAMAL_Decrypt failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (DecrMessageOutSize_ptr == NULL) { + params.__DecrMessageOutSize_ptr_null_flag = 1; + } else { + *(DecrMessageOutSize_ptr) = le32_to_cpu(params.__DecrMessageOutSize_ptr); + params.__DecrMessageOutSize_ptr_null_flag = 0; + } + + if (DecrMessageOut_ptr == NULL) { + params.DecrMessageOut_ptr_null_flag = 1; + } else if (DecrMessageOutSize_ptr != NULL) { + memcpy(DecrMessageOut_ptr, params.DecrMessageOut_ptr, sizeof(DxUint8_t) * (*DecrMessageOutSize_ptr)); + params.DecrMessageOut_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_ECPKI_ELGAMAL_Decrypt */ + + + +/************ CRYS_ECDH_SVDP_DH ***************/ +CRYSError_t CRYS_ECDH_SVDP_DH( + CRYS_ECPKI_UserPublKey_t *PartnerPublKey_ptr, + CRYS_ECPKI_UserPrivKey_t *UserPrivKey_ptr, + DxUint8_t SharedSecretValue_ptr[], + DxUint32_t *SharedSecrValSize_ptr, + CRYS_ECDH_TempData_t *TempBuff_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_ECDH_SVDP_DHParams params; + + /* Verify input parameters and copy into params. struct. */ + if (PartnerPublKey_ptr == NULL) { + params.__PartnerPublKey_ptr_null_flag = 1; + } else { + params.__PartnerPublKey_ptr.valid_tag = cpu_to_le32(PartnerPublKey_ptr->valid_tag); + memcpy(params.__PartnerPublKey_ptr.PublKeyDbBuff, PartnerPublKey_ptr->PublKeyDbBuff, sizeof(DxUint8_t) * (sizeof(CRYS_ECPKI_PublKey_t))); + params.__PartnerPublKey_ptr_null_flag = 0; + } + + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + params.__UserPrivKey_ptr.valid_tag = cpu_to_le32(UserPrivKey_ptr->valid_tag); + memcpy(params.__UserPrivKey_ptr.PrivKeyDbBuff, UserPrivKey_ptr->PrivKeyDbBuff, sizeof(DxUint8_t) * (sizeof(CRYS_ECPKI_PrivKey_t))); + params.__UserPrivKey_ptr_null_flag = 0; + } + + params.TempBuff_ptr_size = cpu_to_le32((sizeof(CRYS_ECDH_TempData_t))); + if (SharedSecrValSize_ptr == NULL) { + params.__SharedSecrValSize_ptr_null_flag = 1; + } else { + params.__SharedSecrValSize_ptr = cpu_to_le32(*(SharedSecrValSize_ptr)); + params.__SharedSecrValSize_ptr_null_flag = 0; + } + + if (SharedSecretValue_ptr == NULL) { + params.SharedSecretValue_ptr_null_flag = 1; + } else if (SharedSecrValSize_ptr != NULL) { + /* Verify array size of SharedSecretValue_ptr */ + SEP_RPC_ASSERT((*SharedSecrValSize_ptr) <= (4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS), CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR); + params.SharedSecretValue_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_ECDH_SVDP_DH); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysEcc, SEPRPC_FUNC_ID_CRYS_ECDH_SVDP_DH, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_ECDH_SVDP_DH failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (SharedSecrValSize_ptr == NULL) { + params.__SharedSecrValSize_ptr_null_flag = 1; + } else { + *(SharedSecrValSize_ptr) = le32_to_cpu(params.__SharedSecrValSize_ptr); + params.__SharedSecrValSize_ptr_null_flag = 0; + } + + if (SharedSecretValue_ptr == NULL) { + params.SharedSecretValue_ptr_null_flag = 1; + } else if (SharedSecrValSize_ptr != NULL) { + memcpy(SharedSecretValue_ptr, params.SharedSecretValue_ptr, sizeof(DxUint8_t) * (*SharedSecrValSize_ptr)); + params.SharedSecretValue_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_ECDH_SVDP_DH */ + + + +/************ CRYS_ECPKI_ExportPublKey ***************/ +CRYSError_t CRYS_ECPKI_ExportPublKey( + CRYS_ECPKI_UserPublKey_t *UserPublKey_ptr, + CRYS_ECPKI_PointCompression_t Compression, + DxUint8_t ExternPublKey_ptr[], + DxUint32_t *PublKeySizeInBytes_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_ECPKI_ExportPublKeyParams params; + + /* Verify input parameters and copy into params. struct. */ + if (UserPublKey_ptr == NULL) { + params.__UserPublKey_ptr_null_flag = 1; + } else { + params.__UserPublKey_ptr.valid_tag = cpu_to_le32(UserPublKey_ptr->valid_tag); + memcpy(params.__UserPublKey_ptr.PublKeyDbBuff, UserPublKey_ptr->PublKeyDbBuff, sizeof(DxUint8_t) * (sizeof(CRYS_ECPKI_PublKey_t))); + params.__UserPublKey_ptr_null_flag = 0; + } + + params.Compression = cpu_to_le32(Compression); + if (PublKeySizeInBytes_ptr == NULL) { + params.__PublKeySizeInBytes_ptr_null_flag = 1; + } else { + params.__PublKeySizeInBytes_ptr = cpu_to_le32(*(PublKeySizeInBytes_ptr)); + params.__PublKeySizeInBytes_ptr_null_flag = 0; + } + + if (ExternPublKey_ptr == NULL) { + params.ExternPublKey_ptr_null_flag = 1; + } else if (PublKeySizeInBytes_ptr != NULL) { + /* Verify array size of ExternPublKey_ptr */ + SEP_RPC_ASSERT((*PublKeySizeInBytes_ptr) <= (4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS*2+1), CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR); + params.ExternPublKey_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_ECPKI_ExportPublKey); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysEcc, SEPRPC_FUNC_ID_CRYS_ECPKI_ExportPublKey, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_ECPKI_ExportPublKey failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (PublKeySizeInBytes_ptr == NULL) { + params.__PublKeySizeInBytes_ptr_null_flag = 1; + } else { + *(PublKeySizeInBytes_ptr) = le32_to_cpu(params.__PublKeySizeInBytes_ptr); + params.__PublKeySizeInBytes_ptr_null_flag = 0; + } + + if (ExternPublKey_ptr == NULL) { + params.ExternPublKey_ptr_null_flag = 1; + } else if (PublKeySizeInBytes_ptr != NULL) { + memcpy(ExternPublKey_ptr, params.ExternPublKey_ptr, sizeof(DxUint8_t) * (*PublKeySizeInBytes_ptr)); + params.ExternPublKey_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_ECPKI_ExportPublKey */ + + + +/************ CRYS_ECPKI_GenKeyPair ***************/ +CRYSError_t CRYS_ECPKI_GenKeyPair( + CRYS_ECPKI_DomainID_t DomainID, + CRYS_ECPKI_UserPrivKey_t *UserPrivKey_ptr, + CRYS_ECPKI_UserPublKey_t *UserPublKey_ptr, + CRYS_ECPKI_KG_TempData_t *TempData_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_ECPKI_GenKeyPairParams params; + + /* Verify input parameters and copy into params. struct. */ + params.DomainID = cpu_to_le32(DomainID); + params.TempData_ptr_size = cpu_to_le32((sizeof(CRYS_ECPKI_KG_TempData_t))); + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + params.__UserPrivKey_ptr_null_flag = 0; + } + + if (UserPublKey_ptr == NULL) { + params.__UserPublKey_ptr_null_flag = 1; + } else { + params.__UserPublKey_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_ECPKI_GenKeyPair); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysEcc, SEPRPC_FUNC_ID_CRYS_ECPKI_GenKeyPair, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_ECPKI_GenKeyPair failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + UserPrivKey_ptr->valid_tag = le32_to_cpu(params.__UserPrivKey_ptr.valid_tag); + memcpy(UserPrivKey_ptr->PrivKeyDbBuff, params.__UserPrivKey_ptr.PrivKeyDbBuff, sizeof(DxUint8_t) * (sizeof(CRYS_ECPKI_PrivKey_t))); + params.__UserPrivKey_ptr_null_flag = 0; + } + + if (UserPublKey_ptr == NULL) { + params.__UserPublKey_ptr_null_flag = 1; + } else { + UserPublKey_ptr->valid_tag = le32_to_cpu(params.__UserPublKey_ptr.valid_tag); + memcpy(UserPublKey_ptr->PublKeyDbBuff, params.__UserPublKey_ptr.PublKeyDbBuff, sizeof(DxUint8_t) * (sizeof(CRYS_ECPKI_PublKey_t))); + params.__UserPublKey_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_ECPKI_GenKeyPair */ + diff --git a/peripheral/keystore/chaabi/libcc54/generated/crys_kdf_seprpc.h b/peripheral/keystore/chaabi/libcc54/generated/crys_kdf_seprpc.h new file mode 100644 index 0000000..38092b7 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/generated/crys_kdf_seprpc.h @@ -0,0 +1,59 @@ +/* Generated file - DO NOT EDIT! */ +/* Generated by utils/src/sep_rpc_gen/sep_rpc_gen.py@2451 at 2012-09-20 12:33:37.092987 */ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file crys_kdf_seprpc.h + * SeP-RPC header file for CrysKdf API */ + +#ifndef __CRYS_KDF_SEPRPC_H__ +#define __CRYS_KDF_SEPRPC_H__ + +#define SEPRPC_AGENT_ID_CrysKdf 8 + +#include "crys_kdf.h" +#include "crys_kdf_error.h" +#include "sep_rpc.h" +#include "dx_pal_compiler.h" + + +/************ _DX_KDF_KeyDerivFunc ***************/ +#define SEPRPC_FUNC_ID__DX_KDF_KeyDerivFunc 1 +/* +CRYSError_t _DX_KDF_KeyDerivFunc( + DxUint8_t ZZSecret_ptr[], + DxUint32_t ZZSecretSize, + CRYS_KDF_OtherInfo_t *OtherInfo_ptr, + DxUint32_t KDFhashMode, + DxUint32_t derivation_mode, + DxUint8_t KeyingData_ptr[], + DxUint32_t KeyingDataSizeBytes) +*/ + +#define SEPRPC_MEMREF_NUM__DX_KDF_KeyDerivFunc 0 +#if SEPRPC_MEMREF_NUM__DX_KDF_KeyDerivFunc > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM__DX_KDF_KeyDerivFunc is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc__DX_KDF_KeyDerivFuncParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t ZZSecret_ptr[CRYS_KDF_MAX_SIZE_OF_SHARED_SECRET_VALUE]; + DxUint8_t ZZSecret_ptr_null_flag; + /*le32*/DxUint32_t ZZSecretSize; + CRYS_KDF_OtherInfo_t __OtherInfo_ptr; + DxUint8_t __OtherInfo_ptr_null_flag; + /*le32*/DxUint32_t KDFhashMode; + /*le32*/DxUint32_t derivation_mode; + /*le32*/DxUint32_t KeyingDataSizeBytes; + /* Output */ + DxUint8_t KeyingData_ptr[CRYS_KDF_MAX_SIZE_OF_KEYING_DATA]; + DxUint8_t KeyingData_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc__DX_KDF_KeyDerivFuncParams_s; + + +#endif /*__CRYS_KDF_SEPRPC_H__*/ diff --git a/peripheral/keystore/chaabi/libcc54/generated/crys_kdf_seprpc_stub.c b/peripheral/keystore/chaabi/libcc54/generated/crys_kdf_seprpc_stub.c new file mode 100644 index 0000000..e8a615c --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/generated/crys_kdf_seprpc_stub.c @@ -0,0 +1,112 @@ +/* Generated file - DO NOT EDIT! */ +/* Generated by utils/src/sep_rpc_gen/sep_rpc_gen.py@2451 at 2012-09-20 12:33:37.093593 */ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file crys_kdf_seprpc_stub.c + * SeP-RPC host wrappers/stubs implementation for CrysKdf API */ + +#include <string.h> +#include "crys_kdf.h" +#include "crys_kdf_error.h" +#include "sep_rpc.h" +#include "driver_interface.h" +#include "crys_kdf_seprpc.h" + + +/************ _DX_KDF_KeyDerivFunc ***************/ +CRYSError_t _DX_KDF_KeyDerivFunc( + DxUint8_t ZZSecret_ptr[], + DxUint32_t ZZSecretSize, + CRYS_KDF_OtherInfo_t *OtherInfo_ptr, + DxUint32_t KDFhashMode, + DxUint32_t derivation_mode, + DxUint8_t KeyingData_ptr[], + DxUint32_t KeyingDataSizeBytes) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc__DX_KDF_KeyDerivFuncParams params; + + /* Verify input parameters and copy into params. struct. */ + if (ZZSecret_ptr == NULL) { + params.ZZSecret_ptr_null_flag = 1; + } else { + /* Verify array size of ZZSecret_ptr */ + SEP_RPC_ASSERT((ZZSecretSize) <= (CRYS_KDF_MAX_SIZE_OF_SHARED_SECRET_VALUE), CRYS_KDF_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.ZZSecret_ptr, ZZSecret_ptr, sizeof(DxUint8_t) * (ZZSecretSize)); + params.ZZSecret_ptr_null_flag = 0; + } + + params.ZZSecretSize = cpu_to_le32(ZZSecretSize); + if (OtherInfo_ptr == NULL) { + params.__OtherInfo_ptr_null_flag = 1; + } else { + /* Verify array size of AlgorithmID */ + SEP_RPC_ASSERT((OtherInfo_ptr->SizeOfAlgorithmID) <= (CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY), CRYS_KDF_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.__OtherInfo_ptr.AlgorithmID, OtherInfo_ptr->AlgorithmID, sizeof(DxUint8_t) * (OtherInfo_ptr->SizeOfAlgorithmID)); + params.__OtherInfo_ptr.SizeOfAlgorithmID = cpu_to_le32(OtherInfo_ptr->SizeOfAlgorithmID); + /* Verify array size of PartyUInfo */ + SEP_RPC_ASSERT((OtherInfo_ptr->SizeOfPartyUInfo) <= (CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY), CRYS_KDF_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.__OtherInfo_ptr.PartyUInfo, OtherInfo_ptr->PartyUInfo, sizeof(DxUint8_t) * (OtherInfo_ptr->SizeOfPartyUInfo)); + params.__OtherInfo_ptr.SizeOfPartyUInfo = cpu_to_le32(OtherInfo_ptr->SizeOfPartyUInfo); + /* Verify array size of PartyVInfo */ + SEP_RPC_ASSERT((OtherInfo_ptr->SizeOfPartyVInfo) <= (CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY), CRYS_KDF_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.__OtherInfo_ptr.PartyVInfo, OtherInfo_ptr->PartyVInfo, sizeof(DxUint8_t) * (OtherInfo_ptr->SizeOfPartyVInfo)); + params.__OtherInfo_ptr.SizeOfPartyVInfo = cpu_to_le32(OtherInfo_ptr->SizeOfPartyVInfo); + /* Verify array size of SuppPrivInfo */ + SEP_RPC_ASSERT((OtherInfo_ptr->SizeOfSuppPrivInfo) <= (CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY), CRYS_KDF_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.__OtherInfo_ptr.SuppPrivInfo, OtherInfo_ptr->SuppPrivInfo, sizeof(DxUint8_t) * (OtherInfo_ptr->SizeOfSuppPrivInfo)); + params.__OtherInfo_ptr.SizeOfSuppPrivInfo = cpu_to_le32(OtherInfo_ptr->SizeOfSuppPrivInfo); + /* Verify array size of SuppPubInfo */ + SEP_RPC_ASSERT((OtherInfo_ptr->SizeOfSuppPubInfo) <= (CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY), CRYS_KDF_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.__OtherInfo_ptr.SuppPubInfo, OtherInfo_ptr->SuppPubInfo, sizeof(DxUint8_t) * (OtherInfo_ptr->SizeOfSuppPubInfo)); + params.__OtherInfo_ptr.SizeOfSuppPubInfo = cpu_to_le32(OtherInfo_ptr->SizeOfSuppPubInfo); + params.__OtherInfo_ptr_null_flag = 0; + } + + params.KDFhashMode = cpu_to_le32(KDFhashMode); + params.derivation_mode = cpu_to_le32(derivation_mode); + params.KeyingDataSizeBytes = cpu_to_le32(KeyingDataSizeBytes); + if (KeyingData_ptr == NULL) { + params.KeyingData_ptr_null_flag = 1; + } else { + /* Verify array size of KeyingData_ptr */ + SEP_RPC_ASSERT((KeyingDataSizeBytes) <= (CRYS_KDF_MAX_SIZE_OF_KEYING_DATA), CRYS_KDF_HOST_MSG_GENERAL_RPC_B_ERROR); + params.KeyingData_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM__DX_KDF_KeyDerivFunc); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysKdf, SEPRPC_FUNC_ID__DX_KDF_KeyDerivFunc, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_KDF_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of _DX_KDF_KeyDerivFunc failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_KDF_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_KDF_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_KDF_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (KeyingData_ptr == NULL) { + params.KeyingData_ptr_null_flag = 1; + } else { + memcpy(KeyingData_ptr, params.KeyingData_ptr, sizeof(DxUint8_t) * (KeyingDataSizeBytes)); + params.KeyingData_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* _DX_KDF_KeyDerivFunc */ + diff --git a/peripheral/keystore/chaabi/libcc54/generated/crys_rc4_seprpc.h b/peripheral/keystore/chaabi/libcc54/generated/crys_rc4_seprpc.h new file mode 100644 index 0000000..7f56076 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/generated/crys_rc4_seprpc.h @@ -0,0 +1,133 @@ +/* Generated file - DO NOT EDIT! */ +/* Generated by utils/src/sep_rpc_gen/sep_rpc_gen.py@2451 at 2012-09-20 11:57:05.160271 */ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file crys_rc4_seprpc.h + * SeP-RPC header file for CrysRc4 API */ + +#ifndef __CRYS_RC4_SEPRPC_H__ +#define __CRYS_RC4_SEPRPC_H__ + +#define SEPRPC_AGENT_ID_CrysRc4 5 + +#include "crys_rc4.h" +#include "crys_rc4_error.h" +#include "sep_rpc.h" +#include "dx_pal_compiler.h" + + +/************ CRYS_RC4_Init ***************/ +#define SEPRPC_FUNC_ID_CRYS_RC4_Init 1 +/* +CRYSError_t CRYS_RC4_Init( + CRYS_RC4UserContext_t *ContextID_ptr, + DxUint8_t Key_ptr[], + DxUint32_t KeySizeInBytes) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RC4_Init 0 +#if SEPRPC_MEMREF_NUM_CRYS_RC4_Init > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RC4_Init is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RC4_InitParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t Key_ptr[CRYS_RC4_MAX_KEY_SIZE_IN_BYTES]; + DxUint8_t Key_ptr_null_flag; + /*le32*/DxUint32_t KeySizeInBytes; + /* Input/Output */ + CRYS_RC4UserContext_t __ContextID_ptr; + DxUint8_t __ContextID_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RC4_InitParams_s; + + + +/************ CRYS_RC4_Stream ***************/ +#define SEPRPC_FUNC_ID_CRYS_RC4_Stream 2 +/* +CRYSError_t CRYS_RC4_Stream( + CRYS_RC4UserContext_t *ContextID_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RC4_Stream 2 +#if SEPRPC_MEMREF_NUM_CRYS_RC4_Stream > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RC4_Stream is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif +#define SEPRPC_MEMREF_IDX_DataIn_ptr 0 +#define SEPRPC_MEMREF_IDX_DataOut_ptr 1 + +typedef struct SepRpc_CRYS_RC4_StreamParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + struct seprpc_memref memref[SEPRPC_MEMREF_NUM_CRYS_RC4_Stream]; + /* Input */ + /*le32*/DxUint32_t DataInSize; + /* Input/Output */ + CRYS_RC4UserContext_t __ContextID_ptr; + DxUint8_t __ContextID_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RC4_StreamParams_s; + + + +/************ CRYS_RC4_Free ***************/ +#define SEPRPC_FUNC_ID_CRYS_RC4_Free 3 +/* +CRYSError_t CRYS_RC4_Free( + CRYS_RC4UserContext_t *ContextID_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RC4_Free 0 +#if SEPRPC_MEMREF_NUM_CRYS_RC4_Free > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RC4_Free is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RC4_FreeParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input/Output */ + CRYS_RC4UserContext_t __ContextID_ptr; + DxUint8_t __ContextID_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RC4_FreeParams_s; + + + +/************ CRYS_RC4 ***************/ +#define SEPRPC_FUNC_ID_CRYS_RC4 4 +/* +CRYSError_t CRYS_RC4( + DxUint8_t Key_ptr[], + DxUint32_t KeySizeInBytes, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RC4 2 +#if SEPRPC_MEMREF_NUM_CRYS_RC4 > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RC4 is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif +#define SEPRPC_MEMREF_IDX_DataIn_ptr 0 +#define SEPRPC_MEMREF_IDX_DataOut_ptr 1 + +typedef struct SepRpc_CRYS_RC4Params { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + struct seprpc_memref memref[SEPRPC_MEMREF_NUM_CRYS_RC4]; + /* Input */ + DxUint8_t Key_ptr[CRYS_RC4_MAX_KEY_SIZE_IN_BYTES]; + DxUint8_t Key_ptr_null_flag; + /*le32*/DxUint32_t KeySizeInBytes; + /*le32*/DxUint32_t DataInSize; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RC4Params_s; + + +#endif /*__CRYS_RC4_SEPRPC_H__*/ diff --git a/peripheral/keystore/chaabi/libcc54/generated/crys_rc4_seprpc_stub.c b/peripheral/keystore/chaabi/libcc54/generated/crys_rc4_seprpc_stub.c new file mode 100644 index 0000000..67de55f --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/generated/crys_rc4_seprpc_stub.c @@ -0,0 +1,254 @@ +/* Generated file - DO NOT EDIT! */ +/* Generated by utils/src/sep_rpc_gen/sep_rpc_gen.py@2451 at 2012-09-20 11:57:05.161021 */ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file crys_rc4_seprpc_stub.c + * SeP-RPC host wrappers/stubs implementation for CrysRc4 API */ + +#include <string.h> +#include "crys_rc4.h" +#include "crys_rc4_error.h" +#include "sep_rpc.h" +#include "driver_interface.h" +#include "crys_rc4_seprpc.h" + + +/************ CRYS_RC4_Init ***************/ +CRYSError_t CRYS_RC4_Init( + CRYS_RC4UserContext_t *ContextID_ptr, + DxUint8_t Key_ptr[], + DxUint32_t KeySizeInBytes) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RC4_InitParams params; + + /* Verify input parameters and copy into params. struct. */ + if (Key_ptr == NULL) { + params.Key_ptr_null_flag = 1; + } else { + /* Verify array size of Key_ptr */ + SEP_RPC_ASSERT((KeySizeInBytes) <= (CRYS_RC4_MAX_KEY_SIZE_IN_BYTES), CRYS_RC4_DATA_IN_POINTER_INVALID_ERROR); + memcpy(params.Key_ptr, Key_ptr, sizeof(DxUint8_t) * (KeySizeInBytes)); + params.Key_ptr_null_flag = 0; + } + + params.KeySizeInBytes = cpu_to_le32(KeySizeInBytes); + if (ContextID_ptr == NULL) { + params.__ContextID_ptr_null_flag = 1; + } else { + params.__ContextID_ptr = *(ContextID_ptr); + params.__ContextID_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RC4_Init); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRc4, SEPRPC_FUNC_ID_CRYS_RC4_Init, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RC4_Init failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RC4_DATA_IN_POINTER_INVALID_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RC4_DATA_SIZE_ILLEGAL; + default: + return CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR; + } + } + + /* Copy back output parameters */ + if (ContextID_ptr == NULL) { + params.__ContextID_ptr_null_flag = 1; + } else { + *(ContextID_ptr) = params.__ContextID_ptr; + params.__ContextID_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RC4_Init */ + + + +/************ CRYS_RC4_Stream ***************/ +CRYSError_t CRYS_RC4_Stream( + CRYS_RC4UserContext_t *ContextID_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct dxdi_memref memRefs[SEPRPC_MEMREF_NUM_CRYS_RC4_Stream]; + struct SepRpc_CRYS_RC4_StreamParams params; + + /* Verify input parameters and copy into params. struct. */ + params.DataInSize = cpu_to_le32(DataInSize); + if (ContextID_ptr == NULL) { + params.__ContextID_ptr_null_flag = 1; + } else { + params.__ContextID_ptr = *(ContextID_ptr); + params.__ContextID_ptr_null_flag = 0; + } + + + /* User DMA buffers (memory references) */ + /* DataIn_ptr */ + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].start_or_offset = (unsigned long)DataIn_ptr; + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].size = DataInSize; + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].dma_direction = DXDI_DATA_TO_DEVICE; + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].ref_id = DXDI_MEMREF_ID_NULL; + /* DataOut_ptr */ + memRefs[SEPRPC_MEMREF_IDX_DataOut_ptr].start_or_offset = (unsigned long)DataOut_ptr; + memRefs[SEPRPC_MEMREF_IDX_DataOut_ptr].size = DataInSize; + memRefs[SEPRPC_MEMREF_IDX_DataOut_ptr].dma_direction = DXDI_DATA_FROM_DEVICE; + memRefs[SEPRPC_MEMREF_IDX_DataOut_ptr].ref_id = DXDI_MEMREF_ID_NULL; + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RC4_Stream); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRc4, SEPRPC_FUNC_ID_CRYS_RC4_Stream, + memRefs, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RC4_Stream failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RC4_DATA_IN_POINTER_INVALID_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RC4_DATA_SIZE_ILLEGAL; + default: + return CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR; + } + } + + /* Copy back output parameters */ + if (ContextID_ptr == NULL) { + params.__ContextID_ptr_null_flag = 1; + } else { + *(ContextID_ptr) = params.__ContextID_ptr; + params.__ContextID_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RC4_Stream */ + + + +/************ CRYS_RC4_Free ***************/ +CRYSError_t CRYS_RC4_Free( + CRYS_RC4UserContext_t *ContextID_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RC4_FreeParams params; + + /* Verify input parameters and copy into params. struct. */ + if (ContextID_ptr == NULL) { + params.__ContextID_ptr_null_flag = 1; + } else { + params.__ContextID_ptr = *(ContextID_ptr); + params.__ContextID_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RC4_Free); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRc4, SEPRPC_FUNC_ID_CRYS_RC4_Free, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RC4_Free failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RC4_DATA_IN_POINTER_INVALID_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RC4_DATA_SIZE_ILLEGAL; + default: + return CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR; + } + } + + /* Copy back output parameters */ + if (ContextID_ptr == NULL) { + params.__ContextID_ptr_null_flag = 1; + } else { + *(ContextID_ptr) = params.__ContextID_ptr; + params.__ContextID_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RC4_Free */ + + + +/************ CRYS_RC4 ***************/ +CRYSError_t CRYS_RC4( + DxUint8_t Key_ptr[], + DxUint32_t KeySizeInBytes, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct dxdi_memref memRefs[SEPRPC_MEMREF_NUM_CRYS_RC4]; + struct SepRpc_CRYS_RC4Params params; + + /* Verify input parameters and copy into params. struct. */ + if (Key_ptr == NULL) { + params.Key_ptr_null_flag = 1; + } else { + /* Verify array size of Key_ptr */ + SEP_RPC_ASSERT((KeySizeInBytes) <= (CRYS_RC4_MAX_KEY_SIZE_IN_BYTES), CRYS_RC4_DATA_IN_POINTER_INVALID_ERROR); + memcpy(params.Key_ptr, Key_ptr, sizeof(DxUint8_t) * (KeySizeInBytes)); + params.Key_ptr_null_flag = 0; + } + + params.KeySizeInBytes = cpu_to_le32(KeySizeInBytes); + params.DataInSize = cpu_to_le32(DataInSize); + + /* User DMA buffers (memory references) */ + /* DataIn_ptr */ + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].start_or_offset = (unsigned long)DataIn_ptr; + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].size = DataInSize; + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].dma_direction = DXDI_DATA_TO_DEVICE; + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].ref_id = DXDI_MEMREF_ID_NULL; + /* DataOut_ptr */ + memRefs[SEPRPC_MEMREF_IDX_DataOut_ptr].start_or_offset = (unsigned long)DataOut_ptr; + memRefs[SEPRPC_MEMREF_IDX_DataOut_ptr].size = DataInSize; + memRefs[SEPRPC_MEMREF_IDX_DataOut_ptr].dma_direction = DXDI_DATA_FROM_DEVICE; + memRefs[SEPRPC_MEMREF_IDX_DataOut_ptr].ref_id = DXDI_MEMREF_ID_NULL; + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RC4); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRc4, SEPRPC_FUNC_ID_CRYS_RC4, + memRefs, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RC4 failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RC4_DATA_IN_POINTER_INVALID_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RC4_DATA_SIZE_ILLEGAL; + default: + return CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR; + } + } + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RC4 */ + diff --git a/peripheral/keystore/chaabi/libcc54/generated/crys_rnd_seprpc.h b/peripheral/keystore/chaabi/libcc54/generated/crys_rnd_seprpc.h new file mode 100644 index 0000000..9cffac3 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/generated/crys_rnd_seprpc.h @@ -0,0 +1,162 @@ +/* Generated file - DO NOT EDIT! */ +/* Generated by utils/src/sep_rpc_gen/sep_rpc_gen.py@2451 at 2012-09-20 11:57:50.779976 */ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file crys_rnd_seprpc.h + * SeP-RPC header file for CrysRnd API */ + +#ifndef __CRYS_RND_SEPRPC_H__ +#define __CRYS_RND_SEPRPC_H__ + +#define SEPRPC_AGENT_ID_CrysRnd 7 + +#include "crys_rnd_error.h" +#include "crys_rnd.h" +#include "sep_rpc.h" +#include "dx_pal_compiler.h" + + +/************ CRYS_RND_Instantiation ***************/ +#define SEPRPC_FUNC_ID_CRYS_RND_Instantiation 1 +/* +CRYSError_t CRYS_RND_Instantiation( + CRYS_RND_EntropyEstimatData_t *entrEstimBuff_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RND_Instantiation 0 +#if SEPRPC_MEMREF_NUM_CRYS_RND_Instantiation > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RND_Instantiation is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RND_InstantiationParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input/Output */ + CRYS_RND_EntropyEstimatData_t __entrEstimBuff_ptr; + DxUint8_t __entrEstimBuff_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RND_InstantiationParams_s; + + + +/************ CRYS_RND_Reseeding ***************/ +#define SEPRPC_FUNC_ID_CRYS_RND_Reseeding 2 +/* +CRYSError_t CRYS_RND_Reseeding( + CRYS_RND_EntropyEstimatData_t *entrEstimBuff_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RND_Reseeding 0 +#if SEPRPC_MEMREF_NUM_CRYS_RND_Reseeding > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RND_Reseeding is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RND_ReseedingParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input/Output */ + CRYS_RND_EntropyEstimatData_t __entrEstimBuff_ptr; + DxUint8_t __entrEstimBuff_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RND_ReseedingParams_s; + + + +/************ CRYS_RND_GenerateVector ***************/ +#define SEPRPC_FUNC_ID_CRYS_RND_GenerateVector 3 +/* +CRYSError_t CRYS_RND_GenerateVector( + DxUint16_t RndSize, + DxUint8_t Output_ptr[]) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RND_GenerateVector 0 +#if SEPRPC_MEMREF_NUM_CRYS_RND_GenerateVector > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RND_GenerateVector is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RND_GenerateVectorParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + /*le16*/DxUint16_t RndSize; + /* Output */ + DxUint8_t Output_ptr[CRYS_RND_MAX_SIZE_OF_OUTPUT_BYTES]; + DxUint8_t Output_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RND_GenerateVectorParams_s; + + + +/************ CRYS_RND_GenerateVectorInRange ***************/ +#define SEPRPC_FUNC_ID_CRYS_RND_GenerateVectorInRange 4 +/* +CRYSError_t CRYS_RND_GenerateVectorInRange( + DxUint32_t RndSizeInBits, + DxUint8_t MaxVect_ptr[], + DxUint8_t RndVect_ptr[]) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RND_GenerateVectorInRange 0 +#if SEPRPC_MEMREF_NUM_CRYS_RND_GenerateVectorInRange > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RND_GenerateVectorInRange is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RND_GenerateVectorInRangeParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + /*le32*/DxUint32_t RndSizeInBits; + DxUint8_t MaxVect_ptr[CRYS_RND_MAX_SIZE_OF_OUTPUT_BYTES]; + DxUint8_t MaxVect_ptr_null_flag; + /* Output */ + DxUint8_t RndVect_ptr[CRYS_RND_MAX_SIZE_OF_OUTPUT_BYTES]; + DxUint8_t RndVect_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RND_GenerateVectorInRangeParams_s; + + + +/************ CRYS_RND_AddAdditionalInput ***************/ +#define SEPRPC_FUNC_ID_CRYS_RND_AddAdditionalInput 5 +/* +CRYSError_t CRYS_RND_AddAdditionalInput( + DxUint8_t AdditonalInput_ptr[], + DxUint16_t AdditonalInputSize) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RND_AddAdditionalInput 0 +#if SEPRPC_MEMREF_NUM_CRYS_RND_AddAdditionalInput > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RND_AddAdditionalInput is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RND_AddAdditionalInputParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t AdditonalInput_ptr[32]; + DxUint8_t AdditonalInput_ptr_null_flag; + /*le16*/DxUint16_t AdditonalInputSize; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RND_AddAdditionalInputParams_s; + + + +/************ CRYS_RND_UnInstantiation ***************/ +#define SEPRPC_FUNC_ID_CRYS_RND_UnInstantiation 6 +/* +CRYSError_t CRYS_RND_UnInstantiation( +) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RND_UnInstantiation 0 +#if SEPRPC_MEMREF_NUM_CRYS_RND_UnInstantiation > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RND_UnInstantiation is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RND_UnInstantiationParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RND_UnInstantiationParams_s; + + +#endif /*__CRYS_RND_SEPRPC_H__*/ diff --git a/peripheral/keystore/chaabi/libcc54/generated/crys_rnd_seprpc_stub.c b/peripheral/keystore/chaabi/libcc54/generated/crys_rnd_seprpc_stub.c new file mode 100644 index 0000000..d4639f6 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/generated/crys_rnd_seprpc_stub.c @@ -0,0 +1,312 @@ +/* Generated file - DO NOT EDIT! */ +/* Generated by utils/src/sep_rpc_gen/sep_rpc_gen.py@2451 at 2012-09-20 11:57:50.780740 */ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file crys_rnd_seprpc_stub.c + * SeP-RPC host wrappers/stubs implementation for CrysRnd API */ + +#include <string.h> +#include "crys_rnd_error.h" +#include "crys_rnd.h" +#include "sep_rpc.h" +#include "driver_interface.h" +#include "crys_rnd_seprpc.h" + + +/************ CRYS_RND_Instantiation ***************/ +CRYSError_t CRYS_RND_Instantiation( + CRYS_RND_EntropyEstimatData_t *entrEstimBuff_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RND_InstantiationParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + if (entrEstimBuff_ptr == NULL) { + params.__entrEstimBuff_ptr_null_flag = 1; + } else { + for (i1 = 0; i1 < (CRYS_PKA_RND_ENTR_ESTIM_BUFF_MAX_LENGTH_IN_WORDS); i1++) { + params.__entrEstimBuff_ptr.crysRndEntrIntBuff[i1] = cpu_to_le32(entrEstimBuff_ptr->crysRndEntrIntBuff[i1]); + } + params.__entrEstimBuff_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RND_Instantiation); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRnd, SEPRPC_FUNC_ID_CRYS_RND_Instantiation, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RND_GEN_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RND_Instantiation failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RND_GEN_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RND_GEN_C_ERROR; + default: + return CRYS_RND_GEN_A_ERROR; + } + } + + /* Copy back output parameters */ + if (entrEstimBuff_ptr == NULL) { + params.__entrEstimBuff_ptr_null_flag = 1; + } else { + for (i1 = 0; i1 < (CRYS_PKA_RND_ENTR_ESTIM_BUFF_MAX_LENGTH_IN_WORDS); i1++) { + entrEstimBuff_ptr->crysRndEntrIntBuff[i1] = le32_to_cpu(params.__entrEstimBuff_ptr.crysRndEntrIntBuff[i1]); + } + params.__entrEstimBuff_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RND_Instantiation */ + + + +/************ CRYS_RND_Reseeding ***************/ +CRYSError_t CRYS_RND_Reseeding( + CRYS_RND_EntropyEstimatData_t *entrEstimBuff_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RND_ReseedingParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + if (entrEstimBuff_ptr == NULL) { + params.__entrEstimBuff_ptr_null_flag = 1; + } else { + for (i1 = 0; i1 < (CRYS_PKA_RND_ENTR_ESTIM_BUFF_MAX_LENGTH_IN_WORDS); i1++) { + params.__entrEstimBuff_ptr.crysRndEntrIntBuff[i1] = cpu_to_le32(entrEstimBuff_ptr->crysRndEntrIntBuff[i1]); + } + params.__entrEstimBuff_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RND_Reseeding); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRnd, SEPRPC_FUNC_ID_CRYS_RND_Reseeding, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RND_GEN_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RND_Reseeding failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RND_GEN_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RND_GEN_C_ERROR; + default: + return CRYS_RND_GEN_A_ERROR; + } + } + + /* Copy back output parameters */ + if (entrEstimBuff_ptr == NULL) { + params.__entrEstimBuff_ptr_null_flag = 1; + } else { + for (i1 = 0; i1 < (CRYS_PKA_RND_ENTR_ESTIM_BUFF_MAX_LENGTH_IN_WORDS); i1++) { + entrEstimBuff_ptr->crysRndEntrIntBuff[i1] = le32_to_cpu(params.__entrEstimBuff_ptr.crysRndEntrIntBuff[i1]); + } + params.__entrEstimBuff_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RND_Reseeding */ + + + +/************ CRYS_RND_GenerateVector ***************/ +CRYSError_t CRYS_RND_GenerateVector( + DxUint16_t RndSize, + DxUint8_t Output_ptr[]) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RND_GenerateVectorParams params; + + /* Verify input parameters and copy into params. struct. */ + params.RndSize = cpu_to_le16(RndSize); + if (Output_ptr == NULL) { + params.Output_ptr_null_flag = 1; + } else { + /* Verify array size of Output_ptr */ + SEP_RPC_ASSERT((RndSize) <= (CRYS_RND_MAX_SIZE_OF_OUTPUT_BYTES), CRYS_RND_GEN_B_ERROR); + params.Output_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RND_GenerateVector); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRnd, SEPRPC_FUNC_ID_CRYS_RND_GenerateVector, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RND_GEN_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RND_GenerateVector failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RND_GEN_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RND_GEN_C_ERROR; + default: + return CRYS_RND_GEN_A_ERROR; + } + } + + /* Copy back output parameters */ + if (Output_ptr == NULL) { + params.Output_ptr_null_flag = 1; + } else if (RndSize <= (sizeof(params.Output_ptr) / sizeof(params.Output_ptr[0]))) { + memcpy(Output_ptr, params.Output_ptr, sizeof(DxUint8_t) * (RndSize)); + params.Output_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RND_GenerateVector */ + + + +/************ CRYS_RND_GenerateVectorInRange ***************/ +CRYSError_t CRYS_RND_GenerateVectorInRange( + DxUint32_t RndSizeInBits, + DxUint8_t MaxVect_ptr[], + DxUint8_t RndVect_ptr[]) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RND_GenerateVectorInRangeParams params; + + /* Verify input parameters and copy into params. struct. */ + params.RndSizeInBits = cpu_to_le32(RndSizeInBits); + if (MaxVect_ptr == NULL) { + params.MaxVect_ptr_null_flag = 1; + } else { + memcpy(params.MaxVect_ptr, MaxVect_ptr, sizeof(DxUint8_t) * (CRYS_RND_MAX_SIZE_OF_OUTPUT_BYTES)); + params.MaxVect_ptr_null_flag = 0; + } + + if (RndVect_ptr == NULL) { + params.RndVect_ptr_null_flag = 1; + } else { + /* Verify array size of RndVect_ptr */ + SEP_RPC_ASSERT(((RndSizeInBits+7)/8) <= (CRYS_RND_MAX_SIZE_OF_OUTPUT_BYTES), CRYS_RND_GEN_B_ERROR); + params.RndVect_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RND_GenerateVectorInRange); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRnd, SEPRPC_FUNC_ID_CRYS_RND_GenerateVectorInRange, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RND_GEN_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RND_GenerateVectorInRange failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RND_GEN_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RND_GEN_C_ERROR; + default: + return CRYS_RND_GEN_A_ERROR; + } + } + + /* Copy back output parameters */ + if (RndVect_ptr == NULL) { + params.RndVect_ptr_null_flag = 1; + } else { + memcpy(RndVect_ptr, params.RndVect_ptr, sizeof(DxUint8_t) * ((RndSizeInBits+7)/8)); + params.RndVect_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RND_GenerateVectorInRange */ + + + +/************ CRYS_RND_AddAdditionalInput ***************/ +CRYSError_t CRYS_RND_AddAdditionalInput( + DxUint8_t AdditonalInput_ptr[], + DxUint16_t AdditonalInputSize) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RND_AddAdditionalInputParams params; + + /* Verify input parameters and copy into params. struct. */ + if (AdditonalInput_ptr == NULL) { + params.AdditonalInput_ptr_null_flag = 1; + } else { + /* Verify array size of AdditonalInput_ptr */ + SEP_RPC_ASSERT((AdditonalInputSize) <= (32), CRYS_RND_GEN_B_ERROR); + memcpy(params.AdditonalInput_ptr, AdditonalInput_ptr, sizeof(DxUint8_t) * (AdditonalInputSize)); + params.AdditonalInput_ptr_null_flag = 0; + } + + params.AdditonalInputSize = cpu_to_le16(AdditonalInputSize); + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RND_AddAdditionalInput); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRnd, SEPRPC_FUNC_ID_CRYS_RND_AddAdditionalInput, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RND_GEN_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RND_AddAdditionalInput failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RND_GEN_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RND_GEN_C_ERROR; + default: + return CRYS_RND_GEN_A_ERROR; + } + } + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RND_AddAdditionalInput */ + + + +/************ CRYS_RND_UnInstantiation ***************/ +CRYSError_t CRYS_RND_UnInstantiation( +) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RND_UnInstantiationParams params; + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RND_UnInstantiation); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRnd, SEPRPC_FUNC_ID_CRYS_RND_UnInstantiation, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RND_GEN_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RND_UnInstantiation failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RND_GEN_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RND_GEN_C_ERROR; + default: + return CRYS_RND_GEN_A_ERROR; + } + } + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RND_UnInstantiation */ + diff --git a/peripheral/keystore/chaabi/libcc54/generated/crys_rsa_seprpc.h b/peripheral/keystore/chaabi/libcc54/generated/crys_rsa_seprpc.h new file mode 100644 index 0000000..5b881c6 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/generated/crys_rsa_seprpc.h @@ -0,0 +1,880 @@ +/* Generated file - DO NOT EDIT! */ +/* Generated by utils/src/sep_rpc_gen/sep_rpc_gen.py@2451 at 2012-09-20 11:56:54.312055 */ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file crys_rsa_seprpc.h + * SeP-RPC header file for CrysRsa API */ + +#ifndef __CRYS_RSA_SEPRPC_H__ +#define __CRYS_RSA_SEPRPC_H__ + +#define SEPRPC_AGENT_ID_CrysRsa 2 + +#include "crys_host_rpc_config.h" +#include "crys_rsa_error.h" +#include "crys_rsa_prim.h" +#include "crys_rsa_schemes.h" +#include "crys_rsa_build.h" +#include "crys_rsa_kg.h" +#include "crys_rsa_extend.h" +#include "sep_rpc.h" +#include "dx_pal_compiler.h" + + +/************ CRYS_RSA_PRIM_Encrypt ***************/ +#define SEPRPC_FUNC_ID_CRYS_RSA_PRIM_Encrypt 1 +/* +CRYSError_t CRYS_RSA_PRIM_Encrypt( + CRYS_RSAUserPubKey_t *UserPubKey_ptr, + CRYS_RSAPrimeData_t *PrimeData_ptr, + DxUint8_t Data_ptr[], + DxUint16_t DataSize, + DxUint8_t Output_ptr[]) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RSA_PRIM_Encrypt 0 +#if SEPRPC_MEMREF_NUM_CRYS_RSA_PRIM_Encrypt > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RSA_PRIM_Encrypt is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RSA_PRIM_EncryptParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + CRYS_RSAUserPubKey_t __UserPubKey_ptr; + DxUint8_t __UserPubKey_ptr_null_flag; + DxUint32_t PrimeData_ptr_size; + DxUint8_t Data_ptr[4*CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint8_t Data_ptr_null_flag; + /*le16*/DxUint16_t DataSize; + /* Output */ + DxUint8_t Output_ptr[4*CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint8_t Output_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RSA_PRIM_EncryptParams_s; + + + +/************ CRYS_RSA_PRIM_Decrypt ***************/ +#define SEPRPC_FUNC_ID_CRYS_RSA_PRIM_Decrypt 2 +/* +CRYSError_t CRYS_RSA_PRIM_Decrypt( + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAPrimeData_t *PrimeData_ptr, + DxUint8_t Data_ptr[], + DxUint16_t DataSize, + DxUint8_t Output_ptr[]) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RSA_PRIM_Decrypt 0 +#if SEPRPC_MEMREF_NUM_CRYS_RSA_PRIM_Decrypt > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RSA_PRIM_Decrypt is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RSA_PRIM_DecryptParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + CRYS_RSAUserPrivKey_t __UserPrivKey_ptr; + DxUint8_t __UserPrivKey_ptr_null_flag; + DxUint32_t PrimeData_ptr_size; + DxUint8_t Data_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t Data_ptr_null_flag; + /*le16*/DxUint16_t DataSize; + /* Output */ + DxUint8_t Output_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t Output_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RSA_PRIM_DecryptParams_s; + + + +/************ _DX_RSA_SCHEMES_Encrypt ***************/ +#define SEPRPC_FUNC_ID__DX_RSA_SCHEMES_Encrypt 3 +/* +CRYSError_t _DX_RSA_SCHEMES_Encrypt( + CRYS_RSAUserPubKey_t *UserPubKey_ptr, + CRYS_RSAPrimeData_t *PrimeData_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + DxUint8_t L[], + DxUint16_t Llen, + CRYS_PKCS1_MGF_t MGF, + DxUint8_t DataIn_ptr[], + DxUint16_t DataInSize, + DxUint8_t Output_ptr[], + CRYS_PKCS1_version PKCS1_ver) +*/ + +#define SEPRPC_MEMREF_NUM__DX_RSA_SCHEMES_Encrypt 0 +#if SEPRPC_MEMREF_NUM__DX_RSA_SCHEMES_Encrypt > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM__DX_RSA_SCHEMES_Encrypt is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc__DX_RSA_SCHEMES_EncryptParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + CRYS_RSAUserPubKey_t __UserPubKey_ptr; + DxUint8_t __UserPubKey_ptr_null_flag; + DxUint32_t PrimeData_ptr_size; + /*le32*/CRYS_RSA_HASH_OpMode_t hashFunc; + DxUint8_t L[2048]; + DxUint8_t L_null_flag; + /*le16*/DxUint16_t Llen; + /*le32*/CRYS_PKCS1_MGF_t MGF; + DxUint8_t DataIn_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t DataIn_ptr_null_flag; + /*le16*/DxUint16_t DataInSize; + /*le32*/CRYS_PKCS1_version PKCS1_ver; + /* Output */ + DxUint8_t Output_ptr[4*CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint8_t Output_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc__DX_RSA_SCHEMES_EncryptParams_s; + + + +/************ _DX_RSA_SCHEMES_Decrypt ***************/ +#define SEPRPC_FUNC_ID__DX_RSA_SCHEMES_Decrypt 4 +/* +CRYSError_t _DX_RSA_SCHEMES_Decrypt( + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAPrimeData_t *PrimeData_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + DxUint8_t L[], + DxUint16_t Llen, + CRYS_PKCS1_MGF_t MGF, + DxUint8_t DataIn_ptr[], + DxUint16_t DataInSize, + DxUint8_t Output_ptr[], + DxUint16_t *OutputSize_ptr, + CRYS_PKCS1_version PKCS1_ver) +*/ + +#define SEPRPC_MEMREF_NUM__DX_RSA_SCHEMES_Decrypt 0 +#if SEPRPC_MEMREF_NUM__DX_RSA_SCHEMES_Decrypt > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM__DX_RSA_SCHEMES_Decrypt is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc__DX_RSA_SCHEMES_DecryptParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + CRYS_RSAUserPrivKey_t __UserPrivKey_ptr; + DxUint8_t __UserPrivKey_ptr_null_flag; + DxUint32_t PrimeData_ptr_size; + /*le32*/CRYS_RSA_HASH_OpMode_t hashFunc; + DxUint8_t L[2048]; + DxUint8_t L_null_flag; + /*le16*/DxUint16_t Llen; + /*le32*/CRYS_PKCS1_MGF_t MGF; + DxUint8_t DataIn_ptr[4*CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint8_t DataIn_ptr_null_flag; + /*le16*/DxUint16_t DataInSize; + /*le32*/CRYS_PKCS1_version PKCS1_ver; + /* Input/Output */ + /*le16*/DxUint16_t __OutputSize_ptr; + DxUint8_t __OutputSize_ptr_null_flag; + /* Output */ + DxUint8_t Output_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t Output_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc__DX_RSA_SCHEMES_DecryptParams_s; + + + +/************ _DX_RSA_SignInit ***************/ +#define SEPRPC_FUNC_ID__DX_RSA_SignInit 5 +/* +CRYSError_t _DX_RSA_SignInit( + CRYS_RSAPrivUserContext_t *UserContext_ptr, + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + CRYS_PKCS1_MGF_t MGF, + DxUint16_t SaltLen, + CRYS_PKCS1_version PKCS1_ver) +*/ + +#define SEPRPC_MEMREF_NUM__DX_RSA_SignInit 0 +#if SEPRPC_MEMREF_NUM__DX_RSA_SignInit > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM__DX_RSA_SignInit is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc__DX_RSA_SignInitParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + CRYS_RSAUserPrivKey_t __UserPrivKey_ptr; + DxUint8_t __UserPrivKey_ptr_null_flag; + /*le32*/CRYS_RSA_HASH_OpMode_t hashFunc; + /*le32*/CRYS_PKCS1_MGF_t MGF; + /*le16*/DxUint16_t SaltLen; + /*le32*/CRYS_PKCS1_version PKCS1_ver; + /* Input/Output */ + CRYS_RSAPrivUserContext_t __UserContext_ptr; + DxUint8_t __UserContext_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc__DX_RSA_SignInitParams_s; + + + +/************ _DX_RSA_SignFinish ***************/ +#define SEPRPC_FUNC_ID__DX_RSA_SignFinish 6 +/* +CRYSError_t _DX_RSA_SignFinish( + CRYS_RSAPrivUserContext_t *UserContext_ptr, + DxUint8_t Output_ptr[], + DxUint16_t *OutputSize_ptr) +*/ + +#define SEPRPC_MEMREF_NUM__DX_RSA_SignFinish 0 +#if SEPRPC_MEMREF_NUM__DX_RSA_SignFinish > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM__DX_RSA_SignFinish is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc__DX_RSA_SignFinishParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input/Output */ + CRYS_RSAPrivUserContext_t __UserContext_ptr; + DxUint8_t __UserContext_ptr_null_flag; + /*le16*/DxUint16_t __OutputSize_ptr; + DxUint8_t __OutputSize_ptr_null_flag; + /* Output */ + DxUint8_t Output_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t Output_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc__DX_RSA_SignFinishParams_s; + + + +/************ _DX_RSA_SignUpdate ***************/ +#define SEPRPC_FUNC_ID__DX_RSA_SignUpdate 7 +/* +CRYSError_t _DX_RSA_SignUpdate( + CRYS_RSAPrivUserContext_t *UserContext_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize) +*/ + +#define SEPRPC_MEMREF_NUM__DX_RSA_SignUpdate 1 +#if SEPRPC_MEMREF_NUM__DX_RSA_SignUpdate > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM__DX_RSA_SignUpdate is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif +#define SEPRPC_MEMREF_IDX_DataIn_ptr 0 + +typedef struct SepRpc__DX_RSA_SignUpdateParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + struct seprpc_memref memref[SEPRPC_MEMREF_NUM__DX_RSA_SignUpdate]; + /* Input */ + /*le32*/DxUint32_t DataInSize; + /* Input/Output */ + CRYS_RSAPrivUserContext_t __UserContext_ptr; + DxUint8_t __UserContext_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc__DX_RSA_SignUpdateParams_s; + + + +/************ _DX_RSA_Sign ***************/ +#define SEPRPC_FUNC_ID__DX_RSA_Sign 8 +/* +CRYSError_t _DX_RSA_Sign( + CRYS_RSAPrivUserContext_t *UserContext_ptr, + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + CRYS_PKCS1_MGF_t MGF, + DxUint16_t SaltLen, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t Output_ptr[], + DxUint16_t *OutputSize_ptr, + CRYS_PKCS1_version PKCS1_ver) +*/ + +#define SEPRPC_MEMREF_NUM__DX_RSA_Sign 1 +#if SEPRPC_MEMREF_NUM__DX_RSA_Sign > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM__DX_RSA_Sign is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif +#define SEPRPC_MEMREF_IDX_DataIn_ptr 0 + +typedef struct SepRpc__DX_RSA_SignParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + struct seprpc_memref memref[SEPRPC_MEMREF_NUM__DX_RSA_Sign]; + /* Input */ + DxUint32_t UserContext_ptr_size; + CRYS_RSAUserPrivKey_t __UserPrivKey_ptr; + DxUint8_t __UserPrivKey_ptr_null_flag; + /*le32*/CRYS_RSA_HASH_OpMode_t hashFunc; + /*le32*/CRYS_PKCS1_MGF_t MGF; + /*le16*/DxUint16_t SaltLen; + /*le32*/DxUint32_t DataInSize; + /*le32*/CRYS_PKCS1_version PKCS1_ver; + /* Input/Output */ + /*le16*/DxUint16_t __OutputSize_ptr; + DxUint8_t __OutputSize_ptr_null_flag; + /* Output */ + DxUint8_t Output_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t Output_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc__DX_RSA_SignParams_s; + + + +/************ _DX_RSA_VerifyInit ***************/ +#define SEPRPC_FUNC_ID__DX_RSA_VerifyInit 9 +/* +CRYSError_t _DX_RSA_VerifyInit( + CRYS_RSAPubUserContext_t *UserContext_ptr, + CRYS_RSAUserPubKey_t *UserPubKey_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + CRYS_PKCS1_MGF_t MGF, + DxUint16_t SaltLen, + CRYS_PKCS1_version PKCS1_ver) +*/ + +#define SEPRPC_MEMREF_NUM__DX_RSA_VerifyInit 0 +#if SEPRPC_MEMREF_NUM__DX_RSA_VerifyInit > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM__DX_RSA_VerifyInit is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc__DX_RSA_VerifyInitParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + CRYS_RSAUserPubKey_t __UserPubKey_ptr; + DxUint8_t __UserPubKey_ptr_null_flag; + /*le32*/CRYS_RSA_HASH_OpMode_t hashFunc; + /*le32*/CRYS_PKCS1_MGF_t MGF; + /*le16*/DxUint16_t SaltLen; + /*le32*/CRYS_PKCS1_version PKCS1_ver; + /* Output */ + CRYS_RSAPubUserContext_t __UserContext_ptr; + DxUint8_t __UserContext_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc__DX_RSA_VerifyInitParams_s; + + + +/************ _DX_RSA_VerifyUpdate ***************/ +#define SEPRPC_FUNC_ID__DX_RSA_VerifyUpdate 10 +/* +CRYSError_t _DX_RSA_VerifyUpdate( + CRYS_RSAPubUserContext_t *UserContext_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize) +*/ + +#define SEPRPC_MEMREF_NUM__DX_RSA_VerifyUpdate 1 +#if SEPRPC_MEMREF_NUM__DX_RSA_VerifyUpdate > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM__DX_RSA_VerifyUpdate is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif +#define SEPRPC_MEMREF_IDX_DataIn_ptr 0 + +typedef struct SepRpc__DX_RSA_VerifyUpdateParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + struct seprpc_memref memref[SEPRPC_MEMREF_NUM__DX_RSA_VerifyUpdate]; + /* Input */ + /*le32*/DxUint32_t DataInSize; + /* Input/Output */ + CRYS_RSAPubUserContext_t __UserContext_ptr; + DxUint8_t __UserContext_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc__DX_RSA_VerifyUpdateParams_s; + + + +/************ _DX_RSA_VerifyFinish ***************/ +#define SEPRPC_FUNC_ID__DX_RSA_VerifyFinish 11 +/* +CRYSError_t _DX_RSA_VerifyFinish( + CRYS_RSAPubUserContext_t *UserContext_ptr, + DxUint8_t Sig_ptr[]) +*/ + +#define SEPRPC_MEMREF_NUM__DX_RSA_VerifyFinish 0 +#if SEPRPC_MEMREF_NUM__DX_RSA_VerifyFinish > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM__DX_RSA_VerifyFinish is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc__DX_RSA_VerifyFinishParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t Sig_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t Sig_ptr_null_flag; + /* Input/Output */ + CRYS_RSAPubUserContext_t __UserContext_ptr; + DxUint8_t __UserContext_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc__DX_RSA_VerifyFinishParams_s; + + + +/************ _DX_RSA_Verify ***************/ +#define SEPRPC_FUNC_ID__DX_RSA_Verify 12 +/* +CRYSError_t _DX_RSA_Verify( + CRYS_RSAPubUserContext_t *UserContext_ptr, + CRYS_RSAUserPubKey_t *UserPubKey_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + CRYS_PKCS1_MGF_t MGF, + DxUint16_t SaltLen, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t Sig_ptr[], + CRYS_PKCS1_version PKCS1_ver) +*/ + +#define SEPRPC_MEMREF_NUM__DX_RSA_Verify 1 +#if SEPRPC_MEMREF_NUM__DX_RSA_Verify > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM__DX_RSA_Verify is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif +#define SEPRPC_MEMREF_IDX_DataIn_ptr 0 + +typedef struct SepRpc__DX_RSA_VerifyParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + struct seprpc_memref memref[SEPRPC_MEMREF_NUM__DX_RSA_Verify]; + /* Input */ + DxUint32_t UserContext_ptr_size; + CRYS_RSAUserPubKey_t __UserPubKey_ptr; + DxUint8_t __UserPubKey_ptr_null_flag; + /*le32*/CRYS_RSA_HASH_OpMode_t hashFunc; + /*le32*/CRYS_PKCS1_MGF_t MGF; + /*le16*/DxUint16_t SaltLen; + /*le32*/DxUint32_t DataInSize; + DxUint8_t Sig_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t Sig_ptr_null_flag; + /*le32*/CRYS_PKCS1_version PKCS1_ver; + CRYSError_t _funcRetCode; +} SepRpc__DX_RSA_VerifyParams_s; + + + +/************ CRYS_RSA_Build_PubKey ***************/ +#define SEPRPC_FUNC_ID_CRYS_RSA_Build_PubKey 13 +/* +CRYSError_t CRYS_RSA_Build_PubKey( + CRYS_RSAUserPubKey_t *UserPubKey_ptr, + DxUint8_t Exponent_ptr[], + DxUint16_t ExponentSize, + DxUint8_t Modulus_ptr[], + DxUint16_t ModulusSize) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RSA_Build_PubKey 0 +#if SEPRPC_MEMREF_NUM_CRYS_RSA_Build_PubKey > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RSA_Build_PubKey is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RSA_Build_PubKeyParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t Exponent_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t Exponent_ptr_null_flag; + /*le16*/DxUint16_t ExponentSize; + DxUint8_t Modulus_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t Modulus_ptr_null_flag; + /*le16*/DxUint16_t ModulusSize; + /* Output */ + CRYS_RSAUserPubKey_t __UserPubKey_ptr; + DxUint8_t __UserPubKey_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RSA_Build_PubKeyParams_s; + + + +/************ CRYS_RSA_Build_PrivKey ***************/ +#define SEPRPC_FUNC_ID_CRYS_RSA_Build_PrivKey 14 +/* +CRYSError_t CRYS_RSA_Build_PrivKey( + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + DxUint8_t PrivExponent_ptr[], + DxUint16_t PrivExponentSize, + DxUint8_t PubExponent_ptr[], + DxUint16_t PubExponentSize, + DxUint8_t Modulus_ptr[], + DxUint16_t ModulusSize) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RSA_Build_PrivKey 0 +#if SEPRPC_MEMREF_NUM_CRYS_RSA_Build_PrivKey > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RSA_Build_PrivKey is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RSA_Build_PrivKeyParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t PrivExponent_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t PrivExponent_ptr_null_flag; + /*le16*/DxUint16_t PrivExponentSize; + DxUint8_t PubExponent_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t PubExponent_ptr_null_flag; + /*le16*/DxUint16_t PubExponentSize; + DxUint8_t Modulus_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t Modulus_ptr_null_flag; + /*le16*/DxUint16_t ModulusSize; + /* Output */ + CRYS_RSAUserPrivKey_t __UserPrivKey_ptr; + DxUint8_t __UserPrivKey_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RSA_Build_PrivKeyParams_s; + + + +/************ CRYS_RSA_Build_PrivKeyCRT ***************/ +#define SEPRPC_FUNC_ID_CRYS_RSA_Build_PrivKeyCRT 15 +/* +CRYSError_t CRYS_RSA_Build_PrivKeyCRT( + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + DxUint8_t P_ptr[], + DxUint16_t PSize, + DxUint8_t Q_ptr[], + DxUint16_t QSize, + DxUint8_t dP_ptr[], + DxUint16_t dPSize, + DxUint8_t dQ_ptr[], + DxUint16_t dQSize, + DxUint8_t qInv_ptr[], + DxUint16_t qInvSize) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RSA_Build_PrivKeyCRT 0 +#if SEPRPC_MEMREF_NUM_CRYS_RSA_Build_PrivKeyCRT > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RSA_Build_PrivKeyCRT is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RSA_Build_PrivKeyCRTParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t P_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t P_ptr_null_flag; + /*le16*/DxUint16_t PSize; + DxUint8_t Q_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t Q_ptr_null_flag; + /*le16*/DxUint16_t QSize; + DxUint8_t dP_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t dP_ptr_null_flag; + /*le16*/DxUint16_t dPSize; + DxUint8_t dQ_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t dQ_ptr_null_flag; + /*le16*/DxUint16_t dQSize; + DxUint8_t qInv_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t qInv_ptr_null_flag; + /*le16*/DxUint16_t qInvSize; + /* Output */ + CRYS_RSAUserPrivKey_t __UserPrivKey_ptr; + DxUint8_t __UserPrivKey_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RSA_Build_PrivKeyCRTParams_s; + + + +/************ CRYS_RSA_KG_GenerateKeyPair ***************/ +#define SEPRPC_FUNC_ID_CRYS_RSA_KG_GenerateKeyPair 16 +/* +CRYSError_t CRYS_RSA_KG_GenerateKeyPair( + DxUint8_t pubExp_ptr[], + DxUint16_t pubExpSizeInBytes, + DxUint32_t keySize, + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAUserPubKey_t *userPubKey_ptr, + CRYS_RSAKGData_t *keyGenData_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RSA_KG_GenerateKeyPair 0 +#if SEPRPC_MEMREF_NUM_CRYS_RSA_KG_GenerateKeyPair > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RSA_KG_GenerateKeyPair is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RSA_KG_GenerateKeyPairParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t pubExp_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t pubExp_ptr_null_flag; + /*le16*/DxUint16_t pubExpSizeInBytes; + /*le32*/DxUint32_t keySize; + DxUint32_t keyGenData_ptr_size; + /* Output */ + CRYS_RSAUserPrivKey_t __UserPrivKey_ptr; + DxUint8_t __UserPrivKey_ptr_null_flag; + CRYS_RSAUserPubKey_t __userPubKey_ptr; + DxUint8_t __userPubKey_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RSA_KG_GenerateKeyPairParams_s; + + + +/************ CRYS_RSA_KG_GenerateKeyPairCRT ***************/ +#define SEPRPC_FUNC_ID_CRYS_RSA_KG_GenerateKeyPairCRT 17 +/* +CRYSError_t CRYS_RSA_KG_GenerateKeyPairCRT( + DxUint8_t pubExp_ptr[], + DxUint16_t pubExpSizeInBytes, + DxUint32_t keySize, + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAUserPubKey_t *userPubKey_ptr, + CRYS_RSAKGData_t *keyGenData_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RSA_KG_GenerateKeyPairCRT 0 +#if SEPRPC_MEMREF_NUM_CRYS_RSA_KG_GenerateKeyPairCRT > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RSA_KG_GenerateKeyPairCRT is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RSA_KG_GenerateKeyPairCRTParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t pubExp_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4*2+1]; + DxUint8_t pubExp_ptr_null_flag; + /*le16*/DxUint16_t pubExpSizeInBytes; + /*le32*/DxUint32_t keySize; + DxUint32_t keyGenData_ptr_size; + /* Output */ + CRYS_RSAUserPrivKey_t __UserPrivKey_ptr; + DxUint8_t __UserPrivKey_ptr_null_flag; + CRYS_RSAUserPubKey_t __userPubKey_ptr; + DxUint8_t __userPubKey_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RSA_KG_GenerateKeyPairCRTParams_s; + + + +/************ CRYS_RSA_Get_PubKey ***************/ +#define SEPRPC_FUNC_ID_CRYS_RSA_Get_PubKey 18 +/* +CRYSError_t CRYS_RSA_Get_PubKey( + CRYS_RSAUserPubKey_t *UserPubKey_ptr, + DxUint8_t Exponent_ptr[], + DxUint16_t *ExponentSize_ptr, + DxUint8_t Modulus_ptr[], + DxUint16_t *ModulusSize_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RSA_Get_PubKey 0 +#if SEPRPC_MEMREF_NUM_CRYS_RSA_Get_PubKey > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RSA_Get_PubKey is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RSA_Get_PubKeyParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + CRYS_RSAUserPubKey_t __UserPubKey_ptr; + DxUint8_t __UserPubKey_ptr_null_flag; + /* Input/Output */ + /*le16*/DxUint16_t __ExponentSize_ptr; + DxUint8_t __ExponentSize_ptr_null_flag; + /*le16*/DxUint16_t __ModulusSize_ptr; + DxUint8_t __ModulusSize_ptr_null_flag; + /* Output */ + DxUint8_t Exponent_ptr[ CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4-1]; + DxUint8_t Exponent_ptr_null_flag; + DxUint8_t Modulus_ptr[ CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4-1]; + DxUint8_t Modulus_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RSA_Get_PubKeyParams_s; + + + +/************ CRYS_RSA_Get_ModSizeFromPubKey ***************/ +#define SEPRPC_FUNC_ID_CRYS_RSA_Get_ModSizeFromPubKey 19 +/* +CRYSError_t CRYS_RSA_Get_ModSizeFromPubKey( + CRYS_RSAUserPubKey_t *userPubKey_ptr, + DxUint16_t *ModulusSize_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RSA_Get_ModSizeFromPubKey 0 +#if SEPRPC_MEMREF_NUM_CRYS_RSA_Get_ModSizeFromPubKey > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RSA_Get_ModSizeFromPubKey is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RSA_Get_ModSizeFromPubKeyParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + CRYS_RSAUserPubKey_t __userPubKey_ptr; + DxUint8_t __userPubKey_ptr_null_flag; + /* Output */ + /*le16*/DxUint16_t __ModulusSize_ptr; + DxUint8_t __ModulusSize_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RSA_Get_ModSizeFromPubKeyParams_s; + + + +/************ CRYS_RSA_PRIM_DecryptExactSize ***************/ +#define SEPRPC_FUNC_ID_CRYS_RSA_PRIM_DecryptExactSize 20 +/* +CRYSError_t CRYS_RSA_PRIM_DecryptExactSize( + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAPrimeData_t *PrimeData_ptr, + DxUint8_t DataIn_ptr[], + DxUint8_t Output_ptr[], + DxUint16_t DataOutSize) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RSA_PRIM_DecryptExactSize 0 +#if SEPRPC_MEMREF_NUM_CRYS_RSA_PRIM_DecryptExactSize > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RSA_PRIM_DecryptExactSize is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RSA_PRIM_DecryptExactSizeParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + CRYS_RSAUserPrivKey_t __UserPrivKey_ptr; + DxUint8_t __UserPrivKey_ptr_null_flag; + DxUint32_t PrimeData_ptr_size; + DxUint8_t DataIn_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t DataIn_ptr_null_flag; + /*le16*/DxUint16_t DataOutSize; + /* Output */ + DxUint8_t Output_ptr[4*CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint8_t Output_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RSA_PRIM_DecryptExactSizeParams_s; + + + +/************ CRYS_RSA_InvModWord ***************/ +#define SEPRPC_FUNC_ID_CRYS_RSA_InvModWord 21 +/* +CRYSError_t CRYS_RSA_InvModWord( + DxUint32_t aVal, + DxUint32_t modVal, + DxUint32_t *invMod_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RSA_InvModWord 0 +#if SEPRPC_MEMREF_NUM_CRYS_RSA_InvModWord > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RSA_InvModWord is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RSA_InvModWordParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + /*le32*/DxUint32_t aVal; + /*le32*/DxUint32_t modVal; + /* Output */ + /*le32*/DxUint32_t __invMod_ptr; + DxUint8_t __invMod_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RSA_InvModWordParams_s; + + + +/************ CRYS_RSA_KG_GeneratePQprimes ***************/ +#define SEPRPC_FUNC_ID_CRYS_RSA_KG_GeneratePQprimes 22 +/* +CRYSError_t CRYS_RSA_KG_GeneratePQprimes( + DxUint8_t pubExp_ptr[], + DxUint16_t pubExpSizeInBytes, + DxUint32_t primeSizeInBits, + DxUint32_t testsCount, + DxUint32_t p_ptr[], + DxUint32_t q_ptr[], + CRYS_RSAKGData_t *keyGenData_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RSA_KG_GeneratePQprimes 0 +#if SEPRPC_MEMREF_NUM_CRYS_RSA_KG_GeneratePQprimes > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RSA_KG_GeneratePQprimes is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RSA_KG_GeneratePQprimesParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t pubExp_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4*2+1]; + DxUint8_t pubExp_ptr_null_flag; + /*le16*/DxUint16_t pubExpSizeInBytes; + /*le32*/DxUint32_t primeSizeInBits; + /*le32*/DxUint32_t testsCount; + CRYS_RSAKGData_t __keyGenData_ptr; + DxUint8_t __keyGenData_ptr_null_flag; + /* Output */ + /*le32*/DxUint32_t p_ptr[(CRYS_PKA_MAX_KEY_GENERATION_SIZE_BITS/32)/2]; + DxUint8_t p_ptr_null_flag; + /*le32*/DxUint32_t q_ptr[(CRYS_PKA_MAX_KEY_GENERATION_SIZE_BITS/32)/2]; + DxUint8_t q_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RSA_KG_GeneratePQprimesParams_s; + + + +/************ CRYS_RSA_KG_CalculateKeyPairFromPQ ***************/ +#define SEPRPC_FUNC_ID_CRYS_RSA_KG_CalculateKeyPairFromPQ 23 +/* +CRYSError_t CRYS_RSA_KG_CalculateKeyPairFromPQ( + DxUint8_t pubExp_ptr[], + DxUint16_t pubExpSizeInBytes, + DxUint32_t p_ptr[], + DxUint32_t q_ptr[], + DxUint16_t primeSizeInBits, + CRYS_RSA_DecryptionMode_t privKeyMode, + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAUserPubKey_t *userPubKey_ptr, + CRYS_RSAKGData_t *keyGenData_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_RSA_KG_CalculateKeyPairFromPQ 0 +#if SEPRPC_MEMREF_NUM_CRYS_RSA_KG_CalculateKeyPairFromPQ > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_RSA_KG_CalculateKeyPairFromPQ is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_RSA_KG_CalculateKeyPairFromPQParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t pubExp_ptr[ CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t pubExp_ptr_null_flag; + /*le16*/DxUint16_t pubExpSizeInBytes; + /*le32*/DxUint32_t p_ptr[(CRYS_PKA_MAX_KEY_GENERATION_SIZE_BITS/32)/2]; + DxUint8_t p_ptr_null_flag; + /*le32*/DxUint32_t q_ptr[(CRYS_PKA_MAX_KEY_GENERATION_SIZE_BITS/32)/2]; + DxUint8_t q_ptr_null_flag; + /*le16*/DxUint16_t primeSizeInBits; + /*le32*/CRYS_RSA_DecryptionMode_t privKeyMode; + CRYS_RSAKGData_t __keyGenData_ptr; + DxUint8_t __keyGenData_ptr_null_flag; + /* Output */ + CRYS_RSAUserPrivKey_t __UserPrivKey_ptr; + DxUint8_t __UserPrivKey_ptr_null_flag; + CRYS_RSAUserPubKey_t __userPubKey_ptr; + DxUint8_t __userPubKey_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_RSA_KG_CalculateKeyPairFromPQParams_s; + + + +/************ DX_RSA_KG_ExtendGenerateKeyPair ***************/ +#define SEPRPC_FUNC_ID_DX_RSA_KG_ExtendGenerateKeyPair 24 +/* +CRYSError_t DX_RSA_KG_ExtendGenerateKeyPair( + DxUint8_t pubExp_ptr[], + DxUint16_t pubExpSizeInBytes, + DxUint32_t keySizeBits, + CRYS_RSA_DecryptionMode_t privKeyMode, + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAUserPubKey_t *userPubKey_ptr, + CRYS_RSAKGData_t *keyGenData_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_DX_RSA_KG_ExtendGenerateKeyPair 0 +#if SEPRPC_MEMREF_NUM_DX_RSA_KG_ExtendGenerateKeyPair > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_DX_RSA_KG_ExtendGenerateKeyPair is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_DX_RSA_KG_ExtendGenerateKeyPairParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + DxUint8_t pubExp_ptr[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4]; + DxUint8_t pubExp_ptr_null_flag; + /*le16*/DxUint16_t pubExpSizeInBytes; + /*le32*/DxUint32_t keySizeBits; + /*le32*/CRYS_RSA_DecryptionMode_t privKeyMode; + CRYS_RSAKGData_t __keyGenData_ptr; + DxUint8_t __keyGenData_ptr_null_flag; + /* Output */ + CRYS_RSAUserPrivKey_t __UserPrivKey_ptr; + DxUint8_t __UserPrivKey_ptr_null_flag; + CRYS_RSAUserPubKey_t __userPubKey_ptr; + DxUint8_t __userPubKey_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_DX_RSA_KG_ExtendGenerateKeyPairParams_s; + + +#endif /*__CRYS_RSA_SEPRPC_H__*/ diff --git a/peripheral/keystore/chaabi/libcc54/generated/crys_rsa_seprpc_stub.c b/peripheral/keystore/chaabi/libcc54/generated/crys_rsa_seprpc_stub.c new file mode 100644 index 0000000..1f60762 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/generated/crys_rsa_seprpc_stub.c @@ -0,0 +1,2029 @@ +/* Generated file - DO NOT EDIT! */ +/* Generated by utils/src/sep_rpc_gen/sep_rpc_gen.py@2451 at 2012-09-20 11:56:54.317714 */ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file crys_rsa_seprpc_stub.c + * SeP-RPC host wrappers/stubs implementation for CrysRsa API */ + +#include <string.h> +#include "crys_host_rpc_config.h" +#include "crys_rsa_error.h" +#include "crys_rsa_prim.h" +#include "crys_rsa_schemes.h" +#include "crys_rsa_build.h" +#include "crys_rsa_kg.h" +#include "crys_rsa_extend.h" +#include "sep_rpc.h" +#include "driver_interface.h" +#include "crys_rsa_seprpc.h" + + +/************ CRYS_RSA_PRIM_Encrypt ***************/ +CRYSError_t CRYS_RSA_PRIM_Encrypt( + CRYS_RSAUserPubKey_t *UserPubKey_ptr, + CRYS_RSAPrimeData_t *PrimeData_ptr, + DxUint8_t Data_ptr[], + DxUint16_t DataSize, + DxUint8_t Output_ptr[]) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RSA_PRIM_EncryptParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + if (UserPubKey_ptr == NULL) { + params.__UserPubKey_ptr_null_flag = 1; + } else { + params.__UserPubKey_ptr.valid_tag = cpu_to_le32(UserPubKey_ptr->valid_tag); + for (i1 = 0; i1 < ((sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1)); i1++) { + params.__UserPubKey_ptr.PublicKeyDbBuff[i1] = cpu_to_le32(UserPubKey_ptr->PublicKeyDbBuff[i1]); + } + params.__UserPubKey_ptr_null_flag = 0; + } + + params.PrimeData_ptr_size = cpu_to_le32((sizeof(CRYS_RSAPrimeData_t))); + if (Data_ptr == NULL) { + params.Data_ptr_null_flag = 1; + } else { + /* Verify array size of Data_ptr */ + SEP_RPC_ASSERT((DataSize) <= (4*CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.Data_ptr, Data_ptr, sizeof(DxUint8_t) * (DataSize)); + params.Data_ptr_null_flag = 0; + } + + params.DataSize = cpu_to_le16(DataSize); + if (Output_ptr == NULL) { + params.Output_ptr_null_flag = 1; + } else if (UserPubKey_ptr != NULL) { + /* Verify array size of Output_ptr */ + SEP_RPC_ASSERT(((((CRYSRSAPubKey_t*)(UserPubKey_ptr->PublicKeyDbBuff))->nSizeInBits)/8) <= (4*CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + params.Output_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RSA_PRIM_Encrypt); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID_CRYS_RSA_PRIM_Encrypt, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RSA_PRIM_Encrypt failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (Output_ptr == NULL) { + params.Output_ptr_null_flag = 1; + } else if (UserPubKey_ptr != NULL) { + memcpy(Output_ptr, params.Output_ptr, sizeof(DxUint8_t) * ((((CRYSRSAPubKey_t*)(UserPubKey_ptr->PublicKeyDbBuff))->nSizeInBits)/8)); + params.Output_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RSA_PRIM_Encrypt */ + + + +/************ CRYS_RSA_PRIM_Decrypt ***************/ +CRYSError_t CRYS_RSA_PRIM_Decrypt( + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAPrimeData_t *PrimeData_ptr, + DxUint8_t Data_ptr[], + DxUint16_t DataSize, + DxUint8_t Output_ptr[]) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RSA_PRIM_DecryptParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + params.__UserPrivKey_ptr.valid_tag = cpu_to_le32(UserPrivKey_ptr->valid_tag); + for (i1 = 0; i1 < (sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1); i1++) { + params.__UserPrivKey_ptr.PrivateKeyDbBuff[i1] = cpu_to_le32(UserPrivKey_ptr->PrivateKeyDbBuff[i1]); + } + params.__UserPrivKey_ptr_null_flag = 0; + } + + params.PrimeData_ptr_size = cpu_to_le32((sizeof(CRYS_RSAPrimeData_t))); + if (Data_ptr == NULL) { + params.Data_ptr_null_flag = 1; + } else { + /* Verify array size of Data_ptr */ + SEP_RPC_ASSERT((DataSize) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.Data_ptr, Data_ptr, sizeof(DxUint8_t) * (DataSize)); + params.Data_ptr_null_flag = 0; + } + + params.DataSize = cpu_to_le16(DataSize); + if (Output_ptr == NULL) { + params.Output_ptr_null_flag = 1; + } else if (UserPrivKey_ptr != NULL) { + /* Verify array size of Output_ptr */ + SEP_RPC_ASSERT(((((CRYSRSAPrivKey_t*)(UserPrivKey_ptr->PrivateKeyDbBuff))->nSizeInBits)/8) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + params.Output_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RSA_PRIM_Decrypt); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID_CRYS_RSA_PRIM_Decrypt, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RSA_PRIM_Decrypt failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (Output_ptr == NULL) { + params.Output_ptr_null_flag = 1; + } else if (UserPrivKey_ptr != NULL) { + memcpy(Output_ptr, params.Output_ptr, sizeof(DxUint8_t) * ((((CRYSRSAPrivKey_t*)(UserPrivKey_ptr->PrivateKeyDbBuff))->nSizeInBits)/8)); + params.Output_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RSA_PRIM_Decrypt */ + + + +/************ _DX_RSA_SCHEMES_Encrypt ***************/ +CRYSError_t _DX_RSA_SCHEMES_Encrypt( + CRYS_RSAUserPubKey_t *UserPubKey_ptr, + CRYS_RSAPrimeData_t *PrimeData_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + DxUint8_t L[], + DxUint16_t Llen, + CRYS_PKCS1_MGF_t MGF, + DxUint8_t DataIn_ptr[], + DxUint16_t DataInSize, + DxUint8_t Output_ptr[], + CRYS_PKCS1_version PKCS1_ver) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc__DX_RSA_SCHEMES_EncryptParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + if (UserPubKey_ptr == NULL) { + params.__UserPubKey_ptr_null_flag = 1; + } else { + params.__UserPubKey_ptr.valid_tag = cpu_to_le32(UserPubKey_ptr->valid_tag); + for (i1 = 0; i1 < (sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1); i1++) { + params.__UserPubKey_ptr.PublicKeyDbBuff[i1] = cpu_to_le32(UserPubKey_ptr->PublicKeyDbBuff[i1]); + } + params.__UserPubKey_ptr_null_flag = 0; + } + + params.PrimeData_ptr_size = cpu_to_le32((sizeof(CRYS_RSAPrimeData_t))); + params.hashFunc = cpu_to_le32(hashFunc); + if (L == NULL) { + params.L_null_flag = 1; + } else { + /* Verify array size of L */ + SEP_RPC_ASSERT((Llen) <= (2048), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.L, L, sizeof(DxUint8_t) * (Llen)); + params.L_null_flag = 0; + } + + params.Llen = cpu_to_le16(Llen); + params.MGF = cpu_to_le32(MGF); + if (DataIn_ptr == NULL) { + params.DataIn_ptr_null_flag = 1; + } else { + /* Verify array size of DataIn_ptr */ + SEP_RPC_ASSERT((DataInSize) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.DataIn_ptr, DataIn_ptr, sizeof(DxUint8_t) * (DataInSize)); + params.DataIn_ptr_null_flag = 0; + } + + params.DataInSize = cpu_to_le16(DataInSize); + params.PKCS1_ver = cpu_to_le32(PKCS1_ver); + if (Output_ptr == NULL) { + params.Output_ptr_null_flag = 1; + } else if (UserPubKey_ptr != NULL) { + /* Verify array size of Output_ptr */ + SEP_RPC_ASSERT(((((CRYSRSAPubKey_t*)(UserPubKey_ptr->PublicKeyDbBuff))->nSizeInBits)/8) <= (4*CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + params.Output_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM__DX_RSA_SCHEMES_Encrypt); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID__DX_RSA_SCHEMES_Encrypt, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of _DX_RSA_SCHEMES_Encrypt failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (Output_ptr == NULL) { + params.Output_ptr_null_flag = 1; + } else if (UserPubKey_ptr != NULL) { + memcpy(Output_ptr, params.Output_ptr, sizeof(DxUint8_t) * ((((CRYSRSAPubKey_t*)(UserPubKey_ptr->PublicKeyDbBuff))->nSizeInBits)/8)); + params.Output_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* _DX_RSA_SCHEMES_Encrypt */ + + + +/************ _DX_RSA_SCHEMES_Decrypt ***************/ +CRYSError_t _DX_RSA_SCHEMES_Decrypt( + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAPrimeData_t *PrimeData_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + DxUint8_t L[], + DxUint16_t Llen, + CRYS_PKCS1_MGF_t MGF, + DxUint8_t DataIn_ptr[], + DxUint16_t DataInSize, + DxUint8_t Output_ptr[], + DxUint16_t *OutputSize_ptr, + CRYS_PKCS1_version PKCS1_ver) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc__DX_RSA_SCHEMES_DecryptParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + params.__UserPrivKey_ptr.valid_tag = cpu_to_le32(UserPrivKey_ptr->valid_tag); + for (i1 = 0; i1 < (sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1); i1++) { + params.__UserPrivKey_ptr.PrivateKeyDbBuff[i1] = cpu_to_le32(UserPrivKey_ptr->PrivateKeyDbBuff[i1]); + } + params.__UserPrivKey_ptr_null_flag = 0; + } + + params.PrimeData_ptr_size = cpu_to_le32((sizeof(CRYS_RSAPrimeData_t))); + params.hashFunc = cpu_to_le32(hashFunc); + if (L == NULL) { + params.L_null_flag = 1; + } else { + /* Verify array size of L */ + SEP_RPC_ASSERT((Llen) <= (2048), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.L, L, sizeof(DxUint8_t) * (Llen)); + params.L_null_flag = 0; + } + + params.Llen = cpu_to_le16(Llen); + params.MGF = cpu_to_le32(MGF); + if (DataIn_ptr == NULL) { + params.DataIn_ptr_null_flag = 1; + } else { + /* Verify array size of DataIn_ptr */ + SEP_RPC_ASSERT((DataInSize) <= (4*CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.DataIn_ptr, DataIn_ptr, sizeof(DxUint8_t) * (DataInSize)); + params.DataIn_ptr_null_flag = 0; + } + + params.DataInSize = cpu_to_le16(DataInSize); + params.PKCS1_ver = cpu_to_le32(PKCS1_ver); + if (OutputSize_ptr == NULL) { + params.__OutputSize_ptr_null_flag = 1; + } else { + params.__OutputSize_ptr = cpu_to_le16(*(OutputSize_ptr)); + params.__OutputSize_ptr_null_flag = 0; + } + + if (Output_ptr == NULL) { + params.Output_ptr_null_flag = 1; + } else if (OutputSize_ptr != NULL) { + /* Verify array size of Output_ptr */ + SEP_RPC_ASSERT((*OutputSize_ptr) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + params.Output_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM__DX_RSA_SCHEMES_Decrypt); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID__DX_RSA_SCHEMES_Decrypt, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of _DX_RSA_SCHEMES_Decrypt failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (OutputSize_ptr == NULL) { + params.__OutputSize_ptr_null_flag = 1; + } else { + *(OutputSize_ptr) = le16_to_cpu(params.__OutputSize_ptr); + params.__OutputSize_ptr_null_flag = 0; + } + + if (Output_ptr == NULL) { + params.Output_ptr_null_flag = 1; + } else if (OutputSize_ptr != NULL && (*OutputSize_ptr <= (sizeof(params.Output_ptr) / sizeof(params.Output_ptr[0])))) { + memcpy(Output_ptr, params.Output_ptr, sizeof(DxUint8_t) * (*OutputSize_ptr)); + params.Output_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* _DX_RSA_SCHEMES_Decrypt */ + + + +/************ _DX_RSA_SignInit ***************/ +CRYSError_t _DX_RSA_SignInit( + CRYS_RSAPrivUserContext_t *UserContext_ptr, + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + CRYS_PKCS1_MGF_t MGF, + DxUint16_t SaltLen, + CRYS_PKCS1_version PKCS1_ver) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc__DX_RSA_SignInitParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + params.__UserPrivKey_ptr.valid_tag = cpu_to_le32(UserPrivKey_ptr->valid_tag); + for (i1 = 0; i1 < (sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1); i1++) { + params.__UserPrivKey_ptr.PrivateKeyDbBuff[i1] = cpu_to_le32(UserPrivKey_ptr->PrivateKeyDbBuff[i1]); + } + params.__UserPrivKey_ptr_null_flag = 0; + } + + params.hashFunc = cpu_to_le32(hashFunc); + params.MGF = cpu_to_le32(MGF); + params.SaltLen = cpu_to_le16(SaltLen); + params.PKCS1_ver = cpu_to_le32(PKCS1_ver); + if (UserContext_ptr == NULL) { + params.__UserContext_ptr_null_flag = 1; + } else { + params.__UserContext_ptr.valid_tag = cpu_to_le32(UserContext_ptr->valid_tag); + params.__UserContext_ptr.AES_iv = cpu_to_le32(UserContext_ptr->AES_iv); + /* Verify array size of context_buff */ + SEP_RPC_ASSERT((sizeof(RSAPrivContext_t) + 1) <= (sizeof(RSAPrivContext_t)+ 1), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.__UserContext_ptr.context_buff, UserContext_ptr->context_buff, sizeof(DxUint8_t) * (sizeof(RSAPrivContext_t) + 1)); + params.__UserContext_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM__DX_RSA_SignInit); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID__DX_RSA_SignInit, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of _DX_RSA_SignInit failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (UserContext_ptr == NULL) { + params.__UserContext_ptr_null_flag = 1; + } else { + UserContext_ptr->valid_tag = le32_to_cpu(params.__UserContext_ptr.valid_tag); + UserContext_ptr->AES_iv = le32_to_cpu(params.__UserContext_ptr.AES_iv); + memcpy(UserContext_ptr->context_buff, params.__UserContext_ptr.context_buff, sizeof(DxUint8_t) * (sizeof(RSAPrivContext_t) + 1)); + params.__UserContext_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* _DX_RSA_SignInit */ + + + +/************ _DX_RSA_SignFinish ***************/ +CRYSError_t _DX_RSA_SignFinish( + CRYS_RSAPrivUserContext_t *UserContext_ptr, + DxUint8_t Output_ptr[], + DxUint16_t *OutputSize_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc__DX_RSA_SignFinishParams params; + + /* Verify input parameters and copy into params. struct. */ + if (UserContext_ptr == NULL) { + params.__UserContext_ptr_null_flag = 1; + } else { + params.__UserContext_ptr.valid_tag = cpu_to_le32(UserContext_ptr->valid_tag); + params.__UserContext_ptr.AES_iv = cpu_to_le32(UserContext_ptr->AES_iv); + memcpy(params.__UserContext_ptr.context_buff, UserContext_ptr->context_buff, sizeof(DxUint8_t) * (sizeof(RSAPrivContext_t) + 1)); + params.__UserContext_ptr_null_flag = 0; + } + + if (OutputSize_ptr == NULL) { + params.__OutputSize_ptr_null_flag = 1; + } else { + params.__OutputSize_ptr = cpu_to_le16(*(OutputSize_ptr)); + params.__OutputSize_ptr_null_flag = 0; + } + + if (Output_ptr == NULL) { + params.Output_ptr_null_flag = 1; + } else if (OutputSize_ptr != NULL) { + /* Verify array size of Output_ptr */ + SEP_RPC_ASSERT((*OutputSize_ptr) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + params.Output_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM__DX_RSA_SignFinish); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID__DX_RSA_SignFinish, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of _DX_RSA_SignFinish failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (UserContext_ptr == NULL) { + params.__UserContext_ptr_null_flag = 1; + } else { + UserContext_ptr->valid_tag = le32_to_cpu(params.__UserContext_ptr.valid_tag); + UserContext_ptr->AES_iv = le32_to_cpu(params.__UserContext_ptr.AES_iv); + memcpy(UserContext_ptr->context_buff, params.__UserContext_ptr.context_buff, sizeof(DxUint8_t) * (sizeof(RSAPrivContext_t) + 1)); + params.__UserContext_ptr_null_flag = 0; + } + + if (OutputSize_ptr == NULL) { + params.__OutputSize_ptr_null_flag = 1; + } else { + *(OutputSize_ptr) = le16_to_cpu(params.__OutputSize_ptr); + params.__OutputSize_ptr_null_flag = 0; + } + + if (Output_ptr == NULL) { + params.Output_ptr_null_flag = 1; + } else if (OutputSize_ptr != NULL && (*OutputSize_ptr <= (sizeof(params.Output_ptr) / sizeof(params.Output_ptr[0])))) { + memcpy(Output_ptr, params.Output_ptr, sizeof(DxUint8_t) * (*OutputSize_ptr)); + params.Output_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* _DX_RSA_SignFinish */ + + + +/************ _DX_RSA_SignUpdate ***************/ +CRYSError_t _DX_RSA_SignUpdate( + CRYS_RSAPrivUserContext_t *UserContext_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct dxdi_memref memRefs[SEPRPC_MEMREF_NUM__DX_RSA_SignUpdate]; + struct SepRpc__DX_RSA_SignUpdateParams params; + + /* Verify input parameters and copy into params. struct. */ + params.DataInSize = cpu_to_le32(DataInSize); + if (UserContext_ptr == NULL) { + params.__UserContext_ptr_null_flag = 1; + } else { + params.__UserContext_ptr.valid_tag = cpu_to_le32(UserContext_ptr->valid_tag); + params.__UserContext_ptr.AES_iv = cpu_to_le32(UserContext_ptr->AES_iv); + memcpy(params.__UserContext_ptr.context_buff, UserContext_ptr->context_buff, sizeof(DxUint8_t) * (sizeof(RSAPrivContext_t)+ 1)); + params.__UserContext_ptr_null_flag = 0; + } + + + /* User DMA buffers (memory references) */ + /* DataIn_ptr */ + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].start_or_offset = (unsigned long)DataIn_ptr; + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].size = DataInSize; + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].dma_direction = DXDI_DATA_TO_DEVICE; + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].ref_id = DXDI_MEMREF_ID_NULL; + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM__DX_RSA_SignUpdate); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID__DX_RSA_SignUpdate, + memRefs, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of _DX_RSA_SignUpdate failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (UserContext_ptr == NULL) { + params.__UserContext_ptr_null_flag = 1; + } else { + UserContext_ptr->valid_tag = le32_to_cpu(params.__UserContext_ptr.valid_tag); + UserContext_ptr->AES_iv = le32_to_cpu(params.__UserContext_ptr.AES_iv); + memcpy(UserContext_ptr->context_buff, params.__UserContext_ptr.context_buff, sizeof(DxUint8_t) * (sizeof(RSAPrivContext_t)+ 1)); + params.__UserContext_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* _DX_RSA_SignUpdate */ + + + +/************ _DX_RSA_Sign ***************/ +CRYSError_t _DX_RSA_Sign( + CRYS_RSAPrivUserContext_t *UserContext_ptr, + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + CRYS_PKCS1_MGF_t MGF, + DxUint16_t SaltLen, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t Output_ptr[], + DxUint16_t *OutputSize_ptr, + CRYS_PKCS1_version PKCS1_ver) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct dxdi_memref memRefs[SEPRPC_MEMREF_NUM__DX_RSA_Sign]; + struct SepRpc__DX_RSA_SignParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + params.UserContext_ptr_size = cpu_to_le32((sizeof(CRYS_RSAPrivUserContext_t))); + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + params.__UserPrivKey_ptr.valid_tag = cpu_to_le32(UserPrivKey_ptr->valid_tag); + for (i1 = 0; i1 < (sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1); i1++) { + params.__UserPrivKey_ptr.PrivateKeyDbBuff[i1] = cpu_to_le32(UserPrivKey_ptr->PrivateKeyDbBuff[i1]); + } + params.__UserPrivKey_ptr_null_flag = 0; + } + + params.hashFunc = cpu_to_le32(hashFunc); + params.MGF = cpu_to_le32(MGF); + params.SaltLen = cpu_to_le16(SaltLen); + params.DataInSize = cpu_to_le32(DataInSize); + params.PKCS1_ver = cpu_to_le32(PKCS1_ver); + if (OutputSize_ptr == NULL) { + params.__OutputSize_ptr_null_flag = 1; + } else { + params.__OutputSize_ptr = cpu_to_le16(*(OutputSize_ptr)); + params.__OutputSize_ptr_null_flag = 0; + } + + if (Output_ptr == NULL) { + params.Output_ptr_null_flag = 1; + } else if (OutputSize_ptr != NULL) { + /* Verify array size of Output_ptr */ + SEP_RPC_ASSERT((*OutputSize_ptr) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + params.Output_ptr_null_flag = 0; + } + + + /* User DMA buffers (memory references) */ + /* DataIn_ptr */ + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].start_or_offset = (unsigned long)DataIn_ptr; + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].size = DataInSize; + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].dma_direction = DXDI_DATA_TO_DEVICE; + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].ref_id = DXDI_MEMREF_ID_NULL; + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM__DX_RSA_Sign); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID__DX_RSA_Sign, + memRefs, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of _DX_RSA_Sign failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (OutputSize_ptr == NULL) { + params.__OutputSize_ptr_null_flag = 1; + } else { + *(OutputSize_ptr) = le16_to_cpu(params.__OutputSize_ptr); + params.__OutputSize_ptr_null_flag = 0; + } + + if (Output_ptr == NULL) { + params.Output_ptr_null_flag = 1; + } else if (OutputSize_ptr != NULL && (*OutputSize_ptr <= (sizeof(params.Output_ptr) / sizeof(params.Output_ptr[0])))) { + memcpy(Output_ptr, params.Output_ptr, sizeof(DxUint8_t) * (*OutputSize_ptr)); + params.Output_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* _DX_RSA_Sign */ + + + +/************ _DX_RSA_VerifyInit ***************/ +CRYSError_t _DX_RSA_VerifyInit( + CRYS_RSAPubUserContext_t *UserContext_ptr, + CRYS_RSAUserPubKey_t *UserPubKey_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + CRYS_PKCS1_MGF_t MGF, + DxUint16_t SaltLen, + CRYS_PKCS1_version PKCS1_ver) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc__DX_RSA_VerifyInitParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + if (UserPubKey_ptr == NULL) { + params.__UserPubKey_ptr_null_flag = 1; + } else { + params.__UserPubKey_ptr.valid_tag = cpu_to_le32(UserPubKey_ptr->valid_tag); + for (i1 = 0; i1 < (sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1); i1++) { + params.__UserPubKey_ptr.PublicKeyDbBuff[i1] = cpu_to_le32(UserPubKey_ptr->PublicKeyDbBuff[i1]); + } + params.__UserPubKey_ptr_null_flag = 0; + } + + params.hashFunc = cpu_to_le32(hashFunc); + params.MGF = cpu_to_le32(MGF); + params.SaltLen = cpu_to_le16(SaltLen); + params.PKCS1_ver = cpu_to_le32(PKCS1_ver); + if (UserContext_ptr == NULL) { + params.__UserContext_ptr_null_flag = 1; + } else { + params.__UserContext_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM__DX_RSA_VerifyInit); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID__DX_RSA_VerifyInit, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of _DX_RSA_VerifyInit failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (UserContext_ptr == NULL) { + params.__UserContext_ptr_null_flag = 1; + } else { + UserContext_ptr->valid_tag = le32_to_cpu(params.__UserContext_ptr.valid_tag); + UserContext_ptr->AES_iv = le32_to_cpu(params.__UserContext_ptr.AES_iv); + for (i1 = 0; i1 < (sizeof(RSAPubContext_t)/sizeof(DxUint32_t) + 1); i1++) { + UserContext_ptr->context_buff[i1] = le32_to_cpu(params.__UserContext_ptr.context_buff[i1]); + } + params.__UserContext_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* _DX_RSA_VerifyInit */ + + + +/************ _DX_RSA_VerifyUpdate ***************/ +CRYSError_t _DX_RSA_VerifyUpdate( + CRYS_RSAPubUserContext_t *UserContext_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct dxdi_memref memRefs[SEPRPC_MEMREF_NUM__DX_RSA_VerifyUpdate]; + struct SepRpc__DX_RSA_VerifyUpdateParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + params.DataInSize = cpu_to_le32(DataInSize); + if (UserContext_ptr == NULL) { + params.__UserContext_ptr_null_flag = 1; + } else { + params.__UserContext_ptr.valid_tag = cpu_to_le32(UserContext_ptr->valid_tag); + params.__UserContext_ptr.AES_iv = cpu_to_le32(UserContext_ptr->AES_iv); + for (i1 = 0; i1 < (sizeof(RSAPubContext_t)/sizeof(DxUint32_t) + 1); i1++) { + params.__UserContext_ptr.context_buff[i1] = cpu_to_le32(UserContext_ptr->context_buff[i1]); + } + params.__UserContext_ptr_null_flag = 0; + } + + + /* User DMA buffers (memory references) */ + /* DataIn_ptr */ + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].start_or_offset = (unsigned long)DataIn_ptr; + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].size = DataInSize; + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].dma_direction = DXDI_DATA_TO_DEVICE; + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].ref_id = DXDI_MEMREF_ID_NULL; + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM__DX_RSA_VerifyUpdate); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID__DX_RSA_VerifyUpdate, + memRefs, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of _DX_RSA_VerifyUpdate failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (UserContext_ptr == NULL) { + params.__UserContext_ptr_null_flag = 1; + } else { + UserContext_ptr->valid_tag = le32_to_cpu(params.__UserContext_ptr.valid_tag); + UserContext_ptr->AES_iv = le32_to_cpu(params.__UserContext_ptr.AES_iv); + for (i1 = 0; i1 < (sizeof(RSAPubContext_t)/sizeof(DxUint32_t) + 1); i1++) { + UserContext_ptr->context_buff[i1] = le32_to_cpu(params.__UserContext_ptr.context_buff[i1]); + } + params.__UserContext_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* _DX_RSA_VerifyUpdate */ + + + +/************ _DX_RSA_VerifyFinish ***************/ +CRYSError_t _DX_RSA_VerifyFinish( + CRYS_RSAPubUserContext_t *UserContext_ptr, + DxUint8_t Sig_ptr[]) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc__DX_RSA_VerifyFinishParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + if (Sig_ptr == NULL) { + params.Sig_ptr_null_flag = 1; + } else { + /* Verify array size of Sig_ptr */ + SEP_RPC_ASSERT((((RSAPubContext_t*)UserContext_ptr->context_buff)->nSizeInBytes) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.Sig_ptr, Sig_ptr, sizeof(DxUint8_t) * (((RSAPubContext_t*)UserContext_ptr->context_buff)->nSizeInBytes)); + params.Sig_ptr_null_flag = 0; + } + + if (UserContext_ptr == NULL) { + params.__UserContext_ptr_null_flag = 1; + } else { + params.__UserContext_ptr.valid_tag = cpu_to_le32(UserContext_ptr->valid_tag); + params.__UserContext_ptr.AES_iv = cpu_to_le32(UserContext_ptr->AES_iv); + for (i1 = 0; i1 < (sizeof(RSAPubContext_t)/sizeof(DxUint32_t) + 1); i1++) { + params.__UserContext_ptr.context_buff[i1] = cpu_to_le32(UserContext_ptr->context_buff[i1]); + } + params.__UserContext_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM__DX_RSA_VerifyFinish); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID__DX_RSA_VerifyFinish, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of _DX_RSA_VerifyFinish failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (UserContext_ptr == NULL) { + params.__UserContext_ptr_null_flag = 1; + } else { + UserContext_ptr->valid_tag = le32_to_cpu(params.__UserContext_ptr.valid_tag); + UserContext_ptr->AES_iv = le32_to_cpu(params.__UserContext_ptr.AES_iv); + for (i1 = 0; i1 < (sizeof(RSAPubContext_t)/sizeof(DxUint32_t) + 1); i1++) { + UserContext_ptr->context_buff[i1] = le32_to_cpu(params.__UserContext_ptr.context_buff[i1]); + } + params.__UserContext_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* _DX_RSA_VerifyFinish */ + + + +/************ _DX_RSA_Verify ***************/ +CRYSError_t _DX_RSA_Verify( + CRYS_RSAPubUserContext_t *UserContext_ptr, + CRYS_RSAUserPubKey_t *UserPubKey_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + CRYS_PKCS1_MGF_t MGF, + DxUint16_t SaltLen, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t Sig_ptr[], + CRYS_PKCS1_version PKCS1_ver) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct dxdi_memref memRefs[SEPRPC_MEMREF_NUM__DX_RSA_Verify]; + struct SepRpc__DX_RSA_VerifyParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + params.UserContext_ptr_size = cpu_to_le32((sizeof(CRYS_RSAPubUserContext_t))); + if (UserPubKey_ptr == NULL) { + params.__UserPubKey_ptr_null_flag = 1; + } else { + params.__UserPubKey_ptr.valid_tag = cpu_to_le32(UserPubKey_ptr->valid_tag); + for (i1 = 0; i1 < ((sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1)); i1++) { + params.__UserPubKey_ptr.PublicKeyDbBuff[i1] = cpu_to_le32(UserPubKey_ptr->PublicKeyDbBuff[i1]); + } + params.__UserPubKey_ptr_null_flag = 0; + } + + params.hashFunc = cpu_to_le32(hashFunc); + params.MGF = cpu_to_le32(MGF); + params.SaltLen = cpu_to_le16(SaltLen); + params.DataInSize = cpu_to_le32(DataInSize); + if (Sig_ptr == NULL) { + params.Sig_ptr_null_flag = 1; + } else if (UserPubKey_ptr != NULL) { + /* Verify array size of Sig_ptr */ + SEP_RPC_ASSERT(((((CRYSRSAPubKey_t*)UserPubKey_ptr->PublicKeyDbBuff)->nSizeInBits+7)/8) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.Sig_ptr, Sig_ptr, sizeof(DxUint8_t) * ((((CRYSRSAPubKey_t*)UserPubKey_ptr->PublicKeyDbBuff)->nSizeInBits+7)/8)); + params.Sig_ptr_null_flag = 0; + } + + params.PKCS1_ver = cpu_to_le32(PKCS1_ver); + + /* User DMA buffers (memory references) */ + /* DataIn_ptr */ + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].start_or_offset = (unsigned long)DataIn_ptr; + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].size = DataInSize; + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].dma_direction = DXDI_DATA_TO_DEVICE; + memRefs[SEPRPC_MEMREF_IDX_DataIn_ptr].ref_id = DXDI_MEMREF_ID_NULL; + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM__DX_RSA_Verify); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID__DX_RSA_Verify, + memRefs, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of _DX_RSA_Verify failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + return le32_to_cpu(params._funcRetCode); +} /* _DX_RSA_Verify */ + + + +/************ CRYS_RSA_Build_PubKey ***************/ +CRYSError_t CRYS_RSA_Build_PubKey( + CRYS_RSAUserPubKey_t *UserPubKey_ptr, + DxUint8_t Exponent_ptr[], + DxUint16_t ExponentSize, + DxUint8_t Modulus_ptr[], + DxUint16_t ModulusSize) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RSA_Build_PubKeyParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + if (Exponent_ptr == NULL) { + params.Exponent_ptr_null_flag = 1; + } else { + /* Verify array size of Exponent_ptr */ + SEP_RPC_ASSERT((ExponentSize) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.Exponent_ptr, Exponent_ptr, sizeof(DxUint8_t) * (ExponentSize)); + params.Exponent_ptr_null_flag = 0; + } + + params.ExponentSize = cpu_to_le16(ExponentSize); + if (Modulus_ptr == NULL) { + params.Modulus_ptr_null_flag = 1; + } else { + /* Verify array size of Modulus_ptr */ + SEP_RPC_ASSERT((ModulusSize) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.Modulus_ptr, Modulus_ptr, sizeof(DxUint8_t) * (ModulusSize)); + params.Modulus_ptr_null_flag = 0; + } + + params.ModulusSize = cpu_to_le16(ModulusSize); + if (UserPubKey_ptr == NULL) { + params.__UserPubKey_ptr_null_flag = 1; + } else { + params.__UserPubKey_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RSA_Build_PubKey); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID_CRYS_RSA_Build_PubKey, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RSA_Build_PubKey failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (UserPubKey_ptr == NULL) { + params.__UserPubKey_ptr_null_flag = 1; + } else { + UserPubKey_ptr->valid_tag = le32_to_cpu(params.__UserPubKey_ptr.valid_tag); + for (i1 = 0; i1 < ((sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1)); i1++) { + UserPubKey_ptr->PublicKeyDbBuff[i1] = le32_to_cpu(params.__UserPubKey_ptr.PublicKeyDbBuff[i1]); + } + params.__UserPubKey_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RSA_Build_PubKey */ + + + +/************ CRYS_RSA_Build_PrivKey ***************/ +CRYSError_t CRYS_RSA_Build_PrivKey( + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + DxUint8_t PrivExponent_ptr[], + DxUint16_t PrivExponentSize, + DxUint8_t PubExponent_ptr[], + DxUint16_t PubExponentSize, + DxUint8_t Modulus_ptr[], + DxUint16_t ModulusSize) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RSA_Build_PrivKeyParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + if (PrivExponent_ptr == NULL) { + params.PrivExponent_ptr_null_flag = 1; + } else { + /* Verify array size of PrivExponent_ptr */ + SEP_RPC_ASSERT((PrivExponentSize) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.PrivExponent_ptr, PrivExponent_ptr, sizeof(DxUint8_t) * (PrivExponentSize)); + params.PrivExponent_ptr_null_flag = 0; + } + + params.PrivExponentSize = cpu_to_le16(PrivExponentSize); + if (PubExponent_ptr == NULL) { + params.PubExponent_ptr_null_flag = 1; + } else { + /* Verify array size of PubExponent_ptr */ + SEP_RPC_ASSERT((PubExponentSize) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.PubExponent_ptr, PubExponent_ptr, sizeof(DxUint8_t) * (PubExponentSize)); + params.PubExponent_ptr_null_flag = 0; + } + + params.PubExponentSize = cpu_to_le16(PubExponentSize); + if (Modulus_ptr == NULL) { + params.Modulus_ptr_null_flag = 1; + } else { + /* Verify array size of Modulus_ptr */ + SEP_RPC_ASSERT((ModulusSize) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.Modulus_ptr, Modulus_ptr, sizeof(DxUint8_t) * (ModulusSize)); + params.Modulus_ptr_null_flag = 0; + } + + params.ModulusSize = cpu_to_le16(ModulusSize); + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + params.__UserPrivKey_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RSA_Build_PrivKey); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID_CRYS_RSA_Build_PrivKey, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RSA_Build_PrivKey failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + UserPrivKey_ptr->valid_tag = le32_to_cpu(params.__UserPrivKey_ptr.valid_tag); + for (i1 = 0; i1 < ((sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1)); i1++) { + UserPrivKey_ptr->PrivateKeyDbBuff[i1] = le32_to_cpu(params.__UserPrivKey_ptr.PrivateKeyDbBuff[i1]); + } + params.__UserPrivKey_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RSA_Build_PrivKey */ + + + +/************ CRYS_RSA_Build_PrivKeyCRT ***************/ +CRYSError_t CRYS_RSA_Build_PrivKeyCRT( + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + DxUint8_t P_ptr[], + DxUint16_t PSize, + DxUint8_t Q_ptr[], + DxUint16_t QSize, + DxUint8_t dP_ptr[], + DxUint16_t dPSize, + DxUint8_t dQ_ptr[], + DxUint16_t dQSize, + DxUint8_t qInv_ptr[], + DxUint16_t qInvSize) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RSA_Build_PrivKeyCRTParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + if (P_ptr == NULL) { + params.P_ptr_null_flag = 1; + } else { + /* Verify array size of P_ptr */ + SEP_RPC_ASSERT((PSize) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.P_ptr, P_ptr, sizeof(DxUint8_t) * (PSize)); + params.P_ptr_null_flag = 0; + } + + params.PSize = cpu_to_le16(PSize); + if (Q_ptr == NULL) { + params.Q_ptr_null_flag = 1; + } else { + /* Verify array size of Q_ptr */ + SEP_RPC_ASSERT((PSize) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.Q_ptr, Q_ptr, sizeof(DxUint8_t) * (PSize)); + params.Q_ptr_null_flag = 0; + } + + params.QSize = cpu_to_le16(QSize); + if (dP_ptr == NULL) { + params.dP_ptr_null_flag = 1; + } else { + /* Verify array size of dP_ptr */ + SEP_RPC_ASSERT((PSize) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.dP_ptr, dP_ptr, sizeof(DxUint8_t) * (PSize)); + params.dP_ptr_null_flag = 0; + } + + params.dPSize = cpu_to_le16(dPSize); + if (dQ_ptr == NULL) { + params.dQ_ptr_null_flag = 1; + } else { + /* Verify array size of dQ_ptr */ + SEP_RPC_ASSERT((PSize) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.dQ_ptr, dQ_ptr, sizeof(DxUint8_t) * (PSize)); + params.dQ_ptr_null_flag = 0; + } + + params.dQSize = cpu_to_le16(dQSize); + if (qInv_ptr == NULL) { + params.qInv_ptr_null_flag = 1; + } else { + /* Verify array size of qInv_ptr */ + SEP_RPC_ASSERT((PSize) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.qInv_ptr, qInv_ptr, sizeof(DxUint8_t) * (PSize)); + params.qInv_ptr_null_flag = 0; + } + + params.qInvSize = cpu_to_le16(qInvSize); + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + params.__UserPrivKey_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RSA_Build_PrivKeyCRT); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID_CRYS_RSA_Build_PrivKeyCRT, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RSA_Build_PrivKeyCRT failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + UserPrivKey_ptr->valid_tag = le32_to_cpu(params.__UserPrivKey_ptr.valid_tag); + for (i1 = 0; i1 < ((sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1)); i1++) { + UserPrivKey_ptr->PrivateKeyDbBuff[i1] = le32_to_cpu(params.__UserPrivKey_ptr.PrivateKeyDbBuff[i1]); + } + params.__UserPrivKey_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RSA_Build_PrivKeyCRT */ + + + +/************ CRYS_RSA_KG_GenerateKeyPair ***************/ +CRYSError_t CRYS_RSA_KG_GenerateKeyPair( + DxUint8_t pubExp_ptr[], + DxUint16_t pubExpSizeInBytes, + DxUint32_t keySize, + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAUserPubKey_t *userPubKey_ptr, + CRYS_RSAKGData_t *keyGenData_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RSA_KG_GenerateKeyPairParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + if (pubExp_ptr == NULL) { + params.pubExp_ptr_null_flag = 1; + } else { + /* Verify array size of pubExp_ptr */ + SEP_RPC_ASSERT((pubExpSizeInBytes) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.pubExp_ptr, pubExp_ptr, sizeof(DxUint8_t) * (pubExpSizeInBytes)); + params.pubExp_ptr_null_flag = 0; + } + + params.pubExpSizeInBytes = cpu_to_le16(pubExpSizeInBytes); + params.keySize = cpu_to_le32(keySize); + params.keyGenData_ptr_size = cpu_to_le32((sizeof(CRYS_RSAKGData_t))); + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + params.__UserPrivKey_ptr_null_flag = 0; + } + + if (userPubKey_ptr == NULL) { + params.__userPubKey_ptr_null_flag = 1; + } else { + params.__userPubKey_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RSA_KG_GenerateKeyPair); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID_CRYS_RSA_KG_GenerateKeyPair, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RSA_KG_GenerateKeyPair failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + UserPrivKey_ptr->valid_tag = le32_to_cpu(params.__UserPrivKey_ptr.valid_tag); + for (i1 = 0; i1 < ((sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1)); i1++) { + UserPrivKey_ptr->PrivateKeyDbBuff[i1] = le32_to_cpu(params.__UserPrivKey_ptr.PrivateKeyDbBuff[i1]); + } + params.__UserPrivKey_ptr_null_flag = 0; + } + + if (userPubKey_ptr == NULL) { + params.__userPubKey_ptr_null_flag = 1; + } else { + userPubKey_ptr->valid_tag = le32_to_cpu(params.__userPubKey_ptr.valid_tag); + for (i1 = 0; i1 < ((sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1)); i1++) { + userPubKey_ptr->PublicKeyDbBuff[i1] = le32_to_cpu(params.__userPubKey_ptr.PublicKeyDbBuff[i1]); + } + params.__userPubKey_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RSA_KG_GenerateKeyPair */ + + + +/************ CRYS_RSA_KG_GenerateKeyPairCRT ***************/ +CRYSError_t CRYS_RSA_KG_GenerateKeyPairCRT( + DxUint8_t pubExp_ptr[], + DxUint16_t pubExpSizeInBytes, + DxUint32_t keySize, + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAUserPubKey_t *userPubKey_ptr, + CRYS_RSAKGData_t *keyGenData_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RSA_KG_GenerateKeyPairCRTParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + if (pubExp_ptr == NULL) { + params.pubExp_ptr_null_flag = 1; + } else { + /* Verify array size of pubExp_ptr */ + SEP_RPC_ASSERT((pubExpSizeInBytes) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4*2+1), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.pubExp_ptr, pubExp_ptr, sizeof(DxUint8_t) * (pubExpSizeInBytes)); + params.pubExp_ptr_null_flag = 0; + } + + params.pubExpSizeInBytes = cpu_to_le16(pubExpSizeInBytes); + params.keySize = cpu_to_le32(keySize); + params.keyGenData_ptr_size = cpu_to_le32((sizeof(CRYS_RSAKGData_t))); + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + params.__UserPrivKey_ptr_null_flag = 0; + } + + if (userPubKey_ptr == NULL) { + params.__userPubKey_ptr_null_flag = 1; + } else { + params.__userPubKey_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RSA_KG_GenerateKeyPairCRT); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID_CRYS_RSA_KG_GenerateKeyPairCRT, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RSA_KG_GenerateKeyPairCRT failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + UserPrivKey_ptr->valid_tag = le32_to_cpu(params.__UserPrivKey_ptr.valid_tag); + for (i1 = 0; i1 < (sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1); i1++) { + UserPrivKey_ptr->PrivateKeyDbBuff[i1] = le32_to_cpu(params.__UserPrivKey_ptr.PrivateKeyDbBuff[i1]); + } + params.__UserPrivKey_ptr_null_flag = 0; + } + + if (userPubKey_ptr == NULL) { + params.__userPubKey_ptr_null_flag = 1; + } else { + userPubKey_ptr->valid_tag = le32_to_cpu(params.__userPubKey_ptr.valid_tag); + for (i1 = 0; i1 < (sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1); i1++) { + userPubKey_ptr->PublicKeyDbBuff[i1] = le32_to_cpu(params.__userPubKey_ptr.PublicKeyDbBuff[i1]); + } + params.__userPubKey_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RSA_KG_GenerateKeyPairCRT */ + + + +/************ CRYS_RSA_Get_PubKey ***************/ +CRYSError_t CRYS_RSA_Get_PubKey( + CRYS_RSAUserPubKey_t *UserPubKey_ptr, + DxUint8_t Exponent_ptr[], + DxUint16_t *ExponentSize_ptr, + DxUint8_t Modulus_ptr[], + DxUint16_t *ModulusSize_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RSA_Get_PubKeyParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + if (UserPubKey_ptr == NULL) { + params.__UserPubKey_ptr_null_flag = 1; + } else { + params.__UserPubKey_ptr.valid_tag = cpu_to_le32(UserPubKey_ptr->valid_tag); + for (i1 = 0; i1 < ((sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1)); i1++) { + params.__UserPubKey_ptr.PublicKeyDbBuff[i1] = cpu_to_le32(UserPubKey_ptr->PublicKeyDbBuff[i1]); + } + params.__UserPubKey_ptr_null_flag = 0; + } + + if (ExponentSize_ptr == NULL) { + params.__ExponentSize_ptr_null_flag = 1; + } else { + params.__ExponentSize_ptr = cpu_to_le16(*(ExponentSize_ptr)); + params.__ExponentSize_ptr_null_flag = 0; + } + + if (ModulusSize_ptr == NULL) { + params.__ModulusSize_ptr_null_flag = 1; + } else { + params.__ModulusSize_ptr = cpu_to_le16(*(ModulusSize_ptr)); + params.__ModulusSize_ptr_null_flag = 0; + } + + if (Exponent_ptr == NULL) { + params.Exponent_ptr_null_flag = 1; + } else if (ExponentSize_ptr != NULL) { + /* Verify array size of Exponent_ptr */ + SEP_RPC_ASSERT((*ExponentSize_ptr) <= ( CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4-1), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + params.Exponent_ptr_null_flag = 0; + } + + if (Modulus_ptr == NULL) { + params.Modulus_ptr_null_flag = 1; + } else if (ModulusSize_ptr != NULL) { + /* Verify array size of Modulus_ptr */ + SEP_RPC_ASSERT((*ModulusSize_ptr) <= ( CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4-1), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + params.Modulus_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RSA_Get_PubKey); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID_CRYS_RSA_Get_PubKey, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RSA_Get_PubKey failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (ExponentSize_ptr == NULL) { + params.__ExponentSize_ptr_null_flag = 1; + } else { + *(ExponentSize_ptr) = le16_to_cpu(params.__ExponentSize_ptr); + params.__ExponentSize_ptr_null_flag = 0; + } + + if (ModulusSize_ptr == NULL) { + params.__ModulusSize_ptr_null_flag = 1; + } else { + *(ModulusSize_ptr) = le16_to_cpu(params.__ModulusSize_ptr); + params.__ModulusSize_ptr_null_flag = 0; + } + + if (Exponent_ptr == NULL) { + params.Exponent_ptr_null_flag = 1; + } else if (ExponentSize_ptr != NULL && (*ExponentSize_ptr <= (sizeof(params.Exponent_ptr) / sizeof(params.Exponent_ptr[0])))) { + memcpy(Exponent_ptr, params.Exponent_ptr, sizeof(DxUint8_t) * (*ExponentSize_ptr)); + params.Exponent_ptr_null_flag = 0; + } + + if (Modulus_ptr == NULL) { + params.Modulus_ptr_null_flag = 1; + } else if (ModulusSize_ptr != NULL && (*ModulusSize_ptr <= (sizeof(params.Modulus_ptr) / sizeof(params.Modulus_ptr[0])))) { + memcpy(Modulus_ptr, params.Modulus_ptr, sizeof(DxUint8_t) * (*ModulusSize_ptr)); + params.Modulus_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RSA_Get_PubKey */ + + + +/************ CRYS_RSA_Get_ModSizeFromPubKey ***************/ +CRYSError_t CRYS_RSA_Get_ModSizeFromPubKey( + CRYS_RSAUserPubKey_t *userPubKey_ptr, + DxUint16_t *ModulusSize_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RSA_Get_ModSizeFromPubKeyParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + if (userPubKey_ptr == NULL) { + params.__userPubKey_ptr_null_flag = 1; + } else { + params.__userPubKey_ptr.valid_tag = cpu_to_le32(userPubKey_ptr->valid_tag); + for (i1 = 0; i1 < ((sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1)); i1++) { + params.__userPubKey_ptr.PublicKeyDbBuff[i1] = cpu_to_le32(userPubKey_ptr->PublicKeyDbBuff[i1]); + } + params.__userPubKey_ptr_null_flag = 0; + } + + if (ModulusSize_ptr == NULL) { + params.__ModulusSize_ptr_null_flag = 1; + } else { + params.__ModulusSize_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RSA_Get_ModSizeFromPubKey); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID_CRYS_RSA_Get_ModSizeFromPubKey, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RSA_Get_ModSizeFromPubKey failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (ModulusSize_ptr == NULL) { + params.__ModulusSize_ptr_null_flag = 1; + } else { + *(ModulusSize_ptr) = le16_to_cpu(params.__ModulusSize_ptr); + params.__ModulusSize_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RSA_Get_ModSizeFromPubKey */ + + + +/************ CRYS_RSA_PRIM_DecryptExactSize ***************/ +CRYSError_t CRYS_RSA_PRIM_DecryptExactSize( + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAPrimeData_t *PrimeData_ptr, + DxUint8_t DataIn_ptr[], + DxUint8_t Output_ptr[], + DxUint16_t DataOutSize) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RSA_PRIM_DecryptExactSizeParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + params.__UserPrivKey_ptr.valid_tag = cpu_to_le32(UserPrivKey_ptr->valid_tag); + for (i1 = 0; i1 < (sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1); i1++) { + params.__UserPrivKey_ptr.PrivateKeyDbBuff[i1] = cpu_to_le32(UserPrivKey_ptr->PrivateKeyDbBuff[i1]); + } + params.__UserPrivKey_ptr_null_flag = 0; + } + + params.PrimeData_ptr_size = cpu_to_le32((sizeof(CRYS_RSAPrimeData_t))); + if (DataIn_ptr == NULL) { + params.DataIn_ptr_null_flag = 1; + } else { + /* Verify array size of DataIn_ptr */ + SEP_RPC_ASSERT((DataOutSize) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.DataIn_ptr, DataIn_ptr, sizeof(DxUint8_t) * (DataOutSize)); + params.DataIn_ptr_null_flag = 0; + } + + params.DataOutSize = cpu_to_le16(DataOutSize); + if (Output_ptr == NULL) { + params.Output_ptr_null_flag = 1; + } else { + /* Verify array size of Output_ptr */ + SEP_RPC_ASSERT((DataOutSize) <= (4*CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + params.Output_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RSA_PRIM_DecryptExactSize); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID_CRYS_RSA_PRIM_DecryptExactSize, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RSA_PRIM_DecryptExactSize failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (Output_ptr == NULL) { + params.Output_ptr_null_flag = 1; + } else if (DataOutSize <= (sizeof(params.Output_ptr) / sizeof(params.Output_ptr[0]))) { + memcpy(Output_ptr, params.Output_ptr, sizeof(DxUint8_t) * (DataOutSize)); + params.Output_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RSA_PRIM_DecryptExactSize */ + + + +/************ CRYS_RSA_InvModWord ***************/ +CRYSError_t CRYS_RSA_InvModWord( + DxUint32_t aVal, + DxUint32_t modVal, + DxUint32_t *invMod_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RSA_InvModWordParams params; + + /* Verify input parameters and copy into params. struct. */ + params.aVal = cpu_to_le32(aVal); + params.modVal = cpu_to_le32(modVal); + if (invMod_ptr == NULL) { + params.__invMod_ptr_null_flag = 1; + } else { + params.__invMod_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RSA_InvModWord); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID_CRYS_RSA_InvModWord, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RSA_InvModWord failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (invMod_ptr == NULL) { + params.__invMod_ptr_null_flag = 1; + } else { + *(invMod_ptr) = le32_to_cpu(params.__invMod_ptr); + params.__invMod_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RSA_InvModWord */ + + + +/************ CRYS_RSA_KG_GeneratePQprimes ***************/ +CRYSError_t CRYS_RSA_KG_GeneratePQprimes( + DxUint8_t pubExp_ptr[], + DxUint16_t pubExpSizeInBytes, + DxUint32_t primeSizeInBits, + DxUint32_t testsCount, + DxUint32_t p_ptr[], + DxUint32_t q_ptr[], + CRYS_RSAKGData_t *keyGenData_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RSA_KG_GeneratePQprimesParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + if (pubExp_ptr == NULL) { + params.pubExp_ptr_null_flag = 1; + } else { + /* Verify array size of pubExp_ptr */ + SEP_RPC_ASSERT((pubExpSizeInBytes) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4*2+1), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.pubExp_ptr, pubExp_ptr, sizeof(DxUint8_t) * (pubExpSizeInBytes)); + params.pubExp_ptr_null_flag = 0; + } + + params.pubExpSizeInBytes = cpu_to_le16(pubExpSizeInBytes); + params.primeSizeInBits = cpu_to_le32(primeSizeInBits); + params.testsCount = cpu_to_le32(testsCount); + if (keyGenData_ptr == NULL) { + params.__keyGenData_ptr_null_flag = 1; + } else { + params.__keyGenData_ptr = *(keyGenData_ptr); + params.__keyGenData_ptr_null_flag = 0; + } + + if (p_ptr == NULL) { + params.p_ptr_null_flag = 1; + } else { + /* Verify array size of p_ptr */ + SEP_RPC_ASSERT((primeSizeInBits/32) <= ((CRYS_PKA_MAX_KEY_GENERATION_SIZE_BITS/32)/2), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + params.p_ptr_null_flag = 0; + } + + if (q_ptr == NULL) { + params.q_ptr_null_flag = 1; + } else { + /* Verify array size of q_ptr */ + SEP_RPC_ASSERT((primeSizeInBits/32) <= ((CRYS_PKA_MAX_KEY_GENERATION_SIZE_BITS/32)/2), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + params.q_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RSA_KG_GeneratePQprimes); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID_CRYS_RSA_KG_GeneratePQprimes, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RSA_KG_GeneratePQprimes failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (p_ptr == NULL) { + params.p_ptr_null_flag = 1; + } else { + for (i1 = 0; i1 < (primeSizeInBits/32); i1++) { + p_ptr[i1] = le32_to_cpu(params.p_ptr[i1]); + } + params.p_ptr_null_flag = 0; + } + + if (q_ptr == NULL) { + params.q_ptr_null_flag = 1; + } else { + for (i1 = 0; i1 < (primeSizeInBits/32); i1++) { + q_ptr[i1] = le32_to_cpu(params.q_ptr[i1]); + } + params.q_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RSA_KG_GeneratePQprimes */ + + + +/************ CRYS_RSA_KG_CalculateKeyPairFromPQ ***************/ +CRYSError_t CRYS_RSA_KG_CalculateKeyPairFromPQ( + DxUint8_t pubExp_ptr[], + DxUint16_t pubExpSizeInBytes, + DxUint32_t p_ptr[], + DxUint32_t q_ptr[], + DxUint16_t primeSizeInBits, + CRYS_RSA_DecryptionMode_t privKeyMode, + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAUserPubKey_t *userPubKey_ptr, + CRYS_RSAKGData_t *keyGenData_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_RSA_KG_CalculateKeyPairFromPQParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + if (pubExp_ptr == NULL) { + params.pubExp_ptr_null_flag = 1; + } else { + /* Verify array size of pubExp_ptr */ + SEP_RPC_ASSERT((pubExpSizeInBytes) <= ( CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.pubExp_ptr, pubExp_ptr, sizeof(DxUint8_t) * (pubExpSizeInBytes)); + params.pubExp_ptr_null_flag = 0; + } + + params.pubExpSizeInBytes = cpu_to_le16(pubExpSizeInBytes); + if (p_ptr == NULL) { + params.p_ptr_null_flag = 1; + } else { + /* Verify array size of p_ptr */ + SEP_RPC_ASSERT((primeSizeInBits/32) <= ((CRYS_PKA_MAX_KEY_GENERATION_SIZE_BITS/32)/2), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + for (i1 = 0; i1 < (primeSizeInBits/32); i1++) { + params.p_ptr[i1] = cpu_to_le32(p_ptr[i1]); + } + params.p_ptr_null_flag = 0; + } + + if (q_ptr == NULL) { + params.q_ptr_null_flag = 1; + } else { + /* Verify array size of q_ptr */ + SEP_RPC_ASSERT((primeSizeInBits/32) <= ((CRYS_PKA_MAX_KEY_GENERATION_SIZE_BITS/32)/2), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + for (i1 = 0; i1 < (primeSizeInBits/32); i1++) { + params.q_ptr[i1] = cpu_to_le32(q_ptr[i1]); + } + params.q_ptr_null_flag = 0; + } + + params.primeSizeInBits = cpu_to_le16(primeSizeInBits); + params.privKeyMode = cpu_to_le32(privKeyMode); + if (keyGenData_ptr == NULL) { + params.__keyGenData_ptr_null_flag = 1; + } else { + params.__keyGenData_ptr = *(keyGenData_ptr); + params.__keyGenData_ptr_null_flag = 0; + } + + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + params.__UserPrivKey_ptr_null_flag = 0; + } + + if (userPubKey_ptr == NULL) { + params.__userPubKey_ptr_null_flag = 1; + } else { + params.__userPubKey_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_RSA_KG_CalculateKeyPairFromPQ); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID_CRYS_RSA_KG_CalculateKeyPairFromPQ, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_RSA_KG_CalculateKeyPairFromPQ failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + UserPrivKey_ptr->valid_tag = le32_to_cpu(params.__UserPrivKey_ptr.valid_tag); + for (i1 = 0; i1 < (sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1); i1++) { + UserPrivKey_ptr->PrivateKeyDbBuff[i1] = le32_to_cpu(params.__UserPrivKey_ptr.PrivateKeyDbBuff[i1]); + } + params.__UserPrivKey_ptr_null_flag = 0; + } + + if (userPubKey_ptr == NULL) { + params.__userPubKey_ptr_null_flag = 1; + } else { + userPubKey_ptr->valid_tag = le32_to_cpu(params.__userPubKey_ptr.valid_tag); + for (i1 = 0; i1 < ((sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1)); i1++) { + userPubKey_ptr->PublicKeyDbBuff[i1] = le32_to_cpu(params.__userPubKey_ptr.PublicKeyDbBuff[i1]); + } + params.__userPubKey_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_RSA_KG_CalculateKeyPairFromPQ */ + + + +/************ DX_RSA_KG_ExtendGenerateKeyPair ***************/ +CRYSError_t DX_RSA_KG_ExtendGenerateKeyPair( + DxUint8_t pubExp_ptr[], + DxUint16_t pubExpSizeInBytes, + DxUint32_t keySizeBits, + CRYS_RSA_DecryptionMode_t privKeyMode, + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAUserPubKey_t *userPubKey_ptr, + CRYS_RSAKGData_t *keyGenData_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_DX_RSA_KG_ExtendGenerateKeyPairParams params; + unsigned int i1; + + /* Verify input parameters and copy into params. struct. */ + if (pubExp_ptr == NULL) { + params.pubExp_ptr_null_flag = 1; + } else { + /* Verify array size of pubExp_ptr */ + SEP_RPC_ASSERT((pubExpSizeInBytes) <= (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4), CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR); + memcpy(params.pubExp_ptr, pubExp_ptr, sizeof(DxUint8_t) * (pubExpSizeInBytes)); + params.pubExp_ptr_null_flag = 0; + } + + params.pubExpSizeInBytes = cpu_to_le16(pubExpSizeInBytes); + params.keySizeBits = cpu_to_le32(keySizeBits); + params.privKeyMode = cpu_to_le32(privKeyMode); + if (keyGenData_ptr == NULL) { + params.__keyGenData_ptr_null_flag = 1; + } else { + params.__keyGenData_ptr = *(keyGenData_ptr); + params.__keyGenData_ptr_null_flag = 0; + } + + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + params.__UserPrivKey_ptr_null_flag = 0; + } + + if (userPubKey_ptr == NULL) { + params.__userPubKey_ptr_null_flag = 1; + } else { + params.__userPubKey_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_DX_RSA_KG_ExtendGenerateKeyPair); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysRsa, SEPRPC_FUNC_ID_DX_RSA_KG_ExtendGenerateKeyPair, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of DX_RSA_KG_ExtendGenerateKeyPair failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (UserPrivKey_ptr == NULL) { + params.__UserPrivKey_ptr_null_flag = 1; + } else { + UserPrivKey_ptr->valid_tag = le32_to_cpu(params.__UserPrivKey_ptr.valid_tag); + for (i1 = 0; i1 < ((sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1)); i1++) { + UserPrivKey_ptr->PrivateKeyDbBuff[i1] = le32_to_cpu(params.__UserPrivKey_ptr.PrivateKeyDbBuff[i1]); + } + params.__UserPrivKey_ptr_null_flag = 0; + } + + if (userPubKey_ptr == NULL) { + params.__userPubKey_ptr_null_flag = 1; + } else { + userPubKey_ptr->valid_tag = le32_to_cpu(params.__userPubKey_ptr.valid_tag); + for (i1 = 0; i1 < ((sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1)); i1++) { + userPubKey_ptr->PublicKeyDbBuff[i1] = le32_to_cpu(params.__userPubKey_ptr.PublicKeyDbBuff[i1]); + } + params.__userPubKey_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* DX_RSA_KG_ExtendGenerateKeyPair */ + diff --git a/peripheral/keystore/chaabi/libcc54/generated/crys_self_test_seprpc.h b/peripheral/keystore/chaabi/libcc54/generated/crys_self_test_seprpc.h new file mode 100644 index 0000000..ea6f431 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/generated/crys_self_test_seprpc.h @@ -0,0 +1,48 @@ +/* Generated file - DO NOT EDIT! */ +/* Generated by utils/src/sep_rpc_gen/sep_rpc_gen.py@2451 at 2012-09-20 12:33:28.705098 */ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file crys_self_test_seprpc.h + * SeP-RPC header file for CrysSelfTest API */ + +#ifndef __CRYS_SELF_TEST_SEPRPC_H__ +#define __CRYS_SELF_TEST_SEPRPC_H__ + +#define SEPRPC_AGENT_ID_CrysSelfTest 10 + +#include "crys_host_rpc_config.h" +#include "crys_self_test_error.h" +#include "crys_self_test.h" +#include "sep_rpc.h" +#include "dx_pal_compiler.h" + + +/************ CRYS_SelfTest ***************/ +#define SEPRPC_FUNC_ID_CRYS_SelfTest 1 +/* +CRYSError_t CRYS_SelfTest( + DxUint16_t enginesSelect, + DxUint16_t *enginesTestResult_ptr) +*/ + +#define SEPRPC_MEMREF_NUM_CRYS_SelfTest 0 +#if SEPRPC_MEMREF_NUM_CRYS_SelfTest > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_CRYS_SelfTest is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_CRYS_SelfTestParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Input */ + /*le16*/DxUint16_t enginesSelect; + /* Output */ + DxUint16_t __enginesTestResult_ptr; + DxUint8_t __enginesTestResult_ptr_null_flag; + CRYSError_t _funcRetCode; +} SepRpc_CRYS_SelfTestParams_s; + + +#endif /*__CRYS_SELF_TEST_SEPRPC_H__*/ diff --git a/peripheral/keystore/chaabi/libcc54/generated/crys_self_test_seprpc_stub.c b/peripheral/keystore/chaabi/libcc54/generated/crys_self_test_seprpc_stub.c new file mode 100644 index 0000000..3d0b24f --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/generated/crys_self_test_seprpc_stub.c @@ -0,0 +1,68 @@ +/* Generated file - DO NOT EDIT! */ +/* Generated by utils/src/sep_rpc_gen/sep_rpc_gen.py@2451 at 2012-09-20 12:33:28.705569 */ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file crys_self_test_seprpc_stub.c + * SeP-RPC host wrappers/stubs implementation for CrysSelfTest API */ + +#include <string.h> +#include "crys_host_rpc_config.h" +#include "crys_self_test_error.h" +#include "crys_self_test.h" +#include "sep_rpc.h" +#include "driver_interface.h" +#include "crys_self_test_seprpc.h" + + +/************ CRYS_SelfTest ***************/ +CRYSError_t CRYS_SelfTest( + DxUint16_t enginesSelect, + DxUint16_t *enginesTestResult_ptr) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_CRYS_SelfTestParams params; + + /* Verify input parameters and copy into params. struct. */ + params.enginesSelect = cpu_to_le16(enginesSelect); + if (enginesTestResult_ptr == NULL) { + params.__enginesTestResult_ptr_null_flag = 1; + } else { + params.__enginesTestResult_ptr_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_CRYS_SelfTest); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_CrysSelfTest, SEPRPC_FUNC_ID_CRYS_SelfTest, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, CRYS_SELF_TEST_MSG_GENERAL_RPC_A_ERROR); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of CRYS_SelfTest failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return CRYS_SELF_TEST_MSG_GENERAL_RPC_B_ERROR; + case SEPRPC_RET_ENORSC: + return CRYS_SELF_TEST_MSG_GENERAL_RPC_C_ERROR; + default: + return CRYS_SELF_TEST_MSG_GENERAL_RPC_A_ERROR; + } + } + + /* Copy back output parameters */ + if (enginesTestResult_ptr == NULL) { + params.__enginesTestResult_ptr_null_flag = 1; + } else { + *(enginesTestResult_ptr) = params.__enginesTestResult_ptr; + params.__enginesTestResult_ptr_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* CRYS_SelfTest */ + diff --git a/peripheral/keystore/chaabi/libcc54/generated/management_apis_seprpc.h b/peripheral/keystore/chaabi/libcc54/generated/management_apis_seprpc.h new file mode 100644 index 0000000..6604f7b --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/generated/management_apis_seprpc.h @@ -0,0 +1,69 @@ +/* Generated file - DO NOT EDIT! */ +/* Generated by utils/src/sep_rpc_gen/sep_rpc_gen.py@2451 at 2012-09-20 11:57:19.110527 */ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file management_apis_seprpc.h + * SeP-RPC header file for DxManagement API */ + +#ifndef __MANAGEMENT_APIS_SEPRPC_H__ +#define __MANAGEMENT_APIS_SEPRPC_H__ + +#define SEPRPC_AGENT_ID_DxManagement 6 + +#include "dx_pal_types.h" +#include "dx_management.h" +#include "sep_rpc.h" +#include "dx_pal_compiler.h" + + +/************ DX_MNG_GetLcs ***************/ +#define SEPRPC_FUNC_ID_DX_MNG_GetLcs 1 +/* +DxUint32_t DX_MNG_GetLcs( + DxUint32_t *lcsVal) +*/ + +#define SEPRPC_MEMREF_NUM_DX_MNG_GetLcs 0 +#if SEPRPC_MEMREF_NUM_DX_MNG_GetLcs > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_DX_MNG_GetLcs is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_DX_MNG_GetLcsParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Output */ + /*le32*/DxUint32_t __lcsVal; + DxUint8_t __lcsVal_null_flag; + DxUint32_t _funcRetCode; +} SepRpc_DX_MNG_GetLcsParams_s; + + + +/************ DX_MNG_GetFwVersion ***************/ +#define SEPRPC_FUNC_ID_DX_MNG_GetFwVersion 2 +/* +DxUint32_t DX_MNG_GetFwVersion( + DxUint32_t *fwVer, + DxUint32_t *romVer) +*/ + +#define SEPRPC_MEMREF_NUM_DX_MNG_GetFwVersion 0 +#if SEPRPC_MEMREF_NUM_DX_MNG_GetFwVersion > SEP_RPC_MAX_MEMREF_PER_FUNC +#error SEPRPC_MEMREF_NUM_DX_MNG_GetFwVersion is more than SEP_RPC_MAX_MEMREF_PER_FUNC +#endif + +typedef struct SepRpc_DX_MNG_GetFwVersionParams { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + /* Output */ + /*le32*/DxUint32_t __fwVer; + DxUint8_t __fwVer_null_flag; + /*le32*/DxUint32_t __romVer; + DxUint8_t __romVer_null_flag; + DxUint32_t _funcRetCode; +} SepRpc_DX_MNG_GetFwVersionParams_s; + + +#endif /*__MANAGEMENT_APIS_SEPRPC_H__*/ diff --git a/peripheral/keystore/chaabi/libcc54/generated/management_apis_seprpc_stub.c b/peripheral/keystore/chaabi/libcc54/generated/management_apis_seprpc_stub.c new file mode 100644 index 0000000..7bcfd15 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/generated/management_apis_seprpc_stub.c @@ -0,0 +1,127 @@ +/* Generated file - DO NOT EDIT! */ +/* Generated by utils/src/sep_rpc_gen/sep_rpc_gen.py@2451 at 2012-09-20 11:57:19.111014 */ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file management_apis_seprpc_stub.c + * SeP-RPC host wrappers/stubs implementation for DxManagement API */ + +#include <string.h> +#include "dx_pal_types.h" +#include "dx_management.h" +#include "sep_rpc.h" +#include "driver_interface.h" +#include "management_apis_seprpc.h" + + +/************ DX_MNG_GetLcs ***************/ +DxUint32_t DX_MNG_GetLcs( + DxUint32_t *lcsVal) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_DX_MNG_GetLcsParams params; + + /* Verify input parameters and copy into params. struct. */ + if (lcsVal == NULL) { + params.__lcsVal_null_flag = 1; + } else { + params.__lcsVal_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_DX_MNG_GetLcs); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_DxManagement, SEPRPC_FUNC_ID_DX_MNG_GetLcs, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, DX_FAILURE); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of DX_MNG_GetLcs failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return DX_FAILURE; + case SEPRPC_RET_ENORSC: + return DX_FAILURE; + default: + return DX_FAILURE; + } + } + + /* Copy back output parameters */ + if (lcsVal == NULL) { + params.__lcsVal_null_flag = 1; + } else { + *(lcsVal) = le32_to_cpu(params.__lcsVal); + params.__lcsVal_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* DX_MNG_GetLcs */ + + + +/************ DX_MNG_GetFwVersion ***************/ +DxUint32_t DX_MNG_GetFwVersion( + DxUint32_t *fwVer, + DxUint32_t *romVer) +{ + DxDI_RetCode_t diRc; + seprpc_retcode_t rpcRc; + struct SepRpc_DX_MNG_GetFwVersionParams params; + + /* Verify input parameters and copy into params. struct. */ + if (fwVer == NULL) { + params.__fwVer_null_flag = 1; + } else { + params.__fwVer_null_flag = 0; + } + + if (romVer == NULL) { + params.__romVer_null_flag = 1; + } else { + params.__romVer_null_flag = 0; + } + + + params.num_of_memrefs = cpu_to_le32(SEPRPC_MEMREF_NUM_DX_MNG_GetFwVersion); + + diRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_DxManagement, SEPRPC_FUNC_ID_DX_MNG_GetFwVersion, + NULL, sizeof(params), (struct seprpc_params*)¶ms, &rpcRc); + + SEP_RPC_ASSERT(diRc == DXDI_RET_OK, DX_FAILURE); + if (rpcRc != SEPRPC_RET_OK) { + SEP_RPC_LOG("RPC of DX_MNG_GetFwVersion failed with RPC error code %d\n", rpcRc); + switch (rpcRc) { + case SEPRPC_RET_EINVAL: + return DX_FAILURE; + case SEPRPC_RET_ENORSC: + return DX_FAILURE; + default: + return DX_FAILURE; + } + } + + /* Copy back output parameters */ + if (fwVer == NULL) { + params.__fwVer_null_flag = 1; + } else { + *(fwVer) = le32_to_cpu(params.__fwVer); + params.__fwVer_null_flag = 0; + } + + if (romVer == NULL) { + params.__romVer_null_flag = 1; + } else { + *(romVer) = le32_to_cpu(params.__romVer); + params.__romVer_null_flag = 0; + } + + + return le32_to_cpu(params._funcRetCode); +} /* DX_MNG_GetFwVersion */ + diff --git a/peripheral/keystore/chaabi/libcc54/hwk_crypto.c b/peripheral/keystore/chaabi/libcc54/hwk_crypto.c new file mode 100644 index 0000000..8f03a7c --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/hwk_crypto.c @@ -0,0 +1,314 @@ +/******************************************************************* +* (c) Copyright 2013-2016 Intel Corporation. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#include "tee_client_api.h" +#include "dx_cclib.h" +#include <string.h> + +#include "hwk_crypto.h" + +#define HWK_APP_UUID "INTEL HWK 000001" + +enum hwk_command { + HWK_DBG = 0, + HWK_CREATE = 1, + HWK_UNSEAL, + HWK_SEAL, + HWK_DISABLE, + HWK_ENABLE, + HWK_RESEAL, + HWK_DESTROY, + HWK_CRYPTO, + HWK_DBG_SS_WIPE, +}; + + +int hwk_ss_wipe(void) +{ + TEEC_Context context; + TEEC_Session session; + static const uint8_t destination[] = HWK_APP_UUID; + TEEC_Result ret; + uint32_t returnOrigin = 0; + + + ret = DX_CclibInit(); + if (TEEC_SUCCESS != ret) + return ret; + + ret = TEEC_InitializeContext(NULL, &context); + if (TEEC_SUCCESS != ret) + goto CclibFini; + + ret = TEEC_OpenSession(&context, &session, (TEEC_UUID*)&destination, + TEEC_LOGIN_PUBLIC, NULL, NULL, &returnOrigin); + if (TEEC_SUCCESS != ret ) + goto FinalizeContext; + + ret = TEEC_InvokeCommand(&session, HWK_DBG_SS_WIPE, NULL, &returnOrigin); + +CloseSession: + TEEC_CloseSession (&session); +FinalizeContext: + TEEC_FinalizeContext(&context); +CclibFini: + DX_CclibFini(); + + return ret; +} + +int hwk_dbg(void *buf, uint32_t len) +{ + TEEC_Context context; + TEEC_Session session; + TEEC_Operation operation; + static const uint8_t destination[] = HWK_APP_UUID; + TEEC_Result ret; + uint32_t returnOrigin = 0; + TEEC_SharedMemory smDumpBuffer; + + + ret = DX_CclibInit(); + if (TEEC_SUCCESS != ret) + return ret; + + ret = TEEC_InitializeContext(NULL, &context); + if (TEEC_SUCCESS != ret) + goto CclibFini; + + ret = TEEC_OpenSession(&context, &session, (TEEC_UUID*)&destination, + TEEC_LOGIN_PUBLIC, NULL, NULL, &returnOrigin); + if (TEEC_SUCCESS != ret ) + goto FinalizeContext; + + smDumpBuffer.buffer = (void *)buf; + smDumpBuffer.size = len; + smDumpBuffer.flags = TEEC_MEM_OUTPUT; + + ret = TEEC_RegisterSharedMemory(&context, &smDumpBuffer); + if (TEEC_SUCCESS != ret) + goto CloseSession; + + + memset((void *)&operation, 0, sizeof(operation)); + TEEC_PARAM_TYPE_SET(operation.paramTypes, 0, TEEC_MEMREF_WHOLE); + TEEC_PARAM_TYPE_SET(operation.paramTypes, 1, TEEC_VALUE_INPUT); + operation.params[0].memref.parent = &smDumpBuffer; + operation.params[1].value.a = len; + + ret = TEEC_InvokeCommand(&session, HWK_DBG, &operation, &returnOrigin); + + TEEC_ReleaseSharedMemory(&smDumpBuffer); + +CloseSession: + TEEC_CloseSession (&session); +FinalizeContext: + TEEC_FinalizeContext(&context); +CclibFini: + DX_CclibFini(); + + return ret; +} + +static int hwk_keyid_ops(int op, uint32_t key_id) +{ + TEEC_Context context; + TEEC_Session session; + TEEC_Operation operation; + static const uint8_t destination[] = HWK_APP_UUID; + TEEC_Result ret; + uint32_t returnOrigin = 0; + + ret = DX_CclibInit(); + if (TEEC_SUCCESS != ret) + return ret; + + ret = TEEC_InitializeContext(NULL, &context); + if (TEEC_SUCCESS != ret ) + goto CclibFini; + + ret = TEEC_OpenSession(&context, &session, (TEEC_UUID*)&destination, + TEEC_LOGIN_PUBLIC, NULL, NULL, &returnOrigin); + if (TEEC_SUCCESS != ret) + goto FinalizeContext; + + memset((void *)&operation, 0, sizeof(operation)); + TEEC_PARAM_TYPE_SET(operation.paramTypes, 0, TEEC_VALUE_INPUT); + operation.params[0].value.a = key_id; + + ret = TEEC_InvokeCommand(&session, op, &operation, &returnOrigin); + +CloseSession: + TEEC_CloseSession(&session); +FinalizeContext: + TEEC_FinalizeContext(&context); +CclibFini: + DX_CclibFini(); + + return ret; +} + +int hwk_seal(uint32_t key_id) +{ + return hwk_keyid_ops(HWK_SEAL, key_id); +} + +int hwk_disable(uint32_t key_id) +{ + return hwk_keyid_ops(HWK_DISABLE, key_id); +} + +int hwk_enable(uint32_t key_id) +{ + return hwk_keyid_ops(HWK_ENABLE, key_id); +} + +int hwk_destroy(uint32_t key_id) +{ + return hwk_keyid_ops(HWK_DESTROY, key_id); +} + +static int hwk_keyid_pass_ops(int op, uint32_t key_id, const char *pwd, int pwd_len) +{ + TEEC_Context context; + TEEC_Session session; + TEEC_Operation operation; + static const uint8_t destination[] = HWK_APP_UUID; + TEEC_Result ret; + uint32_t returnOrigin = 0; + TEEC_SharedMemory smPwd; + + + ret = DX_CclibInit(); + if (TEEC_SUCCESS != ret) + return ret; + + ret = TEEC_InitializeContext(NULL, &context); + if (TEEC_SUCCESS != ret ) + goto CclibFini; + + ret = TEEC_OpenSession(&context, &session, (TEEC_UUID*)&destination, + TEEC_LOGIN_PUBLIC, NULL, NULL, &returnOrigin); + if (TEEC_SUCCESS != ret) + goto FinalizeContext; + + smPwd.buffer = (void *)pwd; + smPwd.size = pwd_len; + smPwd.flags = TEEC_MEM_INPUT; + + ret = TEEC_RegisterSharedMemory(&context, &smPwd); + if (TEEC_SUCCESS != ret) + goto CloseSession; + + memset((void *)&operation, 0, sizeof(operation)); + TEEC_PARAM_TYPE_SET(operation.paramTypes, 0, TEEC_VALUE_INPUT); + TEEC_PARAM_TYPE_SET(operation.paramTypes, 1, TEEC_MEMREF_WHOLE); + operation.params[0].value.a = key_id; + operation.params[0].value.b = pwd_len; + operation.params[1].memref.parent = &smPwd; + + + ret = TEEC_InvokeCommand(&session, op, &operation, &returnOrigin); + + TEEC_ReleaseSharedMemory(&smPwd); + +CloseSession: + TEEC_CloseSession(&session); +FinalizeContext: + TEEC_FinalizeContext(&context); +CclibFini: + DX_CclibFini(); + + return ret; +} + +int hwk_create(uint32_t key_id, const char *pwd, int pwd_len) +{ + return hwk_keyid_pass_ops(HWK_CREATE, key_id, pwd, pwd_len); +} + +int hwk_unseal(uint32_t key_id, const char *pwd, int pwd_len) +{ + return hwk_keyid_pass_ops(HWK_UNSEAL, key_id, pwd, pwd_len); +} + +int hwk_reseal(uint32_t key_id, const char *pwd, int pwd_len) +{ + return hwk_keyid_pass_ops(HWK_RESEAL, key_id, pwd, pwd_len); +} + +int hwk_crypto(uint32_t key_id, hwk_crypto_op_t op, const char *iv, + const char *src, char *dst, int len) +{ + TEEC_Context context; + TEEC_Session session; + TEEC_Operation operation; + static const uint8_t destination[] = HWK_APP_UUID; + TEEC_Result ret; + uint32_t returnOrigin = 0; + TEEC_SharedMemory smIv, smSrc, smDst; + + ret = DX_CclibInit(); + if (TEEC_SUCCESS != ret) + return ret; + + ret = TEEC_InitializeContext(NULL, &context); + if (TEEC_SUCCESS != ret ) + goto CclibFini; + + ret = TEEC_OpenSession(&context, &session, (TEEC_UUID*)&destination, + TEEC_LOGIN_PUBLIC, NULL, NULL, &returnOrigin); + if (TEEC_SUCCESS != ret) + goto FinalizeContext; + + smIv.buffer = (void *)iv; + smIv.size = 16; + smIv.flags = TEEC_MEM_INPUT; + ret = TEEC_RegisterSharedMemory(&context, &smIv); + if (TEEC_SUCCESS != ret) + goto CloseSession; + + smSrc.buffer = (void *)src; + smSrc.size = len; + smSrc.flags = TEEC_MEM_INPUT; + ret = TEEC_RegisterSharedMemory(&context, &smSrc); + if (TEEC_SUCCESS != ret) + goto ReleaseSmIv; + + smDst.buffer = (void *)dst; + smDst.size = len; + smDst.flags = TEEC_MEM_OUTPUT; + ret = TEEC_RegisterSharedMemory(&context, &smDst); + if (TEEC_SUCCESS != ret) + goto ReleaseSmSrc; + + memset((void *)&operation, 0, sizeof(operation)); + TEEC_PARAM_TYPE_SET(operation.paramTypes, 0, TEEC_VALUE_INPUT); + TEEC_PARAM_TYPE_SET(operation.paramTypes, 1, TEEC_MEMREF_WHOLE); + TEEC_PARAM_TYPE_SET(operation.paramTypes, 2, TEEC_MEMREF_WHOLE); + TEEC_PARAM_TYPE_SET(operation.paramTypes, 3, TEEC_MEMREF_WHOLE); + operation.params[0].value.a = key_id; + operation.params[0].value.b = len | (op << 16); + operation.params[1].memref.parent = &smIv; + operation.params[2].memref.parent = &smSrc; + operation.params[3].memref.parent = &smDst; + + ret = TEEC_InvokeCommand(&session, HWK_CRYPTO, &operation, &returnOrigin); + + TEEC_ReleaseSharedMemory(&smDst); +ReleaseSmSrc: + TEEC_ReleaseSharedMemory(&smSrc); +ReleaseSmIv: + TEEC_ReleaseSharedMemory(&smIv); +CloseSession: + TEEC_CloseSession(&session); +FinalizeContext: + TEEC_FinalizeContext(&context); +CclibFini: + DX_CclibFini(); + + return ret; +} diff --git a/peripheral/keystore/chaabi/libcc54/include/applet_mgr_error.h b/peripheral/keystore/chaabi/libcc54/include/applet_mgr_error.h new file mode 100644 index 0000000..6541e72 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/applet_mgr_error.h @@ -0,0 +1,57 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef APPLET_MGR_ERROR_H +#define APPLET_MGR_ERROR_H + +#include "dx_pal_types.h" + +/****************************************************************************** +* DEFINITIONS +******************************************************************************/ +/* noga - define base error for app_mgr */ + +#define DX_APP_MNG_SLOT_IS_NOT_EMPTY_ERROR 0x00000001 +#define DX_APP_MNG_STATIC_LOAD_AFTER_DYNAMIC_NOT_ALLOWED_ERROR 0x00000002 +#define DX_APP_MNG_SESSION_TBL_IS_FULL_ERROR 0x00000003 +#define DX_APP_MNG_ILLEGAL_SESSION_ERROR 0x00000004 +#define DX_APP_MNG_ILLEGAL_APPLET_NUM_ERROR 0x00000005 +#define DX_APP_MNG_EXCEED_ICACHE_SIZE_ERROR 0x00000006 +#define DX_APP_MNG_EXCEED_DCACHE_SIZE_ERROR 0x00000007 +#define DX_APP_MNG_APPLET_NOT_FOUND_ERROR 0x00000008 +#define DX_APP_MNG_OPEN_SESSIONS_EXIST_FOR_APPLET_ERROR 0x00000009 +#define DX_APP_MNG_ILLEGAL_VERIFICATION_KEY_INDEX_ERROR 0x0000000A +#define DX_APP_MNG_VERIFICATION_FUNC_ALREADY_REGISTERED_ERROR 0x0000000B +#define DX_APP_MNG_ILLEGAL_PARAM_ERROR 0x0000000C +#define DX_APP_MNG_ILLEGAL_REPLACEABLE_APPLET_ID_ERROR 0x0000000D +#define DX_APP_MNG_NO_CURRENT_ACTIVE_APPLET_ERROR 0x0000000E +#define DX_APP_MNG_ILLEGAL_OP_FOR_NONPRIV_APPLET_ERROR 0x0000000F +#define DX_APP_MNG_ILLEGAL_SLOT_NUM_ERROR 0x00000010 +#define DX_APP_MNG_DUPLICATE_APPLET_ERROR 0x00000011 +#define DX_APP_MNG_SRAM_APPLET_CALL_NONPRIV_APPLET_ERROR 0x00000012 +#define DX_APP_MNG_CALLBACK_FUNC_ALREADY_REGISTERED_ERROR 0x00000013 +#define DX_APP_MNG_APPLET_PRIORITY_ERROR 0x00000014 +#define DX_APP_MNG_CALLBACK_REGISTRATION_NOT_ALLOWED_ERROR 0x00000015 +#define DX_APP_MNG_DEFAULT_APPLET_INIT_ERROR 0x00000016 +#define DX_APP_MNG_APPLET_ALREADY_UNLOADED_ERROR 0x00000017 +#define DX_APP_MNG_UNLOADING_RUNNING_APPLET_ERROR 0x00000018 +#define DX_APP_MNG_NO_FREE_SEMAPHORE_ERROR 0x00000019 +#define DX_APP_MNG_SEMAPHORE_LOCKED_ERROR 0x00000020 + +/****************************************************************************** +* MACROS +******************************************************************************/ + +/****************************************************************************** +* TYPE DEFINITIONS +******************************************************************************/ + +/****************************************************************************** +* FUNCTION PROTOTYPES +******************************************************************************/ + +#endif /*APPLET_MGR_ERROR_H*/ + diff --git a/peripheral/keystore/chaabi/libcc54/include/applet_mng.xml b/peripheral/keystore/chaabi/libcc54/include/applet_mng.xml new file mode 100644 index 0000000..d47b360 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/applet_mng.xml @@ -0,0 +1,47 @@ +<?xml version="1.0" encoding="US-ASCII" ?> +<!--**************************************************************** +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +*****************************************************************--> + +<!-- SepRpcTest API description: An API dedicated to test the RPC mechanism --> + +<api name="AppletMngLoad"> <!-- The AppletMngLoadRpc API Agent ID --> + + <!-- Default return codes for generated wrapper code (may be overriden for specific functions --> + <retcodes ok="DX_SUCCESS" generic_error="DX_APP_MNG_ILLEGAL_PARAM_ERROR" invalid_param="DX_APP_MNG_ILLEGAL_PARAM_ERROR" not_enough_resources="DX_APP_MNG_ILLEGAL_PARAM_ERROR" /> + + <!-- Header files to include for prototypes --> + <header>dx_applet_mng_load.h</header> + <header>applet_mgr_error.h</header> + + <function name="DX_CC_LoadApplet" return="le32(DxUint32_t)"> + <!-- + DxUint32_t DX_CC_LoadApplet(DxUint32_t vrlAddr, + DxUint32_t magicNum, + DxUint32_t verKeyIndex, + DxUint32_t flags, + DxUint32_t appletImageAddr, + DxUint32_t userParam); + --> + <param name="vrlAddr" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <param name="magicNum" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + <param name="verKeyIndex" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + <param name="flags" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <param name="appletImageAddr" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <param name="userParam" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + + </function> + + <function name="DX_CC_UnloadApplet" return="le32(DxUint32_t)"> + <!-- + DxUint32_t DX_CC_UnLoadApplet(DX_SepAppUuid_t uuid); + --> + <param name="uuid" direction="i" ptype="array(sizeof(DX_SepAppUuid_t),sizeof(DX_SepAppUuid_t))" dtype="DxUint8_t" /> + + </function> + +</api> + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys.h new file mode 100644 index 0000000..171f6a9 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys.h @@ -0,0 +1,100 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_H +#define CRYS_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ + +#include "dx_pal_types.h" +#include "crys_defs.h" +#include "crys_error.h" + +#ifndef CRYS_NO_BYPASS_SUPPORT +#include "crys_bypass_api.h" +#endif + +#ifndef CRYS_NO_AES_SUPPORT +#include "crys_aes.h" +#endif + +#ifndef CRYS_NO_AESCCM_SUPPORT +#include "crys_aesccm.h" +#endif + +#ifndef CRYS_NO_DES_SUPPORT +#include "crys_des.h" +#endif + +#ifndef CRYS_NO_HASH_SUPPORT +#include "crys_hash.h" +#endif + +#ifndef CRYS_NO_HMAC_SUPPORT +#include "crys_hmac.h" +#endif + +#ifndef CRYS_NO_RC4_SUPPORT +#include "crys_rc4.h" +#endif + +#ifndef CRYS_NO_CRYS_COMBINED_SUPPORT +#include "crys_combined.h" +#endif + +#ifndef CRYS_NO_RND_SUPPORT +#include "crys_rnd.h" +#endif + +#ifndef CRYS_NO_PKI_SUPPORT +#include "crys_rsa_build.h" +#include "crys_rsa_types.h" +#include "crys_rsa_schemes.h" +#include "crys_rsa_prim.h" +#endif +#ifndef CRYS_NO_ECPKI_SUPPORT +#include "crys_ecpki_types.h" +#include "crys_ecpki_build.h" +#include "crys_ecpki_kg.h" +#include "crys_ecpki_ecdsa.h" +#include "crys_ecpki_elgamal.h" +#include "crys_ecpki_dh.h" +#endif + +#ifndef CRYS_NO_KDF_SUPPORT +#include "crys_kdf.h" +#endif + +#ifndef CRYS_NO_DH_SUPPORT +#include "crys_dh.h" +#endif + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/************************ Defines ******************************/ + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Structs ******************************/ + +/************************ Public Variables **********************/ + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_aes.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_aes.h new file mode 100644 index 0000000..37dc5cb --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_aes.h @@ -0,0 +1,502 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/** @file + * \brief This file contains all of the enums and definitions that are used for the + * CRYS AES APIs, as well as the APIs themselves. + * + */ +#ifndef CRYS_AES_H +#define CRYS_AES_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "dx_pal_types.h" +#include "crys_error.h" +#include "crys_defs.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/************************ Defines ******************************/ + +/** +@brief - a definition describing the low level Engine type ( SW , Hardware , Etc ) +*/ + +#if defined(DX_CC_SEP) || defined(DX_CC_TEE) +#define CRYS_AES_USER_CTX_SIZE_IN_WORDS 32 +#else +#define CRYS_AES_USER_CTX_SIZE_IN_WORDS 312 +#endif + +/* The AES block size in words and in bytes */ +#define CRYS_AES_BLOCK_SIZE_IN_WORDS 4 +#define CRYS_AES_BLOCK_SIZE_IN_BYTES (CRYS_AES_BLOCK_SIZE_IN_WORDS * sizeof(DxUint32_t)) + +/* The size of the IV or counter buffer */ +#define CRYS_AES_IV_COUNTER_SIZE_IN_WORDS CRYS_AES_BLOCK_SIZE_IN_WORDS +#define CRYS_AES_IV_COUNTER_SIZE_IN_BYTES (CRYS_AES_IV_COUNTER_SIZE_IN_WORDS * sizeof(DxUint32_t)) + +/* The maximum size of the AES KEY in words and bytes */ +#define CRYS_AES_KEY_MAX_SIZE_IN_WORDS 16 +#define CRYS_AES_KEY_MAX_SIZE_IN_BYTES (CRYS_AES_KEY_MAX_SIZE_IN_WORDS * sizeof(DxUint32_t)) + +/* The AES_WRAP minimum data size in bytes (one 64-bits block) */ +#define CRYS_AES_WRAP_DATA_MIN_SIZE_IN_BYTES 8 + +/* The AES_WRAP maximum data size in bytes: */ +#define CRYS_AES_WRAP_DATA_MAX_SIZE_IN_BYTES 512 + +/* The CRYS_AES_WRAP block size in bytes and in words */ +#define CRYS_AES_WRAP_BLOCK_SIZE_IN_BYTES 8 +#define CRYS_AES_WRAP_BLOCK_SIZE_IN_WORDS (CRYS_AES_WRAP_BLOCK_SIZE_IN_BYTES / sizeof(DxUint32_t)) + +#define CRYS_AES_WRAP_STEPS 6 //according to rfc3394 +/************************ Enums ********************************/ + +/* Enum defining the user's key size argument */ +typedef enum { + CRYS_AES_Key128BitSize = 0, + CRYS_AES_Key192BitSize = 1, + CRYS_AES_Key256BitSize = 2, + CRYS_AES_Key512BitSize = 3, + + CRYS_AES_KeySizeNumOfOptions, + + CRYS_AES_KeySizeLast = 0x7FFFFFFF, + +}CRYS_AES_KeySize_t; + +/* Enum defining the Encrypt or Decrypt operation mode */ +typedef enum { + CRYS_AES_Encrypt = 0, + CRYS_AES_Decrypt = 1, + + CRYS_AES_EncryptNumOfOptions, + + CRYS_AES_EncryptModeLast= 0x7FFFFFFF, + +}CRYS_AES_EncryptMode_t; + +/* Enum defining the AES operation mode */ +typedef enum { + CRYS_AES_ECB_mode = 0, + CRYS_AES_CBC_mode = 1, + CRYS_AES_MAC_mode = 2, + CRYS_AES_CTR_mode = 3, + CRYS_AES_XCBC_MAC_mode = 4, + CRYS_AES_CMAC_mode = 5, + CRYS_AES_XTS_mode = 6, + CRYS_AES_CCM_mode = 7, + + CRYS_AES_NumOfModes, + + CRYS_AES_OperationModeLast= 0x7FFFFFFF, + +}CRYS_AES_OperationMode_t; + +/************************ Typedefs ****************************/ + +/* Defines the IV counter buffer - 16 bytes array */ +typedef DxUint8_t CRYS_AES_IvCounter_t[CRYS_AES_IV_COUNTER_SIZE_IN_BYTES]; + +/* Define the XTS Tweak value type - 16 bytes array */ +typedef CRYS_AES_IvCounter_t CRYS_AES_XTS_Tweak_t; + +/* Defines the AES key buffer */ +typedef DxUint8_t CRYS_AES_Key_t[CRYS_AES_KEY_MAX_SIZE_IN_BYTES]; + +/* Defines the AES MAC result maximum size buffer */ +typedef DxUint8_t CRYS_AES_MAX_MAC_RESULT_t[CRYS_AES_IV_COUNTER_SIZE_IN_BYTES]; + +#define CRYS_AES_SYS_WriteRegistersBlock( addr , buffer , size_in_words ) \ +do \ +{ \ + DxUint32_t im0,km0; \ + for ( im0 = 0 , km0=(DX_CC_REG_ADDR(CRY_KERNEL, DIN_BUFFER)) ; im0 < (size_in_words) ; km0+=sizeof(DxUint32_t) , im0++ ) \ + { \ + WRITE_REGISTER( km0, buffer[im0]);\ + } \ +}while(0) + +/************************ context Structs ******************************/ + +/* The user's context prototype - the argument type that will be passed by the user + to the APIs called by him */ +typedef struct CRYS_AESUserContext_t { + /* Allocated buffer must be double the size of actual context + * + 1 word for offset management */ + DxUint32_t buff[CRYS_AES_USER_CTX_SIZE_IN_WORDS]; +}CRYS_AESUserContext_t; + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +/****************************************************************************************************/ +/** + * @brief This function is used to initialize the AES machine or SW structures. + * To perform the AES operations this should be the first function called. + * + * The actual macros, that will be used by the user for calling this function, are described + * in crys_aes.h file. + * + * @param[in] ContextID_ptr - A pointer to the AES context buffer that is allocated by the user + * and is used for the AES machine operation. + * @param[in] IVCounter_ptr - A buffer containing an initial value: IV, Counter or Tweak according + * to operation mode: + * - on ECB, XCBC, CMAC mode this parameter is not used and may be NULL, + * - on CBC and MAC modes it contains the IV value, + * - on CTR mode it contains the init counter, + * - on XTS mode it contains the initial tweak value - 128-bit consecutive number + * of data unit (in little endian). + * @param[in] Key_ptr - A pointer to the user's key buffer (set to NULL for secret key). + * @param[in] KeySize - An enum parameter, defines size of used key (128, 192, 256, 512 bits): + * On XCBC mode allowed 128 bit size only, on XTS - 256 or 512 bit, on other modes <= 256 bit. + * @param[in] EncryptDecryptFlag - A flag specifying whether the AES should perform an Encrypt operation (0) + * or a Decrypt operation (1). In XCBC and CMAC modes it must be Encrypt. + * @param[in] OperationMode - The operation mode: ECB, CBC, MAC, CTR, XCBC (PRF and 96), CMAC. + * + * @return CRYSError_t - On success the value CRYS_OK is returned, and on failure - a value from crys_aes_error.h + */ +CIMPORT_C CRYSError_t CRYS_AES_Init( + CRYS_AESUserContext_t *ContextID_ptr, + CRYS_AES_IvCounter_t IVCounter_ptr, + CRYS_AES_Key_t Key_ptr, + CRYS_AES_KeySize_t KeySizeID, + CRYS_AES_EncryptMode_t EncryptDecryptFlag, + CRYS_AES_OperationMode_t OperationMode); + + +/* + Macro CRYS_AES_Init_XCBCandCMAC is called when the user performs an AES operation on XCBC and CMAC modes. + Macro CRYS_AES_XTS_Init is called when the user performs an AES operation on XTS mode. +*/ +#define CRYS_AES_Init_XCBCandCMAC( ContextID_ptr, Key_ptr, KeySize, OperationMode ) \ + CRYS_AES_Init( (ContextID_ptr),DX_NULL,(Key_ptr),(KeySize),CRYS_AES_Encrypt,(OperationMode)) + +#define CRYS_AES_XTS_Init( ContextID_ptr, Tweak_ptr, Key_ptr, KeySize, EncryptDecryptFlag ) \ + CRYS_AES_Init( (ContextID_ptr),(Tweak_ptr),(Key_ptr),(KeySize),(EncryptDecryptFlag),CRYS_AES_XTS_mode) + +/****************************************************************************************************/ +/** + * @brief This function is used to operate a block of data on the SW or on AES machine. + * This function should be called after the appropriate CRYS AES init function + * (according to used AES operation mode). + * + * @param[in] ContextID_ptr - A pointer to the AES context buffer allocated by the user that + * is used for the AES machine operation. This should be the same context that was + * used on the previous call of this session. + * + * @param[in] DataIn_ptr - A pointer to the buffer of the input data to the AES. The pointer does + * not need to be aligned. On CSI input mode the pointer must be equal to + * value (0xFFFFFFFC | DataInAlignment). + * + * @param[in] DataInSize - A size of the input data must be multiple of 16 bytes and not 0, + * on all modes. Note last chunk (block) of data must be processed by + * CRYS_AES_Finish function but not by CRYS_AES_Block function; + * + * @param[out] DataOut_ptr - A pointer to the buffer of the output data from the AES. The pointer does not + * need to be aligned. On CSI output mode the pointer must be equal to + * value (0xFFFFFFFC | DataOutAlignment). On all MAC modes (MAC,XCBC, CMAC) CSI + * output is not allowed. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* CRYS_DES_error.h + * + * NOTES: 1. Temporarily it is not allowed, that both the Input and the Output simultaneously + * were on CSI mode. + * 2. Temporarily the CSI input or output are not allowed on XCBC, CMAC and XTS modes. + */ +CIMPORT_C CRYSError_t CRYS_AES_Block( CRYS_AESUserContext_t *ContextID_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr ); + + +/****************************************************************************************************/ +/** + * @brief This function is used as finish operation on all AES modes. + * + * The function must be called after AES_Block operations (or instead) for last chunck + * of data with size > 0. + * + * The function performs all operations, including specific operations for last blocks of + * data on some modes (XCBC, CMAC, MAC) and puts out the result. After all operations + * the function cleans the secure sensitive data from context. + * + * 1. Checks the validation of all of the inputs of the function. + * If one of the received parameters is not valid it shall return an error. + * 2. Decrypts the received context to the working context by calling the + * CRYS_CCM_GetContext function. + * 3. Calls the LLF_AES_Finish function. + * 4. Outputs the result and cleans working context. + * 5. Exits + * + * + * @param[in] ContextID_ptr - A pointer to the AES context buffer allocated by the user that + * should be the same context that was used on the previous call + * of this session. + * @param[in] DataIn_ptr - A pointer to the buffer of the input data to the AES. The pointer does + * not need to be aligned. On CSI input mode the pointer must be equal to + * value (0xFFFFFFFC | DataInAlignment). + * @param[in] DataInSize - A size of the input data must be: DataInSize >= minimalSize, where: + * minimalSize = + * - 1 byte for CTR, XCBC, CMAC mode; + * - 16 bytes for other modes. + * @param[out] DataOut_ptr - A pointer to the output buffer. The pointer does not need to be aligned. + * On CSI output mode the pointer must be equal to value + * (0xFFFFFFFC | DataOutAlignment). On some modes (MAC,XCBC,CMAC,XTS) + * CSI output is not allowed. Temporarily is not allowed, that both the + * Input and the output are on CSI mode simultaneously. + * The size of the output buffer must be not less than: + * - 16 bytes for MAC, XCBC, CMAC modes; + * - DataInSize for ECB,CBC,CTR,XTS modes. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure - a value defined in crys_aes_error.h. + * + */ +CIMPORT_C CRYSError_t CRYS_AES_Finish( + CRYS_AESUserContext_t *ContextID_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr ); + +/****************************************************************************************************/ +/** + * @brief This function is used to perform the AES operation in one integrated process. + * + * The actual macros, that will be used by the user for calling this function, are described + * in crys_aes.h file. + * + * The input-output parameters of the function are the following: + * + * @param[in] ContextID_ptr - A pointer to the AES context buffer that is allocated by the user + * and is used for the AES machine operation. + * @param[in] IVCounter_ptr - A buffer containing an initial value: IV, Counter or Tweak according + * to operation mode: + * - on ECB, XCBC, CMAC mode this parameter is not used and may be NULL, + * - on CBC and MAC modes it contains the IV value, + * - on CTR mode it contains the init counter, + * - on XTS mode it contains the initial tweak value - 128-bit consecutive number + * of data unit (in little endian). + * @param[in] Key_ptr - A pointer to the user's key buffer (set to NULL for secret key). + * @param[in] KeySize - An enum parameter, defines size of used key (128, 192, 256 bits). + * @param[in] EncryptDecryptFlag - A flag specifying whether the AES should perform an Encrypt operation (0) + * or a Decrypt operation (1). In XCBC and CMAC modes it must be 0. + * @param[in] OperationMode - The operation mode: ECB, CBC, MAC, CTR, XCBC (PRF and 96), CMAC, XTS. + * @param[in] DataIn_ptr - A pointer to the buffer of the input data to the AES. The pointer does + * not need to be aligned. On CSI input mode the pointer must be equal to + * value (0xFFFFFFFC | DataInAlignment). + * + * @param[in] DataInSize - The size of the input data, it must be: + * - on ECB,CBC,MAC modes must be not 0 and must be a multiple of 16 bytes, + * - on CTR, XCBC and CMAC modes must be not 0, + * - on XTS mode must be or multiple of 16 bytes (not 0), or not less than 17 bytes. + * @param[out] DataOut_ptr - A pointer to the buffer of the output data from the AES. The pointer does not + * need to be aligned. On CSI output mode the pointer must be equal to + * value (0xFFFFFFFC | DataOutAlignment). On all MAC modes (MAC,XCBC, CMAC) CSI + * output is not allowed. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a value defined in crys_aes_error.h + * + * NOTES: 1. Temporarily it is not allowed, that both the Input and the Output simultaneously + * were on CSI mode. + * 2. Temporarily the CSI input or output are not allowed on XCBC, CMAC and XTS modes. + * + */ +CIMPORT_C CRYSError_t CRYS_AES( CRYS_AES_IvCounter_t IVCounter_ptr, + CRYS_AES_Key_t Key_ptr, + CRYS_AES_KeySize_t KeySize, + CRYS_AES_EncryptMode_t EncryptDecryptFlag, + CRYS_AES_OperationMode_t OperationMode , + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr ); + + +/****************************************************************************************************/ +/** + \brief These macros the user should call when operating the AES in one integrated operation. + Note that the return value is CRYSError_t. + + Macro CRYS_AES_XCBCandCMAC is called when the user performs AES operation on XCBC and CMAC modes. + Macro CRYS_AES_XTS is called when the user performs AES operation on XTS mode. +*/ + +#define CRYS_AES_XCBCandCMAC( Key_ptr,KeySize,OperationMode,DataIn_ptr,DataInSize,DataOut_ptr ) \ + CRYS_AES( DX_NULL,(Key_ptr),(KeySize),CRYS_AES_Encrypt,(OperationMode),(DataIn_ptr),(DataInSize),(DataOut_ptr)) + +#define CRYS_AES_XTS( Tweak_ptr, Key1_ptr,KeySize,EncryptDecryptFlag,DataIn_ptr,DataInSize,DataOut_ptr ) \ + CRYS_AES( (Tweak_ptr),(Key1_ptr),(KeySize),(EncryptDecryptFlag),CRYS_AES_XTS_mode,(DataIn_ptr),(DataInSize),(DataOut_ptr)) + + +#ifndef CRYS_NO_AES_WRAP_SUPPORT +/************************************************************************** + * CRYS_AES_Wrap function * + **************************************************************************/ +/** + @brief The CRYS_AES_Wrap function implements the following algorithm + (rfc3394, Sept. 2002): + + Inputs: Plaintext DataIn, n 64-bit values {P1, P2, ..., Pn}, + KeyData, K (the KEK). + Outputs: Ciphertext, WrapDataOut (n+1) 64-bit values {C0, C1, ..., Cn}. + + + @param[in] DataIn_ptr - A pointer to plain text data to be wrapped + NOTE: Overlapping between the data input and data output buffer + is not allowed, except the inplace case that is legal . + @param[in] DataInLen - Length of data in bytes. DataLen must be multiple of + 8 bytes and must be in range [8, 512]. + @param[in] KeyData - A pointer to key data (key encryption key - KEK). + @param[in] KeySize - Enumerator variable, defines length of key. + @param[in] Reserved - Reserved param, should not be used. + @param[out] WrapDataOut_ptr - A pointer to buffer for output of wrapped data. + @param[in/out] WrapDataLen_ptr - A pointer to a buffer for input of size of + user passed buffer and for output actual + size of unwrapped data in bytes. Buffer size must + be not less than DataLen+CRYS_AES_WRAP_BLOCK_SIZE_IN_BYTES. + @return CRYSError_t - CRYS_OK, or error message + CRYS_AES_WRAP_ILLEGAL_DATA_PTR_ERROR + CRYS_AES_WRAP_DATA_LENGTH_ERROR + CRYS_AES_WRAP_ILLEGAL_KEY_PTR_ERROR + CRYS_AES_WRAP_KEY_LENGTH_ERROR + CRYS_AES_WRAP_ILLEGAL_WRAP_DATA_PTR_ERROR + CRYS_AES_WRAP_ILLEGAL_WRAP_DATA_LEN_PTR_ERROR + CRYS_AES_WRAP_ILLEGAL_WRAP_DATA_LENGTH_ERROR + CRYS_AES_WRAP_DATA_OUT_DATA_IN_OVERLAP_ERROR + CRYS_AES_WRAP_IS_SECRET_KEY_FLAG_ILLEGAL_ERROR + + NOTE: On error exiting from function the output buffer may be zeroed by the function. +*/ +CIMPORT_C CRYSError_t CRYS_AES_Wrap ( + DxUint8_t *DataIn_ptr, /*in*/ + DxUint32_t DataInLen, /*in*/ + CRYS_AES_Key_t KeyData, /*in*/ + CRYS_AES_KeySize_t KeySize, /*in*/ + DxInt8_t Reserved, /*in*/ + DxUint8_t *WrapDataOut_ptr, /*out*/ + DxUint32_t *WrapDataLen_ptr /*in/out*/ ); + + + +/************************************************************************** + * CRYS_AES_Uwnrap function * + **************************************************************************/ +/** + @brief The CRYS_AES_Unwrap function performs inverse AES_Wrap transformation + and implements the following algorithm (rfc3394, Sept. 2002): + + Inputs: Ciphertext, (n+1) 64-bit values {C0, C1, ..., Cn}, and + K - key (the KEK). + + Outputs: Plaintext, n 64-bit values {P1, P2, ..., Pn}. + + + @param[in] WrapDataIn_ptr - A pointer to wrapped data to be unwrapped + NOTE: Overlapping between the data input and data output buffer + is not allowed, except the inplace case that is legal . + @param[in] WrapDataInLen - Length of wrapped data in bytes. DataLen must be multiple of + 8 bytes and must be in range [16, 512+8]. + @param[in] KeyData - A pointer to key data (key encryption key - KEK). + @param[in] KeySize - Enumerator variable, defines length of key. + @param[in] Reserved - Reserved param, should not be used. + @param[out] DataOut_ptr - A pointer to buffer for output of unwrapped data. + @param[in/out] DataOutLen_ptr - A pointer to a buffer for input of size of user passed + buffer and for output of actual size of unwrapped data in bytes. + DataOutLen must be multiple of 8 bytes and must be not less + than WrapDataInLen - CRYS_AES_WRAP_BLOCK_SIZE_IN_BYTES. + + @return CRYSError_t - CRYS_OK, or error message + CRYS_AES_UNWRAP_WRAP_DATA_LENGTH_ERROR + CRYS_AES_UNWRAP_ILLEGAL_KEY_PTR_ERROR + CRYS_AES_UNWRAP_KEY_LEN_ERROR + CRYS_AES_UNWRAP_ILLEGAL_DATA_PTR_ERROR + CRYS_AES_UNWRAP_ILLEGAL_DATA_LEN_PTR_ERROR + CRYS_AES_UNWRAP_ILLEGAL_DATA_LENGTH_ERROR + CRYS_AES_UNWRAP_FUNCTION_FAILED_ERROR + CRYS_AES_UNWRAP_DATA_OUT_DATA_IN_OVERLAP_ERROR + CRYS_AES_UNWRAP_IS_SECRET_KEY_FLAG_ILLEGAL_ERROR + + NOTE: On error exiting from function the output buffer may be zeroed by the function. + +*/ +CIMPORT_C CRYSError_t CRYS_AES_Unwrap( + DxUint8_t *WrapDataIn_ptr, /*in*/ + DxUint32_t WrapDataInLen, /*in*/ + CRYS_AES_Key_t KeyData, /*in*/ + CRYS_AES_KeySize_t KeySize, /*in*/ + DxInt8_t Reserved, /*in*/ + DxUint8_t *DataOut_ptr, /*out*/ + DxUint32_t *DataOutLen_ptr /*in/out*/ ); + +#endif /*CRYS_NO_AES_WRAP_SUPPORT*/ + +/************************************************************************** + * CRYS_AES_SetIv function * + **************************************************************************/ +/** + @brief The CRYS_AES_SetIv function puts a new initial vector into + an existing context. + + Inputs: New IV vector + + Outputs: Result + + @param[in/out] ContextID_ptr - A pointer to the AES context buffer that is allocated by the user + and is used for the AES machine operation. + + @return CRYSError_t - CRYS_OK, or error message + CRYS_AES_INVALID_USER_CONTEXT_POINTER_ERROR + +*/ +CIMPORT_C CRYSError_t CRYS_AES_SetIv(CRYS_AESUserContext_t *ContextID_ptr, + DxUint8_t *iv_ptr); + + + +/************************************************************************** + * CRYS_AES_GetIv function * + **************************************************************************/ +/** + @brief The CRYS_AES_GetIv function retrieves the initial vector from + the context. + + Inputs: IV vector buffer + + Outputs: Result + + @param[in/out] ContextID_ptr - A pointer to the AES context buffer that is allocated by the user + and is used for the AES machine operation. + + @return CRYSError_t - CRYS_OK, or error message + CRYS_AES_INVALID_USER_CONTEXT_POINTER_ERROR + +*/ +CIMPORT_C CRYSError_t CRYS_AES_GetIv(CRYS_AESUserContext_t *ContextID_ptr, + DxUint8_t *iv_ptr); + + +/***********************************************************************************/ + + +#ifdef __cplusplus +} +#endif + +#endif /* #ifndef CRYS_AES_H */ + + + + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_aes.xml b/peripheral/keystore/chaabi/libcc54/include/crys/crys_aes.xml new file mode 100644 index 0000000..8689916 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_aes.xml @@ -0,0 +1,63 @@ +<?xml version="1.0" encoding="US-ASCII" ?> +<!--**************************************************************** +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +*****************************************************************--> + +<!-- SepRpcTest API description: An API dedicated to test the RPC mechanism --> + +<api name="CrysAes"> <!-- The AesWrapRpc API Agent ID --> + + <!-- Default return codes for generated wrapper code (may be overriden for specific functions --> + <retcodes ok="CRYS_OK" generic_error="CRYS_AES_UNWRAP_FUNCTION_FAILED_ERROR" invalid_param="CRYS_AES_WRAP_DATA_LENGTH_ERROR" not_enough_resources="CRYS_AES_WRAP_ILLEGAL_DATA_PTR_ERROR" /> + + <!-- Header files to include for prototypes --> + <header>crys_aes.h</header> + <header>crys_aes_error.h</header> + + <function name="CRYS_AES_Wrap" return="le32(CRYSError_t)"> + <!-- + CRYSError_t CRYS_AES_Wrap ( + DxUint8_t *DataIn_ptr, /*in*/ + DxUint32_t DataInLen, /*in*/ + CRYS_AES_Key_t KeyData, /*in*/ + CRYS_AES_KeySize_t KeySize, /*in*/ + DxInt8_t Reserved, /*in*/ + DxUint8_t *WrapDataOut_ptr, /*out*/ + DxUint32_t *WrapDataLen_ptr /*in/out*/ ); + --> + <param name="DataIn_ptr" direction="i" ptype="array(DataInLen,CRYS_AES_WRAP_DATA_MAX_SIZE_IN_BYTES)" dtype="DxUint8_t" /> <!--DxUint8_t *DataIn_ptr --> + <param name="DataInLen" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> <!--DxUint32_t DataInLen --> + <param name="KeyData" direction="i" ptype="array(32,32)" dtype="DxUint8_t"/> <!--CRYS_AES_Key_t KeyData--> + <param name="KeySize" direction="i" ptype="val" dtype="le32(CRYS_AES_KeySize_t)" /> <!--CRYS_AES_KeySize_t KeySize --> + <param name="Reserved" direction="i" ptype="val" dtype="DxInt8_t" /> <!--DxInt8_t isSecretKey --> + <param name="WrapDataOut_ptr" direction="o" ptype="array((*WrapDataLen_ptr),(CRYS_AES_WRAP_DATA_MAX_SIZE_IN_BYTES+CRYS_AES_WRAP_BLOCK_SIZE_IN_BYTES))" dtype="DxUint8_t" /> <!--DxUint8_t *WrapDataOut_ptr--> + <param name="WrapDataLen_ptr" direction="io" ptype="ref" dtype="le32(DxUint32_t)" /> <!--DxUint32_t *WrapDataLen_ptr --> + + </function> + + <function name="CRYS_AES_Unwrap" return="le32(CRYSError_t)"> + <!-- + CRYSError_t CRYS_AES_Unwrap( DxUint8_t *WrapDataIn_ptr, /*in*/ + DxUint32_t WrapDataInLen, /*in*/ + CRYS_AES_Key_t KeyData, /*in*/ + CRYS_AES_KeySize_t KeySize, /*in*/ + DxInt8_t Reserved, /*in*/ + DxUint8_t *DataOut_ptr, /*out*/ + DxUint32_t *DataOutLen_ptr /*in/out*/ ) + --> + <param name="WrapDataIn_ptr" direction="i" ptype="array(WrapDataInLen, (CRYS_AES_WRAP_DATA_MAX_SIZE_IN_BYTES + CRYS_AES_WRAP_BLOCK_SIZE_IN_BYTES))" dtype="DxUint8_t" /> <!--DxUint8_t *DataIn_ptr --> + <param name="WrapDataInLen" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> <!--DxUint32_t DataInLen --> + <param name="KeyData" direction="i" ptype="array(32,32)" dtype="DxUint8_t"/> <!--CRYS_AES_Key_t KeyData--> + <param name="KeySize" direction="i" ptype="val" dtype="le32(CRYS_AES_KeySize_t)" /> <!--CRYS_AES_KeySize_t KeySize --> + <param name="Reserved" direction="i" ptype="val" dtype="DxInt8_t" /> <!--DxInt8_t isSecretKey --> + <param name="DataOut_ptr" direction="o" ptype="array((*DataOutLen_ptr),CRYS_AES_WRAP_DATA_MAX_SIZE_IN_BYTES)" dtype="DxUint8_t" /> <!--DxUint8_t *WrapDataOut_ptr--> + <param name="DataOutLen_ptr" direction="io" ptype="ref" dtype="le32(DxUint32_t)" /> <!--DxUint32_t *WrapDataLen_ptr --> + + </function> + + +</api> + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_aes_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_aes_error.h new file mode 100644 index 0000000..6db01a3 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_aes_error.h @@ -0,0 +1,102 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_AES_ERROR_H +#define CRYS_AES_ERROR_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object % crys_aes_error.h : % + * State : %state% + * Creation date : Sun Nov 21 11:07:08 2004 + * Last modified : %modify_time% + */ + /** @file + * \brief This module containes the definitions of the CRYS AES errors. + * + * \version crys_aes_error.h#1:incl:1 + * \author adams + */ + + + + +/************************ Defines ******************************/ + +/* The CRYS AES module errors base address - 0x00F00000 */ +#define CRYS_AES_INVALID_USER_CONTEXT_POINTER_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x00UL) +#define CRYS_AES_INVALID_IV_OR_TWEAK_PTR_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x01UL) +#define CRYS_AES_ILLEGAL_OPERATION_MODE_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x02UL) +#define CRYS_AES_ILLEGAL_KEY_SIZE_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x03UL) +#define CRYS_AES_INVALID_KEY_POINTER_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x04UL) +#define CRYS_AES_INVALID_ENCRYPT_MODE_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x06UL) +#define CRYS_AES_USER_CONTEXT_CORRUPTED_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x07UL) +#define CRYS_AES_DATA_IN_POINTER_INVALID_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x08UL) +#define CRYS_AES_DATA_OUT_POINTER_INVALID_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x09UL) +#define CRYS_AES_DATA_IN_SIZE_ILLEGAL (CRYS_AES_MODULE_ERROR_BASE + 0x0AUL) +#define CRYS_AES_DATA_OUT_DATA_IN_OVERLAP_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x0BUL) +#define CRYS_AES_DECRYPT_MODE_NOT_ALLOWED_ON_CTR_MODE (CRYS_AES_MODULE_ERROR_BASE + 0x0CUL) +#define CRYS_AES_XTS_IS_NOT_SUPPORTED_ON_HW_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x0DUL) +#define CRYS_AES_DATA_OUT_SIZE_POINTER_INVALID_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x10UL) +#define CRYS_AES_DATA_OUT_SIZE_INVALID_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x11UL) +#define CRYS_AES_DECRYPTION_NOT_ALLOWED_ON_THIS_MODE (CRYS_AES_MODULE_ERROR_BASE + 0x12UL) +#define CRYS_AES_NOT_ALLOWED_KEY_TYPE_ON_THIS_MODE (CRYS_AES_MODULE_ERROR_BASE + 0x13UL) +#define CRYS_AES_ILLEGAL_SECRET_KEY_MODE (CRYS_AES_MODULE_ERROR_BASE + 0x14UL) +#define CRYS_AES_ADDITIONAL_BLOCK_NOT_PERMITTED_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x15UL) + +/* The CRYS_AES_Wrap and CRYS_AES_Unrap errors */ +#define CRYS_AES_WRAP_ILLEGAL_DATA_PTR_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x30UL) +#define CRYS_AES_WRAP_DATA_LENGTH_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x31UL) +#define CRYS_AES_WRAP_ILLEGAL_KEY_PTR_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x32UL) +#define CRYS_AES_WRAP_KEY_LENGTH_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x33UL) +#define CRYS_AES_WRAP_ILLEGAL_WRAP_DATA_PTR_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x34UL) +#define CRYS_AES_WRAP_ILLEGAL_WRAP_DATA_LEN_PTR_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x35UL) +#define CRYS_AES_WRAP_ILLEGAL_WRAP_DATA_LENGTH_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x36UL) +#define CRYS_AES_WRAP_DATA_OUT_DATA_IN_OVERLAP_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x37UL) +#define CRYS_AES_WRAP_IS_SECRET_KEY_FLAG_ILLEGAL_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x38UL) + +#define CRYS_AES_UNWRAP_ILLEGAL_WRAP_DATA_PTR_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x40UL) +#define CRYS_AES_UNWRAP_WRAP_DATA_LENGTH_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x41UL) +#define CRYS_AES_UNWRAP_ILLEGAL_KEY_PTR_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x42UL) +#define CRYS_AES_UNWRAP_KEY_LEN_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x43UL) +#define CRYS_AES_UNWRAP_ILLEGAL_DATA_PTR_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x44UL) +#define CRYS_AES_UNWRAP_ILLEGAL_DATA_LEN_PTR_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x45UL) +#define CRYS_AES_UNWRAP_ILLEGAL_DATA_LENGTH_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x46UL) +#define CRYS_AES_UNWRAP_FUNCTION_FAILED_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x47UL) +#define CRYS_AES_UNWRAP_DATA_OUT_DATA_IN_OVERLAP_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x48UL) +#define CRYS_AES_UNWRAP_IS_SECRET_KEY_FLAG_ILLEGAL_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x49UL) + +#define CRYS_AES_XTS_IS_NOT_SUPPORTED_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x50UL) +#define CRYS_AES_ILLEGAL_PARAMS_ERROR (CRYS_AES_MODULE_ERROR_BASE + 0x60UL) +#define CRYS_AES_IS_NOT_SUPPORTED (CRYS_AES_MODULE_ERROR_BASE + 0xFFUL) + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Structs *****************************/ + +/************************ Public Variables *********************/ + +/************************ Public Functions *********************/ + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_aesccm.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_aesccm.h new file mode 100644 index 0000000..49542d0 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_aesccm.h @@ -0,0 +1,260 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_AESCCM_H +#define CRYS_AESCCM_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "dx_pal_types.h" +#include "crys_error.h" +#include "crys_defs.h" +#include "crys_aes.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + + /** @file + * \brief This file contains all of the enums and definitions that are used for the + * CRYS AESCCM APIs, as well as the APIs themselves. + * + * \version CRYS_AESCCM.h#1:incl:13 + * \author Levin R. + */ + +/************************ Defines ******************************/ + +#ifdef DX_CC_SEP +#define CRYS_AESCCM_USER_CTX_SIZE_IN_WORDS 33 +#else +#define CRYS_AESCCM_USER_CTX_SIZE_IN_WORDS 288 +#endif + +/** +@brief - a definition describing the low level Engine type ( SW , Hardware , Etc ) +*/ + +/* key and key buffer sizes definitions */ +#define CRYS_AESCCM_KeySize_t CRYS_AES_KeySize_t +#define CRYS_AESCCM_KEY_SIZE_WORDS 8 + +/* nonce and AESCCM-MAC sizes definitions */ +#define CRYS_AESCCM_NONCE_MIN_SIZE_BYTES 7 +#define CRYS_AESCCM_NONCE_MAX_SIZE_BYTES 13 +#define CRYS_AESCCM_MAC_MIN_SIZE_BYTES 4 +#define CRYS_AESCCM_MAC_MAX_SIZE_BYTES 16 + +/* AES CCM encrypt-decrypt mode */ +#define CRYS_AESCCM_Decrypt CRYS_AES_Decrypt +#define CRYS_AESCCM_Encrypt CRYS_AES_Encrypt + + +/************************ Typedefs ****************************/ + +/* Defines the AES_CCM key buffer */ +typedef DxUint8_t CRYS_AESCCM_Key_t[CRYS_AESCCM_KEY_SIZE_WORDS * sizeof(DxUint32_t)]; +typedef DxUint8_t CRYS_AESCCM_Mac_Res_t[CRYS_AES_BLOCK_SIZE_IN_BYTES]; + + +/******************* Context Structure ***********************/ +/* The user's context structure - the argument type that will be passed by the user + to the APIs called by him */ +typedef struct CRYS_AESCCM_UserContext_t +{ +/* Allocated buffer must be double the size of actual context +* + 1 word for offset management */ + DxUint32_t buff[CRYS_AESCCM_USER_CTX_SIZE_IN_WORDS]; +}CRYS_AESCCM_UserContext_t; + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + + +/****************************************************************************************************/ +/******** AESCCM FUNCTIONS ******/ +/****************************************************************************************************/ + +/** +* @brief This function transfers the AESCCM_init function parameters from HOST to +* SEP and backwards for operating AESCCM_init. +* +* @param[in] ContextID_ptr - A pointer to the AESCCM context buffer, that is allocated by the user +* and is used for the AESCCM operations. +* @param[in] EncrDecrMode - Enumerator variable defining operation mode (0 - encrypt; 1 - decrypt). +* @param[in] CCM_Key - A buffer, containing the AESCCM key passed by user (predefined size 128 bits). +* @param[in] KeySizeID - An enum parameter, defines size of used key (128, 192, 256). +* @param[in] AdataSize - Full size of additional data in bytes, which must be processed. +* Limitation in our implementation is: AdataSize < 2^32. If Adata is absent, +* then AdataSize = 0. +* @param[in] TextSize - The full size of text data (in bytes), which must be processed by CCM. +* +* @param[in] N_ptr - A pointer to Nonce - unique value assigned to all data passed into CCM. +* Bytes order - big endian form (MSB is the first). +* @param[in] SizeOfN - The size of the user passed Nonce (in bytes). +* It is an element of {7,8,9,10,11,12,13}. +* @param[in] SizeOfT - Size of AESCCM MAC output T in bytes. Valid values: [4,6,8,10,12,14,16]. +* +* +* @return CRYSError_t - On success CRYS_OK is returned, on failure an error according to CRYS_AESCCM_error.h +* +*/ +CIMPORT_C CRYSError_t CRYS_AESCCM_Init( + CRYS_AESCCM_UserContext_t *ContextID_ptr, + CRYS_AES_EncryptMode_t EncrDecrMode, + CRYS_AESCCM_Key_t CCM_Key, /*AESCCM key*/ + CRYS_AESCCM_KeySize_t KeySizeId, /* key size ID*/ + DxUint32_t AdataSize, /*full size of additional data*/ + DxUint32_t TextSize, /*full size of text data*/ + DxUint8_t *N_ptr, /*Nonce*/ + DxUint8_t SizeOfN, /*size of N buffer*/ + DxUint8_t SizeOfT ); /*size of CCM-MAC (T) */ + + + +/** +* @brief This function transfers the CRYS_AESCCM_BlockAdata function parameters from HOST to +* SEP and backwards for operating CRYS_AESCCM_BlockAdata on SEP. +* +* @param[in] ContextID_ptr - A pointer to the AESCCM context buffer allocated by the user that +* is used for the AESCCM machine operation. This should be the same +* context that was used on the previous call of this session. +* @param[in] DataIn_ptr - A pointer to the buffer of the input additional data. +* The pointer does not need to be aligned. +* @param[in] DataInSize - A size of the additional data in bytes. +* +* @return CRYSError_t - On success CRYS_OK is returned, on failure an error according to +* CRYS_AESCCM_error.h +* Restrictions: +* 1. The entire input data MUST pass in a single invocation. +* 2. Size of input data may have any size. +* +*/ +CIMPORT_C CRYSError_t CRYS_AESCCM_BlockAdata( + CRYS_AESCCM_UserContext_t *ContextID_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize ); + + +/** +* @brief This function transfers the CRYS_AESCCM_BlockTextData function parameters from HOST to +* SEP and backwards for operating CRYS_AESCCM_BlockTextData on SEP. +* +* @param[in] ContextID_ptr - A pointer to the AESCCM context buffer allocated by the user that +* is used for the AES machine operation. This should be the same +* context that was used on the previous call of this session. +* @param[in] DataIn_ptr - A pointer to the buffer of the input data (plain or cipher text). +* The pointer does not need to be aligned. +* @param[in] DataInSize - A size of the data block in bytes: must be multiple of 16 bytes and not 0. +* The block of data must be not a last block, that means: +* - on Encrypt mode: DataInSize < CCM_Context->RemainTextSize; +* - on Decrypt mode: DataInSize < CCM_Context->RemainTextSize - SizeOfT; +* @param[out] DataOut_ptr - A pointer to the output buffer (cipher or plain text). +* The pointer does not need to be aligned. +* Size of the output buffer must be not less, than DataInSize. +* +* @return CRYSError_t - On success CRYS_OK is returned, on failure a +* value MODULE_* CRYS_AESCCM_error.h +* Notes: +* 1. Overlapping of the in-out buffers is not allowed, excluding the in placement case: +* DataIn_ptr = DataOut_ptr. +*/ +CIMPORT_C CRYSError_t CRYS_AESCCM_BlockTextData( + CRYS_AESCCM_UserContext_t *ContextID_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr ); + +/** +* @brief This function transfers the CRYS_AESCCM_BlockLastTextData function parameters from HOST to +* SEP and backwards for operating CRYS_AESCCM_BlockLastTextData on SEP. +* +* @param[in] ContextID_ptr - A pointer to the AESCCM context buffer, allocated by the user, +* that is used for the AESCCM operations. This should be the same +* context that was used on the previous call of this session. +* @param[in] DataIn_ptr - A pointer to the buffer of the input data (plain or cipher text). +* The pointer does not need to be aligned. +* @param[in] DataInSize - A size of the data block in bytes. The size must be equal to remaining +* size value, saved in the context. +* @param[in] DataOut_ptr - A pointer to the output buffer (cipher or plain text). If +* user passes DataInSize 0 bytes the DataOut_ptr may be equal to NULL. +* The pointer does not need to be aligned. +* @param[in] MacRes - A pointer to the Mac buffer. +* @param[out] SizeOfT - size of MAC in bytes as defined in CRYS_AESCCM_Init function. +* +* @return CRYSError_t - On success CRYS_OK is returned, on failure a +* value MODULE_* CRYS_AESCCM_error.h +* Notes: +* 1. Overlapping of the in-out buffers is not allowed, excluding the in placement case: +* DataIn_ptr = DataOut_ptr. +*/ +CIMPORT_C CRYSError_t CRYS_AESCCM_Finish(CRYS_AESCCM_UserContext_t *ContextID_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr, + CRYS_AESCCM_Mac_Res_t MacRes, + DxUint8_t *SizeOfT); + + +/** + * @brief This function is used to perform the AES_CCM operation in one integrated process. + * + * The function preforms CCM algorithm according to NIST 800-38C by call the CRYS_CCM + * Init, Block and Finish functions. + * + * The input-output parameters of the function are the following: + * + * @param[in] EncrDecrMode - Enumerator variable defining operation mode (0 - encrypt; 1 - decrypt). + * @param[in] CCM_Key - A buffer, containing the AESCCM key passed by user (predefined size 128 bits). + * @param[in] KeySizeId - An ID of AESCCM key size (according to 128, 192, or 256 bits size). + * @param[in] N_ptr - A pointer to Nonce - unique value assigned to all data passed into CCM. + * Bytes order - big endian form (MSB is the first). + * @param[in] SizeOfN - The size of the user passed Nonce (in bytes). + * It is an element of {7,8,9,10,11,12,13}. + * @param[in] ADataIn_ptr - A pointer to the additional data buffer. The pointer does + * not need to be aligned. + * @param[in] ADataInSize - The size of the additional data in bytes; + * @param[in] TextDataIn_ptr - A pointer to the input text data buffer (plain or cipher according to + * encrypt-decrypt mode). The pointer does not need to be aligned. + * @param[in] TextDataInSize - The size of the input text data in bytes: + * - on encrypt mode: (2^32 - SizeOfT) > DataInSize >= 0; + * - on Decrypt mode: 2^32 > DataInSize >= SizeOfT (SizeOfT from context). + * @param[out] TextDataOut_ptr - The output text data pointer (cipher or plain text data). + * + * @param[in] SizeOfT - Size of AES-CCM MAC output T in bytes. Valid values: [4,6,8,10,12,14,16]. + * + * @param[in/out] Mac_Res - AES-CCM MAC input/output . + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a value defined in CRYS_AESCCM_error.h + * + */ +CIMPORT_C CRYSError_t CRYS_AESCCM( + CRYS_AES_EncryptMode_t EncrDecrMode, /*CCM encrypt-decrypt mode*/ + CRYS_AESCCM_Key_t CCM_Key, /*AES-CCM key*/ + CRYS_AESCCM_KeySize_t KeySizeId, /*Key size ID*/ + DxUint8_t *N_ptr, /*Nonce*/ + DxUint8_t SizeOfN, /*size of N buffer*/ + DxUint8_t *ADataIn_ptr, /*input data pointer*/ + DxUint32_t ADataInSize, /*input data size*/ + DxUint8_t *TextDataIn_ptr, /*input data pointer*/ + DxUint32_t TextDataInSize, /*input data size*/ + DxUint8_t *TextDataOut_ptr,/*output data pointer*/ + DxUint8_t SizeOfT, /*size of CCM-MAC (T) */ + CRYS_AESCCM_Mac_Res_t Mac_Res ); + + +#ifdef __cplusplus +} +#endif + +#endif /*#ifndef CRYS_AESCCM_H*/ + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_aesccm_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_aesccm_error.h new file mode 100644 index 0000000..dfc7a01 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_aesccm_error.h @@ -0,0 +1,81 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_AESCCM_ERROR_H +#define CRYS_AESCCM_ERROR_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object % CRYS_AESCCM_error.h : % + * State : %state% + * Creation date : 25 Sept.2008 + * Last modified : %modify_time% + */ + /** @file + * \brief This module contains the definitions of the CRYS AESCCM errors. + * + * \version CRYS_AESCCM_error.h#1:incl:1 + * \author R.Levin + */ + +/************************ Defines ******************************/ + +/* The CRYS AESCCM module errors. + CRYS_AESCCM_MODULE_ERROR_BASE = 0x00F01500 */ +#define CRYS_AESCCM_INVALID_USER_CONTEXT_POINTER_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x00UL) +#define CRYS_AESCCM_ILLEGAL_KEY_SIZE_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x01UL) +#define CRYS_AESCCM_INVALID_KEY_POINTER_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x02UL) +#define CRYS_AESCCM_INVALID_ENCRYPT_MODE_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x03UL) +#define CRYS_AESCCM_USER_CONTEXT_CORRUPTED_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x04UL) +#define CRYS_AESCCM_DATA_IN_POINTER_INVALID_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x05UL) +#define CRYS_AESCCM_DATA_OUT_POINTER_INVALID_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x06UL) +#define CRYS_AESCCM_DATA_IN_SIZE_ILLEGAL (CRYS_AESCCM_MODULE_ERROR_BASE + 0x07UL) +#define CRYS_AESCCM_DATA_OUT_DATA_IN_OVERLAP_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x08UL) +#define CRYS_AESCCM_DATA_OUT_SIZE_INVALID_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x09UL) +#define CRYS_AESCCM_ADDITIONAL_BLOCK_NOT_PERMITTED_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x0AUL) +#define CRYS_AESCCM_ILLEGAL_DMA_BUFF_TYPE_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x0BUL) +#define CRYS_AESCCM_ILLEGAL_PARAMETER_SIZE_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x0CUL) +#define CRYS_AESCCM_ILLEGAL_PARAMETER_PTR_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x0DUL) +#define CRYS_AESCCM_ILLEGAL_DATA_TYPE_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x0EUL) +#define CRYS_AESCCM_CCM_MAC_INVALID_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x0FUL) +#define CRYS_AESCCM_LAST_BLOCK_NOT_PERMITTED_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x10UL) +#define CRYS_AESCCM_ILLEGAL_PARAMETER_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x11UL) +#define CRYS_AESCCM_NOT_ALL_ADATA_WAS_PROCESSED_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x13UL) +#define CRYS_AESCCM_NOT_ALL_DATA_WAS_PROCESSED_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x14UL) +#define CRYS_AESCCM_ADATA_WAS_PROCESSED_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x15UL) +#define CRYS_AESCCM_ILLEGAL_NONCE_SIZE_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x16UL) +#define CRYS_AESCCM_ILLEGAL_TAG_SIZE_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x17UL) + +#define CRYS_AESCCM_ILLEGAL_PARAMS_ERROR (CRYS_AESCCM_MODULE_ERROR_BASE + 0x29UL) +#define CRYS_AESCCM_IS_NOT_SUPPORTED (CRYS_AESCCM_MODULE_ERROR_BASE + 0xFFUL) + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Structs *****************************/ + +/************************ Public Variables *********************/ + +/************************ Public Functions *********************/ + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_bypass_api.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_bypass_api.h new file mode 100644 index 0000000..7414c24 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_bypass_api.h @@ -0,0 +1,63 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef __CRYS_BYPASS_API_H__ +#define __CRYS_BYPASS_API_H__ + +/*! \file crys_bypass_api.h + \brief This file include the implementation of the crys_bypass. +*/ +#include "dx_pal_types.h" +#include "crys_bypass_error.h" +#include "crys_defs.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/*! + * Memory copy using HW engines. + * The table below describes the supported copy modes that + * reference by the data input/output buffers: + * + * ---------------------------------------------- + * | DataIn_ptr | DataOut_ptr | + * |--------------------------------------------| + * | SRAM | DCACHE/SRAM/DLLI/MLLI | + * | ICACHE | DCACHE/SRAM/DLLI/MLLI | + * | DCACHE | DCACHE/SRAM/DLLI/MLLI | + * | DLLI | DCACHE/SRAM/DLLI | + * | MLLI | DCACHE/SRAM/MLLI | + * ---------------------------------------------- + * + * \param DataIn_ptr This is the source buffer which need to copy from. + * It may be a SeP local address or a DMA Object handle as described + * in the table above. + * \param DataSize In bytes + * \param DataOut_ptr This is the destination buffer which need to copy to. + * It may be a SeP local address or a DMA Object handle as described + * in the table above. + * + * Restriction: MLLI refers to DMA oject in System memory space. + * + * \return CRYSError_t On success CRYS_OK is returned, on failure an error according to + * CRYS_Bypass_error.h + */ +CIMPORT_C CRYSError_t CRYS_Bypass( DxUint8_t* DataIn_ptr, + DxUint32_t DataSize, + DxUint8_t* DataOut_ptr); + + + + +#ifdef __cplusplus +} +#endif + +#endif + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_bypass_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_bypass_error.h new file mode 100644 index 0000000..0def798 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_bypass_error.h @@ -0,0 +1,53 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_BYPASS_ERROR_H +#define CRYS_BYPASS_ERROR_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object % crys_aes_error.h : % + * State : %state% + * Creation date : Sun Nov 21 11:07:08 2004 + * Last modified : %modify_time% + */ +/************************ Defines ******************************/ +/* BYPASS module on the CRYS layer base address - 0x00F01800 */ +#define CRYS_BYPASS_INVALID_INPUT_POINTER_ERROR (CRYS_BYPASS_MODULE_ERROR_BASE + 0x00UL) +#define CRYS_BYPASS_INVALID_OUTPUT_POINTER_ERROR (CRYS_BYPASS_MODULE_ERROR_BASE + 0x01UL) +#define CRYS_BYPASS_NOT_ALLIGNED_POINTER_ERROR (CRYS_BYPASS_MODULE_ERROR_BASE + 0x02UL) +#define CRYS_BYPASS_ILLEGAL_SIZE_ERROR (CRYS_BYPASS_MODULE_ERROR_BASE + 0x03UL) +#define CRYS_BYPASS_ILLEGAL_MEMORY_AREA_ERROR (CRYS_BYPASS_MODULE_ERROR_BASE + 0x04UL) +#define CRYS_BYPASS_ILLEGAL_PARAMS_ERROR (CRYS_BYPASS_MODULE_ERROR_BASE + 0x05UL) +#define CRYS_BYPASS_IS_NOT_SUPPORTED (CRYS_BYPASS_MODULE_ERROR_BASE + 0x06UL) + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Structs *****************************/ + +/************************ Public Variables *********************/ + +/************************ Public Functions *********************/ + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_cmla.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_cmla.h new file mode 100644 index 0000000..567b938 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_cmla.h @@ -0,0 +1,238 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_CMLA_H +#define CRYS_CMLA_H + + /* + * Object %CRYS_SMLA.h : % + * State : %state% + * Creation date : Wed Aug 24 2006 + * Last modified : %modify_time% + */ + /** @file + * \brief This module contains the prototypes of routines performing SMLA schemes operations. + * + * Implemented according to "CMLA Technical Specification". Version: v1.0-05-12-21, + * This material also contains confidential information which may not be disclosed + * to others without the prior written consent of CMLA, LLC. + * + * \version CRYS_SMLA.h#1:cincl:6 + * \author R.Levin. + */ + +#include "DX_VOS_BaseTypes.h" +#include "CRYS_CMLA_error.h" +#include "crys_defs.h" +#include "CRYS_RSA_Types.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +#ifndef CRYS_NO_CMLA_SUPPORT +/************************ Defines ******************************/ + + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + +/* CRYS_CMLA common types definitions */ +#define CRYS_CMLA_KEK_SIZE_IN_BYTES 16 +typedef DxUint8_t CRYS_CMLA_KEK_t[CRYS_CMLA_KEK_SIZE_IN_BYTES]; + +/* CRYS_CMLA_KDF types definitions */ +#define CRYS_CMLA_SEED_SIZE_IN_BYTES 128 +#define CRYS_CMLA_KDF_TEMP_SIZE_IN_WORDS 80 +typedef DxUint8_t CRYS_CMLA_SEED_t[CRYS_CMLA_SEED_SIZE_IN_BYTES]; +typedef DxUint32_t CRYS_CMLA_KDF_TEMP_t[CRYS_CMLA_KDF_TEMP_SIZE_IN_WORDS]; + +/* CRYS_CMLA_WRAP types definitions */ +#define CRYS_CMLA_UNWRAPPED_KEY_SIZE_IN_BYTES 32 +#define CRYS_CMLA_WRAPPED_KEY_SIZE_IN_BYTES 40 +typedef DxUint8_t CRYS_CMLA_UNWRAPPED_KEY_t[CRYS_CMLA_UNWRAPPED_KEY_SIZE_IN_BYTES]; +typedef DxUint8_t CRYS_CMLA_WRAPPED_KEY_t[CRYS_CMLA_WRAPPED_KEY_SIZE_IN_BYTES]; + +/* CRYS_CMLA_RSA types definitions */ +#define CRYS_CMLA_RSA_MESSAGE_LEN_BYTES 128 +typedef DxUint8_t CRYS_CMLA_RSA_MESSAGE_t[CRYS_CMLA_RSA_MESSAGE_LEN_BYTES]; + + +/************************ Structs ******************************/ + +/* The CRYS_CMLA_RSA temp buffers type */ + +typedef struct CRYS_CMLA_RSA_TempBuff_t +{ + /* Temp buffer for CRYS_RSA primitives */ + CRYS_RSAPrimeData_t RSA_TempBuff; + + /* Temp buffer for message, transformed by DDT_Exp function */ + DxUint8_t DDTmessage[CRYS_CMLA_RSA_MESSAGE_LEN_BYTES]; + + /* Temp buffer for little endian representation of previous defined message */ + DxUint8_t DDTmessageLE[CRYS_CMLA_RSA_MESSAGE_LEN_BYTES]; + +} CRYS_CMLA_RSA_TempBuff_t; + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + + + +/************************************************************************** + * CRYS_CMLA_KDF function * + **************************************************************************/ +/** + @brief CMLA Key Derivation Function produce the Key Encrypting Key + [CMLA v1.0-051221]. + + CRYS_CMLA_KDF operates on an octet string of length 128. + The input splits in two blocks of equal length. A constant value is concatenated + to the first block. Then SHA-1 is applied to the preceding result. The result + and two integers derived from the second block are used in a modulus calculation + to produce the Key Encrypting Key. The output shall be 16 bytes. + + + @param[in] X - Seed value, an octet string of length 128. + @param[out] KEK - Key Encryption Key, an octet string of length 16. + @param[in] TempBuff - Temporary buffer of length 46*(32-bits words). + + @return CRYSError_t - CRYS_OK, or error message + CRYS_CMLA_IS_NOT_SUPPORTED + CRYS_CMLA_KDF_INVALID_SEED_POINTER_ERROR + CRYS_CMLA_KDF_INVALID_KEK_POINTER_ERROR + CRYS_CMLA_KDF_INVALID_TEMP_BUFF_POINTER_ERROR + +*/ +CIMPORT_C CRYSError_t CRYS_CMLA_KDF( CRYS_CMLA_SEED_t X , /*in*/ + CRYS_CMLA_KEK_t KEK, /*out*/ + CRYS_CMLA_KDF_TEMP_t TempBuff /*in*/ ); + + + +/************************************************************************** + * CRYS_CMLA_Wrap function * + **************************************************************************/ +/** + @brief The CRYS_CMLA_Wrap primitive composing CRYS AES Key Wrap Algorithm + and CMLA_DDT_Perm according to CMLA algorithm [CMLA v1.0-051221]. + + + @param[in] KEK - Key Encryption Key, an octet string of length 16 bytes. + @param[in] Key - Plain key, an octet string of length 32 bytes. + @param[out] WrapKey - Wrapped Key, an octet string of length 40 bytes. + + @return CRYSError_t - CRYS_OK, or error message + CRYS_CMLA_IS_NOT_SUPPORTED + CRYS_CMLA_WRAP_ILLEGAL_KEK_PTR_ERROR + CRYS_CMLA_WRAP_ILLEGAL_KEY_PTR_ERROR + CRYS_CMLA_WRAP_ILLEGAL_WRAPPED_KEY_PTR_ERROR + +*/ +CIMPORT_C CRYSError_t CRYS_CMLA_Wrap( + CRYS_CMLA_KEK_t KEK, /*in*/ + CRYS_CMLA_UNWRAPPED_KEY_t Key, /*in*/ + CRYS_CMLA_WRAPPED_KEY_t WrapKey /*out*/ ); + + +/************************************************************************** + * CRYS_CMLA_Unwrap function * + **************************************************************************/ +/** + @brief The CRYS_CMLA_Unwrap primitive performs inverse CRYS_CMLA_Wrap transformation + [CMLA v1.0-051221]. + + @param[in] KEK - Key Encryption Key, an octet string of length 16 bytes. + @param[in] WrapKey - Wrapped Key, an octet string of length 40 bytes. + @param[out] Key - Plain key, an octet string of length 32 bytes. + + @return CRYSError_t - CRYS_OK, or error message + CRYS_CMLA_IS_NOT_SUPPORTED + CRYS_CMLA_UNWRAP_ILLEGAL_KEK_PTR_ERROR + CRYS_CMLA_UNWRAP_ILLEGAL_WRAPPED_KEY_PTR_ERROR + CRYS_CMLA_UNWRAP_ILLEGAL_KEY_PTR_ERROR + +*/ +CIMPORT_C CRYSError_t CRYS_CMLA_Unwrap( + CRYS_CMLA_KEK_t KEK, /*in*/ + CRYS_CMLA_WRAPPED_KEY_t WrapKey, /*in*/ + CRYS_CMLA_UNWRAPPED_KEY_t Key /*out*/ ); + + +/************************************************************************** + * CRYS_CMLA_RSA_Encrypt function * + **************************************************************************/ +/** + @brief The CRYS_CMLA_RSA_Encrypt primitive implements algorithm CMLA_RSA_Encrypt + [CMLA v1.0-051221]. + @param[in] PublKey - A pointer to to structure containing user RSA Public Key + (modulus size at least 128 bytes, other reqirements according + to CRYS_RSA API-s). + @param[in] Message - A pointer to message of length 128 bytes. + @param[out] EncrMessage - A pointer to output encrypted message of length 128 bytes. + @param[in] TempBuf - A pointer to structure containing temp buffers for CRYS_CMLA_RSA + operation. + + @return CRYSError_t - CRYS_OK, or error message + CRYS_CMLA_IS_NOT_SUPPORTED + CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_PUB_KEY_PTR_ERROR + CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_MESSAGE_PTR_ERROR + CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_ENCR_MESSAGE_PTR_ERROR + CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_TEMP_BUFF_PTR_ERROR + CRYS_CMLA_RSA_ENCRYPT_MESSAGE_INTEGER_TOO_LONG_ERROR + +*/ +CIMPORT_C CRYSError_t CRYS_CMLA_RSA_Encrypt( + CRYS_RSAUserPubKey_t *UserPublKey_ptr, /*in*/ + CRYS_CMLA_RSA_MESSAGE_t Message, /*in*/ + CRYS_CMLA_RSA_MESSAGE_t EncrMessage, /*out*/ + CRYS_CMLA_RSA_TempBuff_t *TempBuff_ptr /*in */); + + +/************************************************************************** + * CRYS_CMLA_RSA_Decrypt function * + **************************************************************************/ +/** + @brief The CRYS_CMLA_RSA_Decrypt primitive implements the CMLA_RSA_Decrypt algorithm + [CMLA v1.0-051221]. + + @param[in] PrivKey - A pointer to to structure containing user RSA Private Key + (modulus size at least 128 bytes, other reqirements according + to CRYS_RSA API-s). + @param[in] EncrMessage - A pointer to input encrypted message of length 128 bytes. + @param[out] Message - A pointer to output decrypted message of length 128 bytes. + @param[in] TempBuf - A pointer to structure containing temp buffers for CRYS_CMLA_RSA + operation. + + @return CRYSError_t - CRYS_OK, or error message + CRYS_CMLA_IS_NOT_SUPPORTED + CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_PRIV_KEY_PTR_ERROR + CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_MESSAGE_PTR_ERROR + CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_ENCR_MESSAGE_PTR_ERROR + CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_TEMP_BUFF_PTR_ERROR + CRYS_CMLA_RSA_DECRYPT_MESSAGE_INTEGER_TOO_LONG_ERROR + +*/ +CIMPORT_C CRYSError_t CRYS_CMLA_RSA_Decrypt( + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, /*in*/ + CRYS_CMLA_RSA_MESSAGE_t EncrMessage, /*in*/ + CRYS_CMLA_RSA_MESSAGE_t Message, /*out*/ + CRYS_CMLA_RSA_TempBuff_t *TempBuff_ptr /*in */); + + +#endif +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_cmla_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_cmla_error.h new file mode 100644 index 0000000..cf37c80 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_cmla_error.h @@ -0,0 +1,85 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + + /* + * Object % CRYS_CMLA_error.h : % + * State : %state% + * Creation date : 28 sept 2006 + * Last modified : %modify_time% + */ + /** @file + * \brief This module containes the definitions of the CRYS CMLA errors. + * + * \version CRYS_CMLA_error.h#1:incl:1 + * \author R.Levin + */ + + +#ifndef CRYS_CMLA_ERROR_H +#define CRYS_CMLA_ERROR_H + +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + + + +/************************ Defines ******************************/ + +/* The CRYS CMLA module errors */ +#define CRYS_CMLA_IS_NOT_SUPPORTED (CRYS_CMLA_MODULE_ERROR_BASE + 0x00UL) + +/* The CRYS CMLA KDF function errors */ +#define CRYS_CMLA_KDF_INVALID_SEED_PTR_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x01UL) +#define CRYS_CMLA_KDF_INVALID_KEK_PTR_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x02UL) +#define CRYS_CMLA_KDF_INVALID_TEMP_BUFF_PTR_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x03UL) + +/* The CRYS CMLA Wrap and Unwrap functions errors */ +#define CRYS_CMLA_WRAP_ILLEGAL_KEK_PTR_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x10UL) +#define CRYS_CMLA_WRAP_ILLEGAL_KEY_PTR_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x11UL) +#define CRYS_CMLA_WRAP_ILLEGAL_WRAPPED_KEY_PTR_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x12UL) + +#define CRYS_CMLA_UNWRAP_ILLEGAL_KEK_PTR_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x20UL) +#define CRYS_CMLA_UNWRAP_ILLEGAL_WRAPPED_KEY_PTR_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x21UL) +#define CRYS_CMLA_UNWRAP_ILLEGAL_KEY_PTR_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x22UL) + +/* The CRYS CMLA RSA Encrypt and Decrypt functions errors */ +#define CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_PUB_KEY_PTR_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x30UL) +#define CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_MESSAGE_PTR_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x31UL) +#define CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_ENCR_MESSAGE_PTR_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x32UL) +#define CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_TEMP_BUFF_PTR_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x32UL) +#define CRYS_CMLA_RSA_ENCRYPT_MESSAGE_INTEGER_TOO_LONG_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x32UL) +#define CRYS_CMLA_RSA_ENCRYPT_ILLEGAL_MODULUS_SIZE_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x33UL) + +#define CRYS_CMLA_RSA_DECRYPT_ILLEGAL_PRIV_KEY_PTR_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x40UL) +#define CRYS_CMLA_RSA_DECRYPT_ILLEGAL_ENCR_MESSAGE_PTR_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x41UL) +#define CRYS_CMLA_RSA_DECRYPT_ILLEGAL_DECR_MESSAGE_PTR_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x42UL) +#define CRYS_CMLA_RSA_DECRYPT_ILLEGAL_TEMP_BUFF_PTR_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x42UL) +#define CRYS_CMLA_RSA_DECRYPT_DATA_INTEGER_TOO_LONG_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x42UL) +#define CRYS_CMLA_RSA_DECRYPT_ILLEGAL_MODULUS_SIZE_ERROR (CRYS_CMLA_MODULE_ERROR_BASE + 0x43UL) + + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Structs *****************************/ + +/************************ Public Variables *********************/ + +/************************ Public Functions *********************/ + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_combined.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_combined.h new file mode 100644 index 0000000..ab26441 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_combined.h @@ -0,0 +1,258 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/** @file + * \brief This file contains all of the enums and definitions that are used for the + * CRYS combined and tunneling modes APIs, as well as the APIs themselves. + * + */ +#ifndef CRYS_COMBINED_H +#define CRYS_COMBINED_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "dx_pal_types.h" +#include "crys_error.h" +#include "crys_defs.h" +#include "crys_aes.h" +#include "crys_hash.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/************************ Defines ******************************/ +#define CRYS_COMBINED_MAX_NODES 4 + + +/************************ Enums ********************************/ +/*! + engine source input +*/ +typedef enum { + INPUT_NULL = 0, /* no input */ + INPUT_ENGINE_1 = 1, /* input from output of first cipher engine in sequence */ + INPUT_ENGINE_2 = 2, /* input from output of second cipher engine in sequence */ + INPUT_DIN = 15, /* input from DIN */ + INPUT_ENGINE_RESERVE32B = INT32_MAX, +} CrysCombinedEngineSource_e; + +/************************* Typedefs ****************************/ +/*! + Context types for crys combined operations +*/ +typedef union CrysCombinedContextPointer { + CRYS_AESUserContext_t *pAesContext; + CRYS_HASHUserContext_t *pHashContext; +} CrysCombinedContextPointer_u; + +/*! + Configuration Node which accommodate the crys context + pointer and the engine source input. +*/ +typedef struct CrysCombinedNodeConfig { + CrysCombinedContextPointer_u *pContext; + CrysCombinedEngineSource_e engineSrc; +} CrysCombinedNodeConfig_t; + +/*! + User array of nodes. Each node in the array relate other node + which reflect the user combined scheme. +*/ +typedef struct CrysCombinedConfig { + CrysCombinedNodeConfig_t node[CRYS_COMBINED_MAX_NODES]; +} CrysCombinedConfig_t; + +/************************* MACROS ******************************/ +/*! + Sets a configuration node properties: + - + \param pConfig [in]: A pointer to configuraton node object (type of CrysCombinedConfig_t). + \param engIdx [in]: The current engine index in the NodesConfig array. + \param engSrc [in]: The engine source input to set (type of CrysCombinedEngineSource_e), i.e. + number of other engine which output should be transferred by DMA to + the input of current engine. + \param ctxPtr [in]: A context pointer to set (type of CrysCombinedContextPointer_u). +*/ +#define CrysCombinedConfigSet(pConfig, engIdx, engSrc, ctxPtr) \ + do { \ + (pConfig)->node[(engIdx)].pContext = (void *)(ctxPtr); \ + (pConfig)->node[(engIdx)].engineSrc = (engSrc); \ + } while (0) + +/*! + Gets a configuration node source input (type of CrysCombinedConfig_t). + \param pConfig [in]: A pointer to configuraton node object (type of CrysCombinedNodeConfig_t). + \param engineIdx [in]: The engine index in the NodesConfig array. + \return Configuration Node's source input. +*/ +#define CrysCombinedEngineSrcGet(pConfig, engineIdx) \ + ((pConfig)->node[(engineIdx)].engineSrc) + + + +/************************************************************************/ +/*************************** Public Functions ***************************/ +/************************************************************************/ + +/************************************************************************/ +/*! + * Clears the configuration nodes. + * + * \param pConfig A pointer to the configuration scheme array + */ +CIMPORT_C void CrysCombinedConfigInit(CrysCombinedConfig_t *pConfig); + +/************************************************************************/ +/*! + * This function is used to initilize the combined (tunneling) operations. + * + * The function initializes user's combined mode configuration structure, + * used during current process sequence (Init-Block-Finish). + * + * Before processing the combined mode and calling this function the user must + * initialize all needed sub operations contexts (AES, AES-MAC, HASH) included into + * this combined operation and perform the following: + * + * - allocate combined mode configuration structure of type CrysCombinedConfig_t; + * The structure containing MAX_NUM_NODES (see define) nodes of type CrysCombinedNodeConfig_t, + * each of them contains pointer to sub operation context and input data source + * indication according to DMA data flow in configuration, as follows: + * { {pCtxt1; src1;}, {pCtxt2; src2}, .... {NULL; srcForDout} }, where: + * - pCtxtX - pointer to context of current sub operation X or NULL for indication + * of DOUT (DMA output) or end node in the configuration; + * - srcX is number of previous engine (sub operation), which output is used + * as input to engine (or DOUT) X; + * - allocate CRYS contexts for each sub operation (AES...HASH) included into + * combined configuration - maximum count of operations is MAX_NUM_NODES-1 (one node - for + * DMA autput or indication of end of the configuration); + * - call appropriate CRYS Init functions for each sub operation (CRYS_AES_Init or + * CRYS_HASH_Init) according to combined mode and given operations parameters; + * - initialize (clean) the configuration structure by calling macro CrysCombinedConfigInit(); + * - set all needed configuration nodes by calling macro CrysCombinedConfigSet() for each sub + * operation involved into combined mode; the input source indication for each engine + * should be set according to engines order defined by the user in the configuration + * structure. + * - set indication of ending (last) node and DMA output source by calling the same macro + * CrysCombinedConfigSet() with appropriate input parameters: + * - context pointer ctxPtrX = NULL; + * - indication (type: CrysCombinedEngineSource_e) of engine, which output + * should be transferred to DMA DOUT; if DMA output is not used there, + * then srcX = INPUT_NULL; + * + * Then the user may call this function to initialize the allocated combined + * user context. + * + * + * \param pConfig A pointer to the Configuration Nodes array (NodesConfig). + * This array represents the user combined scheme. + * + * \return CIMPORT_C CRYSError_t On success the value CRYS_OK is returned, + * and on failure - a value from crys_combined_error.h + */ +CIMPORT_C CRYSError_t CRYS_Combined_Init(CrysCombinedConfig_t *pConfig); + + +/***************************************************************************/ +/*! + * This function is used to process block of data in the combined (tunneling) mode. + * + * \param pConfig A pointer to the Configuration Nodes array. + * This array represents the user combined scheme. + * \param cipherOffset Relevant in cases where the authenticated data resides in + * a different offset from the cipher data. + * Note: currently an error returned for any value other than zero. + * \param pDataIn A pointer to a block of input data ready for processing. + * \param dataInSize The size of the input data. + * \param pDataOut A pointer to output data. Could be the same as input data + * pointer (for inplace operations) or NULL if there is + * only authentication for output. + * + * \return CIMPORT_C CRYSError_t On success the value CRYS_OK is returned, + * and on failure - a value from crys_combined_error.h + */ +CIMPORT_C CRYSError_t CRYS_Combined_Process( + CrysCombinedConfig_t *pConfig, + DxUint32_t cipherOffset, + DxUint8_t *pDataIn, + DxUint32_t dataInSize, + DxUint8_t *pDataOut); + + +/***************************************************************************/ +/*! + * This function is used to finish the combined or tunneling operations + * It releases all used contexts (including suboperation ones). + * + * \param pConfig A pointer to the Configuration Nodes array. + * This array represents the user combined scheme. + * \param cipherOffset Relevant in cases where the authenticated data resides in + * a different offset from the cipher data. + * Note: currently an error returned for any value other than zero. + * \param pDataIn A pointer on a block of input data ready for processing. + * \param dataInSize The size of the input data. + * \param pDataOut A pointer to output data. Could be the same as input data pointer + * (for inplace operations) or NULL if there is only + * authentication result for output. + * \param pAuthData A pointer to authentication or digest result output. + * \param pAuthDataSize A pointer to size of user given output buffer [in] + * and actual size [out] of authentication or digest result . + * + * \return CIMPORT_C CRYSError_t On success the value CRYS_OK is returned, + * and on failure - a value from crys_combined_error.h + */ +CIMPORT_C CRYSError_t CRYS_Combined_Finish( + CrysCombinedConfig_t *pConfig, + DxUint32_t cipherOffset, + DxUint8_t *pDataIn, + DxUint32_t dataInSize, + DxUint8_t *pDataOut, + DxUint8_t *pAuthData, + DxUint32_t *pAuthDataSize); + +/*! + * This function is used to perform the combined or tunneling operations with + * one function call. + * + * \param pConfig A pointer to the Configuration Nodes array. + * This array represents the user combined scheme. + * \param cipherOffset Relevant in cases where the authenticated data resides in + * a different offset from the cipher data. + * Note: currently an error returned for any value other than zero. + * \param pDataIn A pointer on a block of input data ready for processing. + * \param dataInSize The size of the input data. + * \param pDataOut A pointer to output data. Could be the same as input data pointer + * (for inplace operations) or NULL if there is only + * authentication result for output. + * \param pAuthData A pointer to authentication or digest result output. + * \param pAuthDataSize A pointer to size of user given output buffer [in] + * and actual size [out] of authentication or digest result . + * + * \return CIMPORT_C CRYSError_t On success the value CRYS_OK is returned, + * and on failure - a value from crys_combined_error.h + */ +CIMPORT_C CRYSError_t CRYS_Combined( + CrysCombinedConfig_t *pConfig, + DxUint32_t cipherOffset, + DxUint8_t *pDataIn, + DxUint32_t dataInSize, + DxUint8_t *pDataOut, + DxUint8_t *pAuthData, + DxUint32_t *pAuthDataSize); + +#ifdef __cplusplus +} +#endif + +#endif /* #ifndef CRYS_COMBINED_H */ + + + + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_combined_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_combined_error.h new file mode 100644 index 0000000..f18caf7 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_combined_error.h @@ -0,0 +1,73 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_COMBINED_ERROR_H +#define CRYS_COMBINED_ERROR_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object % crys_combined_error.h : % + * State : %state% + * Creation date : Sun Nov 21 11:07:08 2004 + * Last modified : %modify_time% + */ + /** @file + * \brief This module containes the definitions of the CRYS + * combined mode errors. + * + * \version crys_combined_error.h#1:incl:1 + * \author stasn + */ + +/************************ Defines ******************************/ +/*Combined mode module on the CRYS layer base address - 0x00F01900*/ +/* The CRYS COMBINED module errors */ +#define CRYS_COMBINED_INVALID_NODES_CONFIG_POINTER_ERROR (CRYS_COMBINED_MODULE_ERROR_BASE + 0x0UL) +#define CRYS_COMBINED_DATA_IN_SIZE_ILLEGAL (CRYS_COMBINED_MODULE_ERROR_BASE + 0x1UL) +#define CRYS_COMBINED_DATA_IN_POINTER_INVALID_ERROR (CRYS_COMBINED_MODULE_ERROR_BASE + 0x2UL) +#define CRYS_COMBINED_DATA_SIZE_ILLEGAL (CRYS_COMBINED_MODULE_ERROR_BASE + 0x3UL) +#define CRYS_COMBINED_DATA_OUT_POINTER_INVALID_ERROR (CRYS_COMBINED_MODULE_ERROR_BASE + 0x4UL) +#define CRYS_COMBINED_DATA_AUTH_POINTER_INVALID_ERROR (CRYS_COMBINED_MODULE_ERROR_BASE + 0x5UL) +#define CRYS_COMBINED_ILLEGAL_OPERATION_MODE_ERROR (CRYS_COMBINED_MODULE_ERROR_BASE + 0x6UL) +#define CRYS_COMBINED_UNSUPPORTED_SUB_OPERATION_ALG_ERROR (CRYS_COMBINED_MODULE_ERROR_BASE + 0x7UL) +#define CRYS_COMBINED_UNSUPPORTED_SUB_OPERATION_MODE_ERROR (CRYS_COMBINED_MODULE_ERROR_BASE + 0x8UL) +#define CRYS_COMBINED_DATA_AUTH_BUFFER_SIZE_INVALID_ERROR (CRYS_COMBINED_MODULE_ERROR_BASE + 0x9UL) +#define CRYS_COMBINED_CIPHER_OFFSET_ILLEGAL (CRYS_COMBINED_MODULE_ERROR_BASE + 0xAUL) +#define CRYS_COMBINED_DATA_OUT_DATA_IN_OVERLAP_ERROR (CRYS_COMBINED_MODULE_ERROR_BASE + 0xBUL) +#define CRYS_COMBINED_INVALID_USER_SUB_CONTEXT_POINTER_ERROR (CRYS_COMBINED_MODULE_ERROR_BASE + 0xCUL) +#define CRYS_COMBINED_ILLEGAL_PARAMS_ERROR (CRYS_COMBINED_MODULE_ERROR_BASE + 0xDUL) +#define CRYS_COMBINED_HASH_DIGEST_SIZE_ERROR (CRYS_COMBINED_MODULE_ERROR_BASE + 0xEUL) + +#define CRYS_COMBINED_IS_NOT_SUPPORTED (CRYS_COMBINED_MODULE_ERROR_BASE + 0xFUL) + + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Structs *****************************/ + +/************************ Public Variables *********************/ + +/************************ Public Functions *********************/ + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_defs.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_defs.h new file mode 100644 index 0000000..e4b3b62 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_defs.h @@ -0,0 +1,82 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _1_CRYS_Defs_h_H +#define _1_CRYS_Defs_h_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ + + + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object %name : % + * State : %state% + * Creation date : Mon Jan 03 18:37:21 2005 + * Last modified : %modify_time% + */ + /** @file + * \brief A brief description of this module + * + * \version crys_defs.h#1:incl:1 + * \author ohads + */ + + +/*whether needed to export CRYS APIs for firmware testing*/ +#ifdef CRYS_EXPORT_APIS_FOR_DLL +#define CEXPORT_C EXPORT_C +#define CIMPORT_C IMPORT_C +#else +#define CEXPORT_C +#define CIMPORT_C +#endif + +/************************ Enums ********************************/ + +/* Defines the enum that is used for specifying whether or not to perform + * a decrypt operation when performing the AES operation mode on the Context + */ + + +/* Defines the enum that is used for specifying whether or not to perform + * a decrypt operation when performing the AES operation mode on the Context + */ +typedef enum +{ + AES_DECRYPT_CONTEXT = 0, + AES_DONT_DECRYPT_CONTEXT = 1, +/* AES_ENCRYPT_RELEASE_CONTEXT = 2*/ + + CRYS_AES_CONTEXTS_flagLast = 0x7FFFFFFF, + +}CRYS_AES_CONTEXTS_flag; +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_des.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_des.h new file mode 100644 index 0000000..8826c3b --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_des.h @@ -0,0 +1,260 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/** \file +* \brief This file contains all of the enums and definitions that are used for the +* CRYS DES APIs, as well as the APIs themselves. +* +*/ + + +#ifndef CRYS_DES_H +#define CRYS_DES_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "dx_pal_types.h" +#include "crys_error.h" +#include "crys_defs.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/************************ Defines ******************************/ + +#if defined(DX_CC_SEP) || defined(DX_CC_TEE) +#define CRYS_DES_USER_CTX_SIZE_IN_WORDS 32 +#else +#define CRYS_DES_USER_CTX_SIZE_IN_WORDS 199 +#endif + + +/* The size of the IV or counter buffer */ +#define CRYS_DES_IV_SIZE_IN_WORDS 2 +#define CRYS_DES_IV_SIZE_IN_BYTES ( CRYS_DES_IV_SIZE_IN_WORDS * sizeof(DxUint32_t) ) + +/* The maximum number of KEYS supported by DES */ +#define CRYS_DES_MAX_NUMBER_OF_KEYS 3 + +/* The key size in words on the DES machine */ +#define CRYS_DES_KEY_SIZE_IN_WORDS 2 +#define CRYS_DES_KEY_SIZE_IN_BYTES ( CRYS_DES_KEY_SIZE_IN_WORDS * sizeof(DxUint32_t) ) + +/* The DES block size in bytes */ +#define CRYS_DES_BLOCK_SIZE_IN_BYTES 8 + +/* The DES block size in words */ +#define CRYS_DES_BLOCK_SIZE_IN_WORDS 2 + +/************************ Enums ********************************/ + +/* The number of keys supported on the DES machine */ +typedef enum +{ + CRYS_DES_1_KeyInUse = 1, + CRYS_DES_2_KeysInUse = 2, + CRYS_DES_3_KeysInUse = 3, + + CRYS_DES_NumOfKeysOptions, + + CRYS_DES_NumOfKeysLast= 0x7FFFFFFF, + +}CRYS_DES_NumOfKeys_t; + +/* Enum definitions for the Encrypt or Decrypt operation mode */ +typedef enum +{ + CRYS_DES_Encrypt = 0, + CRYS_DES_Decrypt = 1, + + CRYS_DES_EncryptNumOfOptions, + + CRYS_DES_EncryptModeLast= 0x7FFFFFFF, + +}CRYS_DES_EncryptMode_t; + +/* Enum definitions for the DES operation mode */ +typedef enum +{ + CRYS_DES_ECB_mode = 0, + CRYS_DES_CBC_mode = 1, + + CRYS_DES_NumOfModes, + + CRYS_DES_OperationModeLast= 0x7FFFFFFF, + +}CRYS_DES_OperationMode_t; + +/************************ Typedefs ****************************/ + +/* The IV buffer definition */ +typedef DxUint8_t CRYS_DES_Iv_t[CRYS_DES_IV_SIZE_IN_BYTES]; + +/* defining the KEY argument - containing 3 keys maximum */ +typedef struct CRYS_DES_Key_t +{ + /* the key variables */ + DxUint8_t key1[CRYS_DES_KEY_SIZE_IN_BYTES]; + DxUint8_t key2[CRYS_DES_KEY_SIZE_IN_BYTES]; + DxUint8_t key3[CRYS_DES_KEY_SIZE_IN_BYTES]; + +}CRYS_DES_Key_t; + +/************************ Structs ******************************/ + +/* Defines the KEY argument - contains 3 keys maximum */ +typedef struct +{ + /* the key variables */ + DxUint32_t key1[CRYS_DES_KEY_SIZE_IN_WORDS]; + DxUint32_t key2[CRYS_DES_KEY_SIZE_IN_WORDS]; + DxUint32_t key3[CRYS_DES_KEY_SIZE_IN_WORDS]; + +}CRYS_DES_Key_32bit_t; + +/************************ Structs ******************************/ + + +/* The user's context prototype - the argument type that will be passed by the user + to the APIs called by him */ +typedef struct CRYS_DESUserContext_t +{ + DxUint32_t buff[CRYS_DES_USER_CTX_SIZE_IN_WORDS]; +}CRYS_DESUserContext_t; + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +/** + * @brief This function is used to initialize the DES machine. + * To operate the DES machine, this should be the first function called. + * + * @param[in] ContextID_ptr - A pointer to the DES context buffer allocated by the user + * that is used for the DES machine operation. + * + * @param[in,out] IV_ptr - The buffer of the IV. + * In ECB mode this parameter is not used. + * In CBC this parameter should contain the IV values. + * + * @param[in] Key_ptr - A pointer to the user's key buffer. + * + * @param[in] NumOfKeys - The number of keys used: 1, 2, or 3 (defined in the enum). + * + * @param[in] EncryptDecryptFlag - A flag that determines whether the DES should perform + * an Encrypt operation (0) or a Decrypt operation (1). + * + * @param[in] OperationMode - The operation mode: ECB or CBC. + * + * + * @return CRYSError_t - On success the value CRYS_OK is returned, + * and on failure a value from crys_error.h + */ + +CIMPORT_C CRYSError_t CRYS_DES_Init( CRYS_DESUserContext_t *ContextID_ptr, + CRYS_DES_Iv_t IV_ptr, + CRYS_DES_Key_t *Key_ptr, + CRYS_DES_NumOfKeys_t NumOfKeys, + CRYS_DES_EncryptMode_t EncryptDecryptFlag, + CRYS_DES_OperationMode_t OperationMode ); + + +/** + * @brief This function is used to process a block on the DES machine. + * This function should be called after the CRYS_DES_Init function was called. + * + * + * @param[in] ContextID_ptr - a pointer to the DES context buffer allocated by the user that + * is used for the DES machine operation. this should be the same context that was + * used on the previous call of this session. + * + * @param[in] DataIn_ptr - The pointer to the buffer of the input data to the DES. The pointer does + * not need to be aligned. + * + * @param[in] DataInSize - The size of the input data in bytes: must be not 0 and must be multiple + * of 8 bytes. + * + * @param[in/out] DataOut_ptr - The pointer to the buffer of the output data from the DES. The pointer does not + * need to be aligned. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* crys_des_error.h + */ + CIMPORT_C CRYSError_t CRYS_DES_Block( CRYS_DESUserContext_t *ContextID_ptr, /* in */ + DxUint8_t *DataIn_ptr, /* in */ + DxUint32_t DataInSize, /* in */ + DxUint8_t *DataOut_ptr ); /* in/out */ + + +/** + * @brief This function is used to end the DES processing session. + * It is the last function called for the DES process. + * + * + * @param[in] ContextID_ptr - A pointer to the DES context buffer allocated by the user that + * is used for the DES machine operation. this should be the + * same context that was used on the previous call of this session. + * + * @return CRYSError_t - On success the value CRYS_OK is returned, + * and on failure a value from crys_error.h + */ +CIMPORT_C CRYSError_t CRYS_DES_Free(CRYS_DESUserContext_t *ContextID_ptr ); + + +/** + * @brief This function is used to operate the DES machine in one integrated operation. + * + * The actual macros that will be used by the users are: + * + * + * @param[in,out] IVCounter_ptr - this parameter is the buffer of the IV or counters on mode CTR. + * On ECB mode this parameter has no use. + * On CBC mode this parameter should containe the IV values. + * + * @param[in] Key_ptr - a pointer to the users key buffer. + * + * @param[in] KeySize - Thenumber of keys used by the DES as defined in the enum. + * + * @param[in] EncryptDecryptFlag - This flag determains if the DES shall perform an Encrypt operation [0] or a + * Decrypt operation [1]. + * + * @param[in] OperationMode - The operation mode : ECB or CBC. + * + * @param[in] DataIn_ptr - The pointer to the buffer of the input data to the DES. The pointer does + * not need to be aligned. + * + * @param[in] DataInSize - The size of the input data in bytes: must be not 0 and must be multiple + * of 8 bytes. + * + * @param[in/out] DataOut_ptr - The pointer to the buffer of the output data from the DES. The pointer does not + * need to be aligned. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* crys_des_error.h + * + */ + CIMPORT_C CRYSError_t CRYS_DES( + CRYS_DES_Iv_t IV_ptr, /* in */ + CRYS_DES_Key_t *Key_ptr, /* in */ + CRYS_DES_NumOfKeys_t NumOfKeys, /* in */ + CRYS_DES_EncryptMode_t EncryptDecryptFlag, /* in */ + CRYS_DES_OperationMode_t OperationMode, /* in */ + DxUint8_t *DataIn_ptr, /* in */ + DxUint32_t DataInSize, /* in */ + DxUint8_t *DataOut_ptr ); /* out */ + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_des_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_des_error.h new file mode 100644 index 0000000..004e8a2 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_des_error.h @@ -0,0 +1,75 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_DES_ERROR_H +#define CRYS_DES_ERROR_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object % crys_des_error.h : % + * State : %state% + * Creation date : Sun Nov 21 11:07:08 2004 + * Last modified : %modify_time% + */ + /** @file + * \brief This module containes the definitions of the CRYS AES errors. + * + * \version crys_des_error.h#1:incl:1 + * \author adams + */ + + + + +/************************ Defines ******************************/ + +/* The CRYS DES module errors */ +#define CRYS_DES_INVALID_USER_CONTEXT_POINTER_ERROR (CRYS_DES_MODULE_ERROR_BASE + 0x0UL) +#define CRYS_DES_INVALID_IV_PTR_ON_NON_ECB_MODE_ERROR (CRYS_DES_MODULE_ERROR_BASE + 0x1UL) +#define CRYS_DES_ILLEGAL_OPERATION_MODE_ERROR (CRYS_DES_MODULE_ERROR_BASE + 0x2UL) +#define CRYS_DES_ILLEGAL_NUM_OF_KEYS_ERROR (CRYS_DES_MODULE_ERROR_BASE + 0x3UL) +#define CRYS_DES_INVALID_KEY_POINTER_ERROR (CRYS_DES_MODULE_ERROR_BASE + 0x4UL) +#define CRYS_DES_INVALID_ENCRYPT_MODE_ERROR (CRYS_DES_MODULE_ERROR_BASE + 0x5UL) +#define CRYS_DES_USER_CONTEXT_CORRUPTED_ERROR (CRYS_DES_MODULE_ERROR_BASE + 0x6UL) +#define CRYS_DES_DATA_IN_POINTER_INVALID_ERROR (CRYS_DES_MODULE_ERROR_BASE + 0x7UL) +#define CRYS_DES_DATA_OUT_POINTER_INVALID_ERROR (CRYS_DES_MODULE_ERROR_BASE + 0x8UL) +#define CRYS_DES_DATA_SIZE_ILLEGAL (CRYS_DES_MODULE_ERROR_BASE + 0x9UL) +#define CRYS_DES_DATA_OUT_DATA_IN_OVERLAP_ERROR (CRYS_DES_MODULE_ERROR_BASE + 0xAUL) +#define CRYS_DES_ILLEGAL_PARAMS_ERROR (CRYS_DES_MODULE_ERROR_BASE + 0x13UL) + +#define CRYS_DES_IS_NOT_SUPPORTED (CRYS_DES_MODULE_ERROR_BASE + 0x1FUL) + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_dh.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_dh.h new file mode 100644 index 0000000..d3879ce --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_dh.h @@ -0,0 +1,478 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _15_CRYS_DH_h_H +#define _15_CRYS_DH_h_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_rsa_types.h" +#include "crys_kdf.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object %name : %crys_dh.h + * State : %state% + * Creation date : Wed Jan 26 16:54:02 2005 + * Last modified : %modify_time% + */ + /** @file + * \brief This module defines the API that supports Diffie-Hellman key exchange + * as defined in PKCS#3 and ANSI9.42 v1.4 (Revised from November 1,1993) + * + * \version crys_dh.h#1:incl:15 + * \author ohads + */ + + +/************************ Defines ******************************/ + +/** The following defines are for the readability of the user*/ +#define CRYS_DHPubKey_t CRYSRSAPubKey_t + +#define CRYS_DH_MAX_VALID_KEY_SIZE_VALUE_IN_BITS CRYS_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BITS +#define CRYS_DH_MIN_VALID_KEY_SIZE_VALUE_IN_BITS 1024 + +#define CRYS_DH_MAX_MOD_SIZE_IN_BYTES (CRYS_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BITS / 8) +#define CRYS_DH_MAX_MOD_SIZE_IN_WORDS (CRYS_DH_MAX_MOD_SIZE_IN_BYTES/sizeof(DxUint32_t)) + +#define CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS + +/*The following defines are for the readability of the user*/ +#define CRYS_DHPrimeData_t CRYS_RSAPrimeData_t +#define CRYS_DHUserPubKey_t CRYS_RSAUserPubKey_t +#define CRYS_DH_OtherInfo_t CRYS_KDF_OtherInfo_t +#define CRYS_DH_COUNT_OF_OTHER_INFO_ENTRIES CRYS_KDF_COUNT_OF_OTHER_INFO_ENTRIES +#define CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY /*bytes*/ +/* MAX_SIZE_OF_KEYING_DATA definition for CC54 project. For CC52 projects it is + limited by 2*CRYS_DH_MAX_MOD_SIZE_IN_BYTES */ +#define CRYS_DH_MAX_SIZE_OF_KEYING_DATA CRYS_KDF_MAX_SIZE_OF_KEYING_DATA /*bytes*/ + +/************************ Enums ********************************/ + +/* DH operations mode (used in some functions of DH) */ +typedef enum +{ + CRYS_DH_PKCS3_mode = 0, + CRYS_DH_ANSI_X942_mode = 1, + CRYS_DH_NumOfModes, + + CRYS_DH_OpModeLast = 0x7FFFFFFF, + +}CRYS_DH_OpMode_t; + +/* HASH operation modes, used in DH */ +typedef enum +{ + CRYS_DH_HASH_SHA1_mode = CRYS_HASH_SHA1_mode, + CRYS_DH_HASH_SHA224_mode = CRYS_HASH_SHA224_mode, + CRYS_DH_HASH_SHA256_mode = CRYS_HASH_SHA256_mode, + CRYS_DH_HASH_SHA384_mode = CRYS_HASH_SHA384_mode, + CRYS_DH_HASH_SHA512_mode = CRYS_HASH_SHA512_mode, + CRYS_DH_HASH_MD5_mode = CRYS_HASH_MD5_mode, /* not used in DH */ + + CRYS_DH_HASH_NumOfModes = CRYS_HASH_MD5_mode, + CRYS_DH_HASH_OperationModeLast = 0x7FFFFFFF, + +}CRYS_DH_HASH_OpMode_t; + +/* key derivation modes, used in DH */ +typedef enum +{ + CRYS_DH_ASN1_Der_mode = CRYS_KDF_ASN1_DerivMode, + CRYS_DH_Concat_Der_mode = CRYS_KDF_ConcatDerivMode, + CRYS_DH_X963_DerMode = CRYS_KDF_ConcatDerivMode, + CRYS_DH_OMADRM_DerMode = CRYS_KDF_OMADRM_DerivMode, /* not used in DH */ + + CRYS_DH_der_NumOfModes = CRYS_DH_OMADRM_DerMode, + CRYS_DH_DerivationFunc_ModeLast= 0x7FFFFFFF, + +}CRYS_DH_DerivationFunc_Mode; + + +/************************ Typedefs *************************************/ +/* temp buffer structure used for exponentiation in DH functions */ +typedef struct +{ + CRYS_DHPrimeData_t PrimeData; + CRYS_DHPubKey_t PubKey; + DxUint32_t TempBuff[CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS]; +} CRYS_DH_ExpTemp_t; + +/* temp buffer structure used for DH functions (non hybrid) */ +typedef struct +{ + CRYS_DHPrimeData_t PrimeData; + CRYS_DHUserPubKey_t UserPubKey; + DxUint32_t TempBuff[CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS]; +} CRYS_DH_Temp_t; + +/* temp buffer structure used for DH hybrid functions */ +typedef struct +{ + CRYS_DHPrimeData_t PrimeData; + CRYS_DHUserPubKey_t UserPubKey; + DxUint32_t TempBuff[2*CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS]; +} CRYS_DH_HybrTemp_t; + + +/************************ Structs **************************************/ + +/************************ Public Variables ******************************/ + +/************************ Public Functions ******************************/ + +/*******************************************************************************************/ + +/** + * @brief _DX_DH_GeneratePubPrv has 2 functionalities: + + 1. Randomly generates the Client private key Prv. + 2. Compute the Client public key which is: + ClientPub = Generator ^Prv mod Prime. + + Note: All buffers arguments are represented in Big-Endian + + @param[in] Generator_ptr - Pointer to the Generator octet string + @param[in] GeneratorSize - Size of the Generator String (in bytes): + 0 < GeneratorSize <= PrimeSize. + @param[in] Prime_ptr - Pointer to the Prime octet string P. + @param[in] PrimeSize - Size of the Prime string (in bytes): + 0 < PrimeSize <= max. valid DH key size. + @param[in] L - Exact length of Private key in bits (relevant only for + PKCS#3), defined by central authority (L <= max. PrimeSize). + - If L != 0, then L must met to requirements: 1 <= L and + 2^(L-1) <= P, Note: in our implementation required L >= 3. In + this case force the private key size to be 2^(L-1) <= Prv < + 2^L. + - If L = 0, then: 0 < Prv < P-1. + @param[in] Q_ptr - Pointer to the order Q of generator relevant + only for ANSI X9.42): 1<= Prv <= q-1 or 1 < + Prv < q-1. + @param[in] QSize - Size of the Q string in bytes. Relevant only + for ANSI X9.42. + @param[in] DH_mode - Enumerator, declaring whether the mode is + PKCS#3 or ANSI X9.42. + @param[in] tmpPubKey_ptr - A pointer to the public key structure. Used + for the Exp operation. The structure doesn't + need to be initialized. + @param[in] tmpPrimeData_ptr - A pointer to a structure containing internal + buffers, the structure doesn't need to be + initialized. + @param[out] ClientPrvKey_ptr - Pointer to the buffer for output the Private + key octet string (Prv). In PKCS#3 this buffer + should be at least the following size: + - if L is provided the size of buffer: + bufSizeBytes*8 >= L. + - if L is DX_NULL, then size of buffer >= + PrimeSize. In X9.42 size of buffer >= QSize. + @param[in/out] ClientPrvKeySize_ptr - The user should provide the size of the + buffer indicated by ClientPrvKey_ptr. + The function returns the actual size in + bytes of the Private key. + @param[out] ClientPub_ptr - Pointer to the Public key octet + string. This Buffer should be at least + PrimeSize bytes. + @param[in/out] ClientPubSize_ptr - The user should provide the size of + the buffer indicated by ClientPub_ptr.The + function returns the actual size in + bytes of the generated client public + key. + + @return CRYSError_t - On success CRYS_OK is returned, on failure an ERROR as + defined CRYS_DH_error.h: + CRYS_DH_INVALID_ARGUMENT_POINTER_ERROR; + CRYS_DH_INVALID_ARGUMENT_SIZE_ERROR; + CRYS_DH_INVALID_ARGUMENT_OPERATION_MODE_ERROR; + CRYS_DH_ARGUMENT_GENERATOR_SMALLER_THAN_ZERO_ERROR; + CRYS_DH_ARGUMENT_PRIME_SMALLER_THAN_GENERATOR_ERROR; + CRYS_DH_INVALID_L_ARGUMENT_ERROR; + CRYS_DH_ARGUMENT_PRV_SIZE_ERROR; + */ +CIMPORT_C CRYSError_t _DX_DH_GeneratePubPrv( + DxUint8_t *Generator_ptr, /*generator*/ + DxUint16_t GeneratorSize, + DxUint8_t *Prime_ptr, /*modulus*/ + DxUint16_t PrimeSize, + DxUint16_t L, /*Exact length of Private key in bits*/ + DxUint8_t *Q_ptr, /*order*/ + DxUint16_t QSize, + CRYS_DH_OpMode_t DH_mode, + CRYS_DHUserPubKey_t *tmpPubKey_ptr, /*temp buff*/ + CRYS_DHPrimeData_t *tmpPrimeData_ptr, /*temp buff*/ + DxUint8_t *ClientPrvKey_ptr, /*out*/ + DxUint16_t *ClientPrvKeySize_ptr, /*in/out*/ + DxUint8_t *ClientPub1_ptr, /*out*/ + DxUint16_t *ClientPubSize_ptr); /*in/out*/ + + +/* macro for calling the GeneratePubPrv function on PKCS#3 mode: Q is irrelevant */ +/*--------------------------------------------------------------------------------*/ +#define CRYS_DH_PKCS3_GeneratePubPrv(Generator_ptr,GeneratorSize,\ + Prime_ptr,PrimeSize,\ + L,\ + tmpPubKey_ptr,tmpPrimeData_ptr,\ + ClientPrvKey_ptr,ClientPrvKeySize_ptr,\ + ClientPub_ptr,ClientPubSize_ptr)\ + _DX_DH_GeneratePubPrv((Generator_ptr),(GeneratorSize),\ + (Prime_ptr),(PrimeSize),\ + (L),\ + (DxUint8_t *)DX_NULL,(DxUint16_t)0,\ + CRYS_DH_PKCS3_mode,\ + (tmpPubKey_ptr),(tmpPrimeData_ptr),\ + (ClientPrvKey_ptr),(ClientPrvKeySize_ptr),\ + (ClientPub_ptr),(ClientPubSize_ptr)) + +/* macro for calling the GeneratePubPrv function on ANSI X9.42 mode: L is irrelevant */ +#define CRYS_DH_ANSI_X942_GeneratePubPrv(Generator_ptr,GeneratorSize,Prime_ptr,PrimeSize,\ + Q_ptr,QSize,\ + tmpPubKey_ptr,tmpPrimeData_ptr,\ + ClientPrvKey_ptr,ClientPrvKeySize_ptr,\ + ClientPub_ptr,ClientPubSize_ptr)\ + _DX_DH_GeneratePubPrv((Generator_ptr),(GeneratorSize),\ + (Prime_ptr),(PrimeSize),\ + (DxUint16_t)0,\ + (Q_ptr),(QSize),\ + CRYS_DH_ANSI_X942_mode,\ + (tmpPubKey_ptr),(tmpPrimeData_ptr),\ + (ClientPrvKey_ptr),(ClientPrvKeySize_ptr),\ + (ClientPub_ptr),(ClientPubSize_ptr)) + + +/*******************************************************************************************/ +/** + * @brief CRYS_DH_GetSecretKey computes the shared secret key in the following computation: + SecretKey = ServerPubKey ^ ClientPrvKey mod Prime. + + Note: + - All buffers arguments are represented in Big-Endian. + - The actual size of private key in bits must be not less than 2 and not great, + than actual size of Prime (modulus) in bits (in our implementation); + + @param[in] ClientPrvKey_ptr - Pointer to the private key octet string. + @param[in] ClientPrvKeySize - The Private key Size (in bytes). + @param[in] ServerPubKey_ptr - Pointer to the Server public key octet string + @param[in] ServerPubKeySize - The Server Public key Size (in bytes) + @param[in] Prime_ptr - Pointer to the Prime octet string. + @param[in] PrimeSize - Size of the Prime string. + @param[in] tmprPubKey_ptr - A pointer to the temp buffer (public key structure), used + for the Exponentiation function; the struct doesn't need + to be initialized. + @param[in] tmpPrimeData_ptr - A pointer to temp buffer (structure containing internal buffers); + the structure doesn't need to be initialized. + @param[out] SecretKey_ptr - Pointer to output buffer for the secret key octet string. + This buffer should be at least of PrimeSize bytes. + @param[in/out] SecretKeySize_ptr - The user should provide the size in bytes of the buffer indicated by SecretKey_ptr. + The function will return the actual size in bytes of the output secret key. + + @return CRYSError_t - On success CRYS_OK is returned, on failure an ERROR as defined CRYS_DH_error.h: + CRYS_DH_INVALID_ARGUMENT_POINTER_ERROR; + CRYS_DH_INVALID_ARGUMENT_SIZE_ERROR; + CRYS_DH_SECRET_KEY_SIZE_OUTPUT_ERROR; +*/ + CIMPORT_C CRYSError_t CRYS_DH_GetSecretKey( + DxUint8_t *ClientPrvKey_ptr, + DxUint16_t ClientPrvKeySize, + DxUint8_t *ServerPubKey_ptr, + DxUint16_t ServerPubKeySize, + DxUint8_t *Prime_ptr, + DxUint16_t PrimeSize, + CRYS_DHUserPubKey_t *tmpPubKey_ptr, + CRYS_DHPrimeData_t *tmpPrimeData_ptr, + DxUint8_t *SecretKey_ptr, + DxUint16_t *SecretKeySize_ptr); + + + /******************************************************************************************/ +/** + * @brief CRYS_DH_X942_GetSecretData computes the shared secret key as follows: + 1. OPTIONAL - validate the correctness of the argument keys + 2. SecretKey = ServerPubKey ^ ClientPrvKey mod Prime + 3. Use of Derivation function to derive a data key from the secret key + + The actual APIs that will be used by the user are: + CRYS_DH_X942_GetSecret_ASN1 + CRYS_DH_X942_GetSecret_Concat + + Note: All buffers arguments are represented in Big-Endian format + + @param[in] ClientPrvKey_ptr - A pointer to the Private key octet string + @param[in] ClientPrvKeySize - The Private key size, in bytes + @param[in] ServerPubKey_ptr - A pointer to the Server public key octet string - + @param[in] ServerPubKeySize - The Server Public key size, in bytes + @param[in] Prime_ptr - A pointer to the Prime octet string + @param[in] PrimeSize - The size of the Prime string + @param[in] OtherInfo - The pointer to structure , containing the data, + shared by two entities of agreement and the data sizes. + This argument is optional (if not needed - set it to NULL). + @param[in] hashMode - The hash function to be used + @param[in] DerFunc_mode - The type of function to derive the secret key to the key data. + We use ASN.1-based function or Hash concatenation function mode. + @param[in] tmpBuff_ptr - A pointer to the DH temp buffer structure. Not initialized. + @param[out] SecretKeyData_ptr - A pointer to the buffer for secret keying data. + @param[in] SecretKeyDataSize - Specifies the derived Secret Key data size needed in bytes. + The size can't be larger than CRYS_DH_MAX_SIZE_OF_KEYING_DATA + (required by implementation). + + @return CRYSError_t - On success CRYS_OK is returned, on failure an ERROR as defined CRYS_DH_error.h: + CRYS_DH_SECRET_KEYING_DATA_SIZE_ILLEGAL_ERROR; + +*/ +CIMPORT_C CRYSError_t CRYS_DH_X942_GetSecretData( + DxUint8_t *ClientPrvKey_ptr, + DxUint16_t ClientPrvKeySize, + DxUint8_t *ServerPubKey_ptr, + DxUint16_t ServerPubKeySize, + DxUint8_t *Prime_ptr, + DxUint16_t PrimeSize, + CRYS_DH_OtherInfo_t *otherInfo_ptr, + CRYS_DH_HASH_OpMode_t hashMode, + CRYS_DH_DerivationFunc_Mode DerivFunc_mode, + CRYS_DH_Temp_t *tmpBuff_ptr, + DxUint8_t *SecretKeyingData_ptr, + DxUint16_t SecretKeyingDataSize ); + +/****************************************************************/ +/** + \@brief CRYS_DH_X942_GetSecretDataAsn1 implements the DH ANSI X9.42 standard. It derives a secret key + using the Derivation function based on ASN1. + Note: deleting of private ephemeral key (if it used) is out of scope of this function and must be performed + by user after calling this function. +*/ +#define CRYS_DH_X942_GetSecretDataAsn1(ClientPrvKey_ptr,ClientPrvKeySize,ServerPubKey_ptr,ServerPubKeySize,Prime_ptr,PrimeSize,otherInfo_ptr,hashMode,tmpBuff_ptr,SecretKeyingData_ptr,SecretKeyingDataSize)\ + CRYS_DH_X942_GetSecretData((ClientPrvKey_ptr),(ClientPrvKeySize),(ServerPubKey_ptr),(ServerPubKeySize),(Prime_ptr),(PrimeSize),(otherInfo_ptr),(hashMode),(CRYS_DH_ASN1_Der_mode),(tmpBuff_ptr),(SecretKeyingData_ptr),(SecretKeyingDataSize)) +/** + \@brief CRYS_DH_X942_GetSecretDataConcat implements the DH ANSI X9.42 standard. It derives a secret key + using the Derivation function based on concatenation of SHA1 hash + Note: deleting of private ephemeral key (if it used) is out of scope of this function and must be performed + by user after calling this function. +*/ +#define CRYS_DH_X942_GetSecretDataConcat(ClientPrvKey_ptr,ClientPrvKeySize,ServerPubKey_ptr,ServerPubKeySize,Prime_ptr,PrimeSize,otherInfo_ptr,hashMode,tmpBuff_ptr,SecretKeyingData_ptr,SecretKeyingDataSize)\ + CRYS_DH_X942_GetSecretData((ClientPrvKey_ptr),(ClientPrvKeySize),(ServerPubKey_ptr),(ServerPubKeySize),(Prime_ptr),(PrimeSize),(otherInfo_ptr),(hashMode),(CRYS_DH_Concat_Der_mode),(tmpBuff_ptr),(SecretKeyingData_ptr),(SecretKeyingDataSize)) + + +/****************************************************************/ +/** + * @brief CRYS_DH_X942_HybridGetSecretData computes the shared secret key as follows: + 1. OPTIONAL - validate the correctness of the argument keys + 2. SecretKey1 = ServerPubKey1 ^ ClientPrvKey1 mod Prime + 3. SecretKey2 = ServerPubKey2 ^ ClientPrvKey2 mod Prime + 3. Use of Derivation function to derive a secret data key from the 2 secret keys + + The actual APIs that will be used by the user are: + CRYS_DH_X942_Hybrid_GetSecret_ASN1 + CRYS_DH_X942_Hybrid_GetSecret_Concat + + Note: All buffers arguments are represented in Big-Endian format. + + @param[in] ClientPrvKey_ptr1 - A pointer to the First Private key octet string number + @param[in] ClientPrvKeySize1 - The First Private key Size, in bytes + @param[in] ClientPrvKey_ptr2 - A pointer to the Second Private key octet string + @param[in] ClientPrvKeySize2 - The Second Private key Size, in bytes + @param[in] ServerPubKey_ptr1 - A pointer to the First Server public key octet string + @param[in] ServerPubKeySize1 - The First Server Public key Size, in bytes + @param[in] ServerPubKey_ptr2 - A pointer to the Second Server public key octet string + @param[in] ServerPubKeySize2 - The Second Server Public key Size, in bytes + @param[in] Prime_ptr - A pointer to the Prime octet string + @param[in] PrimeSize - The size of the Prime string + @param[in] OtherInfo - The pointer to structure , containing the data, + shared by two entities of agreement and the data sizes. + This argument is optional (if not needed - set it to NULL). + @param[in] hashMode - The hash function to be used. + @param[in] DerFunc_mode - The type of function to derive the secret key to the key data. + We use an ASN.1-based function or a Hash concatenation function mode. + @param[in] tmpDhHybr_ptr - A pointer to the DH hybrid temp byffer structure. Not initialized. + @param[out] SecretKeyData_ptr - A pointer to the buffer for secret keying data. + @param[in] SecretKeyDataSize - Specifies the derived Secret Key data size needed in bytes. + The size can't be 0 or larger than CRYS_DH_MAX_SIZE_OF_KEYING_DATA + (required by implementation). + + @return CRYSError_t - On success the value CRYS_OK is returned, and on failure an ERROR as defined in CRYS_DH_error.h: + CRYS_DH_SECRET_KEYING_DATA_SIZE_ILLEGAL_ERROR; + CRYS_DH_X942_HYBRID_SIZE1_BUFFER_ERROR; + CRYS_DH_INVALID_ARGUMENT_POINTER_ERROR; + CRYS_DH_INVALID_ARGUMENT_SIZE_ERROR; + CRYS_DH_INVALID_ARGUMENT_OPERATION_MODE_ERROR; + CRYS_DH_ARGUMENT_GENERATOR_SMALLER_THAN_ZERO_ERROR; + CRYS_DH_ARGUMENT_PRIME_SMALLER_THAN_GENERATOR_ERROR; + CRYS_DH_INVALID_L_ARGUMENT_ERROR; + CRYS_DH_ARGUMENT_PRV_SIZE_ERROR; +*/ +CIMPORT_C CRYSError_t CRYS_DH_X942_HybridGetSecretData( + DxUint8_t *ClientPrvKey_ptr1, + DxUint16_t ClientPrvKeySize1, + DxUint8_t *ClientPrvKey_ptr2, + DxUint16_t ClientPrvKeySize2, + DxUint8_t *ServerPubKey_ptr1, + DxUint16_t ServerPubKeySize1, + DxUint8_t *ServerPubKey_ptr2, + DxUint16_t ServerPubKeySize2, + DxUint8_t *Prime_ptr, + DxUint16_t PrimeSize, + CRYS_DH_OtherInfo_t *otherInfo_ptr, + CRYS_DH_HASH_OpMode_t hashMode, + CRYS_DH_DerivationFunc_Mode DerivFunc_mode, + CRYS_DH_HybrTemp_t *tmpDhHybr_ptr, + DxUint8_t *SecretKeyingData_ptr, + DxUint16_t SecretKeyingDataSize); + + +/****************************************************************/ +/** +\brief The CRYS_DH_X942_HybridGetSecretDataAsn1 function implements the DH ANSI X9.42 +standard for deriving a hybrid secret key from 2 public-private pair of keys using +the Derivation function based on ASN1. +*/ +#define CRYS_DH_X942_HybridGetSecretDataAsn1(ClientPrvKey_ptr1,ClientPrvKeySize1,ClientPrvKey_ptr2,ClientPrvKeySize2,ServerPubKey_ptr1,ServerPubKeySize1,ServerPubKey_ptr2,ServerPubKeySize2,Prime_ptr,PrimeSize,otherInfo_ptr,hashFunc,tmpDhHybr_ptr,SecretKeyingData_ptr,SecretKeyingDataSize)\ + CRYS_DH_X942_HybridGetSecretData((ClientPrvKey_ptr1),(ClientPrvKeySize1),(ClientPrvKey_ptr2),(ClientPrvKeySize2),(ServerPubKey_ptr1),(ServerPubKeySize1),(ServerPubKey_ptr2),(ServerPubKeySize2),(Prime_ptr),(PrimeSize),(otherInfo_ptr),(hashFunc),CRYS_DH_ASN1_Der_mode,(tmpDhHybr_ptr),(SecretKeyingData_ptr),(SecretKeyingDataSize)) + +/** + \brief CRYS_DH_X942_HybridGetSecretDataConcat implements the DH ANSI X9.42 standard deriving a hybrid secret key + from 2 public-private pair of keys using the Derivation function based on concatenation using SHA-1 Hash +*/ +#define CRYS_DH_X942_HybridGetSecretDataConcat(ClientPrvKey_ptr1,ClientPrvKeySize1,ClientPrvKey_ptr2,ClientPrvKeySize2,ServerPubKey_ptr1,ServerPubKeySize1,ServerPubKey_ptr2,ServerPubKeySize2,Prime_ptr,PrimeSize,otherInfo_ptr,hashFunc,tmpDhHybr_ptr,SecretKeyingData_ptr,SecretKeyingDataSize)\ + CRYS_DH_X942_HybridGetSecretData((ClientPrvKey_ptr1),(ClientPrvKeySize1),(ClientPrvKey_ptr2),(ClientPrvKeySize2),(ServerPubKey_ptr1),(ServerPubKeySize1),(ServerPubKey_ptr2),(ServerPubKeySize2),(Prime_ptr),(PrimeSize),(otherInfo_ptr),(hashFunc),CRYS_DH_Concat_Der_mode,(tmpDhHybr_ptr),(SecretKeyingData_ptr),(SecretKeyingDataSize)) + + +/******************************************************************************************/ +/** + * @brief The function checks the obtained DH public key according to its domain + * parameters (see X9.42-2001) + * + * @param[out] modP_ptr - The modulus (prime) P. + * @param[in] modPSizeBytes - The modulus size in bytes. + * @param[in] orderQ_ptr - The pointer to prime order Q of generator, + * @param[in] orderQSizeBytes - The size of order of generator in bytes. + * @param[in] pubKey_ptr - The pointer to public key to be validated . + * @param[in] pubKeySizeBytes - The public key size in bytes. + * @param[in] tempBuff_ptr - The temp buffer for internal calculations. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure or if one or more domain + * parameters are invalid the function returns a predefined error code. + * + * Assuming: The DH domain parameters are valid. + */ +CIMPORT_C CRYSError_t CRYS_DH_CheckPubKey( + DxUint8_t *modP_ptr, /*in */ + DxUint32_t modPsizeBytes, /*in */ + DxUint8_t *orderQ_ptr, /*in */ + DxUint32_t orderQsizeBytes, /*in */ + DxUint8_t *pubKey_ptr, /*in */ + DxUint32_t pubKeySizeBytes, /*in */ + CRYS_DH_Temp_t *tempBuff_ptr /*in */); + + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_dh.xml b/peripheral/keystore/chaabi/libcc54/include/crys/crys_dh.xml new file mode 100644 index 0000000..f657880 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_dh.xml @@ -0,0 +1,381 @@ +<?xml version="1.0" encoding="US-ASCII" ?> +<!--**************************************************************** +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +*****************************************************************--> + +<!-- SepRpcTest API description: An API dedicated to test the RPC mechanism --> + +<api name="CrysDh"> <!-- The DH API Agent ID --> + + <!-- Default return codes for generated wrapper code (may be overriden for specific functions --> + <retcodes ok="CRYS_OK" generic_error="CRYS_DH_HOST_MSG_GENERAL_RPC_A_ERROR" invalid_param="CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR" not_enough_resources="CRYS_DH_HOST_MSG_GENERAL_RPC_C_ERROR" /> + <!-- Header files to include for prototypes + --> + + <header>crys_dh.h</header> + <header>crys_dh_error.h</header> + <header>crys_dh_kg.h</header> + <header>crys_rsa_prim.h</header> + <!-- + <header> crys_rsa_types.h</header> + --> + +<!--**************************************************************** --> + <function name="_DX_DH_GeneratePubPrv" return="le32(CRYSError_t)"> + <!-- + CRYSError_t _DX_DH_GeneratePubPrv( + DxUint8_t *Generator_ptr, /*generator*/ + DxUint16_t GeneratorSize, + DxUint8_t *Prime_ptr, /*modulus*/ + DxUint16_t PrimeSize, + DxUint16_t L, /*Exact length of Private key in bits*/ + DxUint8_t *Q_ptr, /*order*/ + DxUint16_t QSize, + CRYS_DH_OpMode_t DH_mode, + CRYS_DHUserPubKey_t *tmpPubKey_ptr, /*temp buff*/ + CRYS_DHPrimeData_t *tmpPrimeData_ptr, /*temp buff*/ + DxUint8_t *ClientPrvKey_ptr, /*out*/ + DxUint16_t *ClientPrvKeySize_ptr, /*in/out*/ + DxUint8_t *ClientPub1_ptr, /*out*/ + DxUint16_t *ClientPubSize_ptr); /*in/out*/ + --> + <param name="Generator_ptr" direction="i" ptype="array(GeneratorSize,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="GeneratorSize" direction="i" ptype="val" dtype="le16(DxUint16_t)"/> + --> + <param name="Prime_ptr" direction="i" ptype="array(PrimeSize,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="PrimeSize" direction="i" ptype="val" dtype="le16(DxUint16_t)"/> + --> + <param name="L" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + <param name="Q_ptr" direction="i" ptype="array(QSize,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="QSize" direction="i" ptype="val" dtype="le16(DxUint16_t)"/> + --> + <param name="DH_mode" direction="i" ptype="val" dtype="le32(CRYS_DH_OpMode_t)" /> + --> + <param name="tmpPubKey_ptr" direction="i" ptype="ref" dtype="CRYS_DHUserPubKey_t" /> + --> + <param name="tmpPrimeData_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_DHPrimeData_t))" dtype="CRYS_DHPrimeData_t" /> + + <param name="ClientPrvKey_ptr" direction="o" ptype="array(*ClientPrvKeySize_ptr,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="ClientPrvKeySize_ptr" direction="io" ptype="ref" dtype="le16(DxUint16_t)"/> + --> + <param name="ClientPub1_ptr" direction="o" ptype="array(*ClientPubSize_ptr,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="ClientPubSize_ptr" direction="io" ptype="ref" dtype="le16(DxUint16_t)"/> + --> + </function> + + + +<!--**************************************************************** --> + <function name="CRYS_DH_GetSecretKey" return="le32(CRYSError_t)"> + <!-- + CRYSError_t CRYS_DH_GetSecretKey( + DxUint8_t *ClientPrvKey_ptr, + DxUint16_t ClientPrvKeySize, + DxUint8_t *ServerPubKey_ptr, + DxUint16_t ServerPubKeySize, + DxUint8_t *Prime_ptr, + DxUint16_t PrimeSize, + CRYS_DHUserPubKey_t *tmpPubKey_ptr, + CRYS_DHPrimeData_t *tmpPrimeData_ptr, + DxUint8_t *SecretKey_ptr, + DxUint16_t *SecretKeySize_ptr) + --> + <param name="ClientPrvKey_ptr" direction="i" ptype="array(ClientPrvKeySize,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="ClientPrvKeySize" direction="i" ptype="val" dtype="le16(DxUint16_t)"/> + --> + <param name="ServerPubKey_ptr" direction="i" ptype="array(ServerPubKeySize,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="ServerPubKeySize" direction="i" ptype="val" dtype="le16(DxUint16_t)"/> + --> + <param name="Prime_ptr" direction="i" ptype="array(PrimeSize,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="PrimeSize" direction="i" ptype="val" dtype="le16(DxUint16_t)"/> + --> + <param name="tmpPubKey_ptr" direction="i" ptype="ref" dtype="CRYS_DHUserPubKey_t" /> + --> + <param name="tmpPrimeData_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_DHPrimeData_t))" dtype="CRYS_DHPrimeData_t" /> + + --> + <param name="SecretKey_ptr" direction="o" ptype="array(*SecretKeySize_ptr,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="SecretKeySize_ptr" direction="io" ptype="ref" dtype="le16(DxUint16_t)"/> + --> + </function> + + + +<!--**************************************************************** --> + <function name="CRYS_DH_CheckPubKey" return="le32(CRYSError_t)"> + <!-- + CRYSError_t CRYS_DH_CheckPubKey( + DxUint8_t *modP_ptr, /*in */ + DxUint32_t modPsizeBytes, /*in */ + DxUint8_t *orderQ_ptr, /*in */ + DxUint32_t orderQsizeBytes, /*in */ + DxUint8_t *pubKey_ptr, /*in */ + DxUint32_t pubKeySizeBytes, /*in */ + CRYS_DH_Temp_t *tempBuff_ptr /*in */) + --> + <param name="modP_ptr" direction="i" ptype="array(modPsizeBytes,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="modPsizeBytes" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + --> + <param name="orderQ_ptr" direction="i" ptype="array(orderQsizeBytes,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="orderQsizeBytes" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + --> + <param name="pubKey_ptr" direction="i" ptype="array(pubKeySizeBytes,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="pubKeySizeBytes" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + --> + <param name="tempBuff_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_DH_ExpTemp_t))" dtype="CRYS_DH_Temp_t" /> + --> + </function> + + + +<!--**************************************************************** --> + <function name="CRYS_DH_X942_GetSecretData" return="le32(CRYSError_t)"> + <!-- + CRYS_DH_X942_GetSecretData( + DxUint8_t *ClientPrvKey_ptr, + DxUint16_t ClientPrvKeySize, + DxUint8_t *ServerPubKey_ptr, + DxUint16_t ServerPubKeySize, + DxUint8_t *Prime_ptr, + DxUint16_t PrimeSize, + CRYS_DH_OtherInfo_t *otherInfo_ptr, + CRYS_DH_HASH_OpMode_t hashMode, + CRYS_DH_DerivationFunc_Mode DerivFunc_mode, + CRYS_DH_Temp_t *tmpBuff_ptr, + DxUint8_t *SecretKeyingData_ptr, + DxUint16_t SecretKeyingDataSize ) + --> + + <param name="ClientPrvKey_ptr" direction="i" ptype="array(ClientPrvKeySize,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="ClientPrvKeySize" direction="i" ptype="val" dtype="le16(DxUint16_t)"/> + --> + <param name="ServerPubKey_ptr" direction="i" ptype="array(ServerPubKeySize,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="ServerPubKeySize" direction="i" ptype="val" dtype="le16(DxUint16_t)"/> + --> + <param name="Prime_ptr" direction="i" ptype="array(PrimeSize,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="PrimeSize" direction="i" ptype="val" dtype="le16(DxUint16_t)"/> + --> + <param name="otherInfo_ptr" direction="i" ptype="ref" dtype="CRYS_DH_OtherInfo_t" > + --> + <field name="AlgorithmID" direction="i" ptype="array(otherInfo_ptr->SizeOfAlgorithmID,CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY)" dtype="DxUint8_t" /> + --> + <field name="SizeOfAlgorithmID" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + --> + <field name="PartyUInfo" direction="i" ptype="array(otherInfo_ptr->SizeOfPartyUInfo,CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY)" dtype="DxUint8_t" /> + --> + <field name="SizeOfPartyUInfo" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + --> + <field name="PartyVInfo" direction="i" ptype="array(otherInfo_ptr->SizeOfPartyVInfo,CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY)" dtype="DxUint8_t" /> + --> + <field name="SizeOfPartyVInfo" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + --> + <field name="SuppPrivInfo" direction="i" ptype="array(otherInfo_ptr->SizeOfSuppPrivInfo,CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY)" dtype="DxUint8_t" /> + --> + <field name="SizeOfSuppPrivInfo" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + --> + <field name="SuppPubInfo" direction="i" ptype="array(otherInfo_ptr->SizeOfSuppPubInfo,CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY)" dtype="DxUint8_t" /> + --> + <field name="SizeOfSuppPubInfo" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + + </param> + --> + <param name="hashMode" direction="i" ptype="val" dtype="le32(CRYS_DH_HASH_OpMode_t)" /> + --> + <param name="DerivFunc_mode" direction="i" ptype="val" dtype="le32(CRYS_DH_DerivationFunc_Mode)" /> + --> + <param name="tmpBuff_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_DHPrimeData_t))" dtype="CRYS_DH_Temp_t" /> + --> + <param name="SecretKeyingData_ptr" direction="o" ptype="array(SecretKeyingDataSize,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="SecretKeyingDataSize" direction="i" ptype="val" dtype="le16(DxUint16_t)"/> + --> + </function> + + + +<!--**************************************************************** --> +<function name="CRYS_DH_X942_HybridGetSecretData" return="le32(CRYSError_t)"> + <!-- + CRYSError_t CRYS_DH_X942_HybridGetSecretData( + DxUint8_t *ClientPrvKey_ptr1, + DxUint16_t ClientPrvKeySize1, + DxUint8_t *ClientPrvKey_ptr2, + DxUint16_t ClientPrvKeySize2, + DxUint8_t *ServerPubKey_ptr1, + DxUint16_t ServerPubKeySize1, + DxUint8_t *ServerPubKey_ptr2, + DxUint16_t ServerPubKeySize2, + DxUint8_t *Prime_ptr, + DxUint16_t PrimeSize, + CRYS_DH_OtherInfo_t *otherInfo_ptr, + CRYS_DH_HASH_OpMode_t hashMode, + CRYS_DH_DerivationFunc_Mode DerivFunc_mode, + CRYS_DH_HybrTemp_t *tmpDhHybr_ptr, + DxUint8_t *SecretKeyingData_ptr, + DxUint16_t SecretKeyingDataSize) + --> + <param name="ClientPrvKey_ptr1" direction="i" ptype="array(ClientPrvKeySize1,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="ClientPrvKeySize1" direction="i" ptype="val" dtype="le16(DxUint16_t)"/> + --> + <param name="ClientPrvKey_ptr2" direction="i" ptype="array(ClientPrvKeySize2,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="ClientPrvKeySize2" direction="i" ptype="val" dtype="le16(DxUint16_t)"/> + --> + <param name="ServerPubKey_ptr1" direction="i" ptype="array(ServerPubKeySize1,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="ServerPubKeySize1" direction="i" ptype="val" dtype="le16(DxUint16_t)"/> + --> + <param name="ServerPubKey_ptr2" direction="i" ptype="array(ServerPubKeySize2,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="ServerPubKeySize2" direction="i" ptype="val" dtype="le16(DxUint16_t)"/> + --> + <param name="Prime_ptr" direction="i" ptype="array(PrimeSize,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="PrimeSize" direction="i" ptype="val" dtype="le16(DxUint16_t)"/> + --> + <param name="otherInfo_ptr" direction="i" ptype="ref" dtype="CRYS_DH_OtherInfo_t" > + --> + <field name="AlgorithmID" direction="i" ptype="array(otherInfo_ptr->SizeOfAlgorithmID,CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY)" dtype="DxUint8_t" /> + --> + <field name="SizeOfAlgorithmID" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + --> + <field name="PartyUInfo" direction="i" ptype="array(otherInfo_ptr->SizeOfPartyUInfo,CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY)" dtype="DxUint8_t" /> + --> + <field name="SizeOfPartyUInfo" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + --> + <field name="PartyVInfo" direction="i" ptype="array(otherInfo_ptr->SizeOfPartyVInfo,CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY)" dtype="DxUint8_t" /> + --> + <field name="SizeOfPartyVInfo" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + --> + <field name="SuppPrivInfo" direction="i" ptype="array(otherInfo_ptr->SizeOfSuppPrivInfo,CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY)" dtype="DxUint8_t" /> + --> + <field name="SizeOfSuppPrivInfo" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + --> + <field name="SuppPubInfo" direction="i" ptype="array(otherInfo_ptr->SizeOfSuppPubInfo,CRYS_DH_MAX_SIZE_OF_OTHER_INFO_ENTRY)" dtype="DxUint8_t" /> + --> + <field name="SizeOfSuppPubInfo" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + + </param> + --> + <param name="hashMode" direction="i" ptype="val" dtype="le32(CRYS_DH_HASH_OpMode_t)" /> + --> + <param name="DerivFunc_mode" direction="i" ptype="val" dtype="le32(CRYS_DH_DerivationFunc_Mode)" /> + --> + <param name="tmpDhHybr_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_DHPrimeData_t))" dtype="CRYS_DH_HybrTemp_t" /> + --> + <param name="SecretKeyingData_ptr" direction="o" ptype="array(SecretKeyingDataSize,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="SecretKeyingDataSize" direction="i" ptype="val" dtype="le16(DxUint16_t)"/> + --> +</function> + + +<!--**************************************************************** --> + <function name="CRYS_DH_CreateDomainParams" return="le32(CRYSError_t)"> + <!-- + CRYSError_t CRYS_DH_CreateDomainParams( + DxUint32_t modPsizeBits, /*in */ + DxUint32_t orderQsizeBits, /*in */ + DxUint32_t seedSizeBits, /*in */ + DxUint8_t *modP_ptr, /*out*/ + DxUint8_t *orderQ_ptr, /*out*/ + DxUint8_t *generatorG_ptr, /*out*/ + DxUint32_t *generGsizeBytes_ptr, /*in/out*/ + DxUint8_t *factorJ_ptr, /*out*/ + DxUint32_t *JsizeBytes_ptr, /*in/out*/ + DxUint8_t *seedS_ptr, /*in/out*/ + DxInt8_t generateSeed, /*in*/ + DxUint32_t *pgenCounter_ptr, /*out*/ + CRYS_DHKGData_t *DHKGbuff_ptr /*in */ ) + --> + + <param name="modPsizeBits" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + --> + <param name="orderQsizeBits" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + --> + <param name="seedSizeBits" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + --> + <param name="modP_ptr" direction="o" ptype="array((modPsizeBits+7)/8,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t"/> + --> + <param name="orderQ_ptr" direction="o" ptype="array((orderQsizeBits+7)/8,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t"/> + --> + <param name="generatorG_ptr" direction="o" ptype="array(*generGsizeBytes_ptr,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t"/> + --> + <param name="generGsizeBytes_ptr" direction="io" ptype="ref" dtype="le32(DxUint32_t)"/> + --> + <param name="factorJ_ptr" direction="o" ptype="array(*JsizeBytes_ptr,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t" /> + --> + <param name="JsizeBytes_ptr" direction="io" ptype="ref" dtype="le32(DxUint32_t)"/> + --> + <param name="seedS_ptr" direction="io" ptype="array((seedSizeBits+7)/8,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t"/> + --> + <param name="generateSeed" direction="i" ptype="val" dtype="DxInt8_t"/> + --> + <param name="pgenCounter_ptr" direction="o" ptype="ref" dtype="le32(DxUint32_t)"/> + --> + <param name="DHKGbuff_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_DHKGData_t))" dtype="CRYS_DHKGData_t" /> + --> + </function> + + + +<!--**************************************************************** --> + <function name="CRYS_DH_CheckDomainParams" return="le32(CRYSError_t)"> + <!-- + CRYSError_t CRYS_DH_CheckDomainParams( + DxUint8_t *modP_ptr, /*in */ + DxUint32_t modPsizeBytes, /*in */ + DxUint8_t *orderQ_ptr, /*in */ + DxUint32_t orderQsizeBytes, /*in */ + DxUint8_t *generatorG_ptr, /*in */ + DxUint32_t generatorSizeBytes, /*in */ + DxUint8_t *seedS_ptr, /*in */ + DxUint32_t seedSizeBits, /*in */ + DxUint32_t pgenCounter, /*in */ + CRYS_DHKG_CheckTemp_t *checkTempBuff_ptr /*in */ ) +--> + + <param name="modP_ptr" direction="i" ptype="array(modPsizeBytes,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t"/> + --> + <param name="modPsizeBytes" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + --> + <param name="orderQ_ptr" direction="i" ptype="array(orderQsizeBytes,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t"/> + --> + <param name="orderQsizeBytes" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + --> + <param name="generatorG_ptr" direction="i" ptype="array(generatorSizeBytes,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t"/> + --> + <param name="generatorSizeBytes" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + --> + <param name="seedS_ptr" direction="i" ptype="array((seedSizeBits+7)/8,CRYS_DH_MAX_MOD_SIZE_IN_BYTES)" dtype="DxUint8_t"/> + --> + <param name="seedSizeBits" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + --> + <param name="pgenCounter" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + --> + <param name="checkTempBuff_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_DHKG_CheckTemp_t))" dtype="CRYS_DHKG_CheckTemp_t" /> + + </function> + +<!--**************************************************************** --> + +</api> diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_dh_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_dh_error.h new file mode 100644 index 0000000..5b8cddc --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_dh_error.h @@ -0,0 +1,106 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _1_CRYS_DH_errors_h_H +#define _1_CRYS_DH_errors_h_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_error.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object %name : % + * State : %state% + * Creation date : Tue Feb 01 17:26:37 2005 + * Last modified : %modify_time% + */ + /** @file + * \brief This file contains error codes definitions for CRYS DH module. + * + * \version crys_dh_errors.h#1:incl:1 + * \author ohads + */ + +/************************ Defines ******************************/ +/* DH module on the CRYS layer base address - 0x00F00500 */ +/* The CRYS DH module errors */ +#define CRYS_DH_INVALID_ARGUMENT_POINTER_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x0UL) +#define CRYS_DH_INVALID_ARGUMENT_SIZE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x1UL) +#define CRYS_DH_INVALID_ARGUMENT_OPERATION_MODE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x2UL) +#define CRYS_DH_INVALID_ARGUMENT_HASH_MODE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x3UL) + +/*the derived secret key size needed is wrong*/ +#define CRYS_DH_SECRET_KEYING_DATA_SIZE_ILLEGAL_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x4UL) +#define CRYS_DH_INVALID_L_ARGUMENT_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x5UL) +#define CRYS_DH_ARGUMENT_PRIME_SMALLER_THAN_GENERATOR_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x6UL) +#define CRYS_DH_ARGUMENT_GENERATOR_SMALLER_THAN_ZERO_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x7UL) +#define CRYS_DH_ARGUMENT_PRV_SIZE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x8UL) +#define CRYS_DH_IS_NOT_SUPPORTED (CRYS_DH_MODULE_ERROR_BASE + 0xFUL) + +#define CRYS_DH_X942_HYBRID_SIZE1_BUFFER_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x15UL) + +/*The requested derived secret key size is invalid*/ +#define CRYS_DH_SECRET_KEY_SIZE_NEEDED_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x16UL) +#define CRYS_DH_SECRET_KEY_SIZE_OUTPUT_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x17UL) +#define CRYS_DH_OTHERINFO_SIZE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x18UL) + +/* DH domain and key generation and checking errors */ +#define CRYS_DH_INVALID_MODULUS_SIZE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x20UL) +#define CRYS_DH_INVALID_ORDER_SIZE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x21UL) +#define CRYS_DH_INVALID_SEED_SIZE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x22UL) +#define CRYS_DH_INVALID_J_FACTOR_PTR_OR_SIZE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x23UL) +#define CRYS_DH_INVALID_GENERATOR_PTR_OR_SIZE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x24UL) + +#define CRYS_DH_CHECK_DOMAIN_PRIMES_NOT_VALID_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x25UL) +#define CRYS_DH_CHECK_DOMAIN_GENERATOR_NOT_VALID_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x26UL) +#define CRYS_DH_INVALID_PUBLIC_KEY_SIZE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x27UL) +#define CRYS_DH_CHECK_PUB_KEY_NOT_VALID_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x28UL) +#define CRYS_DH_CHECK_GENERATOR_SIZE_OR_PTR_NOT_VALID_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x29UL) +#define CRYS_DH_CHECK_SEED_SIZE_OR_PTR_NOT_VALID_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x2AUL) +#define CRYS_DH_CHECK_GENERATOR_NOT_VALID_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x2BUL) +#define CRYS_DH_PRIME_P_GENERATION_FAILURE_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x2CUL) +#define CRYS_DH_INVALID_PUBLIC_KEY_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x2DUL) +#define CRYS_DH_PASSED_INVALID_SEED_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x2EUL) + +#define CRYS_DH_HOST_MSG_GENERAL_RPC_A_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x30UL) +#define CRYS_DH_HOST_MSG_GENERAL_RPC_B_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x31UL) +#define CRYS_DH_HOST_MSG_GENERAL_RPC_C_ERROR (CRYS_DH_MODULE_ERROR_BASE + 0x32UL) + + + + + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + + + + +#ifdef __cplusplus +} +#endif + +#endif + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_dh_kg.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_dh_kg.h new file mode 100644 index 0000000..a44d8eb --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_dh_kg.h @@ -0,0 +1,203 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _15_CRYS_DH_KG_h_H +#define _15_CRYS_DH_KG_h_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_dh.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + + /** + * Object %name : %crys_dh_kg.h + * State : %state% + * Creation date : 16 Dec. 2007 + * Last modified : %modify_time% + */ + /** @file + * \brief This module defines the API that supports Diffie-Hellman domain + * parameters and key generation and checking according to ANSI X9.42. + * + * \version crys_dh_kg.h #1:incl: + * \author R.Levin. + * + */ + +/************************ Defines ******************************/ + +#define CRYS_DH_SEED_MIN_SIZE_IN_BYTES CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES /*20 bytes */ +#define CRYS_DH_SEED_MIN_SIZE_IN_BITS (CRYS_DH_SEED_MIN_SIZE_IN_BYTES * 8) /* 160 bits */ + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + +/** temp buffers, used in different DH KG functions */ + +/* temp data buffer structure for domain parameters generation in DH */ +typedef struct CRYS_DHKGData_t +{ + /* The aligned input and output temp buffers */ + DxUint32_t TempBuff1[CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint32_t TempBuff2[CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint32_t TempBuff3[CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint32_t TempBuff4[CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint32_t TempBuff5[CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint32_t TempBuff6[CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS]; + + CRYS_DH_Temp_t ExpTemps; +}CRYS_DHKGData_t; + +typedef struct CRYS_DHKG_CheckTemp_t +{ + DxUint32_t CheckTempBuff[3*CRYS_DH_MAX_MOD_BUFFER_SIZE_IN_WORDS]; + CRYS_DHKGData_t DhKgBuff; +}CRYS_DHKG_CheckTemp_t; + + +/************************ Structs ******************************/ + +/************************ Public Variables **********************/ + +/************************ Public Functions **********************/ + + +/******************************************************************************************/ +/** +* @brief The function generates a DH (DLP) domain parameters in GF(P) (see X9.42-2001) +* +* +* @param[in] modPSizeBits - The modulus (prime) P size in bits equal 256*n, where n >= 4. +* @param[in] orderQSizeBits - The size of order of generator in bits. According to ANSI X9.43: +* m must be multiple of 32 bits and m >= 160. According to ANSI X9.30-1: +* m = 160 bit. Because Q is prime factor of P-1, it must be <= (P-1)/2, +* therefore orderQSizeBits <= modPSizeBits. +* @param[in] seedSizeBits - The seed size in bits. Requirements: +* seedSizeBits >= orderQSizeBits and seedSizeBits <= modPSizeBits ( the +* last is required by our implementation). +* @param[out] modP_ptr - The prime modulus P of structure P = J*Q + 1, where Q is prime +* and j is an integer. Size of the buffer for output generated value must +* be not less, than modulus size. +* @param[out] orderQ_ptr - The pointer to the order Q of generator. The size of the buffer for output +* generated value must be not less, than order size. +* @param[out] generatorG_ptr - The pointer to the generator of multiplicative subgroup in GF(P). + * If the pointer == NULL, the function returns an error. Size of the buffer + * for output generated value must be not less, than modulus size. +* @param [in/out]generGsizeBytes_ptr - The pointer to the one-word buffer, containing the generator size value (in bytes). + * The user must set the size of allocated buffer, and the function returns the + * actual size of the generator in bytes. +* @param[out] factorJ_ptr - The pointer to buffer for integer factor J. If the pointer == NULL, the function +* not puts this parameter out. In this case JsizeBytes_ptr must be set to NULL, + * otherwise the function returns an error. The size of the buffer must be not less, +* than ( modPSizesBytes - orderQSizeBytes + 1 ). +* @param [in/out] JsizeBytes_ptr - The pointer to the size of integer factor J. If the pointer == NULL, +* the function not puts this parameter out. If output of the factor J is needed, the +* user must set the J size value equal to the size of allocated buffer, and the +* function returns the actual size of J in bytes. +* @param [in/out] seedS_ptr - The random seed used for generation of primes. The size of the buffer for output + * generated value must be not less, than passed seed size (see above) and not less + * 20 bytes (160 bits). +* @param[in] generateSeed - The flag, defining whether the seed generated randomly by the function +* (generateSeed = 1), or it is passed by the input (generateSeed = 0). +* @param[out] pgenCounter_ptr - The pointer to counter of tries to generate the primes. If the pointer == NULL, +* the function not puts this parameter out. +* @param[out] DHKGBuff_ptr - The temp buffer for internal calculations. The buffer is defined as structure. +* +* @return CRYSError_t - On success CRYS_OK is returned, on failure - a predefined error code. +* + * Note: 1. Input and Output vectors are in big endianness (most significant bit is left most one). +* 2. In case of any error the function may clean the output buffers. +* +*/ +CIMPORT_C CRYSError_t CRYS_DH_CreateDomainParams( + DxUint32_t modPsizeBits, /*in */ + DxUint32_t orderQsizeBits, /*in */ + DxUint32_t seedSizeBits, /*in */ + DxUint8_t *modP_ptr, /*out*/ + DxUint8_t *orderQ_ptr, /*out*/ + DxUint8_t *generatorG_ptr, /*out*/ + DxUint32_t *generGsizeBytes_ptr, /*in/out*/ + DxUint8_t *factorJ_ptr, /*out*/ + DxUint32_t *JsizeBytes_ptr, /*in/out*/ + DxUint8_t *seedS_ptr, /*in/out*/ + DxInt8_t generateSeed, /*in*/ + DxUint32_t *pgenCounter_ptr, /*out*/ + CRYS_DHKGData_t *DHKGbuff_ptr /*in */ ); + + +/******************************************************************************************/ +/** +* @brief The function checks the obtained DH domain parameters according X9.42-2001. +* +* There may be 3 case of checking: +* 1. Checking of primes only ( modulus P and order Q according to passed seed S and pgenCounter). +* In this case all pointers and sizes of said parameters must be passed (not NULL), but generator +* G pointer and it size must be both set to NULL. +* 2. Checking of generator G only in assuming that primes parameters P, Q are valid. In ths case +* the user must to pass the P,Q,G pointers and sizes. The seed S pointer and size must be both +* set to NULL, otherwise the function returns an error. +* 3. Checking all domain parameters. In this case all input parameters must be passed to the function. +* +* If any of checked domain parameters is not compliant to X9.42-2001 standard and our implementation +* limitation, the function returns an error according to CRYS_DH_error.h file. +* +* NOTE: Detailed requirements to all used parameters are described above in CRYS_DH_CreateDomainParams +* functions API. +* +* @param[out] modP_ptr - The prime modulus P. Must be of structure P = j*Q + 1, +* where Q is prime and j is an integer. +* @param[in] modPSizeBits - The modulus (prime) P size in bits equal 256*n, where n >= 4. +* @param[out] orderQ_ptr - The pointer to the order Q of generator. +* @param[in] orderQSizeBytes - The size of order of generator in bytes. According to ANSI X9.43: +* m must be multiple of 32 bits and m >= 160. According to ANSI X9.30-1: +* m = 160 bit. Because Q is prime factor of P-1, it must be <= (P-1)/2. +* In our implementation required, that orderQSize <= modPSizeBytes/2. +* @param[in] generatorG_ptr - The pointer to the generator of multiplicative subgroup in GF(P). +* @param[in] generatorSizeBytes - The size of generator in bytes (must be set if generator will be checked). +* @param[in] seedS_ptr - The random seed used for generation of primes (must be set if +* primes will be checked). +* @param[in] seedSizeBits - The seed size in bits. If the seed is used, +* then its size must be: +* seedSizeBits >= orderQSizeBits and +* seedSizeBits <= modPSizeBits ( the last is +* required by our implementation). +* @param[in] pgenCounter - The counter of tries to generate the primes (must be set if primes +* will be checked). +* @param[in] TempBuff_ptr - The temp buffer of defined structure. +* +* @return CRYSError_t - On success CRYS_OK is returned, on failure or if one or more domain +* parameters are invalid the function returns a predefined error code. +* +* Note: Input vectors are in big endianness. +* +*/ +CIMPORT_C CRYSError_t CRYS_DH_CheckDomainParams( + DxUint8_t *modP_ptr, /*in */ + DxUint32_t modPsizeBytes, /*in */ + DxUint8_t *orderQ_ptr, /*in */ + DxUint32_t orderQsizeBytes, /*in */ + DxUint8_t *generatorG_ptr, /*in */ + DxUint32_t generatorSizeBytes, /*in */ + DxUint8_t *seedS_ptr, /*in */ + DxUint32_t seedSizeBits, /*in */ + DxUint32_t pgenCounter, /*in */ + CRYS_DHKG_CheckTemp_t *checkTempBuff_ptr /*in */ ); + + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecc.xml b/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecc.xml new file mode 100644 index 0000000..5b5ac17 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecc.xml @@ -0,0 +1,452 @@ +<?xml version="1.0" encoding="US-ASCII" ?> +<!--**************************************************************** +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +*****************************************************************--> + +<!-- SepRpcTest API description: An API dedicated to test the RPC mechanism --> + +<api name="CrysEcc"> <!-- The ECC API Agent ID --> + +<!-- Default return codes for generated wrapper code (may be overriden for specific functions --> + <retcodes ok="CRYS_OK" generic_error="CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR" invalid_param="CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR" not_enough_resources="CRYS_ECC_HOST_MSG_GENERAL_RPC_C_ERROR" /> + <!-- Header files to include for prototypes + --> + <header>crys_host_rpc_config.h</header> + <header>crys_ecpki_error.h</header> + <header>crys_ecpki_build.h</header> + <header>crys_ecpki_types.h</header> + <header>crys_ecpki_ecdsa.h</header> + <header>crys_ecpki_elgamal.h</header> + <header>crys_ecpki_kg.h</header> + <header>crys_ecpki_dh.h</header> + + + <function name="CRYS_ECPKI_BuildPrivKey" return="le32(CRYSError_t)"> + <!-- + CRYSError_t CRYS_ECPKI_BuildPrivKey( + CRYS_ECPKI_DomainID_t DomainID, /*in */ + DxUint8_t *PrivKeyIn_ptr, /*in*/ + DxUint32_t PrivKeySizeInBytes,/*in*/ + CRYS_ECPKI_UserPrivKey_t *UserPrivKey_ptr /*out*/ ); + --> + <param name="DomainID" direction="i" ptype="val" dtype="le32(CRYS_ECPKI_DomainID_t)"/> + <!-- CRYS_ECPKI_DomainID_t DomainID + --> + <param name="PrivKeyIn_ptr" direction="i" ptype="array(PrivKeySizeInBytes,4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+2)" dtype="DxUint8_t"/> + <!-- DxUint8_t *PrivKeyIn_ptr + --> + <param name="PrivKeySizeInBytes" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <!-- DxUint32_t PrivKeySizeInBytes + --> + <param name="UserPrivKey_ptr" direction="o" ptype="ref" dtype="CRYS_ECPKI_UserPrivKey_t" > + <field name="valid_tag" direction="o" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PrivKeyDbBuff" direction="o" ptype="array(sizeof(CRYS_ECPKI_PrivKey_t),sizeof(CRYS_ECPKI_PrivKey_t))" dtype="DxUint8_t" /> + </param> + <!-- CRYS_ECPKI_UserPrivKey_t *UserPrivKey_ptr + --> + </function> + <function name="_DX_ECPKI_BuildPublKey" return="le32(CRYSError_t)"> + <!-- + + CRYSError_t _DX_ECPKI_BuildPublKey( + CRYS_ECPKI_DomainID_t DomainID, /*in*/ + DxUint8_t *PublKeyIn_ptr, /*in*/ + DxUint32_t PublKeySizeInBytes, /*in*/ + EC_PublKeyCheckMode_t CheckMode, /*in*/ + CRYS_ECPKI_UserPublKey_t *UserPublKey_ptr, /*out*/ + CRYS_ECPKI_BUILD_TempData_t *TempBuff_ptr /*in*/ ); + + --> + <param name="DomainID" direction="i" ptype="val" dtype="le32(CRYS_ECPKI_DomainID_t)"/> + <!-- CRYS_ECPKI_DomainID_t DomainID + --> + <param name="PublKeyIn_ptr" direction="i" ptype="array(PublKeySizeInBytes,4*2*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+2)" dtype="DxUint8_t"/> + <!-- DxUint8_t *PublKeyIn_ptr + --> + <param name="PublKeySizeInBytes" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <!-- DxUint32_t PublKeySizeInBytes + --> + <param name="CheckMode" direction="i" ptype="val" dtype="le32(EC_PublKeyCheckMode_t)" /> + --> + <param name="UserPublKey_ptr" direction="o" ptype="ref" dtype="CRYS_ECPKI_UserPublKey_t" > + <field name="valid_tag" direction="o" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PublKeyDbBuff" direction="o" ptype="array(sizeof(CRYS_ECPKI_PublKey_t),sizeof(CRYS_ECPKI_PublKey_t))" dtype="DxUint8_t" /> + </param> + <!-- CRYS_ECPKI_UserPublKey_t *UserPublKey_ptr + --> + <param name="TempBuff_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_ECPKI_BUILD_TempData_t))" dtype="CRYS_ECPKI_BUILD_TempData_t" /> + + <!-- CRYS_ECPKI_BUILD_TempData_t *TempBuff_ptr + --> + </function> + + + <function name="CRYS_ECDSA_SignInit" return="le32(CRYSError_t)"> + <!-- + + CRYSError_t CRYS_ECDSA_SignInit( + CRYS_ECDSA_SignUserContext_t *SignUserContext_ptr, /*in/out*/ + CRYS_ECPKI_UserPrivKey_t *SignerPrivKey_ptr, /*in*/ + CRYS_ECPKI_HASH_OpMode_t HashMode /*in*/ ); + + + --> + <param name="SignUserContext_ptr" direction="io" ptype="ref" dtype="CRYS_ECDSA_SignUserContext_t" > + <field name="valid_tag" direction="io" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="AES_iv" direction="io" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="context_buff" direction="io" ptype="array(sizeof(ECDSA_SignContext_t),sizeof(ECDSA_SignContext_t))" dtype="DxUint8_t" /> + </param> + --> + <param name="SignerPrivKey_ptr" direction="i" ptype="ref" dtype="CRYS_ECPKI_UserPrivKey_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PrivKeyDbBuff" direction="i" ptype="array(sizeof(CRYS_ECPKI_PrivKey_t),sizeof(CRYS_ECPKI_PrivKey_t))" dtype="DxUint8_t" /> + </param> + --> + <param name="HashMode" direction="i" ptype="val" dtype="le32(CRYS_ECPKI_HASH_OpMode_t)" /> + --> + </function> + + + <function name="CRYS_ECDSA_SignUpdate" return="le32(CRYSError_t)"> + <!-- + CRYSError_t CRYS_ECDSA_SignUpdate( CRYS_ECDSA_SignUserContext_t *SignUserContext_ptr, /*in/out*/ + DxUint8_t *MessageDataIn_ptr, /* in */ + DxUint32_t DataInSize /* in */ ); + --> + <param name="SignUserContext_ptr" direction="io" ptype="ref" dtype="CRYS_ECDSA_SignUserContext_t" > + <field name="valid_tag" direction="io" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="AES_iv" direction="io" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="context_buff" direction="io" ptype="array(sizeof(ECDSA_SignContext_t),sizeof(ECDSA_SignContext_t))" dtype="DxUint8_t" /> + </param> + --> + <param name="MessageDataIn_ptr" direction="i" ptype="buf(DataInSize)" dtype="DxUint8_t" /> + --> + <param name="DataInSize" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <!-- DxUint32_t PrivKeySizeInBytes_ptr + --> + </function> + + <function name="_DX_ECDSA_SignFinish" return="le32(CRYSError_t)"> + <!-- + + CRYSError_t _DX_ECDSA_SignFinish( + CRYS_ECDSA_SignUserContext_t *SignUserContext_ptr, /*in*/ + DxUint8_t *SignatureOut_ptr, /*out*/ + DxUint32_t *SignatureOutSize_ptr,/*in/out*/ + DxInt8_t IsEphemerKeyInternal, /*in*/ + DxUint32_t *EphemerKeyData_ptr /*in*/ ); + + + --> + <param name="SignUserContext_ptr" direction="i" ptype="ref" dtype="CRYS_ECDSA_SignUserContext_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="AES_iv" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="context_buff" direction="i" ptype="array(sizeof(ECDSA_SignContext_t),sizeof(ECDSA_SignContext_t))" dtype="DxUint8_t" /> + </param> + --> + <param name="SignatureOut_ptr" direction="o" ptype="array(*SignatureOutSize_ptr,4*2*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+2)" dtype="DxUint8_t"/> + --> + <param name="SignatureOutSize_ptr" direction="io" ptype="ref" dtype="le32(DxUint32_t)" /> + --> + <param name="IsEphemerKeyInternal" direction="i" ptype="val" dtype="DxInt8_t" /> + --> + <param name="EphemerKeyData_ptr" direction="i" ptype="array(4*(CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+1)+2*4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS,4*(CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+1)+2*4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS)" dtype="DxUint32_t" /> + --> + + </function> + + + <function name="CRYS_ECDSA_Sign" return="le32(CRYSError_t)"> + <!-- + CRYSError_t CRYS_ECDSA_Sign( + CRYS_ECDSA_SignUserContext_t *SignUserContext_ptr, /*in/out*/ + CRYS_ECPKI_UserPrivKey_t *SignerPrivKey_ptr, /*in*/ + CRYS_ECPKI_HASH_OpMode_t HashMode, /*in*/ + DxUint8_t *MessageDataIn_ptr, /*in*/ + DxUint32_t MessageSizeInBytes, /*in*/ + DxUint8_t *SignatureOut_ptr, /*out*/ + DxUint32_t *SignatureOutSize_ptr /*in*/); + + --> + <param name="SignUserContext_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_ECDSA_SignUserContext_t))" dtype="CRYS_ECDSA_SignUserContext_t" /> + --> + <param name="SignerPrivKey_ptr" direction="i" ptype="ref" dtype="CRYS_ECPKI_UserPrivKey_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PrivKeyDbBuff" direction="i" ptype="array(sizeof(CRYS_ECPKI_PrivKey_t),sizeof(CRYS_ECPKI_PrivKey_t))" dtype="DxUint8_t" /> + </param> + --> + <param name="HashMode" direction="i" ptype="val" dtype="le32(CRYS_ECPKI_HASH_OpMode_t)" /> + --> + <param name="MessageDataIn_ptr" direction="i" ptype="buf(MessageSizeInBytes)" dtype="DxUint8_t" /> + --> + <param name="MessageSizeInBytes" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + <param name="SignatureOut_ptr" direction="o" ptype="array((*SignatureOutSize_ptr),4*2*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+2)" dtype="DxUint8_t" /> + --> + <param name="SignatureOutSize_ptr" direction="io" ptype="ref" dtype="le32(DxUint32_t)" /> + --> + </function> + + + + <function name="CRYS_ECDSA_VerifyInit" return="le32(CRYSError_t)"> + <!-- + + CRYSError_t CRYS_ECDSA_VerifyInit( CRYS_ECDSA_VerifyUserContext_t *VerifyUserContext_ptr, /*in/out*/ + CRYS_ECPKI_UserPublKey_t *SignerPublKey_ptr, /*in*/ + CRYS_ECPKI_HASH_OpMode_t HashMode /*in*/ ); + + --> + <param name="VerifyUserContext_ptr" direction="io" ptype="ref" dtype="CRYS_ECDSA_VerifyUserContext_t" > + <field name="valid_tag" direction="io" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="AES_iv" direction="io" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="context_buff" direction="io" ptype="array(sizeof(ECDSA_VerifyContext_t),sizeof(ECDSA_VerifyContext_t))" dtype="DxUint8_t" /> + </param> + --> + <param name="SignerPublKey_ptr" direction="i" ptype="ref" dtype="CRYS_ECPKI_UserPublKey_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PublKeyDbBuff" direction="i" ptype="array(sizeof(CRYS_ECPKI_PublKey_t),sizeof(CRYS_ECPKI_PublKey_t))" dtype="DxUint8_t" /> + </param> + --> + <param name="HashMode" direction="i" ptype="val" dtype="le32(CRYS_ECPKI_HASH_OpMode_t)" /> + --> + </function> + + + <function name="CRYS_ECDSA_VerifyUpdate" return="le32(CRYSError_t)"> + <!-- + + CRYSError_t CRYS_ECDSA_VerifyUpdate( CRYS_ECDSA_VerifyUserContext_t *VerifyUserContext_ptr, /*in/out*/ + DxUint8_t *MessageDataIn_ptr, /* in */ + DxUint32_t DataInSize /* in */ ); + + --> + <param name="VerifyUserContext_ptr" direction="io" ptype="ref" dtype="CRYS_ECDSA_VerifyUserContext_t" > + <field name="valid_tag" direction="io" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="AES_iv" direction="io" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="context_buff" direction="io" ptype="array(sizeof(ECDSA_VerifyContext_t),sizeof(ECDSA_VerifyContext_t))" dtype="DxUint8_t" /> + </param> + --> + <param name="MessageDataIn_ptr" direction="i" ptype="buf(DataInSize)" dtype="DxUint8_t" /> + --> + <param name="DataInSize" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + </function> + + + <function name="CRYS_ECDSA_VerifyFinish" return="le32(CRYSError_t)"> + <!-- + + CRYSError_t CRYS_ECDSA_VerifyFinish( + CRYS_ECDSA_VerifyUserContext_t *VerifyUserContext_ptr, /*in*/ + DxUint8_t *SignatureIn_ptr, /*in*/ + DxUint32_t SignatureSizeBytes /*in*/ ); + + --> + <param name="VerifyUserContext_ptr" direction="io" ptype="ref" dtype="CRYS_ECDSA_VerifyUserContext_t" > + <field name="valid_tag" direction="io" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="AES_iv" direction="io" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="context_buff" direction="io" ptype="array(sizeof(ECDSA_VerifyContext_t),sizeof(ECDSA_VerifyContext_t))" dtype="DxUint8_t" /> + </param> + --> + <param name="SignatureIn_ptr" direction="i" ptype="array(SignatureSizeBytes,4*2*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS)" dtype="DxUint8_t" /> + --> + <param name="SignatureSizeBytes" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + </function> + + + + <function name="CRYS_ECDSA_Verify" return="le32(CRYSError_t)"> + <!-- + + CRYSError_t CRYS_ECDSA_Verify ( CRYS_ECDSA_VerifyUserContext_t *VerifyUserContext_ptr, /*in/out*/ + CRYS_ECPKI_UserPublKey_t *UserPublKey_ptr, /*in*/ + CRYS_ECPKI_HASH_OpMode_t HashMode, /*in*/ + DxUint8_t *SignatureIn_ptr, /*in*/ + DxUint32_t SignatureSizeBytes, /*in*/ + DxUint8_t *MessageDataIn_ptr, /*in*/ + DxUint32_t MessageSizeInBytes /*in*/ ); + + --> + <param name="VerifyUserContext_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_ECDSA_VerifyUserContext_t))" dtype="CRYS_ECDSA_VerifyUserContext_t" /> + --> + + <param name="UserPublKey_ptr" direction="i" ptype="ref" dtype="CRYS_ECPKI_UserPublKey_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PublKeyDbBuff" direction="i" ptype="array(sizeof(CRYS_ECPKI_PublKey_t),sizeof(CRYS_ECPKI_PublKey_t))" dtype="DxUint8_t" /> + </param> + --> + <param name="HashMode" direction="i" ptype="val" dtype="le32(CRYS_ECPKI_HASH_OpMode_t)" /> + --> + <param name="SignatureIn_ptr" direction="i" ptype="array(SignatureSizeBytes,4*2*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS)" dtype="DxUint8_t" /> + --> + <param name="SignatureSizeBytes" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + <param name="MessageDataIn_ptr" direction="i" ptype="buf(MessageSizeInBytes)" dtype="DxUint8_t" /> + --> + <param name="MessageSizeInBytes" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + </function> + + + + <function name="_DX_ECPKI_ELGAMAL_Encrypt" return="le32(CRYSError_t)"> + <!-- + + CRYSError_t _DX_ECPKI_ELGAMAL_Encrypt ( + CRYS_ECPKI_UserPublKey_t *ReceiverUserPublKey_ptr, /*in*/ + DxUint8_t *MessageIn_ptr, /*in*/ + DxUint32_t MessageInSizeBytes, /*in*/ + DxUint8_t *EncrMessageOut_ptr, /*out*/ + DxUint32_t *EncrMessOutSize_ptr, /*in,out*/ + DxInt8_t IsEphemerKeyInternal, /*in*/ + DxUint8_t *EphemerPrivKeyIn_ptr, /*in*/ + DxUint32_t EphemerPrivKeySizeBytes, /*in*/ + CRYS_EC_ELGAMAL_TempData_t *TempData_ptr /*in*/ ); + + --> + <param name="ReceiverUserPublKey_ptr" direction="i" ptype="ref" dtype="CRYS_ECPKI_UserPublKey_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PublKeyDbBuff" direction="i" ptype="array(sizeof(CRYS_ECPKI_PublKey_t),sizeof(CRYS_ECPKI_PublKey_t))" dtype="DxUint8_t" /> + </param> + --> + <param name="MessageIn_ptr" direction="i" ptype="array(MessageInSizeBytes,4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS)" dtype="DxUint8_t" /> + --> + <param name="MessageInSizeBytes" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + <!-- + TBD: to check what is the max size and if we can make it max int without a value + --> + <param name="EncrMessageOut_ptr" direction="o" ptype="array(*EncrMessOutSize_ptr,4*4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS)" dtype="DxUint8_t" /> + --> + <param name="EncrMessOutSize_ptr" direction="io" ptype="ref" dtype="le32(DxUint32_t)" /> + --> + <param name="IsEphemerKeyInternal" direction="i" ptype="val" dtype="DxInt8_t" /> + --> + <param name="EphemerPrivKeyIn_ptr" direction="i" ptype="array(EphemerPrivKeySizeBytes,4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS)" dtype="DxUint8_t" /> + --> + <param name="EphemerPrivKeySizeBytes" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + <param name="TempData_ptr" direction="i" ptype="ref" dtype="CRYS_EC_ELGAMAL_TempData_t" /> + --> + </function> + + + <function name="CRYS_ECPKI_ELGAMAL_Decrypt" return="le32(CRYSError_t)"> + <!-- + + CRYSError_t CRYS_ECPKI_ELGAMAL_Decrypt ( + CRYS_ECPKI_UserPrivKey_t *ReceiverUserPrivKey_ptr, /*in*/ + DxUint8_t *EncrMessageIn_ptr, /*in*/ + DxUint32_t EncrMessageSizeInBytes, /*in*/ + DxUint8_t *DecrMessageOut_ptr, /*out*/ + DxUint32_t *DecrMessageOutSize_ptr, /*in*/ + CRYS_EC_ELGAMAL_TempData_t *TempData_ptr /*in*/ ); + + --> + <param name="ReceiverUserPrivKey_ptr" direction="i" ptype="ref" dtype="CRYS_ECPKI_UserPrivKey_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PrivKeyDbBuff" direction="i" ptype="array(sizeof(CRYS_ECPKI_PrivKey_t),sizeof(CRYS_ECPKI_PrivKey_t))" dtype="DxUint8_t" /> + </param> + --> + <param name="EncrMessageIn_ptr" direction="i" ptype="array(EncrMessageSizeInBytes,4*4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS)" dtype="DxUint8_t" /> + --> + <param name="EncrMessageSizeInBytes" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + <param name="DecrMessageOut_ptr" direction="o" ptype="array(*DecrMessageOutSize_ptr,4*4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS)" dtype="DxUint8_t" /> + --> + <param name="DecrMessageOutSize_ptr" direction="io" ptype="ref" dtype="le32(DxUint32_t)" /> + --> + <param name="TempData_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_EC_ELGAMAL_TempData_t))" dtype="CRYS_EC_ELGAMAL_TempData_t" /> + --> + </function> + + + + <function name="CRYS_ECDH_SVDP_DH" return="le32(CRYSError_t)"> + <!-- + + CRYSError_t CRYS_ECDH_SVDP_DH( + CRYS_ECPKI_UserPublKey_t *PartnerPublKey_ptr, /*in*/ + CRYS_ECPKI_UserPrivKey_t *UserPrivKey_ptr, /*in*/ + DxUint8_t *SharedSecretValue_ptr, /*out*/ + DxUint32_t *SharedSecrValSize_ptr, /*in/out*/ + CRYS_ECDH_TempData_t *TempBuff_ptr /*in*/ ); + --> + + <param name="PartnerPublKey_ptr" direction="i" ptype="ref" dtype="CRYS_ECPKI_UserPublKey_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PublKeyDbBuff" direction="i" ptype="array(sizeof(CRYS_ECPKI_PublKey_t),sizeof(CRYS_ECPKI_PublKey_t))" dtype="DxUint8_t" /> + </param> + --> + <param name="UserPrivKey_ptr" direction="i" ptype="ref" dtype="CRYS_ECPKI_UserPrivKey_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PrivKeyDbBuff" direction="i" ptype="array(sizeof(CRYS_ECPKI_PrivKey_t),sizeof(CRYS_ECPKI_PrivKey_t))" dtype="DxUint8_t" /> + </param> + --> + <param name="SharedSecretValue_ptr" direction="o" ptype="array(*SharedSecrValSize_ptr,4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS)" dtype="DxUint8_t" /> + --> + <param name="SharedSecrValSize_ptr" direction="io" ptype="ref" dtype="le32(DxUint32_t)" /> + --> + <param name="TempBuff_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_ECDH_TempData_t))" dtype="CRYS_ECDH_TempData_t" /> + --> + </function> + + + + <function name="CRYS_ECPKI_ExportPublKey" return="le32(CRYSError_t)"> +<!-- + CEXPORT_C CRYSError_t CRYS_ECPKI_ExportPublKey( + CRYS_ECPKI_UserPublKey_t *UserPublKey_ptr, /*in*/ + CRYS_ECPKI_PointCompression_t Compression, /*in*/ + DxUint8_t *ExternPublKey_ptr, /*in*/ + DxUint32_t *PublKeySizeInBytes_ptr /*in/out*/ ) + +--> + +<param name="UserPublKey_ptr" direction="i" ptype="ref" dtype="CRYS_ECPKI_UserPublKey_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PublKeyDbBuff" direction="i" ptype="array(sizeof(CRYS_ECPKI_PublKey_t),sizeof(CRYS_ECPKI_PublKey_t))" dtype="DxUint8_t" /> +</param> + --> + <param name="Compression" direction="i" ptype="val" dtype="le32(CRYS_ECPKI_PointCompression_t)" /> + --> + <param name="ExternPublKey_ptr" direction="o" ptype="array(*PublKeySizeInBytes_ptr,4*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS*2+1)" dtype="DxUint8_t" /> + --> + <param name="PublKeySizeInBytes_ptr" direction="io" ptype="ref" dtype="le32(DxUint32_t)" /> + --> + </function> + + + <function name="CRYS_ECPKI_GenKeyPair" return="le32(CRYSError_t)"> +<!-- + CIMPORT_C CRYSError_t CRYS_ECPKI_GenKeyPair( + CRYS_ECPKI_DomainID_t DomainID, /*in*/ + CRYS_ECPKI_UserPrivKey_t *UserPrivKey_ptr, /*out*/ + CRYS_ECPKI_UserPublKey_t *UserPublKey_ptr, /*out*/ + CRYS_ECPKI_KG_TempData_t *TempData_ptr /*in*/ ); + +--> +<param name="DomainID" direction="i" ptype="val" dtype="le32(CRYS_ECPKI_DomainID_t)"/> + --> +<param name="UserPrivKey_ptr" direction="o" ptype="ref" dtype="CRYS_ECPKI_UserPrivKey_t" > + <field name="valid_tag" direction="o" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PrivKeyDbBuff" direction="o" ptype="array(sizeof(CRYS_ECPKI_PrivKey_t),sizeof(CRYS_ECPKI_PrivKey_t))" dtype="DxUint8_t" /> + </param> + --> + <param name="UserPublKey_ptr" direction="o" ptype="ref" dtype="CRYS_ECPKI_UserPublKey_t" > + <field name="valid_tag" direction="o" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PublKeyDbBuff" direction="o" ptype="array(sizeof(CRYS_ECPKI_PublKey_t),sizeof(CRYS_ECPKI_PublKey_t))" dtype="DxUint8_t" /> +</param> + --> + <param name="TempData_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_ECPKI_KG_TempData_t))" dtype="CRYS_ECPKI_KG_TempData_t" /> + --> + </function> + + + + + </api> diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_build.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_build.h new file mode 100644 index 0000000..486fb35 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_build.h @@ -0,0 +1,298 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_ECPKI_BUILD_H +#define CRYS_ECPKI_BUILD_H + +/* + * Object name : CRYS_ECPKI_BUILD.h + * State : %state% + * Creation date : 02.02.2006 + * Last modified : %modify_time% + */ +/** @file CRYS_ECPKI_BUILD.h + * \brief Defines the API that supports EC Diffie-Hellman + * shared secret value derivation primitives + * + * \version CRYS_ECPKI_BUILD.h #1:incl:1 + * \author R.Levin + */ + +#include "crys_defs.h" +#include "crys_error.h" +#include "crys_ecpki_types.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + + +/********************************************************************************** + * CRYS_ECPKI_BuildPrivKey function * + **********************************************************************************/ +/*!\brief Builds (imports) the user private key structure from an existing private key + so that this structure can be used by other EC primitives. + + When operating the EC cryptographic operations with existing and saved + EC private keys, this function should be called first. + + The function performs the following operations: + - Checks validity of incoming variables and pointers. + - Checks, that 0 < PrivKey < r (r - EC generator order). + - Converts incoming key data from big endian into little endian form. + - Initializes variables and structures. + + @param[in] DomainID The enumerator variable defines current EC domain. + @param[in] PrivKeyIn_ptr Pointer to private key data. + @param[in] PrivKeySizeInBytes Size of private key data in bytes. Must be great than null and + less or equall to EC OrderSizeInBytes. + @param[out] UserPrivKey_ptr Pointer to the private key structure. + This structure is used as input to the ECPKI + cryptographic primitives. + @return CRYSError_t: + CRYS_OK + CRYS_ECPKI_BUILD_KEY_INVALID_PRIV_KEY_IN_PTR_ERROR + CRYS_ECPKI_BUILD_KEY_INVALID_USER_PRIV_KEY_PTR_ERROR + CRYS_ECPKI_BUILD_KEY_ILLEGAL_DOMAIN_ID_ERROR +*/ +CIMPORT_C CRYSError_t CRYS_ECPKI_BuildPrivKey( + CRYS_ECPKI_DomainID_t DomainID, /*in */ + DxUint8_t *PrivKeyIn_ptr, /*in*/ + DxUint32_t PrivKeySizeInBytes,/*in*/ + CRYS_ECPKI_UserPrivKey_t *UserPrivKey_ptr /*out*/ ); + + +/********************************************************************************** + * _DX_ECPKI_BuildPublKey function * + **********************************************************************************/ +/** + @brief The _DX_ECPKI_BuildPublKey function checks the validity and builds the user public + key structure from imported public key data for using it in other ECC primitives. + + When operating the EC cryptographic algorithms with imported EC public + key, this function should be called before using of the public key. + + The user must to call this function by appropriate macros, according to necessary + validation level [SEC1. ECC standard: 3.2]: + - full checking of public key - CRYS_ECPKI_BuildPublKeyFullCheck, + - partly checking of public key - CRYS_ECPKI_BuildPublKeyPartCheck, + - checking the input pointers and sizes only - CRYS_ECPKI_BuildPublKeyo. + + The function performs the following operations: + - Checks validity of incoming variables and pointers; + - Converts incoming key data from big endian into little endian form + as follows: + - For WMDRM the function reverts endianness of public key + (EC point coordinates X,Y) and copies they into output aligned buffer; + - For other domains: + * If public key is given in uncompressed form the function reverts + endianness of key point coordinates X and Y separately and copies + they in output buffer. + * If public key is given in compressed form, the function reverts + endianness and converts the point to uncompressed form and outputs + the key. + - according to CheckMode parameter performs full or partly checking of public + key validaty by calling the LLF function. + - Initializes variables and structures. + + Incoming public key data PublKeyIn is given in big endianness as follows : + - for WMDRM: X||Y , + - for other domains (according to IEEE 1363-2000): + * PC||X||Y - for uncompressed and for hybrid points, + * PC||X - for compressed point, + where: X,Y - EC point coordinates of public key, size of X and Y + equal to size of EC modulus, + PC - single byte point control, defines type of point, + Size of buffers for X and also Y must be equal ModSizeInBytes. + + NOTE: At this stage the said compressed or hybrid forms are not implemented + and the function returns an error in this case. + + @param[in] ECPKI_DomainID - The enumerator variable defines current EC domain. + @param[in] PublKeyIn_ptr - The pointer to private key data. + @param[in] PublKeySizeInBytes - Size of private key data in bytes (according to EC domain), + it should be equal to 2*modulusSize (CRYS_ECPKI_DomainID_WMDRM10) or + 2*modulusSize + 1byte (other domains). + @param[in] CheckMode - The parameter defining what checking of public key is necessary: + preliminary check - 0, partly check - 1, full check - 2 . + @param[out] UserPublKey_ptr - A pointer to the private key structure. + @param[in] TempBuff_ptr - A pointer to the temp buffer structure for build function. + + @return CRYSError_t - CRYS_OK, + CRYS_ECPKI_BUILD_KEY_INVALID_PUBL_KEY_IN_PTR_ERROR + CRYS_ECPKI_BUILD_KEY_INVALID_USER_PUBL_KEY_PTR_ERROR + CRYS_ECPKI_BUILD_KEY_ILLEGAL_DOMAIN_ID_ERROR + CRYS_ECPKI_BUILD_KEY_INVALID_PUBL_KEY_DATA_ERROR + CRYS_ECPKI_BUILD_KEY_INVALID_COMPRESSION_MODE_ERROR +*/ + CIMPORT_C CRYSError_t _DX_ECPKI_BuildPublKey( + CRYS_ECPKI_DomainID_t DomainID, /*in*/ + DxUint8_t *PublKeyIn_ptr, /*in*/ + DxUint32_t PublKeySizeInBytes, /*in*/ + EC_PublKeyCheckMode_t CheckMode, /*in*/ + CRYS_ECPKI_UserPublKey_t *UserPublKey_ptr, /*out*/ + CRYS_ECPKI_BUILD_TempData_t *TempBuff_ptr /*in*/ ); + + +/********************************************************************************** + * CRYS_ECPKI_BuildPublKey macro * + **********************************************************************************/ +/** + @brief The CRYS_ECPKI_BuildPublKey macro definition calls the _DX_ECPKI_BuildPublKey + function for building the public key with checking input pointers and sizes. + + + @param[in] ECPKI_DomainID - The enumerator variable defines current EC domain. + @param[in] PublKeyIn_ptr - The pointer to private key data. + @param[in] PublKeySizeInBytes - Size of private key data in bytes (according to EC domain), + it should be equal to 2*modulusSize (CRYS_ECPKI_DomainID_WMDRM10) or + 2*modulusSize + 1byte (other domains). + @param[out] UserPublKey_ptr - A pointer to the private key structure. + + @return CRYSError_t - CRYS_OK, + CRYS_ECPKI_BUILD_KEY_INVALID_PUBL_KEY_IN_PTR_ERROR + CRYS_ECPKI_BUILD_KEY_INVALID_USER_PUBL_KEY_PTR_ERROR + CRYS_ECPKI_BUILD_KEY_ILLEGAL_DOMAIN_ID_ERROR + CRYS_ECPKI_BUILD_KEY_INVALID_PUBL_KEY_DATA_ERROR + CRYS_ECPKI_BUILD_KEY_INVALID_COMPRESSION_MODE_ERROR +*/ + #define CRYS_ECPKI_BuildPublKey( DomainID, PublKeyIn_ptr, PublKeySizeInBytes, UserPublKey_ptr ) \ + _DX_ECPKI_BuildPublKey( (DomainID), (PublKeyIn_ptr), (PublKeySizeInBytes), CheckPointersAndSizesOnly , (UserPublKey_ptr), DX_NULL ) + + +/********************************************************************************** + * CRYS_ECPKI_BuildPublKeyPartlyCheck macro * + **********************************************************************************/ +/** + @brief The CRYS_ECPKI_BuildPublKeyPartlyCheck macro definition calls the _DX_ECPKI_BuildPublKey + function for building the public key with partally validation of the key [SEC1. ECC standard: 3.2.3]. + + @param[in] ECPKI_DomainID - The enumerator variable defines current EC domain. + @param[in] PublKeyIn_ptr - The pointer to private key data. + @param[in] PublKeySizeInBytes - Size of private key data in bytes (according to EC domain), + it should be equal to 2*modulusSize (CRYS_ECPKI_DomainID_WMDRM10) or + 2*modulusSize + 1byte (other domains). + @param[out] UserPublKey_ptr - A pointer to the private key structure. + @param[in] TempBuff_ptr - A pointer to the temp buffer structure for build function. + + @return CRYSError_t - CRYS_OK, + CRYS_ECPKI_BUILD_KEY_INVALID_PUBL_KEY_IN_PTR_ERROR + CRYS_ECPKI_BUILD_KEY_INVALID_USER_PUBL_KEY_PTR_ERROR + CRYS_ECPKI_BUILD_KEY_ILLEGAL_DOMAIN_ID_ERROR + CRYS_ECPKI_BUILD_KEY_INVALID_PUBL_KEY_DATA_ERROR + CRYS_ECPKI_BUILD_KEY_INVALID_COMPRESSION_MODE_ERROR +*/ +#define CRYS_ECPKI_BuildPublKeyPartlyCheck( DomainID, PublKeyIn_ptr, PublKeySizeInBytes, UserPublKey_ptr, TempBuff_ptr ) \ + _DX_ECPKI_BuildPublKey( DomainID, PublKeyIn_ptr, PublKeySizeInBytes, ECpublKeyPartlyCheck, UserPublKey_ptr, TempBuff_ptr ) + + +/********************************************************************************** + * CRYS_ECPKI_BuildPublKeyFullCheck macro * + **********************************************************************************/ +/** + @brief The CRYS_ECPKI_BuildPublKeyFullCheck macro definition calls the _DX_ECPKI_BuildPublKey + function for building the public key with full validation of the key [SEC1. ECC standard: 3.2.2]. + + @param[in] ECPKI_DomainID - The enumerator variable defines current EC domain. + @param[in] PublKeyIn_ptr - The pointer to private key data. + @param[in] PublKeySizeInBytes - Size of private key data in bytes (according to EC domain), + it should be equal to 2*modulusSize (CRYS_ECPKI_DomainID_WMDRM10) or + 2*modulusSize + 1byte (other domains). + @param[out] UserPublKey_ptr - A pointer to the private key structure. + @param[in] TempBuff_ptr - A pointer to the temp buffer structure for build function. + + @return CRYSError_t - CRYS_OK, + CRYS_ECPKI_BUILD_KEY_INVALID_PUBL_KEY_IN_PTR_ERROR + CRYS_ECPKI_BUILD_KEY_INVALID_USER_PUBL_KEY_PTR_ERROR + CRYS_ECPKI_BUILD_KEY_ILLEGAL_DOMAIN_ID_ERROR + CRYS_ECPKI_BUILD_KEY_INVALID_PUBL_KEY_DATA_ERROR + CRYS_ECPKI_BUILD_KEY_INVALID_COMPRESSION_MODE_ERROR +*/ +#define CRYS_ECPKI_BuildPublKeyFullCheck( DomainID, PublKeyIn_ptr, PublKeySizeInBytes, UserPublKey_ptr, TempBuff_ptr ) \ + _DX_ECPKI_BuildPublKey( DomainID, PublKeyIn_ptr, PublKeySizeInBytes, ECpublKeyFullCheck, UserPublKey_ptr, TempBuff_ptr ) + + /*********************************************************************************** + * CRYS_ECPKI_ExportPublKey function * + ***********************************************************************************/ + /** + @brief The function converts an existed public key into the big endian and outputs it. + + The function performs the following steps: + - checks input parameters, + - Converts the X,Y coordinates of public key EC point to big endianness. + - Sets the public key as follows: + - In case WMDRM: PubKey = X||Y; + - For other EC domains (according to IEEE 1363-2000): + * In case "Uncompressed" PubKey = PC||X||Y, PC = 0x4 - single byte, + * In case "Compressed" PubKey = PC||X, where PC = 0x2|(LSBit of Y), + * In case "Hybrid" PubKey = PC||X||Y, PC = 0x6|(LSBit of Y). + - Exits. + + NOTE: - At this stage the said compressed form is not implemented + and the function returns an error in this case, + - Size of buffers for X and also Y is equal ModSizeInBytes. + + @param[in] UserPublKey_ptr - A pointer to the public key structure (in little + endian form). + @param[in] Compression - An enumerator parameter, defines point compression. + @param[out] ExternPublKey_ptr - A pointer to the exported public key structure in big + endian and point compression as defined by input parameter + Size of buffer must be not less than: + 2*ModSiseInBytes - for WM DRM, + 2*ModSiseInBytes+1 - for other domains. + @param[out] PublKeySizeInBytes - A pointer to variable for input size of user passed + buffer for public key and output the size of converted + public key in bytes. + + @return CRYSError_t - CRYS_OK, + CRYS_ECPKI_EXPORT_PUBL_KEY_INVALID_USER_PUBL_KEY_PTR_ERROR + CRYS_ECPKI_EXPORT_PUBL_KEY_ILLEGAL_COMPRESSION_MODE_ERROR + CRYS_ECPKI_EXPORT_PUBL_KEY_INVALID_EXTERN_PUBL_KEY_PTR_ERROR + CRYS_ECPKI_EXPORT_PUBL_KEY_INVALID_PUBL_KEY_SIZE_PTR_ERROR + CRYS_ECPKI_EXPORT_PUBL_KEY_INVALID_PUBL_KEY_SIZE_ERROR + CRYS_ECPKI_EXPORT_PUBL_KEY_ILLEGAL_DOMAIN_ID_ERROR +*/ +CIMPORT_C CRYSError_t CRYS_ECPKI_ExportPublKey( + CRYS_ECPKI_UserPublKey_t *UserPublKey_ptr, /*in*/ + CRYS_ECPKI_PointCompression_t Compression, /*in*/ + DxUint8_t *ExternPublKey_ptr, /*in*/ + DxUint32_t *PublKeySizeInBytes /*in/out*/ ); + + +/********************************************************************************** + * CRYS_ECPKI_ExportPrivKey function * + **********************************************************************************/ +/*!\brief The function performs export (converting to big endian) the user private + key from the internal private key structure. + + The function performs the following operations: + - Checks validity of incoming variables and pointers. + - Converts key data from little endian into big endian form. + - Outputs the key and its size in bits.. + + @param[in] UserPrivKey_ptr - Pointer to the private key structure. + @param[in] PrivKeyOut_ptr - Pointer to private key output buffer. + @param[in/out] PrivKeySizeInBytes_ptr - Pointer to size of private key output buffer + in bytes.Must be not less than EC OrderSizeInBytes. + The function returns the exact value of priv.key + through this pointer. + @return CRYSError_t: on success - CRYS_OK, on failure - error code: + CRYS_ECPKI_BUILD_KEY_INVALID_PRIV_KEY_IN_PTR_ERROR + CRYS_ECPKI_BUILD_KEY_INVALID_USER_PRIV_KEY_PTR_ERROR +*/ +CIMPORT_C CRYSError_t CRYS_ECPKI_ExportPrivKey( + CRYS_ECPKI_UserPrivKey_t *UserPrivKey_ptr, /*in*/ + DxUint8_t *PrivKeyOut_ptr, /*out*/ + DxUint32_t *PrivKeySizeInBytes_ptr /*in/out*/ ); + + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_dh.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_dh.h new file mode 100644 index 0000000..5852eba --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_dh.h @@ -0,0 +1,88 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_ECPKI_DH_H +#define CRYS_ECPKI_DH_H + +/* + * Object name : CRYS_ECPKI_DH.h + * State : %state% + * Creation date : 02.02.2006 + * Last modified : %modify_time% + */ +/** @file CRYS_ECPKI_DH.h + * \brief Defines the API that supports EC Diffie-Hellman + * shared secret value derivation primitives + * + * \version CRYS_ECPKI_DH.h #1:incl:1 + * \author R.Levin + */ + +#include "crys_defs.h" +#include "crys_ecpki_types.h" +#include "crys_ecpki_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/*********************************************************************** + * CRYS_ECDH_SVDP_DH function * + ***********************************************************************/ +/** + @brief Creates the shared secret value accordingly to the IEEE 1363-2000 + standard. + + This function performs the following: + + -# Checks input parameters: pointers and EC Domain ID. + -# Derives the partner public key and calls the LLF_ECPKI_SVDP_DH function, + which performs EC SVDP operations. On errors, outputs error messages. + -# Exits. + \note The term "user" indicates any party who performs a calculation of a shared + secret value using this primitive. The term "partner" indicates any other party of + shared secret value calculation. + + @param[in] PartnerPublKey_ptr A pointer to a partner public key W + @param[in] UserPrivKey_ptr A pointer to a user private key + @param[out] SharedSecretValue_ptr A pointer to an output buffer that will contain + the shared secret value + @param[in,out] SharedSecrValSize_ptr A pointer to the size of user passed buffer (in) and + actual output size of calculated shared secret value. + @param[in] TempBuff_ptr A pointer to a temporary buffers of size specified in + the CRYS_ECDH_TempData_t structure. + @return <b>CRYSError_t</b>: <br> + CRYS_OK<br> + CRYS_ECDH_SVDP_DH_INVALID_USER_PRIV_KEY_PTR_ERROR<br> + CRYS_ECDH_SVDP_DH_USER_PRIV_KEY_VALID_TAG_ERROR<br> + CRYS_ECDH_SVDP_DH_INVALID_PARTNER_PUBL_KEY_PTR_ERROR<br> + CRYS_ECDH_SVDP_DH_PARTNER_PUBL_KEY_VALID_TAG_ERROR<br> + CRYS_ECDH_SVDP_DH_INVALID_SHARED_SECRET_VALUE_PTR_ERROR<br> + CRYS_ECDH_SVDP_DH_INVALID_SHARED_SECRET_VALUE_SIZE_PTR_ERROR<br> + CRYS_ECDH_SVDP_DH_INVALID_SHARED_SECRET_VALUE_SIZE_ERROR<br> + CRYS_ECDH_SVDP_DH_INVALID_TEMP_DATA_PTR_ERROR<br> + + NOTE: 1. The partner public key and user private key must relate to the same DomainID. + 2. The public key must be full validated befor using in this primitive. + 3. Buffer size for SharedSecretValue must be >= ModulusSizeInWords*4 bytes, + output size of shared value is equal to ModulusSizeInWords*4. + +*/ +CIMPORT_C CRYSError_t CRYS_ECDH_SVDP_DH( + CRYS_ECPKI_UserPublKey_t *PartnerPublKey_ptr, /*in*/ + CRYS_ECPKI_UserPrivKey_t *UserPrivKey_ptr, /*in*/ + DxUint8_t *SharedSecretValue_ptr, /*out*/ + DxUint32_t *SharedSecrValSize_ptr, /*in/out*/ + CRYS_ECDH_TempData_t *TempBuff_ptr /*in*/ ); + + + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_ecdsa.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_ecdsa.h new file mode 100644 index 0000000..4ffa25a --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_ecdsa.h @@ -0,0 +1,358 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_ECPKI_ECDSA_H +#define CRYS_ECPKI_ECDSA_H +/* + * Object name : CRYS__ECPKI_ECDSA.h + * State : %state% + * Creation date : 02.02.2006 + * Last modified : %modify_time% + */ +/** @file + * \brief Defines the APIs that support the ECDSA functions. + * + * \version CRYS__ECPKI_ECDSA.h#1:hinc:1 + * \author R.Levin + */ + +#include "crys_error.h" +#include "crys_defs.h" +#include "crys_ecpki_types.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/************************************************************************** + * CRYS_ECDSA_Sign_Init function + **************************************************************************/ +/** + \brief + The CRYS_ECDSA_Sign_Init functions user shall call first to perform the + EC DSA Signing operation. + + The function performs the following steps: + -# Validates all the inputs of the function. If one of the received + parameters is not valid, the function returns an error. + -# Decrypts the received context to the working context after capturing + the working context by calling the CRYS_CCM_GetContext() function. + -# Initializes the working context and other variables and structures. + -# Calls the CRYS_HASH_Init() function. + -# Calls the CRYS_CCM_EncryptAndReleaseContext() function to encrypt + the information in the working context, store it in the user's + received context, and then release the working context. + -# Exits the handler with the OK code. + + This function does not do ECDSA cryptographic processing. Rather, it + prepares a context that is used by the Update() and Finish() functions. + + NOTE: Using of HASH functions with HASH size great, than EC modulus size, is not recommended! + + + @param[in,out] SignUserContext_ptr A pointer to the user buffer for signing data. + @param[in] SignerPrivKey_ptr A pointer to the private key that will be used to + sign the data. + @param[in] HashMode Defines the hash mode used for DSA. + + @return <b>CRYSError_t</b>: <br> + CRYS_OK<br> + CRYS_ECDSA_SIGN_INVALID_USER_CONTEXT_PTR_ERROR + CRYS_ECDSA_SIGN_INVALID_USER_PRIV_KEY_PTR_ERROR + CRYS_ECDSA_SIGN_USER_PRIV_KEY_VALIDATION_TAG_ERROR + CRYS_ECDSA_SIGN_INVALID_DOMAIN_ID_ERROR + CRYS_ECDSA_SIGN_ILLEGAL_HASH_OP_MODE_ERROR +*/ +CIMPORT_C CRYSError_t CRYS_ECDSA_SignInit( + CRYS_ECDSA_SignUserContext_t *SignUserContext_ptr, /*in/out*/ + CRYS_ECPKI_UserPrivKey_t *SignerPrivKey_ptr, /*in*/ + CRYS_ECPKI_HASH_OpMode_t HashMode /*in*/ ); + + + + +/************************************************************************** + * CRYS_ECDSA_Sign_Update function + **************************************************************************/ +/** + @brief Performs a hash operation on data allocated by the user before finally signing it. + + In case the user divides signing data by block, the user must call the Update() function + continuously for some period, until processing of the entire data block is complete. + + NOTE: Using of HASH functions with HASH size great, than EC modulus size, is not recommended! + + @param[in,out] SignUserContext_ptr A pointer to the user buffer for signing the database. + @param[in] MessageDataIn_ptr Message data for calculating Hash. + @param[in] DataInSize The size of the message data block, in bytes. + + @return <b>CRYSError_t</b>: <br> + CRYS_OK<br> + CRYS_ECDSA_SIGN_INVALID_USER_CONTEXT_PTR_ERROR + CRYS_ECDSA_SIGN_USER_CONTEXT_VALIDATION_TAG_ERROR + CRYS_ECDSA_SIGN_INVALID_MESSAGE_DATA_IN_PTR_ERROR + CRYS_ECDSA_SIGN_INVALID_MESSAGE_DATA_IN_SIZE_ERROR + CRYS_ECDSA_SIGN_ILLEGAL_HASH_OP_MODE_ERROR + + */ +CIMPORT_C CRYSError_t CRYS_ECDSA_SignUpdate( CRYS_ECDSA_SignUserContext_t *SignUserContext_ptr, /*in/out*/ + DxUint8_t *MessageDataIn_ptr, /* in */ + DxUint32_t DataInSize /* in */ ); + + +/************************************************************************** + * _DX_ECDSA_Sign_Finish function + **************************************************************************/ +/** + @brief Performs initialization of variables and structures, calls the hash function + for the last block of data (if necessary) and then calculates digital + signature according to the EC DSA algorithm. + + NOTE: Using of HASH functions with HASH size great, than EC modulus size, + is not recommended! + + @param[in] SignUserContext_ptr A pointer to the user buffer for signing database. + @param[in] SignatureOut_ptr A pointer to a buffer for output of signature. + @param[in,out] SignatureOutSize_ptr A pointer to the size of a user passed buffer for signature (in) + and size of actual signature (out). The size of buffer + must be not less than 2*OrderSizeInBytes. + @param[out] IsEphemerKeyInternal A parameter defining whether the ephemeral key + is internal or external (1 or 0). + @param[out] EphemerKeyData_ptr A pointer to external ephemeral key data. The buffer must + to contain the following data placed continuously: + - ephemeral private key - 4*(ModSizeInWords + 1 ) bytes, + - ephemeral public key X - 4*ModSizeInWords bytes, + - ephemeral public key Y - 4*ModSizeInWords bytes. + @return <b>CRYSError_t</b>: <br> + CRYS_OK<br> + CRYS_ECDSA_SIGN_INVALID_USER_CONTEXT_PTR_ERROR <br> + CRYS_ECDSA_SIGN_USER_CONTEXT_VALIDATION_TAG_ERROR <br> + CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_PTR_ERROR <br> + CRYS_ECDSA_SIGN_ILLEGAL_HASH_OP_MODE_ERROR <br> + CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_SIZE_PTR_ERROR <br> + CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_SIZE_ERROR <br> + CRYS_ECDSA_SIGN_INVALID_DOMAIN_ID_ERROR <br> + CRYS_ECDSA_SIGN_INVALID_IS_EPHEMER_KEY_INTERNAL_ERROR <br> + CRYS_ECDSA_SIGN_INVALID_EPHEMERAL_KEY_PTR_ERROR <br> +**/ +CIMPORT_C CRYSError_t _DX_ECDSA_SignFinish( + CRYS_ECDSA_SignUserContext_t *SignUserContext_ptr, /*in*/ + DxUint8_t *SignatureOut_ptr, /*out*/ + DxUint32_t *SignatureOutSize_ptr,/*in/out*/ + DxInt8_t IsEphemerKeyInternal, /*in*/ + DxUint32_t *EphemerKeyData_ptr /*in*/ ); + +/************************************************************************** + * CRYS_ECDSA_Sign_Finish function + **************************************************************************/ +/** + @brief The macro definition for calling the + _DX_ECDSA_SignFinish function with internal generation of ephemeral keys. + + NOTE: Using of HASH functions with HASH size great, than EC modulus size, is not recommended! + + The macro calls the function with the following arguments as constant: + IsEphemerKeyInternal = 1 and EphemerKeyData_ptr = DX_NULL. +*/ +#define CRYS_ECDSA_SignFinish(SignUserContext_ptr, SignatureOut_ptr, SignatureOutSize_ptr) \ + _DX_ECDSA_SignFinish(SignUserContext_ptr, SignatureOut_ptr, SignatureOutSize_ptr, 1, DX_NULL) + + +/************************************************************************** + * CRYS_ECDSA_Sign - integrated function + **************************************************************************/ +/** + @brief Performs all of the ECDSA signing operations simultaneously. + This function simply calls the Init, Update and Finish functions continuously. + This function's prototype is similar to the prototypes of the called functions + and includes all of their input and output arguments. + + NOTE: Using of HASH functions with HASH size great, than EC modulus size, is not recommended! + + @param[in,out] SignUserContext_ptr - A pointer to the user buffer for signing database. + @param[in] SignerPrivKey_ptr - A pointer to a user private key structure. + @param[in] HashMode - The enumerator variable defines hash function to be used. + @param[in] MessageDataIn_ptr - A message data for calculation of hash. + @param[in] MessageSizeInBytes - A size of block of message data in bytes. + @param[in] SignatureOut_ptr - A pointer to a buffer for output of signature. + @param[in,out] SignatureOutSize_ptr- A pointer to the size of user passed buffer for signature (in) + and size of actual signature (out). The size of buffer + must be not less than 2*OrderSizeInBytes. + @return <b>CRYSError_t</b>: <br> + CRYS_OK<br> + CRYS_ECDSA_SIGN_INVALID_USER_CONTEXT_PTR_ERROR<br> + CRYS_ECDSA_SIGN_USER_CONTEXT_VALIDATION_TAG_ERROR<br> + CRYS_ECDSA_SIGN_INVALID_USER_PRIV_KEY_PTR_ERROR<br> + CRYS_ECDSA_SIGN_USER_PRIV_KEY_VALIDATION_TAG_ERROR<br> + CRYS_ECDSA_SIGN_ILLEGAL_HASH_OP_MODE_ERROR <br> + CRYS_ECDSA_SIGN_INVALID_MESSAGE_DATA_IN_PTR_ERROR<br> + CRYS_ECDSA_SIGN_INVALID_MESSAGE_DATA_IN_SIZE_ERROR<br> + CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_PTR_ERROR<br> + CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_SIZE_PTR_ERROR<br> + CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_SIZE_ERROR<br> + CRYS_ECDSA_SIGN_INVALID_DOMAIN_ID_ERROR <br> +**/ +CIMPORT_C CRYSError_t CRYS_ECDSA_Sign( + CRYS_ECDSA_SignUserContext_t *SignUserContext_ptr, /*in/out*/ + CRYS_ECPKI_UserPrivKey_t *SignerPrivKey_ptr, /*in*/ + CRYS_ECPKI_HASH_OpMode_t HashMode, /*in*/ + DxUint8_t *MessageDataIn_ptr, /*in*/ + DxUint32_t MessageSizeInBytes, /*in*/ + DxUint8_t *SignatureOut_ptr, /*out*/ + DxUint32_t *SignatureOutSize_ptr /*in*/); + + + +/************************************************************************** + * CRYS_ECDSA_VerifyInit function + **************************************************************************/ +/** + @brief Prepares a context that is used by the Update and Finish functions + but does not perform elliptic curve cryptographic processing + + The function: + - Receives and decrypts user data (working context). + - Checks input parameters of ECDSA Signing primitive. + - Calls hash init function. + - Initializes variables and structures for calling next functions. + - Encrypts and releases working context. + + NOTE: Using of HASH functions with HASH size great, than EC modulus size, + is not recommended! + + @param[in,out] VerifyUserContext_ptr - A pointer to the user buffer for verifying database. + @param[in] SignerPublKey_ptr - A pointer to a Signer public key structure. + @param[in] HashMode - The enumerator variable defines the hash function to be used. + + @return <b>CRYSError_t</b>: <br> + CRYS_OK<br> + CRYS_ECDSA_VERIFY_INVALID_USER_CONTEXT_PTR_ERROR <br> + CRYS_ECDSA_VERIFY_INVALID_SIGNER_PUBL_KEY_PTR_ERROR <br> + CRYS_ECDSA_VERIFY_SIGNER_PUBL_KEY_VALIDATION_TAG_ERROR <br> + CRYS_ECDSA_VERIFY_INVALID_DOMAIN_ID_ERROR <br> + CRYS_ECDSA_VERIFY_ILLEGAL_HASH_OP_MODE_ERROR <br> +**/ +CIMPORT_C CRYSError_t CRYS_ECDSA_VerifyInit( CRYS_ECDSA_VerifyUserContext_t *VerifyUserContext_ptr, /*in/out*/ + CRYS_ECPKI_UserPublKey_t *SignerPublKey_ptr, /*in*/ + CRYS_ECPKI_HASH_OpMode_t HashMode /*in*/ ); + +/************************************************************************** + * CRYS_ECDSA_VerifyUpdate function + **************************************************************************/ +/** + @brief Performs a hash operation on data allocated by the user + before finally signing it. + + In case user divides signing data by block, he must call the Update function + continuously a number of times until processing of the entire data block is complete. + + NOTE: Using of HASH functions with HASH size great, than EC modulus size, + is not recommended! + + @param[in,out] VerifyUserContext_ptr A pointer to the user buffer for signing database. + @param[in] MessageDataIn_ptr Message data for calculation of hash. + @param[in] DataInSize The size of the message data block, in bytes. + + @return <b>CRYSError_t</b>: <br> + CRYS_OK<br> + CRYS_ECDSA_VERIFY_INVALID_USER_CONTEXT_PTR_ERROR <br> + CRYS_ECDSA_VERIFY_USER_CONTEXT_VALIDATION_TAG_ERROR <br> + CRYS_ECDSA_VERIFY_INVALID_MESSAGE_DATA_IN_PTR_ERROR <br> + CRYS_ECDSA_VERIFY_INVALID_MESSAGE_DATA_IN_SIZE_ERROR <br> + CRYS_ECDSA_VERIFY_ILLEGAL_HASH_OP_MODE_ERROR <br> + **/ +CIMPORT_C CRYSError_t CRYS_ECDSA_VerifyUpdate( CRYS_ECDSA_VerifyUserContext_t *VerifyUserContext_ptr, /*in/out*/ + DxUint8_t *MessageDataIn_ptr, /* in */ + DxUint32_t DataInSize /* in */ ); + + +/************************************************************************** + * CRYS_ECDSA_VerifyFinish function + **************************************************************************/ +/** + @brief Performs initialization of variables and structures, + calls the hash function for the last block of data (if necessary), + than calls LLF_ECDSA_VerifyCalcCall function for verifying signature + according to EC DSA algorithm. + + NOTE: Using of HASH functions with HASH size great, than EC modulus size, + is not recommended! + + @param[in] VerifyUserContext_ptr - A pointer to the user buffer for verifying the database. + @param[in] SignatureIn_ptr - A pointer to a buffer for the signature to be compared + @param[in] SignatureSizeBytes - The size of a user passed signature (must be 2*OrderSizeInBytes). + + @return <b>CRYSError_t</b>: <br> + CRYS_OK <br> + CRYS_ECDSA_VERIFY_INVALID_USER_CONTEXT_PTR_ERROR <br> + CRYS_ECDSA_VERIFY_USER_CONTEXT_VALIDATION_TAG_ERROR <br> + CRYS_ECDSA_VERIFY_INVALID_SIGNATURE_IN_PTR_ERROR <br> + CRYS_ECDSA_VERIFY_ILLEGAL_HASH_OP_MODE_ERROR <br> + CRYS_ECDSA_VERIFY_INVALID_SIGNATURE_SIZE_ERROR <br> + CRYS_ECDSA_VERIFY_INVALID_DOMAIN_ID_ERROR <br> + CRYS_ECDSA_VERIFY_INCONSISTENT_VERIFY_ERROR <br> +**/ +CIMPORT_C CRYSError_t CRYS_ECDSA_VerifyFinish( + CRYS_ECDSA_VerifyUserContext_t *VerifyUserContext_ptr, /*in*/ + DxUint8_t *SignatureIn_ptr, /*in*/ + DxUint32_t SignatureSizeBytes /*in*/ ); + + +/************************************************************************** + * CRYS_ECDSA_Verify integrated function + **************************************************************************/ +/** + @brief Performs all ECDSA verifying operations simultaneously. + + This function simply calls the Init, Update and Finish functions continuously. + This function's prototype is similar to the prototypes of the called functions + and includes all of their input and output arguments. + + NOTE: Using of HASH functions with HASH size great, than EC modulus size, + is not recommended! + + + @param[in] VerifyUserContext_ptr - A pointer to the user buffer for signing the database. + @param[in] UserPublKey_ptr - A pointer to a user public key structure. + @param[in] HashMode - The enumerator variable defines the hash function to be used. + @param[in] MessageDataIn_ptr - Message data for calculating hash. + @param[in] MessageSizeInBytes - Size of block of message data in bytes. + @param[in] SignatureIn_ptr - A pointer to a buffer for output of signature. + @param[in] SignatureSizeBytes - Size of signature, in bytes (must be 2*OrderSizeInBytes). + + @return <b>CRYSError_t</b>: <br> + CRYS_OK <br> + CRYS_ECDSA_VERIFY_INVALID_USER_CONTEXT_PTR_ERROR <br> + CRYS_ECDSA_VERIFY_USER_CONTEXT_VALIDATION_TAG_ERROR <br> + CRYS_ECDSA_VERIFY_INVALID_DOMAIN_ID_ERROR <br> + CRYS_ECDSA_VERIFY_INVALID_SIGNER_PUBL_KEY_PTR_ERROR <br> + CRYS_ECDSA_VERIFY_SIGNER_PUBL_KEY_VALIDATION_TAG_ERROR <br> + CRYS_ECDSA_VERIFY_ILLEGAL_HASH_OP_MODE_ERROR <br> + CRYS_ECDSA_VERIFY_INVALID_MESSAGE_DATA_IN_PTR_ERROR <br> + CRYS_ECDSA_VERIFY_INVALID_MESSAGE_DATA_IN_SIZE_ERROR <br> + CRYS_ECDSA_VERIFY_INVALID_SIGNATURE_IN_PTR_ERROR <br> + CRYS_ECDSA_VERIFY_INVALID_SIGNATURE_SIZE_ERROR <br> + CRYS_ECDSA_VERIFY_INCONSISTENT_VERIFY_ERROR <br> +**/ +CIMPORT_C CRYSError_t CRYS_ECDSA_Verify ( CRYS_ECDSA_VerifyUserContext_t *VerifyUserContext_ptr, /*in/out*/ + CRYS_ECPKI_UserPublKey_t *UserPublKey_ptr, /*in*/ + CRYS_ECPKI_HASH_OpMode_t HashMode, /*in*/ + DxUint8_t *SignatureIn_ptr, /*in*/ + DxUint32_t SignatureSizeBytes, /*in*/ + DxUint8_t *MessageDataIn_ptr, /*in*/ + DxUint32_t MessageSizeInBytes /*in*/ ); + + +/**********************************************************************************************************/ + + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_elgamal.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_elgamal.h new file mode 100644 index 0000000..7c72c69 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_elgamal.h @@ -0,0 +1,191 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_ECPKI_ELGAMAL_H +#define CRYS_ECPKI_ELGAMAL_H + +/* + * Object name : CRYS_ECPKI_ELGAMAL.h + * State : %state% + * Creation date : 02.02.2006 + * Last modified : %modify_time% + */ +/** @file + * \brief This module defines the API that supports EC Elgamal encryption and + * decryption operations + * + * \version CRYS_ECPKI_ELGAMAL.h#1:cinc:1 + * \author R.Levin + */ + +#include "crys_defs.h" +#include "crys_ecpki_types.h" +#include "crys_ecpki_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/***************************************************************************************** + * _DX_ECPKI_ELGAMAL_Encrypt function + * + *****************************************************************************************/ +/** + @brief: This function performs encryption of the message (transmitted key or any other + plain text) with public key of the receiver using EC Elgamal algorithm. + + For calling this function from CRYS use the macro definition CRYS_ECPKI_ELGAMAL_Encrypt . + + Operation: The sender encrypts the message by the following sequence of steps: + 1. Checks validity of input pointers and parameters. + 2. Converts incoming message from big to little endian. + 3. Calls the LLF_ECPKI_ELGAMAL_Encrypt function, which performs encryption + according to Elgamal algorithm and outputs Encrypted message as two EC points V and B: + 4. Converts the encrypted message (V,B) into big endian form. + 5. Outputs the encrypted message as bytes array in big endian. + 6. Exits. + + Assumptions: + 1. Public key W and EC domain parameters q, a, b, r, and G are valid and + associated with each other; + 2. Incoming receiver's public key must be in big endianness. + 3. The size of incomming message f must be great than 0 and equal and less, than: + (size of EC modulus - 1) - for case, that MSByte of modulus >= 100 : + (size of EC modulus - 2) - for case, that MSByte of modulus < 100. + The size of the message must be agreed with the receiver (i.e. in both encrypt and decrypt + functions size of the plain message must be the same value). + + + @param[in] ReceiverUserPublKeyBE_ptr - A pointer to receiver public key (key in big endian). + @param[in] MessageIn_ptr - A pointer to message to be encrypted (message in big endian). + @param[in] MessageInSizeBytes - A size of incoming message in bytes. The maximal size must be: + MessageInSizeBytes <= ModulusSizeInBytes-1, but + if the value of MSByte of EC Domain modulus is less than 100, + then maximal size of the message must be decreased by one (now the + last condition is actual only for one of implemented domains - + CRYS_ECPKI_DomainID_secp521r1). + @param[in] EncrMessageOut_ptr - A pointer to buffer for encrypted message. + @param[in,out] EncrMessOutSize_ptr- A pointer to size of uzer passed buffer for encrypted + message (in) and actual size of encrypted message (out). + Size of buffer must be not less, than 4*ModulusSizeInBytes. + @param[in] IsEphemerKeyInternal - A parameter defining whether ephemeral key internal or external (1,0). + @param[in] EphemerPrivKeyIn_ptr - A pointer to ephemeral private key /user not uses this parameter/. + @param[in] EphemerPrivKeySizeBytes - A size (in bytes) of sender's ephemeral private key data, must be equal + or less than EC order size in bytes /user not uses this parameter/. + @param[in] TempData_ptr - - A pointer to structure, containing temporary buffers of specified + type. + @return CRYSError_t - CRYS_OK, + CRYS_EC_ELGAMAL_ENCR_INVALID_RECEIVER_PUBL_KEY_PTR_ERROR + CRYS_EC_ELGAMAL_RECEIVER_PUBL_KEY_VALIDATION_TAG_ERROR + CRYS_EC_ELGAMAL_ENCR_INVALID_DOMAIN_ID_ERROR + CRYS_EC_ELGAMAL_ENCR_INVALID_MESSAGE_DATA_IN_PTR_ERROR + CRYS_EC_ELGAMAL_ENCR_INVALID_MESSAGE_DATA_IN_SIZE_ERROR + CRYS_EC_ELGAMAL_ENCR_INVALID_ENCR_MESSAGE_OUT_PTR_ERROR + CRYS_ECPKI_ELGAM_ENCR_INVALID_ENCR_MESSAGE_OUT_SIZE_PTR_ERROR + CRYS_ECPKI_ELGAM_ENCR_INVALID_ENCR_MESSAGE_OUT_SIZE_ERROR + CRYS_EC_ELGAMAL_ENCR_INVALID_TEMP_DATA_BUFFER_PTR_ERROR + CRYS_EC_ELGAMAL_ENCR_INVALID_EPHEMERAL_KEY_DATA_ERROR + CRYS_EC_ELGAMAL_ENCR_INVALID_EPHEMERAL_PRIV_KEY_SIZE_ERROR +*/ +CIMPORT_C CRYSError_t _DX_ECPKI_ELGAMAL_Encrypt ( + CRYS_ECPKI_UserPublKey_t *ReceiverUserPublKey_ptr, /*in*/ + DxUint8_t *MessageIn_ptr, /*in*/ + DxUint32_t MessageInSizeBytes, /*in*/ + DxUint8_t *EncrMessageOut_ptr, /*out*/ + DxUint32_t *EncrMessOutSize_ptr, /*in,out*/ + DxInt8_t IsEphemerKeyInternal, /*in*/ + DxUint8_t *EphemerPrivKeyIn_ptr, /*in*/ + DxUint32_t EphemerPrivKeySizeBytes, /*in*/ + CRYS_EC_ELGAMAL_TempData_t *TempData_ptr /*in*/ ); + + +/***************************************************************************************** + * CRYS_ECPKI_ELGAMAL_Encrypt function + ****************************************************************************************/ +/** + @brief The CRYS_ECDSA_Sign_Finish is the macro definition for calling the + _DX_ECDSA_SignFinish function with internal generation of ephemeral keys. + + The macro calls said function with following arguments as constant: + IsEphemerKeyInternal = 1 , EphemerKeyData_ptr = DX_NULL, EphemerPrivKeySizeBytes = 0. +*/ +#define CRYS_ECPKI_ELGAMAL_Encrypt(ReceiverUserPublKey_ptr,MessageIn_ptr,MessageInSizeBytes,EncrMessageOut_ptr,EncrMessageOutSize_ptr,TempData_ptr) \ + _DX_ECPKI_ELGAMAL_Encrypt(ReceiverUserPublKey_ptr,MessageIn_ptr,MessageInSizeBytes,EncrMessageOut_ptr,EncrMessageOutSize_ptr,DX_TRUE,DX_NULL,0,TempData_ptr) + + +/************************************************************************************* + * CRYS_ECPKI_ELGAMAL_Decrypt function + * + *************************************************************************************/ +/** + @brief: This function performs decryption of the encrypted message (transmitted key or any other + text) with private key of the receiver using EC Elgamal algorithm. + + The Decrypting primitive uses the following data as input: + - The EC Domain parameters (received through DomainID included in ReceiverUserPrivKey). + - The message, which includes two EC points (V, B). The message must be in big endianness + sequence. + + <b>Operation:</b> The receiver decrypts the message by the following sequence of steps: + 1. Checks validity of input parameters (partially). + 2. Converts incoming message (V, B) to little endian form. + 3. Calls the LLF_ECPKI_ELGAMAL_Decrypt function, which performs decryption + according to Elgamal algorithm (used in WMDRM ), which performs all + decryption operations. + 4. Converts decrypted message to big endian form. + 5. Outputs the decrypted message as byte string of receiver passed length. + + \Note: 1. The maximal size of decrypted message f, which may be derived right from encrypted message (V, B), + is equalled: + - (size of EC modulus - 1) - for case, that MSByte of modulus >= 100 : + - (size of EC modulus - 2) - for case, that MSByte of modulus < 100. + The size of the decrypted message provided by receiver must be agreed with the sender + (i.e. in both encrypt and decrypt functions the size of the plain message must be the same value). + + <b>Assumptions:</b> EC domain parameters q, a, b, r, and G are valid and associated with each other. + + @param[in] ReceiverUserPrivKey_ptr - A pointer to a receiver private key structure + (in affine coordinates). + @param[in] EncrMessageIn_ptr - The user passed pointer to the encrypted message + buffer. + @param[in] EncrMessageSizeInBytes - The size of input encrypted message. Must be equal to + 4*(EC modulus size in bytes) + @param[out] DecrMessageOut_ptr - The user passed pointer to buffer for output of + decrypted message. + @param[in/out] DecrMessageOutSize_ptr - A pointer to size of decrypted message: see note 1 above. + @param[in] TempData_ptr - A pointer to structure, containing temporary buffers of specified + type. + + @return CRYSError_t - CRYS_OK, + CRYS_EC_ELGAMAL_DECR_INVALID_RECEIVER_PRIV_KEY_PTR_ERROR + CRYS_EC_ELGAMAL_RECEIVER_PRIV_KEY_VALIDATION_TAG_ERROR + CRYS_EC_ELGAMAL_DECR_INVALID_DOMAIN_ID_ERROR + CRYS_EC_ELGAMAL_DECR_INVALID_ENCR_MESSAGE_IN_PTR_ERROR + CRYS_EC_ELGAMAL_DECR_INVALID_ENCR_MESSAGE_IN_SIZE_ERROR + CRYS_EC_ELGAMAL_DECR_INVALID_DECR_MESSAGE_OUT_PTR_ERROR + CRYS_EC_ELGAMAL_DECR_INVALID_DECR_MESSAGE_OUT_SIZE_PTR_ERROR + CRYS_EC_ELGAMAL_DECR_INVALID_DECR_MESSAGE_OUT_SIZE_ERROR + CRYS_EC_ELGAMAL_DECR_INVALID_TEMP_DATA_BUFFER_PTR_ERROR + +*/ +CIMPORT_C CRYSError_t CRYS_ECPKI_ELGAMAL_Decrypt ( + CRYS_ECPKI_UserPrivKey_t *ReceiverUserPrivKey_ptr, /*in*/ + DxUint8_t *EncrMessageIn_ptr, /*in*/ + DxUint32_t EncrMessageSizeInBytes, /*in*/ + DxUint8_t *DecrMessageOut_ptr, /*out*/ + DxUint32_t *DecrMessageOutSize_ptr, /*in*/ + CRYS_EC_ELGAMAL_TempData_t *TempData_ptr /*in*/ ); + +/**********************************************************************************************************/ + + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_error.h new file mode 100644 index 0000000..2532380 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_error.h @@ -0,0 +1,175 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_ECPKI_ERROR3_H +#define CRYS_ECPKI_ERROR3_H + +/* + * Object % CRYS_ECPKI_error.h : % + * State : %state% + * Creation date : 05/12/ 2005 + * Last modified : %modify_time% + */ + /** @file + * \brief This module containes the definitions of the CRYS ECPKI errors. + * + * \version CRYS_ECPKI_error.h#1:incl:1 + * \author R.Levin + */ +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/************************ Defines ******************************/ + +/************************************************************************************************************ + * CRYS ECPKI KEY GENERATION MODULE ERRORS * + ************************************************************************************************************/ +/* The CRYS ECPKI GEN KEY PAIR module errors */ +#define CRYS_ECPKI_GEN_KEY_ILLEGAL_D0MAIN_ID_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x1UL) +#define CRYS_ECPKI_GEN_KEY_THIS_D0MAIN_IS_NOT_SUPPORTED_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x2UL) +#define CRYS_ECPKI_GEN_KEY_INVALID_PRIVATE_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x3UL) +#define CRYS_ECPKI_GEN_KEY_INVALID_PUBLIC_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x4UL) +#define CRYS_ECPKI_GEN_KEY_INVALID_TEMP_DATA_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x5UL) + +/************************************************************************************************************ +* The CRYS ECPKI BUILD KEYS MODULE ERRORS * +*************************************************************************************************************/ +#define CRYS_ECPKI_BUILD_KEY_ILLEGAL_DOMAIN_ID_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x08UL) +#define CRYS_ECPKI_BUILD_KEY_INVALID_PRIV_KEY_IN_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x09UL) +#define CRYS_ECPKI_BUILD_KEY_INVALID_USER_PRIV_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x0AUL) +#define CRYS_ECPKI_BUILD_KEY_INVALID_PRIV_KEY_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x0BUL) +#define CRYS_ECPKI_BUILD_KEY_INVALID_PRIV_KEY_DATA_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x0CUL) +#define CRYS_ECPKI_BUILD_KEY_INVALID_PUBL_KEY_IN_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x0DUL) +#define CRYS_ECPKI_BUILD_KEY_INVALID_USER_PUBL_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x0EUL) +#define CRYS_ECPKI_BUILD_KEY_INVALID_PUBL_KEY_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x0FUL) +#define CRYS_ECPKI_BUILD_KEY_INVALID_PUBL_KEY_DATA_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x10UL) +#define CRYS_ECPKI_BUILD_KEY_INVALID_COMPRESSION_MODE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x11UL) +#define CRYS_ECPKI_BUILD_KEY_INVALID_CHECK_MODE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x12UL) +#define CRYS_ECPKI_BUILD_KEY_INVALID_TEMP_BUFF_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x13UL) + +/* The CRYS ECPKI EXPORT PUBLIC KEY MODULE ERRORS */ +#define CRYS_ECPKI_EXPORT_PUBL_KEY_INVALID_USER_PUBL_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x14UL) +#define CRYS_ECPKI_EXPORT_PUBL_KEY_ILLEGAL_COMPRESSION_MODE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x15UL) +#define CRYS_ECPKI_EXPORT_PUBL_KEY_INVALID_EXTERN_PUBL_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x16UL) +#define CRYS_ECPKI_EXPORT_PUBL_KEY_INVALID_PUBL_KEY_SIZE_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x17UL) +#define CRYS_ECPKI_EXPORT_PUBL_KEY_INVALID_PUBL_KEY_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x18UL) +#define CRYS_ECPKI_EXPORT_PUBL_KEY_ILLEGAL_DOMAIN_ID_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x19UL) + + +/************************************************************************************************************ + * CRYS EC DIFFIE-HELLMAN MODULE ERRORS +*************************************************************************************************************/ +/* The CRYS EC SVDP_DH Function errors */ +#define CRYS_ECDH_SVDP_DH_INVALID_PARTNER_PUBL_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x31UL) +#define CRYS_ECDH_SVDP_DH_PARTNER_PUBL_KEY_VALID_TAG_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x32UL) +#define CRYS_ECDH_SVDP_DH_INVALID_USER_PRIV_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x33UL) +#define CRYS_ECDH_SVDP_DH_USER_PRIV_KEY_VALID_TAG_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x34UL) +#define CRYS_ECDH_SVDP_DH_INVALID_SHARED_SECRET_VALUE_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x35UL) +#define CRYS_ECDH_SVDP_DH_INVALID_TEMP_DATA_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x36UL) +#define CRYS_ECDH_SVDP_DH_INVALID_SHARED_SECRET_VALUE_SIZE_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x37UL) +#define CRYS_ECDH_SVDP_DH_INVALID_SHARED_SECRET_VALUE_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x38UL) +#define CRYS_ECDH_SVDP_DH_ILLEGAL_DOMAIN_ID_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x39UL) +#define CRYS_ECDH_SVDP_DH_NOT_CONCENT_PUBL_AND_PRIV_DOMAIN_ID_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x3AUL) + + +/************************************************************************************************************ + * CRYS ECDSA MODULE ERRORS + ************************************************************************************************************/ +/* The CRYS ECDSA Signing errors */ +#define CRYS_ECDSA_SIGN_INVALID_DOMAIN_ID_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x50UL) +#define CRYS_ECDSA_SIGN_INVALID_USER_CONTEXT_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x51UL) +#define CRYS_ECDSA_SIGN_INVALID_USER_PRIV_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x52UL) +#define CRYS_ECDSA_SIGN_ILLEGAL_HASH_OP_MODE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x53UL) +#define CRYS_ECDSA_SIGN_INVALID_MESSAGE_DATA_IN_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x54UL) +#define CRYS_ECDSA_SIGN_INVALID_MESSAGE_DATA_IN_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x55UL) +#define CRYS_ECDSA_SIGN_USER_CONTEXT_VALIDATION_TAG_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x57UL) +#define CRYS_ECDSA_SIGN_USER_PRIV_KEY_VALIDATION_TAG_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x58UL) +#define CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x60UL) +#define CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_SIZE_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x61UL) +#define CRYS_ECDSA_SIGN_INVALID_SIGNATURE_OUT_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x62UL) +#define CRYS_ECDSA_SIGN_INVALID_IS_EPHEMER_KEY_INTERNAL_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x63UL) +#define CRYS_ECDSA_SIGN_INVALID_EPHEMERAL_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x64UL) + +/* The CRYS ECDSA Verifying errors */ +#define CRYS_ECDSA_VERIFY_INVALID_DOMAIN_ID_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x70UL) +#define CRYS_ECDSA_VERIFY_INVALID_USER_CONTEXT_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x71UL) +#define CRYS_ECDSA_VERIFY_INVALID_SIGNER_PUBL_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x72UL) +#define CRYS_ECDSA_VERIFY_ILLEGAL_HASH_OP_MODE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x73UL) +#define CRYS_ECDSA_VERIFY_INVALID_SIGNATURE_IN_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x76UL) +#define CRYS_ECDSA_VERIFY_INVALID_SIGNATURE_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x77UL) +#define CRYS_ECDSA_VERIFY_INVALID_MESSAGE_DATA_IN_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x80UL) +#define CRYS_ECDSA_VERIFY_INVALID_MESSAGE_DATA_IN_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x81UL) +#define CRYS_ECDSA_VERIFY_USER_CONTEXT_VALIDATION_TAG_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x82UL) +#define CRYS_ECDSA_VERIFY_SIGNER_PUBL_KEY_VALIDATION_TAG_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x83UL) +#define CRYS_ECDSA_VERIFY_INCONSISTENT_VERIFY_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0x84UL) + + +/************************************************************************************************************ + * CRYS EC ELGAMAL MODULE ERRORS + ************************************************************************************************************/ +/* The CRYS EC ELGAMAL Encrypt function errors */ +#define CRYS_EC_ELGAMAL_ENCR_INVALID_DOMAIN_ID_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xB1UL) +#define CRYS_EC_ELGAMAL_ENCR_INVALID_RECEIVER_PUBL_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xB2UL) +#define CRYS_EC_ELGAMAL_ENCR_INVALID_MESSAGE_DATA_IN_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xB3UL) +#define CRYS_EC_ELGAMAL_ENCR_INVALID_MESSAGE_DATA_IN_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xB4UL) +#define CRYS_EC_ELGAMAL_ENCR_INVALID_ENCR_MESSAGE_OUT_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xB5UL) +#define CRYS_EC_ELGAMAL_ENCR_INVALID_ENCR_MESS_OUT_SIZE_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xB6UL) +#define CRYS_EC_ELGAMAL_ENCR_INVALID_ENCR_MESSAGE_OUT_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xB7UL) +#define CRYS_EC_ELGAMAL_ENCR_INVALID_TEMP_DATA_BUFFER_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xB8UL) +#define CRYS_EC_ELGAMAL_RECEIVER_PUBL_KEY_VALIDATION_TAG_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xB9UL) +#define CRYS_EC_ELGAMAL_ENCR_INVALID_EPHEMERAL_KEY_DATA_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xBAUL) +#define CRYS_EC_ELGAMAL_ENCR_INVALID_EPHEMERAL_PRIV_KEY_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xBBUL) + +/* The CRYS EC ELGAMAL Decrypt function errors */ +#define CRYS_EC_ELGAMAL_DECR_INVALID_DOMAIN_ID_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xC1UL) +#define CRYS_EC_ELGAMAL_DECR_INVALID_RECEIVER_PRIV_KEY_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xC2UL) +#define CRYS_EC_ELGAMAL_DECR_INVALID_ENCR_MESSAGE_IN_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xC3UL) +#define CRYS_EC_ELGAMAL_DECR_INVALID_DECR_MESSAGE_OUT_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xC4UL) +#define CRYS_EC_ELGAMAL_DECR_INVALID_TEMP_DATA_BUFFER_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xC5UL) +#define CRYS_EC_ELGAMAL_RECEIVER_PRIV_KEY_VALIDATION_TAG_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xC6UL) +#define CRYS_EC_ELGAMAL_DECR_INVALID_ENCR_MESSAGE_IN_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xC7UL) +#define CRYS_EC_ELGAMAL_DECR_INVALID_DECR_MESSAGE_OUT_SIZE_PTR_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xC8UL) +#define CRYS_EC_ELGAMAL_DECR_INVALID_DECR_MESSAGE_OUT_SIZE_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xC9UL) + + +#define CRYS_ECC_HOST_MSG_GENERAL_RPC_A_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE+0xD0UL) +#define CRYS_ECC_HOST_MSG_GENERAL_RPC_B_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE+0xD1UL) +#define CRYS_ECC_HOST_MSG_GENERAL_RPC_C_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE+0xD2UL) + +#define CRYS_ECC_ILLEGAL_PARAMS_ACCORDING_TO_PRIV_ERROR (CRYS_ECPKI_MODULE_ERROR_BASE + 0xD3UL) +/************************************************************************************************************ + * CRYS ECPKI IS NOTUPPORTED ERROR * + ************************************************************************************************************/ +#define CRYS_ECPKI_IS_NOT_SUPPORTED (CRYS_ECPKI_MODULE_ERROR_BASE + 0xFFUL) + + + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Structs ******************************/ + +/************************ Public Variables **********************/ + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_kg.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_kg.h new file mode 100644 index 0000000..6a8047b --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_kg.h @@ -0,0 +1,81 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_ECPKI_KG_H +#define CRYS_ECPKI_KG_H + +/* + * Object name : CRYS_ECPKI_KG.h + * State : %state% + * Creation date : 02.02.2006 + * Last modified : %modify_time% + */ +/** @file + * \brief Defines the API of a function for generating ECC private and public keys. + * + * \version CRYS_ECPKI_KG.h#1:cinc:1 + * \author R.Levin + */ + +#include "crys_defs.h" +#include "crys_error.h" +#include "crys_ecpki_types.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + + /***************** CRYS_ECPKI_GenKeyPair function **********************/ + /** + @brief Generates a pair of private and public keys + in little endian ordinary (non-Montgomery) form. + + This function generates a new key pair and initializes + the variables and structures so that these can be used by other EC primitives. + The function performs the following: + 1. Checks the validity of all of the function inputs. If one of the received + parameters is not valid, it returns an error. The major checks are: + - Whether DomainID is valid + - Whether the user private key pointer(UserPrivKey_ptr) is not NULL + - Whether the User Public Key pointer (UserPublKey_ptr) is not NULL + - Whether the User passed temp data buffer is not NULL. + 2. Cleans buffers for private and public key structures. + 3. Calls the low level function LLF_ECPKI_GenKeyPair. + 4. Outputs user public and private key structures in little endian form. + 5. Cleans temporary buffers. + 6. Exits. + + @param[in] DomainID - The enumerator variable defines current EC domain. + @param[out] UserPrivKey_ptr - A pointer to the private key structure. + @param[out] UserPubKey_ptr - A pointer to the public key structure. + @param[in] TempData_ptr - Temporary buffers of size defined in CRYS_ECPKI_KG_TempData_t. + + @return <b>CRYSError_t</b>: <br> + CRYS_OK<br> + CRYS_ECPKI_GEN_KEY_ILLEGAL_D0MAIN_ID_ERROR<br> + CRYS_ECPKI_GEN_KEY_INVALID_PRIVATE_KEY_PTR_ERROR<br> + CRYS_ECPKI_GEN_KEY_INVALID_PUBLIC_KEY_PTR_ERROR<br> + CRYS_ECPKI_GEN_KEY_INVALID_TEMP_DATA_PTR_ERROR<br> +*/ +CIMPORT_C CRYSError_t CRYS_ECPKI_GenKeyPair( + CRYS_ECPKI_DomainID_t DomainID, /*in*/ + CRYS_ECPKI_UserPrivKey_t *UserPrivKey_ptr, /*out*/ + CRYS_ECPKI_UserPublKey_t *UserPublKey_ptr, /*out*/ + CRYS_ECPKI_KG_TempData_t *TempData_ptr /*in*/ ); + + + +#ifdef __cplusplus +} +#endif + +#endif + + + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_types.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_types.h new file mode 100644 index 0000000..cbd87c4 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_ecpki_types.h @@ -0,0 +1,518 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_ECPKI_TYPES_H +#define CRYS_ECPKI_TYPES_H +/* + * Object % CRYS_ECPKI_Types.h : % + * State : %state% + * Creation date : 05/12/2005 + * Last modified : %modify_time% + */ + /** @file + * \brief Contains all of the enums and definitions + * that are used for the CRYS ECPKI APIs, as well as the APIs themselves. + * + * \version CRYS_ECPKI_Types.hh#1:incl:1 + * \author R.Levin + * All rights reserved. + */ + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ + + +#include "crys_rsa_types.h" +#include "crys_hash.h" +#include "crys_pka_defs.h" +#include "dx_pal_compiler.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/************************ Defines ******************************/ + +/*! The valid maximum EC modulus size in 32-bit words */ +#define CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS 18 /*(CRYS_ECPKI_MODUL_MAX_LENGTH_IN_BITS + 31)/(sizeof(DxUint32_t))*/ + +/* The type defines integer array of lengths of maximum lengths of EC modulus */ +typedef DxUint32_t CRYS_ECPKI_ARRAY_t[CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + +/*! Predefined arithmetic reduction mode for modular multiplication: + Choose Montgomery or Barret. Note: Barret is not currently supported. */ +#define CRYS_ECPKI_DEFINED_REDUCTION_MODE Montgomery /* Barret */ + +#define CRYS_DEFS_DUMMY_AES_BLOCK_SIZE 16 +/************************************************************************************** + * Enumerators + ***************************************************************************************/ + +/* Enumerator for the EC finite field Identificator */ +typedef enum +{ + GFp = 0, + GF2 = 1, + + FieldID_OffMode, + + CRYS_ECPKI_FieldIDLast= 0x7FFFFFFF, + +} CRYS_ECPKI_FieldID_t; + +/*------------------------------------------------------------------*/ +/* Enumerator for the EC Domain Identificator + References: [13] - SEC 2: Recomended elliptic curve domain parameters. + Version 1.0. Certicom 2000. + [8] - WAP-261-WTLS-20010406-a, Version 06-April-2001 */ + +typedef enum +{ + /* For prime field */ + CRYS_ECPKI_DomainID_EMPTY = 0, + CRYS_ECPKI_DomainID_WMDRM10 = 1, /* EC from WM DRM 10.05 (prime 160 bit field) */ + + CRYS_ECPKI_DomainID_secp160k1 = 2, /* EC secp160r1 from [13] (identic 7 from [8]), used in CRYS 3.5 */ + CRYS_ECPKI_DomainID_secp160r1 = 3, /* EC secp160k1 from [13] */ + CRYS_ECPKI_DomainID_secp160r2 = 4, /* EC secp160r2 from [13] */ + CRYS_ECPKI_DomainID_secp192k1 = 5, /* EC secp192k1 from [13] */ + CRYS_ECPKI_DomainID_secp192r1 = 6, /* EC secp192r1 from [13] */ + CRYS_ECPKI_DomainID_secp224k1 = 7, /* EC secp224k1 from [13] */ + CRYS_ECPKI_DomainID_secp224r1 = 8, /* EC secp224r1 from [13] */ + CRYS_ECPKI_DomainID_secp256k1 = 9, /* EC secp256k1 from [13] */ + CRYS_ECPKI_DomainID_secp256r1 = 10, /* EC secp256r1 from [13] */ + CRYS_ECPKI_DomainID_secp384r1 = 11, /* EC secp384r1 from [13] */ + CRYS_ECPKI_DomainID_secp521r1 = 12, /* EC secp521r1 from [13] */ + + /* For base 2 field - now not implemented*/ + + + /* EC domain recieved from user by pointer */ + CRYS_ECPKI_DomainID_NotStandard, /* EC domain recieved from user by pointer */ + + CRYS_ECPKI_DomainID_OffMode = 13, /* Set 13 because now not all of data + is filled in LLF_Domains */ + + CRYS_ECPKI_DomainIDLast = 0x7FFFFFFF, + +}CRYS_ECPKI_DomainID_t; + + +/*------------------------------------------------------------------*/ +/* Defines the enum for the HASH operation mode. + * The enumerator defines 6 HASH modes according to IEEE 1363. + * In the WMDRM DSA is used SHA1 mode only. + */ +typedef enum +{ + CRYS_ECPKI_HASH_SHA1_mode = 0, + CRYS_ECPKI_HASH_SHA224_mode = 1, + CRYS_ECPKI_HASH_SHA256_mode = 2, + CRYS_ECPKI_HASH_SHA384_mode = 3, + CRYS_ECPKI_HASH_SHA512_mode = 4, + + CRYS_ECPKI_AFTER_HASH_SHA1_mode = 5, + CRYS_ECPKI_AFTER_HASH_SHA224_mode = 6, + CRYS_ECPKI_AFTER_HASH_SHA256_mode = 7, + CRYS_ECPKI_AFTER_HASH_SHA384_mode = 8, + CRYS_ECPKI_AFTER_HASH_SHA512_mode = 9, + + + CRYS_ECPKI_HASH_NumOfModes, + + CRYS_ECPKI_HASH_OpModeLast = 0x7FFFFFFF, + +}CRYS_ECPKI_HASH_OpMode_t; + + +/*---------------------------------------------------*/ +/* Enumerator for the EC point coordinates identificator */ +typedef enum +{ + EC_PointAffine = 0, /* Affine coordinates */ + EC_PointJacobian = 1, /* Jacobian projective coordinates */ + EC_PointProjStandard = 2, /* Standard projective coordinates */ + EC_PointChudnovsky = 3, /* Chudnovsky projective coordinates */ + + EC_PointID_OffMode = 4, + + CRYS_ECPKI_PointIDLast = 0x7FFFFFFF, + +}CRYS_ECPKI_PointID_t; + +/*---------------------------------------------------*/ +/* Enumerator for the EC point compression identificator */ +typedef enum +{ + CRYS_EC_PointCompressed = 2, + CRYS_EC_PointUncompressed = 4, + CRYS_EC_PointContWrong = 5, /* wrong Point Control value */ + CRYS_EC_PointHybrid = 6, + + CRYS_EC_PointCompresOffMode = 8, + + CRYS_ECPKI_PointCompressionLast= 0x7FFFFFFF, + +}CRYS_ECPKI_PointCompression_t; + +/*----------------------------------------------------*/ +/* Enumerator for compatibility ofthe DHC + with cofactor multiplication to DH ordinary */ +typedef enum +{ + CRYS_ECPKI_SVDP_DHC_CompatibleDH = 0, /* Requested compatiblity of SVDP_DHC with cofactor to SVDP_DH */ + CRYS_ECPKI_SVDP_DHC_NonCompatibleDH = 1, /* Compatiblity of SVDP_DHC with cofactor to SVDP_DH is not requested */ + + CRYS_ECPKI_SVDP_DHC_OffMode, + + CRYS_ECPKI_SVDP_DHC_OpModeLast = 0x7FFFFFFF, + +}CRYS_ECPKI_SVDP_DHC_OpMode_t; + +/*----------------------------------------------------*/ +/* Enumerator for choosing reduction mode on EC arithmetic operations */ +typedef enum { + Montgomery = 0, /* */ + Barret = 1, /* */ + + ReductionOffMode, + + ReductionModeLast= 0x7FFFFFFF, + +}ReductionMode_t; + +#define DEFINED_REDUCTION_MODE Montgomery + +/*----------------------------------------------------*/ +/* Enumerator for indication of EC adding or subtracting operation on FullAdd algotithm */ +typedef enum { + Add = 0, /* */ + Subtract = 1, /* */ + + AddSubtract_OffMode, + + AddSubtractModeLast= 0x7FFFFFFF, + +}AddSubtractMode_t; + +/*----------------------------------------------------*/ +/* Enumerator for indication what checking of EC public key must be performed */ +typedef enum { + CheckPointersAndSizesOnly = 0, /* Only preliminary input parameters checking */ + ECpublKeyPartlyCheck = 1, /* In addition check that EC PubKey is point on curve */ + ECpublKeyFullCheck = 2, /* In addition check that EC_GeneratorOrder*PubKey = O */ + + PublKeyChecingOffMode, + + EC_PublKeyCheckModeLast = 0x7FFFFFFF, + +}EC_PublKeyCheckMode_t; + + +/*************************************************************************************** + * EC arithmetic operations mode + ***************************************************************************************/ +typedef struct { + CRYS_ECPKI_FieldID_t Field; + ReductionMode_t ReductionMode; + +} CRYS_ECPKI_ArithmOpMode_t; + +/************************************************************************************** + * EC DomainInfo structure definition + ***************************************************************************************/ +/*! This structure contains the EC domain data used on the CRYS level. */ +typedef struct { /*! Size of field modulus in bits and in words*/ + DxUint16_t EC_ModulusSizeInBits; + /*! Sizes of order of generator in bits and in words*/ + DxUint16_t EC_OrderSizeInBits; + /*! EC Domain identifier: number of curve*/ + CRYS_ECPKI_DomainID_t DomainID; + /*! EC finite field identifier*/ + CRYS_ECPKI_FieldID_t FieldID; + /* MS byte of the modulus */ + DxUint8_t ModulusMSByte; +} CRYS_ECPKI_DomainInfo_t ; + +/************************************************************************************** + * EC Domain structure definition + ***************************************************************************************/ + +/*! The structure containing the EC domain parameters in little-endian form */ + +typedef struct { + + /*! Field modulus: GF_Modulus = P*/ + DxUint32_t GF_Modulus [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + /*! EC equation parameters a, b*/ + DxUint32_t EC_Param_A [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + DxUint32_t EC_Param_B [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + /*! Order of generator: EC_GenerOrder*/ + DxUint32_t EC_GenerOrder [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 1]; + /*! Generator (EC base point) coordinates in projective form*/ + DxUint32_t EC_Gener_X [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + DxUint32_t EC_Gener_Y [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS]; + /*! EC cofactor EC_Cofactor_K*/ + DxUint32_t EC_Cofactor_K; + /*! EC cofactor inverse EC_CofactorInv*/ + DxUint32_t EC_CofactorInv [1/*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS*/]; + /*! Size of field modulus in bits and in words*/ + DxUint16_t EC_ModulusSizeInBits; + DxUint16_t EC_ModulusSizeInWords; + /*! Size of generator order in bits and in words*/ + DxUint16_t EC_OrderSizeInBits; + DxUint16_t EC_OrderSizeInWords; + + /* include the specific fields that are used by the low level */ + DxUint32_t crysDomainIntBuff[CRYS_PKA_DOMAIN_BUFF_SIZE_IN_WORDS]; + + /*! EC Domain identifier*/ + CRYS_ECPKI_DomainID_t DomainID; + /*! EC finite field identifier*/ + CRYS_ECPKI_FieldID_t FieldID; + +} CRYS_ECPKI_Domain_t; + + + +/************************************************************************************** + * EC point structures definitions + ***************************************************************************************/ + +/*! The structure containing the EC point in affine coordinates + and little endian form */ +typedef struct +{ + /* Point coordinates */ + /*! X-coordinate */ + CRYS_ECPKI_ARRAY_t CoordX; + /*! Y-coordinate */ + CRYS_ECPKI_ARRAY_t CoordY; + +}CRYS_ECPKI_PointAffine_t; + + +/*! The structure containing the EC point in any type of coordinates, + defined by PointID. */ +typedef struct CRYS_ECPKI_Point_t +{ + + /*! X-coordinate */ + CRYS_ECPKI_ARRAY_t CoordX; + /*! Y-coordinate */ + CRYS_ECPKI_ARRAY_t CoordY; + /*! Z-coordinate */ + CRYS_ECPKI_ARRAY_t CoordZ; + /*! Enum variable: defines type of point presentation*/ + CRYS_ECPKI_PointID_t PointID; +}CRYS_ECPKI_Point_t; + + + +/************************************************************************************** + * ECPKI public and private key Structures + ***************************************************************************************/ + +/* --------------------------------------------------------------------- */ +/* .................. The public key structures definitions ............ */ +/* --------------------------------------------------------------------- */ + +/*! The structure containing the Public Key in affine coordinates. + + Size = 2*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 1 + + ( sizeof(LLF_ECPKI_publ_key_db_def.h) = 0 ) */ + +typedef struct +{ + /*! Public Key coordinates */ + + /*! X-coordinate */ + CRYS_ECPKI_ARRAY_t PublKeyX; + /*! Y-coordinate */ + CRYS_ECPKI_ARRAY_t PublKeyY; + /*! Enumerator variable: defines current EC domain*/ + CRYS_ECPKI_DomainID_t DomainID; + + /* include the specific fields that are used by the low level */ + DxUint32_t crysPubKeyIntBuff[CRYS_PKA_PUB_KEY_BUFF_SIZE_IN_WORDS]; +} CRYS_ECPKI_PublKey_t; + + +/*! The user structure containing EC public key data base form. + + Size = 2*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 2 + + ( sizeof(LLF_ECPKI_publ_key_db_def.h) = 0 ) */ + +typedef struct CRYS_ECPKI_UserPublKey_t +{ + DxUint32_t valid_tag; + DxUint8_t PublKeyDbBuff[sizeof(CRYS_ECPKI_PublKey_t)] DX_PAL_COMPILER_ALIGN (4); + +} CRYS_ECPKI_UserPublKey_t; + + +/* --------------------------------------------------------------------- */ +/* .................. The private key structures definitions ........... */ +/* --------------------------------------------------------------------- */ + +/*! The EC private key structure in little endian form. + + Size = CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 2 + + ( sizeof(LLF_ECPKI_priv_key_db_def.h) = 0 ) */ +typedef struct +{ + /*! Private Key data */ + DxUint32_t PrivKey[CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 1]; + /*! Enumerator variable: defines current EC domain */ + CRYS_ECPKI_DomainID_t DomainID; + /* include the specific fields that are used by the low level. */ + DxUint32_t crysPrivKeyIntBuff[CRYS_PKA_PRIV_KEY_BUFF_SIZE_IN_WORDS]; + +}CRYS_ECPKI_PrivKey_t; + + +/*! The user structure containing EC private key data base in little endian form. + + Size = CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 3 + + ( sizeof(LLF_ECPKI_priv_key_db_def.h) = 0 ) */ +typedef struct CRYS_ECPKI_UserPrivKey_t +{ + DxUint32_t valid_tag; + DxUint8_t PrivKeyDbBuff[sizeof(CRYS_ECPKI_PrivKey_t)] DX_PAL_COMPILER_ALIGN (4); + +} CRYS_ECPKI_UserPrivKey_t; + + +/*! The ECPKI KG temporary data type */ +typedef struct CRYS_ECPKI_KG_TempData_t +{ + /* #include specific fields that are used by the low level */ + DxUint32_t crysKGIntBuff[CRYS_PKA_KG_BUFF_MAX_LENGTH_IN_WORDS]; +}CRYS_ECPKI_KG_TempData_t; + +/*! The ECDH temporary data type */ +typedef struct CRYS_ECDH_TempData_t +{ + /* #include specific fields that are used by the low level /such as for ECPKI KG */ + DxUint32_t crysEcdhIntBuff[CRYS_PKA_ECDH_BUFF_MAX_LENGTH_IN_WORDS]; + DxUint32_t MemControl; +}CRYS_ECDH_TempData_t; + +/*! The EC ELGAMAL temporary data type */ +typedef struct CRYS_EC_ELGAMAL_TempData_t +{ + /* #include specific faields that are used by the low level /such as for ECPKI KG */ + DxUint32_t crysElgamalIntBuff[CRYS_PKA_EL_GAMAL_BUFF_MAX_LENGTH_IN_WORDS]; +}CRYS_EC_ELGAMAL_TempData_t; + +typedef struct CRYS_ECPKI_BUILD_TempData_t +{ + /* #include specific fields that are used by the low level /such as for ECPKI KG */ + //#include "llf_ecpki_build_db_def.h" + DxUint32_t crysBuildTmpIntBuff[CRYS_PKA_ECPKI_TMP_BUFF_MAX_LENGTH_IN_WORDS]; +}CRYS_ECPKI_BUILD_TempData_t; + +/************************************************************************** + * CRYS ECDSA context structures + **************************************************************************/ + +/* --------------------------------------------------------------------- */ +/* CRYS ECDSA Signing context structure */ +/* --------------------------------------------------------------------- */ + +typedef struct +{ + /* A user's buffer for the Private Key Object -*/ + CRYS_ECPKI_UserPrivKey_t ECDSA_SignerPrivKey; + + /*HASH specific data and buffers */ + DxUint32_t CRYSPKAHashCtxBuff[CRYS_PKA_RSA_HASH_CTX_SIZE_IN_WORDS]; + CRYS_HASH_Result_t HASH_Result; + DxUint32_t HASH_Result_Size; /* length, in words */ + CRYS_ECPKI_HASH_OpMode_t HashMode; + + /* #include specific fields that are used by the low level */ + DxUint32_t crysEcdsaSignIntBuff[CRYS_PKA_ECDSA_SIGNE_BUFF_MAX_LENGTH_IN_WORDS]; + + /* This Buffer is added for encrypting the context ( encrypted part's size must be 0 modulo 16). + * Note: This block must be at the end of the context. + */ + DxUint8_t DummyBufAESBlockSize[CRYS_DEFS_DUMMY_AES_BLOCK_SIZE]; + +}ECDSA_SignContext_t; + + +/* --------------------------------------------------------------------- */ +/* CRYS ECDSA Signing User context database */ +/* --------------------------------------------------------------------- */ + + +typedef struct CRYS_ECDSA_SignUserContext_t +{ + DxUint32_t valid_tag; + /* For the use of the AES Encryption - Decryption of the context in CCM */ + DxUint32_t AES_iv; + DxUint8_t context_buff [ sizeof (ECDSA_SignContext_t) ]; +} CRYS_ECDSA_SignUserContext_t; + + + +/****************************************************************************/ + +/* --------------------------------------------------------------------- */ +/* CRYS ECDSA Verifying context structure */ +/* --------------------------------------------------------------------- */ +typedef struct +{ + /* A user's buffer for the Private Key Object -*/ + CRYS_ECPKI_UserPublKey_t ECDSA_SignerPublKey; + + /*HASH specific data and buffers */ + DxUint32_t CRYSPKAHashCtxBuff[CRYS_PKA_RSA_HASH_CTX_SIZE_IN_WORDS]; + CRYS_HASH_Result_t HASH_Result; + DxUint16_t HASH_Result_Size; /* length, in words */ + CRYS_ECPKI_HASH_OpMode_t HashMode; + + /* #include specific fields that are used by the low level */ + DxUint32_t crysEcdsaVerIntBuff[CRYS_PKA_ECDSA_VERIFY_BUFF_MAX_LENGTH_IN_WORDS]; + DxUint32_t MemControl; + + /* This Buffer is added for encrypting the context ( encrypted part's size must be 0 modulo 16). + * Note: This block must be at the end of the context. + */ + DxUint8_t DummyBufAESBlockSize[CRYS_DEFS_DUMMY_AES_BLOCK_SIZE]; + +}ECDSA_VerifyContext_t; + + +/* --------------------------------------------------------------------- */ +/* CRYS ECDSA Verifying User context database */ +/* --------------------------------------------------------------------- */ + +typedef struct CRYS_ECDSA_VerifyUserContext_t +{ + DxUint32_t valid_tag; + /* For the use of the AES Encryption - Decryption of the context in CCM */ + DxUint32_t AES_iv; + DxUint8_t context_buff [sizeof(ECDSA_VerifyContext_t)]; +}CRYS_ECDSA_VerifyUserContext_t; + + + + +/*****************************************************************************/ + + + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_error.h new file mode 100644 index 0000000..2788428 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_error.h @@ -0,0 +1,362 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_ERROR_H +#define CRYS_ERROR_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "dx_pal_types.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object name : crys_error.h + * State : %state% + * Creation date : Wed Nov 17 16:55:47 2004 + * Last modified : %modify_time% + */ + /** @file + * \brief This module defines the error return code types and the numbering spaces of the error codes + * for each module of the layers listed below. + * + * \version crys_error.h#1:incl:1 + * \author adams + */ + + +/************************ Defines ******************************/ +/** + * \brief The definitions of the error number space used for the different modules + */ + +/* ........... Error base numeric mapping definitions ................... */ +/* ----------------------------------------------------------------------- */ + + /* The global error base number */ +#define CRYS_ERROR_BASE 0x00F00000UL + +/* The error range number assigned for each layer */ +#define CRYS_ERROR_LAYER_RANGE 0x00010000UL + +/* The error range number assigned to each module on its specified layer */ +#define CRYS_ERROR_MODULE_RANGE 0x00000100UL + +/* Defines the layer index for the error mapping */ +#define CRYS_LAYER_ERROR_IDX 0UL +#define LLF_LAYER_ERROR_IDX 1UL +#define LLFCD_LAYER_ERROR_IDX 2UL +#define VOS_LAYER_ERROR_IDX 3UL +#define PLAT_LAYER_ERROR_IDX 4UL +#define GENERIC_ERROR_IDX 5UL + +/* Defines the module index for error mapping */ +#define AES_ERROR_IDX 0x00UL +#define DES_ERROR_IDX 0x01UL +#define HASH_ERROR_IDX 0x02UL +#define HMAC_ERROR_IDX 0x03UL +#define RSA_ERROR_IDX 0x04UL +#define DH_ERROR_IDX 0x05UL +#define RC4_ERROR_IDX 0x06UL +#define INTERNAL_ERROR_IDX 0x07UL +#define ECPKI_ERROR_IDX 0x08UL +#define CMLA_ERROR_IDX 0x09UL +#define CRYS_SST_ERROR_IDX 0x0AUL +#define PKI_ERROR_IDX 0x0BUL +#define RND_ERROR_IDX 0x0CUL +#define COMMON_ERROR_IDX 0x0DUL +#define CCM_ERROR_IDX 0x0EUL +#define INIT_ERROR_IDX 0x0FUL +#define C2_ERROR_IDX 0x10UL +#define KDF_ERROR_IDX 0x11UL +#define KMNG_ERROR_IDX 0x12UL +#define OTF_ERROR_IDX 0x13UL +#define FLOW_ERROR_IDX 0x14UL +#define AESCCM_ERROR_IDX 0x15UL +#define OTF_MC_ERROR_IDX 0x16UL +#define FIPS_ERROR_IDX 0x17UL +#define BYPASS_ERROR_IDX 0x18UL +#define COMBINED_ERROR_IDX 0x19UL +#define SELF_TEST_ERROR_IDX 0x20UL + + + + + +/* .......... defining the error spaces for each module on each layer ........... */ +/* ------------------------------------------------------------------------------ */ + +/* AES module on the CRYS layer base address - 0x00F00000 */ +#define CRYS_AES_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * AES_ERROR_IDX ) ) + + +/* AES module on the LLF layer base address - 0x00F10000 */ +#define LLF_AES_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * LLF_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * AES_ERROR_IDX ) ) + +/* AES module on the LLFCD layer base address - 0x00F20000 */ +#define LLFCD_AES_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * LLFCD_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * AES_ERROR_IDX ) ) + +/* DES module on the CRYS layer base address - 0x00F00100 */ +#define CRYS_DES_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * DES_ERROR_IDX ) ) + + +/* DES module on the LLF layer base address - 0x00F10100 */ +#define LLF_DES_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * LLF_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * DES_ERROR_IDX ) ) + +/* DES module on the LLFCD layer base address - 0x00F20100 */ +#define LLFCD_DES_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * LLFCD_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * DES_ERROR_IDX ) ) + +/* HASH module on the CRYS layer base address - 0x00F00200 */ +#define CRYS_HASH_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * HASH_ERROR_IDX ) ) + + +/* HASH module on the LLF layer base address - 0x00F10200 */ +#define LLF_HASH_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * LLF_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * HASH_ERROR_IDX ) ) + +/* HASH module on the LLFCD layer base address - 0x00F20200 */ +#define LLFCD_HASH_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * LLFCD_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * HASH_ERROR_IDX ) ) + +/* HMAC module on the CRYS layer base address - 0x00F00300 */ +#define CRYS_HMAC_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * HMAC_ERROR_IDX ) ) + +/* PKI RSA module on the CRYS layer base address - 0x00F00400 */ +#define CRYS_RSA_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * RSA_ERROR_IDX ) ) + +/* DH module on the CRYS layer base address - 0x00F00500 */ +#define CRYS_DH_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * DH_ERROR_IDX ) ) + +/* RC4 module on the CRYS layer base address - 0x00F00600 */ +#define CRYS_RC4_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * RC4_ERROR_IDX ) ) + +/* RC4 module on the LLF layer base address - 0x00F10600 */ +#define LLF_RC4_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * LLF_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * RC4_ERROR_IDX ) ) + + +/* INTERNAL debug error module on the CRYS layer base address - 0x00F00700 */ +#define CRYS_INTERNAL_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * INTERNAL_ERROR_IDX ) ) + +/* ECPKI module on the CRYS layer base address - 0x00F00800 */ +#define CRYS_ECPKI_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * ECPKI_ERROR_IDX ) ) + +/* ECPKI module on the LLF layer base address - 0x00F10800 */ +#define LLF_ECPKI_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * LLF_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * ECPKI_ERROR_IDX ) ) + +/* CMLA module on the CRYS layer base address - 0x00F00900 */ +#define CRYS_CMLA_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * CMLA_ERROR_IDX ) ) + +/* CRY_SST module on the CRYS layer base address - 0x00F00A00 */ +#define CRYS_SST_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * CRYS_SST_ERROR_IDX ) ) + +/* PKI RSA module on the LLF layer base address - 0x00F10B00 */ +#define LLF_PKI_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * LLF_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * PKI_ERROR_IDX ) ) + +/* RND module on the CRYS layer base address - 0x00F00C00 */ +#define CRYS_RND_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * RND_ERROR_IDX ) ) + +/* RND module on the LLF layer base address - 0x00F10C00 */ +#define LLF_RND_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * LLF_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * RND_ERROR_IDX ) ) + +/* RND module on the LLFCD layer base address - 0x00F20C00 */ +#define LLFCD_RND_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * LLFCD_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * RND_ERROR_IDX ) ) + +/* COMMMON module on the CRYS layer base address - 0x00F00D00 */ +#define CRYS_COMMON_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * COMMON_ERROR_IDX ) ) + +/* COMMMON module on the LLF layer base address - 0x00F10D00 */ +#define LLF_COMMON_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * LLF_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * COMMON_ERROR_IDX ) ) + +/* CCM module on the CRYS layer base address - 0x00F00E00 */ +#define CRYS_CCM_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * CCM_ERROR_IDX ) ) + +/* INIT module on the CRYS layer base address - 0x00F00F00 */ +#define CRYS_INIT_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * INIT_ERROR_IDX ) ) + +/* C2 module on the CRYS layer base address - 0x00F01000 */ +#define CRYS_C2_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * C2_ERROR_IDX ) ) + +/* C2 module on the LLF layer base address - 0x00F11000 */ +#define LLF_C2_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * LLF_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * C2_ERROR_IDX ) ) + +/* KDF module on the CRYS layer base address - 0x00F01100 */ +#define CRYS_KDF_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * KDF_ERROR_IDX ) ) + +/* KMNG module on the CRYS layer base address - 0x00F01200 */ +#define CRYS_KMNG_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * KMNG_ERROR_IDX ) ) + +/* OTF module on the CRYS layer base address - 0x00F01300 */ +#define CRYS_OTF_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * OTF_ERROR_IDX ) ) + +/* OTF module on the LLF layer base address - 0x00F11300 */ +#define LLF_OTF_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * LLF_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * OTF_ERROR_IDX ) ) + +/* FLOW module on the CRYS layer base address - 0x00F01400 */ +#define CRYS_FLOW_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * FLOW_ERROR_IDX ) ) + +/* AESCCM module on the CRYS layer base address - 0x00F01500 */ +#define CRYS_AESCCM_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * AESCCM_ERROR_IDX ) ) + +/* OTF module on the LLF layer base address - 0x00F11500 */ +#define LLF_AESCCM_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * LLF_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * AESCCM_ERROR_IDX ) ) +/* OTF MultiContext module on the CRYS layer base address - 0x00F01600 */ +#define CRYS_OTF_MC_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * OTF_MC_ERROR_IDX ) ) + +/* OTF module on the LLF layer base address - 0x00F11600 */ +#define LLF_OTF_MC_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * LLF_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * OTF_MC_ERROR_IDX ) ) + +/* FIPS module on the CRYS layer base address - 0x00F01700 */ +#define CRYS_FIPS_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * FIPS_ERROR_IDX ) ) + +/* BYPASS module on the CRYS layer base address - 0x00F01800 */ +#define CRYS_BYPASS_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * BYPASS_ERROR_IDX ) ) + +/* Combined mode module on the CRYS layer base address - 0x00F01900 */ +#define CRYS_COMBINED_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * COMBINED_ERROR_IDX ) ) + +/* SELF TEST module on the CRYS layer base address - */ +#define CRYS_SELF_TEST_MODULE_ERROR_BASE (CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * CRYS_LAYER_ERROR_IDX) + \ + (CRYS_ERROR_MODULE_RANGE * SELF_TEST_ERROR_IDX ) ) + + + +/* VOS platform layer base address - 0x00F30000 */ +#define VOS_ERROR_BASE ( CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * VOS_LAYER_ERROR_IDX) ) + +/* User platform layer base address - 0x00F40000 */ +#define PLAT_ERROR_BASE ( CRYS_ERROR_BASE + \ + (CRYS_ERROR_LAYER_RANGE * PLAT_LAYER_ERROR_IDX) ) + +/* User generic layer base address - 0x00F50000 */ +#define GENERIC_ERROR_BASE ( CRYS_ERROR_BASE + (CRYS_ERROR_LAYER_RANGE * GENERIC_ERROR_IDX) ) +#define CRYS_FATAL_ERROR (GENERIC_ERROR_BASE + 0x00UL) +#define CRYS_OUT_OF_RESOURCE_ERROR (GENERIC_ERROR_BASE + 0x01UL) + + + +/* ............ The OK (success) definition ....................... */ +#define CRYS_OK 0 + + +#define DX_CRYS_RETURN_ERROR(retCode, retcodeInfo, funcHandler) \ + ((retCode) == 0 ? CRYS_OK : funcHandler(retCode, retcodeInfo)) + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + +/** + * \brief The typedef definition of all of the error codes that are returned from the CRYS functions + */ + +typedef DxUint32_t CRYSError_t; + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif + +#endif + + + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_fips.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_fips.h new file mode 100644 index 0000000..2328cda --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_fips.h @@ -0,0 +1,65 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_FIPS_H +#define CRYS_FIPS_H + +#ifndef CRYS_NO_FIPS_SUPPORT + +#include "dx_pal_types.h" +#include "CRYS_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + /** @file + * \brief Return FIPS mode state + * + * \author nogad + */ + +/************************ Defines ******************************/ +#define DX_CRYS_FIPS_MODE_STATE_OFF 0x0 +#define DX_CRYS_FIPS_MODE_STATE 0x1 +#define DX_CRYS_FIPS_MODE_ERROR_STATE 0x2 + +/************************ Structs ******************************/ + + +/************************ Public Functions **********************/ + +/** + * @brief This function retrieves the FIPS mode (ON or OFF) + * + * @param[out] FipsMode - holds the returned FIPS mode + * + * @return CRYSError_t - On success the function returns the value CRYS_OK, and on failure a non-ZERO error. + * + */ + CIMPORT_C CRYSError_t CRYS_FIPS_GetFipsMode (DxUint8_t *FipsMode); + + /** + * @brief This function sets the FIPS mode (always to ON). If the FIPS mode is set to Error + * the function will not change it. + * + * @param[in] void + * + * @return void + * + */ + CIMPORT_C CRYSError_t CRYS_FIPS_SetFipsMode ( void ); + +#ifdef __cplusplus +} +#endif + +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_fips_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_fips_error.h new file mode 100644 index 0000000..288e378 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_fips_error.h @@ -0,0 +1,60 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_FIPS_ERROR_H +#define CRYS_FIPS_ERROR_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object % CRYS_FIPS_error.h : % + * State : %state% + * Creation date : 25 Sept.2008 + * Last modified : %modify_time% + */ + /** @file + * \brief This module contains the definitions of the CRYS AESCCM errors. + * + * \version CRYS_AESCCM_error.h#1:incl:1 + * \author R.Levin + */ + +/************************ Defines ******************************/ + +/* The CRYS FIPS module errors. + CRYS_FIPS_MODULE_ERROR_BASE = 0x00F01700 */ +#define CRYS_FIPS_INVALID_POINTER_ERROR (CRYS_FIPS_MODULE_ERROR_BASE + 0x00UL) +#define CRYS_FIPS_INVALID_INPUT (CRYS_FIPS_MODULE_ERROR_BASE + 0x01UL) + +#define CRYS_FIPS_IS_NOT_SUPPORTED (CRYS_FIPS_MODULE_ERROR_BASE + 0xFFUL) + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Structs *****************************/ + +/************************ Public Variables *********************/ + +/************************ Public Functions *********************/ + +#ifdef __cplusplus +} +#endif + +#endif + + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_hash.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_hash.h new file mode 100644 index 0000000..97b852a --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_hash.h @@ -0,0 +1,280 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/** \file + * \brief This file contains all of the enums and definitions + * that are used for the CRYS HASH APIs, as well as the APIs themseleves + * + */ + +#ifndef CRYS_HASH_H +#define CRYS_HASH_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ + + +#include "dx_pal_types.h" +#include "crys_error.h" +#include "crys_defs.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/************************ Defines ******************************/ + +/** +@brief - a definition describing the low level Engine type ( SW , Hardware , Etc ) +*/ + +#if defined(DX_CC_SEP) || defined(DX_SEP_HOST_RPC_CONFIG) || defined(DX_CC_TEE) +#define CRYS_HASH_USER_CTX_SIZE_IN_WORDS 33 +#else +#define CRYS_HASH_USER_CTX_SIZE_IN_WORDS 256 +#endif + +/* The hash result in words +#define CRYS_HASH_RESULT_SIZE_IN_WORDS 5*/ +/* The maximum hash result is 512 bits for SHA512 */ +#define CRYS_HASH_RESULT_SIZE_IN_WORDS 16 + +/* The MD5 digest result size in bytes */ +#define CRYS_HASH_MD5_DIGEST_SIZE_IN_BYTES 16 + +/* The MD5 digest result size in words */ +#define CRYS_HASH_MD5_DIGEST_SIZE_IN_WORDS 4 + +/* The SHA-1 digest result size in bytes */ +#define CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES 20 + +/* The SHA-1 digest result size in words */ +#define CRYS_HASH_SHA1_DIGEST_SIZE_IN_WORDS 5 + +/* The SHA-256 digest result size in bytes */ +#define CRYS_HASH_SHA224_DIGEST_SIZE_IN_WORDS 7 + +/* The SHA-256 digest result size in bytes */ +#define CRYS_HASH_SHA256_DIGEST_SIZE_IN_WORDS 8 + +/* The SHA-384 digest result size in bytes */ +#define CRYS_HASH_SHA384_DIGEST_SIZE_IN_WORDS 12 + +/* The SHA-512 digest result size in bytes */ +#define CRYS_HASH_SHA512_DIGEST_SIZE_IN_WORDS 16 + +/* The SHA-256 digest result size in bytes */ +#define CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES 28 + +/* The SHA-256 digest result size in bytes */ +#define CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES 32 + +/* The SHA-384 digest result size in bytes */ +#define CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES 48 + +/* The SHA-512 digest result size in bytes */ +#define CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES 64 + +/* The SHA1 hash block size in words */ +#define CRYS_HASH_BLOCK_SIZE_IN_WORDS 16 + +/* The SHA1 hash block size in bytes */ +#define CRYS_HASH_BLOCK_SIZE_IN_BYTES 64 + +/* The SHA2 hash block size in words */ +#define CRYS_HASH_SHA2_BLOCK_SIZE_IN_WORDS 32 + +/* The SHA2 hash block size in bytes */ +#define CRYS_HASH_SHA2_BLOCK_SIZE_IN_BYTES 128 + + + +/************************ Enums ********************************/ + +/* Defines the enum for the HASH operation mode */ +typedef enum { + CRYS_HASH_SHA1_mode = 0, + CRYS_HASH_SHA224_mode = 1, + CRYS_HASH_SHA256_mode = 2, + CRYS_HASH_SHA384_mode = 3, + CRYS_HASH_SHA512_mode = 4, + CRYS_HASH_MD5_mode = 5, + + CRYS_HASH_NumOfModes, + + CRYS_HASH_OperationModeLast= 0x7FFFFFFF, + +}CRYS_HASH_OperationMode_t; + +/************************ Typedefs *****************************/ + +/* Defines the IV counter buffer */ +typedef DxUint32_t CRYS_HASH_Result_t[CRYS_HASH_RESULT_SIZE_IN_WORDS]; + +/************************ Structs ******************************/ +/* The user's context prototype - the argument type that will be passed by the user + to the APIs called by him */ +typedef struct CRYS_HASHUserContext_t { + DxUint32_t buff[CRYS_HASH_USER_CTX_SIZE_IN_WORDS]; +}CRYS_HASHUserContext_t; + +/************************ Public Variables **********************/ + +/************************ Public Functions **********************/ + + +/************************************************************************************************/ +/** + * This function initializes the HASH machine on the CRYS level. + * + * This function allocates and initializes the HASH Context. + * The function receives as input a pointer to store the context handle to the HASH Context, + * and it initializes the HASH Context with the cryptographic attributes that are needed for + * the HASH block operation (initializes H's value for the HASH algorithm). + * + * @param[in] ContextID_ptr - A pointer to the HASH context buffer allocated by the user + * that is used for the HASH machine operation. + * + * @param[in] OperationMode - The operation mode: CRYS_HASH_SHA1_mode, CRYS_HASH_SHA224_mode, CRYS_HASH_SHA256_mode, + * CRYS_HASH_SHA384_mode, CRYS_HASH_SHA512_mode, CRYS_HASH_MD5_mode + * + * @return CRYSError_t - On success the function returns the value CRYS_OK, + * and on failure a non-ZERO error. + * + */ +CIMPORT_C CRYSError_t CRYS_HASH_Init(CRYS_HASHUserContext_t *ContextID_ptr, + CRYS_HASH_OperationMode_t OperationMode); + +/************************************************************************************************/ +/** + * This function process a block of data via the HASH Hardware/Software. + * + * The function receives as input an handle to the HASH Context that was previously + * initialized by a CRYS_HASH_Init function or by another call to a CRYS_HASH_Update function. \n + * The function sets the last H's value that was stored in + * the CRYS HASH context, and then processes the data block. + * At the end of the process, the function stores in the HASH context the H's value, + * together with the cryptographic attributes that are needed for + * the HASH block operation (initialize H's value for the HASH algorithm). + * This function is used in cases where the data is not all arranged in one + * continuous buffer. \n + * + * @param[in] ContextID_ptr - a pointer to the HASH context buffer allocated by the user that + * is used for the HASH machine operation. + * + * @param[in] DataIn_ptr - The pointer to the buffer of the input data to the HASH. The pointer does + * not need to be aligned. On CSI input mode the pointer must be equal to + * value (0xFFFFFFFC | DataInAlignment). + * + * @param[in] DataInSize - The size of the data to be hashed in bytes. On CSI data transfer mode the size must + * multiple of HASH_BLOCK_SIZE for used HASH mode. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* crys_hash_error.h + * + * + */ + +CIMPORT_C CRYSError_t CRYS_HASH_Update(CRYS_HASHUserContext_t *ContextID_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize ); + + +/************************************************************************************************/ +/** + * This function finalizes the hashing process of data block. + * The function receives as input an handle to the HASH Context , that was initialized before + * by an CRYS_HASH_Init function or by CRYS_HASH_Update function. + * The function "adds" an header to the data block as the specific hash standard + * specifics, then it loads the engine and reads the final message digest. + * + * @param[in] ContextID_ptr - a pointer to the HASH context buffer allocated by the user that + * is used for the HASH machine operation. + * + * @retval HashResultBuff a pointer to the target buffer where the + * HASE result stored in the context is loaded to. + * + * @return CRYSError_t - On success the function returns the value CRYS_OK, + * and on failure a non-ZERO error. + */ + +CIMPORT_C CRYSError_t CRYS_HASH_Finish( CRYS_HASHUserContext_t *ContextID_ptr , + CRYS_HASH_Result_t HashResultBuff ); + + +/************************************************************************************************/ +/** + * @brief This function is a utility function that frees the context if the operation has failed. + * + * The function executes the following major steps: + * + * 1. Checks the validity of all of the inputs of the function. + * If one of the received parameters is not valid it shall return an error. + * The main checks that are run over the received parameters: + * - verifying that the context pointer is not DX_NULL (*ContextID_ptr). + * 2. Clears the user's context. + * 3. Exits the handler with the OK code. + * + * + * @param[in] ContextID_ptr - A pointer to the HASH context buffer allocated by the user + * that is used for the HASH machine operation. This should be + * the same context that was used on the previous call of this session. + * + * + * @return CRYSError_t - On success the value CRYS_OK is returned, + * and on failure a value from crys_error.h + */ + + +CIMPORT_C CRYSError_t CRYS_HASH_Free(CRYS_HASHUserContext_t *ContextID_ptr ); + + +/************************************************************************************************/ +/** + * \brief This function provides a HASH function for processing one buffer of data. + * + * The function allocates an internal HASH Context, and initializes the + * HASH Context with the cryptographic attributes that are needed for + * the HASH block operation (initialize H's value for the HASH algorithm). + * Next the function loads the engine with the initializing values, + * and then processes the data block, calculating the hash. + * Finally, the function return the message digest of the data buffer . + * + * @param[in] OperationMode - The operation mode: CRYS_HASH_SHA1_mode, CRYS_HASH_SHA224_mode, CRYS_HASH_SHA256_mode, + * CRYS_HASH_SHA384_mode, CRYS_HASH_SHA512_mode, CRYS_HASH_MD5_mode + * + * @param[in] DataIn_ptr - The pointer to the buffer of the input data to the HASH. The pointer does + * not need to be aligned. On CSI input mode the pointer must be equal to + * value (0xFFFFFFFC | DataInAlignment). + * + * @param[in] DataInSize - The size of the data to be hashed in bytes. On CSI data transfer mode the size must + * multiple of HASH_BLOCK_SIZE for used HASH mode. + * + * @retval HashResultBuff - A pointer to the target buffer where the + * HASE result stored in the context is loaded to. + * + * @return CRYSError_t - On success the function returns the value CRYS_OK, + * and on failuer a non-ZERO error. + * + */ + +CIMPORT_C CRYSError_t CRYS_HASH ( CRYS_HASH_OperationMode_t OperationMode, + DxUint8_t *DataIn_ptr, + DxUint32_t DataSize, + CRYS_HASH_Result_t HashResultBuff ); + + + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_hash_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_hash_error.h new file mode 100644 index 0000000..3525606 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_hash_error.h @@ -0,0 +1,75 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_HASH_ERROR_H +#define CRYS_HASH_ERROR_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object % crys_hash_error.h : % + * State : %state% + * Creation date : Sun Nov 21 11:07:08 2004 + * Last modified : %modify_time% + */ + /** @file + * \brief This module containes the definitions of the CRYS AES errors. + * + * \version crys_aes_error.h#1:incl:1 + * \author adams + */ + + + + +/************************ Defines ******************************/ +/*HASH module on the CRYS layer base address - 0x00F00200*/ +/* The CRYS HASH module errors */ +#define CRYS_HASH_INVALID_USER_CONTEXT_POINTER_ERROR (CRYS_HASH_MODULE_ERROR_BASE + 0x0UL) +#define CRYS_HASH_ILLEGAL_OPERATION_MODE_ERROR (CRYS_HASH_MODULE_ERROR_BASE + 0x1UL) +#define CRYS_HASH_USER_CONTEXT_CORRUPTED_ERROR (CRYS_HASH_MODULE_ERROR_BASE + 0x2UL) +#define CRYS_HASH_DATA_IN_POINTER_INVALID_ERROR (CRYS_HASH_MODULE_ERROR_BASE + 0x3UL) +#define CRYS_HASH_DATA_SIZE_ILLEGAL (CRYS_HASH_MODULE_ERROR_BASE + 0x4UL) +#define CRYS_HASH_INVALID_RESULT_BUFFER_POINTER_ERROR (CRYS_HASH_MODULE_ERROR_BASE + 0x5UL) +#define CRYS_HASH_DATA_SIZE_IS_ILLEGAL_FOR_CSI_ERROR (CRYS_HASH_MODULE_ERROR_BASE + 0x8UL) +#define CRYS_HASH_LAST_BLOCK_ALREADY_PROCESSED_ERROR (CRYS_HASH_MODULE_ERROR_BASE + 0xCUL) +#define CRYS_HASH_ILLEGAL_PARAMS_ERROR (CRYS_HASH_MODULE_ERROR_BASE + 0xDUL) + + +#define CRYS_HASH_IS_NOT_SUPPORTED (CRYS_HASH_MODULE_ERROR_BASE + 0xFUL) + + + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_hmac.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_hmac.h new file mode 100644 index 0000000..5ace8d2 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_hmac.h @@ -0,0 +1,210 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/** \file + * \brief This file contains all of the enums and definitions that are used for + * the CRYS HMAC APIs, as well as the APIs themselves + * + */ + +#ifndef CRYS_HMAC_H +#define CRYS_HMAC_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ + + +#include "dx_pal_types.h" +#include "crys_error.h" +#include "crys_defs.h" +#include "crys_hash.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/************************ Defines ******************************/ + +/* The HMAC key size after padding for MD5, SHA1, SHA256 */ + + +#if defined(DX_CC_SEP) || defined(DX_CC_TEE) +#define CRYS_HMAC_USER_CTX_SIZE_IN_WORDS 33 +#else +#define CRYS_HMAC_USER_CTX_SIZE_IN_WORDS 299 +#endif + + +#define CRYS_HMAC_KEY_SIZE_IN_BYTES 64 + +/* The HMAC key size after padding for SHA384, SHA512 */ +#define CRYS_HMAC_SHA2_1024BIT_KEY_SIZE_IN_BYTES 128 + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/* ********************** Structures *************************** */ + + +/* The user's context prototype - the argument type that will be passed by the user + to the APIs called by him */ +typedef struct CRYS_HMACUserContext_t { + DxUint32_t buff[CRYS_HMAC_USER_CTX_SIZE_IN_WORDS]; + +}CRYS_HMACUserContext_t; + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +/** + * This function initializes the HMAC machine on the CRYS level. + * + * The function allocates and initializes the HMAC Context . + * The function receives as input a pointer to store the context handle to HMAC Context. + * + * If the key is larger than 64 bytes, this function performs an MD5 HASH on it. + * + * The function executes a HASH_init session and processes a HASH update + * on the Key XOR ipad and stores it in the context. + * + * @param[in] ContextID_ptr - A pointer to the HMAC context buffer allocated by the user + * that is used for the HMAC machine operation. + * + * @param[in] OperationMode - The operation mode: MD5 or SHA1. + * + * @param[in] key_ptr - The pointer to the user's key buffer. + * + * @param[in] keySize - The size of the received key. + * + * @return CRYSError_t - On success the function returns the value CRYS_OK, + * and on failure a non-ZERO error. + * + */ +CIMPORT_C CRYSError_t CRYS_HMAC_Init(CRYS_HMACUserContext_t *ContextID_ptr, + CRYS_HASH_OperationMode_t OperationMode, + DxUint8_t *key_ptr, + DxUint16_t keySize ); + + +/** + * This function processes a HMAC block of data via the HASH hardware/software. + * The function receives as input a handle to the HMAC Context, + * and performs a HASH update on the data described below. + * + * @param[in] ContextID_ptr - A pointer to the HMAC context buffer allocated by the user + * that is used for the HMAC machine operation. + * + * @param DataIn_ptr - A pointer to the buffer that stores the data to be hashed. + * + * @param DataInSize - The size of the data to be hashed, in bytes. + * + * @return CRYSError_t - On success the function returns CRYS_OK, + * and on failure a non-ZERO error. + */ + +CIMPORT_C CRYSError_t CRYS_HMAC_Update(CRYS_HMACUserContext_t *ContextID_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize ); + + +/** + * This function finalizes the HMAC processing of a data block. + * The function receives as input a handle to the HMAC Context that was previously initialized + * by a CRYS_HMAC_Init function or by a CRYS_HMAC_Update function. + * This function finishes the HASH operation on the ipad and text, and then + * executes a new HASH operation with the key XOR opad and the previous HASH operation result. + * + * @param[in] ContextID_ptr - A pointer to the HMAC context buffer allocated by the user + * that is used for the HMAC machine operation. + * + * @retval HmacResultBuff - A pointer to the target buffer where the + * HMAC result stored in the context is loaded to. + * + * @return CRYSError_t - On success the function returns CRYS_OK, + * and on failure a non-ZERO error. + */ + +CIMPORT_C CRYSError_t CRYS_HMAC_Finish( CRYS_HMACUserContext_t *ContextID_ptr , + CRYS_HASH_Result_t HmacResultBuff ); + + +/** + * @brief This function is a service function that frees the context if the operation has failed. + * + * The function executes the following major steps: + * + * 1. Checks the validity of all of the inputs of the function. + * If one of the received parameters is not valid it shall return an error. + * The major checks that are run over the received parameters: + * - verifying that the context pointer is not DX_NULL (*ContextID_ptr). + * 2. Clears the user's context. + * 3. Exits the handler with the OK code. + * + * @param[in] ContextID_ptr - A pointer to the HMAC context buffer allocated by the user + * that is used for the HMAC machine operation. This should be the + * same context that was used for the previous call of this session. + * + * @return CRYSError_t - On success the value CRYS_OK is returned, + * and on failure a value from crys_error.h + */ + +CIMPORT_C CRYSError_t CRYS_HMAC_Free(CRYS_HMACUserContext_t *ContextID_ptr ); + + +/** + * This function provide HASH function to process one buffer of data. + * The function allocates an internal HASH Context , it initializes the + * HASH Context with the cryptographic attributes that are needed for + * the HASH block operation ( initialize H's value for the HASH algorithm ). + * Then the function loads the Hardware with the initializing values and after + * that process the data block using the hardware to do hash . + * At the end the function return the message digest of the data buffer . + * + * + * @param[in] OperationMode - The operation mode : MD5 or SHA1. + * + * @param[in] key_ptr - The pointer to the users key buffer. + * + * @oaram[in] keySize - The size of the received key. + * + * @param[in] ContextID_ptr - a pointer to the HMAC context buffer allocated by the user that + * is used for the HMAC machine operation. + * + * @param[in] DataIn_ptr - The pointer to the buffer of the input data to the HMAC. The pointer does + * not need to be aligned. On CSI input mode the pointer must be equal to + * value (0xFFFFFFFC | DataInAlignment). + * + * @param[in] DataInSize - The size of the data to be hashed in bytes. On CSI data transfer mode the size must + * multiple of HASH_BLOCK_SIZE for used HASH mode. + * + * param[out] HashResultBuff - a pointer to the target buffer where the + * HMAC result stored in the context is loaded to. + * + * @return CRYSError_t on success the function returns CRYS_OK else non ZERO error. + * + */ +CIMPORT_C CRYSError_t CRYS_HMAC ( CRYS_HASH_OperationMode_t OperationMode, + DxUint8_t *key_ptr, + DxUint16_t keySize, + DxUint8_t *DataIn_ptr, + DxUint32_t DataSize, + CRYS_HASH_Result_t HmacResultBuff ); +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_hmac_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_hmac_error.h new file mode 100644 index 0000000..25e3957 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_hmac_error.h @@ -0,0 +1,75 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_HMAC_ERROR_H +#define CRYS_HMAC_ERROR_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object % crys_hash_error.h : % + * State : %state% + * Creation date : Sun Nov 21 11:07:08 2004 + * Last modified : %modify_time% + */ + /** @file + * \brief This module containes the definitions of the CRYS AES errors. + * + * \version crys_aes_error.h#1:incl:1 + * \author adams + */ + + + + +/************************ Defines ******************************/ + +/* The CRYS HASH module errors */ +#define CRYS_HMAC_INVALID_USER_CONTEXT_POINTER_ERROR (CRYS_HMAC_MODULE_ERROR_BASE + 0x0UL) +#define CRYS_HMAC_ILLEGAL_OPERATION_MODE_ERROR (CRYS_HMAC_MODULE_ERROR_BASE + 0x1UL) +#define CRYS_HMAC_USER_CONTEXT_CORRUPTED_ERROR (CRYS_HMAC_MODULE_ERROR_BASE + 0x2UL) +#define CRYS_HMAC_DATA_IN_POINTER_INVALID_ERROR (CRYS_HMAC_MODULE_ERROR_BASE + 0x3UL) +#define CRYS_HMAC_DATA_SIZE_ILLEGAL (CRYS_HMAC_MODULE_ERROR_BASE + 0x4UL) +#define CRYS_HMAC_INVALID_RESULT_BUFFER_POINTER_ERROR (CRYS_HMAC_MODULE_ERROR_BASE + 0x5UL) +#define CRYS_HMAC_INVALID_KEY_POINTER_ERROR (CRYS_HMAC_MODULE_ERROR_BASE + 0x6UL) +#define CRYS_HMAC_UNVALID_KEY_SIZE_ERROR (CRYS_HMAC_MODULE_ERROR_BASE + 0x7UL) +#define CRYS_HMAC_LAST_BLOCK_ALREADY_PROCESSED_ERROR (CRYS_HMAC_MODULE_ERROR_BASE + 0xBUL) +#define CRYS_HMAC_ILLEGAL_PARAMS_ERROR (CRYS_HMAC_MODULE_ERROR_BASE + 0xCUL) + +#define CRYS_HMAC_IS_NOT_SUPPORTED (CRYS_HMAC_MODULE_ERROR_BASE + 0xFUL) + + + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_init.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_init.h new file mode 100644 index 0000000..d3c7ff9 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_init.h @@ -0,0 +1,117 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_INIT_H +#define CRYS_INIT_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ + +#include "DX_VOS_BaseTypes.h" +#include "crys_defs.h" +#include "crys_init_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object % CRYS_init.c : % + * State : %state% + * Creation date : Wed Nov 17 17:44:02 2004 + * Last modified : %modify_time% + */ + /** @file + * \brief A brief description of this module + * + * \version CRYS_init.h#1:incl:1 + * \author adams + */ + + + + +/************************ Defines ******************************/ + +#define CRYS_INIT_PARAM_128_BIT_RKEK 0x1 +#define CRYS_INIT_PARAM_256_BIT_RKEK 0x0 + +#define CRYS_INIT_PARAM_RSA_DMA_MODE 0x0 +#define CRYS_INIT_PARAM_RSA_DIRECT_MODE 0x2 + +#define CRYS_INIT_PARAM_AHB_32_BITS_MODE 0x0 +#define CRYS_INIT_PARAM_AHB_64_BITS_MODE 0x4 +/************************ Enums ********************************/ + +#ifdef DX_CRYS_MULTI_CPU_SUPPORT +/*This enum is relevant only to the multi CPU projects*/ +typedef enum +{ + CRYS_MULTI_CPU_CP_ID = 1, + CRYS_MULTI_CPU_AP_ID = 2, + + CRYS_MULTI_CPU_NumOfCpuId, + + CRYS_MULTI_CPU_NumOfCpuIdLast= 0x7FFFFFFF, + +}CRYS_MULTI_CPU_NumOfCpuId_t; +#endif + +/************************ Typedefs ****************************/ + + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +/** + * @brief This function initializes the CRYS SW. + * + * The function calls the init functions of all of the modules in the CRYS. + * + * @param[in] - HwBaseAddress the hardware base address. + * + * \note The last two arguments are have different use in the different used LLF. + * + * @param[in] - param_PTR - pointer to parameter for the CRYS_Init (the seed used to create the SK - relevant only on CRYS_SW). + * + * + * + * @param[in] - param - parameter by value. + * CRYS software - (the size of the seed in bytes when seed is in param_PTR). + * CRYS with SEP - RKEK size and PKI mode + * CRYS with multi CPU support - CPU Id. + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in ... + */ + +CIMPORT_C CRYSError_t CRYS_Init(DxUint32_t CryptoCellBaseAddress , DxUint8_t *param_PTR , DxUint16_t param ); + +/** + * @brief This function terminates the CRYS SW. + * + * The function calls the terminate functions of all of the relevant modules in the CRYS. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in ... + */ + +CIMPORT_C CRYSError_t CRYS_Terminate(void); + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_init_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_init_error.h new file mode 100644 index 0000000..6e7c67b --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_init_error.h @@ -0,0 +1,62 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_INIT_ERROR_H +#define CRYS_INIT_ERROR_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_error.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object %CRYS_INIT_error.h : % + * State : %state% + * Creation date : Sun Nov 21 11:08:02 2004 + * Last modified : %modify_time% + */ + /** @file + * \brief A brief description of this module + * + * \version CRYS_INIT_error.h#1:incl:1 + * \author adams + */ + + + + +/************************ Defines ******************************/ +#define CRYS_INIT_CPU_ID_TYPE_ERROR (CRYS_INIT_MODULE_ERROR_BASE + 0x0UL) + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif + +#endif + + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_kdf.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_kdf.h new file mode 100644 index 0000000..a0b6bed --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_kdf.h @@ -0,0 +1,226 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_KDF_h_H +#define CRYS_KDF_h_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_hash.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + + /* + * Object %name : %crys_kdf.h State: + * %state% Creation date : + * 13 May 2007. Last modified : + * %modify_time% + */ + /** @file + * \brief This module defines the API that supports Key derivation function in modes + * as defined in PKCS#3, ,ANSI X9.42-2001, ANSI X9.63-1999, OMA-TS-DRM-DRM-V2_0-20050712-C. + * + * \version crys_kdf.h#1:incl:15 + * \author R.Levin + */ + +#include "crys_hash.h" + + +/************************ Defines ******************************/ + +/* Shared secret value max size in bytes: must be defined according to * +* DH max. modulus size definition! */ +#define CRYS_KDF_MAX_SIZE_OF_SHARED_SECRET_VALUE 512/*bytes*/ + +/* Count and max. sizeof OtherInfo entries (pointers to data buffers) */ +#define CRYS_KDF_COUNT_OF_OTHER_INFO_ENTRIES 5 +#define CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY 64 /*bytes*/ +/* Max size of keying data in bytes to generate */ +#define CRYS_KDF_MAX_SIZE_OF_KEYING_DATA 2048 + +/************************ Enums ********************************/ + +typedef enum +{ + CRYS_KDF_HASH_SHA1_mode = 0, + CRYS_KDF_HASH_SHA224_mode = 1, + CRYS_KDF_HASH_SHA256_mode = 2, + CRYS_KDF_HASH_SHA384_mode = 3, + CRYS_KDF_HASH_SHA512_mode = 4, + + CRYS_KDF_HASH_NumOfModes, + + CRYS_KDF_HASH_OpModeLast = 0x7FFFFFFF, + +}CRYS_KDF_HASH_OpMode_t; + +typedef enum +{ + CRYS_KDF_ASN1_DerivMode = 0, + CRYS_KDF_ConcatDerivMode = 1, + CRYS_KDF_X963_DerivMode = CRYS_KDF_ConcatDerivMode, + CRYS_KDF_OMADRM_DerivMode = 2, + CRYS_KDF_ISO18033_KDF1_DerivMode = 3, + CRYS_KDF_ISO18033_KDF2_DerivMode = 4, + + CRYS_KDF_DerivFunc_NumOfModes = 5, + + CRYS_KDF_DerivFuncModeLast= 0x7FFFFFFF, + +}CRYS_KDF_DerivFuncMode_t; + +/************************ Typedefs ****************************/ + +/* Structure, containing the optional data for KDF, + if any data is not needed, then the pointer value and + the size must be set to NULL */ +typedef struct +{ + /* a unique object identifier (OID), indicating algorithm(s) + for which the keying data will be used*/ + DxUint8_t AlgorithmID[CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY]; + DxUint32_t SizeOfAlgorithmID; + /* Public information contributed by the initiator */ + DxUint8_t PartyUInfo[CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY]; + DxUint32_t SizeOfPartyUInfo; + /* Public information contributed by the responder */ + DxUint8_t PartyVInfo[CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY]; + DxUint32_t SizeOfPartyVInfo; + /* Mutually-known private information, e.g. shared information + communicated throgh a separate channel */ + DxUint8_t SuppPrivInfo[CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY]; + DxUint32_t SizeOfSuppPrivInfo; + /* Mutually-known public information, */ + DxUint8_t SuppPubInfo[CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY]; + DxUint32_t SizeOfSuppPubInfo; + +}CRYS_KDF_OtherInfo_t; + +/************************ Structs ******************************/ + +/************************ Public Variables **********************/ + +/************************ Public Functions **********************/ + +/****************************************************************/ + + +/*********************************************************************************************************/ +/** + * @brief CRYS_KDF_KeyDerivFunc performs key derivation according to one of some modes defined in standards: + ANSI X9.42-2001, ANSI X9.63, OMA_TS_DRM_DRM_V2_0-20050712-C, ISO/IEC 18033-2. + + The present implementation of the function allows the following operation modes: + - CRYS_KDF_ASN1_DerivMode - mode based on ASN.1 DER encoding; + - CRYS_KDF_ConcatDerivMode - mode based on concatenation; + - CRYS_KDF_X963_DerivMode = CRYS_KDF_ConcatDerivMode; + - CRYS_KDF_OMA_DRM_DerivMode - specific mode for OMA DRM; + - CRYS_KDF_ISO18033_KDF1_DerivMode - specific mode according to + ECIES-KEM algorithm (ISO/IEC 18033-2). + + The purpose of this function is to derive a keying data from the shared secret value and some + other optional shared information (SharedInfo). + + For calling the API on some specific modes may be used the following macros: + - CRYS_KDF_ASN1_KeyDerivFunc ; + - CRYS_KDF_ConcatKeyDerivFunc ; + - CRYS_KDF_OMADRM_DerivFunc. + + \note The length in Bytes of the hash result buffer is denoted by "hashlen". + \note All buffers arguments are represented in Big-Endian format. + + @param[in] ZZSecret_ptr - A pointer to shared secret value octet string. + @param[in] ZZSecretSize - The size of the shared secret value in bytes. The maximal + size is defined as: CRYS_KDF_MAX_SIZE_OF_SHARED_SECRET_VALUE. + @param[in] OtherInfo - The pointer to structure , containing the data, + shared by two entities of agreement and the data sizes. + This argument is optional for some modes (if it is not needed - set NULL). + On KDF OMA_DRM and two ISO/IEC 18033-2 modes - set NULL. + On KDF ASN1 mode the OtherInfo and its AlgorithmID entry are mandatory. + @param[in] KDFhashMode - The KDF identifier of hash function to be used. + The hash function output must be at least 160 bits. + @param[in] derivation_mode - Specifies one of above described derivation modes. + @param[out] KeyingData_ptr - A pointer to the buffer for derived keying data. + @param[in] KeyingDataSizeBytes - The size in bytes of the keying data to be derived. + The maximal size is defined as: CRYS_KDF_MAX_SIZE_OF_KEYING_DATA. + + @return CRYSError_t - On success the value CRYS_OK is returned, + and on failure an ERROR as defined in CRYS_KDF_error.h: + CRYS_KDF_INVALID_ARGUMENT_POINTER_ERROR + CRYS_KDF_INVALID_KEY_DERIVATION_MODE_ERROR + CRYS_KDF_INVALID_SHARED_SECRET_VALUE_SIZE_ERROR + CRYS_KDF_INVALID_SIZE_OF_DATA_TO_HASHING_ERROR + CRYS_KDF_INVALID_ARGUMENT_HASH_MODE_ERROR + CRYS_KDF_INVALID_OTHER_INFO_SIZE_ERROR + CRYS_KDF_INVALID_KEYING_DATA_SIZE_ERROR +*/ +CIMPORT_C CRYSError_t CRYS_KDF_KeyDerivFunc( + DxUint8_t *ZZSecret_ptr, + DxUint32_t ZZSecretSize, + CRYS_KDF_OtherInfo_t *OtherInfo_ptr, + CRYS_KDF_HASH_OpMode_t KDFhashMode, + CRYS_KDF_DerivFuncMode_t derivation_mode, + DxUint8_t *KeyingData_ptr, + DxUint32_t KeyingDataSizeBytes ); + +/* alias for backward compatibility */ +#define _DX_KDF_KeyDerivFunc CRYS_KDF_KeyDerivFunc + +/*********************************************************************************************************/ +/** + * @brief CRYS_KDF_ASN1_KeyDerivFunc performs key derivation according to ASN1 DER encoding method defined + in standard ANSI X9.42-2001, 7.2.1. + + This is the macro for calling the CRYS_KeyDerivationFunc on said mode (arguments and errors description see in + function definitions). +*/ +#define CRYS_KDF_ASN1_KeyDerivFunc(ZZSecret_ptr,ZZSecretSize,OtherInfo_ptr,KDFhashMode,KeyingData_ptr,KeyLenInBytes)\ + CRYS_KDF_KeyDerivFunc((ZZSecret_ptr),(ZZSecretSize),(OtherInfo_ptr),(KDFhashMode),CRYS_KDF_ASN1_DerivMode,(KeyingData_ptr),(KeyLenInBytes)) + + +/*********************************************************************************************************/ +/** + * @brief CRYS_KDF_ConcatKeyDerivFunc performs key derivation according to concatenation mode defined + in standard ANSI X9.42-2001, 7.2.2. + + This is the macro for calling the CRYS_KeyDerivationFunc on said mode (arguments and errors description see in + function definitions). +*/ +#define CRYS_KDF_ConcatKeyDerivFunc(ZZSecret_ptr,ZZSecretSize,OtherInfo_ptr,KDFhashMode,KeyingData_ptr,KeyLenInBytes)\ + CRYS_KDF_KeyDerivFunc((ZZSecret_ptr),(ZZSecretSize),(OtherInfo_ptr),(KDFhashMode),CRYS_KDF_ConcatDerivMode,(KeyingData_ptr),(KeyLenInBytes)) + + +/*********************************************************************************************************/ +/** + * @brief CRYS_KDF_OMADRM_KeyDerivFunc performs key derivation according to concatenation mode defined + in standard ANSI X9.42-2001, 7.2.2 and specific requirements of OMA_TS_DRM_DRM_V2_0-20050712-C. + + The specific requirements have respect to following arguments of called _DX_KeyDerivationFunc function: + - OtherInfo_ptr = NULL, + - KDFhashMode = CRYS_KDF_HASH_SHA1_mode; + - derivation_mode = CRYS_KDF_ConcatDerivMode. + + This is the macro for calling the CRYS_KeyDerivationFunc on said mode (arguments and errors description see in + function definitions). +*/ +#define CRYS_KDF_OMADRM_KeyDerivFunc(ZZSecret_ptr,ZZSecretSize,KeyingData_ptr,KeyLenInBytes)\ + CRYS_KDF_KeyDerivFunc((ZZSecret_ptr),(ZZSecretSize),DX_NULL,CRYS_KDF_HASH_SHA1_mode,CRYS_KDF_ConcatDerivMode,(KeyingData_ptr),(KeyLenInBytes)) + + + +#ifdef __cplusplus +} +#endif + +#endif + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_kdf.xml b/peripheral/keystore/chaabi/libcc54/include/crys/crys_kdf.xml new file mode 100644 index 0000000..cb140fc --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_kdf.xml @@ -0,0 +1,83 @@ +<?xml version="1.0" encoding="US-ASCII" ?> +<!--**************************************************************** +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +*****************************************************************--> + +<!-- SepRpcTest API description: An API dedicated to test the RPC mechanism --> + +<api name="CrysKdf"> <!-- The KDF API Agent ID --> + +<!-- Default return codes for generated wrapper code (may be overriden for specific functions --> + <retcodes ok="CRYS_OK" generic_error="CRYS_KDF_HOST_MSG_GENERAL_RPC_A_ERROR" invalid_param="CRYS_KDF_HOST_MSG_GENERAL_RPC_B_ERROR" not_enough_resources="CRYS_KDF_HOST_MSG_GENERAL_RPC_C_ERROR" /> + <!-- Header files to include for prototypes + --> + + <header>crys_kdf.h</header> + <header>crys_kdf_error.h</header> + + + + <function name="_DX_KDF_KeyDerivFunc" return="le32(CRYSError_t)"> + <!-- + CRYSError_t _DX_KDF_KeyDerivFunc( + DxUint8_t *ZZSecret_ptr, + DxUint32_t ZZSecretSize, + CRYS_KDF_OtherInfo_t *OtherInfo_ptr, + CRYS_KDF_HASH_OpMode_t KDFhashMode, + CRYS_KDF_DerivFuncMode_t derivation_mode, + DxUint8_t *KeyingData_ptr, + DxUint32_t KeyingDataSizeBytes ) + + + @param[in] ZZSecret_ptr - A pointer to shared secret value octet string. + @param[in] ZZSecretSize - The shared secret value Size, in bytes. + @param[in] OtherInfo - The pointer to structure, containing pointers and sizes of optional data shared + by two entities intended to share the secret value. This argument is optional + (if not needed - set it to NULL). + @param[in] KDFhashMode - The KDF identifier of hash function to be used. The hash function output must be at least 160 bits. + @param[out] KeyingData_ptr - A pointer to the keying data derived from the secret key, of length KeyLenInBits + @param[in] KeyingDataSizeBytes - The size in bytes of the keying data to be generated. In our implementation - + KeyLenInBytes <= 2^32-1 . + @param[in] derivation_mode - Specifies one of above described derivation modes. + --> + <param name="ZZSecret_ptr" direction="i" ptype="array(ZZSecretSize,CRYS_KDF_MAX_SIZE_OF_SHARED_SECRET_VALUE)" dtype="DxUint8_t" /> + --> + <param name="ZZSecretSize" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> + --> + <param name="OtherInfo_ptr" direction="i" ptype="ref" dtype="CRYS_KDF_OtherInfo_t" > + --> + <field name="AlgorithmID" direction="i" ptype="array(OtherInfo_ptr->SizeOfAlgorithmID,CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY)" dtype="DxUint8_t" /> + --> + <field name="SizeOfAlgorithmID" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + <field name="PartyUInfo" direction="i" ptype="array(OtherInfo_ptr->SizeOfPartyUInfo,CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY)" dtype="DxUint8_t" /> + --> + <field name="SizeOfPartyUInfo" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + <field name="PartyVInfo" direction="i" ptype="array(OtherInfo_ptr->SizeOfPartyVInfo,CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY)" dtype="DxUint8_t" /> + --> + <field name="SizeOfPartyVInfo" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + <field name="SuppPrivInfo" direction="i" ptype="array(OtherInfo_ptr->SizeOfSuppPrivInfo,CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY)" dtype="DxUint8_t" /> + --> + <field name="SizeOfSuppPrivInfo" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + <field name="SuppPubInfo" direction="i" ptype="array(OtherInfo_ptr->SizeOfSuppPubInfo,CRYS_KDF_MAX_SIZE_OF_OTHER_INFO_ENTRY)" dtype="DxUint8_t" /> + --> + <field name="SizeOfSuppPubInfo" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + </param> + --> + <param name="KDFhashMode" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + <param name="derivation_mode" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + <param name="KeyingData_ptr" direction="o" ptype="array(KeyingDataSizeBytes,CRYS_KDF_MAX_SIZE_OF_KEYING_DATA)" dtype="DxUint8_t" /> + --> + <param name="KeyingDataSizeBytes" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + </function> + + + </api> diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_kdf_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_kdf_error.h new file mode 100644 index 0000000..5edfc4e --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_kdf_error.h @@ -0,0 +1,77 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_KDF_error_h_H +#define CRYS_KDF_error_h_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_error.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object %name : %crys_kdf_errors.h + * State : %state% + * Creation date : 14 May 2007 + * Last modified : %modify_time% + */ + /** @file + * \brief A brief description of this module + * + * \version crys_kdf_errors.h#1:incl:1 + * \author R.Levin + */ + + +/************************ Defines *******************************/ + +/* The CRYS KDF module errors / base address - 0x00F01100*/ +#define CRYS_KDF_INVALID_ARGUMENT_POINTER_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0x0UL) +#define CRYS_KDF_INVALID_ARGUMENT_SIZE_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0x1UL) +#define CRYS_KDF_INVALID_ARGUMENT_OPERATION_MODE_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0x2UL) +#define CRYS_KDF_INVALID_ARGUMENT_HASH_MODE_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0x3UL) +#define CRYS_KDF_INVALID_KEY_DERIVATION_MODE_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0x4UL) +#define CRYS_KDF_INVALID_SHARED_SECRET_VALUE_SIZE_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0x5UL) +#define CRYS_KDF_INVALID_OTHER_INFO_SIZE_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0x6UL) +#define CRYS_KDF_INVALID_KEYING_DATA_SIZE_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0x7UL) +#define CRYS_KDF_INVALID_ALGORITHM_ID_POINTER_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0x8UL) +#define CRYS_KDF_INVALID_ALGORITHM_ID_SIZE_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0x9UL) + +#define CRYS_KDF_HOST_MSG_GENERAL_RPC_A_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0xAUL) +#define CRYS_KDF_HOST_MSG_GENERAL_RPC_B_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0xBUL) +#define CRYS_KDF_HOST_MSG_GENERAL_RPC_C_ERROR (CRYS_KDF_MODULE_ERROR_BASE + 0xCUL) + +#define CRYS_KDF_IS_NOT_SUPPORTED (CRYS_KDF_MODULE_ERROR_BASE + 0xFFUL) + +/************************ Enums *********************************/ + +/************************ Typedefs *****************************/ + +/************************ Structs ******************************/ + +/************************ Public Variables **********************/ + +/************************ Public Functions **********************/ + + + + +#ifdef __cplusplus +} +#endif + +#endif + + + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_otf.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_otf.h new file mode 100644 index 0000000..a1a35c2 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_otf.h @@ -0,0 +1,287 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_OTF_H +#define CRYS_OTF_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "DX_VOS_BaseTypes.h" +#include "crys_error.h" +#include "crys_defs.h" +#include "crys_hash.h" +#include "crys_aes.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object % CRYS_OTF.h : % + * State : %state% + * Creation date : 02 Sept. 2007 + * Last modified : %modify_time% + */ + /** @file + * \brief This file contains all of definitions that are used for the + * CRYS OTF APIs, as well as the APIs themselves. + * + * \version CRYS_OTF.h#1:incl:3 + * \author yakovg, + */ + + +/************************ Defines ******************************/ +/* OTF support only in AES 128/192/256 bit key and 3 DES key, and 512 bit for XTS (Tweak key| data key) */ +#define CRYS_OTF_MAX_KEY_SIZE_IN_BYTES 64 +#define CRYS_OTF_MAX_IV_SIZE_IN_BYTES 16 + +#define CRYS_OTF_MAX_KEY_SIZE_IN_WORDS (CRYS_OTF_MAX_KEY_SIZE_IN_BYTES / sizeof(DxUint32_t)) +#define CRYS_OTF_MAX_IV_SIZE_IN_WORDS (CRYS_OTF_MAX_IV_SIZE_IN_BYTES / sizeof(DxUint32_t)) + + + +typedef struct CRYS_OTFUserKeysInfo_st{ + + DxUint8_t Key0[CRYS_OTF_MAX_KEY_SIZE_IN_BYTES]; + DxUint16_t Key0Size; + DxUint8_t Iv0[CRYS_OTF_MAX_IV_SIZE_IN_BYTES]; + DxUint16_t Iv0Size; + DxUint8_t Key1[CRYS_OTF_MAX_KEY_SIZE_IN_BYTES]; + DxUint16_t Key1Size; + DxUint8_t Iv1[CRYS_OTF_MAX_IV_SIZE_IN_BYTES]; + DxUint16_t Iv1Size; +}CRYS_OTFUserKeysInfo_t; + +typedef struct CRYS_OTFKeysInfo_st{ + + DxUint32_t Key0[CRYS_OTF_MAX_KEY_SIZE_IN_WORDS]; + DxUint16_t Key0Size; + DxUint32_t Iv0 [CRYS_OTF_MAX_IV_SIZE_IN_WORDS]; + DxUint16_t Iv0Size; + DxUint32_t Key1[CRYS_OTF_MAX_KEY_SIZE_IN_WORDS]; + DxUint16_t Key1Size; + DxUint32_t Iv1[CRYS_OTF_MAX_IV_SIZE_IN_WORDS]; + DxUint16_t Iv1Size; +}CRYS_OTFKeysInfo_t; + +typedef enum CRYS_OTFEngCfg_st +{ + /* bypass */ + OTF_DIN_TO_DOUT=0, + /* AES OTF */ + OTF_DIN_TO_AES_TO_DOUT=1, + /* DIN into AES. output AES into AES */ + OTF_DIN_TO_AES_TO_AES_TO_DOUT=2, + /* HASH OTF */ + OTF_DIN_TO_HASH=3, + /* DIN into HASH and into output buffer */ + OTF_DIN_TO_HASH_AND_DOUT=4, + /* DIN into AES. output AES into HASH */ + OTF_DIN_TO_AES_TO_HASH=5, + /* DIN into AES. output AES into hash and output AES into output buffer */ + OTF_DIN_TO_AES_TO_HASH_AND_DOUT=6, + /* DIN into AES and DIN into HASH in parallel */ + OTF_DIN_TO_AES_AND_HASH_TO_DOUT=7, + /* DIN into AES. output AES into hash and into AES in parallel */ + OTF_DIN_TO_AES_TO_AES_AND_HASH_TO_DOUT=8, + /* DIN into AES. output AES into AES.output AES into HASH */ + OTF_DIN_TO_AES_TO_AES_TO_HASH_AND_DOUT=9, + /* DES OTF */ + OTF_DIN_TO_DES_TO_DOUT=10, + /* DIN into DES. output DES into HASH */ + OTF_DIN_TO_DES_TO_HASH=11, + /* DIN into AES and DIN into HASH in parallel */ + OTF_DIN_TO_DES_AND_HASH_TO_DOUT=12, + /* DIN into DES. output DES into HASH and into output buffer */ + OTF_DIN_TO_DES_TO_HASH_AND_DOUT=13, + /* OTF RC4 */ + OTF_DIN_TO_RC4=14, + /* DIN into AES MAC and into output buffer */ + OTF_DIN_TO_AES_MAC_AND_BYPASS=15, + + OTFEngCfg_OffMode, + + CRYS_OTFEngCfgLast=0x7FFFFFFF, + +}CRYS_OTFEngCfg_t; + +typedef enum CRYS_OTFEngMode_st +{ + ENC_ECB=0, + ENC_CBC=1, + ENC_CTR=2, + DEC_ECB=3, + DEC_CBC=4, + DEC_CTR=5, + CMAC=6, + HASH_SHA1=7, + HASH_SHA256=8, + ENC_XTS=9, + DEC_XTS=10 , + ENC_CBC_IV_ENC=11, + DEC_CBC_IV_ENC=12, + ENC_CBC_IV_ENC_UPDATE=13, + DEC_CBC_IV_ENC_UPDATE=14, + N_A_VALUE=0xff, + + CRYS_OTFEngModeLast=0x7FFFFFFF, + +}CRYS_OTFEngMode_t; + + +typedef struct CRYS_OTFHWOp_st +{ + DxUint16_t Bypass; + DxUint16_t Aes; + DxUint16_t Des; + DxUint16_t Hash; + +}CRYS_OTFHWOp_t; + +typedef enum +{ + HOST_TO_MEDIA = 0, + MEDIA_TO_HOST = 1, + CRYS_OTFOpDirectionLast = 0x7FFFFFFF, +}CRYS_OTFOpDirection_t; + + + +typedef struct OTFContext_st +{ + /* General data section */ + CRYS_OTFKeysInfo_t Keys; + + CRYS_OTFEngCfg_t OTFEngCfg; + + CRYS_OTFEngMode_t OTFEngMode_ptr[3]; + + /* direction - media-to-host, host-to-media */ + CRYS_OTFOpDirection_t direction; + + /* Private hash section */ + CRYS_HASH_Result_t HASH_Result; + + DxUint32_t TotalDataSizeProcessed_128Bit[2]; + + /* Private tunnel section */ + DxUint32_t TunnelMode; + + /* if set, the output from the first operation of the tunel should be sent to another engine (HASH) */ + DxUint32_t midTunnelToHash; + + /* General menagement section */ + DxUint32_t valid_tag; + +}OTFContext_t; + + +/* The user's context prototype - the argument type that will be passed by the user + to the APIs called by him */ +typedef struct CRYS_OTFUserContext_t +{ + DxUint32_t valid_tag; + DxUint32_t AES_iv;/* For use of the AES CBC mode of Encryption and Decryption of the context in CCM*/ + DxUint8_t context_buff[ sizeof(OTFContext_t) ]; + + +}CRYS_OTFUserContext_t; + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + + +/************************************************************************************************** + * @brief CRYS_OTF_InitOperation - This function sets the OTF context with the + * required operation scenario, mode of operation, keys and Ivs. + * + * @param[in] OTFContext_ptr - Pointer to the OTF context. + * + * @param[in] CRYS_OTFEngCfg - The mode of the engine to configure the Crypto Flashfor the process. + * The engine modes are defined at the CRYS_OTFEngCfg_t type. + * + * @param[in] CRYS_OTFKeysInfo_ptr - A pointer to a structure contains the Key and IV. + * + * @param[in] CRYS_OTFEngMode_ptr - Pointer to CRYS_OTFEngMode_t array. + * Each cell in the array indicates on the mode of operation of + * this stage in the path from DIN to DOUT/CPU. + * The mode is the mode to set the Crypto Flash hardware operation. + * The operation mode are defined in the CRYS_OTFEngMode_t type. + * + * @param[in] OTFDirection - Direction of the data from. Media-to-host , or Host-to-media + * + * @return CRYSError_t - On success the value CRYS_OK is returned, and on failure - a value from crys_aes_error.h + * + **************************************************************************************************/ + +CIMPORT_C CRYSError_t CRYS_OTF_InitOperation (CRYS_OTFUserContext_t* OTFContext_ptr, + CRYS_OTFEngCfg_t OTFEngCfg, + CRYS_OTFUserKeysInfo_t* OTFUserKeysInfo_ptr, + CRYS_OTFEngMode_t* OTFEngMode_ptr, + CRYS_OTFOpDirection_t OTFDirection); + + +/************************************************************************************************** + * @brief CRYS_OTF_ResumeOperation - This function restart the hw operation stopped by the Rsume operation. + * The function load to the HW the last state stored in the given context + * and continue the operation exactly from the point it stopped in the Suspend function. + * @param[in] OTFContext_ptr - Pointer to the OTF user context. + * + * + * @return CRYSError_t - On success the value CRYS_OK is returned, and on failure - a value from crys_aes_error.h + * + **************************************************************************************************/ +CIMPORT_C CRYSError_t CRYS_OTF_ResumeOperation (CRYS_OTFUserContext_t *ContextID_ptr); + + + + +/************************************************************************************************** + * @brief CRYS_OTF_SuspendOperation - This function stop the hw operation started in the Init operation. + * The function store the last state to enable the user + * to resume to this state exactly by the CRYS_OTF_ResumeOperation + * @param[in] OTFContext_ptr - Pointer to the OTF context. + * + * + * @return CRYSError_t - On success the value CRYS_OK is returned, and on failure - a value from crys_aes_error.h + * + **************************************************************************************************/ +CIMPORT_C CRYSError_t CRYS_OTF_SuspendOperation (CRYS_OTFUserContext_t *ContextID_ptr); + + +/************************************************************************************************** + * @brief CRYS_OTF_EndOperation - This function stop the hw operation. + * The function read the last data to the user + * + * @param[in] OTFContext_ptr - Pointer to the OTF context. + * + * + * @return CRYSError_t - On success the value CRYS_OK is returned, and on failure - a value from crys_aes_error.h + * + **************************************************************************************************/ +CIMPORT_C CRYSError_t CRYS_OTF_EndOperation ( CRYS_OTFUserContext_t *ContextID_ptr, + CRYS_HASH_Result_t HashResultBuff, + CRYS_AES_MAX_MAC_RESULT_t MacResult); + + + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_otf_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_otf_error.h new file mode 100644 index 0000000..5e1a4ba --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_otf_error.h @@ -0,0 +1,58 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_OTF_ERROR_H +#define CRYS_OTF_ERROR_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object % CRYS_OTF_error.h : % + * State : %state% + * Creation date : 02 Sept. 2007 + * Last modified : %modify_time% + */ + /** @file + * \brief This module containes the definitions of the CRYS OTF errors. + * + * \version CRYS_OTF_error.h#1:incl:1 + * \authors R.Levin, yakovg + */ + + +/************************ Defines ******************************/ + +/* The CRYS OTF module errors */ + +#define CRYS_OTF_CSI_INVALID_CSI_STATUS_PTR_ERROR (CRYS_OTF_MODULE_ERROR_BASE + 0x0UL) +#define CRYS_OTF_CSI_STATUS_VALUE_ERROR (CRYS_OTF_MODULE_ERROR_BASE + 0x1UL) +#define CRYS_OTF_CSI_INVALID_CSI_STATUS_FUNCTION_ERROR (CRYS_OTF_MODULE_ERROR_BASE + 0x2UL) +#define CRYS_OTF_CSI_INVALID_CSI_START_FUNCTION_ERROR (CRYS_OTF_MODULE_ERROR_BASE + 0x3UL) + +#define CRYS_OTF_INVALID_USER_CONTEXT_POINTER_ERROR (CRYS_OTF_MODULE_ERROR_BASE + 0x8UL) +#define CRYS_OTF_INVALID_USER_KEYS_POINTER_ERROR (CRYS_OTF_MODULE_ERROR_BASE + 0x9UL) +#define CRYS_OTF_INVALID_ENG_MODE_POINTER_ERROR (CRYS_OTF_MODULE_ERROR_BASE + 0xAUL) +#define CRYS_OTF_USER_CONTEXT_CORRUPTED_ERROR (CRYS_OTF_MODULE_ERROR_BASE + 0xBUL) +#define CRYS_OTF_ENGINE_CONFIG_ERROR (CRYS_OTF_MODULE_ERROR_BASE + 0xCUL) +#define CRYS_OTF_MAC_BUFF_NULL_ERROR (CRYS_OTF_MODULE_ERROR_BASE + 0xDUL) +#define CRYS_OTF_HASH_BUFF_NULL_ERROR (CRYS_OTF_MODULE_ERROR_BASE + 0xEUL) + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_otf_multi_context.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_otf_multi_context.h new file mode 100644 index 0000000..21aec0a --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_otf_multi_context.h @@ -0,0 +1,280 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_OTF_MULTI_CONTEXT_H +#define CRYS_OTF_MULTI_CONTEXT_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "DX_VOS_BaseTypes.h" +#include "crys_error.h" +#include "crys_defs.h" +#include "crys_hash.h" +#include "crys_aes.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object % CRYS_OTF_MultiContext.h : % + * State : %state% + * Creation date : 09 Marth. 2009 + * Last modified : %modify_time% + */ + /** @file + * \brief This file contains all of definitions that are used for the + * CRYS_OTF_MultiContext OTF APIs, as well as the APIs themselves. + * + * \version CRYS_OTF_MultiContext#1:incl:3 + * \author R.Levin, + */ + + +/************************ Defines ******************************/ + +#define CRYS_OTF_MC_MAX_AES_KEY_SIZE_IN_BYTES 64 +#define CRYS_OTF_MC_MAX_AES_KEY_SIZE_IN_WORDS (CRYS_OTF_MC_MAX_AES_KEY_SIZE_IN_BYTES / sizeof(DxUint32_t)) + +#define CRYS_OTF_MC_MAX_IV_SIZE_IN_BYTES 16 +#define CRYS_OTF_MC_MAX_IV_SIZE_IN_WORDS (CRYS_OTF_MC_MAX_IV_SIZE_IN_BYTES / sizeof(DxUint32_t)) + +#define CRYS_OTF_MC_MAX_CONTEXT_ID 1 /* allowed values from 0 to MAX_CONTEXT_ID */ + +/* Enum defining the user's key size argument */ +typedef enum +{ + CRYS_OTF_MC_AES_Key128BitSize = 0, + CRYS_OTF_MC_AES_Key192BitSize = 1, + CRYS_OTF_MC_AES_Key256BitSize = 2, + CRYS_OTF_MC_AES_Key512BitSize = 3, + + CRYS_OTF_MC_AES_KeySizeNumOfOptions, + + CRYS_OTF_MC_AES_KeySizeLast = 0x7FFFFFFF, + +}CRYS_OTF_MC_AES_KeySizeID_t; + + +/* Enum defining the Encrypt or Decrypt operation mode */ +typedef enum +{ + CRYS_OTF_MC_Encrypt = 0, + CRYS_OTF_MC_Decrypt = 1, + + CRYS_OTF_MC_EncryptNumOfOptions, + + CRYS_OTF_MC_EncryptModeLast= 0x7FFFFFFF, + +}CRYS_OTF_MC_EncryptMode_t; + + +/* OTF_MultiContext operation mode */ +typedef enum +{ + CRYS_OTF_MC_AES_ECB_mode = 0, + CRYS_OTF_MC_AES_CBC_mode = 1, + CRYS_OTF_MC_AES_CTR_mode = 2, + CRYS_OTF_MC_AES_XTS_mode = 3, + + CRYS_OTF_MC_AESOpNumOfModes, + + CRYS_OTF_MC_AESOpModeLast= 0x7FFFFFFF, + +}CRYS_OTF_MC_AESOperationMode_t; + + +/* data stream direction: Queue to Memory or Memory to Queue */ + +typedef enum +{ + CRYS_OTF_MC_MemToQueue = 0, + CRYS_OTF_MC_QueueToMem = 1, + + CRYS_OTF_MC_DirectionOfModes, + + CRYS_OTF_MC_DirectionLast= 0x7FFFFFFF, + +}CRYS_OTF_MC_DataDirection_t; + + +/*------------------------------------------------*/ +/* CRYS OTF MultiContext SW AES context structure */ +/*------------------------------------------------*/ +typedef struct { + + /* AES Key */ + /* NOTE: 1. When EncrDecrMode = CRYS_OTF_MC_Decrypt the AES Key will be changed by decrypted key + 2. On XTS mode Key = Key1|Key2, where Key2 used for encrypting the Tweak */ + DxUint32_t Key [CRYS_OTF_MC_MAX_AES_KEY_SIZE_IN_WORDS]; + + /* IV, Tweak, CTR data */ + /* NOTE: IvTweakCTR will be changed by LLF functions */ + DxUint32_t IvTweakCTR [CRYS_OTF_MC_MAX_IV_SIZE_IN_WORDS]; + + /* AES KeyID and sizes. Note: On XTS mode KeySizeWords defines a + full size of two concatenated keys */ + CRYS_OTF_MC_AES_KeySizeID_t KeySizeID; + DxUint32_t KeySizeWords; /*full key size*/ + /* sngle key size: relevant to XTS mode (size of TweakKey or DataKey = KeySizeWords/2) */ + DxUint32_t SingleKeySizeWords; + + /* OTF_MultiContext modes */ + CRYS_OTF_MC_AESOperationMode_t OperationMode; + CRYS_OTF_MC_EncryptMode_t EncrDecrMode; + CRYS_OTF_MC_DataDirection_t DataDirection; + DxUint8_t IsBypass; + + /* Data specific to the platform we are working on - include from LLF */ + #include "LLF_OTF_MultiContext_AesCont_def.h" + + /* validation tag */ + DxUint32_t valid_tag; + +} CRYS_OTF_MC_SwAesContext_t; + + + +/* Define the IV counter buffer - 16 bytes array */ +typedef DxUint8_t CRYS_OTF_MC_IvTweakCTR_t[CRYS_OTF_MC_MAX_IV_SIZE_IN_BYTES]; + +/* Define the AES key buffer */ +typedef DxUint8_t CRYS_OTF_MC_Key_t[CRYS_OTF_MC_MAX_AES_KEY_SIZE_IN_BYTES]; + + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +/************************************************************************************************** + * @brief CRYS_OTF_MC_StartSession - This function initializes the HW AES mashine on MultiCore mode. + * + * This function calls LLF function, which enables AES clocks an sets multi-core mode. + * + * + * @return CRYSError_t - On success the value CRYS_OK is returned, and on failure - a value + * from CRYS_OTF_MultiContext_error.h + * + **************************************************************************************************/ +CIMPORT_C CRYSError_t CRYS_OTF_MC_StartSession ( void ); + + + +/************************************************************************************************** + * @brief CRYS_OTF_MC_EndSession - This function calls LLF function, which ends AES Multi context + * session and closes AES HW clocks. + * + * + * @return CRYSError_t - On success the value CRYS_OK is returned, and on failure - a value + * from CRYS_OTF_MultiContext_error.h + * + **************************************************************************************************/ +CIMPORT_C CRYSError_t CRYS_OTF_MC_EndSession( void ); + + + +/************************************************************************************************** + * @brief CRYS_OTF_MC_AES_ContextInit - This function initializes the HW MultiContext for AES operation. + * + * @param[in] HwContextID - ID of HW context to load (now allowed value is: 1, 2). + * @param[in] SwContext_ptr - pointer to SW OTP_MC AES context buffer. Used as temp buffer for internal calculations. + * @param[in] IvTweakCTR - pointer to Tweak data, representing an integer number in big endian + * bytes order + * @param[in] Key - pointer to Key data. On XTS mode the key includes concatenated Key1, + * used for encrypting/decrypting the input data and Key2,used for + * encrypting the Tweak. Key = Key1 | Key2. + * @param[in] KeySizeID - ID of the key size (enumerator). For XTS the ID is related to full + * key size and may be only CRYS_AES_Key256BitSize or CRYS_AES_Key512BitSize. + * @param[in] EncrDecrMode - A flag specifying whether the Encrypt or Decrypt AES should perform: + * 0 - Encrypt; 1 - Decrypt. + * @param[in] OperationMode - The AES machine operation mode: Bypass, ECB, CBC, CTR, XTS. + * + * @param[in] DataDirection - The data stream direction: 0 - Queue to Memory, 1 - Memory to Queue. + * @param[in] IsBypass - Defining whether the bypass mode is set or not: 1 - bypass, 0 - perform AES. + * + * @return CRYSError_t - On success the value CRYS_OK is returned, and on failure - a value + * from CRYS_OTF_MultiContext_error.h + * + **************************************************************************************************/ +CIMPORT_C CRYSError_t CRYS_OTF_MC_AES_ContextInit ( + DxUint32_t HwContextID, + CRYS_OTF_MC_SwAesContext_t *SwContext_ptr, + CRYS_OTF_MC_IvTweakCTR_t IvTweakCTR, + CRYS_OTF_MC_Key_t Key, + CRYS_OTF_MC_AES_KeySizeID_t KeySizeID, + CRYS_OTF_MC_EncryptMode_t EncrDecrMode, + CRYS_OTF_MC_AESOperationMode_t OperationMode, + CRYS_OTF_MC_DataDirection_t DataDirection, + DxUint8_t IsBypass ); + + + +/************************************************************************************************** + * @brief CRYS_OTF_MC_GetHWContextStatus - This function the HW Context status: 0 - free, 1 - busy. + * + * + * @param[in] HwContextID - ID of the context (0,1,2 ... ). + * @param[in] status_ptr - the pointer to status variable each i-bit of which, describes status of + * appropriate i-Context; if this i-bit = 1, then the i-Context is busy, else -free. + * + * @return CRYSError_t - On success the value CRYS_OK is returned, and on failure - a value + * from CRYS_OTF_MultiContext_error.h + * + **************************************************************************************************/ +CIMPORT_C DxUint32 CRYS_OTF_MC_GetHWContextStatus ( DxUint32_t HwContextID, + DxUint32_t *status_ptr ); + + + +/************************************************************************************************** + * @brief CRYS_OTF_MultiContextSuspend - This function stops the HW operation and stores the last + * state of HW context. + * @param[in] HwContextID - ID of HW context to load (now allowed values are: 1, 2). + * @param[in] SwContext_ptr - pointer to user context for storing HW context data. + * + * @return CRYSError_t - On success the value CRYS_OK is returned, and on failure - a value + * from CRYS_OTF_MultiContext_error.h + * + **************************************************************************************************/ +CIMPORT_C CRYSError_t CRYS_OTF_MC_AES_SuspendContext ( + DxUint32_t HwContextID, + CRYS_OTF_MC_SwAesContext_t *SwContext_ptr ); + + + +/************************************************************************************************** + * @brief CRYS_OTF_MultiContextResume - This function resets the HW operation stopped by the Suspend + * operation.The function loads the HW context by the data + * stored in the CRYS SW context and starts the HW operation again. + * + * @param[in] HwContextID - ID of HW context to load (now allowed values are: 1, 2). + * @param[in] SwContext_ptr - pointer to user context for storing HW context data. + * + * @return CRYSError_t - On success the value CRYS_OK is returned, and on failure - a value + * from CRYS_OTF_MultiContext_error.h + * + **************************************************************************************************/ +CIMPORT_C CRYSError_t CRYS_OTF_MC_AES_ResumeContext ( + DxUint32_t HwContextID, + CRYS_OTF_MC_SwAesContext_t *SwContext_ptr ); + + + + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_otf_multi_context_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_otf_multi_context_error.h new file mode 100644 index 0000000..2ea1f6e --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_otf_multi_context_error.h @@ -0,0 +1,69 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_OTF_MK_ERROR_H +#define CRYS_OTF_MK_ERROR_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object % CRYS_OTF_MultiContext_error.h : % + * State : %state% + * Creation date : 10 Marth. 2009 + * Last modified : %modify_time% + */ + /** @file + * \brief This module containes the definitions of the CRYS OTF_MultiContext errors. + * + * \version CRYS_OTF_MultiContext_error.h#1:incl:1 + * \authors R.Levin + */ + + +/************************ Defines ******************************/ + +/* The CRYS OTF_MultiContext module errors */ + + +#define CRYS_OTF_MC_INVALID_HW_CONTEXT_ID_ERROR (CRYS_OTF_MC_MODULE_ERROR_BASE + 0x00UL) +#define CRYS_OTF_MC_INVALID_SW_CONTEXT_POINTER_ERROR (CRYS_OTF_MC_MODULE_ERROR_BASE + 0x01UL) +#define CRYS_OTF_MC_SW_CONTEXT_CORRUPTED_ERROR (CRYS_OTF_MC_MODULE_ERROR_BASE + 0x02UL) +#define CRYS_OTF_MC_INVALID_IV_POINTER_ERROR (CRYS_OTF_MC_MODULE_ERROR_BASE + 0x03UL) +#define CRYS_OTF_MC_INVALID_IV_SIZE_ERROR (CRYS_OTF_MC_MODULE_ERROR_BASE + 0x04UL) +#define CRYS_OTF_MC_INVALID_KEY_POINTER_ERROR (CRYS_OTF_MC_MODULE_ERROR_BASE + 0x05UL) +#define CRYS_OTF_MC_INVALID_KEY_SIZE_ERROR (CRYS_OTF_MC_MODULE_ERROR_BASE + 0x06UL) +#define CRYS_OTF_MC_INVALID_ENCR_DECR_MODE_ERROR (CRYS_OTF_MC_MODULE_ERROR_BASE + 0x07UL) +#define CRYS_OTF_MC_INVALID_OP_MODE_ERROR (CRYS_OTF_MC_MODULE_ERROR_BASE + 0x08UL) +#define CRYS_OTF_MC_INVALID_DATA_DIRECTION_ERROR (CRYS_OTF_MC_MODULE_ERROR_BASE + 0x09UL) +#define CRYS_OTF_MC_INVALID_DO_TWEAK_ENCRYPT_ERROR (CRYS_OTF_MC_MODULE_ERROR_BASE + 0x0AUL) +#define CRYS_OTF_MC_INVALID_BYPASS_MODE_ERROR (CRYS_OTF_MC_MODULE_ERROR_BASE + 0x0BUL) +#define CRYS_OTF_MC_INVALID_STATUS_POINTER_ERROR (CRYS_OTF_MC_MODULE_ERROR_BASE + 0x0CUL) +#define CRYS_OTF_MC_CURRENT_CONTEXT_IS_BUSY_ERROR (CRYS_OTF_MC_MODULE_ERROR_BASE + 0x0DUL) +#define CRYS_OTF_MC_AES_DECRYPT_NOT_ALLOWED_ON_CTR_MODE (CRYS_OTF_MC_MODULE_ERROR_BASE + 0x0EUL) + + +/* this error is not returned by CRYS (returned by user function that writes to queue/memory) */ +#define CRYS_OTF_MC_DATA_SIZE_ILLEGAL (CRYS_OTF_MC_MODULE_ERROR_BASE + 0x10UL) +#define CRYS_OTF_MULTI_CONTEXT_IS_NOT_SUPPORTED (CRYS_OTF_MC_MODULE_ERROR_BASE + 0xFFUL) + + + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_pka_defs.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_pka_defs.h new file mode 100644 index 0000000..c32a6a1 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_pka_defs.h @@ -0,0 +1,55 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _CRYS_PKA_DEFS_H_ +#define _CRYS_PKA_DEFS_H_ + + +#define CRYS_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS 5 + +/*The size CRYS_PKA_RSA_HASH_CTX_SIZE_IN_WORDS should ALWAYS be >= CRYS_HASH_USER_CTX_SIZE_IN_WORDS (with the value of the SEP side)*/ +#define CRYS_PKA_RSA_HASH_CTX_SIZE_IN_WORDS 33 + +/* size of buffer for Barrett modulus tag NP, used in PKI algorithms */ +#define CRYS_PKA_ECPKI_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS CRYS_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS + +#define CRYS_PKA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS + +#define CRYS_PKA_DOMAIN_BUFF_SIZE_IN_WORDS 2*CRYS_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS + +#define CRYS_PKA_PUB_KEY_BUFF_SIZE_IN_WORDS 2*CRYS_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS + +#define CRYS_PKA_PRIV_KEY_BUFF_SIZE_IN_WORDS 2*CRYS_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS + +#define CRYS_PKA_KGDATA_BUFF_SIZE_IN_WORDS 2*CRYS_PKA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS + +#define CRYS_PKA_ECDH_BUFF_MAX_LENGTH_IN_WORDS 1 + +#define CRYS_PKA_RSA_PRIME_INT_BUFF_SIZE_IN_WORDS 1 + +#define CRYS_PKA_CONV_KEY_CRT_BUFF_SIZE_IN_WORDS 1 + +#define CRYS_PKA_ECPKI_TMP_BUFF_MAX_LENGTH_IN_WORDS 1 + +#define CRYS_PKA_RND_ENTR_ESTIM_BUFF_MAX_LENGTH_IN_WORDS 514 + + +/*! The valid maximum EC modulus size in 32-bit words */ +#define CRYS_PKA_ECPKI_MODUL_MAX_LENGTH_IN_WORDS 18 /*(CRYS_ECPKI_MODUL_MAX_LENGTH_IN_BITS + 31)/(sizeof(DxUint32_t))*/ + +#define CRYS_PKA_KG_BUFF_MAX_LENGTH_IN_WORDS (CRYS_PKA_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+1) + +#define CRYS_PKA_EL_GAMAL_BUFF_MAX_LENGTH_IN_WORDS (4*CRYS_PKA_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+4) + +#define CRYS_PKA_ECDSA_SIGNE_BUFF_MAX_LENGTH_IN_WORDS (45*CRYS_PKA_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+11) + +#define CRYS_PKA_ECDSA_VERIFY_BUFF_MAX_LENGTH_IN_WORDS (45*CRYS_PKA_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+11) + + + + + +#endif /*_CRYS_PKA_DEFS_H_*/ diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_rc4.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rc4.h new file mode 100644 index 0000000..77b8389 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rc4.h @@ -0,0 +1,182 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_RC4_H +#define CRYS_RC4_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "dx_pal_types.h" +#include "crys_error.h" +#include "crys_defs.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object % CRYS_RC4.h : % + * State : %state% + * Creation date : Wed Nov 17 16:42:30 2004 + * Last modified : %modify_time% + */ + /** @file + * \brief This file contains all of the enums and definitions that are used for the + * CRYS RC4 APIs, as well as the APIs themselves. + * + * \version CRYS_RC4.h#1:incl:1 + * \author adams + */ + +/************************ Defines ******************************/ + +/** +@brief - This module defines the interface to the RC4 cryptographic support +*/ + +#define CRYS_RC4_USER_CTX_SIZE_IN_WORDS 73 +#define CRYS_RC4_S_BOX_SIZE_IN_BYTES 256 +#define CRYS_RC4_MAX_KEY_SIZE_IN_BYTES 20 + +/* HW required input block size */ +#define CRYS_RC4_HW_BLOCK_SIZE_IN_BYTES 4 +#define CRYS_RC4_HW_BLOCK_SIZE_IN_WORDS (CRYS_RC4_HW_BLOCK_SIZE_IN_BYTES / sizeof(DxUint32_t)) + + +/************************ context Structs ******************************/ + + +/* The user's context prototype - the argument type that will be passed by the user + to the APIs called by him */ +typedef struct CRYS_RC4UserContext_t { + /* Allocated buffer must be double the size of actual context + * + 1 word for offset management */ + DxUint32_t buff[CRYS_RC4_USER_CTX_SIZE_IN_WORDS]; +}CRYS_RC4UserContext_t; + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +/** + * @brief This function is used to initialize the RC4 machine. + * To operate the RC4 machine, this should be the first function called. + * + * @param[in] ContextID_ptr - A pointer to the RC4 context buffer that is allocated by the user + * and is used for the RC4 machine operation. + * @param[in] Key_ptr - A pointer to the user's key buffer. + * @param[in] KeySize - The size of the KEY in bytes. Requirements: + * - for SW implementation 0 < KeySize < CRYS_RC4_MAX_KEY_SIZE_IN_BYTES, + * - for HW implementation LLF_RC4_MIN_KEY_SIZE_IN_BYTES < KeySize < LLF_RC4_MAX_KEY_SIZE_IN_BYTES, + * + * @return CRYSError_t - CRYS_OK, + * CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR, + * CRYS_RC4_ILLEGAL_KEY_SIZE_ERROR, + * CRYS_RC4_INVALID_KEY_POINTER_ERROR + */ +CIMPORT_C CRYSError_t CRYS_RC4_Init( CRYS_RC4UserContext_t *ContextID_ptr, + DxUint8_t *Key_ptr, + DxUint32_t KeySizeInBytes); + + +/************************************************************************************************/ +/** + * @brief This function is used to process a stream on the RC4 machine. + * This function should be called after the CRYS_RS4_Init. + * + * + * @param[in] ContextID_ptr - A pointer to the RC4 context buffer allocated by the user + * that is used for the RC4 machine operation. This should be the + * same context as was used for the previous call of this session. + * + * @param[in] DataIn_ptr - The pointer to the buffer of the input data to the RC4. + * The pointer's value does not need to be word-aligned. + * + * @param[in] DataInSize - The size of the input data. + * + * @param[in,out] DataOut_ptr - The pointer to the buffer of the output data from the RC4. + * The pointer's value does not need to be word-aligned. + * + * @return CRYSError_t - CRYS_OK, + * CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR, + * CRYS_RC4_ILLEGAL_KEY_SIZE_ERROR, + * CRYS_RC4_INVALID_KEY_POINTER_ERROR + */ +CIMPORT_C CRYSError_t CRYS_RC4_Stream( + CRYS_RC4UserContext_t *ContextID_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr); + + +/************************************************************************************************/ +/** + * @brief This function is used to end the RC4 processing session. + * It is the last function called for the RC4 process. + * + * + * @param[in] ContextID_ptr - A pointer to the RC4 context buffer allocated by the user that + * is used for the RC4 machine operation. This should be the + * same context as was used for the previous call of this session. + * + * + * @return CRYSError_t - CRYS_OK, + * CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR, + * CRYS_RC4_USER_CONTEXT_CORRUPTED_ERROR, + * CRYS_RC4_DATA_IN_POINTER_INVALID_ERROR, + * CRYS_RC4_DATA_OUT_POINTER_INVALID_ERROR, + * CRYS_RC4_DATA_OUT_DATA_IN_OVERLAP_ERROR, + * CRYS_RC4_DATA_SIZE_ILLEGAL + */ +CIMPORT_C CRYSError_t CRYS_RC4_Free(CRYS_RC4UserContext_t *ContextID_ptr ); + + +/************************************************************************************************/ +/** + * \brief This function provides a RC4 function for processing data. + * + * The function allocates an internal RC4 Context, and initializes the RC4 Context with the + * cryptographic attributes that are needed for the RC4 cryptographic operation. Next the + * function loads the engine with the initializing values, and then processes the data, + * returning the processed data in the output buffer. Finally, the function frees the + * internally allocated context. + * + * @param[in] Key_ptr - A pointer to the user's key buffer. + * + * @param[in] KeySize - The size of the KEY in bytes. + * + * @param[in] DataIn_ptr - The pointer to the buffer of the input data to the RC4. + * The pointer's value does not need to be word-aligned. + * + * @param[in] DataInSize - The size of the input data. + * + * @param[in,out] The pointer to the buffer of the output data from the RC4. + * The pointer's value does not need to be word-aligned. The size of this buffer + * must be the same as the DataIn buffer. + * + * @return CRYSError_t - CRYS_OK, + * CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR, + * CRYS_RC4_USER_CONTEXT_CORRUPTED_ERROR + * + */ +CIMPORT_C CRYSError_t CRYS_RC4( DxUint8_t *Key_ptr, + DxUint32_t KeySizeInBytes, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr ); + + + + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_rc4.xml b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rc4.xml new file mode 100644 index 0000000..4cc16f4 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rc4.xml @@ -0,0 +1,71 @@ +<?xml version="1.0" encoding="US-ASCII" ?> +<!--**************************************************************** +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +*****************************************************************--> + +<!-- SepRpcTest API description: An API dedicated to test the RPC mechanism --> + +<api name="CrysRc4"> <!-- The AesWrapRpc API Agent ID --> + + <!-- Default return codes for generated wrapper code (may be overriden for specific functions --> + <retcodes ok="CRYS_OK" generic_error="CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR" invalid_param="CRYS_RC4_DATA_IN_POINTER_INVALID_ERROR" not_enough_resources="CRYS_RC4_DATA_SIZE_ILLEGAL" /> + + <!-- Header files to include for prototypes --> + <header>crys_rc4.h</header> + <header>crys_rc4_error.h</header> + + <function name="CRYS_RC4_Init" return="le32(CRYSError_t)"> + <!-- + CRYSError_t CRYS_RC4_Init( CRYS_RC4UserContext_t *ContextID_ptr, + DxUint8_t *Key_ptr, + DxUint32_t KeySizeInBytes); + + --> + <param name="ContextID_ptr" direction="io" ptype="ref" dtype="CRYS_RC4UserContext_t" /> <!--CRYS_RC4UserContext_t *ContextID_ptr --> + <param name="Key_ptr" direction="i" ptype="array(KeySizeInBytes,CRYS_RC4_MAX_KEY_SIZE_IN_BYTES)" dtype="DxUint8_t" /> <!--DxUint8_t *Key_ptr--> + <param name="KeySizeInBytes" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> <!--DxUint32_t KeySizeInBytes--> + </function> + + <function name="CRYS_RC4_Stream" return="le32(CRYSError_t)"> + <!-- + CRYSError_t CRYS_RC4_Stream( + CRYS_RC4UserContext_t *ContextID_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr); + --> + <param name="ContextID_ptr" direction="io" ptype="ref" dtype="CRYS_RC4UserContext_t" /> <!--CRYS_RC4UserContext_t *ContextID_ptr --> + <param name="DataIn_ptr" direction="i" ptype="buf(DataInSize)" dtype="DxUint8_t"/> <!--DxUint8_t *DataIn_ptr --> + <param name="DataInSize" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> <!--DxUint32_t DataInSize--> + <param name="DataOut_ptr" direction="o" ptype="buf(DataInSize)" dtype="DxUint8_t"/> <!--DxUint8_t *DataOut_ptr--> + </function> + + <function name="CRYS_RC4_Free" return="le32(CRYSError_t)"> + <!-- + CRYSError_t CRYS_RC4_Free(CRYS_RC4UserContext_t *ContextID_ptr ); + --> + <param name="ContextID_ptr" direction="io" ptype="ref" dtype="CRYS_RC4UserContext_t" /> <!--CRYS_RC4UserContext_t *ContextID_ptr --> + </function> + + <function name="CRYS_RC4" return="le32(CRYSError_t)"> + <!-- + + CRYSError_t CRYS_RC4( DxUint8_t *Key_ptr, + DxUint32_t KeySizeInBytes, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *DataOut_ptr ); + + --> + <param name="Key_ptr" direction="i" ptype="array(KeySizeInBytes,CRYS_RC4_MAX_KEY_SIZE_IN_BYTES)" dtype="DxUint8_t" /> <!--DxUint8_t *Key_ptr--> + <param name="KeySizeInBytes" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> <!--DxUint32_t KeySizeInBytes--> + <param name="DataIn_ptr" direction="i" ptype="buf(DataInSize)" dtype="DxUint8_t"/> <!--DxUint8_t *DataIn_ptr --> + <param name="DataInSize" direction="i" ptype="val" dtype="le32(DxUint32_t)"/> <!--DxUint32_t DataInSize--> + <param name="DataOut_ptr" direction="o" ptype="buf(DataInSize)" dtype="DxUint8_t"/> <!--DxUint8_t *DataOut_ptr--> + </function> + +</api> + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_rc4_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rc4_error.h new file mode 100644 index 0000000..1d3a9aa --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rc4_error.h @@ -0,0 +1,79 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_RC4_ERROR_H +#define CRYS_RC4_ERROR_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_error.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object %name : % + * State : %state% + * Creation date : Mon Mar 07 10:50:30 2005 + * Last modified : %modify_time% + */ + /** @file + * \brief A brief description of this module + * + * \version CRYS_RC4_error.h#1:incl:1 + * \author adams + */ + + + + +/************************ Defines ******************************/ + +/* The CRYS RC4 module errors */ +#define CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR (CRYS_RC4_MODULE_ERROR_BASE + 0x0UL) +#define CRYS_RC4_ILLEGAL_KEY_SIZE_ERROR (CRYS_RC4_MODULE_ERROR_BASE + 0x1UL) +#define CRYS_RC4_INVALID_KEY_POINTER_ERROR (CRYS_RC4_MODULE_ERROR_BASE + 0x2UL) +#define CRYS_RC4_USER_CONTEXT_CORRUPTED_ERROR (CRYS_RC4_MODULE_ERROR_BASE + 0x3UL) +#define CRYS_RC4_DATA_IN_POINTER_INVALID_ERROR (CRYS_RC4_MODULE_ERROR_BASE + 0x4UL) +#define CRYS_RC4_DATA_OUT_POINTER_INVALID_ERROR (CRYS_RC4_MODULE_ERROR_BASE + 0x5UL) +#define CRYS_RC4_DATA_OUT_DATA_IN_OVERLAP_ERROR (CRYS_RC4_MODULE_ERROR_BASE + 0x6UL) +#define CRYS_RC4_DATA_SIZE_ILLEGAL (CRYS_RC4_MODULE_ERROR_BASE + 0x7UL) + +/* The CRYS_RC4_SEP additional errors*/ +#define CRYS_RC4_DATA_IN_LLI_TAB_POINTER_INVALID_ERROR (CRYS_RC4_MODULE_ERROR_BASE + 0x16UL) +#define CRYS_RC4_DATA_IN_LLI_TAB_SIZE_INVALID_ERROR (CRYS_RC4_MODULE_ERROR_BASE + 0x17UL) +#define CRYS_RC4_DATA_OUT_LLI_TAB_POINTER_INVALID_ERROR (CRYS_RC4_MODULE_ERROR_BASE + 0x18UL) +#define CRYS_RC4_DATA_OUT_LLI_TAB_SIZE_INVALID_ERROR (CRYS_RC4_MODULE_ERROR_BASE + 0x19UL) +#define CRYS_RC4_ILLEGAL_PARAMS_ERROR (CRYS_RC4_MODULE_ERROR_BASE + 0x1AUL) + +#define CRYS_RC4_IS_NOT_SUPPORTED (CRYS_RC4_MODULE_ERROR_BASE + 0xFFUL) + + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif + +#endif + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_rnd.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rnd.h new file mode 100644 index 0000000..bf55eab --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rnd.h @@ -0,0 +1,341 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_RND_H +#define CRYS_RND_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_error.h" +#include "crys_defs.h" +#include "crys_aes.h" + +#include "crys_pka_defs.h" +#ifdef __cplusplus +extern "C" +{ +#endif + +/* +* Object CRYS_RND.h +* State : %state% +* Creation date : Thu Dec 16 17:11:32 2004 +* Last modified : %modify_time% 18 Mar. 2010 +*/ +/** @file +* \brief This file contains the CRYS APIs used for random number generation. +* +* \version CRYS_RND.h#1:incl:15 +* \author adams, R.Levin +* \remarks Copyright (C) 2005 by Discretix Technologies Ltd. +* All Rights reserved +*/ + +/************************ Defines ******************************/ + +/* a definitions describing the TRNG Entropy estimator parameters: + width of bits prefix and correlation table size */ +#define CRYS_RND_nb 8 +#define CRYS_RND_NB (1 << CRYS_RND_nb) +/* size of buffer used in CRYS_Init (4) and in entropy estimator (512) */ +#define CRYS_RND_TEMP_BUFF_SIZE_WORDS (4+512) + +#define CRYS_RND_ENGINE_TYPE LLF_RND_ENGINE_TYPE + + /* maximal requested size counter (12 bits active) - maximal count + of generated random 128 bit blocks allowed per one request of + Generate function according NIST 800-90 it is (2^12 - 1) = 0x3FFFF */ +#define CRYS_RND_REQUESTED_SIZE_COUNTER 0x3FFFF + +/* AES output block size in words */ +#define CRYS_RND_AES_BLOCK_SIZE_IN_WORDS CRYS_AES_BLOCK_SIZE_IN_WORDS + +/* Entropy max size, full size of Entropy temp buffer and max seed size */ +#define CRYS_RND_ENTROPY_MAX_SIZE_WORDS 24 +#define CRYS_RND_ENTROPY_TEMP_BUFFER_MAX_SIZE_WORDS (CRYS_RND_ENTROPY_MAX_SIZE_WORDS + 2) + +#ifndef CRYS_RND_SEED_MAX_SIZE_WORDS +#define CRYS_RND_SEED_MAX_SIZE_WORDS 12 +#endif + +#ifndef CRYS_RND_ADDITINAL_INPUT_MAX_SIZE_WORDS +#define CRYS_RND_ADDITINAL_INPUT_MAX_SIZE_WORDS CRYS_RND_SEED_MAX_SIZE_WORDS +#endif + +#define CRYS_RND_VECT_IN_RANGE_MAX_COUNT_OF_TRIES 100 + +/* Bit-fields of Instantiation steps in the StateFlag: + - b'0: 0 - not instantiated, 1 - instantiated normally; + - b'1: 1 - loss samples, 0 - no loss; + - b'2: 1 - time exceeding, 0 - no time exceeding. + In case of sample loss or time exceed b`0 must be 0. +*/ +#define CRYS_RND_NonInstantiated 0UL +#define CRYS_RND_Instantiated 1UL +#define CRYS_RND_InstantReseedLossSamples 2UL +#define CRYS_RND_InstantReseedTimeExceed 4UL + +/* The bit-field in the StateFlag, defining the workiong or KAT mode: + - b`8: 0 - working mode, 1 - KAT mode; */ +#define CRYS_RND_WorkMode (0UL << 8) +#define CRYS_RND_KAT_mode (1UL << 8) + +/* The bit-field in the StateFlag, defining that the previous generated random + block is valid for comparison with current block or not */ +#define CRYS_RND_PreviousIsValid (1UL << 16) + +/* Note: for backward compatibility defined an alias name for the StateFlag + (see CRYS_RND_State_t structure definition */ +#define InstantiationIsDone StateFlag; + +/* Max size for one RNG operation */ +#define CRYS_RND_MAX_SIZE_OF_OUTPUT_BYTES 3*1024 +/************************ Enums ********************************/ + +/* Definition of Fast or Slow mode of random generator (TRNG)*/ +typedef enum +{ + CRYS_RND_Fast = 0, + CRYS_RND_Slow = 1, + CRYS_RND_ModeLast = 0x7FFFFFFF, +} CRYS_RND_mode_t; + + +/************************ Typedefs ****************************/ + +/************************ Structs *****************************/ + +/* The internal state of DRBG mechanism based on AES CTR and CBC-MAC + algorithms. It will be set as global data defined by the following + structure */ +typedef struct +{ + /* Seed buffer, consists from concatenated Key||V: max size 12 words */ + DxUint32_t Seed[CRYS_RND_SEED_MAX_SIZE_WORDS]; + /* AdditionalInput buffer max size = seed max size words */ + DxUint32_t AdditionalInput[CRYS_RND_ADDITINAL_INPUT_MAX_SIZE_WORDS]; + + + + + /* Previous value for continuous test */ + DxUint32_t PreviousRandValue[CRYS_AES_BLOCK_SIZE_IN_WORDS]; + + /* reseed counter (32 bits active) - indicates number of requests for entropy + since instantiation or reseeding */ + DxUint32_t ReseedCounter; + + /* key size: 4 or 8 words according to security strength 128 bits or 256 bits*/ + DxUint16_t KeySizeWords; + + /* State flag (see definition of StateFlag above), containing bit-fields, defining: + - b'0: instantiation steps: 0 - not done, 1 - done; + - b'1: loss samples: 0 - not loss, 1 - loss; + - b'2: time exceeded: 0 - not exceeded; + - b'8: working or testing mode: 0 - working, 1 - KAT test; + - b'16: flag defining is Previous random valid or not: 0 -not valid, 1 - valid. + */ + DxUint32_t StateFlag; + + DxUint16_t AddInputSizeWords; /* size of additional data set by user, words */ +#ifdef CRYS_RND_KAT + /* TRNG entropy buffer */ + DxUint32_t Entropy[12]; +#endif +} CRYS_RND_State_t; + + +/* The CRYS Random Generator Parameters structure CRYS_RND_Params_t - + structure containing the user given Parameters */ +typedef struct CRYS_RND_Params_t +{ + /* key size: 4 or 8 words according to security strength 128 bits or 256 bits*/ + DxUint16_t KeySizeWords; + + /* parameters defining TRNG */ + CRYS_RND_mode_t TrngMode; + /* ring oscillator length level - 2 bits */ + DxUint8_t RingOscillatorLength; + + /* sampling interval: count of ring oscillator cycles between + consecutive bits sampling */ + DxUint32_t SampleCount; + /* count of 128/192-bits blocks, required for + entropy accumulation: */ + DxUint32_t CollectionCount; + /* parameter, defining maximal allowed time (clocks) for + generation of one random block EHR */ + DxInt32_t MaxAllowedTrngClocksCount; + +}CRYS_RND_Params_t; + +/* structure containing parameters and buffers for entropy estimator */ +typedef struct +{ + /* #include the specific fields that are used by the low level */ + DxUint32_t crysRndEntrIntBuff[CRYS_PKA_RND_ENTR_ESTIM_BUFF_MAX_LENGTH_IN_WORDS]; +}CRYS_RND_EntropyEstimatData_t; + + +/*****************************************************************************/ +/********************** Public Functions *************************/ +/*****************************************************************************/ + + + +/* ----------------------------------------------------------------------------- + * @brief The function performs instantiation of RNG and creates new + * internal State (including Seed) of RNG. + * + * It implements the CTR_DRBG_Instantiate function of 9.1 [1]. + * This function must be called at least once per system reset (boot) and + * required before any random generation can be produced. + * + * @param[in/out] entrEstimBuff_ptr - The temp buffer for specific operations + * on entropy estimator. + * Note: for projects, which not use entropy estimator (e.g. + * SW projects), the pointer may be set to NULL. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in ... + */ +CIMPORT_C CRYSError_t CRYS_RND_Instantiation( CRYS_RND_EntropyEstimatData_t *entrEstimBuff_ptr/*in/out*/ ); + + +/* ----------------------------------------------------------------------------- + * @brief The CRYS_RND_UnInstantiation cleans the unused RNG State for security goals. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in ... + */ +CIMPORT_C CRYSError_t CRYS_RND_UnInstantiation(void); + + +/* ------------------------------------------------------------/ + * @brief The function performs reseeding of RNG Seed, and performs: + * 1. Mixing of additional entropy into the working state. + * 2. Mixing additional input provided by the user called additional input buffer. + * + * The function implements the CTR_DRBG_Reseeding function of 10.2.1.4.2 NIST SP [SP800-90]. + * This function must be called if reseed counter > reseed interval, + * in our implementation it is 2^32-1. + * + * @param[in/out] entrEstimBuff_ptr - The temp buffer for specific operations + * on entropy estimator. + * Note: for projects, which not use entropy estimator (e.g. + * SW projects), the pointer may be set to NULL. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in ... + */ +CIMPORT_C CRYSError_t CRYS_RND_Reseeding( CRYS_RND_EntropyEstimatData_t *entrEstimBuff_ptr/*in/out*/ ); + + + +/* ------------------------------------------------------------ + * @brief The CRYS_RND_GenerateVector function generates a random vector. + * + * The random function is based on the AES. The code is written according to the: + * 10.2.1.5.2 NIST SP [SP800-90]. + * + * + * @RndSize[in] - The size of random bytes that is required. + * + * @Output_ptr[in,out] The output vector. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in ... + */ +CIMPORT_C CRYSError_t CRYS_RND_GenerateVector(DxUint16_t RndSize, DxUint8_t *Output_ptr); + + + +/**********************************************************************************************************/ +/* + * @brief The CRYS_RND_GenerateVectorInRange function generates a random vector Rand in range: + * 1 < RandVect < MaxVect, using the CRYS_RND_GenerateVector function: + * The function performs the following: + * 1. Check input parameters. + * 2. If maxVect != 0 (maxVect is provided), then calculate required size of random + * equaled to actual bit size of MaxVector, else set it = rndSizeInBits. + * 3. Calls the CRYS_RND_GenerateVector() function for generating random vector + * RndVect of required size. + * 4. If maxVect is provided, then: + * 4.1. Sets all high bits of RndVect, greatest than MSBit of MaxVector, to 0. + * 4.2. If size of random vector > 16 bytes, then: + * 4.2.1. Compares high 16 bytes of randVect to maxVect and low limit + * 4.2.2. If condition 1 < randVect16 < maxVect16 is not satisfied, + * then generate new high 16 bytes rndVect16 and go to step 4.2.1. + * 4.3. Compares full value of RndVect with MaxVector and with 1 . If condition + * 1 < RandVect < MaxVector is not satisfied, then go to step 3, else go to 6. + * 5. If maxVect is not provided, then set MSBit of rndVect to 1. + * 6. Output the result and Exit. + * + * Note: Random and Max vectors are given as sequence of bytes, where LSB is most left byte + * and MSB = most right one. + * + * @rndSize[in] - The maximal size of random vector (in bits). + * @maxVect_ptr[in] - The pointer to vector defines high limit of random vector. + * @rndVect_ptr[in,out] - The output vector. + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in ... + */ +CIMPORT_C CRYSError_t CRYS_RND_GenerateVectorInRange(DxUint32_t RndSizeInBits, + DxUint8_t *MaxVect_ptr, DxUint8_t *RndVect_ptr ); + + +/*************************************************************************************/ +/** + * @brief The CRYS_RND_AddAdditionalInput is used for: + * Add additional input by the user. + * This data is used to input additional data for random generation + * reseeding operation or Instantiation. + * The size must be 16 or 32 bytes. + * + * @AdditonalInput_ptr[in] - The AdditionalInput buffer. + * + * AdditonalInputSize[in] - The size of the AdditionalInput buffer, can be 16 or 32 bytes. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in ... + */ +CIMPORT_C CRYSError_t CRYS_RND_AddAdditionalInput( DxUint8_t *AdditonalInput_ptr, + DxUint16_t AdditonalInputSize); + +/**********************************************************************************************************/ +/** + * @brief The CRYS_RND_EnterKatMode function sets KAT mode bit into StateFlag + * of global CRYS_RND_WorkingState structure. + * + * The user must call this function before calling functions performing KAT tests. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in ... + */ +CIMPORT_C void CRYS_RND_EnterKatMode( void ); + + +/**********************************************************************************************************/ +/** + * @brief The CRYS_RND_DisableKatMode function sets KAT mode bit into StateFlag + * of global CRYS_RND_WorkingState structure. + * + * The user must call this function before calling functions performing KAT tests. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in ... + */ +CIMPORT_C void CRYS_RND_DisableKatMode( void ); + + +#ifdef __cplusplus +} +#endif + +#endif /* #ifndef CRYS_RND_H */ + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_rnd.xml b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rnd.xml new file mode 100644 index 0000000..7c04c0d --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rnd.xml @@ -0,0 +1,101 @@ +<?xml version="1.0" encoding="US-ASCII" ?> +<!--**************************************************************** +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +*****************************************************************--> + +<!-- SepRpcTest API description: An API dedicated to test the RPC mechanism --> + +<api name="CrysRnd"> <!-- The RND API Agent ID --> + +<!-- Default return codes for generated wrapper code (may be overriden for specific functions --> + <retcodes ok="CRYS_OK" generic_error="CRYS_RND_GEN_A_ERROR" invalid_param="CRYS_RND_GEN_B_ERROR" not_enough_resources="CRYS_RND_GEN_C_ERROR" /> + <!-- Header files to include for prototypes + --> + + <header>crys_rnd_error.h</header> + <header>crys_rnd.h</header> + + + + + <function name="CRYS_RND_Instantiation" return="le32(CRYSError_t)"> +<!-- + +CRYSError_t CRYS_RND_Instantiation( CRYS_RND_EntropyEstimatData_t *entrEstimBuff_ptr/*in/out*/ ); + + --> + +<param name="entrEstimBuff_ptr" direction="io" ptype="ref" dtype="CRYS_RND_EntropyEstimatData_t" > + <field name="crysRndEntrIntBuff" direction="io" ptype="array(CRYS_PKA_RND_ENTR_ESTIM_BUFF_MAX_LENGTH_IN_WORDS,CRYS_PKA_RND_ENTR_ESTIM_BUFF_MAX_LENGTH_IN_WORDS)" dtype="le32(DxUint32_t)" /> + </param> + --> + </function> + + <function name="CRYS_RND_Reseeding" return="le32(CRYSError_t)"> +<!-- + +CRYSError_t CRYS_RND_Reseeding( CRYS_RND_EntropyEstimatData_t *entrEstimBuff_ptr/*in/out*/ ); + + --> + +<param name="entrEstimBuff_ptr" direction="io" ptype="ref" dtype="CRYS_RND_EntropyEstimatData_t" > + <field name="crysRndEntrIntBuff" direction="io" ptype="array(CRYS_PKA_RND_ENTR_ESTIM_BUFF_MAX_LENGTH_IN_WORDS,CRYS_PKA_RND_ENTR_ESTIM_BUFF_MAX_LENGTH_IN_WORDS)" dtype="le32(DxUint32_t)" /> + </param> + --> + </function> + + <function name="CRYS_RND_GenerateVector" return="le32(CRYSError_t)"> +<!-- + +CRYSError_t CRYS_RND_GenerateVector(DxUint16_t RndSize, DxUint8_t *Output_ptr); + + --> + +<param name="RndSize" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> +<param name="Output_ptr" direction="o" ptype="array(RndSize,CRYS_RND_MAX_SIZE_OF_OUTPUT_BYTES)" dtype="DxUint8_t" /> + --> + </function> + + + <function name="CRYS_RND_GenerateVectorInRange" return="le32(CRYSError_t)"> +<!-- + +CRYSError_t CRYS_RND_GenerateVectorInRange(DxUint32_t RndSizeInBits, + DxUint8_t *MaxVect_ptr, DxUint8_t *RndVect_ptr ); + + --> + +<param name="RndSizeInBits" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> +<param name="MaxVect_ptr" direction="i" ptype="array(CRYS_RND_MAX_SIZE_OF_OUTPUT_BYTES,CRYS_RND_MAX_SIZE_OF_OUTPUT_BYTES)" dtype="DxUint8_t" /> +<param name="RndVect_ptr" direction="o" ptype="array((RndSizeInBits+7)/8,CRYS_RND_MAX_SIZE_OF_OUTPUT_BYTES)" dtype="DxUint8_t" /> + --> + </function> + + + + <function name="CRYS_RND_AddAdditionalInput" return="le32(CRYSError_t)"> +<!-- + +CRYSError_t CRYS_RND_AddAdditionalInput( DxUint8_t *AdditonalInput_ptr, + DxUint16_t AdditonalInputSize); + + --> + +<param name="AdditonalInput_ptr" direction="i" ptype="array(AdditonalInputSize,32)" dtype="DxUint8_t" /> +<param name="AdditonalInputSize" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + </function> + + <function name="CRYS_RND_UnInstantiation" return="le32(CRYSError_t)"> +<!-- + +CRYSError_t CRYS_RND_UnInstantiation(void); + + --> + --> + </function> + + + </api> diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_rnd_aes128.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rnd_aes128.h new file mode 100644 index 0000000..129b5ae --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rnd_aes128.h @@ -0,0 +1,205 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifdef CRYS_RND_AES_OLD_128BIT_ONLY + + +#ifndef CRYS_RND_H +#define CRYS_RND_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "DX_VOS_BaseTypes.h" +#include "crys_error.h" +#include "crys_defs.h" +#include "LLF_RND_EngineInfo.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object CRYS_RND.h + * State : %state% + * Creation date : Thu Dec 16 17:11:32 2004 + * Last modified : %modify_time% + */ + /** @file + * \brief This file contains the CRYS APIs used for random number generation. + * + * \version CRYS_RND.h#1:incl:15 + * \author adams + */ + + + + +/************************ Defines ******************************/ + +/** +@brief - a definition describing the low level Engine type ( SW , Hardware , Etc ) +*/ + +#define CRYS_RND_ENGINE_TYPE LLF_RND_ENGINE_TYPE + + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +/* ------------------------------------------------------------ + * @brief The CRYS_RND_GenerateVector function generates a random vector, + * using the FIPS-PUB [SP800-90]. + * + * The random function is based on the AES. The code is written according to the: + * CryptoCore: Random Number Generators System Specification (Revision 1.3) + * + * + * @RndSize[in] - The size of random bytes that is required. + * + * @Output_ptr[in,out] The output vector. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in ... + */ +CIMPORT_C CRYSError_t CRYS_RND_GenerateVector(DxUint16_t RndSize, DxUint8_t *Output_ptr); + + +/**********************************************************************************************************/ +/* + * @brief The CRYS_RND_GenerateVectorInRange function generates a random vector Rand in range: + * 1 < RandVect < MaxVect, using the FIPS-PUB 186-2 standard appendix 3 : + * The function performs the following: + * 1. Check input parameters. + * 2. If maxVect != 0 (maxVect is provided), then calculate required size of random + * equaled to actual bit size of MaxVector, else set it = rndSizeInBits. + * 3. Calls the CRYS_RND_GenerateVector() function for generating random vector + * RndVect of required size. + * 4. If maxVect is provided, then: + * 4.1. Sets all high bits of RndVect, greatest than MSBit of MaxVector, to 0. + * 4.2. If size of random vector > 16 bytes, then: + * 4.2.1. Compares high 16 bytes of randVect to maxVect and low limit + * 4.2.2. If condition 1 < randVect16 < maxVect16 is not satisfied, + * then generate new high 16 bytes rndVect16 and go to step 4.2.1. + * 4.3. Compares full value of RndVect with MaxVector and with 1 . If condition + * 1 < RandVect < MaxVector is not satisfied, then go to step 3, else go to 6. + * 5. If maxVect is not provided, then set MSBit of rndVect to 1. + * 6. Output the result and Exit. + * + * Note: Random and Max vectors are given as sequence of bytes, where LSB is most left byte + * and MSB = most right one. + * + * @rndSize[in] - The maximal size of random vector (in bits). + * @maxVect_ptr[in] - The pointer to vector defines high limit of random vector. + * @rndVect_ptr[in,out] - The output vector. + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in ... + */ +CIMPORT_C CRYSError_t CRYS_RND_GenerateVectorInRange(DxUint32_t RndSizeInBits, + DxUint8_t *MaxVect_ptr, DxUint8_t *RndVect_ptr ); + + +/*************************************************************************************/ +/** + * @brief The CRYS_RND_AddAdditionalInput is used for: + * Add additional input by the user. + * This data is used to input additional data for random generation + * reseeding operation or Instantiation. + * The size must be 16 or 32 bytes. + * + * @AdditonalInput_ptr[in] - The AdditionalInput buffer. + * + * AdditonalInputSize[in] - The size of the AdditionalInput buffer, can be 16 or 32 bytes. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in ... + */ +CIMPORT_C CRYSError_t CRYS_RND_AddAdditionalInput( DxUint8_t *AdditonalInput_ptr, + DxUint16_t AdditonalInputSize); + +/**************************************************************************************/ +/** + * @brief The CRYS_RND_ResetSeed resets the SEED generated by the low level + * ( hardware or OPerating system service on software ). + * This is Dummy function for backward compatibility + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in ... + */ +CIMPORT_C CRYSError_t CRYS_RND_ResetSeed( void ); + + +/**********************************************************************************************************/ +/** + * @brief The CRYS_RND_StartResetSeed start the hardware bit random bit collection for the seeding/instantiation + * operation) + * + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in ... + */ +CIMPORT_C CRYSError_t CRYS_RND_StartResetSeed( void ); + + +/************************************************************************************* + * @brief The CRYS_RND_AddAdditionalInput is used for: + * Add additional input by the user. + * This data is used to input additional data for random generation + * reseeding operation or Instantiation. + * The size must be 16 or 32 bytes. + * + * @AdditonalInput_ptr[in] - The AdditionalInput buffer. + * + * AdditonalInputSize[in] - The size of the AdditionalInput buffer, can be 16 or 32 bytes. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in ... + */ +CIMPORT_C CRYSError_t CRYS_RND_AddAdditionalInput( DxUint8_t *AdditonalInput_ptr, + DxUint16_t AdditonalInputSize); + + +/************************************************************************************* + * @brief The CRYS_RND_Reseeding is used for: + * 1. Mixing of additional entropy into the working state. + * 2. Mixing additional input provided by the user called additional input buffer. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in ... + */ +CIMPORT_C CRYSError_t CRYS_RND_Reseeding( void ); + +/* ----------------------------------------------------------------------------- + * @brief The CRYS_RND_Instantiation initialize the RNG. Its required before any + * output can be produced. It is initiated in the CRYS_RND_Init phase. + * This function must be called at least once per system reset. + * + * @return CRYSError_t - On success CRYS_OK is returned, on failure a + * value MODULE_* as defined in ... + */ +CIMPORT_C CRYSError_t CRYS_RND_Instantiation( void ); + + +#ifdef __cplusplus +} +#endif + +#endif + +#endif /*CRYS_RND_AES_OLD_128BIT_ONLY*/ diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_rnd_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rnd_error.h new file mode 100644 index 0000000..96aa03c --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rnd_error.h @@ -0,0 +1,82 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_RND_ERROR_H +#define CRYS_RND_ERROR_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object % CRYS_RND_error.h : % + * State : %state% + * Creation date : Sun Nov 21 11:07:08 2004 + * Last modified : %modify_time% + */ + /** @file + * \brief This module contains the definitions of the CRYS AES errors. + * + * \version CRYS_RND_error.h#1:incl:1 + * \author adams + */ + + + + +/************************ Defines ******************************/ +/* RND module on the CRYS layer base address - 0x00F00C00 */ +#define CRYS_RND_DATA_OUT_POINTER_INVALID_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x0UL) +#define CRYS_RND_CAN_NOT_GENERATE_RAND_IN_RANGE (CRYS_RND_MODULE_ERROR_BASE + 0x1UL) +#define CRYS_RND_CPRNG_TEST_FAIL_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x2UL) +#define CRYS_RND_ADDITIONAL_INPUT_BUFFER_NULL (CRYS_RND_MODULE_ERROR_BASE + 0x3UL) +#define CRYS_RND_ADDITIONAL_INPUT_SIZE_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x4UL) +#define CRYS_RND_DATA_SIZE_OVERFLOW_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x5UL) +#define CRYS_RND_VECTOR_SIZE_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x6UL) +#define CRYS_RND_RESEED_COUNTER_OVERFLOW_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x7UL) +#define CRYS_RND_INSTANTIATION_NOT_DONE_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x8UL) +#define CRYS_RND_TRNG_LOSS_SAMPLES_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x9UL) +#define CRYS_RND_TRNG_TIME_EXCEED_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0xAUL) +#define CRYS_RND_TRNG_LOSS_SAMPLES_AND_TIME_EXCEED_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0xBUL) +#define CRYS_RND_IS_KAT_MODE_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0xCUL) +#define CRYS_RND_ESTIMATOR_BUFFER_PTR_INVALID_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0xDUL) +#define CRYS_RND_OPERATION_IS_NOT_SUPPORTED_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0xEUL) + +#define CRYS_RND_IS_NOT_SUPPORTED (CRYS_RND_MODULE_ERROR_BASE + 0xFUL) +#define CRYS_RND_GEN_A_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x10UL) +#define CRYS_RND_GEN_B_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x11UL) +#define CRYS_RND_GEN_C_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x12UL) + +#define CRYS_RND_ILLEGAL_PARAMS_ACCORDING_TO_PRIV_ERROR (CRYS_RND_MODULE_ERROR_BASE + 0x13UL) + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa.xml b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa.xml new file mode 100644 index 0000000..db85d02 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa.xml @@ -0,0 +1,771 @@ +<?xml version="1.0" encoding="US-ASCII" ?> +<!--**************************************************************** +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +*****************************************************************--> + +<!-- SepRpcTest API description: An API dedicated to test the RPC mechanism --> + +<api name="CrysRsa"> <!-- The RSA API Agent ID --> + +<!-- Default return codes for generated wrapper code (may be overriden for specific functions --> + <retcodes ok="CRYS_OK" generic_error="CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR" invalid_param="CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR" not_enough_resources="CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR" /> + <!-- Header files to include for prototypes + --> + + <header>crys_host_rpc_config.h</header> + <header>crys_rsa_error.h</header> + <header>crys_rsa_prim.h</header> + <header>crys_rsa_schemes.h</header> + <header>crys_rsa_build.h</header> + <header>crys_rsa_kg.h</header> + <header>crys_rsa_extend.h</header> + + + + <function name="CRYS_RSA_PRIM_Encrypt" return="le32(CRYSError_t)"> +<!-- + +CRYSError_t CRYS_RSA_PRIM_Encrypt(CRYS_RSAUserPubKey_t *UserPubKey_ptr, + CRYS_RSAPrimeData_t *PrimeData_ptr, + DxUint8_t *Data_ptr, + DxUint16_t DataSize, + DxUint8_t *Output_ptr); + --> + +<param name="UserPubKey_ptr" direction="i" ptype="ref" dtype="CRYS_RSAUserPubKey_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PublicKeyDbBuff" direction="i" ptype="array((sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1),(sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1))" dtype="le32(DxUint32_t)" /> + </param> + --> +<param name="PrimeData_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_RSAPrimeData_t))" dtype="CRYS_RSAPrimeData_t" /> + --> + <param name="Data_ptr" direction="i" ptype="array(DataSize,4*CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS)" dtype="DxUint8_t" /> + --> + <param name="DataSize" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + <param name="Output_ptr" direction="o" ptype="array((((CRYSRSAPubKey_t*)(UserPubKey_ptr->PublicKeyDbBuff))->nSizeInBits)/8,4*CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS)" dtype="DxUint8_t" /> + --> + </function> + + + <function name="CRYS_RSA_PRIM_Decrypt" return="le32(CRYSError_t)"> +<!-- + +CRYSError_t CRYS_RSA_PRIM_Decrypt(CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAPrimeData_t *PrimeData_ptr, + DxUint8_t *Data_ptr, + DxUint16_t DataSize, + DxUint8_t *Output_ptr); + --> + +<param name="UserPrivKey_ptr" direction="i" ptype="ref" dtype="CRYS_RSAUserPrivKey_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PrivateKeyDbBuff" direction="i" ptype="array(sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1,sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1)" dtype="le32(DxUint32_t)" /> + </param> + --> +<param name="PrimeData_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_RSAPrimeData_t))" dtype="CRYS_RSAPrimeData_t" /> + --> + <param name="Data_ptr" direction="i" ptype="array(DataSize,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + --> + <param name="DataSize" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + <param name="Output_ptr" direction="o" ptype="array((((CRYSRSAPrivKey_t*)(UserPrivKey_ptr->PrivateKeyDbBuff))->nSizeInBits)/8,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + --> + </function> + + + + <function name="_DX_RSA_SCHEMES_Encrypt" return="le32(CRYSError_t)"> +<!-- + +CRYSError_t _DX_RSA_SCHEMES_Encrypt(CRYS_RSAUserPubKey_t *UserPubKey_ptr, + CRYS_RSAPrimeData_t *PrimeData_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + DxUint8_t *L, + DxUint16_t Llen, + CRYS_PKCS1_MGF_t MGF, + DxUint8_t *DataIn_ptr, + DxUint16_t DataInSize, + DxUint8_t *Output_ptr, + CRYS_PKCS1_version PKCS1_ver); + + --> + + <param name="UserPubKey_ptr" direction="i" ptype="ref" dtype="CRYS_RSAUserPubKey_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PublicKeyDbBuff" direction="i" ptype="array(sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1,sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1)" dtype="le32(DxUint32_t)" /> + </param> + --> + <param name="PrimeData_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_RSAPrimeData_t))" dtype="CRYS_RSAPrimeData_t" /> + --> + <param name="hashFunc" direction="i" ptype="val" dtype="le32(CRYS_RSA_HASH_OpMode_t)" /> + --> + <!-- + currently L is part of the message and there for limited to 2K, schem limitation is 2^16. + --> + <param name="L" direction="i" ptype="array(Llen,2048)" dtype="DxUint8_t" /> + --> + <param name="Llen" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + <param name="MGF" direction="i" ptype="val" dtype="le32(CRYS_PKCS1_MGF_t)" /> + --> + <param name="DataIn_ptr" direction="i" ptype="array(DataInSize,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + --> + <param name="DataInSize" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + <param name="Output_ptr" direction="o" ptype="array((((CRYSRSAPubKey_t*)(UserPubKey_ptr->PublicKeyDbBuff))->nSizeInBits)/8,4*CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS)" dtype="DxUint8_t" /> + --> + <param name="PKCS1_ver" direction="i" ptype="val" dtype="le32(CRYS_PKCS1_version)" /> + --> + </function> + + + + <function name="_DX_RSA_SCHEMES_Decrypt" return="le32(CRYSError_t)"> +<!-- + +CRYSError_t _DX_RSA_SCHEMES_Decrypt( + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAPrimeData_t *PrimeData_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + DxUint8_t *L, + DxUint16_t Llen, + CRYS_PKCS1_MGF_t MGF, + DxUint8_t *DataIn_ptr, + DxUint16_t DataInSize, + DxUint8_t *Output_ptr, + DxUint16_t *OutputSize_ptr, + CRYS_PKCS1_version PKCS1_ver); + + --> + + <param name="UserPrivKey_ptr" direction="i" ptype="ref" dtype="CRYS_RSAUserPrivKey_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PrivateKeyDbBuff" direction="i" ptype="array(sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1,sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1)" dtype="le32(DxUint32_t)" /> + </param> + --> + <param name="PrimeData_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_RSAPrimeData_t))" dtype="CRYS_RSAPrimeData_t" /> + --> + <param name="hashFunc" direction="i" ptype="val" dtype="le32(CRYS_RSA_HASH_OpMode_t)" /> + --> + <param name="L" direction="i" ptype="array(Llen,2048)" dtype="DxUint8_t" /> + --> + <param name="Llen" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + <param name="MGF" direction="i" ptype="val" dtype="le32(CRYS_PKCS1_MGF_t)" /> + --> + <param name="DataIn_ptr" direction="i" ptype="array(DataInSize,4*CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS)" dtype="DxUint8_t" /> + --> + <param name="DataInSize" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + <param name="Output_ptr" direction="o" ptype="array(*OutputSize_ptr,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + --> + <param name="OutputSize_ptr" direction="io" ptype="ref" dtype="le16(DxUint16_t)" /> + --> + <param name="PKCS1_ver" direction="i" ptype="val" dtype="le32(CRYS_PKCS1_version)" /> + --> + </function> + + + <function name="_DX_RSA_SignInit" return="le32(CRYSError_t)"> +<!-- + +CRYSError_t _DX_RSA_SignInit(CRYS_RSAPrivUserContext_t *UserContext_ptr, + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + CRYS_PKCS1_MGF_t MGF, + DxUint16_t SaltLen, + CRYS_PKCS1_version PKCS1_ver); + --> + + <param name="UserContext_ptr" direction="io" ptype="ref" dtype="CRYS_RSAPrivUserContext_t" > + <field name="valid_tag" direction="io" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="AES_iv" direction="io" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="context_buff" direction="io" ptype="array(sizeof(RSAPrivContext_t) + 1,sizeof(RSAPrivContext_t)+ 1)" dtype="DxUint8_t" /> + </param> + --> + <param name="UserPrivKey_ptr" direction="i" ptype="ref" dtype="CRYS_RSAUserPrivKey_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PrivateKeyDbBuff" direction="i" ptype="array(sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1,sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1)" dtype="le32(DxUint32_t)" /> + </param> + --> + <param name="hashFunc" direction="i" ptype="val" dtype="le32(CRYS_RSA_HASH_OpMode_t)" /> + --> + <param name="MGF" direction="i" ptype="val" dtype="le32(CRYS_PKCS1_MGF_t)" /> + --> + <param name="SaltLen" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + <param name="PKCS1_ver" direction="i" ptype="val" dtype="le32(CRYS_PKCS1_version)" /> + --> + </function> + + + + <function name="_DX_RSA_SignFinish" return="le32(CRYSError_t)"> + <!-- + + CRYSError_t _DX_RSA_SignFinish(CRYS_RSAPrivUserContext_t *UserContext_ptr, + DxUint8_t *Output_ptr, + DxUint16_t *OutputSize_ptr); + --> + + <param name="UserContext_ptr" direction="io" ptype="ref" dtype="CRYS_RSAPrivUserContext_t" > + <field name="valid_tag" direction="io" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="AES_iv" direction="io" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="context_buff" direction="io" ptype="array(sizeof(RSAPrivContext_t) + 1,sizeof(RSAPrivContext_t) + 1)" dtype="DxUint8_t" /> + </param> + --> + <param name="Output_ptr" direction="o" ptype="array(*OutputSize_ptr,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + --> + <param name="OutputSize_ptr" direction="io" ptype="ref" dtype="le16(DxUint16_t)" /> + --> + </function> + + <function name="_DX_RSA_SignUpdate" return="le32(CRYSError_t)"> +<!-- + +CRYSError_t _DX_RSA_SignUpdate(CRYS_RSAPrivUserContext_t *UserContext_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize); + --> + + <param name="UserContext_ptr" direction="io" ptype="ref" dtype="CRYS_RSAPrivUserContext_t" > + <field name="valid_tag" direction="io" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="AES_iv" direction="io" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="context_buff" direction="io" ptype="array(sizeof(RSAPrivContext_t)+ 1,sizeof(RSAPrivContext_t)+ 1)" dtype="DxUint8_t" /> + </param> + --> + <param name="DataIn_ptr" direction="i" ptype="buf(DataInSize)" dtype="DxUint8_t" /> + --> + <param name="DataInSize" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + </function> + + <function name="_DX_RSA_Sign" return="le32(CRYSError_t)"> + <!-- + + CRYSError_t _DX_RSA_Sign(CRYS_RSAPrivUserContext_t *UserContext_ptr, + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + CRYS_PKCS1_MGF_t MGF, + DxUint16_t SaltLen, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *Output_ptr, + DxUint16_t *OutputSize_ptr, + CRYS_PKCS1_version PKCS1_ver); + + --> +<!-- + <param name="UserContext_ptr" direction="i" ptype="ref" dtype="CRYS_RSAPrivUserContext_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="AES_iv" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="context_buff" direction="i" ptype="array(sizeof(RSAPrivContext_t) + 1,sizeof(RSAPrivContext_t) + 1)" dtype="DxUint8_t" /> + </param> + --> + <param name="UserContext_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_RSAPrivUserContext_t))" dtype="CRYS_RSAPrivUserContext_t" /> + <param name="UserPrivKey_ptr" direction="i" ptype="ref" dtype="CRYS_RSAUserPrivKey_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PrivateKeyDbBuff" direction="i" ptype="array(sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1,sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1)" dtype="le32(DxUint32_t)" /> + </param> + --> + <param name="hashFunc" direction="i" ptype="val" dtype="le32(CRYS_RSA_HASH_OpMode_t)" /> + --> + <param name="MGF" direction="i" ptype="val" dtype="le32(CRYS_PKCS1_MGF_t)" /> + --> + <param name="SaltLen" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + <param name="DataIn_ptr" direction="i" ptype="buf(DataInSize)" dtype="DxUint8_t" /> + --> + <param name="DataInSize" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + <param name="Output_ptr" direction="o" ptype="array(*OutputSize_ptr,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + --> + <param name="OutputSize_ptr" direction="io" ptype="ref" dtype="le16(DxUint16_t)" /> + --> + <param name="PKCS1_ver" direction="i" ptype="val" dtype="le32(CRYS_PKCS1_version)" /> + </function> + + + <function name="_DX_RSA_VerifyInit" return="le32(CRYSError_t)"> + <!-- + +CRYSError_t _DX_RSA_VerifyInit(CRYS_RSAPubUserContext_t *UserContext_ptr, + CRYS_RSAUserPubKey_t *UserPubKey_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + CRYS_PKCS1_MGF_t MGF, + DxUint16_t SaltLen, + CRYS_PKCS1_version PKCS1_ver); + + --> + <param name="UserContext_ptr" direction="o" ptype="ref" dtype="CRYS_RSAPubUserContext_t" > + <field name="valid_tag" direction="o" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="AES_iv" direction="o" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="context_buff" direction="o" ptype="array(sizeof(RSAPubContext_t)/sizeof(DxUint32_t) + 1,sizeof(RSAPubContext_t)/sizeof(DxUint32_t) + 1)" dtype="le32(DxUint32_t)" /> + </param> + --> + <param name="UserPubKey_ptr" direction="i" ptype="ref" dtype="CRYS_RSAUserPubKey_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PublicKeyDbBuff" direction="i" ptype="array(sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1,sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1)" dtype="le32(DxUint32_t)" /> + </param> + --> + <param name="hashFunc" direction="i" ptype="val" dtype="le32(CRYS_RSA_HASH_OpMode_t)" /> + --> + <param name="MGF" direction="i" ptype="val" dtype="le32(CRYS_PKCS1_MGF_t)" /> + --> + <param name="SaltLen" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + <param name="PKCS1_ver" direction="i" ptype="val" dtype="le32(CRYS_PKCS1_version)" /> + </function> + + + + <function name="_DX_RSA_VerifyUpdate" return="le32(CRYSError_t)"> + <!-- + + CRYSError_t _DX_RSA_VerifyUpdate(CRYS_RSAPubUserContext_t *UserContext_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize); + + --> + <param name="UserContext_ptr" direction="io" ptype="ref" dtype="CRYS_RSAPubUserContext_t" > + <field name="valid_tag" direction="io" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="AES_iv" direction="io" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="context_buff" direction="io" ptype="array(sizeof(RSAPubContext_t)/sizeof(DxUint32_t) + 1,sizeof(RSAPubContext_t)/sizeof(DxUint32_t) + 1)" dtype="le32(DxUint32_t)" /> + </param> + --> + + <param name="DataIn_ptr" direction="i" ptype="buf(DataInSize)" dtype="DxUint8_t" /> + --> + <param name="DataInSize" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + + </function> + + <function name="_DX_RSA_VerifyFinish" return="le32(CRYSError_t)"> + <!-- + + CRYSError_t _DX_RSA_VerifyFinish(CRYS_RSAPubUserContext_t *UserContext_ptr, + DxUint8_t *Sig_ptr); + --> + <param name="UserContext_ptr" direction="io" ptype="ref" dtype="CRYS_RSAPubUserContext_t" > + <field name="valid_tag" direction="io" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="AES_iv" direction="io" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="context_buff" direction="io" ptype="array(sizeof(RSAPubContext_t)/sizeof(DxUint32_t) + 1,sizeof(RSAPubContext_t)/sizeof(DxUint32_t) + 1)" dtype="le32(DxUint32_t)" /> + </param> + --> + + <param name="Sig_ptr" direction="i" ptype="array(((RSAPubContext_t*)UserContext_ptr->context_buff)->nSizeInBytes,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + </function> + + + <function name="_DX_RSA_Verify" return="le32(CRYSError_t)"> + <!-- + + CRYSError_t _DX_RSA_Verify(CRYS_RSAPubUserContext_t *UserContext_ptr, + CRYS_RSAUserPubKey_t *UserPubKey_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + CRYS_PKCS1_MGF_t MGF, + DxUint16_t SaltLen, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *Sig_ptr, + CRYS_PKCS1_version PKCS1_ver); + + --> +<!-- + <param name="UserContext_ptr" direction="i" ptype="ref" dtype="CRYS_RSAPubUserContext_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="AES_iv" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="context_buff" direction="i" ptype="array((sizeof(RSAPubContext_t)/sizeof(DxUint32_t) + 1),(sizeof(RSAPubContext_t)/sizeof(DxUint32_t) + 1))" dtype="DxUint32_t" /> + </param> + --> +<param name="UserContext_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_RSAPubUserContext_t))" dtype="CRYS_RSAPubUserContext_t" /> +--> + <param name="UserPubKey_ptr" direction="i" ptype="ref" dtype="CRYS_RSAUserPubKey_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PublicKeyDbBuff" direction="i" ptype="array((sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1),(sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1))" dtype="le32(DxUint32_t)" /> + </param> + --> + <param name="hashFunc" direction="i" ptype="val" dtype="le32(CRYS_RSA_HASH_OpMode_t)" /> + --> + <param name="MGF" direction="i" ptype="val" dtype="le32(CRYS_PKCS1_MGF_t)" /> + --> + <param name="SaltLen" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + <param name="DataIn_ptr" direction="i" ptype="buf(DataInSize)" dtype="DxUint8_t" /> + --> + <param name="DataInSize" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + <param name="Sig_ptr" direction="i" ptype="array((((CRYSRSAPubKey_t*)UserPubKey_ptr->PublicKeyDbBuff)->nSizeInBits+7)/8,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + --> + <param name="PKCS1_ver" direction="i" ptype="val" dtype="le32(CRYS_PKCS1_version)" /> + + </function> + <function name="CRYS_RSA_Build_PubKey" return="le32(CRYSError_t)"> + + <!-- + CRYSError_t CRYS_RSA_Build_PubKey( CRYS_RSAUserPubKey_t *UserPubKey_ptr, + DxUint8_t *Exponent_ptr, + DxUint16_t ExponentSize, + DxUint8_t *Modulus_ptr, + DxUint16_t ModulusSize ); + + --> + +<param name="UserPubKey_ptr" direction="o" ptype="ref" dtype="CRYS_RSAUserPubKey_t" > + <field name="valid_tag" direction="o" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PublicKeyDbBuff" direction="o" ptype="array((sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1),(sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1))" dtype="le32(DxUint32_t)" /> + </param> + --> + <param name="Exponent_ptr" direction="i" ptype="array(ExponentSize,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + --> + <param name="ExponentSize" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + <param name="Modulus_ptr" direction="i" ptype="array(ModulusSize,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + --> + <param name="ModulusSize" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + </function> + + + <function name="CRYS_RSA_Build_PrivKey" return="le32(CRYSError_t)"> + <!-- + +CRYSError_t CRYS_RSA_Build_PrivKey(CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + DxUint8_t *PrivExponent_ptr, + DxUint16_t PrivExponentSize, + DxUint8_t *PubExponent_ptr, + DxUint16_t PubExponentSize, + DxUint8_t *Modulus_ptr, + DxUint16_t ModulusSize ); + + --> + + <param name="UserPrivKey_ptr" direction="o" ptype="ref" dtype="CRYS_RSAUserPrivKey_t" > + <field name="valid_tag" direction="o" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PrivateKeyDbBuff" direction="o" ptype="array((sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1),(sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1))" dtype="le32(DxUint32_t)" /> + </param> + --> + <param name="PrivExponent_ptr" direction="i" ptype="array(PrivExponentSize,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + --> + <param name="PrivExponentSize" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + <param name="PubExponent_ptr" direction="i" ptype="array(PubExponentSize,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + --> + <param name="PubExponentSize" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + <param name="Modulus_ptr" direction="i" ptype="array(ModulusSize,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + --> + <param name="ModulusSize" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + </function> + + <function name="CRYS_RSA_Build_PrivKeyCRT" return="le32(CRYSError_t)"> + <!-- + + CRYSError_t CRYS_RSA_Build_PrivKeyCRT(CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + DxUint8_t *P_ptr, + DxUint16_t PSize, + DxUint8_t *Q_ptr, + DxUint16_t QSize, + DxUint8_t *dP_ptr, + DxUint16_t dPSize, + DxUint8_t *dQ_ptr, + DxUint16_t dQSize, + DxUint8_t *qInv_ptr, + DxUint16_t qInvSize ); + --> + + <param name="UserPrivKey_ptr" direction="o" ptype="ref" dtype="CRYS_RSAUserPrivKey_t" > + <field name="valid_tag" direction="o" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PrivateKeyDbBuff" direction="o" ptype="array((sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1),(sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1))" dtype="le32(DxUint32_t)" /> + </param> + --> + <param name="P_ptr" direction="i" ptype="array(PSize,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + --> + <param name="PSize" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + <param name="Q_ptr" direction="i" ptype="array(PSize,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + --> + <param name="QSize" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + <param name="dP_ptr" direction="i" ptype="array(PSize,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + --> + <param name="dPSize" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + <param name="dQ_ptr" direction="i" ptype="array(PSize,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + --> + <param name="dQSize" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + <param name="qInv_ptr" direction="i" ptype="array(PSize,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + --> + <param name="qInvSize" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + + </function> + + + <function name="CRYS_RSA_KG_GenerateKeyPair" return="le32(CRYSError_t)"> +<!-- + + CRYSError_t CRYS_RSA_KG_GenerateKeyPair( + DxUint8_t *pubExp_ptr, + DxUint16_t pubExpSizeInBytes, + DxUint32_t keySize, + CRYS_RSAUserPrivKey_t *userPrivKey_ptr, + CRYS_RSAUserPubKey_t *userPubKey_ptr, + CRYS_RSAKGData_t *keyGenData_ptr ); + + --> + <param name="pubExp_ptr" direction="i" ptype="array(pubExpSizeInBytes,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + --> + <param name="pubExpSizeInBytes" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + <param name="keySize" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> +<param name="UserPrivKey_ptr" direction="o" ptype="ref" dtype="CRYS_RSAUserPrivKey_t" > + <field name="valid_tag" direction="o" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PrivateKeyDbBuff" direction="o" ptype="array((sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1),(sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1))" dtype="le32(DxUint32_t)" /> + </param> + --> +<param name="userPubKey_ptr" direction="o" ptype="ref" dtype="CRYS_RSAUserPubKey_t" > + <field name="valid_tag" direction="o" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PublicKeyDbBuff" direction="o" ptype="array((sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1),(sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1))" dtype="le32(DxUint32_t)" /> + </param> + --> +<param name="keyGenData_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_RSAKGData_t))" dtype="CRYS_RSAKGData_t" /> + --> + </function> + + + <function name="CRYS_RSA_KG_GenerateKeyPairCRT" return="le32(CRYSError_t)"> + +<!-- + CRYSError_t CRYS_RSA_KG_GenerateKeyPairCRT( + DxUint8_t *pubExp_ptr, + DxUint16_t pubExpSizeInBytes, + DxUint32_t keySize, + CRYS_RSAUserPrivKey_t *userPrivKey_ptr, + CRYS_RSAUserPubKey_t *userPubKey_ptr, + CRYS_RSAKGData_t *keyGenData_ptr ); + +--> + <param name="pubExp_ptr" direction="i" ptype="array(pubExpSizeInBytes,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4*2+1)" dtype="DxUint8_t" /> + + <param name="pubExpSizeInBytes" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + + <param name="keySize" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + +<param name="UserPrivKey_ptr" direction="o" ptype="ref" dtype="CRYS_RSAUserPrivKey_t" > + <field name="valid_tag" direction="o" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PrivateKeyDbBuff" direction="o" ptype="array(sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1,sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1)" dtype="le32(DxUint32_t)" /> + </param> + +<param name="userPubKey_ptr" direction="o" ptype="ref" dtype="CRYS_RSAUserPubKey_t" > + <field name="valid_tag" direction="o" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PublicKeyDbBuff" direction="o" ptype="array(sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1,sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1)" dtype="le32(DxUint32_t)" /> + </param> + +<param name="keyGenData_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_RSAKGData_t))" dtype="CRYS_RSAKGData_t" /> + + </function> +--> + + + <function name="CRYS_RSA_Get_PubKey" return="le32(CRYSError_t)"> + <!-- + + CRYSError_t CRYS_RSA_Get_PubKey( CRYS_RSAUserPubKey_t *UserPubKey_ptr, + DxUint8_t *Exponent_ptr, + DxUint16_t *ExponentSize_ptr, + DxUint8_t *Modulus_ptr, + DxUint16_t *ModulusSize_ptr ) +--> + + + <param name="UserPubKey_ptr" direction="i" ptype="ref" dtype="CRYS_RSAUserPubKey_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PublicKeyDbBuff" direction="i" ptype="array((sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1),(sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1))" dtype="le32(DxUint32_t)" /> + </param> + --> +<param name="Exponent_ptr" direction="o" ptype="array(*ExponentSize_ptr, CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4-1)" dtype="DxUint8_t" /> + --> + <param name="ExponentSize_ptr" direction="io" ptype="ref" dtype="le16(DxUint16_t)" /> + --> + <param name="Modulus_ptr" direction="o" ptype="array(*ModulusSize_ptr, CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4-1)" dtype="DxUint8_t" /> + --> + <param name="ModulusSize_ptr" direction="io" ptype="ref" dtype="le16(DxUint16_t)" /> + --> + </function> + + + <function name="CRYS_RSA_Get_ModSizeFromPubKey" return="le32(CRYSError_t)"> + <!-- + CRYSError_t CRYS_RSA_Get_ModSizeFromPubKey( CRYS_RSAUserPubKey_t *UserPubKey_ptr, + DxUint16_t *ModulusSize_ptr ) + + --> + <param name="userPubKey_ptr" direction="i" ptype="ref" dtype="CRYS_RSAUserPubKey_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PublicKeyDbBuff" direction="i" ptype="array((sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1),(sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1))" dtype="le32(DxUint32_t)" /> + </param> + --> + <param name="ModulusSize_ptr" direction="o" ptype="ref" dtype="le16(DxUint16_t)" /> + --> + </function> + + + + <function name="CRYS_RSA_PRIM_DecryptExactSize" return="le32(CRYSError_t)"> + <!-- + CRYSError_t CRYS_RSA_PRIM_DecryptExactSize( + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAPrimeData_t *PrimeData_ptr, + DxUint8_t *DataIn_ptr, + DxUint8_t *Output_ptr, + DxUint16_t DataOutSize ) + + --> + <param name="UserPrivKey_ptr" direction="i" ptype="ref" dtype="CRYS_RSAUserPrivKey_t" > + <field name="valid_tag" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PrivateKeyDbBuff" direction="i" ptype="array(sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1,sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1)" dtype="le32(DxUint32_t)" /> + </param> + --> + <param name="PrimeData_ptr" direction="i" ptype="wsbuf(sizeof(CRYS_RSAPrimeData_t))" dtype="CRYS_RSAPrimeData_t" /> + --> + <param name="DataIn_ptr" direction="i" ptype="array(DataOutSize,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + --> + <param name="Output_ptr" direction="o" ptype="array(DataOutSize,4*CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS)" dtype="DxUint8_t" /> + --> + <param name="DataOutSize" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + + </function> + + <function name="CRYS_RSA_InvModWord" return="le32(CRYSError_t)"> + <!-- + CRYSError_t CRYS_RSA_InvModWord( + DxUint32_t aVal, /*in*/ + DxUint32_t modVal, /*in*/ + DxUint32_t *invMod_ptr /*out*/ ) + + --> + <param name="aVal" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + <param name="modVal" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + <param name="invMod_ptr" direction="o" ptype="ref" dtype="le32(DxUint32_t)" /> + --> + </function> + + + <function name="CRYS_RSA_KG_GeneratePQprimes" return="le32(CRYSError_t)"> + <!-- + CRYSError_t CRYS_RSA_KG_GeneratePQprimes( + DxUint8_t *pubExp_ptr, + DxUint16_t pubExpSizeInBytes, + DxUint32_t primeSizeInBits, + DxUint32_t testsCount, + DxUint32_t *p_ptr, + DxUint32_t *q_ptr, + CRYS_RSAKGData_t *keyGenData_ptr ) + --> + <param name="pubExp_ptr" direction="i" ptype="array(pubExpSizeInBytes,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4*2+1)" dtype="DxUint8_t" /> + + <param name="pubExpSizeInBytes" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + + <param name="primeSizeInBits" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + + <param name="testsCount" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + + <param name="p_ptr" direction="o" ptype="array(primeSizeInBits/32,(CRYS_PKA_MAX_KEY_GENERATION_SIZE_BITS/32)/2)" dtype="le32(DxUint32_t)" /> + + <param name="q_ptr" direction="o" ptype="array(primeSizeInBits/32,(CRYS_PKA_MAX_KEY_GENERATION_SIZE_BITS/32)/2)" dtype="le32(DxUint32_t)" /> + + <param name="keyGenData_ptr" direction="i" ptype="ref" dtype="CRYS_RSAKGData_t" /> + + </function> + + + + <function name="CRYS_RSA_KG_CalculateKeyPairFromPQ" return="le32(CRYSError_t)"> + <!-- +CRYSError_t CRYS_RSA_KG_CalculateKeyPairFromPQ( + DxUint8_t *pubExp_ptr, + DxUint16_t pubExpSizeInBytes, + DxUint32_t *p_ptr, + DxUint32_t *q_ptr, + DxUint16_t primeSizeInBits, + CRYS_RSA_DecryptionMode_t privKeyMode, + CRYS_RSAUserPrivKey_t *userPrivKey_ptr, + CRYS_RSAUserPubKey_t *userPubKey_ptr, + CRYS_RSAKGData_t *keyGenData_ptr ); + --> + <param name="pubExp_ptr" direction="i" ptype="array(pubExpSizeInBytes, CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + + <param name="pubExpSizeInBytes" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + + <param name="p_ptr" direction="i" ptype="array(primeSizeInBits/32,(CRYS_PKA_MAX_KEY_GENERATION_SIZE_BITS/32)/2)" dtype="le32(DxUint32_t)" /> + + <param name="q_ptr" direction="i" ptype="array(primeSizeInBits/32,(CRYS_PKA_MAX_KEY_GENERATION_SIZE_BITS/32)/2)" dtype="le32(DxUint32_t)" /> + + <param name="primeSizeInBits" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + + <param name="privKeyMode" direction="i" ptype="val" dtype="le32(CRYS_RSA_DecryptionMode_t)" /> + + <param name="UserPrivKey_ptr" direction="o" ptype="ref" dtype="CRYS_RSAUserPrivKey_t" > + <field name="valid_tag" direction="o" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PrivateKeyDbBuff" direction="o" ptype="array(sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1,sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1)" dtype="le32(DxUint32_t)" /> + </param> + + <param name="userPubKey_ptr" direction="o" ptype="ref" dtype="CRYS_RSAUserPubKey_t" > + <field name="valid_tag" direction="o" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PublicKeyDbBuff" direction="o" ptype="array((sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1),(sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1))" dtype="le32(DxUint32_t)" /> + </param> + + <param name="keyGenData_ptr" direction="i" ptype="ref" dtype="CRYS_RSAKGData_t" /> + + </function> + + + <function name="DX_RSA_KG_ExtendGenerateKeyPair" return="le32(CRYSError_t)"> +<!-- + +CRYSError_t DX_RSA_KG_ExtendGenerateKeyPair( + DxUint8_t *pubExp_ptr, + DxUint16_t pubExpSizeInBytes, + DxUint32_t keySizeBits, + CRYS_RSA_DecryptionMode_t privKeyMode, + CRYS_RSAUserPrivKey_t *userPrivKey_ptr, + CRYS_RSAUserPubKey_t *userPubKey_ptr, + CRYS_RSAKGData_t *keyGenData_ptr ) + + + --> + <param name="pubExp_ptr" direction="i" ptype="array(pubExpSizeInBytes,CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*4)" dtype="DxUint8_t" /> + --> + <param name="pubExpSizeInBytes" direction="i" ptype="val" dtype="le16(DxUint16_t)" /> + --> + <param name="keySizeBits" direction="i" ptype="val" dtype="le32(DxUint32_t)" /> + --> + <param name="privKeyMode" direction="i" ptype="val" dtype="le32(CRYS_RSA_DecryptionMode_t)" /> + --> +<param name="UserPrivKey_ptr" direction="o" ptype="ref" dtype="CRYS_RSAUserPrivKey_t" > + <field name="valid_tag" direction="o" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PrivateKeyDbBuff" direction="o" ptype="array((sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1),(sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1))" dtype="le32(DxUint32_t)" /> + </param> + --> +<param name="userPubKey_ptr" direction="o" ptype="ref" dtype="CRYS_RSAUserPubKey_t" > + <field name="valid_tag" direction="o" ptype="val" dtype="le32(DxUint32_t)" /> + <field name="PublicKeyDbBuff" direction="o" ptype="array((sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1),(sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1))" dtype="le32(DxUint32_t)" /> + </param> + --> +<param name="keyGenData_ptr" direction="i" ptype="ref" dtype="CRYS_RSAKGData_t" /> + --> + </function> + + + + + + </api> diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_build.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_build.h new file mode 100644 index 0000000..89c579e --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_build.h @@ -0,0 +1,256 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_RSA_BUILD_H +#define CRYS_RSA_BUILD_H + + +#include "crys_error.h" +#include "crys_rsa_types.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/* + * Object name : CRYS_RSA_BUILD.h + */ + +/** @file + * \brief This module defines some utility functions for working with + * RSA cryptography. + * + * \version + * \author ronys + */ + + /****************************************************************************************** + @brief CRYS_RSA_Build_PubKey populates a CRYSRSAPubKey_t structure with + the provided modulus and exponent. + + Assumption : the modulus and the exponent are presented in big endian. + + @param[out] PubKey_ptr - a pointer to the public key structure. This structure will be used as + an input to the CRYS_RSA_PRIM_Encrypt API. + + @param[in] Exponent_ptr - a pointer to the exponent stream of bytes ( Big endian ). + @param[in] ExponentSize - The size of the exponent in bytes. + @param[in] Modulus_ptr - a pointer to the modulus stream of bytes ( Big endian ) the MS bit must be set to '1'. + @param[in] ModulusSize - The size of the modulus in bytes. Size supported are: + - for PKI without PKA: HW: all 32 bytes multiples between 64 - 256; + - for PKI with PKA: HW all 4 bytes multiples between 64 - 264; + */ +CIMPORT_C CRYSError_t CRYS_RSA_Build_PubKey( CRYS_RSAUserPubKey_t *UserPubKey_ptr, + DxUint8_t *Exponent_ptr, + DxUint16_t ExponentSize, + DxUint8_t *Modulus_ptr, + DxUint16_t ModulusSize ); + + +/****************************************************************************************** +@brief CRYS_RSA_Build_PrivKey populates a CRYSRSAPrivKey_t structure with + the provided modulus and exponent, marking the key as a "non-CRT" key. + + Assumption : the modulus and the exponent are presented in big endian. + +@param[out] UserPrivKey_ptr - a pointer to the public key structure. this structure will be used as + an input to the CRYS_RSA_PRIM_Decrypt API. + +@param[in] PrivExponent_ptr - a pointer to the private exponent stream of bytes ( Big endian ). +@param[in] PrivExponentSize - The size of the private exponent in bytes. +@param[in] PubExponent_ptr - a pointer to the public exponent stream of bytes ( Big endian ). +@param[in] PubExponentSize - The size of the public exponent in bytes. +@param[in] Modulus_ptr - a pointer to the modulus stream of bytes ( Little endian ) the MS bit must be set to '1'. + @param[in] ModulusSize - The size of the modulus in bytes. Sizes supported are: + - for PKI without PKA: HW: all 32 bytes multiples between 64 - 256; + - for PKI with PKA: HW all 4 bytes multiples between 64 - 264; +*/ +CIMPORT_C CRYSError_t CRYS_RSA_Build_PrivKey(CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + DxUint8_t *PrivExponent_ptr, + DxUint16_t PrivExponentSize, + DxUint8_t *PubExponent_ptr, + DxUint16_t PubExponentSize, + DxUint8_t *Modulus_ptr, + DxUint16_t ModulusSize ); + +/****************************************************************************************** + + @brief CRYS_RSA_Build_PrivKeyCRT populates a CRYSRSAPrivKey_t structure with + the provided parameters, marking the key as a "CRT" key. + + @param[out] UserPrivKey_ptr - A pointer to the public key structure. + This structure is used as input to the CRYS_RSA_PRIM_Decrypt API. + + @param[in] P_ptr - A pointer to the first factor stream of bytes (Big-Endian format) + @param[in] PSize - The size of the first factor, in bytes. + @param[in] Q_ptr - A pointer to the second factor stream of bytes (Big-Endian format) + @param[in] QSize - The size of the second factor, in bytes. + @param[in] dP_ptr - A pointer to the first factor's CRT exponent stream of bytes (Big-Endian format) + @param[in] dPSize - The size of the first factor's CRT exponent, in bytes. + @param[in] dQ_ptr - A pointer to the second factor's CRT exponent stream of bytes (Big-Endian format) + @param[in] dQSize - The size of the second factor's CRT exponent, in bytes. + @param[in] qInv_ptr - A pointer to the first CRT coefficient stream of bytes (Big-Endian format) + @param[in] qInvSize - The size of the first CRT coefficient, in bytes. + +*/ +CIMPORT_C CRYSError_t CRYS_RSA_Build_PrivKeyCRT(CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + DxUint8_t *P_ptr, + DxUint16_t PSize, + DxUint8_t *Q_ptr, + DxUint16_t QSize, + DxUint8_t *dP_ptr, + DxUint16_t dPSize, + DxUint8_t *dQ_ptr, + DxUint16_t dQSize, + DxUint8_t *qInv_ptr, + DxUint16_t qInvSize ); + + +/****************************************************************************************** +@brief The CRYS_RSA_Build_ConvertPrivKeyToCRT function convert the non CRT private + key to CRT private Key and initializes appropriate fields of input - + output structure provided by pointer UserPrivKey_ptr. + All input and output data is in little endian representation. + +@param[in,out] UserPrivKey_ptr - A pointer to the user private key structure. The key must be in non CRT mode. + This structure is used as input to the CRYS_RSA_PRIM_Encrypt API. + +@param[in] Buffers_ptr - A pointer to the structure containing temporary buffers used by LLF functions + called by this function. Size of buffer: 5 + 36 = 41 maximum modulus sizes. + +NOTE: All members of input UserPrivKey structure must be initialized, including public key + e-pointer and it size. +*/ +CIMPORT_C CRYSError_t CRYS_RSA_Build_ConvertPrivKeyToCRT( CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAConvertKeyToCrtBuffers_t *Buffers_pt ); + + +/****************************************************************************************** + @brief CRYS_RSA_Get_PubKey gets the e,n public key from the database. + + @param[in] UserPubKey_ptr - A pointer to the public key structure. + This structure is used as input to the CRYS_RSA_PRIM_Encrypt API. + + @param[out] Exponent_ptr - A pointer to the exponent stream of bytes (Big-Endian format) + @param[in,out] ExponentSize_ptr - the size of the exponent buffer in bytes, it is updated to the + actual size of the exponent, in bytes. + @param[out] Modulus_ptr - A pointer to the modulus stream of bytes (Big-Endian format). + The MS (most significant) bit must be set to '1'. + @param[in,out] ModulusSize_ptr - the size of the modulus buffer in bytes, it is updated to the + actual size of the modulus, in bytes. + + NOTE: All members of input UserPrivKey structure must be initialized, including public key + e pointer and it size. + +*/ +CIMPORT_C CRYSError_t CRYS_RSA_Get_PubKey( CRYS_RSAUserPubKey_t *UserPubKey_ptr, + DxUint8_t *Exponent_ptr, + DxUint16_t *ExponentSize_ptr, + DxUint8_t *Modulus_ptr, + DxUint16_t *ModulusSize_ptr ); + +/****************************************************************************************** + @brief CRYS_RSA_Get_ModSizeFromPubKey extracts the modulus size from a given public key data structure. + + @param[in] UserPubKey_ptr - A pointer to the public key structure, as returned by + CRYS_RSA_Build_PubKey. + + @param[out] ModulusSize_ptr - The actual size of the modulus, in bytes. +*/ +CIMPORT_C CRYSError_t CRYS_RSA_Get_ModSizeFromPubKey(CRYS_RSAUserPubKey_t *UserPubKey_ptr, + DxUint16_t *ModulusSize_ptr ); + + + +/****************************************************************************************** + @brief CRYS_RSA_Get_PrivKey gets the D,e,n of private key from the database. + + @param[in] UserPrivKey_ptr - A pointer to the private key structure. + This structure is used as input to the CRYS_RSA_PRIM_Decrypt API. + + @param[out] PrivExponent_ptr - A pointer to the exponent stream of bytes (Big-Endian format) + + @param[in/out] PrivExponentSize - the size of the exponent buffer in bytes , it is updated to the + actual size of the exponent, in bytes. + + @param[out] PubExponent_ptr - a pointer to the public exponent stream of bytes ( Big endian ). + + @param[in/out] PubExponentSize - the size of the exponent buffer in bytes , it is updated to the + actual size of the exponent, in bytes. + + @param[out] Modulus_ptr - A pointer to the modulus stream of bytes (Big-Endian format). + The MS (most significant) bit must be set to '1'. + + @param[in/out] ModulusSize_ptr - the size of the modulus buffer in bytes , it is updated to the + actual size of the modulus, in bytes. +*/ +CIMPORT_C CRYSError_t CRYS_RSA_Get_PrivKey(CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + DxUint8_t *PrivExponent_ptr, + DxUint16_t *PrivExponentSize_ptr, + DxUint8_t *PubExponent_ptr, + DxUint16_t *PubExponentSize_ptr, + DxUint8_t *Modulus_ptr, + DxUint16_t *ModulusSize_ptr ); + +/****************************************************************************************** + + @brief CRYS_RSA_Get_PrivKeyCRT exports a CRYSRSAPrivKey_t structure data + + @param[In] UserPrivKey_ptr - a pointer to the public key structure. this structure will be used as + an input to the CRYS_RSA_PRIM_Decrypt API. + + @param[out] P_ptr - a pointer to the first factor stream of bytes ( Big endian ). + @param[in/out] PSize_ptr - the size of the first factor buffer in bytes , it is updated to the + actual size of the first factor, in bytes. + @param[out] Q_ptr - a pointer to the second factor stream of bytes ( Big endian ). + @param[in/out] QSize_ptr - the size of the second factor buffer in bytes , it is updated to the + actual size of the second factor, in bytes. + @param[out] dP_ptr - a pointer to the first factors CRT exponent stream of bytes ( Big endian ). + @param[in/out] dPSize_ptr - the size of the first factor exponent buffer in bytes , it is updated to the + actual size of the first factor exponent, in bytes. + @param[out] dQ_ptr - a pointer to the second factors CRT exponent stream of bytes ( Big endian ). + @param[in/out] dQSize_ptr - the size of the second factors CRT exponent buffer in bytes , it is updated to the + actual size of the second factors CRT exponent, in bytes. + @param[out] qInv_ptr - a pointer to the first CRT coefficient stream of bytes ( Big endian ). + @param[in/out] qInvSize_ptr - the size of the first CRT coefficient buffer in bytes , it is updated to the + actual size of the first CRT coefficient, in bytes. +*/ + +CIMPORT_C CRYSError_t CRYS_RSA_Get_PrivKeyCRT(CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + DxUint8_t *P_ptr, + DxUint16_t *PSize_ptr, + DxUint8_t *Q_ptr, + DxUint16_t *QSize_ptr, + DxUint8_t *dP_ptr, + DxUint16_t *dPSize_ptr, + DxUint8_t *dQ_ptr, + DxUint16_t *dQSize_ptr, + DxUint8_t *qInv_ptr, + DxUint16_t *qInvSize_ptr); + + + +/****************************************************************************************** + + @brief CRYS_RSA_Get_PrivKeyModulus export the modulus vector from CRYSRSAPrivKey_t structure. + + @param[out] UserPrivKey_ptr - a pointer to the private key structure. + + @param[out] N_ptr - a pointer to the modulus vector of bytes ( Big endian ). + @param[in/out] NSize_ptr - the size of the modulus buffer in bytes , it is updated to the + actual size in bytes. +*/ + +CEXPORT_C CRYSError_t CRYS_RSA_Get_PrivKeyModulus(CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + DxUint8_t *N_ptr, + DxUint16_t *NSize_ptr); + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_error.h new file mode 100644 index 0000000..41d6465 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_error.h @@ -0,0 +1,173 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_RSA_ERROR_H +#define CRYS_RSA_ERROR_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object % crys_rsa_error.h : % + * State : %state% + * Creation date : Sun Nov 21 11:07:08 2004 + * Last modified : %modify_time% + */ + /** @file + * \brief This module containes the definitions of the CRYS RSA errors. + * + * \version crys_rsa_error.h#1:incl:1 + * \author adams + */ + + + + +/************************ Defines ******************************/ + +/* PKI RSA module on the CRYS layer base address - 0x00F00400 */ + +/* The CRYS RSA module errors */ +#define CRYS_RSA_INVALID_MODULUS_SIZE (CRYS_RSA_MODULE_ERROR_BASE + 0x0UL) +#define CRYS_RSA_INVALID_MODULUS_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x1UL) +#define CRYS_RSA_INVALID_EXPONENT_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x2UL) +#define CRYS_RSA_INVALID_PUB_KEY_STRUCT_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x3UL) +#define CRYS_RSA_INVALID_PRIV_KEY_STRUCT_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x4UL) +#define CRYS_RSA_INVALID_EXPONENT_VAL (CRYS_RSA_MODULE_ERROR_BASE + 0x5UL) +#define CRYS_RSA_INVALID_EXPONENT_SIZE (CRYS_RSA_MODULE_ERROR_BASE + 0x6UL) +#define CRYS_RSA_INVALID_CRT_FIRST_FACTOR_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x7UL) +#define CRYS_RSA_INVALID_CRT_SECOND_FACTOR_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x8UL) +#define CRYS_RSA_INVALID_CRT_FIRST_FACTOR_EXP_PTR_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x9UL) +#define CRYS_RSA_INVALID_CRT_SECOND_FACTOR_EXP_PTR_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0xAUL) +#define CRYS_RSA_INVALID_CRT_COEFFICIENT_PTR_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0xBUL) +#define CRYS_RSA_INVALID_CRT_FIRST_FACTOR_SIZE (CRYS_RSA_MODULE_ERROR_BASE + 0xCUL) +#define CRYS_RSA_INVALID_CRT_SECOND_FACTOR_SIZE (CRYS_RSA_MODULE_ERROR_BASE + 0xDUL) +#define CRYS_RSA_INVALID_CRT_FIRST_AND_SECOND_FACTOR_SIZE (CRYS_RSA_MODULE_ERROR_BASE + 0xEUL) +#define CRYS_RSA_INVALID_CRT_FIRST_FACTOR_EXPONENT_VAL (CRYS_RSA_MODULE_ERROR_BASE + 0xFUL) +#define CRYS_RSA_INVALID_CRT_SECOND_FACTOR_EXPONENT_VAL (CRYS_RSA_MODULE_ERROR_BASE + 0x10UL) +#define CRYS_RSA_INVALID_CRT_COEFF_VAL (CRYS_RSA_MODULE_ERROR_BASE + 0x11UL) +#define CRYS_RSA_DATA_POINTER_INVALID_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x12UL) +#define CRYS_RSA_INVALID_MESSAGE_DATA_SIZE (CRYS_RSA_MODULE_ERROR_BASE + 0x13UL) +#define CRYS_RSA_INVALID_MESSAGE_VAL (CRYS_RSA_MODULE_ERROR_BASE + 0x14UL) + +#define CRYS_RSA_MODULUS_EVEN_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x15UL) +#define CRYS_RSA_INVALID_USER_CONTEXT_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x16UL) +#define CRYS_RSA_HASH_ILLEGAL_OPERATION_MODE_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x17UL) +#define CRYS_RSA_MGF_ILLEGAL_ARG_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x18UL) +#define CRYS_RSA_PKCS1_VER_ARG_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x19UL) + +#define CRYS_RSA_PRIV_KEY_VALIDATION_TAG_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x1AUL) +#define CRYS_RSA_PUB_KEY_VALIDATION_TAG_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x1BUL) +#define CRYS_RSA_USER_CONTEXT_VALIDATION_TAG_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x1CUL) +#define CRYS_RSA_INVALID_OUTPUT_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x1DUL) +#define CRYS_RSA_INVALID_OUTPUT_SIZE_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x1FUL) +#define CRYS_RSA_CONV_TO_CRT_INVALID_TEMP_BUFF_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x20UL) + +#define CRYS_RSA_BASE_OAEP_ENCODE_PARAMETER_STRING_TOO_LONG (CRYS_RSA_MODULE_ERROR_BASE + 0x22UL) +#define CRYS_RSA_BASE_OAEP_DECODE_PARAMETER_STRING_TOO_LONG (CRYS_RSA_MODULE_ERROR_BASE + 0x23UL) +#define CRYS_RSA_BASE_OAEP_ENCODE_MESSAGE_TOO_LONG (CRYS_RSA_MODULE_ERROR_BASE + 0x24UL) +#define CRYS_RSA_BASE_OAEP_DECODE_MESSAGE_TOO_LONG (CRYS_RSA_MODULE_ERROR_BASE + 0x25UL) +#define CRYS_RSA_KEY_GEN_DATA_STRUCT_POINTER_INVALID (CRYS_RSA_MODULE_ERROR_BASE + 0x26UL) +#define CRYS_RSA_PRIM_DATA_STRUCT_POINTER_INVALID (CRYS_RSA_MODULE_ERROR_BASE + 0x27UL) +#define CRYS_RSA_INVALID_MESSAGE_BUFFER_SIZE (CRYS_RSA_MODULE_ERROR_BASE + 0x28UL) +#define CRYS_RSA_INVALID_SIGNATURE_BUFFER_SIZE (CRYS_RSA_MODULE_ERROR_BASE + 0x29UL) +#define CRYS_RSA_INVALID_MOD_BUFFER_SIZE_POINTER (CRYS_RSA_MODULE_ERROR_BASE + 0x2AUL) +#define CRYS_RSA_INVALID_EXP_BUFFER_SIZE_POINTER (CRYS_RSA_MODULE_ERROR_BASE + 0x2BUL) +#define CRYS_RSA_INVALID_SIGNATURE_BUFFER_POINTER (CRYS_RSA_MODULE_ERROR_BASE + 0x2CUL) +#define CRYS_RSA_WRONG_PRIVATE_KEY_TYPE (CRYS_RSA_MODULE_ERROR_BASE + 0x2DUL) + +#define CRYS_RSA_INVALID_CRT_FIRST_FACTOR_SIZE_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x2EUL) +#define CRYS_RSA_INVALID_CRT_SECOND_FACTOR_SIZE_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x2FUL) +#define CRYS_RSA_INVALID_CRT_FIRST_FACTOR_EXP_SIZE_PTR_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x30UL) +#define CRYS_RSA_INVALID_CRT_SECOND_FACTOR_EXP_SIZE_PTR_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x31UL) +#define CRYS_RSA_INVALID_CRT_COEFFICIENT_SIZE_PTR_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x32UL) + +#define CRYS_RSA_INVALID_CRT_FIRST_FACTOR_SIZE_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x33UL) +#define CRYS_RSA_INVALID_CRT_SECOND_FACTOR_SIZE_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x34UL) +#define CRYS_RSA_INVALID_CRT_FIRST_FACTOR_EXP_SIZE_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x35UL) +#define CRYS_RSA_INVALID_CRT_SECOND_FACTOR_EXP_SIZE_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x36UL) +#define CRYS_RSA_INVALID_CRT_COEFFICIENT_SIZE_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x37UL) +#define CRYS_RSA_KEY_GEN_CONDITIONAL_TEST_FAIL_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x38UL) + +#define CRYS_RSA_CAN_NOT_GENERATE_RAND_IN_RANGE (CRYS_RSA_MODULE_ERROR_BASE + 0x39UL) +#define CRYS_RSA_INVALID_CRT_PARAMETR_SIZE_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x3AUL) + +#define CRYS_RSA_INVALID_MODULUS_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x40UL) +#define CRYS_RSA_INVALID_PTR_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x41UL) +#define CRYS_RSA_INVALID_DECRYPRION_MODE_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x42UL) + +#define CRYS_RSA_FIPS_MODE_FAIL_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x43UL) +#define CRYS_RSA_FIPS_MODE_SF_NOT_PERFORMED_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x44UL) +#define CRYS_RSA_INVALID_INPUT_BUFFER_SIZE_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x45UL) + + +/**************************************************************************************** + * PKCS#1 VERSION 1.5 ERRORS + ****************************************************************************************/ +#define CRYS_RSA_BER_ENCODING_OK CRYS_OK +#define CRYS_RSA_ERROR_BER_PARSING (CRYS_RSA_MODULE_ERROR_BASE+0x51UL) +#define CRYS_RSA_ENCODE_15_MSG_OUT_OF_RANGE (CRYS_RSA_MODULE_ERROR_BASE+0x52UL) +#define CRYS_RSA_ENCODE_15_PS_TOO_SHORT (CRYS_RSA_MODULE_ERROR_BASE+0x53UL) +#define CRYS_RSA_PKCS1_15_BLOCK_TYPE_NOT_SUPPORTED (CRYS_RSA_MODULE_ERROR_BASE+0x54UL) +#define CRYS_RSA_15_ERROR_IN_DECRYPTED_BLOCK_PARSING (CRYS_RSA_MODULE_ERROR_BASE+0x55UL) +#define CRYS_RSA_ERROR_IN_RANDOM_OPERATION_FOR_ENCODE (CRYS_RSA_MODULE_ERROR_BASE+0x56UL) +#define CRYS_RSA_ERROR_VER15_INCONSISTENT_VERIFY (CRYS_RSA_MODULE_ERROR_BASE+0x57UL) +#define CRYS_RSA_INVALID_MESSAGE_DATA_SIZE_IN_NO_HASH_CASE (CRYS_RSA_MODULE_ERROR_BASE+0x58UL) +#define CRYS_RSA_INVALID_MESSAGE_DATA_SIZE_IN_SSL_CASE (CRYS_RSA_MODULE_ERROR_BASE+0x59UL) +#define CRYS_RSA_PKCS15_VERIFY_BER_ENCODING_HASH_TYPE (CRYS_RSA_MODULE_ERROR_BASE+0x60UL) /*PKCS#1 Ver 1.5 verify hash input inconsistent with hash mode derived from signature*/ + +/**************************************************************************************** + * PKCS#1 VERSION 2.1 ERRORS + ****************************************************************************************/ +#define CRYS_RSA_PSS_ENCODING_MODULUS_HASH_SALT_LENGTHS_ERROR (CRYS_RSA_MODULE_ERROR_BASE+0x80UL) +#define CRYS_RSA_BASE_MGF_MASK_TOO_LONG (CRYS_RSA_MODULE_ERROR_BASE+0x81UL) +#define CRYS_RSA_ERROR_PSS_INCONSISTENT_VERIFY (CRYS_RSA_MODULE_ERROR_BASE+0x82UL) +#define CRYS_RSA_OAEP_VER21_MESSAGE_TOO_LONG (CRYS_RSA_MODULE_ERROR_BASE+0x83UL) +#define CRYS_RSA_ERROR_IN_DECRYPTED_BLOCK_PARSING (CRYS_RSA_MODULE_ERROR_BASE+0x84UL) +#define CRYS_RSA_OAEP_DECODE_ERROR (CRYS_RSA_MODULE_ERROR_BASE+0x85UL) +#define CRYS_RSA_15_ERROR_IN_DECRYPTED_DATA_SIZE (CRYS_RSA_MODULE_ERROR_BASE+0x86UL) +#define CRYS_RSA_15_ERROR_IN_DECRYPTED_DATA (CRYS_RSA_MODULE_ERROR_BASE+0x87UL) +#define CRYS_RSA_OAEP_L_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE+0x88UL) +#define CRYS_RSA_DECRYPT_INVALID_OUTPUT_SIZE (CRYS_RSA_MODULE_ERROR_BASE+0x89UL) +#define CRYS_RSA_DECRYPT_OUTPUT_SIZE_POINTER_ERROR (CRYS_RSA_MODULE_ERROR_BASE+0x8AUL) + +#define CRYS_RSA_HOST_MSG_GENERAL_RPC_A_ERROR (CRYS_RSA_MODULE_ERROR_BASE+0x90UL) +#define CRYS_RSA_HOST_MSG_GENERAL_RPC_B_ERROR (CRYS_RSA_MODULE_ERROR_BASE+0x91UL) +#define CRYS_RSA_HOST_MSG_GENERAL_RPC_C_ERROR (CRYS_RSA_MODULE_ERROR_BASE+0x92UL) + +#define CRYS_RSA_ILLEGAL_PARAMS_ACCORDING_TO_PRIV_ERROR (CRYS_RSA_MODULE_ERROR_BASE + 0x93UL) +#define CRYS_RSA_IS_NOT_SUPPORTED (CRYS_RSA_MODULE_ERROR_BASE+0xFFUL) + + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_extend.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_extend.h new file mode 100644 index 0000000..4e87913 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_extend.h @@ -0,0 +1,263 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef __CRYS_RSA_EXTEND_H__ +#define __CRYS_RSA_EXTEND_H__ + +#include "crys_rsa_types.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/* + * Object name : CRYS_RSA_EXTEND.h + */ + +/** @file + * \brief This module defines the API that supports PKCS#1 v2.1 primitive functions + * + * \version + * \author R.Levin + */ + + +/************************ Defines *************************************/ + +/************************ Public functions prototipes ******************************/ + +/*********************************************************************************************/ +/** +@brief +CRYS_RSA_PRIM_EncryptExactSize implements the RSAEP algorithm as defined in PKCS#1 v2.1 6.1.1 + + @param[in] UserPubKey_ptr - A pointer to the public key data structure + @param[in] PrimeData_ptr - A pointer to a structure containing internal temp buffers + @param[in] DataIn_ptr - A pointer to the plain data to encrypt + @param[in] DataInSize - The size, in bytes, of the data to encrypt. + \note This value must be <= the size of the modulus. + @param[out] Output_ptr - Pointer to the encrypted data. + The buffer must be at least PubKey_ptr->N.len bytes long + (that is, the size of the modulus, in bytes). + + @return CRYSError_t - CRYS_OK, + CRYS_RSA_INVALID_PUB_KEY_STRUCT_POINTER_ERROR, + CRYS_RSA_PUB_KEY_VALIDATION_TAG_ERROR, + CRYS_RSA_PRIM_DATA_STRUCT_POINTER_INVALID, + CRYS_RSA_DATA_POINTER_INVALID_ERROR, + CRYS_RSA_INVALID_OUTPUT_POINTER_ERROR, + CRYS_RSA_INVALID_MESSAGE_BUFFER_SIZE, + CRYS_RSA_INVALID_MESSAGE_DATA_SIZE, + CRYS_RSA_INVALID_MESSAGE_VAL + */ +#define CRYS_RSA_PRIM_EncryptExactSize( UserPubKey_ptr, PrimeData_ptr, \ + Data_ptr, DataInSize, Output_ptr ) \ + CRYS_RSA_PRIM_Encrypt( UserPubKey_ptr, PrimeData_ptr, \ + Data_ptr, DataInSize, Output_ptr ) + + + +/*********************************************************************************************/ +/** +@brief +CRYS_RSA_PRIM_DecryptExactSize - implements the RSADP algorithm as defined in PKCS#1 v2.1 6.1.2 + + @param[in] UserPrivKey_ptr - Pointer to the private key data structure. + \note The representation (pair or quintuple) + and hence the algorithm (CRT or not-CRT) + is determined by the Private Key data structure - + using CRYS_Build_PrivKey or CRYS_Build_PrivKeyCRT + determines which algorithm will be used. + @param[in] PrimeData_ptr - A pointer to a structure containing internal buffers + required for the RSA operation + @param[in] DataIn_ptr - A pointer to the data to be decrypted. Size of this data must be + equaled to key modulus size exactly. + @param[out] Output_ptr - A pointer to the decrypted data. + The buffer must be at least PrivKey_ptr->N.len bytes long + (that is, the size of the modulus, in bytes). + @param[in] DataOutSize - The expected size of output data, in bytes. + Must be not great than the size of the modulus. + + /Note: The differnce of this function from CRYS_RSA_PRIM_Decrypt is that the function + outputs the message of exact size, given by user. + + @return CRYSError_t - CRYS_OK, + CRYS_RSA_INVALID_PRIV_KEY_STRUCT_POINTER_ERROR, + CRYS_RSA_PRIM_DATA_STRUCT_POINTER_INVALID, + CRYS_RSA_PRIV_KEY_VALIDATION_TAG_ERROR, + CRYS_RSA_DATA_POINTER_INVALID_ERROR, + CRYS_RSA_INVALID_OUTPUT_POINTER_ERROR, + CRYS_RSA_INVALID_MESSAGE_DATA_SIZE, + CRYS_RSA_INVALID_MESSAGE_VAL + */ +CIMPORT_C CRYSError_t CRYS_RSA_PRIM_DecryptExactSize( + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAPrimeData_t *PrimeData_ptr, + DxUint8_t *DataIn_ptr, + DxUint8_t *Output_ptr, + DxUint16_t DataOutSize ); + + + + +/***************************************************************************************/ +/** + @brief The function calculates modular inverse of 32-bits numbers, if it exists. + + Algorithm: + *invMod_ptr = 1/aVal mod modVal + If inverse is not exists, the function set output value to 0. + + This API has two implementations: + 1. Implementation based on Binary Right Shift algorithm, which uses multiplication + and division operations. This is the default implementation. + 2. Implementation based on shifting Euclidean algorithm, which not uses + multiplication and division. For choosing this implementation the user must to + define the flag CRYS_RSA_INV_MOD_SHIFTING_EUCLID_ALG in the project definitions + (Make-file for SEP). + + @param[in] aVal - value to be inverted. + @param[in] modVal - modulus. + @param[out] invMod_ptr - pointer to the result buffer. + + @return CRYSError_t - CRYS_OK, + CRYS_RSA_INVALID_MODULUS_ERROR, + + */ +CIMPORT_C CRYSError_t CRYS_RSA_InvModWord( + DxUint32_t aVal, /*in*/ + DxUint32_t modVal, /*in*/ + DxUint32_t *invMod_ptr /*out*/ ); + + +/***********************************************************************************************/ +/** + @brief CRYS_RSA_KG_GeneratePQprimes generates two valid prime factors P,Q used in + RSA key generation. + + @param[in] pubExp_ptr - The pointer to the public exponent (little endian bytes array). + Allowed values: Exp = 0x3, 0x11, 0x010001. + @param[in] pubExpSizeInBytes - The public exponent size in bytes (allowed sizes 1,3). + @param[in] primeSizeInBits - The size of the prime factor in bits equalled to keySizeInBits/2). + Supported sizes of the prime factors are all 128 bit multiples + between 256 - 1024; + @param[in] testsCount - count of Rabin-Miller tests needed for accepting the prime candidate as + valid prime number. + @param[out] p_ptr - A pointer to the first prime factor in words (LSWord is the left most). + @param[out] q_ptr - A pointer to the second prime factor in words (LSWord is the left most). + @param[in] keyGenData_ptr - A pointer to a temp buffer structure required for the + KeyGen operation. The buffer not needs initialization. + + @return CRYSError_t - CRYS_OK, + CRYS_RSA_INVALID_EXPONENT_POINTER_ERROR + CRYS_RSA_INVALID_EXPONENT_SIZE, + CRYS_RSA_INVALID_EXPONENT_VAL, + CRYS_RSA_INVALID_PTR_ERROR, + CRYS_RSA_KEY_GEN_DATA_STRUCT_POINTER_INVALID, + CRYS_RSA_INVALID_MODULUS_SIZE, +*/ +CIMPORT_C CRYSError_t CRYS_RSA_KG_GeneratePQprimes( + DxUint8_t *pubExp_ptr, + DxUint16_t pubExpSizeInBytes, /* in: size of public exponent */ + DxUint32_t primeSizeInBits, /* in: size of prime in bits= keySizeInBits/2 (according to CRYS limitations on key size) */ + DxUint32_t testsCount, /* count of Rabin-Miller tests needed for accepting the number as prime */ + DxUint32_t *p_ptr, + DxUint32_t *q_ptr, + CRYS_RSAKGData_t *keyGenData_ptr ); + + +/***********************************************************************************************/ +/** + @brief CRYS_RSA_KG_ClculateKeyPairFromPQ calculates a Pair of public and private keys + on NonCRT or CRT modes. + + The function receives P,Q prime factors and calculates all parameters + of private and public keys if appropriate pointer is not NULL. + If compilation flag CRYS_NO_SELF_TEST_SUPPORT is not defined, then the function + performs RSA_Encrypt and RSA_Decrypt operations on predefined data and compares + the output with expected results. + + @param[in] pubExp_ptr - The pointer to the public exponent (little endian bytes array). + Allowed values: Exp = 0x3, 0x11, 0x010001. + @param[in] pubExpSizeInBytes - The public exponent size in bytes (allowed sizes 1,3). + @param[in] p_ptr - A pointer to the valid first prime factor in words (LSWord is the left most). + @param[in] q_ptr - A pointer to the valid second prime factor in words (LSWord is the left most). + @param[in] primeSizeInBits - The size of the prime factor in bits equalled to keySizeInBits/2). + Supported sizes of the prime factors are all 128 bit multiples + between 256 - 1024; + @param[out] UserPrivKey_ptr - A pointer to the private key structure (if UserPrivKey_ptr == NULL, + then private key is not calculated). + This structure is used as input to the CRYS_RSA_PRIM_Decrypt API. + @param[out] UserPubKey_ptr - A pointer to the public key structure (if UserPubKey_ptr == NULL, + then public key is not calculated). + This structure is used as input to the CRYS_RSA_PRIM_Encrypt API. + @param[in] KeyGenData_ptr - a pointer to a structure required for the KeyGen operation. + + @return CRYSError_t - CRYS_OK, + CRYS_RSA_INVALID_EXPONENT_POINTER_ERROR, + CRYS_RSA_INVALID_PTR_ERROR, + CRYS_RSA_INVALID_DECRYPRION_MODE_ERROR, + CRYS_RSA_INVALID_PRIV_KEY_STRUCT_POINTER_ERROR, + CRYS_RSA_INVALID_PUB_KEY_STRUCT_POINTER_ERROR, + CRYS_RSA_KEY_GEN_DATA_STRUCT_POINTER_INVALID, + CRYS_RSA_INVALID_MODULUS_SIZE, + CRYS_RSA_INVALID_EXPONENT_SIZE, + CRYS_RSA_KEY_GEN_CONDITIONAL_TEST_FAIL_ERROR +*/ +CIMPORT_C CRYSError_t CRYS_RSA_KG_CalculateKeyPairFromPQ( + DxUint8_t *pubExp_ptr, + DxUint16_t pubExpSizeInBytes, /* in: size of public exponent */ + DxUint32_t *p_ptr, /* in: first prime little endian words array */ + DxUint32_t *q_ptr, /* in: second prime little endian words array */ + DxUint16_t primeSizeInBits, /* in: size of prime factors p, q in bits */ + CRYS_RSA_DecryptionMode_t privKeyMode, /* in: mode of RSA key: 10 non CRT, 11 CRT */ + CRYS_RSAUserPrivKey_t *userPrivKey_ptr, /* out: user private key structure*/ + CRYS_RSAUserPubKey_t *userPubKey_ptr, /* out: user public key structure */ + CRYS_RSAKGData_t *keyGenData_ptr ); /* temp buffer not need initialization */ + + + +/***********************************************************************************************/ +/** + @brief CRYS_RSA_KG_ExtendGenerateKeyPair generates a Pair of public and private keys on non CRT mode. + + @param[in] pubExp_ptr - The pointer to the public exponent (public key) + Allowed values: Exp = 0x3, 0x11, 0x010001. + @param[in] pubExpSizeInBytes - The public exponent size in bytes (allowed sizes 1,3). + @param[in] keySizeBits - The size of the key modulus, in bits. Supported sizes are: + 256 bit multiples between 512 - 2048. + + @param[in] privKeyMode - flag of private key mode: CRYS_RSA_NoCrt = 10 or CRYS_RSA_Crt = 11. + @param[out] userPrivKey_ptr - A pointer to the private key structure. + This structure is used as input to the CRYS_RSA_PRIM_Decrypt API. + @param[out] userPubKey_ptr - A pointer to the public key structure. + This structure is used as input to the CRYS_RSA_PRIM_Encrypt API. + @param[in] keyGenData_ptr - a pointer to a structure required for the KeyGen operation. + + @return CRYSError_t - CRYS_OK, + CRYS_RSA_INVALID_EXPONENT_POINTER_ERROR, + CRYS_RSA_INVALID_PRIV_KEY_STRUCT_POINTER_ERROR, + CRYS_RSA_INVALID_PUB_KEY_STRUCT_POINTER_ERROR, + CRYS_RSA_KEY_GEN_DATA_STRUCT_POINTER_INVALID, + CRYS_RSA_INVALID_MODULUS_SIZE, + CRYS_RSA_INVALID_EXPONENT_SIZE +*/ +CIMPORT_C CRYSError_t DX_RSA_KG_ExtendGenerateKeyPair( + DxUint8_t *pubExp_ptr, + DxUint16_t pubExpSizeInBytes, + DxUint32_t keySizeBits, + CRYS_RSA_DecryptionMode_t privKeyMode, + CRYS_RSAUserPrivKey_t *userPrivKey_ptr, + CRYS_RSAUserPubKey_t *userPubKey_ptr, + CRYS_RSAKGData_t *keyGenData_ptr ); + + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_kg.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_kg.h new file mode 100644 index 0000000..a5e6d03 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_kg.h @@ -0,0 +1,112 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_RSA_KG_H +#define CRYS_RSA_KG_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ + +#include "crys_rsa_types.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object %name : % + * State : %state% + * Creation date : Sun Mar 06 15:55:45 2005 + * Last modified : %modify_time% + */ + /** @file + * \brief This module defines the API for key-pair generation functions + * + * \version CRYS_RSA_KG.h#1:incl:1 + * \author adams + */ + + +/***********************************************************************************************/ + +/** + @brief CRYS_RSA_KG_GenerateKeyPair generates a Pair of public and private keys on non CRT mode. + + @param[in] pubExp_ptr - The pointer to the public exponent (public key) + @param[in] pubExpSizeInBytes - The public exponent size in bytes. + @param[in] keySize - The size of the key, in bits. Supported sizes are: + - for PKI without PKA HW: all 256 bit multiples between 512 - 2048; + - for PKI with PKA: HW all 32 bit multiples between 512 - 2112; + @param[out] userPrivKey_ptr - A pointer to the private key structure. + This structure is used as input to the CRYS_RSA_PRIM_Decrypt API. + @param[out] userPubKey_ptr - A pointer to the public key structure. + This structure is used as input to the CRYS_RSA_PRIM_Encrypt API. + @param[in] keyGenData_ptr - a pointer to a structure required for the KeyGen operation. + + @return CRYSError_t - CRYS_OK, + CRYS_RSA_INVALID_EXPONENT_POINTER_ERROR, + CRYS_RSA_INVALID_PRIV_KEY_STRUCT_POINTER_ERROR, + CRYS_RSA_INVALID_PUB_KEY_STRUCT_POINTER_ERROR, + CRYS_RSA_KEY_GEN_DATA_STRUCT_POINTER_INVALID, + CRYS_RSA_INVALID_MODULUS_SIZE, + CRYS_RSA_INVALID_EXPONENT_SIZE +*/ +CIMPORT_C CRYSError_t CRYS_RSA_KG_GenerateKeyPair( + DxUint8_t *pubExp_ptr, + DxUint16_t pubExpSizeInBytes, + DxUint32_t keySize, + CRYS_RSAUserPrivKey_t *userPrivKey_ptr, + CRYS_RSAUserPubKey_t *userPubKey_ptr, + CRYS_RSAKGData_t *keyGenData_ptr ); + + +/***********************************************************************************************/ +/** + @brief CRYS_RSA_KG_GenerateKeyPairCRT generates a Pair of public and private keys on CRT mode. + + @param[in] pubExp_ptr - The pointer to the public exponent (public key) + @param[in] pubExpSizeInBytes - The public exponent size in bits. + @param[in] keySize - The size of the key, in bits. Supported sizes are: + - for PKI without PKA HW: all 256 bit multiples between 512 - 2048; + - for PKI with PKA: HW all 32 bit multiples between 512 - 2112; + @param[out] userPrivKey_ptr - A pointer to the private key structure. + This structure is used as input to the CRYS_RSA_PRIM_Decrypt API. + @param[out] userPubKey_ptr - A pointer to the public key structure. + This structure is used as input to the CRYS_RSA_PRIM_Encryped API. + @param[in] keyGenData_ptr - a pointer to a structure required for the KeyGen operation. + + @return CRYSError_t - CRYS_OK, + CRYS_RSA_INVALID_EXPONENT_POINTER_ERROR, + CRYS_RSA_INVALID_PRIV_KEY_STRUCT_POINTER_ERROR, + CRYS_RSA_INVALID_PUB_KEY_STRUCT_POINTER_ERROR, + CRYS_RSA_KEY_GEN_DATA_STRUCT_POINTER_INVALID, + CRYS_RSA_INVALID_MODULUS_SIZE, + CRYS_RSA_INVALID_EXPONENT_SIZE +*/ + +CIMPORT_C CRYSError_t CRYS_RSA_KG_GenerateKeyPairCRT( + DxUint8_t *pubExp_ptr, + DxUint16_t pubExpSizeInBytes, + DxUint32_t keySize, + CRYS_RSAUserPrivKey_t *userPrivKey_ptr, + CRYS_RSAUserPubKey_t *userPubKey_ptr, + CRYS_RSAKGData_t *keyGenData_ptr ); + + + + + + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_prim.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_prim.h new file mode 100644 index 0000000..9f3ab89 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_prim.h @@ -0,0 +1,126 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_RSA_PRIM_H +#define CRYS_RSA_PRIM_H + +#include "crys_rsa_types.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/* + * Object name : CRYS_RSA_PRIM.h + */ + +/** @file + * \brief This module defines the API that supports PKCS#1 v2.1 primitive functions + * + * \version + * \author ronys + */ + + +/************************ Defines ******************************/ + +/** +@brief - A definition describing the low level Engine type (software, hardware, etc.) +*/ + +#define CRYS_RSA_PRIM_PKI_ENGINE_TYPE LLF_PKI_ENGINE_TYPE + +/** +@brief +CRYS_RSA_PRIM_Encrypt implements the RSAEP algorithm as defined in PKCS#1 v2.1 6.1.1 + + @param[in] UserPubKey_ptr - A pointer to the public key data structure + @param[in] PrimeData_ptr - A pointer to a structure containing internal buffers + @param[in] Data_ptr - A pointer to the data to encrypt + @param[in] DataSize - The size, in bytes, of the data to encrypt. + \note This value must be <= the size of the modulus. + @param[out] Output_ptr - Pointer to the encrypted data. + The buffer must be at least PubKey_ptr->N.len bytes long + (that is, the size of the modulus, in bytes). + + @return CRYSError_t - CRYS_OK, + CRYS_RSA_INVALID_PUB_KEY_STRUCT_POINTER_ERROR, + CRYS_RSA_PUB_KEY_VALIDATION_TAG_ERROR, + CRYS_RSA_PRIM_DATA_STRUCT_POINTER_INVALID, + CRYS_RSA_DATA_POINTER_INVALID_ERROR, + CRYS_RSA_INVALID_OUTPUT_POINTER_ERROR, + CRYS_RSA_INVALID_MESSAGE_BUFFER_SIZE, + CRYS_RSA_INVALID_MESSAGE_DATA_SIZE, + CRYS_RSA_INVALID_MESSAGE_VAL + */ + +CIMPORT_C CRYSError_t CRYS_RSA_PRIM_Encrypt(CRYS_RSAUserPubKey_t *UserPubKey_ptr, + CRYS_RSAPrimeData_t *PrimeData_ptr, + DxUint8_t *Data_ptr, + DxUint16_t DataSize, + DxUint8_t *Output_ptr); + + +/** +@brief +CRYS_RSA_PRIM_Decrypt implements the RSADP algorithm as defined in PKCS#1 v2.1 6.1.2 + + @param[in] UserPrivKey_ptr - Pointer to the private key data structure. + \note The representation (pair or quintuple) + and hence the algorithm (CRT or not-CRT) + is determined by the Private Key data structure - + using CRYS_Build_PrivKey or CRYS_Build_PrivKeyCRT + determines which algorithm will be used. + + @param[in] PrimeData_ptr - A pointer to a structure containing internal buffers + required for the RSA operation + @param[in] Data_ptr - A pointer to the data to be decrypted + @param[in] DataSize - The size, in bytes, of the data to decrypt. + \note Must be <= the size of the modulus. + + @param[out] Output_ptr - A pointer to the decrypted data. + The buffer must be at least PrivKey_ptr->N.len bytes long + (that is, the size of the modulus, in bytes). + + @return CRYSError_t - CRYS_OK, + CRYS_RSA_INVALID_PRIV_KEY_STRUCT_POINTER_ERROR, + CRYS_RSA_PRIM_DATA_STRUCT_POINTER_INVALID, + CRYS_RSA_PRIV_KEY_VALIDATION_TAG_ERROR, + CRYS_RSA_DATA_POINTER_INVALID_ERROR, + CRYS_RSA_INVALID_OUTPUT_POINTER_ERROR, + CRYS_RSA_INVALID_MESSAGE_DATA_SIZE, + CRYS_RSA_INVALID_MESSAGE_VAL + */ + +CIMPORT_C CRYSError_t CRYS_RSA_PRIM_Decrypt(CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAPrimeData_t *PrimeData_ptr, + DxUint8_t *Data_ptr, + DxUint16_t DataSize, + DxUint8_t *Output_ptr); + + +/** + \brief CRYS_RSA_PRIM_Sign implements the RSASP1 algorithm as defined in PKCS#1 v2.1 6.2.1 + + \def CRYS_RSA_PRIM_Sign The signature primitive is identical to the decryption algorithm + +*/ +#define CRYS_RSA_PRIM_Sign CRYS_RSA_PRIM_Decrypt + +/** + \brief CRYS_RSA_PRIM_Verify implements the RSAVP1 algorithm as defined in PKCS#1 v2.1 6.2.2 + + \def CRYS_RSA_PRIM_Verify The verification primitive is identical to the encryption algorithm + +*/ +#define CRYS_RSA_PRIM_Verify CRYS_RSA_PRIM_Encrypt + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_schemes.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_schemes.h new file mode 100644 index 0000000..41334d5 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_schemes.h @@ -0,0 +1,1007 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_RSA_SCHEMES_H +#define CRYS_RSA_SCHEMES_H + + +#include "crys_error.h" +#include "crys_defs.h" +#include "crys_rsa_types.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/* + * Object name : CRYS_RSA_SCHEMES.h + */ + +/** @file + * \brief This module defines the API that supports PKCS#1 v1.5 and PKCS#1 v2.1 schemes + * + * \version + * \author ronys ohads + */ + +/**********************************************************************************************************/ +/** + @brief + RSA_SCHEMES_Encrypt implements the RSAES-OAEP algorithm as defined + in PKCS#1 v2.1 8.1 and in PKCS#1 v1.5 8.1 + + This function combines the RSA encryption primitive and the + EME-OAEP encoding method, to provide an RSA-based encryption + method that is semantically secure against adaptive + chosen-ciphertext attacks. For more details, please refere to + the PKCS#1 standard. + The actual macro that will be used by the user is: + CRYS_RSA_OAEP_Encrypt - for v2.1 + CRYS_RSA_PKCS1v15_Encrypt - for v1.5 + + + + @param[in] UserPubKey_ptr - A pointer to the public key data structure of the User. + @param[in] PrimeData_ptr - A pointer to a CRYS_RSAPrimeData_t + that is used for the Encryption operation + @param[in] hashFunc - The hash function to be used. + The hash functions supported: SHA1, SHA-256/284/512, + MD5 (MD5 - allowed only for PKCS#1 v1.5). + @param[in] L - The label input pointer. Relevant for PKCS#1 Ver2.1 only, may be NULL also. + For PKCS#1 Ver1.5 it is an empty string (NULL). + @param[in] Llen - The label length. Relevant for PKCS#1 Ver2.1 only (see notes above). + @param[in] MGF - the mask generation function. PKCS#1 v2.1 + defines MGF1, so the currently allowed value is CRYS_PKCS1_MGF1. + @param[in] Data_ptr - Pointer to the data to encrypt. + @param[in] DataSize - The size, in bytes, of the data to encrypt. + \Note: The data size must be: + 1. for PKCS #1 v.2.1 DataSize <= PrivKey_ptr->N.len - 2*HashLen - 2. + 2. for PKCS #1 v.1.5 DataSize <= PrivKey_ptr->N.len - 11. + @param[out] Output_ptr - Pointer to the encrypted data, the buffer must be at least + of the modulus size, in bytes. + + @return CRYSError_t - CRYS_OK, CRYS_BAD_PARAM, CRYS_OUT_OF_RANGE +*/ + +CIMPORT_C CRYSError_t _DX_RSA_SCHEMES_Encrypt(CRYS_RSAUserPubKey_t *UserPubKey_ptr, + CRYS_RSAPrimeData_t *PrimeData_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + DxUint8_t *L, + DxUint16_t Llen, + CRYS_PKCS1_MGF_t MGF, + DxUint8_t *DataIn_ptr, + DxUint16_t DataInSize, + DxUint8_t *Output_ptr, + CRYS_PKCS1_version PKCS1_ver); + + +/** + @brief + CRYS_RSA_OAEP_PSS21_Encrypt implements the RSAES-OAEP algorithm + as defined in PKCS#1 v2.1 8.1 + + \note It is not recommended to use hash MD5 in OAEP PKCS1 ver 2.1, therfore + it is not supported and the hash function argument has been eliminated + + This function combines the RSA encryption primitive and the + EME-OAEP encoding method, to provide an RSA-based encryption + method that is semantically secure against adaptive + chosen-ciphertext attacks. For additional details, please refer to + the PKCS#1 standard. + \note The \em L input is defined by the standard as the empty + string, therefore the caller need not provide it. + +*/ + +#define CRYS_RSA_OAEP_Encrypt(UserPubKey_ptr,PrimeData_ptr,HashMode,L,Llen,MGF,Data_ptr,DataSize,Output_ptr)\ + _DX_RSA_SCHEMES_Encrypt(UserPubKey_ptr,PrimeData_ptr,HashMode/*CRYS_RSA_HASH_SHA1_mode*/,L,Llen,MGF,Data_ptr,DataSize,Output_ptr,CRYS_PKCS1_VER21) + + +/** + @brief + CRYS_RSA_PKCS1v15_Encrypt implements the RSAES-PKCS1v15 algorithm + as defined in PKCS#1 v2.1 8.2 +*/ + +#define CRYS_RSA_PKCS1v15_Encrypt(UserPubKey_ptr,PrimeData_ptr,DataIn_ptr,DataInSize,Output_ptr)\ + _DX_RSA_SCHEMES_Encrypt(UserPubKey_ptr,PrimeData_ptr,CRYS_RSA_HASH_NO_HASH_mode,DX_NULL,0,CRYS_PKCS1_NO_MGF,DataIn_ptr,DataInSize,Output_ptr,CRYS_PKCS1_VER15) + + +/**********************************************************************************************************/ +/** + @brief + RSA_SCHEMES_Decrypt implements the RSAES-OAEP algorithm as defined + in PKCS#1 v2.1 8.1 and in PKCS#1 v1.5 + + This function combines the RSA decryption primitive and the + EME-OAEP decoding method, to provide an RSA-based decryption + method that is semantically secure against adaptive + chosen-ciphertext attacks. For more details, please refer to + the PKCS#1 standard. + + @param[in] UserPrivKey_ptr - Pointer to the private key data structure. + \Note: The representation (pair or quintuple) + and hence the algorithm (CRT or not) is determined + by the Private Key data structure. Using CRYS_Build_PrivKey + or CRYS_Build_PrivKeyCRT determines which algorithm will be used. + + @param[in] PrimeData_ptr - Pointer to a CRYS_RSAPrimeData_t which is used for the + Encryption operation + + @param[in] hashFunc - The hash function to be used. + The hash functions supported: SHA1, SHA-256/284/512, + MD5 (MD5 - allowed only for PKCS#1 v1.5). + + @param[in] L - The label input pointer. Relevant for PKCS#1 Ver2.1 only, may be NULL also. + For PKCS#1 Ver1.5 it is an empty string (NULL). + @param[in] Llen - The label length. Relevant for PKCS#1 Ver2.1 only (see notes above). + @param[in] MGF - The mask generation function. PKCS#1 v2.1 defines MGF1, + so the only value allowed here is CRYS_PKCS1_MGF1. + @param[in] Data_ptr - Pointer to the data to decrypt. + @param[in] DataSize - The size, in bytes, of the data to decrypt. + \Note: The size must be = the size of the modulus. + + @param[out] Output_ptr - Pointer to the decrypted data, the size of the buffer in bytes + must be not less than the actual size of Encrypted message, if it is known, + else the output buffer size must be : + 1. for PKCS #1 v.2.1 *OutputSize_ptr >= PrivKey_ptr->N.len - 2*HashLen - 2. + 2. for PKCS #1 v.1.5 *OutputSize_ptr >= PrivKey_ptr->N.len - 11. + + @param[in/out] OutputSize_ptr - The size of the user passed Output_ptr buffer in bytes [in] and + actual size of decrypted message [out]. + The minimal input size value of *OutputSize_ptr is described above. + This value is updated with the actual number of bytes that + are loaded to Output_ptr buffer byDecrypt function. + + @return CRYSError_t - CRYS_OK or appropriate Error message defined in the RSA module. +*/ +CIMPORT_C CRYSError_t _DX_RSA_SCHEMES_Decrypt( + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSAPrimeData_t *PrimeData_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + DxUint8_t *L, + DxUint16_t Llen, + CRYS_PKCS1_MGF_t MGF, + DxUint8_t *DataIn_ptr, + DxUint16_t DataInSize, + DxUint8_t *Output_ptr, + DxUint16_t *OutputSize_ptr, + CRYS_PKCS1_version PKCS1_ver); + +/**********************************************************************************************************/ +/** + @brief + CRYS_RSA_OAEP_Decrypt implements the RSAES-OAEP algorithm + as defined in PKCS#1 v2.1 8.1 + + Note: It is not recommended to use hash MD5 in OAEP PKCS1 ver 2.1, therefore + it is not supported and the hash function argument is eliminated + + This function combines the RSA decryption primitive and the + EME-OAEP encoding method, to provide an RSA-based decryption + method that is semantically secure against adaptive + chosen-ciphertext attacks. For more details, please refer to + the PKCS#1 standard. + \note The \em L input is defined by the standard as the empty + string, therefore the caller need not provide it. + +*/ +#define CRYS_RSA_OAEP_Decrypt(UserPrivKey_ptr,PrimeData_ptr,HashMode,L,Llen,MGF,Data_ptr,DataSize,Output_ptr,OutputSize_ptr)\ + _DX_RSA_SCHEMES_Decrypt(UserPrivKey_ptr,PrimeData_ptr,HashMode/*CRYS_RSA_HASH_SHA1_mode*/,L,Llen,MGF,Data_ptr,DataSize,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) + + +/** + @brief + CRYS_RSA_PKCS1v15_Decrypt implements the RSAES-PKCS1v15 algorithm as defined + in PKCS#1 v2.1 8.2 +*/ +#define CRYS_RSA_PKCS1v15_Decrypt(UserPrivKey_ptr,PrimeData_ptr,DataIn_ptr,DataInSize,Output_ptr,OutputSize_ptr)\ + _DX_RSA_SCHEMES_Decrypt(UserPrivKey_ptr,PrimeData_ptr,CRYS_RSA_HASH_NO_HASH_mode,DX_NULL,0,CRYS_PKCS1_NO_MGF,DataIn_ptr,DataInSize,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER15) + + +/**********************************************************************************************************/ +/** + \brief RSA_SignInit initializes the Signing + multi-call algorithm as defined in PKCS#1 v1.5 and 2.1 + + The actual macro that will be used by the user is: + CRYS_RSA_PSS_SignInit - for v2.1 + CRYS_RSA_PKCS1v15_SignInit - for v1.5 + + This function does not do cryptographic processing. Rather, it + prepares a context that is used by the Update + and Finish functions. + + @param[in,out] UserContext_ptr - A pointer to a Context. The value + returned here must be passed to + the Update and Finish functions. + @param[in] UserPrivKey_ptr - A pointer to the private key data + structure. \note The representation + (pair or quintuple) and hence the + algorithm (CRT or not) is determined + by the Private Key data + structure -using CRYS_Build_PrivKey + or CRYS_Build_PrivKeyCRT determines + which algorithm will be used. + @param[in] hashFunc - The hash function to be used. Currently + only CRYS_PKCS1_SHA1 is supported. The + other hash functions recommended by PKCS#1 + v2.1 are SHA-256/284/512. + @param[in] MGF - The mask generation function. PKCS#1 v2.1 + defines MGF1, so the only value allowed here is CRYS_PKCS1_MGF1. + @param[in] SaltLen - The Length of the Salt buffer. relevant for PKCS#1 Ver 2.1 Only + Typical lengths are 0 and hLen (20 for SHA1) + The maximum length allowed is NSize - hLen - 2 + @param[in] PKCS1_ver - Ver 1.5 or 2.1, according to the functionality required + + @return CRYSError_t - CRYS_OK, CRYS_BAD_PARAM +*/ + + +CIMPORT_C CRYSError_t _DX_RSA_SignInit(CRYS_RSAPrivUserContext_t *UserContext_ptr, + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + CRYS_PKCS1_MGF_t MGF, + DxUint16_t SaltLen, + CRYS_PKCS1_version PKCS1_ver); + + +/** + \brief CRYS_RSA_PSS_SignInit initializes the RSASSA-PSS + multi-call version. +*/ +#define CRYS_RSA_PSS_SignInit(UserContext_ptr,UserPrivKey_ptr,hashFunc,MGF,SaltLen)\ + _DX_RSA_SignInit(UserContext_ptr,UserPrivKey_ptr,hashFunc,MGF,SaltLen,CRYS_PKCS1_VER21) + + +/** + \brief CRYS_RSA_PKCS1v15_SignInit initializes the PKCS#1 v1.5 + multi-call version. +*/ +#define CRYS_RSA_PKCS1v15_SignInit(UserContext_ptr,UserPrivKey_ptr,hashFunc)\ + _DX_RSA_SignInit(UserContext_ptr,UserPrivKey_ptr,hashFunc,CRYS_PKCS1_NO_MGF,0,CRYS_PKCS1_VER15) + + +/**********************************************************************************************************/ +/** + \brief CRYS_RSA_PSS_SignUpdate processes the data to be signed + in a given context. + + \note RSA_PSS_SignUpdate can be called multiple times + with data + + The actual macro that will be used by the users is (one of): + CRYS_RSA_PSS_SignUpdate + CRYS_RSA_PKCS1v15_SignUpdate + + \note CRYS_RSA_PSS_SignUpdate can be called multiple times + with data + + @param[in] UserContext_ptr - A pointer to a valid context, + as returned by CRYS_RSA_PSS_SignInit. + @param[in] DataIn_ptr - A pointer to the data to sign. + @param[in] DataInSize - The size, in bytes, of the data to sign. + + @return CRYSError_t - CRYS_OK, CRYS_BAD_PARAM +*/ + +CIMPORT_C CRYSError_t _DX_RSA_SignUpdate(CRYS_RSAPrivUserContext_t *UserContext_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize); + + +/** + \brief CRYS_RSA_PSS_SignUpdate processes the data to be signed + in a given context, according to PKCS1 v2.1 +*/ +#define CRYS_RSA_PSS_SignUpdate(UserContext_ptr,Data_ptr,DataSize)\ + _DX_RSA_SignUpdate(UserContext_ptr,Data_ptr,DataSize) + + +/** + \brief CRYS_RSA_PKCS1v15_SignUpdate processes the data to be signed + in a given context, according to PKCS1 v1.5 +*/ +#define CRYS_RSA_PKCS1v15_SignUpdate(UserContext_ptr,Data_ptr,DataSize)\ + _DX_RSA_SignUpdate(UserContext_ptr,Data_ptr,DataSize) + + +/**********************************************************************************************************/ +/** + \brief _DX_RSA_SignFinish calculates the signature on the + data passed to one or more calls to CRYS_RSA_PSS_SignUpdate, + and releases the context. + + The actual macro that will be used by the user is: + CRYS_RSA_PSS_SignFinish - for v2.1 + CRYS_RSA_PKCS1v15_SignFinish - for v1.5 + + @param[in,out] UserContext_ptr - A pointer to the Context + initialized by the SignInit function + and used by the SignUpdate function + @param[out] Output_ptr - A pointer to the signature. + The buffer must be at least PrivKey_ptr->N.len bytes long + (that is, the size of the modulus, in bytes). + @param[in,out] OutputSize_ptr - A pointer to the Signature Size value - the input value + is the signature buffer size allocated, the output value is + the signature size used. + The buffer must be at least PrivKey_ptr->N.len bytes long + (that is, the size of the modulus, in bytes). + + @return CRYSError_t - CRYS_OK, + CRYS_RSA_INVALID_USER_CONTEXT_POINTER_ERROR, + CRYS_RSA_USER_CONTEXT_VALIDATION_TAG_ERROR, + CRYS_RSA_INVALID_OUTPUT_POINTER_ERROR, + CRYS_RSA_INVALID_SIGNATURE_BUFFER_SIZE, + CRYS_RSA_HASH_ILLEGAL_OPERATION_MODE_ERROR, + CRYS_RSA_PKCS1_VER_ARG_ERROR +*/ + +CIMPORT_C CRYSError_t _DX_RSA_SignFinish(CRYS_RSAPrivUserContext_t *UserContext_ptr, + DxUint8_t *Output_ptr, + DxUint16_t *OutputSize_ptr); + +/** + \brief CRYS_RSA_PSS_SignFinish calculates the signature on the + data passed to one or more calls to CRYS_RSA_PSS_SignUpdate, + and releases the context. +*/ +#define CRYS_RSA_PSS_SignFinish(UserContext_ptr,Output_ptr,OutputSize_ptr)\ + _DX_RSA_SignFinish((UserContext_ptr),(Output_ptr),(OutputSize_ptr)) + + +/** + \brief CRYS_RSA_PKCS1v15_SignFinish calculates the signature on the + data passed to one or more calls to CRYS_RSA_PKCS1v15_SignUpdate, + and releases the context. +*/ +#define CRYS_RSA_PKCS1v15_SignFinish(UserContext_ptr,Output_ptr,OutputSize_ptr)\ + _DX_RSA_SignFinish((UserContext_ptr),(Output_ptr),(OutputSize_ptr)) + + +/**********************************************************************************************************/ +/** + @brief + RSA_Sign implements the Signing algorithm as defined + in PKCS#1 v1.5 or v2.1, using a single function + + The actual macros that will be used by the user are: + CRYS_RSA_PKCS1v15_Sign - for v1.5 + CRYS_RSA_PKCS1v15_SHA1_Sign - for v1.5 data is hashed with SHA1 + CRYS_RSA_PKCS1v15_MD5_Sign - for v1.5 data is hashed with MD5 + CRYS_RSA_PSS_Sign - for v2.1 + CRYS_RSA_PSS_SHA1_Sign - for v2.1 data is hashed with SHA1 + - for v2.1 MD5 is not supported, since + according to the PKCS#1 ver2.1 it is not recommended + + @param[in] UserContext_ptr - A pointer to a Context. For the use of the + function as a space to work on. + @param[in] UserPrivKey_ptr - A pointer to the private key data + structure of the user. \note The representation + (pair or quintuple) and hence the + algorithm (CRT or not) is determined + by the Private Key data + structure - using CRYS_Build_PrivKey + or CRYS_Build_PrivKeyCRT determines + which algorithm will be used. + @param[in] hashFunc - The hash function to be used. Currently + only CRYS_PKCS1_SHA1 and CRYS_PKCS1_MD5 + are supported. + @param[in] MGF - The mask generation function. Only for PKCS#1 v2.1 + defines MGF1, so the only value allowed for v2.1 + is CRYS_PKCS1_MGF1. + @param[in] SaltLen - The Length of the Salt buffer. relevant for PKCS#1 Ver 2.1 Only + Typical lengths are 0 and hLen (20 for SHA1) + The maximum length allowed is NSize - hLen - 2 + @param[in] DataIn_ptr - A pointer to the data to sign. + @param[in] DataInSize - The size, in bytes, of the data to sign. + @param[out] Output_ptr - A pointer to the signature. + The buffer must be at least PrivKey_ptr->N.len bytes long + (that is, the size of the modulus in bytes). + @param[in,out] OutputSize_ptr - A pointer to the Signature Size value - the input value + is the signature buffer size allocated, the output value is + the signature size actually used. + The buffer must be at least PrivKey_ptr->N.len bytes long + (that is, the size of the modulus in bytes). + @param[in] PKCS1_ver - Ver 1.5 or 2.1, according to the functionality required + + @return CRYSError_t - CRYS_OK, + CRYS_RSA_INVALID_USER_CONTEXT_POINTER_ERROR, + CRYS_RSA_INVALID_PRIV_KEY_STRUCT_POINTER_ERROR, + CRYS_RSA_PRIV_KEY_VALIDATION_TAG_ERROR, + CRYS_RSA_HASH_ILLEGAL_OPERATION_MODE_ERROR, + CRYS_RSA_MGF_ILLEGAL_ARG_ERROR, + CRYS_RSA_PKCS1_VER_ARG_ERROR, + CRYS_RSA_INVALID_MESSAGE_DATA_SIZE, + CRYS_RSA_INVALID_OUTPUT_POINTER_ERROR, + CRYS_RSA_INVALID_SIGNATURE_BUFFER_SIZE +*/ + +CIMPORT_C CRYSError_t _DX_RSA_Sign(CRYS_RSAPrivUserContext_t *UserContext_ptr, + CRYS_RSAUserPrivKey_t *UserPrivKey_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + CRYS_PKCS1_MGF_t MGF, + DxUint16_t SaltLen, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *Output_ptr, + DxUint16_t *OutputSize_ptr, + CRYS_PKCS1_version PKCS1_ver); + + +/** + @brief + CRYS_RSA_PKCS1v15_Sign implements the RSASSA-PKCS1v15 algorithm + as defined in PKCS#1 v1.5 + + This function combines the RSASP1 signature primitive and the + EMSA-PKCS1v15 encoding method, to provide an RSA-based signature scheme. + For more details, please refer to the PKCS#1 standard. + +*/ + +#define CRYS_RSA_PKCS1v15_Sign(UserContext_ptr,UserPrivKey_ptr,hashFunc,DataIn_ptr,DataInSize,Output_ptr,OutputSize_ptr)\ + _DX_RSA_Sign((UserContext_ptr),(UserPrivKey_ptr),(hashFunc),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),(DataInSize),(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) + + +/** + @brief + CRYS_RSA_PKCS1v15_SHA1_Sign implements the RSASSA-PKCS1v15 algorithm + as defined in PKCS#1 v1.5, but without performing a HASH function - + it assumes that the data in has already been hashed using SHA-1 + + Note: The data_in size is already known after the Hash + +*/ +#define CRYS_RSA_PKCS1v15_SHA1_Sign(UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + _DX_RSA_Sign((UserContext_ptr),(UserPrivKey_ptr),(CRYS_RSA_After_SHA1_mode),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) + +/** + @brief + CRYS_RSA_PKCS1v15_MD5_Sign implements the RSASSA-PKCS1v15 algorithm + as defined in PKCS#1 v1.5, but without performing a HASH function - + it assumes that the data in has already been hashed using MD5 + + Note: The data_in size is already known after the Hash +*/ + +#define CRYS_RSA_PKCS1v15_MD5_Sign(UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + _DX_RSA_Sign((UserContext_ptr),(UserPrivKey_ptr),CRYS_RSA_After_MD5_mode,CRYS_PKCS1_NO_MGF,0,(DataIn_ptr),CRYS_HASH_MD5_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) + + +/** + @brief + CRYS_RSA_PKCS1v15_SHA224_Sign implements the RSASSA-PKCS1v15 algorithm + as defined in PKCS#1 v1.5, but without performing a HASH function - + it assumes that the data in has already been hashed using SHA-224 + + Note: The data_in size is already known after the Hash + +*/ +#define CRYS_RSA_PKCS1v15_SHA224_Sign(UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + _DX_RSA_Sign((UserContext_ptr),(UserPrivKey_ptr),(CRYS_RSA_After_SHA224_mode),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) + + + + +/** + @brief + CRYS_RSA_PKCS1v15_SHA256_Sign implements the RSASSA-PKCS1v15 algorithm + as defined in PKCS#1 v1.5, but without performing a HASH function - + it assumes that the data in has already been hashed using SHA-256 + + Note: The data_in size is already known after the Hash + +*/ +#define CRYS_RSA_PKCS1v15_SHA256_Sign(UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + _DX_RSA_Sign((UserContext_ptr),(UserPrivKey_ptr),(CRYS_RSA_After_SHA256_mode),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) + +/** + @brief + CRYS_RSA_PKCS1v15_SHA1_Sign implements the RSASSA-PKCS1v15 algorithm + as defined in PKCS#1 v1.5, but without performing a HASH function - + it assumes that the data in has already been hashed using SHA-384 + + Note: The data_in size is already known after the Hash + +*/ +#define CRYS_RSA_PKCS1v15_SHA384_Sign(UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + _DX_RSA_Sign((UserContext_ptr),(UserPrivKey_ptr),(CRYS_RSA_After_SHA384_mode),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) + + +/** + @brief + CRYS_RSA_PKCS1v15_SHA512_Sign implements the RSASSA-PKCS1v15 algorithm + as defined in PKCS#1 v1.5, but without performing a HASH function - + it assumes that the data in has already been hashed using SHA-512 + + Note: The data_in size is already known after the Hash + +*/ +#define CRYS_RSA_PKCS1v15_SHA512_Sign(UserContext_ptr,UserPrivKey_ptr,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + _DX_RSA_Sign((UserContext_ptr),(UserPrivKey_ptr),(CRYS_RSA_After_SHA512_mode),(CRYS_PKCS1_NO_MGF),0,(DataIn_ptr),CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES,(Output_ptr),(OutputSize_ptr),CRYS_PKCS1_VER15) + + + +/** + \brief CRYS_RSA_PSS_Sign implements the RSASSA-PSS algorithm + as defined in PKCS#1 v2.1 9.1, in a single function call. + + Note: According to the PKCS#1 ver2.1 it is not recommended to use MD5 Hash, + therefore it is not supported + + The actual macro that will be used by the user is: + CRYS_RSA_PSS_Sign +*/ + +#define CRYS_RSA_PSS_Sign(UserContext_ptr,UserPrivKey_ptr,hashFunc,MGF,SaltLen,DataIn_ptr,DataInSize,Output_ptr,OutputSize_ptr)\ + _DX_RSA_Sign(UserContext_ptr,UserPrivKey_ptr,hashFunc,MGF,SaltLen,DataIn_ptr,DataInSize,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) + + +/** + \brief CRYS_RSA_PSS_SHA1_Sign implements the RSASSA-PSS algorithm + as defined in PKCS#1 v2.1 9.1 in a single function call, but without + performing a HASH function - it assumes that the data in + has already been hashed using SHA-1 + + Note: The data_in size is already known after the Hash + + The actual macro that will be used by the users is: + CRYS_RSA_PSS_SHA1_Sign +*/ + +#define CRYS_RSA_PSS_SHA1_Sign(UserContext_ptr,UserPrivKey_ptr,MGF,SaltLen,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + _DX_RSA_Sign(UserContext_ptr,UserPrivKey_ptr,CRYS_RSA_After_SHA1_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) + + +/** + \brief CRYS_RSA_PSS_SHA224_Sign implements the RSASSA-PSS algorithm + as defined in PKCS#1 v2.1 9.1 in a single function call, but without + performing a HASH function - it assumes that the data in + has already been hashed using SHA-224 + + Note: The data_in size is already known after the Hash + + The actual macro that will be used by the users is: + CRYS_RSA_PSS_SHA224_Sign +*/ + +#define CRYS_RSA_PSS_SHA224_Sign(UserContext_ptr,UserPrivKey_ptr,MGF,SaltLen,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + _DX_RSA_Sign(UserContext_ptr,UserPrivKey_ptr,CRYS_RSA_After_SHA224_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) + + +/** + \brief CRYS_RSA_PSS_SHA256_Sign implements the RSASSA-PSS algorithm + as defined in PKCS#1 v2.1 9.1 in a single function call, but without + performing a HASH function - it assumes that the data in + has already been hashed using SHA-256 + + Note: The data_in size is already known after the Hash + + The actual macro that will be used by the users is: + CRYS_RSA_PSS_SHA256_Sign +*/ + +#define CRYS_RSA_PSS_SHA256_Sign(UserContext_ptr,UserPrivKey_ptr,MGF,SaltLen,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + _DX_RSA_Sign(UserContext_ptr,UserPrivKey_ptr,CRYS_RSA_After_SHA256_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) + + + +/** + \brief CRYS_RSA_PSS_SHA384_Sign implements the RSASSA-PSS algorithm + as defined in PKCS#1 v2.1 9.1 in a single function call, but without + performing a HASH function - it assumes that the data in + has already been hashed using SHA-384 + + Note: The data_in size is already known after the Hash + + The actual macro that will be used by the users is: + CRYS_RSA_PSS_SHA384_Sign +*/ + +#define CRYS_RSA_PSS_SHA384_Sign(UserContext_ptr,UserPrivKey_ptr,MGF,SaltLen,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + _DX_RSA_Sign(UserContext_ptr,UserPrivKey_ptr,CRYS_RSA_After_SHA384_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) + + +/** + \brief CRYS_RSA_PSS_SHA512_Sign implements the RSASSA-PSS algorithm + as defined in PKCS#1 v2.1 9.1 in a single function call, but without + performing a HASH function - it assumes that the data in + has already been hashed using SHA-512 + + Note: The data_in size is already known after the Hash + + The actual macro that will be used by the users is: + CRYS_RSA_PSS_SHA512_Sign +*/ + +#define CRYS_RSA_PSS_SHA512_Sign(UserContext_ptr,UserPrivKey_ptr,MGF,SaltLen,DataIn_ptr,Output_ptr,OutputSize_ptr)\ + _DX_RSA_Sign(UserContext_ptr,UserPrivKey_ptr,CRYS_RSA_After_SHA512_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES,Output_ptr,OutputSize_ptr,CRYS_PKCS1_VER21) + + +/**********************************************************************************************************/ +/** + \brief RSA_VerifyInit initializes the Verify + multi-call algorithm as defined in PKCS#1 v1.5 and 2.1 + + The actual macro that will be used by the user is: + CRYS_RSA_PKCS1v15_VerifyInit - for v1.5 + CRYS_RSA_PSS_VerifyInit - for v2.1 + + @param[in] UserContext_ptr - A pointer to the public Context + structure of the User. + @param[in] UserPubKey_ptr - A pointer to the public key data + structure. + @param[in] hashFunc - The hash function to be used. Currently + only CRYS_PKCS1_SHA1 and CRYS_PKCS1_MD5 + are supported. The other hash functions + recommended by PKCS#1 v2.1 are + SHA-256/284/512. If PKCS1_ver is CRYS_PKCS1_VER15, then + the value CRYS_RSA_After_HASH_NOT_KNOWN_mode will allow + the signature data to determine the hash function to be used. + @param[in] MGF - The mask generation function. Only for PKCS#1 v2.1 + defines MGF1, so the only value allowed for v2.1 + is CRYS_PKCS1_MGF1. + @param[in] SaltLen - The Length of the Salt buffer. relevant for PKCS#1 Ver 2.1 Only + Typical lengths are 0 and hLen (20 for SHA1) + The maximum length allowed is NSize - hLen - 2 + If the salt length is not available in this process, the user can use the define: + CRYS_RSA_VERIFY_SALT_LENGTH_UNKNOWN + Security Note: it is recommended not to use this flag and to support the Salt length on each verify + @param[in] PKCS1_ver - Ver 1.5 or 2.1, according to the functionality required + + @return CRYSError_t - CRYS_OK, CRYS_INVALID_SIGNATURE, + CRYS_BAD_PARAM, CRYS_OUT_OF_RANGE +*/ + +CIMPORT_C CRYSError_t _DX_RSA_VerifyInit(CRYS_RSAPubUserContext_t *UserContext_ptr, + CRYS_RSAUserPubKey_t *UserPubKey_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + CRYS_PKCS1_MGF_t MGF, + DxUint16_t SaltLen, + CRYS_PKCS1_version PKCS1_ver); + + +/** + \brief CRYS_RSA_PKCS1v15_VerifyInit implements the RSASSA-PKCS1v15 algorithm + as defined in PKCS#1 v2.1 8.2.1 +*/ +#define CRYS_RSA_PKCS1v15_VerifyInit(UserContext_ptr,UserPubKey_ptr,hashFunc)\ + _DX_RSA_VerifyInit(UserContext_ptr,UserPubKey_ptr,hashFunc,CRYS_PKCS1_NO_MGF,0,CRYS_PKCS1_VER15) + +/* + \brief CRYS_RSA_PSS_VerifyInit implements the RSASSA-PSS algorithm + as defined in PKCS#1 v2.1 + + Note: According to PKCS#1 ver2.1 MD5 hash is not recommended, + therefore it is not supported +*/ +#define CRYS_RSA_PSS_VerifyInit(UserContext_ptr, UserPubKey_ptr, hashFunc, MGF,SaltLen)\ + _DX_RSA_VerifyInit(UserContext_ptr, UserPubKey_ptr, hashFunc, MGF, SaltLen, CRYS_PKCS1_VER21) + + +/**********************************************************************************************************/ +/** + \brief RSA_VerifyUpdate processes the data to be verified + in a given context, according to PKCS1 v1.5 and 2.1 + + \note RSA_VerifyUpdate can be called multiple times with data + + The actual macro that will be used by the user is: + CRYS_RSA_PKCS1v15_VerifyUpdate - for v1.5 + CRYS_RSA_PSS_VerifyUpdate - for v2.1 + + @param[in] UserContext_ptr - A pointer to the public Context + structure of the User. + @param[in] DataIn_ptr - A pointer to the data whose signature is + to be verified. + @param[in] DataInSize - The size, in bytes, of the data whose + signature is to be verified. + + @return CRYSError_t - CRYS_OK, CRYS_INVALID_SIGNATURE, + CRYS_BAD_PARAM, CRYS_OUT_OF_RANGE +*/ + +CIMPORT_C CRYSError_t _DX_RSA_VerifyUpdate(CRYS_RSAPubUserContext_t *UserContext_ptr, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize); + + +#define CRYS_RSA_PKCS1v15_VerifyUpdate(UserContext_ptr,DataIn_ptr,DataInSize)\ + _DX_RSA_VerifyUpdate(UserContext_ptr,DataIn_ptr,DataInSize) + + +#define CRYS_RSA_PSS_VerifyUpdate(UserContext_ptr,DataIn_ptr,DataInSize)\ + _DX_RSA_VerifyUpdate(UserContext_ptr,DataIn_ptr,DataInSize) + + +/**********************************************************************************************************/ +/** + + \brief RSA_VerifyFinish implements the Finish Phase of the Verify algorithm + as defined in PKCS#1 v2.1 or PKCS#1 v1.5 + + The actual macro that will be used by the user is: + CRYS_RSA_PKCS1v15_VerifyFinish - for v1.5 + CRYS_RSA_PSS_VerifyFinish - for v2.1 + + @param[in] UserContext_ptr - A pointer to the public Context + structure of the User. + @param[in] Sig_ptr - A pointer to the signature to be verified. + The length of the signature is PubKey_ptr->N.len bytes + (that is, the size of the modulus, in bytes). + + @return CRYSError_t - CRYS_OK, CRYS_INVALID_SIGNATURE, + CRYS_BAD_PARAM, CRYS_OUT_OF_RANGE +*/ + +CIMPORT_C CRYSError_t _DX_RSA_VerifyFinish(CRYS_RSAPubUserContext_t *UserContext_ptr, + DxUint8_t *Sig_ptr); + + +/** + \brief CRYS_RSA_PKCS1v15_VerifyFinish Verifies the signature on the + data passed to one or more calls to CRYS_RSA_PKCS1v15_VerifyUpdate, + and releases the context. +*/ +#define CRYS_RSA_PKCS1v15_VerifyFinish(UserContext_ptr,Sig_ptr)\ + _DX_RSA_VerifyFinish(UserContext_ptr,Sig_ptr) + + +/** + \brief CRYS_RSA_PSS_VerifyFinish Verifies the signature on the + data passed to one or more calls to CRYS_RSA_PSS_VerifyUpdate, + and releases the context. +*/ +#define CRYS_RSA_PSS_VerifyFinish(UserContext_ptr,Sig_ptr)\ + _DX_RSA_VerifyFinish(UserContext_ptr,Sig_ptr) + + +/**********************************************************************************************************/ +/** + \brief RSA_Verify implements the RSASSA-PKCS1v15 algorithm + in a single function, as defined in PKCS#1 v1.5 and v2.1 + + The actual macro that will be used by the users is: + CRYS_RSA_PKCS1v15_Verify - for v1.5 + CRYS_RSA_PKCS1v15_MD5_Verify - for v1.5 data in is hashed with MD5 + CRYS_RSA_PKCS1v15_SHA1_Verify - for v1.5 data in is hashed with SHA1 + CRYS_RSA_PSS_Verify - for v2.1 + CRYS_RSA_PSS_SHA1_Verify - for v2.1 data in is hashed with SHA1 + - for v2.1 MD5 is not supported, since + according to the PKCS#1 ver2.1 it is not recommended + + @param[in] UserContext_ptr - A pointer to the public Context, + for the use of the function as a space to work on + @param[in] UserPubKey_ptr - A pointer to the public key data + structure of the user. + @param[in] hashFunc - The hash function to be used. + Currently only CRYS_PKCS1_SHA1 and CRYS_PKCS1_MD5 + are supported. The other hash functions + recommended by PKCS#1 v2.1 are + SHA-256/284/512. If PKCS1_ver is CRYS_PKCS1_VER15, then + the value CRYS_RSA_After_HASH_NOT_KNOWN_mode will allow + the signature data to determine the hash function to be used. + @param[in] MGF - The mask generation function. only for PKCS#1 v2.1 + defines MGF1, so the only value allowed for v2.1 + is CRYS_PKCS1_MGF1. + @param[in] SaltLen - The Length of the Salt buffer. relevant for PKCS#1 Ver 2.1 Only + Typical lengths are 0 and hLen (20 for SHA1) + The maximum length allowed is NSize - hLen - 2 + @param[in] DataIn_ptr - A pointer to the data whose signature is + to be verified. + @param[in] DataInSize - The size, in bytes, of the data whose + signature is to be verified. + @param[in] Sig_ptr - A pointer to the signature to be verified. + The length of the signature is PubKey_ptr->N.len bytes + (that is, the size of the modulus, in bytes). + @param[in] PKCS1_ver - Ver 1.5 or 2.1, according to the functionality required + + @return CRYSError_t - CRYS_OK, CRYS_INVALID_SIGNATURE, + CRYS_BAD_PARAM, CRYS_OUT_OF_RANGE +*/ + +CIMPORT_C CRYSError_t _DX_RSA_Verify(CRYS_RSAPubUserContext_t *UserContext_ptr, + CRYS_RSAUserPubKey_t *UserPubKey_ptr, + CRYS_RSA_HASH_OpMode_t hashFunc, + CRYS_PKCS1_MGF_t MGF, + DxUint16_t SaltLen, + DxUint8_t *DataIn_ptr, + DxUint32_t DataInSize, + DxUint8_t *Sig_ptr, + CRYS_PKCS1_version PKCS1_ver); + + +#define CRYS_RSA_PKCS1v15_Verify(UserContext_ptr,UserPubKey_ptr,hashFunc,DataIn_ptr,DataInSize,Sig_ptr)\ + _DX_RSA_Verify(UserContext_ptr,UserPubKey_ptr,hashFunc,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,DataInSize,Sig_ptr,CRYS_PKCS1_VER15) + + +/** + \brief CRYS_RSA_PKCS1v15_MD5_Verify implements the RSASSA-PKCS1v15 Verify algorithm + as defined in PKCS#1 v1.5, but without operating the HASH function - + it assumes the DataIn_ptr data has already been hashed using MD5 + + \note The data_in size is already known after the Hash + + The actual macro that will be used by the user is: + CRYS_RSA_PKCS1v15_MD5_Verify +*/ + +#define CRYS_RSA_PKCS1v15_MD5_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\ + _DX_RSA_Verify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_MD5_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_MD5_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15) + + +/** + \brief CRYS_RSA_PKCS1v15_SHA1_Verify implements the RSASSA-PKCS1v15 Verify algorithm + as defined in PKCS#1 v1.5, but without operating the HASH function - + it assumes that the DataIn_ptr data has already been hashed using SHA1 + + Note: The data_in size is already known after the Hash + + The actual macro that will be used by the users is: + CRYS_RSA_PKCS1v15_SHA1_Verify +*/ +#define CRYS_RSA_PKCS1v15_SHA1_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\ + _DX_RSA_Verify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA1_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15) + + +/** + \brief CRYS_RSA_PKCS1v15_SHA224_Verify implements the RSASSA-PKCS1v15 Verify algorithm + as defined in PKCS#1 v1.5, but without operating the HASH function - + it assumes that the DataIn_ptr data has already been hashed using SHA224 + + Note: The data_in size is already known after the Hash + + The actual macro that will be used by the users is: + CRYS_RSA_PKCS1v15_SHA224_Verify +*/ +#define CRYS_RSA_PKCS1v15_SHA224_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\ + _DX_RSA_Verify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA224_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15) + + + +/** + \brief CRYS_RSA_PKCS1v15_SHA256_Verify implements the RSASSA-PKCS1v15 Verify algorithm + as defined in PKCS#1 v1.5, but without operating the HASH function - + it assumes that the DataIn_ptr data has already been hashed using SHA256 + + Note: The data_in size is already known after the Hash + + The actual macro that will be used by the users is: + CRYS_RSA_PKCS1v15_SHA256_Verify +*/ +#define CRYS_RSA_PKCS1v15_SHA256_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\ + _DX_RSA_Verify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA256_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15) + + +/** + \brief CRYS_RSA_PKCS1v15_SHA384_Verify implements the RSASSA-PKCS1v15 Verify algorithm + as defined in PKCS#1 v1.5, but without operating the HASH function - + it assumes that the DataIn_ptr data has already been hashed using SHA384 + + Note: The data_in size is already known after the Hash + + The actual macro that will be used by the users is: + CRYS_RSA_PKCS1v15_SHA384_Verify +*/ +#define CRYS_RSA_PKCS1v15_SHA384_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\ + _DX_RSA_Verify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA384_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15) + + + +/** + \brief CRYS_RSA_PKCS1v15_SHA512_Verify implements the RSASSA-PKCS1v15 Verify algorithm + as defined in PKCS#1 v1.5, but without operating the HASH function - + it assumes that the DataIn_ptr data has already been hashed using SHA512 + + Note: The data_in size is already known after the Hash + + The actual macro that will be used by the users is: + CRYS_RSA_PKCS1v15_SHA512_Verify +*/ +#define CRYS_RSA_PKCS1v15_SHA512_Verify(UserContext_ptr,UserPubKey_ptr,DataIn_ptr,Sig_ptr)\ + _DX_RSA_Verify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA512_mode,CRYS_PKCS1_NO_MGF,0,DataIn_ptr,CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER15) + + +/** + \brief CRYS_RSA_PKCS1v15_SHA1_Verify implements the RSASSA-PKCS1v15 Verify algorithm + as defined in PKCS#1 v1.5, but without operating the HASH function - + it assumes that the DataIn_ptr has already been hashed using SHA1 + + Note: The data_in size is already known after Hash + Note: According to the PKCS#1 ver2.1 it is not recommended to use MD5 Hash, + therefore it is not supported + + The actual macro that will be used by the user is: + CRYS_RSA_PKCS1v15_SHA1_Verify +*/ + +#define CRYS_RSA_PSS_Verify(UserContext_ptr,UserPubKey_ptr,hashFunc,MGF,SaltLen,DataIn_ptr,DataInSize,Sig_ptr)\ + _DX_RSA_Verify(UserContext_ptr,UserPubKey_ptr,hashFunc,MGF,SaltLen,DataIn_ptr,DataInSize,Sig_ptr,CRYS_PKCS1_VER21) + + +/** + \brief CRYS_RSA_PSS_SHA1_Verify implements the PKCS1v21 Verify algorithm + as defined in PKCS#1 v2.1, but without operating the HASH function - + it assumes the DataIn_ptr has already been hashed using SHA1 + + \note The data_in size is already known after the Hash + + The actual macro that will be used by the user is: + CRYS_RSA_PKCS1v15_SHA1_Verify +*/ + +#define CRYS_RSA_PSS_SHA1_Verify(UserContext_ptr,UserPubKey_ptr,MGF,SaltLen,DataIn_ptr,Sig_ptr)\ + _DX_RSA_Verify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA1_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER21) + + +/** + \brief CRYS_RSA_PSS_SHA224_Verify implements the PKCS1v21 Verify algorithm + as defined in PKCS#1 v2.1, but without operating the HASH function - + it assumes the DataIn_ptr has already been hashed using SHA224 + + \note The data_in size is already known after the Hash + + The actual macro that will be used by the user is: + CRYS_RSA_PKCS1v15_SHA224_Verify +*/ + +#define CRYS_RSA_PSS_SHA224_Verify(UserContext_ptr,UserPubKey_ptr,MGF,SaltLen,DataIn_ptr,Sig_ptr)\ + _DX_RSA_Verify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA224_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER21) + +/** + \brief CRYS_RSA_PSS_SHA256_Verify implements the PKCS1v21 Verify algorithm + as defined in PKCS#1 v2.1, but without operating the HASH function - + it assumes the DataIn_ptr has already been hashed using SHA256 + + \note The data_in size is already known after the Hash + + The actual macro that will be used by the user is: + CRYS_RSA_PKCS1v15_SHA256_Verify +*/ + +#define CRYS_RSA_PSS_SHA256_Verify(UserContext_ptr,UserPubKey_ptr,MGF,SaltLen,DataIn_ptr,Sig_ptr)\ + _DX_RSA_Verify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA256_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER21) + + +/** + \brief CRYS_RSA_PSS_SHA384_Verify implements the PKCS1v21 Verify algorithm + as defined in PKCS#1 v2.1, but without operating the HASH function - + it assumes the DataIn_ptr has already been hashed using SHA384 + + \note The data_in size is already known after the Hash + + The actual macro that will be used by the user is: + CRYS_RSA_PKCS1v15_SHA384_Verify +*/ + +#define CRYS_RSA_PSS_SHA384_Verify(UserContext_ptr,UserPubKey_ptr,MGF,SaltLen,DataIn_ptr,Sig_ptr)\ + _DX_RSA_Verify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA384_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER21) + + +/** + \brief CRYS_RSA_PSS_SHA512_Verify implements the PKCS1v21 Verify algorithm + as defined in PKCS#1 v2.1, but without operating the HASH function - + it assumes the DataIn_ptr has already been hashed using SHA512 + + \note The data_in size is already known after the Hash + + The actual macro that will be used by the user is: + CRYS_RSA_PKCS1v15_SHA512_Verify +*/ + +#define CRYS_RSA_PSS_SHA512_Verify(UserContext_ptr,UserPubKey_ptr,MGF,SaltLen,DataIn_ptr,Sig_ptr)\ + _DX_RSA_Verify(UserContext_ptr,UserPubKey_ptr,CRYS_RSA_After_SHA512_mode,MGF,SaltLen,DataIn_ptr,CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES,Sig_ptr,CRYS_PKCS1_VER21) + +/**********************************************************************************************************/ + + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_types.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_types.h new file mode 100644 index 0000000..f5bc1b1 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_rsa_types.h @@ -0,0 +1,502 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_RSA_TYPES_H +#define CRYS_RSA_TYPES_H + + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_hash.h" +#include "crys_pka_defs.h" +#include "dx_pal_types.h" +#include "dx_pal_compiler.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object % crys_rsa_types.h : % + * State : %state% + * Creation date : Wed Nov 17 16:42:30 2004 + * Last modified : %modify_time% + */ + /** @file + * \brief This file contains all of the enums and definitions + * that are used for the CRYS AES APIs, as well as the APIs themselves. + * + * \version crys_rsa_types.h#1:incl:13 + * \author adams + */ + +/************************ Defines ******************************/ + + + +#define CRYS_DEFS_CC6_PKA_ENGINE_TYPE 7 +#define LLF_PKI_ENGINE_TYPE CRYS_DEFS_CC6_PKA_ENGINE_TYPE +/* The valid key size in bits */ + +#ifndef CRYS_NO_RSA_MAX_KEY_SIZE_3072_BIT_SUPPORT + #define CRYS_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BITS 3072 +#else + #define CRYS_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BITS 2048 +#endif + +#define CRYS_RSA_MIN_VALID_KEY_SIZE_VALUE_IN_BITS 512 +#define CRYS_RSA_VALID_KEY_SIZE_MULTIPLE_VALUE_IN_BITS 256 + +/* maximal size of key, which may be generated on present HW */ +#define CRYS_PKA_MAX_KEY_GENERATION_SIZE_BITS 2048 + +/* maximal allowed key size in words */ +#define CRYS_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BYTES (CRYS_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BITS / 8) + +/* If the salt length is not available in verify than the user can use this define and the algorithm will */ +/* calculate the salt length alone*/ +/* Security Note: it is recommended not to use this flag and to support the Salt length on each verify*/ +#define CRYS_RSA_VERIFY_SALT_LENGTH_UNKNOWN 0xFFFF + +/* The minimum exponent size */ +#define CRYS_RSA_MIN_PUB_EXP_VALUE 3 +#define CRYS_RSA_MIN_PRIV_EXP_VALUE 1 + +/* The maximum buffer size for the 'H' value */ +#define CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS ((CRYS_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BITS + 64UL ) / 32 ) +#define CRYS_RSA_TMP_BUFF_SIZE (CRYS_RSA_OAEP_ENCODE_MAX_MASKDB_SIZE + CRYS_RSA_OAEP_ENCODE_MAX_SEEDMASK_SIZE + CRYS_PKA_RSA_HASH_CTX_SIZE_IN_WORDS*sizeof(DxUint32_t) + sizeof(CRYS_HASH_Result_t)) + + +/* The possible hash modes are SHA-1 and MD5, as defined in CRYS_HASH.h */ +#define CRYS_PKCS1_HashFunc_t CRYS_HASH_OperationMode_t + +/* TBD */ + +#define CRYS_RSA_OAEP_MAX_HLEN CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES + +/* MGF1 declarations */ +#define CRYS_RSA_MGF_2_POWER_32 65535 /* 0xFFFF */ /* 0x100000000 */ /* This is the 2^32 of the 2^32*hLen boundary check */ +#define CRYS_RSA_SIZE_OF_T_STRING_BYTES (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*sizeof(DxUint32_t)) /* Buffer inside RSA context */ + +/*********************************************************** + * + * RSA PKCS#1 v2.1 DEFINES + * + ***********************************************************/ +#define CRYS_RSA_OAEP_ENCODE_MAX_SEEDMASK_SIZE CRYS_RSA_OAEP_MAX_HLEN +#define CRYS_RSA_PSS_SALT_LENGTH CRYS_RSA_OAEP_MAX_HLEN +#define CRYS_RSA_PSS_PAD1_LEN 8 + +#define CRYS_RSA_OAEP_ENCODE_MAX_MASKDB_SIZE (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*sizeof(DxUint32_t)) /* For OAEP Encode; the max size is emLen */ +#define CRYS_RSA_OAEP_DECODE_MAX_DBMASK_SIZE (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*sizeof(DxUint32_t)) /* For OAEP Decode; the max size is emLen */ + +/************************ Enums ********************************/ + +/* Defines the enum for the HASH operation mode. + * This enum differs from the one defined in CRYS_HASH.h in that + * it is only for the CRYS level and enables SHA-1 and MD5 modes. + * The SSL modes are for PKCS1 v1.5 when the data given + * to the Sign operation is already hashed with SHA-1 or MD5. + */ +typedef enum +{ + CRYS_RSA_HASH_MD5_mode = 0, + CRYS_RSA_HASH_SHA1_mode = 1, + CRYS_RSA_HASH_SHA224_mode = 2, + CRYS_RSA_HASH_SHA256_mode = 3, + CRYS_RSA_HASH_SHA384_mode = 4, + CRYS_RSA_HASH_SHA512_mode = 5, + CRYS_RSA_After_MD5_mode = 6, /* For PKCS1 v1.5 when the data is already hashed with MD5 */ + CRYS_RSA_After_SHA1_mode = 7, /* For PKCS1 v1.5 when the data is already hashed with SHA1 */ + CRYS_RSA_After_SHA224_mode = 8, /* For PKCS1 v1.5 when the data is already hashed with SHA224 */ + CRYS_RSA_After_SHA256_mode = 9, /* For PKCS1 v1.5 when the data is already hashed with SHA256 */ + CRYS_RSA_After_SHA384_mode = 10, /* For PKCS1 v1.5 when the data is already hashed with SHA384 */ + CRYS_RSA_After_SHA512_mode = 11, /* For PKCS1 v1.5 when the data is already hashed with SHA512 */ + CRYS_RSA_After_HASH_NOT_KNOWN_mode = 12, /*used only for PKCS#1 Ver 1.5 - possible to perform verify operation without hash mode input ; the hash mode will be derived from the signature*/ + CRYS_RSA_HASH_NO_HASH_mode = 13, /* Used for PKCS1 v1.5 Encrypt and Decrypt*/ + CRYS_RSA_HASH_NumOfModes, + + CRYS_RSA_HASH_OpModeLast = 0x7FFFFFFF, + +}CRYS_RSA_HASH_OpMode_t; + + +/* Defines the enum of the RSA decryption mode */ +typedef enum +{ + CRYS_RSA_NoCrt = 10, + CRYS_RSA_Crt = 11, + + CRYS_RSADecryptionNumOfOptions, + + CRYS_RSA_DecryptionModeLast= 0x7FFFFFFF, + +}CRYS_RSA_DecryptionMode_t; + +/* the Key source enum */ +typedef enum +{ + CRYS_RSA_ExternalKey = 1, + CRYS_RSA_InternalKey = 2, + + CRYS_RSA_KeySourceLast= 0x7FFFFFFF, + +}CRYS_RSA_KeySource_t; + +typedef enum +{ + CRYS_PKCS1_MGF1 = 0, + CRYS_PKCS1_NO_MGF = 1, + CRYS_RSA_NumOfMGFFunctions, + + CRYS_PKCS1_MGFLast= 0x7FFFFFFF, + +}CRYS_PKCS1_MGF_t; + +/* Defines the enum of the various PKCS1 versions */ +typedef enum +{ + CRYS_PKCS1_VER15 = 0, + CRYS_PKCS1_VER21 =1, + + CRYS_RSA_NumOf_PKCS1_versions, + + CRYS_PKCS1_versionLast= 0x7FFFFFFF, + +}CRYS_PKCS1_version; + + + +typedef enum +{ + CRYS_RSA_PKCS1_15_MODE00 = 0, + CRYS_RSA_PKCS1_15_MODE01 = 1, + CRYS_RSA_PKCS1_15_MODE02 = 2, + CRYS_RSA_NumOf_PKCS1_BLOCK_TYPES, + + CRYS_PKCS1_Block_TypeLast= 0x7FFFFFFF, + +}CRYS_PKCS1_Block_Type; + +/* enum defining primality testing mode in Rabin-Miller + and Lucas-Lehmer tests */ +typedef enum +{ + CRYS_RSA_PRIME_TEST_MODE = 0, + CRYS_DH_PRIME_TEST_MODE = 1, + + CRYS_RSA_DH_PRIME_TEST_OFF_MODE + +}CRYS_RSA_DH_PrimeTestMode_t; + +/************************ Public and private key database Structs ******************************/ + +/* .................. The public key definitions ...................... */ +/* --------------------------------------------------------------------- */ + +/* The public key data structure */ +typedef struct +{ + /* The RSA modulus buffer and its size in bits */ + DxUint32_t n[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint32_t nSizeInBits; + + /* The RSA public exponent buffer and its size in bits */ + DxUint32_t e[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint32_t eSizeInBits; + + /* #include the specific fields that are used by the low level */ + DxUint32_t crysRSAIntBuff[CRYS_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS]; + +}CRYSRSAPubKey_t; + +/* The user structure prototype used as an input to the CRYS_RSA_PRIM_Encrypt */ +typedef struct CRYS_RSAUserPubKey_t +{ + DxUint32_t valid_tag; + DxUint32_t PublicKeyDbBuff[ sizeof(CRYSRSAPubKey_t)/sizeof(DxUint32_t) + 1 ]; + + +}CRYS_RSAUserPubKey_t; + +/* .................. The private key definitions ...................... */ +/* --------------------------------------------------------------------- */ + +/* The private key on non-CRT mode data structure */ +typedef struct +{ + /* The RSA private exponent buffer and its size in bits */ + DxUint32_t d[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint32_t dSizeInBits; + + /* The RSA public exponent buffer and its size in bits */ + DxUint32_t e[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint32_t eSizeInBits; + +}CRYSRSAPrivNonCRTKey_t; + +/* The private key on CRT mode data structure */ +#ifndef CRYS_NO_RSA_SMALL_CRT_BUFFERS_SUPPORT +/* use small CRT buffers */ +typedef struct +{ + /* The first factor buffer and size in bits */ + DxUint32_t P[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS/2]; + DxUint32_t PSizeInBits; + + /* The second factor buffer and its size in bits */ + DxUint32_t Q[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS/2]; + DxUint32_t QSizeInBits; + + /* The first CRT exponent buffer and its size in bits */ + DxUint32_t dP[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS/2]; + DxUint32_t dPSizeInBits; + + /* The second CRT exponent buffer and its size in bits */ + DxUint32_t dQ[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS/2]; + DxUint32_t dQSizeInBits; + + /* The first CRT coefficient buffer and its size in bits */ + DxUint32_t qInv[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS/2]; + DxUint32_t qInvSizeInBits; + +}CRYSRSAPrivCRTKey_t; + +/* size of CRYSRSAPrivCRTKey_t structure in words (used for temp buffers allocation) */ +#define CRYS_RSA_SIZE_IN_WORDS_OF_CRYSRSAPrivCRTKey_t (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*7/2 + 5) + +#else /* use large CRT buffers */ +typedef struct +{ + /* The first factor buffer and size in bits */ + DxUint32_t P[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint32_t PSizeInBits; + + /* The second factor buffer and its size in bits */ + DxUint32_t Q[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint32_t QSizeInBits; + + /* The first CRT exponent buffer and its size in bits */ + DxUint32_t dP[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint32_t dPSizeInBits; + + /* The second CRT exponent buffer and its size in bits */ + DxUint32_t dQ[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint32_t dQSizeInBits; + + /* The first CRT coefficient buffer and its size in bits */ + DxUint32_t qInv[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint32_t qInvSizeInBits; + +}CRYSRSAPrivCRTKey_t; + +/* size of CRYSRSAPrivCRTKey_t structure in words (used for temp buffers allocation) */ +#define CRYS_RSA_SIZE_IN_WORDS_OF_CRYSRSAPrivCRTKey_t (CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS*5 + 5) + +#endif + +/* The private key data structure */ +typedef struct +{ + /* The RSA modulus buffer and its size in bits */ + DxUint32_t n[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint32_t nSizeInBits; + + /* The decryption operation mode */ + CRYS_RSA_DecryptionMode_t OperationMode; + + /* the source ( Import or Keygen ) */ + CRYS_RSA_KeySource_t KeySource; + + /* #include specific fields that are used by the low level */ + DxUint32_t crysRSAPrivKeyIntBuff[CRYS_PKA_PRIV_KEY_BUFF_SIZE_IN_WORDS]; + + + /* The union between the CRT and non-CRT data structures */ + union + { + CRYSRSAPrivNonCRTKey_t NonCrt; + CRYSRSAPrivCRTKey_t Crt; + }PriveKeyDb; + +}CRYSRSAPrivKey_t; + +/* The user structure prototype used as an input to the + CRYS_RSA_PRIM_Decrypt or CRYS_RSA_PRIM_DecryptCRT */ +typedef struct CRYS_RSAUserPrivKey_t +{ + DxUint32_t valid_tag; + DxUint32_t PrivateKeyDbBuff[ sizeof(CRYSRSAPrivKey_t)/sizeof(DxUint32_t) + 1 ] ; + +}CRYS_RSAUserPrivKey_t; + +/* the RSA data type */ +typedef struct CRYS_RSAPrimeData_t +{ + /* The aligned input and output data buffers */ + DxUint32_t DataIn[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint32_t DataOut[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint8_t InternalBuff[CRYS_RSA_TMP_BUFF_SIZE] DX_PAL_COMPILER_ALIGN (4); + + /* #include specific fields that are used by the low level */ + DxUint32_t crysRSAPrimIntBuff[CRYS_PKA_RSA_PRIME_INT_BUFF_SIZE_IN_WORDS]; + +}CRYS_RSAPrimeData_t; + +/* the KG data type */ +typedef union CRYS_RSAKGData_t +{ + struct + { + /* The aligned input and output data buffers */ + DxUint32_t p[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS / 2]; + DxUint32_t q[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS / 2]; + + /* #include specific fields that are used by the low level */ + DxUint32_t crysRSAKGDataIntBuff[CRYS_PKA_KGDATA_BUFF_SIZE_IN_WORDS]; + }KGData; + + CRYS_RSAPrimeData_t PrimData; + +}CRYS_RSAKGData_t; + + /************* + * RSA contexts + **************/ +/************************ CRYS RSA struct for Private Key ******************************/ + + + +typedef struct +{ + + /* A union for the Key Object - there is no need for the Private + key and the Public key to be in the memory at the same time */ + CRYS_RSAUserPrivKey_t PrivUserKey; + + /* RSA PKCS#1 Version 1.5/2.1 */ + DxUint8_t PKCS1_Version; + + /* MGF 2 use for the PKCS1 Ver 2.1 Sign/Verify operation */ + DxUint8_t MGF_2use; + + /*The Salt random intended length for PKCS#1 PSS Ver 2.1*/ + DxUint16_t SaltLen; + + /*Struct for the Exp evaluation*/ + CRYS_RSAPrimeData_t PrimeData; + + /* User Context of the Hash Context - Hash functions get as input a CRYS_HASHUserContext_t */ + //CRYS_HASHUserContext_t HashUserContext; + DxUint32_t CRYSPKAHashCtxBuff[CRYS_PKA_RSA_HASH_CTX_SIZE_IN_WORDS]; + CRYS_HASH_Result_t HASH_Result; + DxUint16_t HASH_Result_Size; /* denotes the length, in words, of the hash function output */ + CRYS_RSA_HASH_OpMode_t HashOperationMode; + + /* Used for sensitive data manipulation in the context space, which is safer and which saves stack space */ + DxUint32_t EBD[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint32_t EBDSizeInBits; + + /* Used for sensitive data manipulation in the context space, which is safer and which saves stack space */ + DxUint8_t T_Buf[CRYS_RSA_SIZE_OF_T_STRING_BYTES]; + DxUint16_t T_BufSize; + + /*Buffer for the use of the Ber encoder in the case of PKCS#1 Ver 1.5 - in Private context only*/ + DxUint32_t BER[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint16_t BERSize; + + /* This Buffer is added for encrypting the context ( encrypted part's size must be 0 modulo 16). + * Note: This block must be at the end of the context. + */ + DxUint8_t DummyBufAESBlockSize[16]; + +}RSAPrivContext_t; + +typedef struct CRYS_RSAPrivUserContext_t +{ + DxUint32_t valid_tag; + DxUint32_t AES_iv; /* For the use of the AES CBC mode of Encryption and Decryption of the context in CCM */ + DxUint8_t context_buff[ sizeof(RSAPrivContext_t) + sizeof(DxUint32_t)] DX_PAL_COMPILER_ALIGN (4); + +}CRYS_RSAPrivUserContext_t; + + +/************************ CRYS RSA struct for Public Key ******************************/ + + +typedef struct +{ + + /* A union for the Key Object - there is no need for the Private + key and the Public key to be in the memory in the same time */ + CRYS_RSAUserPubKey_t PubUserKey; + + /* public key size in bytes */ + DxUint32_t nSizeInBytes; + + /* RSA PKCS#1 Version 1.5/2.1 */ + DxUint8_t PKCS1_Version; + + /* MGF 2 use for the PKCS1 Ver 2.1 Sign/Verify operation */ + DxUint8_t MGF_2use; + + /*The Salt random intended length for PKCS#1 PSS Ver 2.1*/ + DxUint16_t SaltLen; + + /*Struct for the Exp evaluation*/ + CRYS_RSAPrimeData_t PrimeData; + + /* User Context of the Hash Context - Hash functions get as input a CRYS_HASHUserContext_t */ + DxUint32_t CRYSPKAHashCtxBuff[CRYS_PKA_RSA_HASH_CTX_SIZE_IN_WORDS]; + + CRYS_HASH_Result_t HASH_Result; + DxUint16_t HASH_Result_Size; /* denotes the length, in words, of the hash function output */ + CRYS_RSA_HASH_OpMode_t HashOperationMode; + + /* Used for sensitive data manipulation in the context space, which is safer and which saves stack space */ + DxUint32_t EBD[CRYS_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS]; + DxUint32_t EBDSizeInBits; + + /* Used for sensitive data manipulation in the context space, which is safer and which saves stack space */ + DxUint8_t T_Buf[CRYS_RSA_SIZE_OF_T_STRING_BYTES]; + DxUint16_t T_BufSize; + + /* This Buffer is added for encrypting the context ( encrypted part's size must be 0 modulo 16). + * Note: This block must be at the end of the context. + */ + DxUint8_t DummyBufAESBlockSize[16]; + +}RSAPubContext_t; + +typedef struct CRYS_RSAPubUserContext_t +{ + DxUint32_t valid_tag; + DxUint32_t AES_iv; /* For the use of the AES CBC mode of Encryption and Decryption of the context in CCM */ + DxUint32_t context_buff[ sizeof(RSAPubContext_t)/sizeof(DxUint32_t) + 1] ; + +}CRYS_RSAPubUserContext_t; + +/* .......................... Temp buff definition ......................... */ +/* ------------------------------------------------------------------------- */ + +/* the RSA Convert Key to CRT data type */ +typedef struct CRYS_RSAConvertKeyToCrtBuffers_t +{ + /* #include specific fields that are used by the low level */ + DxUint32_t crysRSAConvKeyCrtIntBuff[CRYS_PKA_CONV_KEY_CRT_BUFF_SIZE_IN_WORDS]; + +}CRYS_RSAConvertKeyToCrtBuffers_t; + + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_self_test.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_self_test.h new file mode 100644 index 0000000..ecb077a --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_self_test.h @@ -0,0 +1,99 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_SELF_TEST_H +#define CRYS_SELF_TEST_H + +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + /** @file + * \brief Perform self tests for specified engines + * + * \author adams + */ + +/************************ Defines ******************************/ + +/* @brief the following defines enable us to select the engines we want to test + these defines also describe the bit field of the result */ +#define CRYS_SELF_TEST_AES_BIT 0x0001 +#define CRYS_SELF_TEST_DES_BIT 0x0002 +#define CRYS_SELF_TEST_HASH_BIT 0x0004 +#define CRYS_SELF_TEST_HMAC_BIT 0x0008 +#define CRYS_SELF_TEST_RSA_ENCDEC_BIT 0x0010 +#define CRYS_SELF_TEST_ECC_BIT 0x0020 +#define CRYS_SELF_TEST_RND_DRBG_BIT 0x0040 +#define CRYS_SELF_TEST_RND_BIT CRYS_SELF_TEST_RND_TRNG_BIT + + +#define CRYS_SELF_TEST_ALL_BIT (CRYS_SELF_TEST_AES_BIT | \ + CRYS_SELF_TEST_DES_BIT | \ + CRYS_SELF_TEST_HASH_BIT | \ + CRYS_SELF_TEST_ECC_BIT | \ + CRYS_SELF_TEST_HMAC_BIT | \ + CRYS_SELF_TEST_RSA_ENCDEC_BIT) + +#define CRYS_SELF_TEST_NO_RND (CRYS_SELF_TEST_AES_BIT | \ + CRYS_SELF_TEST_DES_BIT | \ + CRYS_SELF_TEST_HASH_BIT | \ + CRYS_SELF_TEST_HMAC_BIT | \ + CRYS_SELF_TEST_RSA_ENCDEC_BIT ) + +/************************ Structs ******************************/ + +#define CRYS_SELF_TEST_BUFFER_SIZE_IN_WORDS 538 + +typedef struct +{ + DxUint32_t temp1[CRYS_SELF_TEST_BUFFER_SIZE_IN_WORDS]; + +}CRYS_SelfTestData_t; + + +/************************ Public Functions **********************/ + +/** + * @brief This function executes the CRYS self test for the specified engines + * + * @param[in] EnginesSelect - Specify the engines to test according to the following values:\n + * + * CRYS_SELF_TEST_AES_BIT \n + * CRYS_SELF_TEST_DES_BIT \n + * CRYS_SELF_TEST_HASH_BIT \n + * CRYS_SELF_TEST_HMAC_BIT \n + * CRYS_SELF_TEST_RSA_ENCDEC_BIT \n + * CRYS_SELF_TEST_RND_TRNG_BIT \n + * CRYS_SELF_TEST_RND_DRBG_BIT \n + * CRYS_SELF_TEST_ALL_BIT \n + * + * @param[out] EnginesTestResult_ptr - a bit field describing the test results of the selected engines. + * The bit field is the same as described above. + * For each bit specified in the input: 0 - test passes, 1 - test failed. + * + * @param[in] TempData_ptr - A pointer to a scratchpad buffer required for the self test. + * The size of the buffer is specified in the typedef. + * + * @return CRYSError_t - On success the function returns the value CRYS_OK, and on failure a non-ZERO error. + * + * \note This function is useful mainly to test hardware implementations of the cryptographic engines upon + * system startup. This function is to fulfil the FIPS demands for power-up self tests. + */ + + CRYSError_t CRYS_SelfTest(DxUint16_t EnginesSelect, + DxUint16_t *EnginesTestResult_ptr); + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_self_test.xml b/peripheral/keystore/chaabi/libcc54/include/crys/crys_self_test.xml new file mode 100644 index 0000000..1f24b7d --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_self_test.xml @@ -0,0 +1,31 @@ +<?xml version="1.0" encoding="US-ASCII" ?> +<!--**************************************************************** +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +*****************************************************************--> + +<!-- SepRpcTest API description: An API dedicated to test the RPC mechanism --> +<api name="CrysSelfTest"> <!-- The CrysSelfTest API Agent ID --> + +<!-- Default return codes for generated wrapper code (may be overriden for specific functions --> + <retcodes ok="CRYS_OK" generic_error="CRYS_SELF_TEST_MSG_GENERAL_RPC_A_ERROR" invalid_param="CRYS_SELF_TEST_MSG_GENERAL_RPC_B_ERROR" not_enough_resources="CRYS_SELF_TEST_MSG_GENERAL_RPC_C_ERROR" /> + <!-- Header files to include for prototypes +--> + <header>crys_host_rpc_config.h</header> + <header>crys_self_test_error.h</header> + <header>crys_self_test.h</header> + + + + + <function name="CRYS_SelfTest" return="le32(CRYSError_t)"> + + <param name="enginesSelect" direction="i" ptype="val" dtype="le16(DxUint16_t)"/> + + <param name="enginesTestResult_ptr" direction="o" ptype="ref" dtype="DxUint16_t"/> + + </function> + + </api> + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_self_test_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_self_test_error.h new file mode 100644 index 0000000..36414ea --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_self_test_error.h @@ -0,0 +1,77 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_SELF_TEST_ERROR_H +#define CRYS_SELF_TEST_ERROR_H + +/* + * Object % crys_self_test_error.h : % + * State : %state% + * Creation date : 07/03/ 2012 Last modified : %modify_time% + */ + /** @file + * \brief This module containes the definitions of the crys "self test" + * errors. + * + * \version crys_self_test_error.h#1:incl:1 + * \author G.Koltun + */ +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + +/************************ Defines ******************************/ + +/**************************************************************************************** +* CRYS SELF TEST MODULE ERRORS * +***************************************************************************************/ +#define CRYS_SELF_TEST_MSG_GENERAL_RPC_A_ERROR (CRYS_SELF_TEST_MODULE_ERROR_BASE + 0UL) +#define CRYS_SELF_TEST_MSG_GENERAL_RPC_B_ERROR (CRYS_SELF_TEST_MODULE_ERROR_BASE + 1UL) +#define CRYS_SELF_TEST_MSG_GENERAL_RPC_C_ERROR (CRYS_SELF_TEST_MODULE_ERROR_BASE + 2UL) + + + + + + + + + + + + + + + + + + + +/************************ Enums ********************************/ + +/************************ Typedefs ****************************/ + +/************************ Structs ******************************/ + +/************************ Public Variables **********************/ + +/************************ Public Functions **********************/ + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_sst_kg.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_sst_kg.h new file mode 100644 index 0000000..12d124e --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_sst_kg.h @@ -0,0 +1,261 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_SST_KG_H +#define CRYS_SST_KG_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "DX_VOS_BaseTypes.h" +#include "crys_error.h" +#include "crys_defs.h" +#include "crys_aes.h" +#include "crys_des.h" +#include "crys_hmac.h" +#include "CRYS_RSA_SCHEMES.h" +#include "CRYS_RSA_PRIM.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object % CRYS_SST_KG.h : % + * State : %state% + * Creation date : Wed Nov 17 16:42:30 2004 + * Last modified : %modify_time% + */ + /** @file + * \brief This file contains all of the enums and definitions that are used for the + * CRYS KG APIs, as well as the APIs themselves. + * + * \version CRYS_SST_KG.h#1:incl:13 + * \author adams + */ + +/************************ Defines ******************************/ + +/** +@brief - a definition describing the low level Engine type ( SW , Hardware , Etc ) +*/ + + +/************************ Enums ********************************/ + +/* Enum defining the user's key size argument */ + +/************************ Typedefs ****************************/ + + +/************************ context Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +/********************************** AES *******************************************/ + +/** + * @brief The function creates AES key saves it in the SST and + * return the handle to it. + * + * + * @param[in] TeansactionId the opened atransaction for the SST changes. + * + * @param[in] SessionId the opened authenticator SessionId. + * + * @param[in] MasterAuthHandle - the master authenticator that has all of the + * access writes on the new inserted data including + * binding writes to additional authenticators. + * + * @param[in] DataType user depend for internal SST use. + * + * @param[in] KeySize - type of AES key (128,192 or 256 bits). + * + * @param[in/out] KeyHandle_ptr - handle to SST entry.The user can enter an empty handle + * and get a new handle, or enter handle and force the SST to use it + * if possible. + * + * @return CRYSError_t - On success the value CRYS_OK is returned, + * and on failure a value from CRYS_SST_error.h TBD + */ + +CIMPORT_C CRYSError_t CRYS_SST_KG_AES( DxUint32_t TeansactionId, + SSTSessionId_t SessionId, + SSTHandle_t MasterAuthHandle, + SSTDataType_t DataType, + CRYS_AES_KeySize_t KeySize, + SSTHandle_t *KeyHandle_ptr, + DxUint8_t* aWorkspace_ptr, + DxUint32_t aWorkspaceSizeInBytes); + +/** + * @brief The function creates DES key saves it in the SST and + * return the handle to it. + * + * + * @param[in] TeansactionId the opened atransaction for the SST changes. + * + * @param[in] SessionId the opened authenticator SessionId. + * + * @param[in] MasterAuthHandle - the master authenticator that has all of the + * access writes on the new inserted data including + * binding writes to additional authenticators. + * + * @param[in] DataType user depand for internal SST use. + * + * @param[in,out] NumOfKeys - type of DES key (DES or 3DES). + * + * @param[in/out] KeyHandle_ptr - handle to SST entry.The user can enter an empty handle + * and get a new handle, or enter handle and force the SST to use it + * if possible. + * + * @return CRYSError_t - On success the value CRYS_OK is returned, + * and on failure a value from CRYS_SST_error.h TBD + */ + +CIMPORT_C CRYSError_t CRYS_SST_KG_DES( DxUint32_t TeansactionId, + SSTSessionId_t SessionId, + SSTHandle_t MasterAuthHandle, + SSTDataType_t DataType, + CRYS_DES_NumOfKeys_t NumOfKeys, + SSTHandle_t *KeyHandle_ptr, + DxUint8_t* aWorkspace_ptr, + DxUint32_t aWorkspaceSizeInBytes); + + +/** + * @brief The function creates HMAC key saves it in the SST and + * return the handle to it. + * + * + * @param[in] TeansactionId the opened transaction for the SST changes. + * + * @param[in] SessionId the opened authenticator SessionId. + * + * @param[in] MasterAuthHandle - the master authenticator that has all of the + * access writes on the new inserted data including + * binding writes to additional authenticators. + * + * @param[in] DataType user depend for internal SST use. + * + * @param[in] KeySize - HMAC key len in bytes. + * + * @param[in/out] KeyHandle_ptr - handle to SST entry.The user can enter an empty handle + * and get a new handle, or enter handle and force the SST to use it + * if possible. + * + * @return CRYSError_t - On success the value CRYS_OK is returned, + * and on failure a value from CRYS_SST_error.h TDB + */ + +CIMPORT_C CRYSError_t CRYS_SST_KG_HMAC( DxUint32_t TeansactionId, + SSTSessionId_t SessionId, + SSTHandle_t MasterAuthHandle, + SSTDataType_t DataType, + DxUint32_t KeySize, + SSTHandle_t *KeyHandle_ptr, + DxUint8_t* aWorkspace_ptr, + DxUint32_t aWorkspaceSizeInBytes); + + +/** + * @brief The function creates RSA key pair saves it in the SST and + * return the handle to it. + * + * + * @param[in] TeansactionId the opened atransaction for the SST changes. + * + * @param[in] SessionId the opened authenticator SessionId. + * + * @param[in] MasterAuthHandle - the master authenticator that has all of the + * access writes on the new inserted data including + * binding writes to additional authenticators. + * + * @param[in] DataType user depand for internal SST use. + * + * @param[in/out] KeyHandle_ptr - handle to SST entry.The user can enter an empty handle + * and get a new handle, or enter handle and force the SST to use it + * if possible. + * + * @param[in] PubExp_ptr - public exponent + * + * @param[in] PubExpSizeInBytes - size of public exponent in bytes. + * + * @param[in] KeySize - size of the modulus in bits + * + * @param[out] UserPrivKey_ptr - private key structure.This structure is used as internal buffer. + * + * @param[out] UserPubKey_ptr -public key structure.This structure is used as internal buffer. + * + * @param[in] KeyGenData_ptr - internal buffer for the key gen operation. + * + * @return CRYSError_t - On success the value CRYS_OK is returned, + * and on failure a value from CRYS_SST_error.h TBD + */ + +CIMPORT_C CRYSError_t CRYS_SST_RSA_KG_GenerateKeyPair(DxUint32_t TeansactionId, + SSTSessionId_t SessionId, + SSTHandle_t MasterAuthHandle, + SSTDataType_t DataType, + SSTHandle_t *KeyHandle_ptr, + DxUint8_t *PubExp_ptr, + DxUint16_t PubExpSizeInBytes, + DxUint32_t KeySize, + CRYS_SST_RSA_keys_and_data_container_t *KeyGenData_ptr); + + +/** + * @brief The function creates RSA key pair with CRT format ,saves it in the SST and + * return the handle to it. + * + * + * @param[in] TeansactionId the opened atransaction for the SST changes. + * + * @param[in] SessionId the opened authenticator SessionId. + * + * @param[in] MasterAuthHandle - the master authenticator that has all of the + * access writes on the new inserted data including + * binding writes to additional authenticators. + * + * @param[in] DataType user depand for internal SST use. + * + * @param[in/out] KeyHandle_ptr - handle to SST entry.The user can enter an empty handle + * and get a new handle, or enter handle and force the SST to use it + * if possible. + * + * @param[in] PubExp_ptr - public exponent + * + * @param[in] PubExpSizeInBytes - size of public exponent in bytes. + * + * @param[in] KeySize - size of the modulus in bits + * + * @param[in] KeyGenData_ptr - internal buffer for the key gen operation. + * + * @return CRYSError_t - On success the value CRYS_OK is returned, + * and on failure a value from CRYS_SST_error.h TBD + */ + +CIMPORT_C CRYSError_t CRYS_SST_RSA_KG_GenerateKeyPairCRT(DxUint32_t TeansactionId, + SSTSessionId_t SessionId, + SSTHandle_t MasterAuthHandle, + SSTDataType_t DataType, + SSTHandle_t *KeyHandle_ptr, + DxUint8_t *PubExp_ptr, + DxUint16_t PubExpSizeInBytes, + DxUint32_t KeySize, + CRYS_SST_RSA_keys_and_data_container_t *KeyGenData_ptr); + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_tsts_dsm_sim_error.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_tsts_dsm_sim_error.h new file mode 100644 index 0000000..2b78874 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_tsts_dsm_sim_error.h @@ -0,0 +1,58 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_TST_DSM_SIM_ERROR_H +#define CRYS_TST_DSM_SIM_ERROR_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "crys_error.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + + + +/* INTERNAL debug error module on the CRYS layer base address - 0x00F00700 */ + +/************************ Defines ******************************/ + +/*AES DSM Project errors*/ +#define CRYS_AES_DSM_TEST_INDEX_NOT_SUPPORTED (CRYS_INTERNAL_MODULE_ERROR_BASE + 0x01UL) +#define CRYS_AES_DSM_TEST_EXPECTED_RESULT_COMPARE_FAILED (CRYS_INTERNAL_MODULE_ERROR_BASE + 0x02UL) + +/*DES DSM Project errors*/ +#define CRYS_DES_DSM_TEST_INDEX_NOT_SUPPORTED (CRYS_INTERNAL_MODULE_ERROR_BASE + 0x10UL) +#define CRYS_DES_DSM_TEST_EXPECTED_RESULT_COMPARE_FAILED (CRYS_INTERNAL_MODULE_ERROR_BASE + 0x11UL) + +/*HASH DSM Project errors*/ +#define CRYS_HASH_DSM_TEST_INDEX_NOT_SUPPORTED (CRYS_INTERNAL_MODULE_ERROR_BASE + 0x20UL) +#define CRYS_HASH_DSM_TEST_EXPECTED_RESULT_COMPARE_FAILED (CRYS_INTERNAL_MODULE_ERROR_BASE + 0x21UL) + +/*RSA DSM Errors*/ +#define CRYS_PKI_PRIM_DSM_TEST_EXPECTED_RESULT_COMPARE_FAILED (CRYS_INTERNAL_MODULE_ERROR_BASE + 0x30UL) +#define CRYS_RSA_PRIM_TST_DSM_CRT_DATA_NOT_VALID (CRYS_INTERNAL_MODULE_ERROR_BASE + 0x31UL) +#define CRYS_RSA_DSM_TEST_EXPECTED_RESULT_COMPARE_FAILED (CRYS_INTERNAL_MODULE_ERROR_BASE + 0x32UL) +#define CRYS_RSA_PRIM_DSM_TEST_INDEX_NOT_SUPPORTED (CRYS_INTERNAL_MODULE_ERROR_BASE + 0x33UL) +#define CRYS_RSA_DSM_TEST_CRT_512_NOT_SUPPORTED (CRYS_INTERNAL_MODULE_ERROR_BASE + 0x34UL) +#define CRYS_RSA_DSM_TEST_EXPECTED_RESULT_COMPARE_FAILED_1 (CRYS_INTERNAL_MODULE_ERROR_BASE + 0x35UL) +#define CRYS_RSA_DSM_TEST_EXPECTED_RESULT_COMPARE_FAILED_2 (CRYS_INTERNAL_MODULE_ERROR_BASE + 0x36UL) +#define CRYS_RSA_DSM_TEST_EXPECTED_RESULT_COMPARE_FAILED_3 (CRYS_INTERNAL_MODULE_ERROR_BASE + 0x37UL) + +/*DSM general errors*/ +#define CRYS_DSM_TEST_TIMEOUT_ERROR (CRYS_INTERNAL_MODULE_ERROR_BASE + 0x50UL) + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys/crys_version.h b/peripheral/keystore/chaabi/libcc54/include/crys/crys_version.h new file mode 100644 index 0000000..ae81e18 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys/crys_version.h @@ -0,0 +1,101 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_version_H +#define CRYS_version_H + +/* + * All the includes that are needed for code using this module to + * compile correctly should be #included here. + */ +#include "dx_vos_basetypes.h" + + +#ifdef __cplusplus +extern "C" +{ +#endif + + /* + * Object %name : % + * State : %state% + * Creation date : Tue Mar 22 09:35:02 2005 + * Last modified : %modify_time% + */ + /** @file + * \brief Get CRYS version information, including underlying engines. + * + * \version CRYS_version.h#1:incl:1 + * \author adams + */ + +/************************ Defines ******************************/ + +/* @brief the version structure definition */ +typedef struct +{ + char compName[4]; + char type; + DxUint32_t major; + DxUint32_t minor; + DxUint32_t sub; + DxUint32_t internal; + +}CRYS_ComponentVersion_t; + +typedef struct +{ + CRYS_ComponentVersion_t CRYS_Version; + CRYS_ComponentVersion_t LLF_AES_Version; + CRYS_ComponentVersion_t LLF_HASH_Version; + CRYS_ComponentVersion_t LLF_DES_Version; + CRYS_ComponentVersion_t LLF_PKI_Version; + CRYS_ComponentVersion_t LLF_RND_Version; + CRYS_ComponentVersion_t LLF_ECPKI_Version; + CRYS_ComponentVersion_t LLF_RC4_Version; + +}CRYS_Version_t; + +/************************ Enums ********************************/ + + +/************************ Typedefs ****************************/ + + +/************************ Structs ******************************/ + + +/************************ Public Variables **********************/ + + +/************************ Public Functions **********************/ + +/** + * @brief This function returns the CRYS version. + * + * The version contains the following fields: + * + * component string - a string describing the nature of the release. + * release type: 'D' - development, 'A' - alpha (passed to QA) , + * 'R' - release, after QA testing. + * + * major, minor, sub, internal - the release digits. + * + * each component: CRYS, LLF machines has this structure. + * + * @param[in] version_ptr - a pointer to the version structure. + * + */ + + void CRYS_GetVersion(CRYS_Version_t *version_ptr); + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/crys_host_rpc_config.h b/peripheral/keystore/chaabi/libcc54/include/crys_host_rpc_config.h new file mode 100644 index 0000000..c3715cb --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/crys_host_rpc_config.h @@ -0,0 +1,13 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef CRYS_HOST_RPC_CONFIG_H +#define CRYS_HOST_RPC_CONFIG_H + +/*configuration definition, need to be used when using asymmetric engine via RPC*/ +#define DX_SEP_HOST_RPC_CONFIG + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/dx_applet_mng_load.h b/peripheral/keystore/chaabi/libcc54/include/dx_applet_mng_load.h new file mode 100644 index 0000000..99c1199 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/dx_applet_mng_load.h @@ -0,0 +1,74 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/*************************************************************************** + * This file provides the applet load interface * + ***************************************************************************/ + +#ifndef __DX_APPLET_MNG_LOAD_H__ +#define __DX_APPLET_MNG_LOAD_H__ + +#include "dx_pal_types.h" + +/****************************************************************************** +* DEFINITIONS +******************************************************************************/ + +/* Applet UUID MAX size according to TEEC defintions */ +#define APPLET_UUID_MAX_SIZE_WORDS 4 + +/* Applet's unique identifier */ +typedef DxUint8_t DX_SepAppUuid_t[APPLET_UUID_MAX_SIZE_WORDS*sizeof(DxUint32_t)]; + + +/****************************************************************************** +* FUNCTION PROTOTYPES +******************************************************************************/ + +/* + @Brief: This function is used to load applet to the sep. + The function will do the following steps : + 1. verify the applet's vrl + 2. load the applet to its designated location + 3. update the Icache and Dcache + 4. add the applet's data to the applet's manager DB + + @params: + vrlAddr [in] - vrl address in host memory + magicNum [in] - a magic number in case the magic number to validate the vrl with is not the default magic number + verKeyIndex [in] - Index of the RSA public key used to verify the VRL (0-2). + flags [in] - bit flags for the imageAddress parameter: + - origin of applet Image address (if set to 1, the address in the host ram is taken from appletImageAddr) - DX_CC_INIT_FLAGS_I_CACHE_ADDR_FLAG + - magic number - from user or default (if set to 1 - use user's magic number) - DX_CC_INIT_FLAGS_MAGIC_NUMBER_FLAG + appletImageAddr [in] - image address in the host memory + + +*/ +DxUint32_t DX_CC_LoadApplet(DxUint32_t vrlAddr, + DxUint32_t magicNum, + DxUint32_t verKeyIndex, + DxUint32_t flags, + DxUint32_t appletImageAddr, + DxUint32_t userParam); + +/* + @Brief: This function is used to unload the replaceable applet + The function will do the following steps : + 1. find the applet's slot according to uuid + 2. verify there are no open sessions for that applet + 3. Call the applet terminate function + 3. zero the Dcache + 4. remove the entry from the applets info table + + @params: + uuid [in] - applet's identifier + + +*/ +DxUint32_t DX_CC_UnloadApplet(DX_SepAppUuid_t uuid); + + +#endif /*__DX_APPLET_MNG_LOAD_H__*/ diff --git a/peripheral/keystore/chaabi/libcc54/include/dx_bitops.h b/peripheral/keystore/chaabi/libcc54/include/dx_bitops.h new file mode 100644 index 0000000..676e38c --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/dx_bitops.h @@ -0,0 +1,42 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/*! + * \file dx_bitops.h + * Bit fields operations macros. + */ +#ifndef _DX_BITOPS_H_ +#define _DX_BITOPS_H_ + +#define BITMASK(mask_size) (((mask_size) < 32) ? \ + ((1UL << (mask_size)) - 1) : 0xFFFFFFFFUL) +#define BITMASK_AT(mask_size, mask_offset) (BITMASK(mask_size) << (mask_offset)) + +#define BITFIELD_GET(word, bit_offset, bit_size) \ + (((word) >> (bit_offset)) & BITMASK(bit_size)) +#define BITFIELD_SET(word, bit_offset, bit_size, new_val) do { \ + word = ((word) & ~BITMASK_AT(bit_size, bit_offset)) | \ + (((new_val) & BITMASK(bit_size)) << (bit_offset)); \ +} while (0) + +/* Is val aligned to "align" ("align" must be power of 2) */ +#ifndef IS_ALIGNED +#define IS_ALIGNED(val, align) \ + (((uint32_t)(val) & ((align) - 1)) == 0) +#endif + +#define SWAP_ENDIAN(word) \ + (((word) >> 24) | (((word) & 0x00FF0000) >> 8) | \ + (((word) & 0x0000FF00) << 8) | (((word) & 0x000000FF) << 24)) + +/* Is val a multiple of "mult" ("mult" must be power of 2) */ +#define IS_MULT(val, mult) \ + (((val) & ((mult) - 1)) == 0) + +#define IS_NULL_ADDR(adr) \ + (!(adr)) + +#endif /*_DX_BITOPS_H_*/ diff --git a/peripheral/keystore/chaabi/libcc54/include/dx_cc_defs.h b/peripheral/keystore/chaabi/libcc54/include/dx_cc_defs.h new file mode 100644 index 0000000..8e0b496 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/dx_cc_defs.h @@ -0,0 +1,23 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _DX_CC_DEFS_H_ +#define _DX_CC_DEFS_H + +#define DX_INT32_MAX 0x7FFFFFFFL + +typedef enum { + DX_USER_KEY = 0, + DX_ROOT_KEY = 1, + DX_PROVISIONING_KEY = 2, + DX_XOR_HDCP_KEY = 3, + DX_APPLET_KEY = 4, + DX_SESSION_KEY = 5, + DX_END_OF_KEYS = DX_INT32_MAX, +}DX_CRYPTO_KEY_TYPE_t; + + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/dx_cc_regs.h b/peripheral/keystore/chaabi/libcc54/include/dx_cc_regs.h new file mode 100644 index 0000000..b7c6ffc --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/dx_cc_regs.h @@ -0,0 +1,148 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/*! + * \file dx_cc_regs.h + * \brief Macro definitions for accessing Dx CryptoCell register space + * + * For SeP code define DX_CC_SEP + * For Host physical/direct registers access define DX_CC_HOST + * For Host virtual mapping of registers define DX_CC_HOST_VIRT + */ + +#ifndef _DX_CC_REGS_H_ +#define _DX_CC_REGS_H_ + +#include "dx_bitops.h" + + + +/* Include register base addresses data */ +#if defined(DX_CC_SEP) +#include "dx_reg_base_sep.h" + +#elif defined(DX_CC_HOST) || defined(DX_CC_HOST_VIRT) || defined(DX_CC_TEE) +#include "dx_reg_base_host.h" + +#else +#error Define either DX_CC_SEP or DX_CC_HOST or DX_CC_HOST_VIRT +#endif + + +/* CC registers address calculation */ +#if defined(DX_CC_SEP) +#define DX_CC_REG_ADDR(unit_name, reg_name) \ + (DX_BASE_CC_PERIF + DX_BASE_ ## unit_name + \ + DX_ ## reg_name ## _REG_OFFSET) + +/* In host macros we ignore the unit_name because all offsets are from base */ +#elif defined(DX_CC_HOST) +#define DX_CC_REG_ADDR(unit_name, reg_name) \ + (DX_BASE_CC + DX_ ## reg_name ## _REG_OFFSET) + +#elif defined(DX_CC_TEE) +#define DX_CC_REG_ADDR(unit_name, reg_name) \ + (DX_BASE_CC + DX_ ## reg_name ## _REG_OFFSET) + +#elif defined(DX_CC_HOST_VIRT) +#define DX_CC_REG_ADDR(cc_base_virt, unit_name, reg_name) \ + (((unsigned long)(cc_base_virt)) + DX_ ## reg_name ## _REG_OFFSET) + +#endif + +/* Register Offset macros (from registers base address in host) */ +#if defined(DX_CC_HOST) || defined(DX_CC_HOST_VIRT) + +#define DX_CC_REG_OFFSET(reg_domain, reg_name) \ + (DX_ ## reg_domain ## _ ## reg_name ## _REG_OFFSET) + +/* Indexed GPR offset macros - note the (not original) preprocessor tricks...*/ +/* (Using the macro without the "_" prefix is allowed with another macro * + * as the gpr_idx) */ +#define _SEP_HOST_GPR_REG_OFFSET(gpr_idx) \ + DX_CC_REG_OFFSET(HOST, SEP_HOST_GPR ## gpr_idx) +#define SEP_HOST_GPR_REG_OFFSET(gpr_idx) _SEP_HOST_GPR_REG_OFFSET(gpr_idx) +#define _HOST_SEP_GPR_REG_OFFSET(gpr_idx) \ + DX_CC_REG_OFFSET(HOST, HOST_SEP_GPR ## gpr_idx) +#define HOST_SEP_GPR_REG_OFFSET(gpr_idx) _HOST_SEP_GPR_REG_OFFSET(gpr_idx) + +/* GPR IRQ bit mask by GPR index */ +#define _SEP_HOST_GPR_IRQ_MASK(gpr_idx) \ + (1 << DX_HOST_IRR_SEP_HOST_GPR ## gpr_idx ## _INT_BIT_SHIFT) +#define SEP_HOST_GPR_IRQ_MASK(gpr_idx) _SEP_HOST_GPR_IRQ_MASK(gpr_idx) + +#elif defined(DX_CC_SEP) + +#define DX_CC_REG_OFFSET(unit_name, reg_name) \ + (DX_BASE_ ## unit_name + DX_ ## reg_name ## _REG_OFFSET) + +/* Indexed GPR address macros - note the (not original) preprocessor tricks...*/ +/* (Using the macro without the "_" prefix is allowed with another macro * + * as the gpr_idx) */ +#define _SEP_HOST_GPR_REG_ADDR(gpr_idx) \ + DX_CC_REG_ADDR(SEP_RGF, SEP_SEP_HOST_GPR ## gpr_idx) +#define SEP_HOST_GPR_REG_ADDR(gpr_idx) _SEP_HOST_GPR_REG_ADDR(gpr_idx) +#define _HOST_SEP_GPR_REG_ADDR(gpr_idx) \ + DX_CC_REG_ADDR(SEP_RGF, SEP_HOST_SEP_GPR ## gpr_idx) +#define HOST_SEP_GPR_REG_ADDR(gpr_idx) _HOST_SEP_GPR_REG_ADDR(gpr_idx) + +#elif defined(DX_CC_TEE) + +#define DX_CC_REG_OFFSET(unit_name, reg_name) \ + (DX_BASE_ ## unit_name + DX_ ## reg_name ## _REG_OFFSET) + +#else +#error Undefined execution domain, should be DX_CC_SEP or DX_CC_HOST or DX_CC_HOST_VIRT or DX_CC_TEE. +#endif + + + + +/* Registers address macros for ENV registers (development FPGA only) */ +#ifdef DX_BASE_ENV_REGS + +#if defined(DX_CC_HOST) +#define DX_ENV_REG_ADDR(reg_name) \ + (DX_BASE_ENV_REGS + DX_ENV_ ## reg_name ## _REG_OFFSET) + +#elif defined(DX_CC_HOST_VIRT) +/* The OS driver resource address space covers the ENV registers, too */ +/* Since DX_BASE_ENV_REGS is given in absolute address, we calc. the distance */ +#define DX_ENV_REG_ADDR(cc_base_virt, reg_name) \ + (((cc_base_virt) + (DX_BASE_ENV_REGS - DX_BASE_CC)) + \ + DX_ENV_ ## reg_name ## _REG_OFFSET) + +#endif + +#endif /*DX_BASE_ENV_REGS*/ + +/* Bit fields access */ +#define DX_CC_REG_FLD_GET(unit_name, reg_name, fld_name, reg_val) \ + (DX_ ## reg_name ## _ ## fld_name ## _BIT_SIZE == 0x20 ? \ + reg_val /* Optimization for 32b fields */ : \ + BITFIELD_GET(reg_val, DX_ ## reg_name ## _ ## fld_name ## _BIT_SHIFT, \ + DX_ ## reg_name ## _ ## fld_name ## _BIT_SIZE)) + +#define DX_CC_REG_FLD_SET( \ + unit_name, reg_name, fld_name, reg_shadow_var, new_fld_val) \ +do { \ + if (DX_ ## reg_name ## _ ## fld_name ## _BIT_SIZE == 0x20) \ + reg_shadow_var = new_fld_val; /* Optimization for 32b fields */\ + else \ + BITFIELD_SET(reg_shadow_var, \ + DX_ ## reg_name ## _ ## fld_name ## _BIT_SHIFT, \ + DX_ ## reg_name ## _ ## fld_name ## _BIT_SIZE, \ + new_fld_val); \ +} while (0) + +/* Usage example: + uint32_t reg_shadow = READ_REGISTER(DX_CC_REG_ADDR(CRY_KERNEL,AES_CONTROL)); + DX_CC_REG_FLD_SET(CRY_KERNEL,AES_CONTROL,NK_KEY0,reg_shadow, 3); + DX_CC_REG_FLD_SET(CRY_KERNEL,AES_CONTROL,NK_KEY1,reg_shadow, 1); + WRITE_REGISTER(DX_CC_REG_ADDR(CRY_KERNEL,AES_CONTROL), reg_shadow); + */ + +#endif /*_DX_CC_REGS_H_*/ diff --git a/peripheral/keystore/chaabi/libcc54/include/dx_driver_abi.h b/peripheral/keystore/chaabi/libcc54/include/dx_driver_abi.h new file mode 100644 index 0000000..33fced2 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/dx_driver_abi.h @@ -0,0 +1,638 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef __SEP_DRIVER_ABI_H__ +#define __SEP_DRIVER_ABI_H__ + +#ifdef __KERNEL__ +#include <linux/types.h> +#ifndef INT32_MAX +#define INT32_MAX 0x7FFFFFFFL +#endif +#else +/* For inclusion in user space library */ +#include <stdint.h> +#endif + +#include <linux/ioctl.h> +#include <linux/errno.h> +#include "sep_rpc.h" + +/* Proprietary error code for unexpected internal errors */ +#define EBUG 999 + +/****************************/ +/**** IOCTL return codes ****/ +/***************************************************************************** + ENOTTY : Unknown IOCTL command * + ENOSYS : Unsupported/not-implemented (known) operation * + EINVAL : Invalid parameters * + EFAULT : Bad pointers for given user memory space * + EPERM : Not enough permissions for given command * + ENOMEM,EAGAIN: when not enough resources available for given op. * + EIO : SeP HW error or another internal error (probably operation timed * + out or unexpected behavior) * + EBUG : Driver bug found ("assertion") - see system log * +*****************************************************************************/ + +/****** IOCTL commands ********/ +/* The magic number appears free in Documentation/ioctl/ioctl-number.txt */ +#define DXDI_IOC_MAGIC 0xD1 + +/* IOCTL ordinal numbers */ +/*(for backward compatibility, add new ones only at end of list!) */ +enum dxdi_ioc_nr { + /* Version info. commands */ + DXDI_IOC_NR_GET_VER_MAJOR = 0, + DXDI_IOC_NR_GET_VER_MINOR = 1, + /* Context size queries */ + DXDI_IOC_NR_GET_SYMCIPHER_CTX_SIZE = 2, + DXDI_IOC_NR_GET_AUTH_ENC_CTX_SIZE = 3, + DXDI_IOC_NR_GET_MAC_CTX_SIZE = 4, + DXDI_IOC_NR_GET_HASH_CTX_SIZE = 5, + /* Init context commands */ + DXDI_IOC_NR_SYMCIPHER_INIT = 7, + DXDI_IOC_NR_AUTH_ENC_INIT = 8, + DXDI_IOC_NR_MAC_INIT = 9, + DXDI_IOC_NR_HASH_INIT = 10, + /* Processing commands */ + DXDI_IOC_NR_PROC_DBLK = 12, + DXDI_IOC_NR_FIN_PROC = 13, + /* "Integrated" processing operations */ + DXDI_IOC_NR_SYMCIPHER_PROC = 14, + DXDI_IOC_NR_AUTH_ENC_PROC = 15, + DXDI_IOC_NR_MAC_PROC = 16, + DXDI_IOC_NR_HASH_PROC = 17, + /* SeP RPC */ + DXDI_IOC_NR_SEP_RPC = 19, + /* Memory registration */ + DXDI_IOC_NR_REGISTER_MEM4DMA = 20, + DXDI_IOC_NR_ALLOC_MEM4DMA = 21, + DXDI_IOC_NR_FREE_MEM4DMA = 22, + /* SeP Applets API */ + DXDI_IOC_NR_SEPAPP_SESSION_OPEN = 23, + DXDI_IOC_NR_SEPAPP_SESSION_CLOSE = 24, + DXDI_IOC_NR_SEPAPP_COMMAND_INVOKE = 25, + /* Combined mode */ + DXDI_IOC_NR_COMBINED_INIT = 26, + DXDI_IOC_NR_COMBINED_PROC_DBLK = 27, + DXDI_IOC_NR_COMBINED_PROC_FIN = 28, + DXDI_IOC_NR_COMBINED_PROC = 29, + + /* AES IV set/get API */ + DXDI_IOC_NR_SET_IV = 30, + DXDI_IOC_NR_GET_IV = 31, + DXDI_IOC_NR_MAX = DXDI_IOC_NR_GET_IV +}; + +/* In case error is not DXDI_RET_ESEP these are the +* errors embedded in the error info field "error_info" */ +enum dxdi_error_info { + DXDI_ERROR_NULL = 0, + DXDI_ERROR_BAD_CTX = 1, + DXDI_ERROR_UNSUP = 2, + DXDI_ERROR_INVAL_MODE = 3, + DXDI_ERROR_INVAL_DIRECTION = 4, + DXDI_ERROR_INVAL_KEY_SIZE = 5, + DXDI_ERROR_INVAL_NONCE_SIZE = 6, + DXDI_ERROR_INVAL_TAG_SIZE = 7, + DXDI_ERROR_INVAL_DIN_PTR = 8, + DXDI_ERROR_INVAL_DOUT_PTR = 9, + DXDI_ERROR_INVAL_DATA_SIZE = 10, + DXDI_ERROR_DIN_DOUT_OVERLAP = 11, + DXDI_ERROR_INTERNAL = 12, + DXDI_ERROR_NO_RESOURCE = 13, + DXDI_ERROR_FATAL = 14, + DXDI_ERROR_INFO_RESERVE32B = INT32_MAX +}; + +/* ABI Version info. */ +#define DXDI_VER_MAJOR 1 +#define DXDI_VER_MINOR DXDI_IOC_NR_MAX + +/******************************/ +/* IOCTL commands definitions */ +/******************************/ +/* Version info. commands */ +#define DXDI_IOC_GET_VER_MAJOR _IOR(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_GET_VER_MAJOR, uint32_t) +#define DXDI_IOC_GET_VER_MINOR _IOR(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_GET_VER_MINOR, uint32_t) +/* Context size queries */ +#define DXDI_IOC_GET_SYMCIPHER_CTX_SIZE _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_GET_SYMCIPHER_CTX_SIZE,\ + struct dxdi_get_sym_cipher_ctx_size_params) +#define DXDI_IOC_GET_AUTH_ENC_CTX_SIZE _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_GET_AUTH_ENC_CTX_SIZE,\ + struct dxdi_get_auth_enc_ctx_size_params) +#define DXDI_IOC_GET_MAC_CTX_SIZE _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_GET_MAC_CTX_SIZE,\ + struct dxdi_get_mac_ctx_size_params) +#define DXDI_IOC_GET_HASH_CTX_SIZE _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_GET_HASH_CTX_SIZE,\ + struct dxdi_get_hash_ctx_size_params) +/* Init. Sym. Crypto. */ +#define DXDI_IOC_SYMCIPHER_INIT _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_SYMCIPHER_INIT, struct dxdi_sym_cipher_init_params) +#define DXDI_IOC_AUTH_ENC_INIT _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_AUTH_ENC_INIT, struct dxdi_auth_enc_init_params) +#define DXDI_IOC_MAC_INIT _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_MAC_INIT, struct dxdi_mac_init_params) +#define DXDI_IOC_HASH_INIT _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_HASH_INIT, struct dxdi_hash_init_params) + +/* Sym. Crypto. Processing commands */ +#define DXDI_IOC_PROC_DBLK _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_PROC_DBLK, struct dxdi_process_dblk_params) +#define DXDI_IOC_FIN_PROC _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_FIN_PROC, struct dxdi_fin_process_params) + +/* Integrated Sym. Crypto. */ +#define DXDI_IOC_SYMCIPHER_PROC _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_SYMCIPHER_PROC, struct dxdi_sym_cipher_proc_params) +#define DXDI_IOC_AUTH_ENC_PROC _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_AUTH_ENC_PROC, struct dxdi_auth_enc_proc_params) +#define DXDI_IOC_MAC_PROC _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_MAC_PROC, struct dxdi_mac_proc_params) +#define DXDI_IOC_HASH_PROC _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_HASH_PROC, struct dxdi_hash_proc_params) + +/* AES Initial Vector set/get */ +#define DXDI_IOC_SET_IV _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_SET_IV, struct dxdi_aes_iv_params) +#define DXDI_IOC_GET_IV _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_GET_IV, struct dxdi_aes_iv_params) + +/* Combined mode */ +#define DXDI_IOC_COMBINED_INIT _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_COMBINED_INIT,\ + struct dxdi_combined_init_params) +#define DXDI_IOC_COMBINED_PROC_DBLK _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_COMBINED_PROC_DBLK,\ + struct dxdi_combined_proc_dblk_params) +#define DXDI_IOC_COMBINED_PROC_FIN _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_COMBINED_PROC_FIN,\ + struct dxdi_combined_proc_params) +#define DXDI_IOC_COMBINED_PROC _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_COMBINED_PROC,\ + struct dxdi_combined_proc_params) + +/* SeP RPC */ +#define DXDI_IOC_SEP_RPC _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_SEP_RPC, struct dxdi_sep_rpc_params) +/* Memory registration */ +#define DXDI_IOC_REGISTER_MEM4DMA _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_REGISTER_MEM4DMA, \ + struct dxdi_register_mem4dma_params) +#define DXDI_IOC_ALLOC_MEM4DMA _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_ALLOC_MEM4DMA, \ + struct dxdi_alloc_mem4dma_params) +#define DXDI_IOC_FREE_MEM4DMA _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_FREE_MEM4DMA, \ + struct dxdi_free_mem4dma_params) +/* SeP Applets API */ +#define DXDI_IOC_SEPAPP_SESSION_OPEN _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_SEPAPP_SESSION_OPEN, \ + struct dxdi_sepapp_session_open_params) +#define DXDI_IOC_SEPAPP_SESSION_CLOSE _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_SEPAPP_SESSION_CLOSE, \ + struct dxdi_sepapp_session_close_params) +#define DXDI_IOC_SEPAPP_COMMAND_INVOKE _IORW(DXDI_IOC_MAGIC,\ + DXDI_IOC_NR_SEPAPP_COMMAND_INVOKE, \ + struct dxdi_sepapp_command_invoke_params) + + +/*** ABI constants ***/ +/* Max. symmetric crypto key size (512b) */ +#define DXDI_SYM_KEY_SIZE_MAX 64 /*octets*/ +/* Max. MAC key size (applicable to HMAC-SHA512) */ +#define DXDI_MAC_KEY_SIZE_MAX 128 /*octets*/ +/* AES IV/Counter size (128b) */ +#define DXDI_AES_BLOCK_SIZE 16 /*octets*/ +/* DES IV size (64b) */ +#define DXDI_DES_BLOCK_SIZE 8 /*octets*/ +/* Max. Nonce size */ +#define DXDI_NONCE_SIZE_MAX 16 /*octets*/ +/* Max. digest size */ +#define DXDI_DIGEST_SIZE_MAX 64 /*octets*/ +/* Max. nodes */ +#define DXDI_COMBINED_NODES_MAX 4 +#define DXDI_AES_IV_SIZE DXDI_AES_BLOCK_SIZE + +/*** ABI data types ***/ + +enum dxdi_cipher_direction { + DXDI_CDIR_ENC = 0, + DXDI_CDIR_DEC = 1, + DXDI_CDIR_MAX = DXDI_CDIR_DEC, + DXDI_CDIR_RESERVE32B = INT32_MAX +}; + +enum dxdi_sym_cipher_type { + DXDI_SYMCIPHER_NONE = 0, + _DXDI_SYMCIPHER_AES_FIRST = 1, + DXDI_SYMCIPHER_AES_XXX = _DXDI_SYMCIPHER_AES_FIRST, + DXDI_SYMCIPHER_AES_ECB = _DXDI_SYMCIPHER_AES_FIRST + 1, + DXDI_SYMCIPHER_AES_CBC = _DXDI_SYMCIPHER_AES_FIRST + 2, + DXDI_SYMCIPHER_AES_CTR = _DXDI_SYMCIPHER_AES_FIRST + 3, + DXDI_SYMCIPHER_AES_XTS = _DXDI_SYMCIPHER_AES_FIRST + 4, + _DXDI_SYMCIPHER_AES_LAST = DXDI_SYMCIPHER_AES_XTS, + _DXDI_SYMCIPHER_DES_FIRST = 0x11, + DXDI_SYMCIPHER_DES_ECB = _DXDI_SYMCIPHER_DES_FIRST, + DXDI_SYMCIPHER_DES_CBC = _DXDI_SYMCIPHER_DES_FIRST + 1, + _DXDI_SYMCIPHER_DES_LAST = DXDI_SYMCIPHER_DES_CBC, + _DXDI_SYMCIPHER_C2_FIRST = 0x21, + DXDI_SYMCIPHER_C2_ECB = _DXDI_SYMCIPHER_C2_FIRST, + DXDI_SYMCIPHER_C2_CBC = _DXDI_SYMCIPHER_C2_FIRST + 1, + _DXDI_SYMCIPHER_C2_LAST = DXDI_SYMCIPHER_C2_CBC, + DXDI_SYMCIPHER_RC4 = 0x31, /* Supported in message API only */ + DXDI_SYMCIPHER_RESERVE32B = INT32_MAX +}; + + +enum dxdi_auth_enc_type { + DXDI_AUTHENC_NONE = 0, + DXDI_AUTHENC_AES_CCM = 1, + DXDI_AUTHENC_AES_GCM = 2, + DXDI_AUTHENC_MAX = DXDI_AUTHENC_AES_GCM, + DXDI_AUTHENC_RESERVE32B = INT32_MAX +}; + +enum dxdi_mac_type { + DXDI_MAC_NONE = 0, + DXDI_MAC_HMAC = 1, + DXDI_MAC_AES_MAC = 2, + DXDI_MAC_AES_CMAC = 3, + DXDI_MAC_AES_XCBC_MAC = 4, + DXDI_MAC_MAX = DXDI_MAC_AES_XCBC_MAC, + DXDI_MAC_RESERVE32B = INT32_MAX +}; + +enum dxdi_hash_type { + DXDI_HASH_NONE = 0, + DXDI_HASH_MD5 = 1, + DXDI_HASH_SHA1 = 2, + DXDI_HASH_SHA224 = 3, + DXDI_HASH_SHA256 = 4, + DXDI_HASH_SHA384 = 5, + DXDI_HASH_SHA512 = 6, + DXDI_HASH_MAX = DXDI_HASH_SHA512, + DXDI_HASH_RESERVE32B = INT32_MAX +}; + +enum dxdi_data_block_type { + DXDI_DATA_TYPE_NULL = 0, + DXDI_DATA_TYPE_TEXT = 1, /* Plain/cipher text */ + DXDI_DATA_TYPE_ADATA = 2, /* Additional/Associated data for AEAD */ + DXDI_DATA_TYPE_MAX = DXDI_DATA_TYPE_ADATA, + DXDI_DATA_TYPE_RESERVE32B = INT32_MAX +}; + +enum dxdi_input_engine_type { + DXDI_INPUT_NULL = 0, /* no input */ + DXDI_INPUT_ENGINE_1 = 1, + DXID_INPUT_ENGINE_2 = 2, + DXDI_INPUT_DIN = 15, /* input from DIN */ + DXDI_INPUT_ENGINE_RESERVE32B = INT32_MAX, +}; + +/* Properties of specific ciphers */ +/* (for use in alg_specific union of dxdi_cipher_props) */ +struct dxdi_des_cbc_props { + uint8_t iv[DXDI_DES_BLOCK_SIZE]; +}; +struct dxdi_aes_cbc_props { + uint8_t iv[DXDI_AES_BLOCK_SIZE]; +}; +struct dxdi_aes_ctr_props { + uint8_t cntr[DXDI_AES_BLOCK_SIZE]; +}; +struct dxdi_aes_xts_props { + uint8_t init_tweak[DXDI_AES_BLOCK_SIZE]; + unsigned long data_unit_size; +}; +struct dxdi_c2_cbc_props { + uint32_t reset_interval; +}; + +struct dxdi_sym_cipher_props { + enum dxdi_sym_cipher_type cipher_type; + enum dxdi_cipher_direction direction; + uint8_t key_size; /* In octets */ + uint8_t key[DXDI_SYM_KEY_SIZE_MAX]; + union { /* cipher specific properties */ + struct dxdi_des_cbc_props des_cbc; + struct dxdi_aes_cbc_props aes_cbc; + struct dxdi_aes_ctr_props aes_ctr; + struct dxdi_aes_xts_props aes_xts; + struct dxdi_c2_cbc_props c2_cbc; + uint32_t __assure_32b_union_alignment; + /* Reserve space for future extension?*/ + } alg_specific; +}; + +struct dxdi_auth_enc_props { + enum dxdi_auth_enc_type ae_type; + enum dxdi_cipher_direction direction; + uint32_t adata_size; /* In octets */ + uint32_t text_size; /* In octets */ + uint8_t key_size; /* In octets */ + uint8_t nonce_size; /* In octets */ + uint8_t tag_size; /* In octets */ + uint8_t key[DXDI_SYM_KEY_SIZE_MAX]; + uint8_t nonce[DXDI_NONCE_SIZE_MAX]; +}; + +/* Properties specific for HMAC */ +/* (for use in properties union of dxdi_mac_props) */ +struct dxdi_hmac_props { + enum dxdi_hash_type hash_type; +}; + +struct dxdi_aes_mac_props { + uint8_t iv[DXDI_AES_BLOCK_SIZE]; +}; + +struct dxdi_mac_props { + enum dxdi_mac_type mac_type; + uint32_t key_size; /* In octets */ + uint8_t key[DXDI_MAC_KEY_SIZE_MAX]; + union { /* Union of algorithm specific properties */ + struct dxdi_hmac_props hmac; + struct dxdi_aes_mac_props aes_mac; + uint32_t __assure_32b_union_alignment; + /* Reserve space for future extension?*/ + } alg_specific; +}; + +/* Combined mode props */ +struct dxdi_combined_node_props { + uint32_t *context; + enum dxdi_input_engine_type eng_input; +}; + +struct dxdi_combined_props { + struct dxdi_combined_node_props node_props[DXDI_COMBINED_NODES_MAX]; +}; + +/*** IOCTL commands parameters structures ***/ + +struct dxdi_get_sym_cipher_ctx_size_params { + enum dxdi_sym_cipher_type sym_cipher_type; /*[in]*/ + uint32_t ctx_size; /*[out]*/ +}; + +struct dxdi_get_auth_enc_ctx_size_params { + enum dxdi_auth_enc_type ae_type; /*[in]*/ + uint32_t ctx_size; /*[out]*/ +}; + +struct dxdi_get_mac_ctx_size_params { + enum dxdi_mac_type mac_type; /*[in]*/ + uint32_t ctx_size; /*[out]*/ +}; + +struct dxdi_get_hash_ctx_size_params { + enum dxdi_hash_type hash_type; /*[in]*/ + uint32_t ctx_size; /*[out]*/ +}; + +/* Init params */ +struct dxdi_sym_cipher_init_params { + uint32_t *context_buf; /*[in]*/ + struct dxdi_sym_cipher_props props; /*[in]*/ + uint32_t error_info; /*[out]*/ +}; + +struct dxdi_auth_enc_init_params { + uint32_t *context_buf; /*[in]*/ + struct dxdi_auth_enc_props props; /*[in]*/ + uint32_t error_info; /*[out]*/ +}; + +struct dxdi_mac_init_params { + uint32_t *context_buf; /*[in]*/ + struct dxdi_mac_props props; /*[in]*/ + uint32_t error_info; /*[out]*/ +}; + +struct dxdi_hash_init_params { + uint32_t *context_buf; /*[in]*/ + enum dxdi_hash_type hash_type; /*[in]*/ + uint32_t error_info; /*[out]*/ +}; + +/* Processing params */ +struct dxdi_process_dblk_params { + uint32_t *context_buf; /*[in]*/ + uint8_t *data_in; /*[in]*/ + uint8_t *data_out; /*[in]*/ + enum dxdi_data_block_type data_block_type; /*[in]*/ + uint32_t data_in_size; /*[in]*/ + uint32_t error_info; /*[out]*/ +}; + +struct dxdi_fin_process_params { + uint32_t *context_buf; /*[in]*/ + uint8_t *data_in; /*[in]*/ + uint8_t *data_out; /*[in]*/ + uint32_t data_in_size; /*[in] (octets)*/ + uint8_t digest_or_mac[DXDI_DIGEST_SIZE_MAX]; /*[out]*/ + uint8_t digest_or_mac_size; /*[out] (octets)*/ + uint32_t error_info; /*[out]*/ +}; + +struct dxdi_sym_cipher_proc_params { + uint32_t *context_buf; /*[in]*/ + struct dxdi_sym_cipher_props props; /*[in]*/ + uint8_t *data_in; /*[in]*/ + uint8_t *data_out; /*[in]*/ + uint32_t data_in_size; /*[in] (octets)*/ + uint32_t error_info; /*[out]*/ +}; + +struct dxdi_auth_enc_proc_params { + uint32_t *context_buf; /*[in]*/ + struct dxdi_auth_enc_props props; /*[in]*/ + uint8_t *adata; /*[in]*/ + uint8_t *text_data; /*[in]*/ + uint8_t *data_out; /*[in] */ + uint8_t tag[DXDI_DIGEST_SIZE_MAX]; /*[out]*/ + uint32_t error_info; /*[out]*/ +}; + +struct dxdi_mac_proc_params { + uint32_t *context_buf; /*[in]*/ + struct dxdi_mac_props props; /*[in]*/ + uint8_t *data_in; /*[in]*/ + uint32_t data_in_size; /*[in] (octets)*/ + uint8_t mac[DXDI_DIGEST_SIZE_MAX]; /*[out]*/ + uint8_t mac_size; /*[out] (octets)*/ + uint32_t error_info; /*[out]*/ +}; + +struct dxdi_hash_proc_params { + uint32_t *context_buf; /*[in]*/ + enum dxdi_hash_type hash_type; /*[in]*/ + uint8_t *data_in; /*[in]*/ + uint32_t data_in_size; /*[in] (octets)*/ + uint8_t digest[DXDI_DIGEST_SIZE_MAX]; /*[out]*/ + uint8_t digest_size; /*[out] (octets)*/ + uint32_t error_info; /*[out]*/ +}; + +struct dxdi_aes_iv_params { + uint32_t *context_buf; /*[in]*/ + uint8_t iv_ptr[DXDI_AES_IV_SIZE]; /*[in]/[out]*/ +}; + +/* Combined params */ +struct dxdi_combined_init_params { + struct dxdi_combined_props props; /*[in]*/ + uint32_t error_info; /*[out]*/ +}; + +struct dxdi_combined_proc_dblk_params { + struct dxdi_combined_props props; /*[in]*/ + uint8_t *data_in; /*[in]*/ + uint8_t *data_out; /*[out]*/ + uint32_t data_in_size; /*[in] (octets)*/ + uint32_t error_info; /*[out]*/ +}; + +/* the structure used in finalize and integrated processing */ +struct dxdi_combined_proc_params { + struct dxdi_combined_props props; /*[in]*/ + uint8_t *data_in; /*[in]*/ + uint8_t *data_out; /*[out]*/ + uint32_t data_in_size; /*[in] (octets)*/ + uint8_t auth_data[DXDI_DIGEST_SIZE_MAX]; /*[out]*/ + uint8_t auth_data_size; /*[out] (octets)*/ + uint32_t error_info; /*[out]*/ +}; + +/**************************************/ +/* Memory references and registration */ +/**************************************/ + +enum dxdi_data_direction { + DXDI_DATA_NULL = 0, + DXDI_DATA_TO_DEVICE = 1, + DXDI_DATA_FROM_DEVICE = (1<<1), + DXDI_DATA_BIDIR = (DXDI_DATA_TO_DEVICE | DXDI_DATA_FROM_DEVICE) +}; + +/* Reference to pre-registered memory */ +typedef int dxdi_memref_id_t; +#define DXDI_MEMREF_ID_NULL -1 + +struct dxdi_memref { + enum dxdi_data_direction dma_direction; + /* Memory reference ID - DXDI_MEMREF_ID_NULL if not registered */ + dxdi_memref_id_t ref_id; + /* Start address of a non-registered memory or offset within a + registered memory */ + unsigned long start_or_offset; + /* Size in bytes of non-registered buffer or size of chunk within a + registered buffer */ + unsigned long size; +}; + +struct dxdi_register_mem4dma_params { + struct dxdi_memref memref; /*[in]*/ + dxdi_memref_id_t memref_id; /*[out]*/ +}; + +struct dxdi_alloc_mem4dma_params { + unsigned long size; /*[in]*/ + dxdi_memref_id_t memref_id; /*[out]*/ +}; + +struct dxdi_free_mem4dma_params { + dxdi_memref_id_t memref_id; /*[in]*/ +}; + +/***********/ +/* SeP-RPC */ +/***********/ +struct dxdi_sep_rpc_params { + seprpc_agent_id_t agent_id; /*[in]*/ + seprpc_func_id_t func_id; /*[in]*/ + struct dxdi_memref mem_refs[SEP_RPC_MAX_MEMREF_PER_FUNC]; /*[in]*/ + unsigned long rpc_params_size; /*[in]*/ + struct seprpc_params *rpc_params; /*[in]*/ + /* rpc_params to be copied into kernel DMA buffer */ + seprpc_retcode_t error_info; /*[out]*/ +}; + +/***************/ +/* SeP Applets */ +/***************/ + +enum dxdi_sepapp_param_type { + DXDI_SEPAPP_PARAM_NULL = 0, + DXDI_SEPAPP_PARAM_VAL = 1, + DXDI_SEPAPP_PARAM_MEMREF = 2, + DXDI_SEPAPP_PARAM_RESERVE32B = 0x7FFFFFFF +}; + +struct dxdi_val_param { + enum dxdi_data_direction copy_dir; /* Copy direction */ + uint32_t data[2]; +}; + +#define SEP_APP_PARAMS_MAX 4 + +struct dxdi_sepapp_params { + enum dxdi_sepapp_param_type params_types[SEP_APP_PARAMS_MAX]; + union { + struct dxdi_val_param val; + struct dxdi_memref memref; + } params[SEP_APP_PARAMS_MAX]; +}; + +/* SeP modules ID for returnOrigin */ +enum dxdi_sep_module { + DXDI_SEP_MODULE_NULL = 0, + DXDI_SEP_MODULE_HOST_DRIVER = 1, + DXDI_SEP_MODULE_SW_QUEUE = 2, /* SW-queue task: Inc. desc. parsers */ + DXDI_SEP_MODULE_APP_MGR = 3, /* Applet Manager*/ + DXDI_SEP_MODULE_APP = 4, /* Applet */ + DXDI_SEP_MODULE_RPC_AGENT = 5, /* Down to RPC parsers */ + DXDI_SEP_MODULE_SYM_CRYPTO = 6, /* Symmetric crypto driver */ + DXDI_SEP_MODULE_RESERVE32B = 0x7FFFFFFF +}; + +#define DXDI_SEPAPP_UUID_SIZE 16 +typedef uint8_t dxdi_sepapp_uuid_t[DXDI_SEPAPP_UUID_SIZE]; + +typedef int dxdi_sepapp_session_id_t; +#define DXDI_SEPAPP_SESSION_INVALID (-1) + +struct dxdi_sepapp_session_open_params { + dxdi_sepapp_uuid_t app_uuid; /*[in]*/ + uint32_t auth_method; /*[in]*/ + uint32_t auth_data[3]; /*[in]*/ + struct dxdi_sepapp_params app_auth_data; /*[in/out]*/ + dxdi_sepapp_session_id_t session_id; /*[out]*/ + enum dxdi_sep_module sep_ret_origin; /*[out]*/ + uint32_t error_info; /*[out]*/ +}; + +struct dxdi_sepapp_session_close_params { + dxdi_sepapp_session_id_t session_id; /*[in]*/ +}; + +struct dxdi_sepapp_command_invoke_params { + dxdi_sepapp_session_id_t session_id; /*[in]*/ + uint32_t command_id; /*[in]*/ + struct dxdi_sepapp_params command_params; /*[in/out]*/ + enum dxdi_sep_module sep_ret_origin; /*[out]*/ + uint32_t error_info; /*[out]*/ +}; + +#endif /*__SEP_DRIVER_ABI_H__*/ + diff --git a/peripheral/keystore/chaabi/libcc54/include/dx_init_cc_abi.h b/peripheral/keystore/chaabi/libcc54/include/dx_init_cc_abi.h new file mode 100644 index 0000000..3257d66 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/dx_init_cc_abi.h @@ -0,0 +1,188 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/*************************************************************************** + * This file provides the CC-init ABI (SeP-Host binary interface) * + ***************************************************************************/ + +#ifndef __DX_INIT_CC_ABI_H__ +#define __DX_INIT_CC_ABI_H__ + +#ifdef __KERNEL__ +#include <linux/types.h> +#else +/* For SeP code environment */ +#include <stdint.h> +#endif +#include "dx_bitops.h" + +#ifndef INT16_MAX +#define INT16_MAX (32767) +#endif +#ifndef INT32_MAX +#define INT32_MAX (2147483647) +#endif + + +/***********************************/ +/* SeP to host communication */ +/***********************************/ +/* GPRs for CC-init state/status from SeP */ +#define DX_SEP_STATE_GPR_IDX 7 /* SeP state */ +#define DX_SEP_STATUS_GPR_IDX 6 /* SeP status*/ +/* GPRs used for passing driver init. parameters */ +/* (Valid while in DX_SEP_STATE_DONE_COLD_BOOT) */ +#define DX_SEP_INIT_SEP_PROPS_GPR_IDX 3 /* SEP properties passed to the + driver (see fields below) */ +#define DX_SEP_INIT_FW_PROPS_GPR_IDX 2 /* FW properties passed to the + driver (see fields below) */ +#define DX_SEP_INIT_FW_VER_GPR_IDX 1 /* SeP FW images version */ +#define DX_SEP_INIT_ROM_VER_GPR_IDX 0 /* SeP ROM image version */ + +/* Debugging "stdout" tunnel via GPR5 - see sep_driver_cc54.c for details */ +#define DX_SEP_HOST_PRINTF_GPR_IDX 5 + +/* Fields in DX_SEP_INIT_FW_PROPS_GPR_IDX */ +/* MLLI table size in bytes */ +#define DX_SEP_INIT_MLLI_TBL_SIZE_BIT_OFFSET 0 +#define DX_SEP_INIT_MLLI_TBL_SIZE_BIT_SIZE 12 +/* Maximum number of work queues supported */ +#define DX_SEP_INIT_NUM_OF_QUEUES_BIT_OFFSET 12 +#define DX_SEP_INIT_NUM_OF_QUEUES_BIT_SIZE 4 +/* Number of availabel context cache entries */ +#define DX_SEP_INIT_CACHE_CTX_SIZE_BIT_OFFSET 16 +#define DX_SEP_INIT_CACHE_CTX_SIZE_BIT_SIZE 8 + +/* Fields in DX_SEP_INIT_SEP_PROPS_GPR_IDX */ +/* SEP frequency */ +#define DX_SEP_INIT_SEP_FREQUENCY_BIT_OFFSET 0 +#define DX_SEP_INIT_SEP_FREQUENCY_BIT_SIZE 12 + + +/***********************************/ +/* Host to SeP communication */ +/***********************************/ +/* GPRs for requests from host to SeP */ +#define DX_HOST_REQ_GPR_IDX 7 /* Host-to-SeP requests */ +#define DX_HOST_REQ_PARAM_GPR_IDX 6 /* Host request parameters */ +/* The parameters in GPR6 must be ready before writing the request to GPR7*/ + + +/* MAGIC value of TLV "FIRST" parameter */ +#define DX_FW_INIT_PARAM_FIRST_MAGIC 0x3243F6A8 + +/* Type-Length word manipulation macros */ +/* Note that all TLV communication assumes little-endian words */ +/* (i.e., responsibility of host driver to convert to LE before passing) */ +#define DX_TL_WORD(type, length) ((length) << 16 | (type)) +#define DX_TL_GET_TYPE(tl_word) ((tl_word) & 0xFFFF) +#define DX_TL_GET_LENGTH(tl_word) ((tl_word) >> 16) + +/* Macros for Assembly code */ +#define ASM_DX_SEP_STATE_ILLEGAL_INST 0x100 +#define ASM_DX_SEP_STATE_STACK_OVERFLOW 0x200 +/* SeP states over (SeP-to-host) GPR7*/ +enum dx_sep_state { + DX_SEP_STATE_OFF = 0x0, + DX_SEP_STATE_FATAL_ERROR = 0x1, + DX_SEP_STATE_START_SECURE_BOOT = 0x2, + DX_SEP_STATE_PROC_COLD_BOOT = 0x4, + DX_SEP_STATE_PROC_WARM_BOOT = 0x8, + DX_SEP_STATE_DONE_COLD_BOOT = 0x10, + DX_SEP_STATE_DONE_WARM_BOOT = 0x20, + /*DX_SEP_STATE_BM_ERR = 0x40,*/ + /*DX_SEP_STATE_SECOND_BM_ERR = 0x80,*/ + DX_SEP_STATE_ILLEGAL_INST = ASM_DX_SEP_STATE_ILLEGAL_INST, + DX_SEP_STATE_STACK_OVERFLOW = ASM_DX_SEP_STATE_STACK_OVERFLOW, + /* Response to DX_HOST_REQ_FW_INIT: */ + DX_SEP_STATE_DONE_FW_INIT = 0x400, + DX_SEP_STATE_PROC_SLEEP_MODE = 0x800, + DX_SEP_STATE_DONE_SLEEP_MODE = 0x1000, + DX_SEP_STATE_FW_ABORT = 0xBAD0BAD0, + DX_SEP_STATE_ROM_ABORT = 0xBAD1BAD1, + DX_SEP_STATE_RESERVE32B = INT32_MAX +}; + +/* Host requests over (host-to-SeP) GPR7 */ +enum dx_host_req { + DX_HOST_REQ_RELEASE_CRYPTO_ENGINES = 0x0, + DX_HOST_REQ_ACQUIRE_CRYPTO_ENGINES = 0x2, + DX_HOST_REQ_CC_INIT = 0x1, + DX_HOST_REQ_FW_INIT = 0x4, + DX_HOST_REQ_SEP_SLEEP = 0x8, + DX_HOST_REQ_RESERVE32B = INT32_MAX +}; + + +/* Init. TLV parameters from host to SeP */ +/* Some parameters are used by CC-init flow with DX_HOST_REQ_CC_INIT * + * and the others by the host driver initialization with DX_HOST_REQ_FW_INIT */ +enum dx_fw_init_tlv_params { + DX_FW_INIT_PARAM_NULL = 0, + /* Common parameters */ + DX_FW_INIT_PARAM_FIRST = 1, /* Param.=FIRST_MAGIC */ + DX_FW_INIT_PARAM_LAST = 2, /* Param.=checksum 32b*/ + + /* CC-init. parameters */ + DX_FW_INIT_PARAM_DISABLE_MODULES = 3, + DX_FW_INIT_PARAM_HOST_AXI_CONFIG = 4, + DX_FW_INIT_PARAM_HOST_DEF_APPLET_CONFIG = 5, + DX_FW_INIT_PARAM_SEP_FREQ = 6, + + /* Host driver (post-cold-boot) parameters */ + /* Number of descriptor queues: Length = 1*/ + DX_FW_INIT_PARAM_NUM_OF_DESC_QS = 0x101, + /* The following parameters provide an array with value per queue: */ + /* Length = num. of queues */ + DX_FW_INIT_PARAM_DESC_QS_ADDR = 0x102,/* Queue base addr.*/ + DX_FW_INIT_PARAM_DESC_QS_SIZE = 0x103,/* Queue size(byte)*/ + /* FW context cache partition (num. of entries) per queue */ + DX_FW_INIT_PARAM_CTX_CACHE_PART = 0x104, + /* sep request module parameters ( msg and response buffers and size */ + DX_FW_INIT_PARAM_SEP_REQUEST_PARAMS = 0x105, + DX_FW_INIT_PARAM_RESERVE16B = INT16_MAX +}; + +/* FW-init. error code encoding - GPR6 contents in DX_SEP_STATE_DONE_FW_INIT */ +/* | 0xE | Param. Type | Error code | */ +/* |--4--|-----16------|----12------| */ +#define DX_FW_INIT_ERR_CODE_SIZE 12 +#define DX_FW_INIT_ERR_PARAM_TYPE_SHIFT DX_FW_INIT_ERR_CODE_SIZE +#define DX_FW_INIT_ERR_PARAM_TYPE_SIZE 16 +#define DX_FW_INIT_ERR_TYPE_SHIFT \ + (DX_FW_INIT_ERR_PARAM_TYPE_SHIFT + DX_FW_INIT_ERR_PARAM_TYPE_SIZE) +#define DX_FW_INIT_ERR_TYPE_SIZE 4 +#define DX_FW_INIT_ERR_TYPE_VAL 0xE + +#define DX_SEP_REQUEST_PARAM_MSG_LEN 3 + +/* Build error word to put in status GPR6 */ +#define DX_FW_INIT_ERR_WORD(err_code, param_type) \ + ((DX_FW_INIT_ERR_TYPE_VAL << DX_FW_INIT_ERR_TYPE_SHIFT) | \ + ((param_type & BITMASK(DX_FW_INIT_ERR_PARAM_TYPE_SIZE)) << \ + DX_FW_INIT_ERR_PARAM_TYPE_SHIFT) | \ + (err_code)) +/* Parse status of DX_SEP_STATE_DONE_FW_INIT*/ +#define DX_FW_INIT_IS_SUCCESS(status_word) ((err_word) == 0) +#define DX_FW_INIT_GET_ERR_CODE(status_word) \ + ((status_word) & BITMASK(DX_FW_INIT_ERR_CODE_SIZE)) + +/* FW INIT Error codes */ +/* extract from the status word - GPR6 - using DX_FW_INIT_GET_ERR_CODE() */ +enum dx_fw_init_error_code { + DX_FW_INIT_ERR_INVALID_TYPE = 0x001, + DX_FW_INIT_ERR_INVALID_LENGTH = 0x002, + DX_FW_INIT_ERR_INVALID_VALUE = 0x003, + DX_FW_INIT_ERR_PARAM_MISSING = 0x004, + DX_FW_INIT_ERR_NOT_SUPPORTED = 0x005, + DX_FW_INIT_ERR_RNG_FAILURE = 0x00F, + DX_FW_INIT_ERR_MALLOC_FAILURE = 0x0FC, + DX_FW_INIT_ERR_INIT_FAILURE = 0x0FD, + DX_FW_INIT_ERR_TIMEOUT = 0x0FE, + DX_FW_INIT_ERR_GENERAL_FAILURE = 0x0FF +}; + +#endif /*__DX_INIT_CC_ABI_H__*/ diff --git a/peripheral/keystore/chaabi/libcc54/include/dx_management.h b/peripheral/keystore/chaabi/libcc54/include/dx_management.h new file mode 100644 index 0000000..8ef6621 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/dx_management.h @@ -0,0 +1,61 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _DX_MANAGEMENT_H +#define _DX_MANAGEMENT_H + + +/****************************************************************************** +* DEFINITIONS +******************************************************************************/ + +/* ROM CRC address */ +#define DX_ROM_CRC_ADDR 0x0400FFEC +#ifndef DX_FAILURE + #define DX_FAILURE 1 +#endif + +/****************************************************************************** +* TYPE DEFINITIONS +******************************************************************************/ + + +/****************************************************************************** +* FUNCTION PROTOTYPES +******************************************************************************/ + +/* + @Brief: This function returns the ROM CRC value + @params: + crcVal - returns the crc value + @return: + DX_SUCCESS + +*/ +DxUint32_t DX_MNG_GetRomCrc(DxUint32_t *crcVal); + +/* + @Brief: This function returns the ROM CRC value + @params: + lcsVal - returns the lcs value + @return: + DX_SUCCESS + +*/ +DxUint32_t DX_MNG_GetLcs(DxUint32_t *lcsVal); + +/* + @Brief: This function returns the fw and the rom versions + @params: + fwVer [out] - fw version + romVer [out] - rom version + @return: + DX_SUCCESS + +*/ +DxUint32_t DX_MNG_GetFwVersion(DxUint32_t *fwVer, DxUint32_t *romVer); + +#endif /*_DX_MANAGEMENT_H*/ diff --git a/peripheral/keystore/chaabi/libcc54/include/export/README b/peripheral/keystore/chaabi/libcc54/include/export/README new file mode 100644 index 0000000..6d267a3 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/export/README @@ -0,0 +1,2 @@ +This directory contains *clean* headers that can be exported for use by 3rd party projects, without the need of including all of the pal abstractions. + diff --git a/peripheral/keystore/chaabi/libcc54/include/export/dx_cclib.h b/peripheral/keystore/chaabi/libcc54/include/export/dx_cclib.h new file mode 100644 index 0000000..87192a8 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/export/dx_cclib.h @@ -0,0 +1,72 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef __DX_CCLIB_H__ +#define __DX_CCLIB_H__ + +#include <stdint.h> + +typedef enum { + DX_CCLIB_RET_OK = 0, + DX_CCLIB_RET_ENODEV, /* Device not opened or does not exist */ + DX_CCLIB_RET_EINTERNAL, /* Internal driver error (check system log) */ + DX_CCLIB_RET_ENOTSUP, /* Unsupported function/option */ + DX_CCLIB_RET_ENOPERM, /* Not enough permissions for request */ + DX_CCLIB_RET_EINVAL, /* Invalid parameters */ + DX_CCLIB_RET_HW_Q_INIT, + DX_CCLIB_RET_COMPLETION, + DX_CCLIB_RET_HAL, + DX_CCLIB_RESERVE32B = 0x7FFFFFFFL +} DX_CclibRetCode_t; + +#define DXDI_DEV_PRIO0 "/dev/dx_sep_q0" +#define DXDI_DEV_PRIO1 "/dev/dx_sep_q1" + +/*! + * Init OS driver context + * This function must be invoked before any other CC library API function + * but for the functions which deal with library initialization properties: + * DX_CclibSetPriority, DX_CclibGetPriority, DX_CclibGetMaxPriority + * + * \return DxCclib_RetCode + */ +DX_CclibRetCode_t DX_CclibInit(void); + +/*! + * Finalize OS driver context - release associated resources + */ +void DX_CclibFini(void); + +/*! + * Set requested CryptoCell priority queue + * This function must be invoked before DX_CclibInit + * + * \param priority Requested priority queue + * + * \return DxCclib_RetCode + */ +DX_CclibRetCode_t DX_CclibSetPriority(uint32_t priority); + +/*! + * Get selected priority + * (as set by DX_CclibSetPriority or default if it was not invoked) + * + * + * \return DX_CclibDevPriority + */ +uint32_t DX_CclibGetPriority(void); + +/*! + * Get the highest priority supported + * + * \return DX_CclibDevPriority + */ +uint32_t DX_CclibGetMaxPriority(void); + + + +#endif /*__DX_CCLIB_H__*/ + diff --git a/peripheral/keystore/chaabi/libcc54/include/export/hwk_crypto.h b/peripheral/keystore/chaabi/libcc54/include/export/hwk_crypto.h new file mode 100644 index 0000000..fe1ce5b --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/export/hwk_crypto.h @@ -0,0 +1,167 @@ +/******************************************************************* +* (c) Copyright 2013-2016 Intel Corporation. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef HWK_CRYPTO_H +#define HWK_CRYPTO_H + +#include <stdint.h> + +#ifdef __cplusplus +extern "C" { +#endif + +/*! + * \brief Create a new key + * + * Creates a new hardware key, encrypts it with the given password, + * associates it with the given id and saves it the permanent secure + * storage. + * + * At this point the key is not ready to use, the user must call + * hwk_unseal() to decrypt the key and make it available for encryption + * operations. + * + * \param key_id [IN] Identifier for the key. + * + * \param pwd [IN] The password used to encrypt the key. + * + * \param pwd_len [IN] The password length. + * + * \returns 0 on SUCCESS, any other value on error. + */ +int hwk_create(uint32_t key_id, const char *pwd, int pwd_len); + +/*! + * \brief Unseal the key + * + * Retrieves the encrypted key from secure storage and makes it ready + * for the crypto operations by decrypting the key with the given + * password. + * + * \param key_id [IN] Identifier for the key. + * + * \param pwd [IN] The password used to encrypt the key. + * + * \param pwd_len [IN] The password length. + * + * \returns 0 on SUCCESS, any other value on error. + */ +int hwk_unseal(uint32_t key_id, const char *pwd, int pwd_len); + + +/*! + * \brief Seal the key + * + * Removes the plain text key from memory and sets the key state to + * not ready. The encrypted key remains in secure storage. All + * subsequent crypto operations will fail. + * + * \param key_id [IN] Identifier for the key. + * + * \returns 0 on SUCCESS, any other value on error. + */ +int hwk_seal(uint32_t key_id); + +/*! + * \brief Disable the key + * + * Seals the key and sets the key status to disabled. All subsequent + * crypto and key operations will fail (except hwk_destroy). + * + * \param key_id [IN] Identifier for the key. + * + * \returns 0 on SUCCESS, any other value on error. + */ +int hwk_disable(uint32_t key_id); + +/*! + * \brief Enable the key + * + * Enables the key making it usable again. It does not sets the key + * status to ready, hwk_unseal() must be called to make the key ready + * for crypto operations. + * + * \param key_id [IN] Identifier for the key. + * + * \returns 0 on SUCCESS, any other value on error. + */ +int hwk_enable(uint32_t key_id); + +/*! + * \brief Seal the key + * + * Seals the key and permanently removes the encrypted key from secure + * storage. Data encrypted with this key will be permanently lost. + * + * \param key_id [IN] Identifier for the key. + * + * \returns 0 on SUCCESS, any other value on error. + */ +int hwk_destroy(uint32_t key_id); + + +/*! + * \brief Reseal the key + * + * Encrypts the key with a new password and saves it in secure + * storage. The key must be in ready state for this operation to + * succeed. + * + * \param key_id [IN] Identifier for the key. + * + * \param pwd [IN] The password used to encrypt the key. + * + * \param pwd_len [IN] The password length. + * + * \returns 0 on SUCCESS, any other value on error. + */ +int hwk_reseal(uint32_t key_id, const char *pwd, int pwd_len); + +typedef enum hwk_crypto_op { + HWK_CBC_AES_256_DECRYPT = 0, + HWK_CBC_AES_256_ENCRYPT, +} hwk_crypto_op_t; + +/*! + * \brief Perform a crypto operation + * + * Performs a crypto operation. The key must be in ready state. + * + * \param key_id [IN] Identifier for the key. + * + * \param key_id [IN] Crypto operation to be performed. So far only + * CBC_AES_256_DECRYPT and CBC_AES_256_ENCRYPT are supported + * + * + * \param iv [IN] pointer to 16 bytes IV + * + * \param src [IN] pointer to buffer from where the data is read for + * processing + * + * \param dst [IN] pointer to buffer where process data will be stored + * + * \param len [IN] size of the buffer to be processed + * + * \returns 0 on SUCCESS, any other value on error. + */ +int hwk_crypto(uint32_t key_id, hwk_crypto_op_t op, const char *iv, + const char *src, char *dst, int len); + +#define HWK_ERR_BAD_KEY_ID 0xdeadf101 +#define HWK_ERR_BAD_KEY_STATE 0xdeadf102 +#define HWK_ERR_SS_CORRUPTED 0xdeadf103 +#define HWK_ERR_TOO_MANY_KEYS 0xdeadf104 +#define HWK_ERR_BAD_CRYPTO_OP 0xdeadf105 +#define HWK_ERR_INVALID_CMD 0xdeadf106 +#define HWK_ERR_BAD_PWD 0xdeadf107 +#define HWK_INTERNAL_ERROR 0xdeadf108 +#define HWK_ERR_KEY_EXISTS 0xdeadf109 + +#ifdef __cplusplus +} +#endif + +#endif // HWK_CRYPTO_H diff --git a/peripheral/keystore/chaabi/libcc54/include/export/secure_channel.h b/peripheral/keystore/chaabi/libcc54/include/export/secure_channel.h new file mode 100644 index 0000000..c731de4 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/export/secure_channel.h @@ -0,0 +1,41 @@ +/******************************************************************* +* (c) Copyright 2013-2016 Intel Corporation. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef SECURE_CHANNEL_H +#define SECURE_CHANNEL_H + +#include <stdint.h> + +#ifdef __cplusplus +extern "C" { +#endif + +/*! + * The Type is used to free the data buffer that has been created for returning data from SEP + */ +#define SECURE_CH_DATA_FREE_RETURN_DATA 0 + +/*! + * \brief secure_channel_callback + * This function provides an interface between Modem Manager and Chaabi to facilitate the use of + * flashless modems. + * \param type [IN/OUT] The type of data that is being passed. It is updated on return to be + * consumed by the caller + * \param length [IN/OUT] The lenght of the data in bytes. Updated when the called party wants + * to return data + * \param data [IN/OUT] The data that is being passed. If data is being returned this will + * be updated to contain the new data. In the case where data is returned the caller *MUST* + * send a SECURE_CH_DATA_FREE_RETURN_DATA message once they have used the data, to enable + * this structure to be freed correctly. Failure to do so *will* result in a memory leak. + * \returns 0 on SUCCESS, any other value on error. + */ +uint32_t secure_channel_callback(uint32_t *type, uint32_t *length, uint8_t **data); + +#ifdef __cplusplus +} +#endif + +#endif // SECURE_CHANNEL_H diff --git a/peripheral/keystore/chaabi/libcc54/include/export/tee_applet_loading_if.h b/peripheral/keystore/chaabi/libcc54/include/export/tee_applet_loading_if.h new file mode 100644 index 0000000..885f03a --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/export/tee_applet_loading_if.h @@ -0,0 +1,29 @@ +/******************************************************************* +* (c) Copyright 2013-2016 Intel Corporation. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef __TEE_APPLET_LOADING_IF_H +#define __TEE_APPLET_LOADING_IF_H + +#include "tee_client_api.h" + +/*! + * \brief tee_load_applet + * loads a static or dynamic applet + * \param img_buf Applet in a buffer + * \param img_size Size of the applet + * \return 0 on success + * \note only supports primary vrl and that refers to one applet + */ +int32_t tee_load_applet(uint8_t *img_buf, uint32_t img_size); + +/*! + * \brief tee_unload_applet unloads a dynamic applet + * \param applet_uuid uuid of the applet to unload + * \note valid only for dynamic applets + */ +int32_t tee_unload_applet(TEEC_UUID *applet_uuid); + +#endif /* end of __TEE_APPLET_LOADING_IF_H */ diff --git a/peripheral/keystore/chaabi/libcc54/include/export/tee_client_api.h b/peripheral/keystore/chaabi/libcc54/include/export/tee_client_api.h new file mode 100644 index 0000000..656f40e --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/export/tee_client_api.h @@ -0,0 +1,200 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file tee_client_api.h + The header file of the TEE Client API Specification Version 1.0 +*/ + +#ifndef __TEE_CLIENT_API_H__ +#define __TEE_CLIENT_API_H__ + +#include <stddef.h> +#include <stdint.h> + +/**********************************************/ +/* API Constants - TEEC API Spec. section 4.4 */ +/**********************************************/ + +/* 4.4.1 */ +#define TEEC_CONFIG_SHAREDMEM_MAX_SIZE 0xFFFFFFFF /* < 4GB */ + +/* 4.4.2 - Return codes */ +#define TEEC_SUCCESS 0x00000000 +#define TEEC_ERROR_GENERIC 0xFFFF0000 +#define TEEC_ERROR_ACCESS_DENIED 0xFFFF0001 +#define TEEC_ERROR_CANCEL 0xFFFF0002 +#define TEEC_ERROR_ACCESS_CONFLICT 0xFFFF0003 +#define TEEC_ERROR_EXCESS_DATA 0xFFFF0004 +#define TEEC_ERROR_BAD_FORMAT 0xFFFF0005 +#define TEEC_ERROR_BAD_PARAMETERS 0xFFFF0006 +#define TEEC_ERROR_BAD_STATE 0xFFFF0007 +#define TEEC_ERROR_ITEM_NOT_FOUND 0xFFFF0008 +#define TEEC_ERROR_NOT_IMPLEMENTED 0xFFFF0009 +#define TEEC_ERROR_NOT_SUPPORTED 0xFFFF000A +#define TEEC_ERROR_NO_DATA 0xFFFF000B +#define TEEC_ERROR_OUT_OF_MEMORY 0xFFFF000C +#define TEEC_ERROR_BUSY 0xFFFF000D +#define TEEC_ERROR_COMMUNICATION 0xFFFF000E +#define TEEC_ERROR_SECURITY 0xFFFF000F +#define TEEC_ERROR_SHORT_BUFFER 0xFFFF0010 + +/* 4.4.3 */ +#define TEEC_ORIGIN_API 0x00000001 +#define TEEC_ORIGIN_COMMS 0x00000002 +#define TEEC_ORIGIN_TEE 0x00000003 +#define TEEC_ORIGIN_TRUSTED_APP 0x00000004 + +/* 4.4.4 */ +/* Table 4-4: API Shared Memory Control Flags */ +#define TEEC_MEM_INPUT 0x00000001 +#define TEEC_MEM_OUTPUT 0x00000002 +/* Table 4-5: API Parameter Types */ +#define TEEC_NONE 0x0 +#define TEEC_VALUE_INPUT 0x1 +#define TEEC_VALUE_OUTPUT 0x2 +#define TEEC_VALUE_INOUT 0x3 +#define TEEC_MEMREF_TEMP_INPUT 0x5 +#define TEEC_MEMREF_TEMP_OUTPUT 0x6 +#define TEEC_MEMREF_TEMP_INOUT 0x7 +#define TEEC_MEMREF_WHOLE 0xC +#define TEEC_MEMREF_PARTIAL_INPUT 0xD +#define TEEC_MEMREF_PARTIAL_OUTPUT 0xE +#define TEEC_MEMREF_PARTIAL_INOUT 0xF + +/* 4.4.5 */ +#define TEEC_LOGIN_PUBLIC 0x00000000 +#define TEEC_LOGIN_USER 0x00000001 +#define TEEC_LOGIN_GROUP 0x00000002 +#define TEEC_LOGIN_APPLICATION 0x00000004 +#define TEEC_LOGIN_USER_APPLICATION 0x00000005 +#define TEEC_LOGIN_GROUP_APPLICATION 0x00000006 + + +/* Macro to set/get parameter type from paramTypes word */ +#define TEEC_PARAM_TYPE_SET(paramTypes, paramIdx, thisParamType) do { \ + ((uint8_t*)&(paramTypes))[paramIdx] = thisParamType; \ +} while (0) +#define TEEC_PARAM_TYPE_GET(paramTypes, paramIdx) ((uint8_t*)¶mTypes)[paramIdx] + +/**********************************************/ +/* API Data Types - TEEC API Spec. section 4.3*/ +/**********************************************/ + +/* 4.3.2 */ +typedef uint32_t TEEC_Result; + +/* 4.3.3 */ +typedef struct { + uint32_t timeLow; + uint16_t timeMid; + uint16_t timeHiAndVersion; + uint8_t clockSeqAndNode[8]; +} TEEC_UUID; + +/* 4.3.4 */ +typedef struct TEEC_Context { + uint32_t imp[1]; /* Opaque space for implementation specific data */ +} TEEC_Context; + +/* 4.3.5 */ +typedef struct TEEC_Session { + uint32_t imp[2]; /* Opaque space for implementation specific data */ +} TEEC_Session; + +/* 4.3.6 */ +typedef struct TEEC_SharedMemory { + void *buffer; + size_t size; + uint32_t flags; + uint32_t imp[2]; /* Opaque space for implementation specific data */ +} TEEC_SharedMemory; + +/* 4.3.7 */ +typedef struct { + void *buffer; + size_t size; +} TEEC_TempMemoryReference; + +/* 4.3.8 */ +typedef struct { + TEEC_SharedMemory *parent; + size_t size; + size_t offset; +} TEEC_RegisteredMemoryReference; + +/* 4.3.9 */ +typedef struct { + uint32_t a; + uint32_t b; +} TEEC_Value; + +/* 4.3.10 */ +typedef union { + TEEC_TempMemoryReference tmpref; + TEEC_RegisteredMemoryReference memref; + TEEC_Value value; +} TEEC_Parameter; + +/* 4.3.11 */ +typedef struct TEEC_Operation { + uint32_t started; /* Not used - cancellation is not supported in our implementation */ + uint32_t paramTypes; + TEEC_Parameter params[4]; + /* No implementation specific data */ +} TEEC_Operation; + + +/**********************************************/ +/* API functions - TEEC API Spec. section 4.5 */ +/**********************************************/ + +/* 4.5.2 */ +TEEC_Result TEEC_InitializeContext(const char *name, TEEC_Context *context); + +/* 4.5.3 */ +void TEEC_FinalizeContext(TEEC_Context *context); + +/* 4.5.4 */ +TEEC_Result TEEC_RegisterSharedMemory( + TEEC_Context* context, + TEEC_SharedMemory* sharedMem); + +/* 4.5.5 */ +TEEC_Result TEEC_AllocateSharedMemory( + TEEC_Context* context, + TEEC_SharedMemory* sharedMem); + +/* 4.5.6 */ +void TEEC_ReleaseSharedMemory ( + TEEC_SharedMemory* sharedMem); + +/* 4.5.7 */ +TEEC_Result TEEC_OpenSession ( + TEEC_Context *context, + TEEC_Session *session, + const TEEC_UUID *destination, + uint32_t connectionMethod, + void *connectionData, + TEEC_Operation *operation, + uint32_t *returnOrigin); + +/* 4.5.8 */ +void TEEC_CloseSession ( + TEEC_Session* session); + +/* 4.5.9 */ +TEEC_Result TEEC_InvokeCommand( + TEEC_Session *session, + uint32_t commandID, + TEEC_Operation *operation, + uint32_t *returnOrigin); + +/* 4.5.10 - not supported in this implementation */ +void TEEC_RequestCancellation( + TEEC_Operation *operation); + + +#endif /*__TEE_CLIENT_API_H__*/ diff --git a/peripheral/keystore/chaabi/libcc54/include/export/tee_disk_enc.h b/peripheral/keystore/chaabi/libcc54/include/export/tee_disk_enc.h new file mode 100644 index 0000000..1c430aa --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/export/tee_disk_enc.h @@ -0,0 +1,28 @@ +/******************************************************************* +* (c) Copyright 2013-2016 Intel Corporation. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef TEE_DISK_ENC_H +#define TEE_DISK_ENC_H + +#include <stdint.h> + +/*! + * \brief tee_create_disk_enc_key + * Create a master key that is stored within the TEE and is protected from the REE + * \param masterkey A key that will be used to index the actual encryption key in the TEE + * \return 0 on success + */ +int32_t tee_create_disk_enc_key(uint8_t* masterkey); + +/*! + * \brief tee_verify_disk_enc_masterkey + * Validate that the master key that is used as the index is the valid one as understood by the TEE + * \param masterkey The key that is used as the index + * \return 0 on success + */ +int32_t tee_verify_disk_enc_masterkey(uint8_t* masterkey); + +#endif // TEE_DISK_ENC_H diff --git a/peripheral/keystore/chaabi/libcc54/include/export/tee_token_error.h b/peripheral/keystore/chaabi/libcc54/include/export/tee_token_error.h new file mode 100644 index 0000000..f84344b --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/export/tee_token_error.h @@ -0,0 +1,31 @@ +/******************************************************************* +* (c) Copyright 2013-2016 Intel Corporation. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef __TEE_TOKEN_ERROR_H__ +#define __TEE_TOKEN_ERROR_H__ + +#define TEE_TOKEN_BASE_ERROR 0xCAB1A200 +#define TEE_TOKEN_NULL_PTR (TEE_TOKEN_BASE_ERROR + 0x01) +#define TEE_TOKEN_NOT_FOUND (TEE_TOKEN_BASE_ERROR + 0x02) +#define TEE_TOKEN_READ_ERROR (TEE_TOKEN_BASE_ERROR + 0x03) +#define TEE_TOKEN_INVALID_SIZE (TEE_TOKEN_BASE_ERROR + 0x04) +#define TEE_TOKEN_INVALID_PARAM (TEE_TOKEN_BASE_ERROR + 0x05) +#define TEE_TOKEN_MEMORY_ERROR (TEE_TOKEN_BASE_ERROR + 0x06) +#define TEE_TOKEN_PSID_ERROR (TEE_TOKEN_BASE_ERROR + 0x07) +#define TEE_TOKEN_TRANSACTION_ERROR (TEE_TOKEN_BASE_ERROR + 0x08) +#define TEE_TOKEN_VERIFY_ERROR (TEE_TOKEN_BASE_ERROR + 0x09) +#define TEE_TOKEN_INVALID_TOKEN (TEE_TOKEN_BASE_ERROR + 0x0a) +#define TEE_TOKEN_LIFETIME_ERROR (TEE_TOKEN_BASE_ERROR + 0x0b) +#define TEE_TOKEN_VERSION_ERROR (TEE_TOKEN_BASE_ERROR + 0x0c) +#define TEE_TOKEN_CALLBACK_ERROR (TEE_TOKEN_BASE_ERROR + 0x0d) +#define TEE_TOKEN_DUPLICATE_TOKEN (TEE_TOKEN_BASE_ERROR + 0x0e) +#define TEE_TOKEN_BINDING_ERROR (TEE_TOKEN_BASE_ERROR + 0x0f) +#define TEE_TOKEN_INVALID_CONTAINER (TEE_TOKEN_BASE_ERROR + 0x10) +// libcc-54 -specific errors +#define TEE_TOKEN_LIB_DX_INIT_ERROR 0xCAB1A220 +#define TEE_TOKEN_LIB_INIT_CTX_ERROR 0xCAB1A221 +#define TEE_TOKEN_LIB_SHARED_MEM_ERROR 0xCAB1A222 +#endif // tee_token_error diff --git a/peripheral/keystore/chaabi/libcc54/include/export/tee_token_if.h b/peripheral/keystore/chaabi/libcc54/include/export/tee_token_if.h new file mode 100644 index 0000000..8f0660d --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/export/tee_token_if.h @@ -0,0 +1,335 @@ +/******************************************************************* +* (c) Copyright 2013-2016 Intel Corporation. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef __TEE_TOKEN_IF_H +#define __TEE_TOKEN_IF_H + +#define PROCESS_TOKEN_REQUEST 0x70c3 + +#define TEE_TOKEN_FLAGS_INTENT 1 +#define TEE_TOKEN_VERSION (0 << 8) + +#define SPID_RAW_TAG 0x44495053 +#define SNU_RAW_TAG 0x00554e53 +#define FRU_RAW_TAG 0x00555246 + +#define TEE_TOKEN_MAX_PAYLOAD_SIZE_UNPROTECTED 4096 +#define TOKEN_PSID_LENGTH 16 +#define TOKEN_NONCE_LENGTH 16 +#define TOKEN_MAC_LENGTH 16 +#define TEE_TOKEN_VRL_SIZE 728 +#define TEE_TOKEN_WVDRM_TOKEN_DG 31 +enum +{ + SPID_DGID = 1, + SNU_DGID = 5, + FRU_DGID +}; + +struct SPID_RAW +{ + uint32_t tag; + uint16_t id[6]; +}; +struct SNU_RAW +{ + uint32_t tag; + uint8_t serialnumber[32]; +}; +struct FRU_RAW +{ + uint32_t tag; + uint8_t fru_value[10]; +}; + +union raw_token +{ + struct SPID_RAW spid; + struct SNU_RAW snu; + struct FRU_RAW fru; +}; + +// Data Group Header +struct tee_token_datagroup_info +{ + uint32_t DATA; // magic value 'DATA' + uint32_t id; + uint32_t size; // datagroup size in dwords (includes header) + uint32_t version; + uint32_t subgroups; // number of subgroups + uint32_t flags; + uint32_t reserved; // total 28 bytes +}; + +// Sub Group Header +struct tee_token_subgroup_info +{ + uint32_t SUBG; // magic value 'SUBG' + uint32_t id; + uint32_t size; // subgroup size in dwords (including header) + uint32_t cryptid[4]; // 16 bytes + uint32_t itemcount; // number of items + uint32_t flags; // total 36 bytes +}; + +// Item Header +struct tee_token_item_info +{ + uint32_t ITEM; // magic value 'ITEM' + uint32_t id; + uint32_t size; // size of item + header in dwords + uint8_t AC_DATA; // could use AC:4, DATA:4 + uint8_t padding; // number of added bytes (to next uint32_t boundary) + uint8_t reserved[2]; // Total 16 bytes +}; + +struct tee_token_lifetime +{ + uint32_t timestamp; + uint16_t lifetime; // unit = hours + uint16_t token_size; + uint8_t flags; + uint8_t token_type; + uint8_t subtype; + uint8_t reserved; + uint32_t reserved2; // total 16 bytes +}; + +struct tee_token_info +{ + uint32_t formatVersion; + uint32_t tokenID; + uint8_t PSID[TOKEN_PSID_LENGTH]; // Part Specific ID + uint8_t tsMAC[TOKEN_MAC_LENGTH]; // Time stamp MAC + uint8_t ltnonce[TOKEN_NONCE_LENGTH]; // Token Lifetime Nonce + struct tee_token_lifetime lifetime; // total = 72 bytes +}; + +struct tee_token_ctx +{ + uint32_t *base_address; + uint32_t current_length; + uint32_t allocated_length; +}; + +/*! + * \brief tee_token_unprotected_start creates a context for online token generation + * \param ctx user area for context + * \param dg_id data group id of the token to write to + * \param flags reserved + */ +int32_t tee_token_unprotected_start(struct tee_token_ctx *ctx, uint32_t dg_id, uint32_t flags); + +/*! + * \brief tee_token_unprotected_end writes the token to secure storage unprovisioned + * \param ctx user area for context + * \param flags reserved + */ +int32_t tee_token_unprotected_end(struct tee_token_ctx *ctx, uint32_t flags); + +/*! + * \brief tee_token_unprotected_write appends or replaces a token item to the context + * \param ctx user area for context + * \param sg_id subgroup id of the token item + * \param item_id token item id + * \param buf token item data + * \param size payload size of the token item + * \param flags reserved + */ +int32_t tee_token_unprotected_write(struct tee_token_ctx *ctx, uint32_t sg_id, + uint32_t item_id, const uint8_t *buf, size_t size, uint32_t flags); + +/*! + * \brief tee_token_write writes a raw buffer as a token + */ +int32_t tee_token_write_tmp(uint8_t *buf, size_t size, uint32_t flags); + +/*! + * \brief tee_token_write writes a (formatted) raw buffer as a token + */ +int32_t tee_token_write(uint8_t *buf, size_t size, uint32_t flags); + +/*! + * \brief tee_token_remove removes a token specified by dg_id + * \param dg_id data group ID + * \flags reserved + * \note for unsigned tokens only + */ +int32_t tee_token_remove(uint32_t dg_id, uint32_t flags); + +/*! + * \brief tee_token_validate validates a specific token + * \flags reserved + * \param dg_id data group ID + */ +int32_t tee_token_validate(uint32_t dg_id, uint32_t flags); + +/*! + * \brief tee_token_validate_all validates a specific token + * \flags reserved + * \param dg_id data group ID + */ +int32_t tee_token_validate_all(uint32_t flags); + +/*! + * \brief tee_token_update_start marks beginning of intent token transaction + * \flags reserved + */ +int32_t tee_token_update_start(uint32_t flags); + +/*! + * \brief tee_token_update_cancel cancels intent token transaction + * \flags reserved + */ +int32_t tee_token_update_cancel(uint32_t flags); + +/*! + * \brief tee_token_update_end ends intent token transaction + * \flags reserved + */ +int32_t tee_token_update_end(uint32_t flags); + +/*! + * \brief tee_token_unformatted_write writes a specific token item + * \param dg_id data group ID + * \param sg_id subgroup ID + * \param item_id item ID to read + * \param data_buf source data + * \param buf_size number of bytes to write + * \flags intent state + */ +int32_t tee_token_unformatted_write(uint32_t dg_id, uint32_t sg_id, uint32_t item_id, + uint8_t *data_buf, size_t size, uint32_t flags); + +/*! + * \brief tee_token_item_read reads a token item + * \param dg_id data group ID + * \param sg_id subgroup ID + * \param item_id item ID to read + * \param offset Byte offset from the beginning of Item Data + * \param data_buf destination of read + * \param buf_size number of bytes to read + * \param flags intent state + */ +int32_t tee_token_item_read(uint32_t dg_id, uint32_t sg_id, uint32_t item_id, + size_t offset, uint8_t *data_buf, size_t buf_size, uint32_t flags); + +/*! + * \brief tee_token_item_size_get returns the byte size of a token item + * \param dg_id data group ID + * \param sg_id subgroup ID + * \param item_id item ID to read + * \param item_size pointer to token item size + * \param flags intent state + */ +int32_t tee_token_item_size_get(uint32_t dg_id, uint32_t sg_id, uint32_t item_id, + size_t *item_size, uint32_t flags); + +/*! + * \brief tee_token_item_info_get reads token item header + * \param dg_id data group ID + * \param sg_id subgroup ID + * \param item_id item ID to read + * \param info pointer to token item header + * \param flags intent state + */ +int32_t tee_token_item_info_get(uint32_t dg_id, uint32_t sg_id, uint32_t item_id, + struct tee_token_item_info *info, uint32_t flags); +/*! + * \brief tee_token_itemids_get reads a list of available item ids + * \param dg_id data group ID + * \param sg_id subgroup ID + * \param items pointer to list (allocated by callee) + * \param count number of ids (populated by callee) + * \param flags intent state + */ +int32_t tee_token_itemids_get(uint32_t dg_id, uint32_t sg_id, uint32_t **items, + size_t *count, uint32_t flags); + +/*! + * \brief tee_token_sgids_get reads a list of available subgroup ids + * \param dg_id data group ID + * \param items pointer to list (allocated by callee) + * \param count number of ids (populated by callee) + * \param flags intent state + */ +int32_t tee_token_sgids_get(uint32_t dg_id, uint32_t **items, size_t *count, uint32_t flags); + +/*! + * \brief tee_token_dgids_get reads a list of available datagroup ids + * \param items pointer to list (allocated by callee) + * \param count number of ids (populated by callee) + * \param flags intent state + */ +int32_t tee_token_dgids_get(uint32_t **items, size_t *count, uint32_t flags); + +/*! + * \brief tee_token_sgroup_info_get reads subgroup header + * \param dg_id data group ID + * \param sg_id subgroup ID + * \param info pointer to datagroup header + * \param flags intent state + */ +int32_t tee_token_sgroup_info_get(uint32_t dg_id, uint32_t sg_id, + struct tee_token_subgroup_info *info, + uint32_t flags); + +/*! + * \brief tee_token_dgroup_info_get reads datagroup header + * \param dg_id data group ID + * \param info pointer to datagroup header + * \param flags intent state + */ +int32_t tee_token_dgroup_info_get(uint32_t dg, struct tee_token_datagroup_info *info, + uint32_t flags); + +/*! + * \brief tee_token_info_get reads token header + * \param dg_id data group ID + * \param info pointer to token header + * \param flags intent state + */ +int32_t tee_token_info_get(uint32_t dg_id, struct tee_token_info *info, uint32_t flags); + +/*! + * \brief tee_token_read reads a raw token + * \param dg_id data group ID + * \param data_buf pointer to raw token + * \param data_size number of bytes allocated + * \param flags intent state + */ +int32_t tee_token_read(uint32_t dg_id, uint8_t *data_buf, uint32_t data_size, uint32_t flags); + +/*! + * \brief tee_token_count_get receives the number of tokens + * \param flags intent state / container (SECURE_STORAGE) etc. + */ +int32_t tee_token_count_get(size_t *count, uint32_t flags); + +/*! + * \brief tee_partid_get reads part specific id + * \param partid_buf result buffer + */ +int32_t tee_partid_get(uint8_t partid_buf[TOKEN_PSID_LENGTH]); + +/*! + * \brief tee_token_minver_get reads minimum version of a token from TVT + * \param dg_id data group ID + * \param min_ver pointer to result + * \param flags unspecified + */ +int32_t tee_token_minver_get(uint32_t dg_id, uint32_t *min_ver, uint32_t flags); + +/*! + * \brief tee_token_lifetimedata_get gets device specific lifetime data + * \param timestamp pointer for retrieving Token Lifetime Timestamp + * \param nonce pointer for retrieving Token Lifetime Nonce + * \param mac pointer for retrieving Token Timestamp MAC + */ +int32_t tee_token_lifetimedata_get(uint32_t *timestamp, + uint8_t nonce[TOKEN_NONCE_LENGTH], + uint8_t mac[TOKEN_MAC_LENGTH]); +#endif /* end of __TEE_TOKEN_IF_H */ diff --git a/peripheral/keystore/chaabi/libcc54/include/management_apis.xml b/peripheral/keystore/chaabi/libcc54/include/management_apis.xml new file mode 100644 index 0000000..fdaf40d --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/management_apis.xml @@ -0,0 +1,38 @@ +<?xml version="1.0" encoding="US-ASCII" ?> +<!--**************************************************************** +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +*****************************************************************--> + +<!-- SepRpcTest API description: An API dedicated to test the RPC mechanism --> + +<api name="DxManagement"> <!-- The DxManagementRpc API Agent ID --> + + <!-- Default return codes for generated wrapper code (may be overriden for specific functions --> + <retcodes ok="DX_SUCCESS" generic_error="DX_FAILURE" invalid_param="DX_FAILURE" not_enough_resources="DX_FAILURE" /> + + <!-- Header files to include for prototypes --> + <header>dx_pal_types.h</header> + <header>dx_management.h</header> + + <function name="DX_MNG_GetLcs" return="le32(DxUint32_t)"> + <!-- + DxUint32_t DX_MNG_GetLcs(DxUint32_t *lcsVal); + --> + <param name="lcsVal" direction="o" ptype="ref" dtype="le32(DxUint32_t)" /> + + </function> + + <function name="DX_MNG_GetFwVersion" return="le32(DxUint32_t)"> + <!-- + DxUint32_t DX_MNG_GetFwVersion(DxUint32_t *fwVer, DxUint32_t *romVer); + --> + <param name="fwVer" direction="o" ptype="ref" dtype="le32(DxUint32_t)" /> + <param name="romVer" direction="o" ptype="ref" dtype="le32(DxUint32_t)" /> + + </function> + +</api> + + diff --git a/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_abort.h b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_abort.h new file mode 100644 index 0000000..e01b89b --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_abort.h @@ -0,0 +1,22 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _DX_PAL_ABORT_H +#define _DX_PAL_ABORT_H + + +#include "dx_pal_abort_plat.h" + + +/*! + * Abort SeP execution by reporting aborting instruction in GPR6 + * (State is set to 0xBAD0BAD0 in GPR7) + */ +#define DX_PAL_Abort(msg) _DX_PAL_Abort(msg) + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_compiler.h b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_compiler.h new file mode 100644 index 0000000..86ba706 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_compiler.h @@ -0,0 +1,49 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef __DX_PAL_COMPILER_H__ +#define __DX_PAL_COMPILER_H__ + +/************************************/ +/* Compiler directives wrappers */ +/************************************/ + +#ifdef __GNUC__ + +/* associate a symbol with a link section */ +#define DX_PAL_COMPILER_SECTION(sectionName) __attribute__((section(sectionName))) + +/* Mark symbol as used, i.e., prevent garbage collector from dropping it */ +#define DX_PAL_COMPILER_KEEP_SYMBOL __attribute__((used)) + +/* Make given data item aligned (alignment in bytes) */ +#define DX_PAL_COMPILER_ALIGN(alignement) __attribute__((aligned(alignement))) + +/* Mark function that never returns */ +#define DX_PAL_COMPILER_FUNC_NEVER_RETURNS __attribute__((noreturn)) + +/* Prevent function from being inlined */ +#define DX_PAL_COMPILER_FUNC_DONT_INLINE __attribute__((noinline)) + +/* Given data type may cast (alias) another data type pointer */ +/* (this is used for "superclass" struct casting) */ +#define DX_PAL_COMPILER_TYPE_MAY_ALIAS __attribute__((__may_alias__)) + +/* Get sizeof for a structure type member */ +#define DX_PAL_COMPILER_SIZEOF_STRUCT_MEMBER(type_name, member_name) \ + sizeof(((type_name *)0)->member_name) + +/* Compile time assertion (we do not have static_assert support) */ +#define DX_ASSERT_CONCAT_(a, b) a##b +#define DX_ASSERT_CONCAT(a, b) DX_ASSERT_CONCAT_(a, b) +#define DX_PAL_COMPILER_ASSERT(cond, message) \ + enum { DX_ASSERT_CONCAT(assert_line_, __LINE__) = 1/(!!(cond)) } + +#else +#error Unsupported compiler. +#endif + +#endif /*__DX_PAL_COMPILER_H__*/ diff --git a/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_error.h b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_error.h new file mode 100644 index 0000000..68c6854 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_error.h @@ -0,0 +1,35 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _DX_PAL_ERROR_H +#define _DX_PAL_ERROR_H + + +#ifdef __cplusplus +extern "C" +{ +#endif + +#define DX_PAL_BASE_ERROR 0x0F000000 + +/* Memory error returns */ +#define DX_PAL_MEM_BUF1_GREATER DX_PAL_BASE_ERROR + 0x01UL +#define DX_PAL_MEM_BUF2_GREATER DX_PAL_BASE_ERROR + 0x02UL + +/* Semaphore error returns */ +#define DX_PAL_SEM_CREATE_FAILED DX_PAL_BASE_ERROR + 0x03UL +#define DX_PAL_SEM_DELETE_FAILED DX_PAL_BASE_ERROR + 0x04UL +#define DX_PAL_SEM_WAIT_TIMEOUT DX_PAL_BASE_ERROR + 0x05UL +#define DX_PAL_SEM_WAIT_FAILED DX_PAL_BASE_ERROR + 0x06UL +#define DX_PAL_SEM_RELEASE_FAILED DX_PAL_BASE_ERROR + 0x07UL + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_file.h b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_file.h new file mode 100644 index 0000000..355ac43 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_file.h @@ -0,0 +1,195 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _DX_PAL_FILE_H +#define _DX_PAL_FILE_H + + +#ifdef __cplusplus +extern "C" +{ +#endif + +#include "dx_pal_types.h" +#include "dx_pal_file_plat.h" +/** +* @brief File Description: +* This file conatins functions for file related operations. The functions implementations +* are generally just wrappers to different operating system calls. +* None of the described functions will check the input parameters so the behavior +* of the APIs in illegal parameters case is dependent on the operating system behavior. +* +*/ + +/**** ----- Files General Definitions ----- ****/ +typedef enum +{ + DX_PAL_Read = 0, /* "r", read only */ + DX_PAL_ReadAndWrite = 1, /* "r+", read and write */ + DX_PAL_Write = 2, /* "w", write only */ + DX_PAL_WriteAndRead = 3, /* "w+", write and read */ + DX_PAL_Append = 4, /* "a", append to the end of file */ + DX_PAL_AppendAndRead = 5, /* "a+", append (to the end of file) and read */ + DX_PAL_ReadBinary = 6, /* "rb", read binary */ + DX_PAL_ReadAndWriteBinary = 7, /* "r+b" read and write binary */ + DX_PAL_WriteBinary = 8, /* "wb" write binary */ + DX_PAL_WriteAndReadBinary = 9, /* "w+b" write and read binary */ + DX_PAL_AppendBinary = 10, /* "ab" append binary */ + DX_PAL_AppendAndReadBinary = 11, /* "a+b" append and read binary */ + + DX_PAL_DummyMode = 0x7FFFFFFF + +}DX_PAL_FileMode_t; + +/* Definitions for SEEK positions */ + +#define DX_PAL_SEEK_START 0 /* Seek from start of file */ +#define DX_PAL_SEEK_CUR 1 /* Seek from current position */ +#define DX_PAL_SEEK_END 2 /* Seek from end of file */ + +/* Definition for DxFile */ +typedef struct _DxFile_t* DxFile_t; +/**** ------------------------------------- ****/ + + +/*---------------------------- + PUBLIC FUNCTIONS +-----------------------------------*/ + +/** + * @brief This function purpose is to create a new file. The function will delete a file + * If it is already exist. + * + * + * @param[in] aFileName - The file name to create + * + * @return The function returns a FILE handle to the opened file, in case of failure + * the function will return NULL + */ +DxFile_t DX_PAL_FileCreate( DxChar_t *aFileName ); + +/* Definition for DX_PAL_FileCreate */ +#define DX_PAL_FileCreate(aFileName) _DX_PAL_FileCreate(aFileName) +/** + * @brief This function purpose is to create a new file. The function will delete a file + * If it is already exist. + * + * + * @param[in] aFileName - The file name to open + * @param[in] aFileMode - The mode to open the file + * + * @return The function returns a FILE handle to the opened file, in case of failure + * the function will return NULL + */ +DxFile_t DX_PAL_FOpen( DxChar_t *aFileName, DX_PAL_FileMode_t aFileMode ); + +/* Definition for fopen */ +#define DX_PAL_FOpen(aFileName, aFileMode) _DX_PAL_FOpen(aFileName, aFileMode) +/** + * @brief This function purpose is to close a file (pointed by aFileHandle), The function + * will dissociate the file from the handle. + * + * + * @param[in] aFileHandle - The file name to create + * + * @return The return values will be according to operating system return values. + */ +DxError_t DX_PAL_FClose( DxFile_t aFileHandle ); + +/* Definition for fclose */ +#define DX_PAL_FClose(aFileHandle) _DX_PAL_FClose(aFileHandle) + +/** + * @brief This function purpose is to change the file pointer position according to aOffset + * + * + * @param[in] aFileHandle - The file handle + * @param[in] aOffset - offset to move the file pointer inside the file + * @param[in] aSeekOrigin - seek origin (current, end or start) to move aOffset from + * + * @return The return values will be according to operating system return values. + */ +DxError_t DX_PAL_FSeek( DxFile_t aFileHandle , DxInt32_t aOffset, DxUint8_t aSeekOrigin ); + +/* Definition for fseek */ +#define DX_PAL_FSeek(aFileHandle ,aOffset, aSeekOrigin) _DX_PAL_FSeek(aFileHandle ,aOffset, aSeekOrigin) + +/** + * @brief This function purpose is to return the file pointer position + * + * + * @param[in] aFileHandle - The file handle + * + * @return The file pointer position + */ +DxUint32_t DX_PAL_FTell( DxFile_t aFileHandle ); + +/* definition for DX_PAL_FTell */ +#define DX_PAL_FTell(aFileHandle) _DX_PAL_FTell(aFileHandle) + +/** + * @brief This function purpose is to read aSize of bytes from the file and write it + * to aBuffer. In case EOF reached before aSize is read the returned size will be smaller + * than aSize. + * + * + * @param[in] aFileHandle - The file handle + * @param[in] aBuffer - Pointer to buffer to read the data into + * @param[in] aSize - Number of bytes to read from file + * + * @return The number of bytes read from the file + */ +DxUint32_t DX_PAL_FRead(DxFile_t aFileHandle, void *aBuffer, DxUint32_t aSize ); + +/* Definition for fread */ +#define DX_PAL_FRead(aFileHandle, aBuffer, aSize) _DX_PAL_FRead(aFileHandle, aBuffer, aSize) +/** + * @brief This function purpose is to write aSize bytes from aBuffer to the file pointed + * by aFileHandle. + * + * + * @param[in] aFileHandle - The file handle + * @param[in] aBuffer - Pointer to buffer to read the data into + * @param[in] aSize - Number of bytes to read from file + * + * @return The number of bytes written to the file + */ +DxUint32_t DX_PAL_FWrite( DxFile_t aFileHandle, const void *aBuffer, DxUint32_t aSize ); + +#define DX_PAL_FWrite(aFileHandle, aBuffer, aSize) _DX_PAL_FWrite(aFileHandle, aBuffer, aSize) +/** + * @brief This function purpose is to save all buffered data to disk + * + * + * @param[in] aFileHandle - The file handle + * + * @return The return values will be according to operating system return values. + */ +DxError_t DX_PAL_FFlush( DxFile_t aFileHandle ); + +/* Definition for fflush */ +#define DX_PAL_FFlush(aFileHandle) _DX_PAL_FFlush(aFileHandle) + +/** + * @brief This function purpose is to return the file size + * + * + * @param[in] aFileHandle - The file handle + * @param[out] aFileSize - The returned file size + * + * @return The function will return DX_SUCCESS in case of success, else errors from + * DX_PAL_Error.h will be returned. + */ +DxError_t DX_PAL_FGetFileSize( DxFile_t aFileHandle, DxUint32_t *aFileSize ); + + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_list.h b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_list.h new file mode 100644 index 0000000..d701019 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_list.h @@ -0,0 +1,89 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef DX_PAL_LIST_H +#define DX_PAL_LIST_H + + +typedef struct DX_PAL_ListItem { + struct DX_PAL_ListItem *prev; + struct DX_PAL_ListItem *next; +} DX_PAL_ListItem_s; + +/*! + * Initializes a list. Prev/Next points to the same head object. + * + * \param head The head of the list. + */ +static inline void DX_PAL_ListInit(DX_PAL_ListItem_s *head) +{ + head->prev = head; + head->next = head; +} + +/*! + * Add a new list item after head of list. + * + * \param new New entry to be added + * \param head List head to add it after + */ +static inline void DX_PAL_ListAdd(DX_PAL_ListItem_s *new, DX_PAL_ListItem_s *head) +{ + DX_PAL_ListItem_s *next = head->next; + + next->prev = new; + new->next = next; + new->prev = head; + head->next = new; +} + +/*! + * Add a new list item after head of list. + * + * \param new New entry to be added + * \param head List head to add it after + */ +static inline void DX_PAL_ListAddTail(DX_PAL_ListItem_s *new, DX_PAL_ListItem_s *head) +{ + DX_PAL_ListItem_s *prev = head->prev; + + prev->next = new; + new->next = head; + new->prev = prev; + head->prev = new; +} + +/*! + * Deletes entry from list. + * + * \param item The item to delete from the list. + */ +static inline void DX_PAL_ListDel(DX_PAL_ListItem_s *item) +{ + DX_PAL_ListItem_s *prev = item->prev; + DX_PAL_ListItem_s *next = item->next; + + prev->next = next; + next->prev = prev; + + item->next = item; + item->prev = item; +} + +/*! + * Checks whether a list is empty. + * + * \param head The list's head + * + * \return int True if empty list, False otherwise. + */ +static inline int DX_PAL_IsListEmpty(const DX_PAL_ListItem_s *head) +{ + return (head->next == head); +} + +#endif + diff --git a/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_log.h b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_log.h new file mode 100644 index 0000000..b07f2b1 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_log.h @@ -0,0 +1,91 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _DX_PAL_LOG_H_ +#define _DX_PAL_LOG_H_ + +#include "dx_pal_log_plat.h" + + +/* PAL log levels (to be used in DX_PAL_logLevel) */ +#define DX_PAL_LOG_LEVEL_ERR 0 +#define DX_PAL_LOG_LEVEL_WARN 1 +#define DX_PAL_LOG_LEVEL_INFO 2 +#define DX_PAL_LOG_LEVEL_DEBUG 3 +#define DX_PAL_LOG_LEVEL_TRACE 4 +#define DX_PAL_LOG_LEVEL_DATA 5 + +/* This printf wrapper masks maps log level to MODULE_* levels and masks prints * + from specific components at run time based on PAL_LOG_CUR_COMPONENT and * +* pal_log_component_mask. */ +#define _DX_PAL_LOG(level, format, ...) \ + if (DX_PAL_log_mask & DX_PAL_LOG_CUR_COMPONENT) \ + PRINTF("%s: " format, __func__, ##__VA_ARGS__) + +/* Select compile time log level */ +#if defined(DEBUG) +#include <stdio.h> +#define DX_PAL_MAX_LOG_LEVEL DX_PAL_LOG_LEVEL_ERR +#else /* only critical prints */ +#define DX_PAL_MAX_LOG_LEVEL DX_PAL_LOG_LEVEL_ERR +#endif + +void DX_PAL_LogInit(); +void DX_PAL_LogLevelSet(unsigned int setLevel); + +#ifdef _MAIN_C_ +/* Declare global variable in main.c only */ +unsigned int DX_PAL_logLevel = DX_PAL_MAX_LOG_LEVEL; +unsigned int DX_PAL_log_mask = 0xFFFFFFFF; +#else +extern unsigned int DX_PAL_logLevel; +extern unsigned int DX_PAL_log_mask; +#endif + +#define DX_PAL_LOG_ERR(format, ...) \ + _DX_PAL_LOG(ERR, format, ##__VA_ARGS__) + +#if (DX_PAL_MAX_LOG_LEVEL >= DX_PAL_LOG_LEVEL_WARN) +#define DX_PAL_LOG_WARN(format, ...) \ + if (DX_PAL_logLevel >= DX_PAL_LOG_LEVEL_WARN) \ + _DX_PAL_LOG(WARN, format, ##__VA_ARGS__) +#else +#define DX_PAL_LOG_WARN(format, arg...) do {} while (0) +#endif + +#if (DX_PAL_MAX_LOG_LEVEL >= DX_PAL_LOG_LEVEL_INFO) +#define DX_PAL_LOG_INFO(format, ...) \ + if (DX_PAL_logLevel >= DX_PAL_LOG_LEVEL_INFO) \ + _DX_PAL_LOG(INFO, format, ##__VA_ARGS__) +#else +#define DX_PAL_LOG_INFO(format, arg...) do {} while (0) +#endif + +#if (DX_PAL_MAX_LOG_LEVEL >= DX_PAL_LOG_LEVEL_DEBUG) +#define DX_PAL_LOG_DEBUG(format, ...) \ + if (DX_PAL_logLevel >= DX_PAL_LOG_LEVEL_DEBUG) \ + _DX_PAL_LOG(DEBUG, format, ##__VA_ARGS__) +#else +#define DX_PAL_LOG_DEBUG(format, arg...) do {} while (0) +#endif + +#if (DX_PAL_MAX_LOG_LEVEL >= DX_PAL_LOG_LEVEL_TRACE) +#define DX_PAL_LOG_TRACE(format, ...) \ + if (DX_PAL_logLevel >= DX_PAL_LOG_LEVEL_TRACE) \ + _DX_PAL_LOG(TRACE, format, ##__VA_ARGS__) +#else +#define DX_PAL_LOG_TRACE(format, arg...) do {} while (0) +#endif + +#if (DX_PAL_MAX_LOG_LEVEL >= DX_PAL_LOG_LEVEL_TRACE) +#define DX_PAL_LOG_DATA(format, ...) \ + if (DX_PAL_logLevel >= DX_PAL_LOG_LEVEL_TRACE) \ + _DX_PAL_LOG(DATA, format, ##__VA_ARGS__) +#else +#define DX_PAL_LOG_DATA(format, arg...) do {} while (0) +#endif + +#endif /*_DX_PAL_LOG_H_*/ diff --git a/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_mem.h b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_mem.h new file mode 100644 index 0000000..7623b2c --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_mem.h @@ -0,0 +1,186 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _DX_PAL_MEM_H +#define _DX_PAL_MEM_H + + +#ifdef __cplusplus +extern "C" +{ +#endif + +#include "dx_pal_types.h" +#include "dx_pal_mem_plat.h" +#include "dx_pal_malloc_plat.h" + + +/** +* @brief File Description: +* This file conatins functions for memory operations. The functions implementations +* are generally just wrappers to different operating system calls. +* None of the described functions will check the input parameters so the behavior +* of the APIs in illegal parameters case is dependent on the operating system behavior. +* +*/ + + +/*---------------------------- + PUBLIC FUNCTIONS +-----------------------------------*/ + +/**** ----- Memory Operations APIs ----- ****/ + +/** + * @brief This function purpose is to compare between two given buffers according to given + * size. + * + * + * @param[in] aTarget - The target buffer to compare + * @param[in] aSource - The Source buffer to compare to + * @param[in] aSize - Number of bytes to compare + * + * @return The return values will be according to operating system return values. + */ +DxInt32_t DX_PAL_MemCmp( const void* aTarget, + const void* aSource, + DxUint32_t aSize ); + +/* Definition for MemCmp */ +#define DX_PAL_MemCmp _DX_PAL_MemCmp + +/** + * @brief This function purpose is to perform secured memory comparison between two given + * buffers according to given size. The function will compare each byte till aSize + * number of bytes was compared even if the bytes are different. + * The function should be used to avoid security timing attacks. + * + * + * @param[in] aTarget - The target buffer to compare + * @param[in] aSource - The Source buffer to compare to + * @param[in] aSize - Number of bytes to compare + * + * @return The function will return DX_SUCCESS in case of success, else errors from + * DX_PAL_Error.h will be returned. + */ +DxError_t DX_PAL_SecMemCmp( const DxUint8_t* aTarget, + const DxUint8_t* aSource, + DxUint32_t aSize ); + +/** + * @brief This function purpose is to copy aSize bytes from source buffer to destination buffer. + * + * + * @param[in] aDestination - The destination buffer to copy bytes to + * @param[in] aSource - The Source buffer to copy from + * @param[in] aSize - Number of bytes to copy + * + * @return void + */ +void DX_PAL_MemCopy( const void* aDestination, + const void* aSource, + DxUint32_t aSize ); + +/** + * @brief This function purpose is to copy aSize bytes from source buffer to destination buffer. + * This function Supports ovelapped buffers + * + * + * @param[in] aDestination - The destination buffer to copy bytes to + * @param[in] aSource - The Source buffer to copy from + * @param[in] aSize - Number of bytes to copy + * + * @return void + */ +void DX_PAL_MemMove( const void* aDestination, + const void* aSource, + DxUint32_t aSize ); + +/* Definition for MemCopy */ +#define DX_PAL_MemCopy _DX_PAL_MemCopy +#define DX_PAL_MemMove _DX_PAL_MemMove + + +/** + * @brief This function purpose is to set aSize bytes in the given buffer with aChar. + * + * + * @param[in] aTarget - The target buffer to set + * @param[in] aChar - The char to set into aTarget + * @param[in] aSize - Number of bytes to set + * + * @return void + */ +void DX_PAL_MemSet( const void* aTarget, + const DxUint8_t aChar, + DxUint32_t aSize ); + +/* Definition for MemSet */ +#define DX_PAL_MemSet(aTarget, aChar, aSize) _DX_PAL_MemSet(aTarget, aChar, aSize) + +/** + * @brief This function purpose is to set aSize bytes in the given buffer with zeroes. + * + * + * @param[in] aTarget - The target buffer to set + * @param[in] aChar - The char to set into aTarget + * @param[in] aSize - Number of bytes to set + * + * @return void + */ +void DX_PAL_MemSetZero( const void* aTarget, + DxUint32_t aSize ); + +#define DX_PAL_MemSetZero(aTarget, aSize) _DX_PAL_MemSetZero(aTarget, aSize) + +/**** ----- Memory Allocation APIs ----- ****/ + +/** + * @brief This function purpose is to allocate a memory buffer according to aSize. + * + * @param[in] aSize - Number of bytes to allocate + * + * @return The function will return a pointer to allocated buffer or NULL if allocation failed. + */ +void* DX_PAL_MemMalloc(DxUint32_t aSize); + +/* Definition for MemMalloc */ +#define DX_PAL_MemMalloc _DX_PAL_MemMalloc + +/** + * @brief This function purpose is to reallocate a memory buffer according to aNewSize. + * The content of the old buffer is moved to the new location + * + * @param[in] aBuffer - Pointer to allocated buffer + * @param[in] aNewSize - Number of bytes to reallocate + * + * @return The function will return a pointer to the newly allocated buffer or NULL if allocation failed. + */ +void* DX_PAL_MemRealloc( void* aBuffer, + DxUint32_t aNewSize ); + +/* Definition for MemRealloc */ +#define DX_PAL_MemRealloc _DX_PAL_MemRealloc + +/** + * @brief This function purpose is to free allocated buffer. + * + * @param[in] aBuffer - A pointer to allocated buffer + * + * @return void + */ +void DX_PAL_MemFree(void* aBuffer); + +/* Definition for MemFree */ +#define DX_PAL_MemFree _DX_PAL_MemFree + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_memmap.h b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_memmap.h new file mode 100644 index 0000000..9d10bb6 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_memmap.h @@ -0,0 +1,66 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _DX_PAL_MEMMAP_H +#define _DX_PAL_MEMMAP_H + + +#ifdef __cplusplus +extern "C" +{ +#endif + +/** +* @brief File Description: +* This file conatins functions for memory mapping +* None of the described functions will check the input parameters so the behavior +* of the APIs in illegal parameters case is dependent on the operating system behavior. +* +*/ + + +/*---------------------------- + PUBLIC FUNCTIONS +-----------------------------------*/ + +/** + * @brief This function purpose is to return the base virtual address that maps the + * base physical address + * + * + * @param[in] aPhysicalAddress - Starts physical address of the I/O range to be mapped. + * @param[in] aMapSize - Number of bytes that were mapped + * @param[out] aVirtualAddr - Pointer to the base virtual address to which the physical pages were mapped + * + * @return The return values will be according to operating system return values. + */ +DxError_t DX_PAL_MemMap( DxUint32_t PhysicalAddress, + DxUint32_t aMapSize, + DxUint32_t* aVirtualAddr ); + +/** + * @brief This function purpose is to Unmaps a specified address range previously mapped + * by DX_PAL_MemMap + * + * + * @param[in] aVirtualAddr - Pointer to the base virtual address to which the physical + * pages were mapped + * @param[in] aMapSize - Number of bytes that were mapped + * + * @return The return values will be according to operating system return values. + */ +DxError_t DX_PAL_MemUnMap( DxUint32_t* aVirtualAddr, + DxUint32_t aMapSize ); + + + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_sem.h b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_sem.h new file mode 100644 index 0000000..d629d87 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_sem.h @@ -0,0 +1,91 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _DX_PAL_SEM_H +#define _DX_PAL_SEM_H +#include "dx_pal_sem_plat.h" + +#define DX_PAL_SEM_NO_WAIT 0 +#define DX_PAL_SEM_FREE 1 +#define DX_PAL_SEM_LOCKED 0 + + +#ifdef __cplusplus +extern "C" +{ +#endif + +/** +* @brief File Description: +* This file contains functions for resource management (semaphor operations). +* The functions implementations are generally just wrappers to different operating system calls. +* None of the described functions will check the input parameters so the behavior +* of the APIs in illegal parameters case is dependent on the operating system behavior. +* +*/ + + + + +/*---------------------------- + PUBLIC FUNCTIONS +-----------------------------------*/ + +/** + * @brief This function purpose is to create a semaphore. + * + * + * @param[out] aSemId - Pointer to created semaphor handle + * @param[in] aInitialVal - Initial semaphore value + * + * @return The return values will be according to operating system return values. + */ +//DxError_t DX_PAL_SemCreate( DX_PAL_SEM *aSemId, DxUint32_t aInitialVal ); +#define DX_PAL_SemCreate _DX_PAL_SemCreate +/** + * @brief This function purpose is to delete a semaphore + * + * + * @param[in] aSemId - Semaphore handle + * + * @return The return values will be according to operating system return values. + */ +//DxError_t DX_PAL_SemDelete( DX_PAL_SEM *aSemId ); +#define DX_PAL_SemDelete _DX_PAL_SemDelete +/** + * @brief This function purpose is to Wait for semaphore with aTimeOut. aTimeOut is + * specified in milliseconds. + * + * + * @param[in] aSemId - Semaphore handle + * @param[in] aTimeOut - timeout in mSec, or DX_INFINITE + * + * @return The return values will be according to operating system return values. + */ +//DxError_t DX_PAL_SemWait(DX_PAL_SEM aSemId, DxUint32_t aTimeOut); +#define DX_PAL_SemWait _DX_PAL_SemWait +/** + * @brief This function purpose is to signal the semaphore. + * + * + * @param[in] aSemId - Semaphore handle + * + * @return The return values will be according to operating system return values. + */ +//DxError_t DX_PAL_SemGive(DX_PAL_SEM aSemId); + +#define DX_PAL_SemGive _DX_PAL_SemGive + + + + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_string.h b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_string.h new file mode 100644 index 0000000..414e7e6 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_string.h @@ -0,0 +1,111 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _DX_PAL_STRING_H +#define _DX_PAL_STRING_H + + +#ifdef __cplusplus +extern "C" +{ +#endif + +#include "dx_pal_types.h" +#include "dx_pal_string_plat.h" +/** +* @brief File Description: +* This file conatins functions for string manipulation. The functions implementations +* are generally just wrappers to different operating system calls. +* None of the described functions will check the input parameters so the behavior +* of the APIs in illegal parameters case is dependent on the operating system behavior. +* +*/ + + +/*---------------------------- + PUBLIC FUNCTIONS +-----------------------------------*/ + +/** + * @brief This function purpose is to return the string length (Null terminated buffer) + * + * + * @param[in] aStr - Pointer to string + * + * @return The string length + */ +DxUint32_t DX_PAL_StrLen(DxChar_t *aStr); + +/* Definition for StrLen */ +#define DX_PAL_StrLen _DX_PAL_StrLen + +/** + * @brief This function purpose is to find the string specified in aStrSearchFor in the + * string specified in aStrSearchIn + * + * + * @param[in] aStrSearchIn - Pointer to string to search in + * @param[in] aStrSearchFor - Pointer to string to search for in aStrSearchIn + * + * @return Pointer to the first occurrence of searchFor in searchIn or DX_NULL if string + * was not found. + */ +DxChar_t* DX_PAL_FindStr(const DxChar_t* aStrSearchIn, const DxChar_t* aStrSearchFor ); + +/* Definition for */ +#define DX_PAL_FindStr _DX_PAL_FindStr + +/** + * @brief This function purpose is to find the first appearance of aChr in aStr. + * + * + * @param[in] aStr - Pointer to string + * @param[in] aChr - Char to look for in string + * + * @return A pointer to the first appearance of aChr in aStr, if not found NULL is returned + */ +DxChar_t* DX_PAL_StrChr(DxChar_t *aStr, DxChar_t aChr ); + +/* Definition for StrChr */ +#define DX_PAL_StrChr _DX_PAL_StrChr + +/** + * @brief This function purpose is to find the last appearance of aChr in aStr + * + * + * @param[in] aStr - Pointer to string + * @param[in] aChr - Char to look for in string + * + * @return A pointer to the last appearance of aChr in aStr, if not found NULL is returned + */ +DxChar_t* DX_PAL_StrRChr(DxChar_t *aStr, DxChar_t aChr ); + +/* Definition for StrRChr */ +#define DX_PAL_StrRChr _DX_PAL_StrRChr + +/** + * @brief This function purpose is to copy aSize bytes from aSrcStr to aDestStr. + * + * + * @param[in] aDestStr - Pointer to destination string + * @param[in] aSrcStr - Pointer to source string (to copy from) + * @param[in] aSize - Number of bytes to copy + * + * @return A pointer to destination string + */ +DxChar_t* DX_PAL_StrNCopy( DxChar_t *aDestStr, DxChar_t *aSrcStr, DxUint32_t aSize ); + +/* Definition for StrNCopy */ +#define DX_PAL_StrNCopy _DX_PAL_StrNCopy + + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_time.h b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_time.h new file mode 100644 index 0000000..bd4b29b --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_time.h @@ -0,0 +1,45 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _DX_PAL_TIME_H +#define _DX_PAL_TIME_H + + +#ifdef __cplusplus +extern "C" +{ +#endif + +/** +* @brief File Description: +* This file conatins functions for time handling. The functions implementations +* are generally just wrappers to different operating system calls. +*/ + + +/*---------------------------- + PUBLIC FUNCTIONS +-----------------------------------*/ + +/** + * @brief This function returns the number of seconds passed from 1/1/1970 00:00 UTC. + * + * + * @param[in] void + * + * @return Number of seconds passed from 1/1/1970 00:00 UTC + */ +DxInt32_t DX_PAL_GetTime( void ); + + + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_types.h b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_types.h new file mode 100644 index 0000000..0f12d69 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/pal/dx_pal_types.h @@ -0,0 +1,27 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef DX_PAL_TYPES_H +#define DX_PAL_TYPES_H + +#include "dx_pal_types_plat.h" + +typedef DxUint8_t DxByte_t; + +typedef enum { + DX_FALSE = 0, + DX_TRUE = 1 +} EDxBool; + +typedef DxUint32_t DxBool_t; +typedef DxUint32_t DxStatus; + +#define DxError_t DxStatus +#define DX_SUCCESS 0UL +#define DX_FAIL 1UL +#define DX_INFINITE 0xFFFFFFFF + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_file_plat.h b/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_file_plat.h new file mode 100644 index 0000000..4dcc0d6 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_file_plat.h @@ -0,0 +1,97 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _DX_PAL_FILE_INT_H +#define _DX_PAL_FILE_INT_H + + +#ifdef __cplusplus +extern "C" +{ +#endif + +#include "stdio.h" + +/** +* @brief File Description: +* This file conatins wrapper functions for file related operations. +*/ + +/**** ----- Files General Definitions ----- ****/ + +/* Definitions for file modes */ +#define DX_PAL_MAX_SIZE_MODE 4 +#define DX_PAL_NUM_OF_SUPPORT_MODES 12 + +typedef DxChar_t DX_PAL_FileModeStr_t[DX_PAL_MAX_SIZE_MODE]; + +typedef DX_PAL_FileModeStr_t DX_PAL_FileModesTable_t[DX_PAL_NUM_OF_SUPPORT_MODES]; + +extern const DX_PAL_FileModeStr_t DX_PAL_FileModeTable[]; +/**** ------------------------------------- ****/ + +//#define _DxFile_t FILE + +/*---------------------------- + PUBLIC FUNCTIONS +-----------------------------------*/ +/** +* @brief A wrapper for fopen functionality (to create a new file, the file is opened for read and +* write). +* +*/ +#define _DX_PAL_FileCreate(aFileName) DX_PAL_FOpen(aFileName, DX_PAL_WriteAndRead) + +/** +* @brief A wrapper for fopen functionality. DX_PAL_FileModeTable contains all possible modes +* for fopen +* +*/ +#define _DX_PAL_FOpen(aFileName, aFileMode) ((DxFile_t)fopen(aFileName, DX_PAL_FileModeTable[aFileMode])) + +/** + * @brief A wrapper for fclose functionality. + * + */ +#define _DX_PAL_FClose(aFileHandle) fclose((FILE*)aFileHandle) + +/** + * @brief A wrapper for fseek functionality + * + */ +#define _DX_PAL_FSeek(aFileHandle ,aOffset, aSeekOrigin) fseek((FILE*)aFileHandle ,aOffset, aSeekOrigin) + +/** + * @brief A wrapper for ftell functionality + * + */ +#define _DX_PAL_FTell(aFileHandle) ftell((FILE*)aFileHandle) + +/** +* @brief A wrapper for fread functionality +* +*/ +#define _DX_PAL_FRead(aFileHandle, aBuffer, aSize) fread(aBuffer, 1, aSize, (FILE*)aFileHandle) + +/** +* @brief A wrapper for fwrite functionality +* +*/ +#define _DX_PAL_FWrite(aFileHandle, aBuffer, aSize) fwrite(aBuffer, 1, aSize, (FILE*)aFileHandle) +/** + * @brief A wrapper for fflush functionality + * + */ +#define _DX_PAL_FFlush(aFileHandle) fflush((FILE*)aFileHandle) + + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_log_plat.h b/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_log_plat.h new file mode 100644 index 0000000..a33cfee --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_log_plat.h @@ -0,0 +1,23 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _DX_PAL_LOG_PLAT_H_ +#define _DX_PAL_LOG_PLAT_H_ + +#include "dx_log_mask.h" + +/************** PRINTF rules ******************/ +#if defined(DEBUG) + +#define PRINTF printf + +#else /* Disable all prints */ + +#define PRINTF(...) do {} while (0) + +#endif + +#endif /*_DX_PAL_LOG_PLAT_H_*/ diff --git a/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_malloc_plat.h b/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_malloc_plat.h new file mode 100644 index 0000000..ca9d857 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_malloc_plat.h @@ -0,0 +1,56 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _DX_PAL_MEMALLOC_INT_H +#define _DX_PAL_MEMALLOC_INT_H + + +#ifdef __cplusplus +extern "C" +{ +#endif + +#include <stdlib.h> +/** +* @brief File Description: +* This file contains wrappers for memory operations APIs. +*/ + + +/*---------------------------- + PUBLIC FUNCTIONS +-----------------------------------*/ + +/** + * @brief A wrapper over malloc functionality. The function allocates a buffer according to given size + * + */ + #define _DX_PAL_MemMalloc malloc + + +/** + * @brief A wrapper over realloc functionality. The function allocates and copy a buffer + * according to size + * + */ +#define _DX_PAL_MemRealloc realloc + + +/** + * @brief A wrapper over free functionality/ The function will free allocated memory. + * + */ +#define _DX_PAL_MemFree free + + + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_mem_plat.h b/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_mem_plat.h new file mode 100644 index 0000000..98bbe67 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_mem_plat.h @@ -0,0 +1,64 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _DX_PAL_MEM_INT_H +#define _DX_PAL_MEM_INT_H + + +#ifdef __cplusplus +extern "C" +{ +#endif + +#include <stdlib.h> +#include <string.h> +/** +* @brief File Description: +* This file conatins the implementation for memory operations APIs. +* The functions implementations are generally just wrappers to different operating system calls. +*/ + + +/*---------------------------- + PUBLIC FUNCTIONS +-----------------------------------*/ + +/** + * @brief A wrapper over memcmp functionality. The function compares two given buffers + * according to size. + */ +#define _DX_PAL_MemCmp memcmp + +/** + * @brief A wrapper over memmove functionality, the function copies from one + * buffer to another according to given size + * + */ +#define _DX_PAL_MemCopy memmove + +/** + * @brief A wrapper over memset functionality, the function sets a buffer with given value + * according to size + * + */ +#define _DX_PAL_MemSet(aTarget, aChar, aSize) memset(aTarget, aChar, aSize) + +/** + * @brief A wrapper over memset functionality, the function sets a buffer with zeroes + * according to size + * + */ +#define _DX_PAL_MemSetZero(aTarget, aSize) _DX_PAL_MemSet(aTarget,0x00, aSize) + + + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_sem_plat.h b/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_sem_plat.h new file mode 100644 index 0000000..f33b5ea --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_sem_plat.h @@ -0,0 +1,84 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _DX_PAL_SEM_INT__H +#define _DX_PAL_SEM_INT__H + + + +#ifdef __cplusplus +extern "C" +{ +#endif +#include <semaphore.h> +/** +* @brief File Description: +* This file contains functions for resource management (semaphor operations). +* The functions implementations are generally just wrappers to different operating system calls. +* None of the described functions will check the input parameters so the behavior +* of the APIs in illegal parameters case is dependent on the operating system behavior. +* +*/ + +typedef sem_t DX_PAL_SEM; + + + +/*---------------------------- + PUBLIC FUNCTIONS +-----------------------------------*/ + +/** + * @brief This function purpose is to create a semaphore. + * + * + * @param[out] aSemId - Pointer to created semaphor handle + * @param[in] aInitialVal - Initial semaphore value + * + * @return The return values will be according to operating system return values. + */ +#define _DX_PAL_SemCreate(aSemId, aInitialVal) sem_init(aSemId, 0, aInitialVal) + +/** + * @brief This function purpose is to delete a semaphore + * + * + * @param[in] aSemId - Semaphore handle + * + * @return The return values will be according to operating system return values. + */ +#define _DX_PAL_SemDelete(aSemId) sem_destroy (aSemId) +/** + * @brief This function purpose is to Wait for semaphore with aTimeOut. aTimeOut is + * specified in milliseconds. + * + * + * @param[in] aSemId - Semaphore handle + * @param[in] aTimeOut - timeout in mSec, or DX_INFINITE + * + * @return The return values will be according to operating system return values. + */ +#define _DX_PAL_SemWait(aSemId, aTimeOut) sem_wait(aSemId) +/** + * @brief This function purpose is to signal the semaphore. + * + * + * @param[in] aSemId - Semaphore handle + * + * @return The return values will be according to operating system return values. + */ +#define _DX_PAL_SemGive(aSemId) sem_post(aSemId) + + + + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_string_plat.h b/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_string_plat.h new file mode 100644 index 0000000..9788fab --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_string_plat.h @@ -0,0 +1,66 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _DX_PAL_STRING_INT_H +#define _DX_PAL_STRING_INT_H + + +#ifdef __cplusplus +extern "C" +{ +#endif + +#include <string.h> +/** +* @brief File Description: +* This file conatins wrapper functions for string manipulation. +*/ + + +/*---------------------------- + PUBLIC FUNCTIONS +-----------------------------------*/ + +/** + * @brief A wrapper function for strlen functionality. The function returns the size of a given string + * + */ +#define _DX_PAL_StrLen strlen + +/** + * @brief A wrapper function for strstr functionality. The functions find a string in a string and + * return a pointer to it. + * + */ +#define _DX_PAL_FindStr strstr + +/** + * @brief A wrapper function for strchr functionality. The function finds a char in a given string. + * + */ +#define _DX_PAL_StrChr strchr + +/** + * @brief A wrapper function for strrchr functionality. The function finds a char inside a string + * (from the end) and returns a pointer to it + * + */ +#define _DX_PAL_StrRChr strrchr + +/** + * @brief A wrapper for strncpy functionality. The function copies a string. + * + */ +#define _DX_PAL_StrNCopy strncpy + + +#ifdef __cplusplus +} +#endif + +#endif + + diff --git a/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_types_plat.h b/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_types_plat.h new file mode 100644 index 0000000..d374ea3 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/pal/linux/dx_pal_types_plat.h @@ -0,0 +1,46 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef DX_PAL_TYPES_PLAT_H +#define DX_PAL_TYPES_PLAT_H +/* Host specific types for standard (ISO-C99) compilant platforms */ + +#include <stdint.h> +#include <stddef.h> + +#define DX_NULL NULL + +typedef unsigned int DxUint_t; +typedef uint8_t DxUint8_t; +typedef uint16_t DxUint16_t; +typedef uint32_t DxUint32_t; +typedef uint64_t DxUint64_t; + +typedef int DxInt_t; +typedef int8_t DxInt8_t; +typedef int16_t DxInt16_t; +typedef int32_t DxInt32_t; +typedef int64_t DxInt64_t; + +typedef char DxChar_t; +typedef short DxWideChar_t; + +/* Define macros for host to SeP endianess conversion (for host wrappers) */ +#include <endian.h> +#include <byteswap.h> +#if __BYTE_ORDER == __BIG_ENDIAN +#define cpu_to_le16(x) bswap_16(x) +#define le16_to_cpu(x) bswap_16(x) +#define cpu_to_le32(x) bswap_32(x) +#define le32_to_cpu(x) bswap_32(x) +#else /*__LITTLE_ENDIAN*/ +#define cpu_to_le16(x) x +#define le16_to_cpu(x) x +#define cpu_to_le32(x) x +#define le32_to_cpu(x) x +#endif /*__BYTE_ORDER*/ + +#endif /*DX_PAL_TYPES_PLAT_H*/ diff --git a/peripheral/keystore/chaabi/libcc54/include/proj/cc54/dx_init_cc_defs.h b/peripheral/keystore/chaabi/libcc54/include/proj/cc54/dx_init_cc_defs.h new file mode 100644 index 0000000..8c7e490 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/proj/cc54/dx_init_cc_defs.h @@ -0,0 +1,144 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef __DX_INIT_CC_DEFS__H__ +#define __DX_INIT_CC_DEFS__H__ + +/** @file dx_init_cc_defs.h +* \brief definitions for the CC54 initialization API +* +* \version +* \author avis +*/ + +/* message token to sep */ +/* CC_INIT definitions */ +#define DX_CC_INIT_HEAD_MSG_TOKEN 0X544B2FBAUL + +/*The below enumerator includes the offsets inside the CC_Init message*/ +/*The last enum is the length of the message */ +enum dx_cc_init_msg_offset { + DX_CC_INIT_MSG_TOKEN_OFFSET, + DX_CC_INIT_MSG_LENGTH_OFFSET, + DX_CC_INIT_MSG_OP_CODE_OFFSET, + DX_CC_INIT_MSG_FLAGS_OFFSET, + DX_CC_INIT_MSG_RESIDENT_IMAGE_OFFSET, + DX_CC_INIT_MSG_I_CACHE_IMAGE_OFFSET, + DX_CC_INIT_MSG_I_CACHE_DEST_OFFSET, + DX_CC_INIT_MSG_I_CACHE_SIZE_OFFSET, + DX_CC_INIT_MSG_D_CACHE_ADDR_OFFSET, + DX_CC_INIT_MSG_D_CACHE_SIZE_OFFSET, + DX_CC_INIT_MSG_CC_INIT_EXT_ADDR_OFFSET, + DX_CC_INIT_MSG_USER_CONFIG_OFFSET, + DX_CC_INIT_MSG_VRL_ADDR_OFFSET, + DX_CC_INIT_MSG_MAGIC_NUM_OFFSET, + DX_CC_INIT_MSG_KEY_INDEX_OFFSET, + DX_CC_INIT_MSG_KEY_HASH_0_OFFSET, + DX_CC_INIT_MSG_KEY_HASH_1_OFFSET, + DX_CC_INIT_MSG_KEY_HASH_2_OFFSET, + DX_CC_INIT_MSG_KEY_HASH_3_OFFSET, + DX_CC_INIT_MSG_CHECK_SUM_OFFSET, + DX_CC_INIT_MSG_LENGTH +}; + +/* Set this value if key used in the VRL is to be verified against KEY_HASH + fields in the CC_INIT message */ +#define DX_CC_INIT_MSG_VRL_KEY_INDEX_INVALID 0xFFFFFFFF + +enum dx_cc_init_msg_icache_size { + DX_CC_INIT_MSG_ICACHE_SCR_DISABLE_SIZE, + DX_CC_INIT_MSG_ICACHE_SCR_256K_SIZE, + DX_CC_INIT_MSG_ICACHE_SCR_1M_SIZE, + DX_CC_INIT_MSG_ICACHE_SCR_2M_SIZE, + DX_CC_INIT_MSG_ICACHE_SCR_4M_SIZE, + DX_CC_INIT_MSG_ICACHE_SCR_INVALID_SIZE +}; +/* Icache sizes enum to log2 - + * Map enum of dx_cc_init_msg_icache_size to log2(size) + * (-1) for invalid value. */ +#define DX_CC_ICACHE_SIZE_ENUM2LOG { -1, 18, 20, 21, 22, -1 } + +#define DX_CC_INIT_D_CACHE_MIN_SIZE_LOG2 17 /* 128KB */ +#define DX_CC_INIT_D_CACHE_MIN_SIZE (1 << DX_CC_INIT_D_CACHE_MIN_SIZE_LOG2) +#define DX_CC_INIT_D_CACHE_MAX_SIZE_LOG2 27 /* 128MB */ +#define DX_CC_INIT_D_CACHE_MAX_SIZE (1 << DX_CC_INIT_D_CACHE_MAX_SIZE_LOG2) + +/* Bit flags for the CC_Init flags word*/ +/* The CC_Init resident address address is valid (it might be passed via VRL) */ +#define DX_CC_INIT_FLAGS_RESIDENT_ADDR_FLAG 0x00000001 +/* The CC_Init I$ address address is valid (it might be passed via VRL) */ +#define DX_CC_INIT_FLAGS_I_CACHE_ADDR_FLAG 0x00000002 +/* The CC_Init D$ address address is valid (First CC_Init does not config. D$)*/ +#define DX_CC_INIT_FLAGS_D_CACHE_EXIST_FLAG 0x00000004 +/* The CC_Init extension address is valid and should be used */ +#define DX_CC_INIT_FLAGS_INIT_EXT_FLAG 0x00000008 +/* The I$ (and applets) should be encrypted */ +#define DX_CC_INIT_FLAGS_CACHE_ENC_FLAG 0x00000010 +/* The I$ (and applets) should be scrambled */ +#define DX_CC_INIT_FLAGS_CACHE_SCRAMBLE_FLAG 0x00000020 +/* The I$ (and applets) should be copied to new address (Icache address) */ +#define DX_CC_INIT_FLAGS_CACHE_COPY_FLAG 0x00000040 +/* use the magic number in the CC_Init to verify the VRL */ +#define DX_CC_INIT_FLAGS_MAGIC_NUMBER_FLAG 0x00000080 + + +#define DX_CC_INIT_FLAGS_CACHE_COPY_MASK_FLAG \ + (DX_CC_INIT_FLAGS_CACHE_ENC_FLAG | \ + DX_CC_INIT_FLAGS_CACHE_SCRAMBLE_FLAG | \ + DX_CC_INIT_FLAGS_CACHE_COPY_FLAG) + +/*------------------------------- + STRUCTURES +---------------------------------*/ +struct dx_cc_def_applet_msg { + uint32_t cc_flags; + uint32_t icache_image_addr; + uint32_t vrl_addr; + uint32_t magic_num; + uint32_t ver_key_index; + uint32_t hashed_key_val[4]; +}; + +/** + * struct dx_cc_init_msg - used for passing the parameters to the CC_Init API. + * The structure is converted in to the CC_Init message + * @cc_flags: Bits flags for different fields in the message + * @res_image_addr: resident image address in the HOST memory + * @Icache_image_addr: I$ image address in the HOST memeory + * @Icache_addr: I$ memory allocation in case the I$ is not placed + * (scramble or encrypted I$) + * @Icache_size: Icache size ( The totoal I$ for Dx image and all + * applets). The size is limited to: 256K,1M,2M and 4M. + * @Dcache_addr: D$ memory allocation in the HOST memory + * @Dcache_size: D$ memory allocation size + * @init_ext_addr: Address of the cc_Init extension message in the HOST + * @vrl_addr: The address of teh VRL in the HOST memory + * @magic_num: Requested VRL magic number + * @ver_key_index: The index of the verification key + * @output_buff_addr: buffer to the HOST memeory, where the secure boot + * process might write the results of the secure boot + * @output_buff_size: size of the out put buffer ( in bytes) + * @Hashed_key_val: the trunked hash value of teh verification key in case + * the OTP keys are not in use +*/ + +struct dx_cc_init_msg { + uint32_t cc_flags; + uint32_t res_image_addr; + uint32_t icache_image_addr; + uint32_t icache_addr; + enum dx_cc_init_msg_icache_size icache_size; + uint32_t dcache_addr; + uint32_t dcache_size; + uint32_t init_ext_addr; + uint32_t user_config; + uint32_t vrl_addr; + uint32_t magic_num; + uint32_t ver_key_index; + uint32_t hashed_key_val[4]; +}; + +#endif /*__DX_INIT_CC_DEFS__H__*/ diff --git a/peripheral/keystore/chaabi/libcc54/include/proj/cc54/sep_init_cc_errors.h b/peripheral/keystore/chaabi/libcc54/include/proj/cc54/sep_init_cc_errors.h new file mode 100644 index 0000000..7bab328 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/proj/cc54/sep_init_cc_errors.h @@ -0,0 +1,46 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef SEP_INIT_CC_ERROR_H +#define SEP_INIT_CC_ERROR_H + + +#include "sep_error.h" + + /*! \file lcs.h + \brief This file containes lcs definitions +*/ +#define DX_INIT_CC_OK DX_SEP_OK +/* DX_INIT_CC_MODULE_ERROR_BASE - 0xE0004000 */ +#define DX_CC_INIT_MSG_CS_ERROR (DX_INIT_CC_MODULE_ERROR_BASE + 0x1) +#define DX_CC_INIT_MSG_WRONG_TOKEN_ERROR (DX_INIT_CC_MODULE_ERROR_BASE + 0x2) +#define DX_CC_INIT_MSG_WRONG_OP_CODE_ERROR (DX_INIT_CC_MODULE_ERROR_BASE + 0x3) +#define DX_CC_INIT_MSG_WRONG_RESIDENT_ADDR_ERROR (DX_INIT_CC_MODULE_ERROR_BASE + 0x4) +#define DX_CC_INIT_MSG_WRONG_I_CACHE_ADDR_ERROR (DX_INIT_CC_MODULE_ERROR_BASE + 0x5) +#define DX_CC_INIT_MSG_WRONG_I_CACHE_DEST_ERROR (DX_INIT_CC_MODULE_ERROR_BASE + 0x6) +#define DX_CC_INIT_MSG_WRONG_D_CACHE_ADDR_ERROR (DX_INIT_CC_MODULE_ERROR_BASE + 0x7) +#define DX_CC_INIT_MSG_WRONG_D_CACHE_SIZE_ERROR (DX_INIT_CC_MODULE_ERROR_BASE + 0x8) +#define DX_CC_INIT_MSG_WRONG_INIT_EXT_ADDR_ERROR (DX_INIT_CC_MODULE_ERROR_BASE + 0x9) +#define DX_CC_INIT_MSG_WRONG_VRL_ADDR_ERROR (DX_INIT_CC_MODULE_ERROR_BASE + 0xA) +#define DX_CC_INIT_MSG_WRONG_MAGIC_NUM_ERROR (DX_INIT_CC_MODULE_ERROR_BASE + 0xB) +#define DX_CC_INIT_MSG_WRONG_OUTPUT_BUFF_ADDR_ERROR (DX_INIT_CC_MODULE_ERROR_BASE + 0xC) +#define DX_CC_INIT_MSG_WRONG_OUTPUT_BUFF_SIZE_ERROR (DX_INIT_CC_MODULE_ERROR_BASE + 0xD) +#define DX_RESERVED_0_ERROR (DX_INIT_CC_MODULE_ERROR_BASE + 0xE) + + + +/* DX_INIT_CC_EXT_MODULE_ERROR_BASE - 0xE0005000 */ +#define DX_CC_INIT_EXT_FIRST_PARAM_ERRR (DX_INIT_CC_EXT_MODULE_ERROR_BASE + 0x1) +#define DX_CC_INIT_EXT_WRONG_LAST_PARAM_LENGTH_ERRR (DX_INIT_CC_EXT_MODULE_ERROR_BASE + 0x2) +#define DX_CC_INIT_EXT_WRONG_CHECKSUM_VALUE_ERRR (DX_INIT_CC_EXT_MODULE_ERROR_BASE + 0x3) +#define DX_CC_INIT_EXT_WRONG_DISABLE_MODULE_LENGTH_ERRR (DX_INIT_CC_EXT_MODULE_ERROR_BASE + 0x4) +#define DX_CC_INIT_EXT_WRONG_AXI_CONFIG_LENGTH_ERRR (DX_INIT_CC_EXT_MODULE_ERROR_BASE + 0x5) +#define DX_CC_INIT_EXT_WRONG_PARAM_ERRR (DX_INIT_CC_EXT_MODULE_ERROR_BASE + 0x6) +#define DX_CC_INIT_EXT_EXCEED_MAX_PARAM_PARAM_ERRR (DX_INIT_CC_EXT_MODULE_ERROR_BASE + 0x7) +#define DX_CC_INIT_EXT_WRONG_SEP_FREQ_LENGTH_ERRR (DX_INIT_CC_EXT_MODULE_ERROR_BASE + 0x8) + + +#endif diff --git a/peripheral/keystore/chaabi/libcc54/include/proj/cc54/sep_sram_map.h b/peripheral/keystore/chaabi/libcc54/include/proj/cc54/sep_sram_map.h new file mode 100644 index 0000000..f37f279 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/proj/cc54/sep_sram_map.h @@ -0,0 +1,22 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* This file contains the definitions of the OTP data that the SEP copies +into the SRAM during the first boot process */ + + +#ifndef _SEP_SRAM_MAP_ +#define _SEP_SRAM_MAP_ + +#define DX_FIRST_OEM_KEY_OFFSET_IN_SRAM 0x0 +#define DX_SECOND_OEM_KEY_OFFSET_IN_SRAM 0x4 +#define DX_THIRD_OEM_KEY_OFFSET_IN_SRAM 0x8 +#define DX_LCS_OFFSET_IN_SRAM 0xC +#define DX_MISC_OFFSET_IN_SRAM 0xD +#define DX_CC_INIT_MSG_OFFSET_IN_SRAM 0x100 +#define DX_PKA_MEMORY_OFFSET_IN_SRAM 0x200 + +#endif /*_GEN_SRAM_MAP_*/ diff --git a/peripheral/keystore/chaabi/libcc54/include/sep_ctx.h b/peripheral/keystore/chaabi/libcc54/include/sep_ctx.h new file mode 100644 index 0000000..c080301 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/sep_ctx.h @@ -0,0 +1,278 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _SEP_CTX_H_ +#define _SEP_CTX_H_ +#ifdef __KERNEL__ +#include <linux/types.h> +#define INT32_MAX 0x7FFFFFFFL +#else +#include <stdint.h> +#endif + +#include "dx_cc_defs.h" + +#ifndef max +#define max(a, b) ((a) > (b) ? (a) : (b)) +#define min(a, b) ((a) < (b) ? (a) : (b)) +#endif + +/* SeP context size */ +#define SEP_CTX_SIZE_LOG2 7 +#define SEP_CTX_SIZE (1<<SEP_CTX_SIZE_LOG2) +#define SEP_CTX_SIZE_WORDS (SEP_CTX_SIZE >> 2) + +#define SEP_DES_IV_SIZE 8 +#define SEP_DES_BLOCK_SIZE 8 + +#define SEP_DES_ONE_KEY_SIZE 8 +#define SEP_DES_DOUBLE_KEY_SIZE 16 +#define SEP_DES_TRIPLE_KEY_SIZE 24 +#define SEP_DES_KEY_SIZE_MAX SEP_DES_TRIPLE_KEY_SIZE + + +#define SEP_AES_IV_SIZE 16 +#define SEP_AES_IV_SIZE_WORDS (SEP_AES_IV_SIZE >> 2) + +#define SEP_AES_BLOCK_SIZE 16 +#define SEP_AES_BLOCK_SIZE_WORDS 4 + +#define SEP_AES_128_BIT_KEY_SIZE 16 +#define SEP_AES_128_BIT_KEY_SIZE_WORDS (SEP_AES_128_BIT_KEY_SIZE >> 2) +#define SEP_AES_192_BIT_KEY_SIZE 24 +#define SEP_AES_192_BIT_KEY_SIZE_WORDS (SEP_AES_192_BIT_KEY_SIZE >> 2) +#define SEP_AES_256_BIT_KEY_SIZE 32 +#define SEP_AES_256_BIT_KEY_SIZE_WORDS (SEP_AES_256_BIT_KEY_SIZE >> 2) +#define SEP_AES_KEY_SIZE_MAX SEP_AES_256_BIT_KEY_SIZE +#define SEP_AES_KEY_SIZE_WORDS_MAX (SEP_AES_KEY_SIZE_MAX >> 2) + +#define SEP_SHA1_DIGEST_SIZE 20 +#define SEP_SHA224_DIGEST_SIZE 28 +#define SEP_SHA256_DIGEST_SIZE 32 +#define SEP_SHA384_DIGEST_SIZE 48 +#define SEP_SHA512_DIGEST_SIZE 64 +#define SEP_SHA1024_DIGEST_SIZE 128 + +#define SEP_SHA1_BLOCK_SIZE 64 +#define SEP_SHA224_BLOCK_SIZE 64 +#define SEP_SHA256_BLOCK_SIZE 64 +#define SEP_SHA1_224_256_BLOCK_SIZE 64 +#define SEP_SHA384_BLOCK_SIZE 128 +#define SEP_SHA512_BLOCK_SIZE 128 +#define SEP_SHA1024_BLOCK_SIZE 128 + +#if (SEP_SUPPORT_SHA > 256) +#define SEP_DIGEST_SIZE_MAX SEP_SHA512_DIGEST_SIZE +#define SEP_HASH_BLOCK_SIZE_MAX SEP_SHA512_BLOCK_SIZE /*1024b*/ +#else /* Only up to SHA256 */ +#define SEP_DIGEST_SIZE_MAX SEP_SHA256_DIGEST_SIZE +#define SEP_HASH_BLOCK_SIZE_MAX SEP_SHA256_BLOCK_SIZE /*256*/ +#endif + +#define SEP_HMAC_BLOCK_SIZE_MAX SEP_HASH_BLOCK_SIZE_MAX + +#define SEP_RC4_KEY_SIZE_MIN 1 +#define SEP_RC4_KEY_SIZE_MAX 20 +#define SEP_RC4_STATE_SIZE 264 + +#define SEP_C2_KEY_SIZE_MAX 16 +#define SEP_C2_BLOCK_SIZE 8 + +#define SEP_ALG_MAX_BLOCK_SIZE SEP_HASH_BLOCK_SIZE_MAX + +#define SEP_MAX_COMBINED_ENGINES 4 + +#define SEP_MAX_CTX_SIZE (max(sizeof(struct sep_ctx_rc4), \ + sizeof(struct sep_ctx_cache_entry))) +enum sep_engine_type { + SEP_ENGINE_NULL = 0, + SEP_ENGINE_AES = 1, + SEP_ENGINE_DES = 2, + SEP_ENGINE_HASH = 3, + SEP_ENGINE_RC4 = 4, + SEP_ENGINE_DOUT = 5, + SEP_ENGINE_RESERVE32B = INT32_MAX, +}; + +enum sep_crypto_alg { + SEP_CRYPTO_ALG_NULL = -1, + SEP_CRYPTO_ALG_AES = 0, + SEP_CRYPTO_ALG_DES = 1, + SEP_CRYPTO_ALG_HASH = 2, + SEP_CRYPTO_ALG_RC4 = 3, + SEP_CRYPTO_ALG_C2 = 4, + SEP_CRYPTO_ALG_HMAC = 5, + SEP_CRYPTO_ALG_AEAD = 6, + SEP_CRYPTO_ALG_BYPASS = 7, + SEP_CRYPTO_ALG_COMBINED = 8, + SEP_CRYPTO_ALG_NUM = 9, + SEP_CRYPTO_ALG_RESERVE32B = INT32_MAX +}; + +enum sep_crypto_direction { + SEP_CRYPTO_DIRECTION_NULL = -1, + SEP_CRYPTO_DIRECTION_ENCRYPT = 0, + SEP_CRYPTO_DIRECTION_DECRYPT = 1, + SEP_CRYPTO_DIRECTION_DECRYPT_ENCRYPT = 3, + SEP_CRYPTO_DIRECTION_RESERVE32B = INT32_MAX +}; + +enum sep_cipher_mode { + SEP_CIPHER_NULL_MODE = -1, + SEP_CIPHER_ECB = 0, + SEP_CIPHER_CBC = 1, + SEP_CIPHER_CTR = 2, + SEP_CIPHER_CBC_MAC = 3, + SEP_CIPHER_XTS = 4, + SEP_CIPHER_XCBC_MAC = 5, + SEP_CIPHER_CMAC = 7, + SEP_CIPHER_CCM = 8, + SEP_CIPHER_RESERVE32B = INT32_MAX +}; + +enum sep_hash_mode { + SEP_HASH_NULL = -1, + SEP_HASH_SHA1 = 0, + SEP_HASH_SHA256 = 1, + SEP_HASH_SHA224 = 2, + SEP_HASH_MODE_NUM = 3, + + /* Unsupported */ + SEP_HASH_SHA512 = 3, + SEP_HASH_SHA384 = 4, + SEP_HASH_RESERVE32B = INT32_MAX +}; + +enum sep_hash_hw_mode { + SEP_HASH_HW_SHA1 = 1, + SEP_HASH_HW_SHA256 = 2, + SEP_HASH_HW_SHA224 = 10, + SEP_HASH_HW_SHA512 = 4, + SEP_HASH_HW_SHA384 = 12, + SEP_HASH_HW_RESERVE32B = INT32_MAX +}; + +enum sep_c2_mode { + SEP_C2_NULL = -1, + SEP_C2_ECB = 0, + SEP_C2_CBC = 1, + SEP_C2_RESERVE32B = INT32_MAX +}; + + +/*******************************************************************/ +/***************** DESCRIPTOR BASED CONTEXTS ***********************/ +/*******************************************************************/ + + /* Generic context ("super-class") */ +struct sep_ctx_generic { + enum sep_crypto_alg alg; +} __attribute__((__may_alias__)); + +/* Cache context entry ("sub-class") */ +struct sep_ctx_cache_entry { + enum sep_crypto_alg alg; + uint32_t reserved[SEP_CTX_SIZE_WORDS - 1]; +}; + +struct sep_ctx_c2 { + enum sep_crypto_alg alg; /* SEP_CRYPTO_ALG_C2 */ + enum sep_c2_mode mode; + enum sep_crypto_direction direction; + /* reserve to end of allocated context size */ + uint32_t key_size; /* numeric value in bytes */ + uint8_t key[SEP_C2_KEY_SIZE_MAX]; + uint8_t reserved[SEP_CTX_SIZE - 4 * sizeof(uint32_t) - + SEP_C2_KEY_SIZE_MAX]; +}; + +struct sep_ctx_hash { + enum sep_crypto_alg alg; /* SEP_CRYPTO_ALG_HASH */ + enum sep_hash_mode mode; + uint8_t digest[SEP_DIGEST_SIZE_MAX]; + /* reserve to end of allocated context size */ + uint8_t reserved[SEP_CTX_SIZE - 2 * sizeof(uint32_t) - + SEP_DIGEST_SIZE_MAX]; +}; + +/* !!!! sep_ctx_hmac should have the same structure as sep_ctx_hash except + k0, k0_size fields */ +struct sep_ctx_hmac { + enum sep_crypto_alg alg; /* SEP_CRYPTO_ALG_HMAC */ + enum sep_hash_mode mode; + uint8_t digest[SEP_DIGEST_SIZE_MAX]; + uint8_t k0[SEP_HMAC_BLOCK_SIZE_MAX]; + uint32_t k0_size; + /* reserve to end of allocated context size */ + uint8_t reserved[SEP_CTX_SIZE - 3 * sizeof(uint32_t) - + SEP_DIGEST_SIZE_MAX - SEP_HMAC_BLOCK_SIZE_MAX]; +}; + +struct sep_ctx_cipher { + enum sep_crypto_alg alg; /* SEP_CRYPTO_ALG_AES */ + enum sep_cipher_mode mode; + enum sep_crypto_direction direction; + DX_CRYPTO_KEY_TYPE_t crypto_key_type; + uint32_t key_size; /* numeric value in bytes */ + uint32_t data_unit_size; /* required for XTS */ + /* block_state is the AES engine block state. + * It is used by the host to pass IV or counter at initialization. + * It is used by SeP for intermediate block chaining state and for + * returning MAC algorithms results. */ + uint8_t block_state[SEP_AES_BLOCK_SIZE]; + uint8_t key[SEP_AES_KEY_SIZE_MAX]; + uint8_t xex_key[SEP_AES_KEY_SIZE_MAX]; + /* reserve to end of allocated context size */ + uint32_t reserved[SEP_CTX_SIZE_WORDS - 6 - + SEP_AES_BLOCK_SIZE/sizeof(uint32_t) - 2 * + (SEP_AES_KEY_SIZE_MAX/sizeof(uint32_t))]; +}; + +/* authentication and encryption with associated data class */ +struct sep_ctx_aead { + enum sep_crypto_alg alg; /* SEP_CRYPTO_ALG_AES */ + enum sep_cipher_mode mode; + enum sep_crypto_direction direction; + uint32_t key_size; /* numeric value in bytes */ + uint32_t nonce_size; /* nonce size (octets) */ + uint32_t header_size; /* finit additional data size (octets) */ + uint32_t text_size; /* finit text data size (octets) */ + uint32_t tag_size; /* mac size, element of {4, 6, 8, 10, 12, 14, 16} */ + /* block_state1/2 is the AES engine block state */ + uint8_t block_state[SEP_AES_BLOCK_SIZE]; + uint8_t mac_state[SEP_AES_BLOCK_SIZE]; /* MAC result */ + uint8_t nonce[SEP_AES_BLOCK_SIZE]; /* nonce buffer */ + uint8_t key[SEP_AES_KEY_SIZE_MAX]; + /* reserve to end of allocated context size */ + uint32_t reserved[SEP_CTX_SIZE_WORDS - 8 - + 3 * (SEP_AES_BLOCK_SIZE/sizeof(uint32_t)) - + SEP_AES_KEY_SIZE_MAX/sizeof(uint32_t)]; +}; + +/* crys combined context */ +struct sep_ctx_combined { + enum sep_crypto_alg alg; + uint32_t mode; + /* array of sub contexts used for the combined operation * + * according to the given mode */ + struct sep_ctx_cache_entry *sub_ctx[SEP_MAX_COMBINED_ENGINES]; + /* store the host contexts addresses (optimization) */ + uint32_t hostAddr[SEP_MAX_COMBINED_ENGINES]; +}; + +/*******************************************************************/ +/***************** MESSAGE BASED CONTEXTS **************************/ +/*******************************************************************/ + +struct sep_ctx_rc4 { + enum sep_crypto_alg alg; /* SEP_CRYPTO_ALG_RC4 */ + uint32_t key_size; /* numeric value in bytes */ + uint8_t key[SEP_RC4_KEY_SIZE_MAX]; + uint8_t state[SEP_RC4_STATE_SIZE]; +}; + +#endif /* _SEP_CTX_H_ */ + diff --git a/peripheral/keystore/chaabi/libcc54/include/sep_lli.h b/peripheral/keystore/chaabi/libcc54/include/sep_lli.h new file mode 100644 index 0000000..ac21f84 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/sep_lli.h @@ -0,0 +1,66 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _SEP_LLI_H_ +#define _SEP_LLI_H_ +#ifdef __KERNEL__ +#include <linux/types.h> +#else +#include <stdint.h> +#endif +#include "dx_bitops.h" + +#define SEP_LLI_GET(lli_p, lli_field) BITFIELD_GET( \ + ((uint32_t *)(lli_p))[SEP_LLI_ ## lli_field ## _WORD_OFFSET], \ + SEP_LLI_ ## lli_field ## _BIT_OFFSET, \ + SEP_LLI_ ## lli_field ## _BIT_SIZE) +#define SEP_LLI_SET(lli_p, lli_field, new_val) BITFIELD_SET( \ + ((uint32_t *)(lli_p))[SEP_LLI_ ## lli_field ## _WORD_OFFSET], \ + SEP_LLI_ ## lli_field ## _BIT_OFFSET, \ + SEP_LLI_ ## lli_field ## _BIT_SIZE, \ + new_val) + +#define SEP_LLI_INIT(lli_p) do { \ + ((uint32_t *)(lli_p))[0] = 0; \ + ((uint32_t *)(lli_p))[1] = 0; \ + } while (0) + +/* Copy local LLI scratchpad to SeP LLI buffer */ +#define SEP_LLI_COPY_TO_SEP(sep_lli_p, host_lli_p) do { \ + int i; \ + for (i = 0; i < SEP_LLI_ENTRY_WORD_SIZE; i++) \ + ((uint32_t *)(sep_lli_p))[i] = \ + cpu_to_le32(((uint32_t *)(host_lli_p))[i]); \ +} while (0) +/* and vice-versa */ +#define SEP_LLI_COPY_FROM_SEP(host_lli_p, sep_lli_p) do { \ + int i; \ + for (i = 0; i < SEP_LLI_ENTRY_WORD_SIZE; i++) \ + ((uint32_t *)(host_lli_p))[i] = \ + le32_to_cpu(((uint32_t *)(sep_lli_p))[i]);\ +} while (0) + +/* Size of entry */ +#define SEP_LLI_ENTRY_WORD_SIZE 2 +#define SEP_LLI_ENTRY_BYTE_SIZE (SEP_LLI_ENTRY_WORD_SIZE * sizeof(uint32_t)) + +/* (DMA) Address: ADDR */ +#define SEP_LLI_ADDR_WORD_OFFSET 0 +#define SEP_LLI_ADDR_BIT_OFFSET 0 +#define SEP_LLI_ADDR_BIT_SIZE 32 +/* Size: SIZE */ +#define SEP_LLI_SIZE_WORD_OFFSET 1 +#define SEP_LLI_SIZE_BIT_OFFSET 0 +#define SEP_LLI_SIZE_BIT_SIZE 30 +/* First/Last LLI entries bit marks: FIRST, LAST */ +#define SEP_LLI_FIRST_WORD_OFFSET 1 +#define SEP_LLI_FIRST_BIT_OFFSET 30 +#define SEP_LLI_FIRST_BIT_SIZE 1 +#define SEP_LLI_LAST_WORD_OFFSET 1 +#define SEP_LLI_LAST_BIT_OFFSET 31 +#define SEP_LLI_LAST_BIT_SIZE 1 + +#endif /*_SEP_LLI_H_*/ diff --git a/peripheral/keystore/chaabi/libcc54/include/sep_request.h b/peripheral/keystore/chaabi/libcc54/include/sep_request.h new file mode 100644 index 0000000..efd2643 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/sep_request.h @@ -0,0 +1,76 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _SEP_REQUEST_H_ +#define _SEP_REQUEST_H_ +#ifdef __KERNEL__ +#include <linux/types.h> +#else +#include <stdint.h> +#endif +#include "dx_bitops.h" + +#define DX_SEP_REQUEST_GPR_IDX 3 + +#define DX_SEP_REQUEST_4KB_MASK 0xFFF +#define DX_SEP_REQUEST_MIN_BUF_SIZE (4*1024) +#define DX_SEP_REQUEST_MAX_BUF_SIZE (32*1024) + +/* Protocol error codes */ +#define DX_SEP_REQUEST_SUCCESS 0x00 +#define DX_SEP_REQUEST_OUT_OF_SYNC_ERR 0x01 +#define DX_SEP_REQUEST_INVALID_REQ_SIZE_ERR 0x02 +#define DX_SEP_REQUEST_INVALID_AGENT_ID_ERR 0x03 + +/* Sep Request GPR3 format (Sep to Host) */ +#define DX_SEP_REQUEST_AGENT_ID_BIT_OFFSET 0 +#define DX_SEP_REQUEST_AGENT_ID_BIT_SIZE 8 +#define DX_SEP_REQUEST_COUNTER_BIT_OFFSET 8 +#define DX_SEP_REQUEST_COUNTER_BIT_SIZE 8 +#define DX_SEP_REQUEST_REQ_LEN_BIT_OFFSET 16 +#define DX_SEP_REQUEST_REQ_LEN_BIT_SIZE 16 + +/* Sep Request GPR3 format (Host to Sep) */ +#define DX_SEP_REQUEST_RETURN_CODE_BIT_OFFSET 0 +#define DX_SEP_REQUEST_RETURN_CODE_BIT_SIZE 8 +/* #define DX_SEP_REQUEST_COUNTER_BIT_OFFSET 8 */ +/* #define DX_SEP_REQUEST_COUNTER_BIT_SIZE 8 */ +#define DX_SEP_REQUEST_RESP_LEN_BIT_OFFSET 16 +#define DX_SEP_REQUEST_RESP_LEN_BIT_SIZE 16 + +/* Get/Set macros */ +#define SEP_REQUEST_GET_AGENT_ID(gpr) BITFIELD_GET( \ + (gpr), DX_SEP_REQUEST_AGENT_ID_BIT_OFFSET, \ + DX_SEP_REQUEST_AGENT_ID_BIT_SIZE) +#define SEP_REQUEST_SET_AGENT_ID(gpr, val) BITFIELD_SET( \ + (gpr), DX_SEP_REQUEST_AGENT_ID_BIT_OFFSET, \ + DX_SEP_REQUEST_AGENT_ID_BIT_SIZE, (val)) +#define SEP_REQUEST_GET_RETURN_CODE(gpr) BITFIELD_GET( \ + (gpr), DX_SEP_REQUEST_RETURN_CODE_BIT_OFFSET, \ + DX_SEP_REQUEST_RETURN_CODE_BIT_SIZE) +#define SEP_REQUEST_SET_RETURN_CODE(gpr, val) BITFIELD_SET( \ + (gpr), DX_SEP_REQUEST_RETURN_CODE_BIT_OFFSET, \ + DX_SEP_REQUEST_RETURN_CODE_BIT_SIZE, (val)) +#define SEP_REQUEST_GET_COUNTER(gpr) BITFIELD_GET( \ + (gpr), DX_SEP_REQUEST_COUNTER_BIT_OFFSET, \ + DX_SEP_REQUEST_COUNTER_BIT_SIZE) +#define SEP_REQUEST_SET_COUNTER(gpr, val) BITFIELD_SET( \ + (gpr), DX_SEP_REQUEST_COUNTER_BIT_OFFSET, \ + DX_SEP_REQUEST_COUNTER_BIT_SIZE, (val)) +#define SEP_REQUEST_GET_REQ_LEN(gpr) BITFIELD_GET( \ + (gpr), DX_SEP_REQUEST_REQ_LEN_BIT_OFFSET, \ + DX_SEP_REQUEST_REQ_LEN_BIT_SIZE) +#define SEP_REQUEST_SET_REQ_LEN(gpr, val) BITFIELD_SET( \ + (gpr), DX_SEP_REQUEST_REQ_LEN_BIT_OFFSET, \ + DX_SEP_REQUEST_REQ_LEN_BIT_SIZE, (val)) +#define SEP_REQUEST_GET_RESP_LEN(gpr) BITFIELD_GET( \ + (gpr), DX_SEP_REQUEST_RESP_LEN_BIT_OFFSET, \ + DX_SEP_REQUEST_RESP_LEN_BIT_SIZE) +#define SEP_REQUEST_SET_RESP_LEN(gpr, val) BITFIELD_SET( \ + (gpr), DX_SEP_REQUEST_RESP_LEN_BIT_OFFSET, \ + DX_SEP_REQUEST_RESP_LEN_BIT_SIZE, (val)) + +#endif /*_SEP_REQUEST_H_*/ diff --git a/peripheral/keystore/chaabi/libcc54/include/sep_rpc.h b/peripheral/keystore/chaabi/libcc54/include/sep_rpc.h new file mode 100644 index 0000000..ef728bc --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/sep_rpc.h @@ -0,0 +1,91 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef __SEP_RPC_H__ +#define __SEP_RPC_H__ + +/* SeP RPC infrastructure API */ +#ifdef __KERNEL__ +#include <linux/types.h> + +#else +#include "dx_pal_types.h" + +#endif /*__KERNEL__*/ + +/* Maximum size of SeP RPC message in bytes */ +#define SEP_RPC_MAX_MSG_SIZE 8191 +#define SEP_RPC_MAX_WORKSPACE_SIZE 8191 + +/* The maximum allowed user memory references per function + (CRYS requires only 2, but GPAPI/TEE needs up to 4) */ +#define SEP_RPC_MAX_MEMREF_PER_FUNC 4 + +/* If this macro is not provided by the includer of this file, + the log message would be dropped */ +#ifndef SEP_RPC_LOG +#define SEP_RPC_LOG(format, ...) do {} while (0) +#endif + +#define SEP_RPC_ASSERT(cond, inval_param_retcode) if (!(cond)) { \ + SEP_RPC_LOG("SEP_RPC_ASSERT: %s\n", #cond); \ + return inval_param_retcode; \ +} + +/* NOTE: + All data must be in little (SeP) endian */ + +typedef enum seprpc_retcode { + SEPRPC_RET_OK = 0, + SEPRPC_RET_ERROR, /*Generic error code (not one of the others)*/ + SEPRPC_RET_EINVAL_AGENT, /* Unknown agent ID */ + SEPRPC_RET_EINVAL_FUNC, /* Unknown function ID for given agent */ + SEPRPC_RET_EINVAL, /* Invalid parameter */ + SEPRPC_RET_ENORSC, /* Not enough resources to complete request */ + SEPRPC_RET_RESERVE32 = 0x7FFFFFFF /* assure this enum is 32b */ +} seprpc_retcode_t; + +/* The ID of a SeP RPC Agent (API name/index space) */ +typedef uint16_t seprpc_agent_id_t; + +/* A function ID (index?) in the scope of a given agent */ +typedef uint16_t seprpc_func_id_t; + +typedef enum seprpc_memref_type { + SEPRPC_MEMREF_NULL = 0, /* Invalid memory reference */ + SEPRPC_MEMREF_EMBED = 1, /* Data embedded in parameters message */ + SEPRPC_MEMREF_DLLI = 2, + SEPRPC_MEMREF_MLLI = 3, + SEPRPC_MEMREF_MAX = SEPRPC_MEMREF_MLLI, + SEPRPC_MEMREF_RESERVE32 = 0x7FFFFFFF /* assure this enum is 32b */ +} seprpc_memref_type_t; + +/* A strcuture to pass host memory reference */ +struct seprpc_memref { + seprpc_memref_type_t ref_type; + uint32_t location; + uint32_t size; + uint32_t count; + /* SEPRPC_MEMREF_EMBED: location= offset in SepRpc_Params . + size= data size in bytes. count= N/A */ + /* SEPRPC_MEMREF_DLLI: location= DMA address of data in host memory. + size= data size in bytes. count= N/A. */ + /* SEPRPC_MEMREF_MLLI: location= DMA address of first MLLI table. + size= size in bytes of first table. + count= Num. of MLLI tables.*/ +}; + +struct seprpc_params { + uint32_t num_of_memrefs; /* Number of elements in the memRef array */ + struct seprpc_memref memref[1]; + /* This array is actually in the size of numOfMemRefs + (i.e., it is just a placeholder that may be void) */ + /* Following this array comes the function-specific parameters */ +} __attribute__((__may_alias__)); + + + +#endif /*__SEP_RPC_H__*/ diff --git a/peripheral/keystore/chaabi/libcc54/include/sep_sw_desc.h b/peripheral/keystore/chaabi/libcc54/include/sep_sw_desc.h new file mode 100644 index 0000000..e51cc14 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/sep_sw_desc.h @@ -0,0 +1,452 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#ifndef _SEP_SW_DESC_H_ +#define _SEP_SW_DESC_H_ +#ifdef __KERNEL__ +#include <linux/types.h> +#else +#include <stdint.h> +#endif +#include "dx_bitops.h" +#include "sep_rpc.h" + +/* Common descriptor fields access (type independent) */ +/* To be used with fields: TYPE, RET_CODE, COOKIE */ +#define SEP_SW_DESC_GET(desc_p, desc_field) BITFIELD_GET( \ + ((uint32_t *)(desc_p))[SEP_SW_DESC_ ## desc_field ## _WORD_OFFSET], \ + SEP_SW_DESC_ ## desc_field ## _BIT_OFFSET, \ + SEP_SW_DESC_ ## desc_field ## _BIT_SIZE) +#define SEP_SW_DESC_SET(desc_p, desc_field, new_val) BITFIELD_SET( \ + ((uint32_t *)(desc_p))[SEP_SW_DESC_ ## desc_field ## _WORD_OFFSET], \ + SEP_SW_DESC_ ## desc_field ## _BIT_OFFSET, \ + SEP_SW_DESC_ ## desc_field ## _BIT_SIZE, \ + new_val) + +/* Type specific descriptor fields access */ +#define SEP_SW_DESC_GET4TYPE(desc_p, desc_type, desc_field) BITFIELD_GET( \ + ((uint32_t *)(desc_p)) \ + [SEP_SW_DESC_ ## desc_type ## _ ## desc_field ## _WORD_OFFSET], \ + SEP_SW_DESC_ ## desc_type ## _ ## desc_field ## _BIT_OFFSET, \ + SEP_SW_DESC_ ## desc_type ## _ ## desc_field ## _BIT_SIZE) +#define SEP_SW_DESC_SET4TYPE(desc_p, desc_type, desc_field, new_val) \ + BITFIELD_SET( \ + ((uint32_t *)(desc_p)) \ + [SEP_SW_DESC_ ## desc_type ## _ ## desc_field ## _WORD_OFFSET], \ + SEP_SW_DESC_ ## desc_type ## _ ## desc_field ## _BIT_OFFSET, \ + SEP_SW_DESC_ ## desc_type ## _ ## desc_field ## _BIT_SIZE, new_val) + +#define SEP_SW_DESC_INIT(desc_p) do { \ + memset(desc_p, 0, SEP_SW_DESC_WORD_SIZE * sizeof(uint32_t)); \ +} while (0) + +/* Total descriptor size in 32b words */ +#define SEP_SW_DESC_WORD_SIZE 8 +#define SEP_SW_DESC_WORD_SIZE_LOG 3 + +/***********************************/ +/* Common bit fields definitions */ +/***********************************/ + /* Descriptor type: TYPE */ +#define SEP_SW_DESC_TYPE_WORD_OFFSET 0 +#define SEP_SW_DESC_TYPE_BIT_OFFSET 0 +#define SEP_SW_DESC_TYPE_BIT_SIZE 4 +/* Descriptor type encoding */ +enum sep_sw_desc_type { + SEP_SW_DESC_TYPE_NULL = 0, + SEP_SW_DESC_TYPE_CRYPTO_OP = 0x1, + SEP_SW_DESC_TYPE_RPC_MSG = 0x2, + SEP_SW_DESC_TYPE_APP_REQ = 0x3, + SEP_SW_DESC_TYPE_LOAD_OP = 0x4, + SEP_SW_DESC_TYPE_COMBINED_OP = 0x5, + SEP_SW_DESC_TYPE_SLEEP_REQ = 0x6, + SEP_SW_DESC_TYPE_DEBUG = 0xF + /* Only 4 bits - do not extend to 32b */ +}; + +enum sep_sw_desc_retcode { + SEP_SW_DESC_RET_OK = 0, + SEP_SW_DESC_RET_EINVAL_DESC_TYPE /* Invalid descriptor type */ +}; + +/* Return code: RET_CODE */ +#define SEP_SW_DESC_RET_CODE_WORD_OFFSET 6 +#define SEP_SW_DESC_RET_CODE_BIT_OFFSET 0 +#define SEP_SW_DESC_RET_CODE_BIT_SIZE 32 + +/* Descriptor cookie: COOKIE */ +#define SEP_SW_DESC_COOKIE_WORD_OFFSET 7 +#define SEP_SW_DESC_COOKIE_BIT_OFFSET 0 +#define SEP_SW_DESC_COOKIE_BIT_SIZE 32 + + +/****************************************/ +/* Crypto-Op descriptor type: CRYPTO_OP */ +/****************************************/ + +/* L bit: Load cache: L */ +#define SEP_SW_DESC_CRYPTO_OP_L_WORD_OFFSET 0 +#define SEP_SW_DESC_CRYPTO_OP_L_BIT_OFFSET 31 +#define SEP_SW_DESC_CRYPTO_OP_L_BIT_SIZE 1 + +/* I bit: Initialize context: I */ +#define SEP_SW_DESC_CRYPTO_OP_I_WORD_OFFSET 0 +#define SEP_SW_DESC_CRYPTO_OP_I_BIT_OFFSET 30 +#define SEP_SW_DESC_CRYPTO_OP_I_BIT_SIZE 1 + +/* Process mode: PROC_MODE */ +#define SEP_SW_DESC_CRYPTO_OP_PROC_MODE_WORD_OFFSET 0 +#define SEP_SW_DESC_CRYPTO_OP_PROC_MODE_BIT_OFFSET 28 +#define SEP_SW_DESC_CRYPTO_OP_PROC_MODE_BIT_SIZE 2 +/* Process mode field options */ +enum sep_proc_mode { + SEP_PROC_MODE_NOP = 0, + SEP_PROC_MODE_PROC_T = 1, /* Process (Text data) */ + SEP_PROC_MODE_FIN = 2, /* Finalize (optional: with text data) */ + SEP_PROC_MODE_PROC_A = 3 /* Process (Additional/Auth. data) */ + /* Only 2b - do not extend to 32b */ +}; + +/* SeP/FW Cache Index: FW_CACHE_IDX */ +#define SEP_SW_DESC_CRYPTO_OP_FW_CACHE_IDX_WORD_OFFSET 0 +#define SEP_SW_DESC_CRYPTO_OP_FW_CACHE_IDX_BIT_OFFSET 4 +#define SEP_SW_DESC_CRYPTO_OP_FW_CACHE_IDX_BIT_SIZE 8 + +/* HCB address: HCB_ADDR */ +#define SEP_SW_DESC_CRYPTO_OP_HCB_ADDR_WORD_OFFSET 3 +#define SEP_SW_DESC_CRYPTO_OP_HCB_ADDR_BIT_OFFSET 0 +#define SEP_SW_DESC_CRYPTO_OP_HCB_ADDR_BIT_SIZE 32 + +/* IFT: IFT_ADDR, IFT_SIZE, IFT_NUM */ +#define SEP_SW_DESC_CRYPTO_OP_IFT_ADDR_WORD_OFFSET 1 +#define SEP_SW_DESC_CRYPTO_OP_IFT_ADDR_BIT_OFFSET 0 +#define SEP_SW_DESC_CRYPTO_OP_IFT_ADDR_BIT_SIZE 32 +#define SEP_SW_DESC_CRYPTO_OP_IFT_SIZE_WORD_OFFSET 4 +#define SEP_SW_DESC_CRYPTO_OP_IFT_SIZE_BIT_OFFSET 0 +#define SEP_SW_DESC_CRYPTO_OP_IFT_SIZE_BIT_SIZE 16 +#define SEP_SW_DESC_CRYPTO_OP_IFT_NUM_WORD_OFFSET 5 +#define SEP_SW_DESC_CRYPTO_OP_IFT_NUM_BIT_OFFSET 0 +#define SEP_SW_DESC_CRYPTO_OP_IFT_NUM_BIT_SIZE 16 + +/* OFT: OFT_ADDR, OFT_SIZE, OFT_NUM */ +#define SEP_SW_DESC_CRYPTO_OP_OFT_ADDR_WORD_OFFSET 2 +#define SEP_SW_DESC_CRYPTO_OP_OFT_ADDR_BIT_OFFSET 0 +#define SEP_SW_DESC_CRYPTO_OP_OFT_ADDR_BIT_SIZE 32 +#define SEP_SW_DESC_CRYPTO_OP_OFT_SIZE_WORD_OFFSET 4 +#define SEP_SW_DESC_CRYPTO_OP_OFT_SIZE_BIT_OFFSET 16 +#define SEP_SW_DESC_CRYPTO_OP_OFT_SIZE_BIT_SIZE 16 +#define SEP_SW_DESC_CRYPTO_OP_OFT_NUM_WORD_OFFSET 5 +#define SEP_SW_DESC_CRYPTO_OP_OFT_NUM_BIT_OFFSET 16 +#define SEP_SW_DESC_CRYPTO_OP_OFT_NUM_BIT_SIZE 16 + +/********************************************/ +/* Combined-Op descriptor type: COMBINED_OP */ +/********************************************/ + +/* L bit: Load cache: L */ +#define SEP_SW_DESC_COMBINED_OP_L_WORD_OFFSET \ + SEP_SW_DESC_CRYPTO_OP_L_WORD_OFFSET +#define SEP_SW_DESC_COMBINED_OP_L_BIT_OFFSET SEP_SW_DESC_CRYPTO_OP_L_BIT_OFFSET +#define SEP_SW_DESC_COMBINED_OP_L_BIT_SIZE SEP_SW_DESC_CRYPTO_OP_L_BIT_SIZE + +/* I bit: Initialize context: I */ +#define SEP_SW_DESC_COMBINED_OP_I_WORD_OFFSET \ + SEP_SW_DESC_CRYPTO_OP_I_WORD_OFFSET +#define SEP_SW_DESC_COMBINED_OP_I_BIT_OFFSET SEP_SW_DESC_CRYPTO_OP_I_BIT_OFFSET +#define SEP_SW_DESC_COMBINED_OP_I_BIT_SIZE SEP_SW_DESC_CRYPTO_OP_I_BIT_SIZE + +/* Process mode: PROC_MODE */ +#define SEP_SW_DESC_COMBINED_OP_PROC_MODE_WORD_OFFSET \ + SEP_SW_DESC_CRYPTO_OP_PROC_MODE_WORD_OFFSET +#define SEP_SW_DESC_COMBINED_OP_PROC_MODE_BIT_OFFSET \ + SEP_SW_DESC_CRYPTO_OP_PROC_MODE_BIT_OFFSET +#define SEP_SW_DESC_COMBINED_OP_PROC_MODE_BIT_SIZE \ + SEP_SW_DESC_CRYPTO_OP_PROC_MODE_BIT_SIZE + +/* Configuration scheme: CONFIG_SCHEME */ +#define SEP_SW_DESC_COMBINED_OP_CONFIG_SCHEME_WORD_OFFSET \ + SEP_SW_DESC_CRYPTO_OP_HCB_ADDR_WORD_OFFSET +#define SEP_SW_DESC_COMBINED_OP_CONFIG_SCHEME_BIT_OFFSET \ + SEP_SW_DESC_CRYPTO_OP_HCB_ADDR_BIT_OFFSET +#define SEP_SW_DESC_COMBINED_OP_CONFIG_SCHEME_BIT_SIZE \ + SEP_SW_DESC_CRYPTO_OP_HCB_ADDR_BIT_SIZE + +/* IFT: IFT_ADDR, IFT_SIZE, IFT_NUM */ +#define SEP_SW_DESC_COMBINED_OP_IFT_ADDR_WORD_OFFSET \ + SEP_SW_DESC_CRYPTO_OP_IFT_ADDR_WORD_OFFSET +#define SEP_SW_DESC_COMBINED_OP_IFT_ADDR_BIT_OFFSET \ + SEP_SW_DESC_CRYPTO_OP_IFT_ADDR_BIT_OFFSET +#define SEP_SW_DESC_COMBINED_OP_IFT_ADDR_BIT_SIZE \ + SEP_SW_DESC_CRYPTO_OP_IFT_ADDR_BIT_SIZE +#define SEP_SW_DESC_COMBINED_OP_IFT_SIZE_WORD_OFFSET \ + SEP_SW_DESC_CRYPTO_OP_IFT_SIZE_WORD_OFFSET +#define SEP_SW_DESC_COMBINED_OP_IFT_SIZE_BIT_OFFSET \ + SEP_SW_DESC_CRYPTO_OP_IFT_SIZE_BIT_OFFSET +#define SEP_SW_DESC_COMBINED_OP_IFT_SIZE_BIT_SIZE \ + SEP_SW_DESC_CRYPTO_OP_IFT_SIZE_BIT_SIZE +#define SEP_SW_DESC_COMBINED_OP_IFT_NUM_WORD_OFFSET \ + SEP_SW_DESC_CRYPTO_OP_IFT_NUM_WORD_OFFSET +#define SEP_SW_DESC_COMBINED_OP_IFT_NUM_BIT_OFFSET \ + SEP_SW_DESC_CRYPTO_OP_IFT_NUM_BIT_OFFSET +#define SEP_SW_DESC_COMBINED_OP_IFT_NUM_BIT_SIZE \ + SEP_SW_DESC_CRYPTO_OP_IFT_NUM_BIT_SIZE + +/* OFT: OFT_ADDR, OFT_SIZE, OFT_NUM */ +#define SEP_SW_DESC_COMBINED_OP_OFT_ADDR_WORD_OFFSET \ + SEP_SW_DESC_CRYPTO_OP_OFT_ADDR_WORD_OFFSET +#define SEP_SW_DESC_COMBINED_OP_OFT_ADDR_BIT_OFFSET \ + SEP_SW_DESC_CRYPTO_OP_OFT_ADDR_BIT_OFFSET +#define SEP_SW_DESC_COMBINED_OP_OFT_ADDR_BIT_SIZE \ + SEP_SW_DESC_CRYPTO_OP_OFT_ADDR_BIT_SIZE +#define SEP_SW_DESC_COMBINED_OP_OFT_SIZE_WORD_OFFSET \ + SEP_SW_DESC_CRYPTO_OP_OFT_SIZE_WORD_OFFSET +#define SEP_SW_DESC_COMBINED_OP_OFT_SIZE_BIT_OFFSET \ + SEP_SW_DESC_CRYPTO_OP_OFT_SIZE_BIT_OFFSET +#define SEP_SW_DESC_COMBINED_OP_OFT_SIZE_BIT_SIZE \ + SEP_SW_DESC_CRYPTO_OP_OFT_SIZE_BIT_SIZE +#define SEP_SW_DESC_COMBINED_OP_OFT_NUM_WORD_OFFSET \ + SEP_SW_DESC_CRYPTO_OP_OFT_NUM_WORD_OFFSET +#define SEP_SW_DESC_COMBINED_OP_OFT_NUM_BIT_OFFSET \ + SEP_SW_DESC_CRYPTO_OP_OFT_NUM_BIT_OFFSET +#define SEP_SW_DESC_COMBINED_OP_OFT_NUM_BIT_SIZE \ + SEP_SW_DESC_CRYPTO_OP_OFT_NUM_BIT_SIZE + +/* combined scheme macros: + these set of macros meant for configuration scheme encoding + from the user level interface to the SEP combined driver. +*/ +#define SEP_ENGINE_TYPE_BIT_SHIFT 0 +#define SEP_ENGINE_TYPE_BIT_SIZE 4 +#define SEP_ENGINE_SRC_BIT_SHIFT 4 +#define SEP_ENGINE_SRC_BIT_SIZE 4 +#define SEP_ENGINE_SLOT_BIT_SIZE \ + (SEP_ENGINE_SRC_BIT_SIZE + SEP_ENGINE_TYPE_BIT_SIZE) + +/******************************* MACROS ***********************************/ +#define _SepCombinedEnginePackItem(eng_src, eng_type) \ + (((eng_src) << SEP_ENGINE_SRC_BIT_SIZE) | \ + ((eng_type) << SEP_ENGINE_TYPE_BIT_SHIFT)) +#define _SepCombinedEnginePackNShift(src, type, slot) \ + (_SepCombinedEnginePackItem(src, type) << \ + (slot * SEP_ENGINE_SLOT_BIT_SIZE)) + +#define SepCombinedEnginePropsSet(cfg_p, eng_idx, eng_src, eng_type) \ + do { \ + BITFIELD_SET(*cfg_p, \ + (eng_idx * SEP_ENGINE_SLOT_BIT_SIZE), \ + SEP_ENGINE_SLOT_BIT_SIZE, 0); \ + BITFIELD_SET(*cfg_p, \ + (eng_idx * SEP_ENGINE_SLOT_BIT_SIZE), \ + SEP_ENGINE_SLOT_BIT_SIZE, \ + _SepCombinedEnginePackItem(eng_src, eng_type)); \ + } while (0) +#define SepCombinedEnginePropsGet(cfg_p, eng_idx, eng_src, eng_type) \ + do { \ + *(eng_type) = BITFIELD_GET(*cfg_p, \ + (eng_idx * SEP_ENGINE_SLOT_BIT_SIZE),\ + SEP_ENGINE_TYPE_BIT_SIZE); \ + *(eng_src) = BITFIELD_GET(*cfg_p, \ + (eng_idx * SEP_ENGINE_SLOT_BIT_SIZE) \ + + SEP_ENGINE_TYPE_BIT_SIZE, \ + SEP_ENGINE_SRC_BIT_SIZE); \ + } while (0) + +/******************************************/ +/* Message-Op descriptor type: RPC_MSG */ +/******************************************/ + +/* Agent ID: AGENT_ID */ +#define SEP_SW_DESC_RPC_MSG_AGENT_ID_WORD_OFFSET 1 +#define SEP_SW_DESC_RPC_MSG_AGENT_ID_BIT_OFFSET 0 +#define SEP_SW_DESC_RPC_MSG_AGENT_ID_BIT_SIZE 8 + +/* Function ID: FUNC_ID */ +#define SEP_SW_DESC_RPC_MSG_FUNC_ID_WORD_OFFSET 1 +#define SEP_SW_DESC_RPC_MSG_FUNC_ID_BIT_OFFSET 16 +#define SEP_SW_DESC_RPC_MSG_FUNC_ID_BIT_SIZE 16 + +/* HMB: HMB_ADDR , HMB_SIZE */ +#define SEP_SW_DESC_RPC_MSG_HMB_ADDR_WORD_OFFSET 2 +#define SEP_SW_DESC_RPC_MSG_HMB_ADDR_BIT_OFFSET 0 +#define SEP_SW_DESC_RPC_MSG_HMB_ADDR_BIT_SIZE 32 +#define SEP_SW_DESC_RPC_MSG_HMB_SIZE_WORD_OFFSET 3 +#define SEP_SW_DESC_RPC_MSG_HMB_SIZE_BIT_OFFSET 0 +#define SEP_SW_DESC_RPC_MSG_HMB_SIZE_BIT_SIZE 13 + + + +/************************************************/ +/* SeP Applet Request descriptor type: APP_REQ */ +/************************************************/ + +/* Request Type: REQ_TYPE */ +#define SEP_SW_DESC_APP_REQ_REQ_TYPE_WORD_OFFSET 0 +#define SEP_SW_DESC_APP_REQ_REQ_TYPE_BIT_OFFSET 4 +#define SEP_SW_DESC_APP_REQ_REQ_TYPE_BIT_SIZE 2 + +/* Session ID: SESSION_ID */ +#define SEP_SW_DESC_APP_REQ_SESSION_ID_WORD_OFFSET 0 +#define SEP_SW_DESC_APP_REQ_SESSION_ID_BIT_OFFSET 16 +#define SEP_SW_DESC_APP_REQ_SESSION_ID_BIT_SIZE 12 + +/* Internal error: INTERNAL_ERR */ +#define SEP_SW_DESC_APP_REQ_INTERNAL_ERR_WORD_OFFSET 0 +#define SEP_SW_DESC_APP_REQ_INTERNAL_ERR_BIT_OFFSET 31 +#define SEP_SW_DESC_APP_REQ_INTERNAL_ERR_BIT_SIZE 1 + +/* In-Params. Buffer Address: IN_PARAMS_ADDR */ +#define SEP_SW_DESC_APP_REQ_IN_PARAMS_ADDR_WORD_OFFSET 1 +#define SEP_SW_DESC_APP_REQ_IN_PARAMS_ADDR_BIT_OFFSET 0 +#define SEP_SW_DESC_APP_REQ_IN_PARAMS_ADDR_BIT_SIZE 32 + +/* Return codes for APP_REQ descriptor */ +enum sepapp_retcode { + SEPAPP_RET_OK = 0, + SEPAPP_RET_EINVAL_QUEUE, /* Request sent on the wrong SW queue */ + SEPAPP_RET_EINVAL, /* Invalid parameters in descriptor */ +}; + +/* REQ_TYPE field encoding */ +enum sepapp_req_type { + SEPAPP_REQ_TYPE_SESSION_OPEN = 1, + SEPAPP_REQ_TYPE_SESSION_CLOSE = 2, + SEPAPP_REQ_TYPE_COMMAND_INVOKE = 3 +}; + +/** in-params. data types **/ + +#define SEPAPP_UUID_SIZE 16 +#define SEPAPP_MAX_PARAMS 4 +#define SEPAPP_MAX_AUTH_DATA_SIZE 16 /* For Application UUID case */ + +enum sepapp_param_type { + SEPAPP_PARAM_TYPE_NULL = 0, + SEPAPP_PARAM_TYPE_VAL = 1, + SEPAPP_PARAM_TYPE_MEMREF = 2 +}; + +enum sepapp_data_direction { + SEPAPP_DIR_NULL = 0, + SEPAPP_DIR_IN = 1, + SEPAPP_DIR_OUT = (1<<1), + SEPAPP_DIR_INOUT = SEPAPP_DIR_IN | SEPAPP_DIR_OUT +}; + +/* Descriptor for "by value" parameter */ +struct sepapp_val_param { + /*enum sepapp_data_direction*/ uint8_t dir; + uint32_t data[2]; +}; + +/* Depends on seprpc data type defined in sep_rpc.h */ +union sepapp_client_param { + struct sepapp_val_param val; + struct seprpc_memref memref; +}; + +struct sepapp_client_params { + uint8_t params_types[SEPAPP_MAX_PARAMS]; + union sepapp_client_param params[SEPAPP_MAX_PARAMS]; +}; + +/* In-params. for SESSION_OPEN request type */ +struct sepapp_in_params_session_open { + uint8_t app_uuid[SEPAPP_UUID_SIZE]; + uint32_t auth_method; + uint8_t auth_data[SEPAPP_MAX_AUTH_DATA_SIZE]; + struct sepapp_client_params client_params; +}; + +struct sepapp_in_params_command_invoke { + uint32_t command_id; + struct sepapp_client_params client_params; +}; + +/* Return codes for SLEEP_REQ descriptor */ +typedef enum sepslp_mode_req_retcode { + SEPSLP_MODE_REQ_RET_OK = 0, + SEPSLP_MODE_REQ_EGEN, /* general error */ + SEPSLP_MODE_REQ_EINVAL_QUEUE, /* Request sent on the wrong SW queue */ + SEPSLP_MODE_REQ_EBUSY,/* Request sent while desc. queue is not empty */ + SEPSLP_MODE_REQ_EABORT,/* Applet requested aborting this request */ +} sepslp_mode_req_retcode_t; + +/****************************************/ +/* Load-Op descriptor type: LOAD_OP */ +/****************************************/ + +/* SeP/FW Cache Index: FW_CACHE_IDX */ +#define SEP_SW_DESC_LOAD_OP_FW_CACHE_IDX_WORD_OFFSET 1 +#define SEP_SW_DESC_LOAD_OP_FW_CACHE_IDX_BIT_OFFSET(slot) ((slot) * 8) +#define SEP_SW_DESC_LOAD_OP_FW_CACHE_IDX_BIT_SIZE 8 + +/* HCB address: HCB_ADDR */ +#define SEP_SW_DESC_LOAD_OP_HCB_ADDR_WORD_OFFSET(slot) ((slot) + 2) +#define SEP_SW_DESC_LOAD_OP_HCB_ADDR_BIT_OFFSET 1 +#define SEP_SW_DESC_LOAD_OP_HCB_ADDR_BIT_SIZE 31 + +/* L bit: Load cache: L */ +#define SEP_SW_DESC_LOAD_OP_L_WORD_OFFSET(slot) ((slot) + 2) +#define SEP_SW_DESC_LOAD_OP_L_BIT_OFFSET 0 +#define SEP_SW_DESC_LOAD_OP_L_BIT_SIZE 1 + +/*****************************/ +/*** Descriptor copy flows ***/ +/*****************************/ +/* Copy host descriptor scratchpad to descriptor queue buffer */ +#ifdef __BIG_ENDIAN + +/* Verify descriptor copy flows assumptions at compile time: + assumes "retcode" and "cookie" are the last words */ +#if (SEP_SW_DESC_RET_CODE_WORD_OFFSET != 6) +#error SW_DESC_RET_CODE location assumption is broken! +#endif +#if (SEP_SW_DESC_COOKIE_WORD_OFFSET != 7) +#error SW_DESC_COOKIE location assumption is broken! +#endif + +#define SEP_SW_DESC_COPY_TO_SEP(queue_desc_p, spad_desc_p) do { \ + uint32_t *cur_q_desc_word_p = (uint32_t *)queue_desc_p; \ + uint32_t *cur_spad_desc_word_p = (uint32_t *)spad_desc_p; \ + int i; \ + /* First 6 words are input data to SeP-FW. Must be in SeP endianess:*/ \ + /* Copy 7th word too in order to init./clear retcode field */ \ + for (i = 0; i <= SEP_SW_DESC_RET_CODE_WORD_OFFSET; i++) { \ + *cur_q_desc_word_p = cpu_to_le32(*cur_spad_desc_word_p); \ + cur_spad_desc_word_p++; \ + cur_q_desc_word_p++; \ + } \ + /* Word 8 is the cookie which is referenced only by the host */ \ + /* No need to swap endianess */ \ + *cur_q_desc_word_p = *cur_spad_desc_word_p; \ +} while (0) + +/* and vice-versa */ +#define SEP_SW_DESC_COPY_FROM_SEP(spad_desc_p, queue_desc_p) do { \ + uint32_t *cur_q_desc_word_p = (uint32_t *)queue_desc_p; \ + uint32_t *cur_spad_desc_word_p = (uint32_t *)spad_desc_p; \ + int i; \ + /* First 6 words are input data to SeP-FW in SeP endianess:*/ \ + /* Copy 7th word too in order to get retcode field */ \ + for (i = 0; i <= SEP_SW_DESC_RET_CODE_WORD_OFFSET; i++) { \ + *cur_spad_desc_word_p = le32_to_cpu(*cur_q_desc_word_p); \ + cur_spad_desc_word_p++; \ + cur_q_desc_word_p++; \ + } \ + /* Word 8 is the cookie which is referenced only by the host */ \ + /* No need to swap endianess */ \ + *cur_spad_desc_word_p = *cur_q_desc_word_p; \ +} while (0) + +#else /* __LITTLE_ENDIAN - simple memcpy */ +#define SEP_SW_DESC_COPY_TO_SEP(queue_desc_p, spad_desc_p) \ + memcpy(queue_desc_p, spad_desc_p, SEP_SW_DESC_WORD_SIZE<<2) + +#define SEP_SW_DESC_COPY_FROM_SEP(spad_desc_p, queue_desc_p) { \ + memcpy(spad_desc_p, queue_desc_p, SEP_SW_DESC_WORD_SIZE<<2) +#endif + +#endif /*_SEP_SW_DESC_H_*/ diff --git a/peripheral/keystore/chaabi/libcc54/include/teec_api_demo.h b/peripheral/keystore/chaabi/libcc54/include/teec_api_demo.h new file mode 100644 index 0000000..ee087c0 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/include/teec_api_demo.h @@ -0,0 +1,47 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/* \file teec_api_demo.h + Header file for definitions common to the host client application and the + SeP Applet of the TEE Client API demo. + The test is an SIMD calculator. + There are 5 commands: + 1. Add. 2. Substract. 3. Multiply. 4. Divide. 5. Get result. + Opening a session resets (to zero) the calculator state. + Operations 1-4 take struct TeecTestData as 3 input data: a, b, c. + Each of them is used independently in the SIMD style. + Operation #5 returns in the same struct TeecTestData, the result for each. +*/ +#ifndef __TEEC_API_DEMO_H__ +#define __TEEC_API_DEMO_H__ + +/* Comment the following line to run the demo using memory reference to user data struct. */ +/* After any change here both applet as well as host client application should be recompiled. */ +//#define DEMO_BY_VALUE + +#define DEMO_APP_UUID {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F} + +/* Demo. applet commands */ +/* These values do not have to be aligned with TEE Client API return codes (but for 0 for success) */ +#define DEMO_CMD_ADD 1 +#define DEMO_CMD_SUB 2 +#define DEMO_CMD_MULT 3 +#define DEMO_CMD_DIV 4 +#define DEMO_CMD_RESULT 5 + +/* Demo. error codes */ +#define DEMO_ERR_ENORSC 1 /* Not enough resources (free sessions context) */ +#define DEMO_ERR_EINVAL 2 /* Invalid parameters */ +#define DEMO_ERR_GENERIC 9 /* Any other unexpected error */ + +/* Data structure for test function parameters */ +struct TeecTestData { + uint8_t a; + uint16_t b; + uint32_t c; +}; + +#endif /*__TEEC_API_DEMO_H__*/ diff --git a/peripheral/keystore/chaabi/libcc54/pal/linux/dx_pal_file.c b/peripheral/keystore/chaabi/libcc54/pal/linux/dx_pal_file.c new file mode 100644 index 0000000..cb9bc3e --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/pal/linux/dx_pal_file.c @@ -0,0 +1,80 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/************* Include Files ****************/ +#include "stdio.h" +#include "dx_pal_types.h" +#include "dx_pal_error.h" +#include "dx_pal_file.h" +#include "dx_pal_fileint.h" + +/************************ Defines ******************************/ + + +/************************ Enums ******************************/ + + +/************************ Typedefs ******************************/ + + +/************************ Global Data ******************************/ + +/* File modes table is constant table that handles the translations from DX_PAL modes to + NoOS modes */ +const DX_PAL_FileModeStr_t DX_PAL_FileModeTable[] = +{ + {"r"}, {"r+"}, {"w"}, {"w+"}, {"a"}, {"a+"}, {"rb"}, {"r+b"}, {"wb"}, {"w+b"}, {"ab"}, {"a+b"} +}; + +/************************ Private Functions ******************************/ + + +/************************ Public Functions ******************************/ +/** + * @brief This function purpose is to return the file size + * + * + * @param[in] aFileHandle - The file handle + * @param[out] aFileSize - The returned file size + * + * @return The function will return DX_SUCCESS in case of success, else errors from + * DX_PAL_Error.h will be returned. + */ +DxError_t DX_PAL_FGetFileSize( DxFile_t aFileHandle, DxUint32_t *aFileSize ) +{ + /* position in file, size */ + DxUint32_t currPos = 0, fileSize = 0; + + /* error variable */ + DxError_t error = DX_SUCCESS; + + /*------------------ + CODE + -------------------*/ + + /* Get current position */ + currPos = DX_PAL_FTell(aFileHandle); + + /* Move pointer position to end fo file */ + error = DX_PAL_FSeek(aFileHandle, 0, DX_PAL_SEEK_END); + if (error != DX_SUCCESS) + return error; + + /* Get current position == size of file */ + fileSize = DX_PAL_FTell(aFileHandle); + + /* Return pointer to start position */ + error = DX_PAL_FSeek(aFileHandle, currPos, DX_PAL_SEEK_START); + if (error != DX_SUCCESS) + return error; + + *aFileSize = fileSize; + + return DX_SUCCESS; + +}/* End of DX_PAL_FGetFileSize */ + + diff --git a/peripheral/keystore/chaabi/libcc54/pal/linux/dx_pal_log.c b/peripheral/keystore/chaabi/libcc54/pal/linux/dx_pal_log.c new file mode 100644 index 0000000..ddc33ad --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/pal/linux/dx_pal_log.c @@ -0,0 +1,20 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#include "dx_pal_types.h" +#include "dx_pal_log.h" + +void DX_PAL_LogInit(void) +{ + /*nothing to do*/ +} + +void DX_PAL_LogLevelSet(DxUint32_t setLevel) +{ + DX_PAL_logLevel = setLevel; +} + + diff --git a/peripheral/keystore/chaabi/libcc54/pal/linux/dx_pal_mem.c b/peripheral/keystore/chaabi/libcc54/pal/linux/dx_pal_mem.c new file mode 100644 index 0000000..1cfc362 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/pal/linux/dx_pal_mem.c @@ -0,0 +1,76 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/************* Include Files ****************/ +#include "dx_pal_types.h" +#include "dx_pal_error.h" +#include "dx_pal_mem.h" +#include "dx_pal_memint.h" + + +/************************ Defines ******************************/ + +/************************ Enums ******************************/ + + +/************************ Typedefs ******************************/ + + +/************************ Global Data ******************************/ + +/************************ Private Functions ******************************/ + + +/************************ Public Functions ******************************/ + +/** + * @brief This function purpose is to perform secured memory comparison between two given + * buffers according to given size. The function will compare each byte till aSize + * number of bytes was compared even if the bytes are different. + * The function should be used to avoid security timing attacks. + * + * + * @param[in] aTarget - The target buffer to compare + * @param[in] aSource - The Source buffer to compare to + * @param[in] aSize - Number of bytes to compare + * + * @return The function will return DX_SUCCESS in case of success, else errors from + * DX_PAL_Error.h will be returned. + */ +DxError_t DX_PAL_SecMemCmp( const DxUint8_t* aTarget, + const DxUint8_t* aSource, + DxUint32_t aSize ) +{ + /* internal index */ + DxUint32_t i = 0; + + /* error return */ + DxUint32_t error = DX_SUCCESS; + + /*------------------ + CODE + -------------------*/ + + /* Go over aTarget till aSize is reached (even if its not equal) */ + for (i = 0; i < aSize; i++) + { + if (aTarget[i] != aSource[i]) + { + if (error != DX_SUCCESS) + continue; + else + { + if (aTarget[i] < aSource[i]) + error = DX_PAL_MEM_BUF2_GREATER; + else + error = DX_PAL_MEM_BUF1_GREATER; + } + } + } + + return error; +}/* End of DX_PAL_SecMemCmp */ + diff --git a/peripheral/keystore/chaabi/libcc54/pal/linux/dx_pal_sem.c b/peripheral/keystore/chaabi/libcc54/pal/linux/dx_pal_sem.c new file mode 100644 index 0000000..c28c0d4 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/pal/linux/dx_pal_sem.c @@ -0,0 +1,93 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/************* Include Files ****************/ +#include "dx_pal_types.h" + +#include "dx_pal_sem.h" + +/************************ Defines ******************************/ + +/************************ Enums ******************************/ + +/************************ Typedefs ******************************/ + + + +/*typedef struct +{ + DxUint32_t DX_PAL_SemId; + +}_DX_PAL_Sem_t; */ + + +/************************ Global Data ******************************/ + +/************************ Private Functions ******************************/ + +/************************ Public Functions ******************************/ + +/** + * @brief This function purpose is to create a semaphore. + * + * + * @param[out] aSemId - Pointer to created semaphor handle + * @param[in] aInitialVal - Initial semaphore value + * + * @return The return values will be according to operating system return values. + */ +DxError_t DX_PAL_SemCreate( DX_PAL_SEM *aSemId, DxUint32_t aInitialVal ) +{ + + *aSemId = (DX_PAL_SEM)1; + + return DX_SUCCESS; + +}/* End of DX_PAL_SemCreate */ + +/** + * @brief This function purpose is to delete a semaphore + * + * + * @param[in] aSemId - Semaphore handle + * + * @return The return values will be according to operating system return values. + */ +DxError_t DX_PAL_SemDelete( DX_PAL_SEM *aSemId ) +{ + + *aSemId = (DX_PAL_SEM)0; + return DX_SUCCESS; + +}/* End of DX_PAL_SemDelete */ + +/** + * @brief This function purpose is to Wait for semaphore with aTimeOut. aTimeOut is + * specified in milliseconds. + * + * + * @param[in] aSemId - Semaphore handle + * @param[in] aTimeOut - timeout in mSec, or DX_INFINITE + * + * @return The return values will be according to operating system return values. + */ +DxError_t DX_PAL_SemWait(DX_PAL_SEM aSemId, DxUint32_t aTimeOut) +{ + return DX_SUCCESS; +}/* End of DX_PAL_SemWait */ + +/** + * @brief This function purpose is to signal the semaphore. + * + * + * @param[in] aSemId - Semaphore handle + * + * @return The return values will be according to operating system return values. + */ +DxError_t DX_PAL_SemGive(DX_PAL_SEM aSemId) +{ + return DX_SUCCESS; +}/* End of DX_PAL_SemGive */ diff --git a/peripheral/keystore/chaabi/libcc54/pal/linux/dx_pal_time.c b/peripheral/keystore/chaabi/libcc54/pal/linux/dx_pal_time.c new file mode 100644 index 0000000..958d495 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/pal/linux/dx_pal_time.c @@ -0,0 +1,36 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +/************* Include Files ****************/ +#include "dx_pal_types.h" + +/************************ Defines ******************************/ + +/************************ Enums ******************************/ + +/************************ Typedefs ******************************/ + +/************************ Global Data ******************************/ + +/************************ Private Functions ******************************/ + +/************************ Public Functions ******************************/ + +/** + * @brief This function returns the number of seconds passed from 1/1/1970 00:00 UTC. + * + * + * @param[in] void + * + * @return Number of seconds passed from 1/1/1970 00:00 UTC + */ + +DxInt32_t DX_PAL_GetTime( void ) +{ + /* No support for time utils in NoOS */ + return 0; +} + diff --git a/peripheral/keystore/chaabi/libcc54/secure_channel/secure_channel.c b/peripheral/keystore/chaabi/libcc54/secure_channel/secure_channel.c new file mode 100644 index 0000000..ec1bf1b --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/secure_channel/secure_channel.c @@ -0,0 +1,259 @@ +/******************************************************************* +* (c) Copyright 2013-2016 Intel Corporation. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#include "secure_channel.h" +#include "tee_client_api.h" +#include "dx_cclib.h" +#include <stdbool.h> +#include <stdlib.h> +#include <string.h> +#include <stdio.h> + +/*! + * \brief applet_uuid + * ID of the Secure Channel applet that we are communicating with + */ +static const uint8_t applet_uuid[] = + {'I', 'N', 'T', 'E', 'L', '_', 'S', 'E', 'C', 'C', 'H', 'A', 'N', 'N', 'E', 'L'}; + +/*! + * \brief Prosses a request that is received from the modem. + */ +#define PROCESS_SEC_REQUEST 1 + +/*! + * \brief After the data has been processed we must retrieve the response from SEP + */ +#define COLLECT_RESPONSE 2 + +/*! + * \brief Error code to define that we already have one client connected in a session. + */ +#define ERROR_ALREADY_IN_SESSION 1 + +/*! + * \brief The requested command operation is not valid. + */ +#define ERROR_INVALID_COMMAND 2 + +/*! + * \brief We receive this message type when we are instructed to free our internal buffer + */ +#define SECURE_CH_DATA_FREE_RETURN_DATA 0 + +/*! + * \brief The SNUM value is sent on request for the certificates to be returned + */ +#define SECURE_CH_DATA_SNUM 1 + +/*! + * \brief this is the 16 bit value that snum is understood by when received by the applet + */ +#define SNUM_ENMU_VALUE 0x9999 + +/*! + * \brief The Type Length header is 4 bytes 2 for each component + */ +#define TL_SIZE 4 + +/*! + * \brief out_buffer + */ +static uint8_t *out_buffer; + +/*! + * \brief preserveBuffer + * We should try and keep the buffer allocated until we are requested to free it + */ +static bool preserveBuffer = false; + +/*! + * \brief reset_buffer + * Reset our internal output buffer after the data has been consumed. + */ +static void reset_buffer() +{ + if (preserveBuffer) + return; + + free(out_buffer); + out_buffer = NULL; +} + +uint32_t secure_channel_callback(uint32_t *type, uint32_t *length, uint8_t **data) +{ + TEEC_Context context; + TEEC_Session session; + TEEC_Operation operation; + TEEC_Result ret; + TEEC_SharedMemory input; + TEEC_SharedMemory output; + uint32_t retOrigin = 0; + uint32_t required_length = 0; + uint8_t *snumBuf = 0; + + memset((void *)&operation, 0, sizeof(operation)); + memset((void *)&input, 0, sizeof(input)); + memset((void *)&output, 0, sizeof(output)); + + if (type && *type == SECURE_CH_DATA_FREE_RETURN_DATA) + { + // This command tells us to clean up our previously allocated memory + preserveBuffer = false; + reset_buffer(); + fprintf(stderr, "Sec_Lib: Cleaned the internal buffer\n"); + return 0; + } + else if (preserveBuffer == true) + { + // We have not cleaned up the buffer from the previous time + // so an error has occured. If we continued a memory leak would occur. + fprintf(stderr, "Sec_Lib: Internal buffer not cleaned before subsequent calls\n"); + return 100; + } + + if (!type || !length || !data || *length == 0 || *data == NULL) + { + fprintf(stderr, "Sec_Lib: Invalid data passed as paramaters\n"); + return 101; + } + + if (*type == SECURE_CH_DATA_SNUM) + { + // Turn the snum value into a TLV structure + snumBuf = malloc(TL_SIZE + *length); + if (!snumBuf) + { + fprintf(stderr, "Sec_Lib: No memory to hold SNUM TLV request\n"); + return 102; + } + + *((uint16_t *)&(snumBuf)[0]) = SNUM_ENMU_VALUE; + *((uint16_t *)&(snumBuf)[2]) = *length; + memcpy(snumBuf + TL_SIZE, *data, *length); + *data = (uint8_t *)snumBuf; + *length += TL_SIZE; //the length of the array in bytes (4 bytes for TLV header) + } + + ret = DX_CclibInit(); + if (ret != TEEC_SUCCESS) + { + fprintf(stderr, "Sec_Lib: failed to initialize libcc54 interface (0x%x)\n", ret); + goto FinLib; + } + + ret = TEEC_InitializeContext(NULL, &context); + if (ret != TEEC_SUCCESS) + { + fprintf(stderr, "Sec_Lib: Failed to Initialize context (0x%x)\n", ret); + goto FinContext; + } + + ret = TEEC_OpenSession(&context, &session, (TEEC_UUID*)&applet_uuid, + TEEC_LOGIN_PUBLIC, NULL, NULL, &retOrigin); + if (ret != TEEC_SUCCESS) + { + fprintf(stderr, "Sec_Lib: Failed to open session (0x%x)\n", ret); + goto FinSession; + } + + // Map the input buffer and register it as shared memory + input.size = *length; + input.flags = TEEC_MEM_INPUT; + input.buffer = *data; + + ret = TEEC_RegisterSharedMemory(&context, &input); + if (ret != TEEC_SUCCESS) + { + fprintf(stderr, "Sec_lib: Failed to register shared mem {input} (0x%x)\n", ret); + goto FinInput; + } + + // Create an operation to be performed by SEP + // TODO DX should provide the macro TEEC_PARAM_TYPES for portability + // see 4.5.11 of spec + TEEC_PARAM_TYPE_SET(operation.paramTypes, 0, TEEC_VALUE_INPUT); // size of input buffer + TEEC_PARAM_TYPE_SET(operation.paramTypes, 1, TEEC_MEMREF_WHOLE); // the input buffer + TEEC_PARAM_TYPE_SET(operation.paramTypes, 2, TEEC_VALUE_OUTPUT); // the size needed for output + + operation.params[0].value.a = *length; + operation.params[1].memref.parent = &input; + + ret = TEEC_InvokeCommand(&session, PROCESS_SEC_REQUEST, &operation, &retOrigin); + if (ret != TEEC_SUCCESS || operation.params[2].value.a == 0) + { + fprintf(stderr, "Sec_Lib: Failed to invoke 1st command (0x%x)\n", ret); + goto FinInput; // either an error or there is no response + } + + required_length = operation.params[2].value.a; + + //create a buffer to hold the response + out_buffer = (uint8_t *) malloc(required_length * sizeof(uint8_t)); + if (out_buffer == NULL) + { + fprintf(stderr, "Sec_Lib: Failed to malloc space {output}\n"); + goto FinInput; + } + + //update the output shared memory and register it as a shared buffer + output.size = required_length; + output.flags = TEEC_MEM_OUTPUT; + output.buffer = out_buffer; + + ret = TEEC_RegisterSharedMemory(&context, &output); + if (ret != TEEC_SUCCESS) + { + fprintf(stderr, "Sec_Lib: Failed to register shared mem {output} (0x%x)\n", ret); + goto FinOutput; + } + + // Create a second operation to be performed by SEP + memset((void *)&operation, 0, sizeof(operation)); + TEEC_PARAM_TYPE_SET(operation.paramTypes, 0, TEEC_VALUE_INPUT); // size of output buffer + TEEC_PARAM_TYPE_SET(operation.paramTypes, 1, TEEC_MEMREF_WHOLE); // Output_buffer + TEEC_PARAM_TYPE_SET(operation.paramTypes, 2, TEEC_VALUE_OUTPUT); // Type of the response + operation.params[0].value.a = required_length; + operation.params[1].memref.parent = &output; + + // Call the functionality to collect the response from SEP + ret = TEEC_InvokeCommand(&session, COLLECT_RESPONSE, &operation, &retOrigin); + if (ret != TEEC_SUCCESS) + { + fprintf(stderr, "Sec_Lib: Failed to invoke 2nd command (0x%x)\n", ret); + goto FinOutput; + } + + //Update the outout so the response is visible to the caller + *length = required_length; + *data = out_buffer; + *type = operation.params[2].value.a; + preserveBuffer = true; + +FinOutput: + reset_buffer(); + TEEC_ReleaseSharedMemory(&output); + +FinInput: + TEEC_ReleaseSharedMemory(&input); + +FinSession: + TEEC_CloseSession(&session); + +FinContext: + TEEC_FinalizeContext(&context); + +FinLib: + DX_CclibFini(); + + if (snumBuf) + free(snumBuf); + + if (ret == TEEC_SUCCESS) + fprintf(stderr, "Sec_Lib: Command (0x%x) completed SUCCESS\n", *type); + + return ret; +} diff --git a/peripheral/keystore/chaabi/libcc54/tee_applet_loading_lib.c b/peripheral/keystore/chaabi/libcc54/tee_applet_loading_lib.c new file mode 100644 index 0000000..6d978e0 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/tee_applet_loading_lib.c @@ -0,0 +1,141 @@ +/******************************************************************* +* (c) Copyright 2013-2016 Intel Corporation. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#include <stdarg.h> +#include <stdint.h> +#include <string.h> +#include <stdio.h> +#include "tee_applet_loading_if.h" +#include "tee_client_api.h" +#include "dx_cclib.h" + +static const uint8_t primary_applet_uuid[] = {0x00, 0xDE, 0xFA, 0x01, 0xDE, 0xFA, 0x02, 0xDE, + 0xFA, 0x03, 0xDE, 0xFA, 0x04, 0xDE, 0xFA, 0xFF}; + +#define CMD_LOAD_APPLET 0x8000 +#define CMD_UNLOAD_APPLET 0x8001 + +// tee_load_applet +int32_t tee_load_applet(uint8_t *img_buf, uint32_t img_size) +{ + TEEC_Context context; + TEEC_Session session; + TEEC_Operation operation; + TEEC_Result ret; + TEEC_SharedMemory input; + uint32_t retOrigin = 0; + + memset((void *)&context, 0, sizeof(context)); + memset((void *)&session, 0, sizeof(session)); + memset((void *)&operation, 0, sizeof(operation)); + memset((void *)&input, 0, sizeof(input)); + + ret = TEEC_InitializeContext(NULL, &context); + if (ret != TEEC_SUCCESS) + { + fprintf(stderr, "load applet init failed: (%x)\n", ret); + goto end; + } + + ret = TEEC_OpenSession(&context, &session, (TEEC_UUID *)&primary_applet_uuid, + TEEC_LOGIN_PUBLIC, NULL, NULL, &retOrigin); + if (ret != TEEC_SUCCESS) + { + fprintf(stderr, "session open to primary failed: (%x)\n", ret); + goto end; + } + + input.size = img_size; + input.flags = TEEC_MEM_INPUT; + input.buffer = img_buf; + + ret = TEEC_RegisterSharedMemory(&context, &input); + if (ret != TEEC_SUCCESS) + { + printf("TEEC_RegisterSharedMemory failed, (%x)\n", ret); + goto end; + } + + TEEC_PARAM_TYPE_SET(operation.paramTypes, 0, TEEC_MEMREF_WHOLE); + TEEC_PARAM_TYPE_SET(operation.paramTypes, 1, TEEC_VALUE_INPUT); + + operation.params[0].memref.parent = &input; + operation.params[1].value.a = img_size; + + retOrigin = TEEC_ORIGIN_TRUSTED_APP; + + ret = TEEC_InvokeCommand(&session, (uint32_t)CMD_LOAD_APPLET, &operation, &retOrigin); + if (ret != TEEC_SUCCESS) + { + printf("TEEC_InvokeCommand call failed (%x)\n", ret); + goto end; + } + +end: + TEEC_CloseSession(&session); + TEEC_FinalizeContext(&context); + + return ret; +} + +// tee_unload_applet +int32_t tee_unload_applet(TEEC_UUID *applet_uuid) +{ + TEEC_Context context; + TEEC_Session session; + TEEC_Result ret = 0; + uint32_t retOrigin = 0; + + ret = TEEC_InitializeContext(NULL, &context); + if (ret != TEEC_SUCCESS) + { + fprintf(stderr, "unload applet init failed: (%x)\n", ret); + goto end; + } + + ret = TEEC_OpenSession(&context, &session, (TEEC_UUID *)&primary_applet_uuid, + TEEC_LOGIN_PUBLIC, NULL, NULL, &retOrigin); + if (ret != TEEC_SUCCESS) + { + fprintf(stderr, "session open to primary failed: (%x)\n", ret); + goto end; + } + + TEEC_Operation operation_unload; + memset((void *)&operation_unload, 0, sizeof(TEEC_Operation)); + + // for applet uuid + TEEC_SharedMemory input_unloadable_applet_uuid; + memset((void *)&input_unloadable_applet_uuid, 0, sizeof(TEEC_SharedMemory)); + + input_unloadable_applet_uuid.size = sizeof(TEEC_UUID); + input_unloadable_applet_uuid.flags = TEEC_MEM_INPUT; + input_unloadable_applet_uuid.buffer = (uint8_t *)applet_uuid; + + ret = TEEC_RegisterSharedMemory(&context, &input_unloadable_applet_uuid); + if (ret != TEEC_SUCCESS) + { + printf("TEEC_RegisterSharedMemory failed (%x)\n", ret); + goto end; + } + + TEEC_PARAM_TYPE_SET(operation_unload.paramTypes, 0, TEEC_MEMREF_WHOLE); + operation_unload.params[0].memref.parent = &input_unloadable_applet_uuid; + + retOrigin = TEEC_ORIGIN_TRUSTED_APP; + ret = TEEC_InvokeCommand(&session, (uint32_t)CMD_UNLOAD_APPLET, &operation_unload, &retOrigin); + if (ret != TEEC_SUCCESS) + { + printf("TEEC_InvokeCommand call failed (%x)\n", ret); + goto end; + } + +end: + TEEC_CloseSession(&session); + TEEC_FinalizeContext(&context); + + return ret; +} diff --git a/peripheral/keystore/chaabi/libcc54/tee_client_api.c b/peripheral/keystore/chaabi/libcc54/tee_client_api.c new file mode 100644 index 0000000..0302571 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/tee_client_api.c @@ -0,0 +1,406 @@ +/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#define DX_PAL_LOG_CUR_COMPONENT DX_LOG_MASK_CCLIB + +/* \file tee_client_api.c + Implementation of the TEE Client API Specification Version 1.0 +*/ + +#include "dx_pal_log.h" +#include "applet_mgr_error.h" +#include "dx_pal_compiler.h" +#include "driver_interface.h" +#include "tee_client_api.h" + + +/* Structure for implementation-specific part of the TEEC data structures */ +struct TEEC_SharedMemory_imp { + DxDI_SepAppContext_t *contextP; /* Associated context */ + dxdi_memref_id_t memrefId; +} DX_PAL_COMPILER_TYPE_MAY_ALIAS; +struct TEEC_Session_imp { + DxDI_SepAppContext_t *contextP; /* Associated context */ + dxdi_sepapp_session_id_t sessionId; +} DX_PAL_COMPILER_TYPE_MAY_ALIAS; + +/* Verify imp[] part of TEEC API structures can accomodate DxDI objects */ +DX_PAL_COMPILER_ASSERT(sizeof(DxDI_SepAppContext_t) <= DX_PAL_COMPILER_SIZEOF_STRUCT_MEMBER(TEEC_Context, imp), + "TEEC_Context.imp[] is too small"); +DX_PAL_COMPILER_ASSERT(sizeof(struct TEEC_Session_imp) <= DX_PAL_COMPILER_SIZEOF_STRUCT_MEMBER(TEEC_Session, imp), + "TEEC_Session.imp[] is too small"); +DX_PAL_COMPILER_ASSERT(sizeof(struct TEEC_SharedMemory_imp) <= DX_PAL_COMPILER_SIZEOF_STRUCT_MEMBER(TEEC_SharedMemory, imp), + "TEEC_SharedMemory.imp[] is too small"); + +static TEEC_Result appletMgrErr2TeecRetCode(uint32_t appletMgrErr) +{ + switch (appletMgrErr) { + case DX_APP_MNG_SESSION_TBL_IS_FULL_ERROR: + return TEEC_ERROR_OUT_OF_MEMORY; + case DX_APP_MNG_ILLEGAL_SESSION_ERROR: + case DX_APP_MNG_ILLEGAL_APPLET_NUM_ERROR: + case DX_APP_MNG_APPLET_NOT_FOUND_ERROR: + return TEEC_ERROR_ITEM_NOT_FOUND; + case DX_APP_MNG_ILLEGAL_PARAM_ERROR: + return TEEC_ERROR_BAD_PARAMETERS; + case DX_APP_MNG_ILLEGAL_OP_FOR_NONPRIV_APPLET_ERROR: + return TEEC_ERROR_ACCESS_DENIED; + case DX_APP_MNG_ILLEGAL_SLOT_NUM_ERROR: + return TEEC_ERROR_ITEM_NOT_FOUND; + case DX_APP_MNG_SRAM_APPLET_CALL_NONPRIV_APPLET_ERROR: + return TEEC_ERROR_ACCESS_DENIED; + default: /* All the other errors are not supposed to happen here*/ + DX_PAL_LOG_DEBUG("Invalid error from applet manager = 0x%08X\n", appletMgrErr); + } + return TEEC_ERROR_GENERIC; +} + +/*! + * Convert from DriverInterface return code to TEEC_Result + * + * \param diRc DriverInterface return code + * \return TEEC_Result + */ +static TEEC_Result diRetCodeToTeecResult(DxDI_RetCode_t diRc, uint32_t retOrigin, uint32_t sepRetCode) +{ + switch (diRc) { + case DXDI_RET_OK: return TEEC_SUCCESS; + case DXDI_RET_ENODEV: return TEEC_ERROR_ITEM_NOT_FOUND; + case DXDI_RET_EINTERNAL: return TEEC_ERROR_GENERIC; + case DXDI_RET_ENOTSUP: return TEEC_ERROR_NOT_SUPPORTED; + case DXDI_RET_ENOPERM: return TEEC_ERROR_ACCESS_DENIED; + case DXDI_RET_EINVAL: return TEEC_ERROR_BAD_PARAMETERS; + case DXDI_RET_ENORSC: return TEEC_ERROR_OUT_OF_MEMORY; + case DXDI_RET_ESEP: + if (retOrigin == TEEC_ORIGIN_TRUSTED_APP) /* Return code from the applet */ + return sepRetCode; + else /* Return code from the applet manager */ + return appletMgrErr2TeecRetCode(sepRetCode); + case DXDI_RET_EHW: return TEEC_ERROR_COMMUNICATION; + default: return TEEC_ERROR_GENERIC; + } +} + +static uint32_t sepModuleToTeecOrigin(enum dxdi_sep_module sepModule) +{ + switch (sepModule) { + case DXDI_SEP_MODULE_HOST_DRIVER: return TEEC_ORIGIN_API; + case DXDI_SEP_MODULE_SW_QUEUE : return TEEC_ORIGIN_COMMS; + case DXDI_SEP_MODULE_APP_MGR : return TEEC_ORIGIN_TEE; + case DXDI_SEP_MODULE_APP : return TEEC_ORIGIN_TRUSTED_APP; + case DXDI_SEP_MODULE_RPC_AGENT : return TEEC_ORIGIN_TEE; /* Not supposed to happen for SepApp stack */ + case DXDI_SEP_MODULE_SYM_CRYPTO : return TEEC_ORIGIN_TEE; /* Not supposed to happen for SepApp stack */ + default: return TEEC_ORIGIN_API; + } +} + +/*! + * Convert from TEEC data direction flags to DxDI data direction + * This functions is used for memory registration flags and for operation parameters direction + * It assumes the directions within an operand are always holding at + * lowest 2 bits the direction flags (TEEC_MEM_INPUT | TEEC_MEM_OUTPUT) + * + * \param teecDataDirFlags + * + * \return dxdi_data_direction + */ +static enum dxdi_data_direction TeecDataDirToDxDiDataDir(uint32_t teecDataDirFlags) +{ + enum dxdi_data_direction diDir = DXDI_DATA_NULL; + + if (teecDataDirFlags & TEEC_MEM_INPUT) + diDir = DXDI_DATA_TO_DEVICE; + if (teecDataDirFlags & TEEC_MEM_OUTPUT) + diDir |= DXDI_DATA_FROM_DEVICE; + + return diDir; +} + +/*! + * Convert from TEEC API operation type to DxDI parameters type + * + * \param The operation context (of the associated Session) + * \param TeecOp + * \param appParams DxDI format of the client parameters + * + * \return int 0 on success, EINVAL for invalid paramters + */ +static int TeecOperationToSepAppParams(DxDI_SepAppContext_t *context, + TEEC_Operation *TeecOp, struct dxdi_sepapp_params *appParams) +{ + int i; + uint8_t curParamType; + struct TEEC_SharedMemory_imp *SharedMemDataP; + + for (i = 0; i < 4; i++) { + + appParams->params[i].val.copy_dir = DXDI_DATA_NULL; /* default */ + if (TeecOp == NULL) { + curParamType = TEEC_NONE; /* Default for non-existing operation */ + } else { + curParamType = TEEC_PARAM_TYPE_GET(TeecOp->paramTypes, i); + } + + switch (curParamType) { + case TEEC_NONE : + appParams->params_types[i] = DXDI_SEPAPP_PARAM_NULL; + break; + + case TEEC_VALUE_INPUT : + /*FALLTHROUGH*/ + case TEEC_VALUE_INOUT : + /* copy-in data by value */ + appParams->params[i].val.data[0] = TeecOp->params[i].value.a; + appParams->params[i].val.data[1] = TeecOp->params[i].value.b; + /*FALLTROUGH*/ + case TEEC_VALUE_OUTPUT : + appParams->params[i].val.copy_dir = TeecDataDirToDxDiDataDir(curParamType); + appParams->params_types[i] = DXDI_SEPAPP_PARAM_VAL; + break; + + case TEEC_MEMREF_TEMP_INPUT : + case TEEC_MEMREF_TEMP_OUTPUT : + case TEEC_MEMREF_TEMP_INOUT : + appParams->params[i].memref.ref_id = DXDI_MEMREF_ID_NULL; + appParams->params[i].memref.start_or_offset = (unsigned long)TeecOp->params[i].tmpref.buffer; + appParams->params[i].memref.size = TeecOp->params[i].tmpref.size; + appParams->params[i].memref.dma_direction = TeecDataDirToDxDiDataDir(curParamType); + appParams->params_types[i] = DXDI_SEPAPP_PARAM_MEMREF; + break; + + case TEEC_MEMREF_WHOLE : + SharedMemDataP = (struct TEEC_SharedMemory_imp *)&TeecOp->params[i].memref.parent->imp[0]; + if (SharedMemDataP->contextP != context) + return EINVAL; + appParams->params[i].memref.ref_id = SharedMemDataP->memrefId; + appParams->params[i].memref.start_or_offset = 0; + /* Size and direction are taken from the parent (registered memory) */ + appParams->params[i].memref.size = TeecOp->params[i].memref.parent->size; + appParams->params[i].memref.dma_direction = TeecDataDirToDxDiDataDir(TeecOp->params[i].memref.parent->flags); + appParams->params_types[i] = DXDI_SEPAPP_PARAM_MEMREF; + break; + + case TEEC_MEMREF_PARTIAL_INPUT : + case TEEC_MEMREF_PARTIAL_OUTPUT: + case TEEC_MEMREF_PARTIAL_INOUT : + SharedMemDataP = (struct TEEC_SharedMemory_imp *)&TeecOp->params[i].memref.parent->imp[0]; + if (SharedMemDataP->contextP != context) + return EINVAL; + appParams->params[i].memref.ref_id = SharedMemDataP->memrefId; + appParams->params[i].memref.start_or_offset = (unsigned long)TeecOp->params[i].memref.offset; + appParams->params[i].memref.size = TeecOp->params[i].memref.size; + appParams->params[i].memref.dma_direction = TeecDataDirToDxDiDataDir(curParamType); + appParams->params_types[i] = DXDI_SEPAPP_PARAM_MEMREF; + break; + + default: /* Invalid parameter type */ + return EINVAL; + } + } + + return 0; +} + +/*! + * Copy back to "VAL" parameters of type "OUT" or "INOUT" + * + * \param TeecOp + * \param appParams + */ +static void CopyBackValParams(TEEC_Operation *TeecOp, struct dxdi_sepapp_params *appParams) +{ + int i; + uint8_t curParamType; + + if (TeecOp == NULL) + return; + + for (i = 0; i < 4; i++) { + curParamType = TEEC_PARAM_TYPE_GET(TeecOp->paramTypes, i); + if ((curParamType == TEEC_VALUE_OUTPUT) || + (curParamType == TEEC_VALUE_INOUT)) { + TeecOp->params[i].value.a = appParams->params[i].val.data[0]; + TeecOp->params[i].value.b = appParams->params[i].val.data[1]; + } + } +} + +/* 4.5.2 */ +TEEC_Result TEEC_InitializeContext(const char *name, TEEC_Context *context) +{ + DxDI_RetCode_t diRc; + + if (context == NULL) + return TEEC_ERROR_BAD_PARAMETERS; + /* "name" is ignored - we have only one SeP in the system */ + diRc = DxDI_SepAppContextAlloc(name, (DxDI_SepAppContext_t *)context); + + return diRetCodeToTeecResult(diRc, TEEC_ORIGIN_API, 0); +} + +/* 4.5.3 */ +void TEEC_FinalizeContext(TEEC_Context *context) +{ + if (context == NULL) + return; + DxDI_SepAppContextFree((DxDI_SepAppContext_t *)context); +} + +/* 4.5.4 */ +TEEC_Result TEEC_RegisterSharedMemory( + TEEC_Context* context, + TEEC_SharedMemory* sharedMem) +{ + struct TEEC_SharedMemory_imp *impDataP = (struct TEEC_SharedMemory_imp *)&sharedMem->imp[0]; + DxDI_RetCode_t diRc; + struct dxdi_memref memRef; + + if ((context == NULL) || (sharedMem == NULL)) + return TEEC_ERROR_BAD_PARAMETERS; + + memRef.ref_id = DXDI_MEMREF_ID_NULL; + memRef.start_or_offset = (unsigned long)sharedMem->buffer; + memRef.size = sharedMem->size; + + /* Convert TEE flags to DXDI flags */ + memRef.dma_direction = 0; + if (sharedMem->flags & TEEC_MEM_INPUT) + memRef.dma_direction = DXDI_DATA_TO_DEVICE; + if (sharedMem->flags & TEEC_MEM_OUTPUT) + memRef.dma_direction |= DXDI_DATA_FROM_DEVICE; + + diRc = DxDI_RegisterMemForDma((DxDI_SepAppContext_t *)context, &memRef, &impDataP->memrefId); + impDataP->contextP = (DxDI_SepAppContext_t *)context; + + return diRetCodeToTeecResult(diRc, TEEC_ORIGIN_API, 0); +} + +/* 4.5.5 */ +TEEC_Result TEEC_AllocateSharedMemory( + TEEC_Context* context, + TEEC_SharedMemory* sharedMem) +{ + return TEEC_ERROR_NOT_IMPLEMENTED; +} + +/* 4.5.6 */ +void TEEC_ReleaseSharedMemory ( + TEEC_SharedMemory* sharedMem) +{ + struct TEEC_SharedMemory_imp *impDataP = (struct TEEC_SharedMemory_imp *)&sharedMem->imp[0]; + + if (sharedMem != NULL) + (void)DxDI_FreeMemForDma(impDataP->contextP, impDataP->memrefId); +} + +/* 4.5.7 */ +TEEC_Result TEEC_OpenSession ( + TEEC_Context *context, + TEEC_Session *session, + const TEEC_UUID *destination, + uint32_t connectionMethod, + void *connectionData, + TEEC_Operation *operation, + uint32_t *returnOrigin) +{ + struct TEEC_Session_imp *diSessionP = (struct TEEC_Session_imp *)&session->imp; + enum dxdi_sep_module sepRetOrigin; + uint32_t sepRetCode; + DxDI_RetCode_t diRc; + struct dxdi_sepapp_params sepAppParams; + struct dxdi_sepapp_params *sepAppParamsP; + + if ((context == NULL) || (session == NULL)) { + *returnOrigin = TEEC_ORIGIN_API; + return TEEC_ERROR_BAD_PARAMETERS; + } + + if (operation == NULL) { + sepAppParamsP = NULL; + } else { + sepAppParamsP = &sepAppParams; + if (TeecOperationToSepAppParams((DxDI_SepAppContext_t *)context, + operation, &sepAppParams) != 0) { + *returnOrigin = TEEC_ORIGIN_API; + return TEEC_ERROR_BAD_PARAMETERS; + } + } + + /* TODO: Map TEEC API login methods (TEEC_LOGIN_*) to DI's (DXDI_SEPAPP_AUTH_METHOD_*) */ + + diSessionP->contextP = (DxDI_SepAppContext_t *)context; + diRc = DxDI_SepAppSessionOpen(diSessionP->contextP, + (dxdi_sepapp_uuid_t *)destination, connectionMethod, connectionData, sepAppParamsP, + &diSessionP->sessionId, &sepRetOrigin, &sepRetCode); + + if (diRc == DXDI_RET_OK) { + CopyBackValParams(operation, sepAppParamsP); + } + *returnOrigin = sepModuleToTeecOrigin(sepRetOrigin); + + return diRetCodeToTeecResult(diRc, *returnOrigin, sepRetCode); +} + +/* 4.5.8 */ +void TEEC_CloseSession ( + TEEC_Session* session) +{ + struct TEEC_Session_imp *diSessionP = (struct TEEC_Session_imp *)&session->imp; + + if (session != NULL) + (void)DxDI_SepAppSessionClose(diSessionP->contextP, diSessionP->sessionId); +} + +/* 4.5.9 */ +TEEC_Result TEEC_InvokeCommand( + TEEC_Session *session, + uint32_t commandID, + TEEC_Operation *operation, + uint32_t *returnOrigin) +{ + struct TEEC_Session_imp *diSessionP = (struct TEEC_Session_imp *)&session->imp; + enum dxdi_sep_module sepRetOrigin; + uint32_t sepRetCode; + DxDI_RetCode_t diRc; + struct dxdi_sepapp_params sepAppParams; + struct dxdi_sepapp_params *sepAppParamsP; + + if (session == NULL) { + *returnOrigin = TEEC_ORIGIN_API; + return TEEC_ERROR_BAD_PARAMETERS; + } + + if (operation == NULL) { + sepAppParamsP = NULL; + } else { + sepAppParamsP = &sepAppParams; + if (TeecOperationToSepAppParams(diSessionP->contextP, + operation, &sepAppParams) != 0) { + *returnOrigin = TEEC_ORIGIN_API; + return TEEC_ERROR_BAD_PARAMETERS; + } + } + + diRc = DxDI_SepAppCommandInvoke(diSessionP->contextP, diSessionP->sessionId, + commandID, sepAppParamsP, + &sepRetOrigin, &sepRetCode); + + if (diRc == DXDI_RET_OK) { + CopyBackValParams(operation, sepAppParamsP); + } + *returnOrigin = sepModuleToTeecOrigin(sepRetOrigin); + + return diRetCodeToTeecResult(diRc, *returnOrigin, sepRetCode); +} + +/* 4.5.10 - not supported in this implementation */ +void TEEC_RequestCancellation( + TEEC_Operation *operation) +{ + /* Since this is function returns "void" we just ignore the request */ +} + + diff --git a/peripheral/keystore/chaabi/libcc54/tee_token_lib.c b/peripheral/keystore/chaabi/libcc54/tee_token_lib.c new file mode 100644 index 0000000..509faf9 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/tee_token_lib.c @@ -0,0 +1,794 @@ +/******************************************************************* +* (c) Copyright 2013-2016 Intel Corporation. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/ + +#include <stdarg.h> +#include <stdint.h> +#include <string.h> +#include <stdio.h> +#include "tee_token_if.h" +#include "tee_token_error.h" +#include "tee_client_api.h" +#include "dx_cclib.h" + +// Default/Primary Applet UUID -- TODO: use Token Feature Applet +static const uint8_t applet_uuid[] = { 0x00, 0xDE, 0xFA, 0x01, 0xDE, 0xFA, 0x02, +0xDE, 0xFA, 0x03, 0xDE, 0xFA, 0x04, 0xDE, 0xFA, 0xFF }; + +// Header version is passed as part of the 'flags' parameter +#define TOKEN_HDR_VERSION 0 +#define PRINT_ERRORS 0 + +enum operation +{ + TOKEN_OP_QUERY = 0, + TOKEN_OP_WRITE = 1, + TOKEN_OP_WRITE_TMP = 2, + TOKEN_OP_GET_HWID = 3, + TOKEN_OP_WRUNF = 4, // unformatted write -- no integrity check + TOKEN_OP_REMOVE = 5, + TOKEN_OP_VALIDATE = 6, + TOKEN_OP_VALIDATE_ALL = 7, + TOKEN_OP_START = 8, + TOKEN_OP_CANCEL = 9, + TOKEN_OP_END = 10, + TOKEN_OP_COUNT = 11, + TOKEN_OP_DGIDS = 12, + TOKEN_OP_LIFETIME = 13, + TOKEN_OP_MINVERS = 14 +}; + +struct query_s +{ + uint32_t datagroupID; + uint32_t subgroupID; + uint32_t itemID; + int32_t offset; + uint32_t length; + uint32_t flags; +}; + +static int pass_to_fw(TEEC_Operation *operation, TEEC_SharedMemory *buffer, uint32_t opcode) +{ + TEEC_Context context; + TEEC_Session session; + uint32_t dummy; + + TEEC_Result ret = DX_CclibInit(); + if (ret != TEEC_SUCCESS) + { +#if PRINT_ERRORS > 0 + fprintf(stderr, "DX_CclibInit() FAILED, ret = %p (%d)\n", ret, ret); +#endif + ret = TEE_TOKEN_LIB_DX_INIT_ERROR; + goto fin0; + } + ret = TEEC_InitializeContext(NULL, &context); + if (ret != TEEC_SUCCESS) + { +#if PRINT_ERRORS > 0 + fprintf(stderr, "TEEC_InitializeContext() FAILED, ret = %p (%d)\n", ret, ret); +#endif + ret = TEE_TOKEN_LIB_INIT_CTX_ERROR; + goto fin1; + } + + if (buffer != NULL) + { + ret = TEEC_RegisterSharedMemory(&context, buffer); + if (ret != TEEC_SUCCESS) + { +#if PRINT_ERRORS > 0 + fprintf(stderr, "TEEC_RegisterSharedMemory() FAILED, ret = %p (%d)\n", ret, ret); +#endif + ret = TEE_TOKEN_LIB_SHARED_MEM_ERROR; + goto fin2; + } + } + + ret = TEEC_OpenSession(&context, &session, (TEEC_UUID *)&applet_uuid, + TEEC_LOGIN_PUBLIC, NULL, NULL, &dummy); + + if (ret != TEEC_SUCCESS) + { +#if PRINT_ERRORS > 0 + fprintf(stderr, "TEEC_OpenSession() FAILED, ret = %p (%d)\n", ret, ret); +#endif + goto fin2; + } + + ret = TEEC_InvokeCommand(&session, PROCESS_TOKEN_REQUEST + opcode, + operation, &dummy); + + TEEC_CloseSession(&session); +fin2: + if (buffer != NULL) + { + TEEC_ReleaseSharedMemory(buffer); + } + TEEC_FinalizeContext(&context); +fin1: + DX_CclibFini(); +fin0: + return ret; +} + +// passes 'struct query_s' and a dma handle to applet +static int tee_token_handle_data_query(struct query_s *q, uint8_t *buffer, uint32_t opcode) +{ + TEEC_SharedMemory inout = { + .size = q->length, + .buffer = buffer, + .flags = (opcode == TOKEN_OP_WRITE || opcode == TOKEN_OP_WRITE_TMP) + ? TEEC_MEM_INPUT : TEEC_MEM_OUTPUT + }; + TEEC_Operation operation; + memset(&operation, 0, sizeof(operation)); + + TEEC_PARAM_TYPE_SET(operation.paramTypes, 0, TEEC_VALUE_INPUT); + TEEC_PARAM_TYPE_SET(operation.paramTypes, 1, TEEC_VALUE_INPUT); + TEEC_PARAM_TYPE_SET(operation.paramTypes, 2, TEEC_VALUE_INPUT); + TEEC_PARAM_TYPE_SET(operation.paramTypes, 3, TEEC_MEMREF_WHOLE); + + operation.params[0].value.a = q->datagroupID; + operation.params[0].value.b = q->subgroupID; + operation.params[1].value.a = q->itemID; + operation.params[1].value.b = q->offset; + operation.params[2].value.a = q->length; + operation.params[2].value.b = q->flags | TEE_TOKEN_VERSION; + operation.params[3].memref.parent = &inout; + int ret = pass_to_fw(&operation, &inout, opcode); + + return ret; +} + +// Auxiliary function to wrap token calls without a local buffer +// some API functions are tied to a specific (non-zero) dg_id +// some have no parameters ('flags' parameter is currently ignored) + +static int tee_token_pass_command(uint32_t command, uint32_t flags, ...) +{ + uint32_t dg_id = 0; + uint8_t dummy_buffer[8]; + + // two commands expect a parameter (dg_id) + + if (command == TOKEN_OP_REMOVE || + command == TOKEN_OP_VALIDATE) + { + va_list argp; + va_start(argp, flags); + + dg_id = va_arg(argp, int); + if (dg_id == 0) + { + return TEE_TOKEN_INVALID_PARAM; + } + va_end(argp); + } + + struct query_s query = { + .datagroupID = dg_id, + .subgroupID = 0, + .itemID = 0, + .offset = 0, + .length = sizeof(dummy_buffer), + .flags = flags + }; + + return tee_token_handle_data_query(&query, dummy_buffer, command); +} + +int32_t tee_token_remove(uint32_t dg_id, uint32_t flags) +{ + return tee_token_pass_command(TOKEN_OP_REMOVE, flags, dg_id); +} + +int32_t tee_token_validate(uint32_t dg_id, uint32_t flags) +{ + return tee_token_pass_command(TOKEN_OP_VALIDATE, flags, dg_id); +} + +int32_t tee_token_validate_all(uint32_t flags) +{ + return tee_token_pass_command(TOKEN_OP_VALIDATE_ALL, flags); +} + +int32_t tee_token_update_start(uint32_t flags) +{ + return tee_token_pass_command(TOKEN_OP_START, flags); +} + +int32_t tee_token_update_cancel(uint32_t flags) +{ + return tee_token_pass_command(TOKEN_OP_CANCEL, flags); +} + +int32_t tee_token_update_end(uint32_t flags) +{ + return tee_token_pass_command(TOKEN_OP_END, flags); +} + +int32_t tee_token_write(uint8_t *buf, size_t size, uint32_t flags) +{ + if (buf == NULL) + { + return TEE_TOKEN_NULL_PTR; + } + + struct query_s query = { + .datagroupID = 0, + .subgroupID = 0, + .itemID = 0, + .offset = 0, + .length = size, + .flags = flags + }; + + return tee_token_handle_data_query(&query, buf, TOKEN_OP_WRITE); +} + +int32_t tee_token_count_get(size_t *count, uint32_t flags) +{ + if (count == NULL) + { + return TEE_TOKEN_NULL_PTR; + } + + uint32_t buf[2] = { 0, 0 }; + + struct query_s query = { + .datagroupID = 0, + .subgroupID = 0, + .itemID = 0, + .offset = 0, + .length = sizeof(buf), + .flags = flags + }; + int ret = tee_token_handle_data_query(&query, (uint8_t *)buf, TOKEN_OP_COUNT); + if (ret == 0) + { + *count = buf[0]; + } + return ret; +} + +int32_t tee_token_minver_get(uint32_t dg_id, uint32_t *min_ver, uint32_t flags) +{ + if (min_ver == NULL) + { + return TEE_TOKEN_NULL_PTR; + } + + uint32_t buf[2] = { 0, 0 }; + + struct query_s query = { + .datagroupID = dg_id, + .subgroupID = 0, + .itemID = 0, + .offset = 0, + .length = sizeof(buf), + .flags = flags + }; + + int ret = tee_token_handle_data_query(&query, (uint8_t *)buf, TOKEN_OP_MINVERS); + if (ret == 0) + { + *min_ver = buf[0]; + } + return ret; +} + +int32_t tee_token_lifetimedata_get(uint32_t *timestamp, uint8_t nonce[TOKEN_NONCE_LENGTH], + uint8_t mac[TOKEN_MAC_LENGTH]) +{ + if (timestamp == NULL || nonce == NULL || mac == NULL) + { + return TEE_TOKEN_NULL_PTR; + } + + struct + { + uint32_t timestamp; + uint8_t nonce[TOKEN_NONCE_LENGTH]; + uint8_t mac[TOKEN_MAC_LENGTH]; + } buf = { 0, { 0 }, { 0 } }; + + struct query_s query = { + .datagroupID = 0, + .subgroupID = 0, + .itemID = 0, + .offset = 0, + .length = sizeof(buf), + .flags = 0 + }; + + int ret = tee_token_handle_data_query(&query, (uint8_t *)&buf, TOKEN_OP_LIFETIME); + if (ret == 0) + { + *timestamp = buf.timestamp; + memcpy(nonce, buf.nonce, TOKEN_NONCE_LENGTH); + memcpy(mac, buf.mac, TOKEN_MAC_LENGTH); + } + return ret; +} + + +int32_t tee_token_dgids_get(uint32_t **items, size_t *count, uint32_t flags) +{ + if (items == NULL || count == NULL) + { + return TEE_TOKEN_NULL_PTR; + } + + size_t dgids; + int ret = tee_token_count_get(&dgids, flags); + if (ret) + return ret; + + uint32_t *buf = malloc(dgids * sizeof(uint32_t)); + if (buf == NULL) + return TEE_TOKEN_MEMORY_ERROR; + + struct query_s query = { + .datagroupID = 0, + .subgroupID = 0, + .itemID = 0, + .offset = 0, + .length = dgids * sizeof(uint32_t), + .flags = flags + }; + + ret = tee_token_handle_data_query(&query, (uint8_t *)buf, TOKEN_OP_DGIDS); + if (ret == 0) + { + *count = dgids; + *items = buf; + } + return ret; +} + + +int32_t tee_token_write_tmp(uint8_t *buf, size_t size, uint32_t flags) +{ + if (buf == NULL) + { + return TEE_TOKEN_NULL_PTR; + } + + struct query_s query = { + .datagroupID = 0, + .subgroupID = 0, + .itemID = 0, + .offset = 0, + .length = size, + .flags = flags + }; + + return tee_token_handle_data_query(&query, buf, TOKEN_OP_WRITE_TMP); +} + +int32_t tee_token_unformatted_write(uint32_t dg_id, uint32_t sg_id, uint32_t item_id, + uint8_t *buf, size_t size, uint32_t flags) +{ + if (buf == NULL) + { + return TEE_TOKEN_NULL_PTR; + } + + if (dg_id == 0 || sg_id == 0 || item_id == 0 || size == 0) + { + return TEE_TOKEN_INVALID_PARAM; + } + + struct query_s query = { + .datagroupID = dg_id, + .subgroupID = sg_id, + .itemID = item_id, + .offset = 0, + .length = size, + .flags = flags + }; + + return tee_token_handle_data_query(&query, buf, TOKEN_OP_WRUNF); +} + + +int32_t tee_token_item_read(uint32_t dg_id, uint32_t sg_id, uint32_t item_id, + size_t offset, uint8_t *data_buf, size_t buf_size, + uint32_t flags) +{ + if (data_buf == NULL) + { + return TEE_TOKEN_NULL_PTR; + } + + if (dg_id == 0 || sg_id == 0 || item_id == 0 || + buf_size == 0 || (int)offset < 0) + { + return TEE_TOKEN_INVALID_PARAM; + } + + struct query_s query = { + .datagroupID = dg_id, + .subgroupID = sg_id, + .itemID = item_id, + .offset = offset, + .length = buf_size, + .flags = flags + }; + + return tee_token_handle_data_query(&query, data_buf, TOKEN_OP_QUERY); +} + +int32_t tee_partid_get(uint8_t partid_buf[16]) +{ + if (partid_buf == NULL) + { + return TEE_TOKEN_NULL_PTR; + } + + struct query_s query = { 0, 0, 0, 0, 16, 0 }; + + return tee_token_handle_data_query(&query, partid_buf, TOKEN_OP_GET_HWID); +} + +int32_t tee_token_item_info_get(uint32_t dg, uint32_t sg, uint32_t item, + struct tee_token_item_info *info, uint32_t flags) +{ + if (info == NULL) + { + return TEE_TOKEN_NULL_PTR; + } + + if (dg == 0 || sg == 0 || item == 0) + { + return TEE_TOKEN_INVALID_PARAM; + } + + struct query_s query = { + .datagroupID = dg, + .subgroupID = sg, + .itemID = item, + .offset = -sizeof(struct tee_token_item_info), + .length = sizeof(struct tee_token_item_info), + .flags = flags + }; + + return tee_token_handle_data_query(&query, (uint8_t *)info, TOKEN_OP_QUERY); +} + +int32_t tee_token_item_size_get(uint32_t dg, uint32_t sg, uint32_t item, + size_t *item_size, uint32_t flags) +{ + struct tee_token_item_info info = { 0, 0, 0, 0, 0, { 0, 0 } }; + if (item_size == NULL) + { + return TEE_TOKEN_NULL_PTR; + } + int32_t ret = tee_token_item_info_get(dg, sg, item, &info, flags); + if (ret) + { + return ret; + } + // item_size is in bytes, while header.size is in dwords + *item_size = (info.size << 2) - info.padding - sizeof(info); + return 0; +} + +int32_t tee_token_sgroup_info_get(uint32_t dg, uint32_t sg, + struct tee_token_subgroup_info *info, uint32_t flags) +{ + if (info == NULL) + { + return TEE_TOKEN_NULL_PTR; + } + + if (dg == 0 || sg == 0) + { + return TEE_TOKEN_INVALID_PARAM; + } + + struct query_s query = { + .datagroupID = dg, + .subgroupID = sg, + .itemID = 0, + .offset = -sizeof(struct tee_token_subgroup_info), + .length = sizeof(struct tee_token_subgroup_info), + .flags = flags + }; + + return tee_token_handle_data_query(&query, (uint8_t *)info, TOKEN_OP_QUERY); +} + +int32_t tee_token_itemids_get(uint32_t dg, uint32_t sg, uint32_t **items, + size_t *count, uint32_t flags) +{ + struct tee_token_subgroup_info info = { 0, 0, 0, { 0, 0, 0, 0 }, 0, 0 }; + int ret = tee_token_sgroup_info_get(dg, sg, &info, flags); + if (ret) + return ret; + + uint32_t *buf = malloc(info.itemcount * sizeof(uint32_t)); + if (buf == NULL) + return TEE_TOKEN_MEMORY_ERROR; + + struct query_s query = { + .datagroupID = dg, + .subgroupID = sg, + .itemID = 0, // any zero marks a 'list' operation + .offset = 0, + .length = info.itemcount * sizeof(uint32_t), + .flags = flags + }; + + ret = tee_token_handle_data_query(&query, (uint8_t *)buf, TOKEN_OP_QUERY); + if (ret == 0) + { + *count = info.itemcount; + *items = buf; + } + return ret; +} + + +int32_t tee_token_dgroup_info_get(uint32_t dg, struct tee_token_datagroup_info *info, + uint32_t flags) +{ + if (info == NULL) + { + return TEE_TOKEN_NULL_PTR; + } + + if (dg == 0) + { + return TEE_TOKEN_INVALID_PARAM; + } + + struct query_s query = { + .datagroupID = dg, + .subgroupID = 0, + .itemID = 0, + .offset = -sizeof(struct tee_token_datagroup_info), + .length = sizeof(struct tee_token_datagroup_info), + .flags = flags + }; + + return tee_token_handle_data_query(&query, (uint8_t *)info, TOKEN_OP_QUERY); +} + +int32_t tee_token_sgids_get(uint32_t dg, uint32_t **items, size_t *count, uint32_t flags) +{ + struct tee_token_datagroup_info info = { 0, 0, 0, 0, 0, 0, 0 }; + int ret = tee_token_dgroup_info_get(dg, &info, flags); + if (ret) + return ret; + + uint32_t *buf = malloc(info.subgroups * sizeof(uint32_t)); + if (buf == NULL) + return TEE_TOKEN_MEMORY_ERROR; + + struct query_s query = { + .datagroupID = dg, + .subgroupID = 0, + .itemID = 0, + .offset = 0, + .length = info.subgroups * sizeof(uint32_t), + .flags = flags + }; + + ret = tee_token_handle_data_query(&query, (uint8_t *)buf, TOKEN_OP_QUERY); + if (ret == 0) + { + *count = info.subgroups; + *items = buf; + } + return ret; +} + +int32_t tee_token_info_get(uint32_t dg, struct tee_token_info *info, uint32_t flags) +{ + if (info == NULL) + { + return TEE_TOKEN_NULL_PTR; + } + + if (dg == 0) + { + return TEE_TOKEN_INVALID_PARAM; + } + + struct query_s query = { + .datagroupID = dg, + .subgroupID = 0, + .itemID = 0, + .offset = -sizeof(struct tee_token_datagroup_info) - + sizeof(struct tee_token_info), + .length = sizeof(struct tee_token_info), + .flags = flags + }; + + return tee_token_handle_data_query(&query, (uint8_t *)info, TOKEN_OP_QUERY); +} + +int32_t tee_token_read(uint32_t dg, uint8_t *data_buf, + uint32_t data_size, uint32_t flags) +{ + if (data_buf == NULL) + { + return TEE_TOKEN_NULL_PTR; + } + + if (dg == 0) + { + return TEE_TOKEN_INVALID_PARAM; + } + + struct query_s query = { + .datagroupID = dg, + .subgroupID = 0, + .itemID = 0, + .offset = -sizeof(struct tee_token_datagroup_info) - + sizeof(struct tee_token_info), + .length = data_size, + .flags = flags + }; + + return tee_token_handle_data_query(&query, (uint8_t *)data_buf, TOKEN_OP_QUERY); +} + +// Ctx will be overwritten +int32_t tee_token_unprotected_start(struct tee_token_ctx *ctx, uint32_t dg_id, uint32_t flags) +{ + if (ctx == NULL) + return TEE_TOKEN_NULL_PTR; + + if (dg_id != TEE_TOKEN_WVDRM_TOKEN_DG) + return TEE_TOKEN_INVALID_PARAM; + + uint32_t size = TEE_TOKEN_VRL_SIZE + + sizeof(struct tee_token_info) + + sizeof(struct tee_token_datagroup_info); + uint32_t alloc_size = size + TEE_TOKEN_MAX_PAYLOAD_SIZE_UNPROTECTED; + + ctx->base_address = calloc(alloc_size, 1); + ctx->current_length = size; + ctx->allocated_length = alloc_size; + + if (ctx->base_address == NULL) + return TEE_TOKEN_MEMORY_ERROR; + + struct tee_token_info *tkn_info = (void *)((uint8_t *)ctx->base_address + TEE_TOKEN_VRL_SIZE); + struct tee_token_datagroup_info *dg_info = (void *)((uint8_t *)tkn_info + + sizeof(struct tee_token_info)); + + dg_info->DATA = 0x41544144; // "DATA" + dg_info->id = dg_id; + dg_info->flags = flags; + dg_info->size = sizeof(struct tee_token_datagroup_info) / sizeof(uint32_t); + tkn_info->lifetime.token_size = size / sizeof(uint32_t); + return TEEC_SUCCESS; +} + +int32_t tee_token_unprotected_end(struct tee_token_ctx *ctx, uint32_t flags) +{ + if (ctx == NULL || ctx->base_address == NULL) + return TEE_TOKEN_NULL_PTR; + + int32_t ret = tee_token_write((uint8_t *)ctx->base_address, ctx->current_length, flags); + free(ctx->base_address); + ctx->base_address = NULL; + return ret; +} + +// Auxiliary function to cut a block of memory from token ctx +static int delete(void *begin, uint32_t size, struct tee_token_ctx *ctx) +{ + void *next_block = (uint8_t *)begin + size; + void *end_of_data = (uint8_t *)ctx->base_address + ctx->current_length; + uint32_t move_len = (uint32_t)end_of_data - (uint32_t)next_block; + if (ctx->current_length < size) + return TEE_TOKEN_MEMORY_ERROR; + memmove(begin, (const void *)next_block, move_len); + ctx->current_length -= size; + return 0; +} + +// Auxiliary function to insert a block of memory in middle of token ctx +static int insert(void *begin, uint32_t size, struct tee_token_ctx *ctx) +{ + void *next_block = (uint8_t *)begin + size; + void *end_of_data = (uint8_t *)ctx->base_address + ctx->current_length; + uint32_t move_len = (uint32_t)end_of_data - (uint32_t)begin; + if (ctx->current_length + size > ctx->allocated_length) + return TEE_TOKEN_MEMORY_ERROR; + memmove(next_block, begin, move_len); + ctx->current_length += size; + return 0; +} + +// Unprotected write creates a valid structured token by inserting headers +// and payload to token context. Update to existing item_id is possible +int32_t tee_token_unprotected_write(struct tee_token_ctx *ctx, uint32_t sg_id, uint32_t item_id, + const uint8_t *buf, size_t size, uint32_t flags) +{ + if (ctx == NULL || ctx->base_address == NULL || buf == NULL) + return TEE_TOKEN_NULL_PTR; + if (size == 0) + return TEE_TOKEN_INVALID_PARAM; + + struct tee_token_info *tkn_info = (struct tee_token_info *) + ((uint8_t *)ctx->base_address + TEE_TOKEN_VRL_SIZE); + struct tee_token_datagroup_info *dg_info = (struct tee_token_datagroup_info *) + ((uint8_t *)tkn_info + sizeof(struct tee_token_info)); + struct tee_token_subgroup_info *sg_info = (struct tee_token_subgroup_info *)((uint8_t *)dg_info + + sizeof(struct tee_token_datagroup_info)); + uint32_t i; + // Find a subgroup or leave sg_info to point to the place where a new subgroup will be inserted + for (i = 0; i < dg_info->subgroups; i++) + { + if (sg_info->id == sg_id) + break; + sg_info = (struct tee_token_subgroup_info *) + ((uint8_t *)sg_info + sg_info->size * sizeof(uint32_t)); + } + + if (i == dg_info->subgroups) + { + struct tee_token_subgroup_info new_sg = { + .SUBG = 0x47425553, // "SUBG" + .id = sg_id, + .size = sizeof(struct tee_token_subgroup_info) / sizeof(uint32_t) + }; + // make space for the new sg header (and copy it) + if (insert(sg_info, sizeof(new_sg), ctx)) + return TEE_TOKEN_MEMORY_ERROR; + memcpy(sg_info, (void *)&new_sg, sizeof(new_sg)); + dg_info->subgroups++; + dg_info->size += sizeof(struct tee_token_subgroup_info) / sizeof(uint32_t); + tkn_info->lifetime.token_size += sizeof(struct tee_token_subgroup_info) / sizeof(uint32_t); + } + + struct tee_token_item_info *item = (struct tee_token_item_info *) + ((uint8_t *)sg_info + sizeof(struct tee_token_subgroup_info)); + + for (i = 0; i < sg_info->itemcount; i++) + { + if (item->id == item_id) + { + uint32_t itemsize = item->size * sizeof(uint32_t); + delete(item, itemsize, ctx); + sg_info->itemcount--; + sg_info->size -= itemsize / sizeof(uint32_t); + dg_info->size -= itemsize / sizeof(uint32_t); + tkn_info->lifetime.token_size -= itemsize / sizeof(uint32_t); + break; + } + // Skip to next (possible) location of item + item = (struct tee_token_item_info *)((uint8_t *)item + item->size * sizeof(uint32_t)); + } + + uint32_t padding = -size & 3; + uint32_t isize = sizeof(struct tee_token_item_info) + size + padding; + + struct tee_token_item_info new_item = { + .ITEM = 0x4d455449, + .id = item_id, + .size = isize / sizeof(uint32_t), + .padding = padding + }; + if (insert(item, isize, ctx)) + return TEE_TOKEN_MEMORY_ERROR; + + memcpy(item, &new_item, sizeof(new_item)); + memcpy((uint8_t *)item + sizeof(new_item), buf, size); + memset((uint8_t *)item + sizeof(new_item) + size, 0, padding); + sg_info->itemcount++; + sg_info->size += isize / sizeof(uint32_t); + dg_info->size += isize / sizeof(uint32_t); + tkn_info->lifetime.token_size += isize / sizeof(uint32_t); + return TEEC_SUCCESS; +} + diff --git a/peripheral/keystore/chaabi/libcc54/utils/src/sep_rpc_gen/sep_rpc_agents.def b/peripheral/keystore/chaabi/libcc54/utils/src/sep_rpc_gen/sep_rpc_agents.def new file mode 100644 index 0000000..dc9ff59 --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/utils/src/sep_rpc_gen/sep_rpc_agents.def @@ -0,0 +1,14 @@ +# Definitions of SeP RPC agents +# Format of each (non-comment) line: +# Agent ID , API name , API definition path (XML and h file location - no extension) +0, SepRpcTest, shared/include/tests/sep_rpc_test +1, CrysAes, shared/include/crys/crys_aes +2, CrysRsa, shared/include/crys/crys_rsa +3, AppletMngLoad, shared/include/applet_mng +4, CrysEcc, shared/include/crys/crys_ecc +5, CrysRc4, shared/include/crys/crys_rc4 +6, DxManagement, shared/include/management_apis +7, CrysRnd, shared/include/crys/crys_rnd +8, CrysKdf, shared/include/crys/crys_rnd +9, CrysDh, shared/include/crys/crys_rnd +10, CrysSelfTest, shared/include/crys/crys_rnd diff --git a/peripheral/keystore/chaabi/libcc54/utils/src/sep_rpc_gen/sep_rpc_gen.py b/peripheral/keystore/chaabi/libcc54/utils/src/sep_rpc_gen/sep_rpc_gen.py new file mode 100644 index 0000000..ced3d5f --- /dev/null +++ b/peripheral/keystore/chaabi/libcc54/utils/src/sep_rpc_gen/sep_rpc_gen.py @@ -0,0 +1,871 @@ +#!/usr/bin/python3 + +# (c) Copyright 2011-2012 Discretix Technologies Ltd. +# This file is licensed under the terms provided in the file +# libcc54/LICENSE in this directory or a parent directory + +# Generator for SeP RPC wrappers + +# Flow overview +# 0. Get command line arguments +# 1. Parse XML file into tree object +# 2. Scan XML tree object: foreach function: save function return code + for each parameter: Add attributes to input, output or i/o parameres list +# 3. H file generation: +# - File preamble: (Generated file + license, etc.) +# - Define API ID constant macro +# - Foreach function define index +# - For each function generate message structure: +# 1. Common public part +# 2. DMA references +# 3. input parameters +# 4. i/o parameters +# 5. output parameters +# 6. function return code +# +# 4. Host source file generation: +# - File preamble +# - Include <header> elements of API +# - Include API header file +# - For each function generate code: +# 1. Prototype based on function parameters definition +# 2. Allocate local buffer for the parameters structure +# 3. For input/inout parameters: Check value range is given and copy data into parameters struct +# 4. For user buf parameters: Fill memRef table and numOfMemRef +# 5. Invoke DxDI_SepRpcCall() +# 7. For each out "ref" parameter, copy back from message into the respective user parameter. +# 8. Save return code from message +# 9. Free message buffer +# 10. Return the function return code. +# +# 5. SeP source file generation: +# - File preamble +# - Include <header> elements of API +# - Include API header file +# - For each function generate parsing function to invoke real function with parameters from params struct +# - SeP Agent entry point (hun) function to switch on FuncId and invoke respective function +# - SeP Agent (ID) init function +# Register agent with RPC infrastructure. + +import sys +import getopt +import xml.etree.ElementTree as ET +import re +import string +from datetime import datetime +from datetime import date + +def usage (): + print("Usage: " + sys.argv[0] + " --spec=<API spec/XML file> --o-api-h=<API header file path> [--o-host-c=<Host C code file path>] [--o-sep-c=<SeP C code file path>]") + +# Parse the command line arguments and return the file names (or None for undefined filename) +# Return: spec_file, api_h_file, host_c_file, sep_c_file +def parse_cmdline_arguments(): + spec_file, api_h_path, host_c_path, sep_c_path = None, None, None, None + + args_spec = [ 'spec=' , 'o-api-h=' , 'o-host-c=' , 'o-sep-c=' ] + try: + opts, extra_args = getopt.getopt(sys.argv[1:], "", args_spec) + except getopt.GetoptError as err: + # print help information and exit: + print(str(err)) # will print something like "option -a not recognized" + usage() + sys.exit(2) + + if len(extra_args) > 0: + print("Unknown argument:" , extra_args[0]) + usage() + sys.exit(3) + + for opt, arg in opts: + if opt == "--spec": + spec_file = arg + elif opt == "--o-api-h": + api_h_path = arg + elif opt == "--o-host-c": + host_c_path = arg + elif opt == "--o-sep-c": + sep_c_path = arg + else: + assert False, "unhandled option" + + if spec_file is None: + print("API spec. file name is missing") + usage() + sys.exit(4) + if api_h_path is None: + print("API RPC H file path is missing") + usage() + sys.exit(4) + + return spec_file, api_h_path, host_c_path, sep_c_path + + +# Use sep_rpc_agents.def to look up for this agent ID based on his name +def api_name_to_id(agent_name): + agent_id = None # default + # Agents definitions file is located in the same directory as this script + agents_defs_file_path = re.sub(r"/sep_rpc_gen\.py", "/sep_rpc_agents.def", sys.argv[0]) + agents_defs_file = open(agents_defs_file_path, 'r') + comment_line_parser = re.compile(r"^\s*#.*$") + agent_def_parser = re.compile(r"^\s*(\d+)\s*,\s*(\w+)\s*,\s*(\S+)\s*$") + while True: # Read all defs file lines + cur_line = agents_defs_file.readline() + if len(cur_line) == 0: + break # end of file - not found + comment_line = comment_line_parser.match(cur_line) + if comment_line is not None: + continue # ignore comment + agent_def = agent_def_parser.match(cur_line) + if agent_def is None: + print("Failed parsing:", cur_line) + sys.exit(1) + cur_agent_id = agent_def.group(1) + cur_agent_name = agent_def.group(2) + if cur_agent_name == agent_name: + print(cur_line) + agent_id = cur_agent_id + break # found + agents_defs_file.close() + return agent_id + + + +# Preprocess elements tree into data strcutures that are easier to process +def parse_api_spec (spec_file): + print("Parsing API spec file" , spec_file , "...") + api_tree = ET.parse(spec_file); + #ET.dump(api_tree) # Debug only + + api_root = api_tree.getroot(); + if api_root is None: + print("Failed finding root element") + sys.exit(5) + + api_data = {"name" : api_root.get("name")} + if api_data["name"] is None: + print("Failed to get API name") + sys.exit(6) + + api_data["id"] = api_name_to_id(api_data["name"]) + if api_data["id"] is None: + print("Failed to get SeP RPC Agents Id") + sys.exit(7) + + api_data["retcodes"] = api_root.find("retcodes") + if api_data["retcodes"] is None: + print("Failed to get default return codes") + sys.exit(8) + + # headers + api_data["headers"] = [] + for header in api_root.findall("header") : + api_data["headers"].append(header.text) + api_data["headers"].append("sep_rpc.h") + + api_data["functions"] = [] + for function in api_root.findall("function") : + func_data = { "name" : function.get("name") } + func_data["return"] = function.get("return") + func_data["retcodes"] = function.find("retcodes") # Optional return codes to override API default <retcodes> + if func_data["retcodes"] is None: # Use default return codes if not function-specific + func_data["retcodes"] = api_data["retcodes"] + func_data["params_buf"] = [] + func_data["params_in"] = [] + func_data["params_inout"] = [] + func_data["params_out"] = [] + func_data["params"] = [] # Simple list of all the parameters as in prototype + # Scan all parameters and group by direction + for param in function.findall("param"): + func_data["params"].append(param) + param_dir = param.get("direction") + param_type, array_size, array_size_max = parse_ptype(param.get("ptype")) + if param_type == "buf": + func_data["params_buf"].append(param) + elif param_dir == "i": + func_data["params_in"].append(param) + elif param_dir == "io": + func_data["params_inout"].append(param) + elif param_dir == "o": + func_data["params_out"].append(param) + else: + print("Invalid parameter direction=" , param_dir , "for parameter" , param.get("name")) + sys.exit(8) + api_data["functions"].append(func_data) + + # Summary + print("API" , api_data["name"] , "(ID =" , api_data["id"] , "):" , len(api_data["headers"]) , "headers," , len(api_data["functions"]) , "functions") + + return api_data + + +# Generate file preamble (license, etc.) common to all source files +def gen_file_preamble (out_file): + license_str = re.sub(r"<year>", str(date.today().year), +"""/******************************************************************* +* (c) Copyright 2011-2012 Discretix Technologies Ltd. * +* This file is licensed under the terms provided in the file * +* libcc54/LICENSE in this directory or a parent directory * +********************************************************************/\n""") + + # Fetch script revision as given from SVN + gen_rev = re.sub(r"\$Rev:\s*([0-9]+)\s*\$", r"\1", r"$Rev: 2451 $") + + out_file.write("/* Generated file - DO NOT EDIT! */\n") + out_file.write("/* Generated by " + sys.argv[0] + "@" + gen_rev + " at " + str(datetime.now()) + " */\n") + out_file.write(license_str) + +## Parse the ptype attribute +# \param ptype_val The value of "ptype" attribute +# +# \return (type, array_size, array_size_max) +def parse_ptype (ptype_val): + data_size = None + data_size_max = None + + ptype_components = re.match(r"(val|ref|array|buf|wsbuf)(\(.+\))?", ptype_val) + try: + param_type = ptype_components.group(1) + except: + print("Invalid parameter type from:" , ptype_val) + sys.exit(9) + if param_type == "array": + array_components = re.match(r"\(([^,]+),([^,]+)\)", ptype_components.group(2)) + data_size = array_components.group(1) + data_size_max = array_components.group(2) + elif param_type == "buf" or param_type == "wsbuf": + buf_components = re.match(r"\(([^,]+)\)", ptype_components.group(2)) + data_size = buf_components.group(1) + + return param_type, data_size, data_size_max + + +## Parse "dtype" attribute +# \param dtype_val the "dtype" attribute value +# \return (c_type, endian_type) +def parse_dtype (dtype_val): + dtype_components = re.match(r"((le|be)(16|32))\(([\w\s]+)\)", dtype_val) + if dtype_components is None: # No endian data + endian_type = None + c_type = dtype_val + else: # Has endian data + endian_type = dtype_components.group(1) + c_type = dtype_components.group(4) + + return c_type, endian_type + +## Generate the field of a params struct +# Used by gen_params_struct_fields +# field_prefix may be used (i.e., not "") to denote hierarchy of field inside a structure +def gen_a_param_struct_field (indent_level, field_prefix, param): + indent_str = "\t" * indent_level + param_type, array_size, array_size_max = parse_ptype(param.get("ptype")) + c_type , endian_type = parse_dtype(param.get("dtype")) + field_name = param.get("name") + # Workspace buffer has no param to pass + if param_type == "wsbuf": + field_name += "_size" + c_type = "DxUint32_t " + if param_type == "ref" and field_prefix == "": field_prefix = "__" # Copied referenced data is denoted with "__" prefix + elif param_type == "array": field_name += "[" + array_size_max + "]" + endian_comment = ("/*" + endian_type + "*/" if endian_type != "" else "") if endian_type is not None else "" + alignment = param.get("align") + if alignment is not None: + alignment_tag = " DX_PAL_COMPILER_ALIGN(" + alignment + ")" + else: + alignment_tag = "" + + if param_type == "ref" or param_type == "array": + flag_str = indent_str + "DxUint8_t " + field_prefix + param.get("name") + "_null_flag;\n" + else: + flag_str = "" + return indent_str + endian_comment + c_type + " " + field_prefix + field_name + alignment_tag + ";\n" + flag_str + +# Generate code for parameters structure for given parameters list +# \return struct string +def gen_params_struct_fields (indent_level, field_prefix, params_list): + return_str = "" + indent_str = "\t" * indent_level + + for param in params_list: + param_type, array_size, array_size_max = parse_ptype(param.get("ptype")) + return_str += gen_a_param_struct_field(1, field_prefix, param) + + # Handle second level reference from a struct + # TODO: Handle unlimited reference levels, i.e., structure references within structures + fields = param.findall("field") + for field in fields: # Create place holders for struct fields which are by reference + if field.get("ptype") == "ref": + return_str += gen_a_param_struct_field(2, + ("__" if param_type == "ref" else "") + param.get("name") + "__", field) + return return_str + + +# Generate a string with the given function prototype +def gen_func_prototype (func_name, return_type, the_params): + proto_str = return_type + " " + func_name + "(\n" + for param in the_params: + c_type , endian_type = parse_dtype(param.get("dtype")) + proto_str += "\t" + c_type + " " + param_type, array_size, array_size_max = parse_ptype(param.get("ptype")) + if param_type == "buf" or param_type == "ref" or param_type == "wsbuf": + proto_str += "*" + proto_str += param.get("name") + if param_type == "array": + proto_str += "[]" + if param is not the_params[-1]: # Is not last parameter? + proto_str += ",\n" + proto_str += ")" + return proto_str + + +# Generate the RPC header file of the API +def gen_h_file (api_data, base_name, h_file_path): + api_h_fname = base_name + "_seprpc.h" + print("Generating API header file at" , h_file_path + "/" + api_h_fname , "...") + api_file = open(h_file_path + "/" + api_h_fname, 'w') + + ####### File start comments ########### + gen_file_preamble(api_file) + + + api_file.write("/* \\file " + api_h_fname + "\n") + api_file.write(" * SeP-RPC header file for " + api_data["name"] + " API */\n\n") + # Guards + guard_tag = "__" + base_name.upper() + "_SEPRPC_H__" + api_file.write("#ifndef " + guard_tag + "\n") + api_file.write("#define " + guard_tag + "\n\n") + + # SRA_ID + api_file.write("#define SEPRPC_AGENT_ID_"+ api_data["name"] + " " + api_data["id"] + "\n\n"); + + # includes + for header in api_data["headers"] : + api_file.write("#include \"" + header + "\"\n") + api_file.write("#include \"dx_pal_compiler.h\"\n") + + function_cnt = 0 + # Per function: function index + params structure + for function in api_data["functions"] : + function_cnt += 1 + func_name = function["name"] + ret_type , endian_type = parse_dtype(function["return"]) + api_file.write("\n\n/************ " + func_name + " ***************/\n"); + api_file.write("#define SEPRPC_FUNC_ID_" + func_name + " " + str(function_cnt) + "\n") + api_file.write("/*\n" + gen_func_prototype(func_name, ret_type, function["params"]) + "\n*/\n\n") + + params_buf = function["params_buf"] + # Add a constant for number of user buffer references + api_file.write("#define SEPRPC_MEMREF_NUM_" + func_name + " " + str(len(params_buf)) + "\n") + # Compile time test for the memory references limit + api_file.write("#if SEPRPC_MEMREF_NUM_" + func_name + " > SEP_RPC_MAX_MEMREF_PER_FUNC\n") + api_file.write("#error SEPRPC_MEMREF_NUM_" + func_name + " is more than SEP_RPC_MAX_MEMREF_PER_FUNC\n") + api_file.write("#endif\n") + # Index of each buffer reference in the memRef array + memref_idx = 0 + for param in params_buf : + api_file.write("#define SEPRPC_MEMREF_IDX_" + param.get("name") + " " + str(memref_idx) + "\n") + memref_idx += 1 + api_file.write("\n") + + # Create the parameters structure ("Message") + api_file.write("typedef struct SepRpc_" + func_name + "Params {\n") + + # User buffers first + api_file.write("\tuint32_t num_of_memrefs; /* Number of elements in the memRef array */\n") + if len(params_buf) > 0: # memRef array exists only if numOfMemRef > 0 + api_file.write("\tstruct seprpc_memref memref[SEPRPC_MEMREF_NUM_" + func_name + "];\n") + + if len(function["params_in"]) > 0: + api_file.write("\t/* Input */\n") + api_file.write(gen_params_struct_fields(1, "", function["params_in"])) + if len(function["params_inout"]) > 0: + api_file.write("\t/* Input/Output */\n") + api_file.write(gen_params_struct_fields(1, "", function["params_inout"])) + if len(function["params_out"]) > 0: + api_file.write("\t/* Output */\n") + api_file.write(gen_params_struct_fields(1, "", function["params_out"])) + if function["return"] != "void": + ret_type , endian_type = parse_dtype(function["return"]) + api_file.write("\t" + ret_type + " _funcRetCode;\n") + + api_file.write("} SepRpc_" + func_name + "Params_s;\n\n") + # End "foreach function" + + # Close guards + api_file.write("\n#endif /*" + guard_tag + "*/\n") + + api_file.close() + + +## Generate range validation code for given parameter +# \param indent_str The base indentation string +# \param param_val The parameter reference string +# \param param_range The paramter "range" attribute +# \param inval_param_retcode The return code to use in case of validation failure +# +# \return (A string of the generated code , iterator depth = 0 if no iterator or indent_depth if use iterator) +def gen_a_param_verify_code (indent_depth, ref_prefix, param, inval_param_retcode): + iterator = "i" + str(indent_depth) + iter_depth = 0 # 0 until uses an iterator or gets a value from recursive invocation + verify_code = "" + + param_range = param.get("range") + if param_range is not None: + param_type, array_size, array_size_max = parse_ptype(param.get("ptype")) + param_val = ref_prefix + param.get("name") + if param_type == "ref": param_val = "*(" + param_val + ")" + + + if param_type == "array" : # Loop on array elements + verify_code += "\t" * indent_depth + "for (" + iterator + " = 0; " + iterator + " < (" + array_size + "); " + iterator + "++) {\n" + indent_depth += 1 + param_val += "[" + iterator + "]" + iter_depth = indent_depth + + # Generate boolean expression for given range limitation + range_components = re.search(r"([\(\[])(\w*),(\w*)([\)\]])", param_range) + #print(range_components.group(1), range_components.group(2), range_components.group(3), range_components.group(4)) + min_val = range_components.group(2) + min_eq = "=" if range_components.group(1) == "[" else "" + max_val = range_components.group(3) + max_eq = "=" if range_components.group(4) == "]" else "" + range_bool_expr = "" + if min_val != "": + range_bool_expr = "(" + param_val + " >" + min_eq + " " + min_val + ")" + if max_val != "": + range_bool_expr = range_bool_expr + " && (" + param_val + " <" + max_eq + " " + max_val + ")" + + if range_bool_expr != "": + verify_code += "\t" * indent_depth + "SEP_RPC_ASSERT(" + range_bool_expr + ", " + inval_param_retcode + "); /* " + param_range + " */\n" + + if param_type == "array" : + indent_depth -= 1 + verify_code += "\t" * indent_depth + "}\n" + + + return verify_code , iter_depth + +## Get the reference expression of given parameter in the params structure +# \return The reference expression to append to "params." or "params->" +def get_params_struct_ref (ref_prefix, param_name, param_type): + struct_ref_prefix = re.sub(r"(\w+)(->)", r"__\1", ref_prefix) + if param_type == "ref": + return struct_ref_prefix + "__" + param_name + # Not ref - direct access + return struct_ref_prefix + ("." if struct_ref_prefix != "" else "") + param_name + +# Generate code for copying data into the parameters structure +# +# \param indent_depth Indentation depth +# \param param_ref Parameter reference string (e.g., structure reference) +# \param dtype_val The value of the "dtype" attribute of the parameter item +# \param direction The copy direction. "in" for input parameters into the params structure, and "out" for vice-versa. +# +# \return (The copy code , iterator depth = 0 if no iterator or indent_depth if use iterator) +def gen_a_param_copy_code(indent_depth, ref_prefix, param, direction): + iterator = "i" + str(indent_depth - 1) + return_str = "" + iter_depth = 0 # 0 until uses an iterator or gets a value from recursive invocation + + c_type , endian_type = parse_dtype(param.get("dtype")) + param_type, array_size, array_size_max = parse_ptype(param.get("ptype")) + + # Construct the params structure reference matching a given parameter + struct_param_value = "params." + get_params_struct_ref(ref_prefix, param.get("name"), param_type) + func_param_value = ("*(" if param_type == "ref" else "") + ref_prefix + param.get("name") + (")" if param_type == "ref" else "") + if param_type == "array" and endian_type is not None : # Endianess fix requires looping over array items + struct_param_value += "[" + iterator + "]" + func_param_value += "[" + iterator + "]" + + # Calculate lvalue and rvalue + if direction == "in": + lvalue = struct_param_value + if endian_type is None: + rvalue = func_param_value + else: + rvalue = "cpu_to_" + endian_type + "(" + func_param_value + ")" + + else: # "out" + lvalue = func_param_value + if endian_type is None: + rvalue = struct_param_value + else: + rvalue = endian_type + "_to_cpu(" + struct_param_value + ")" + + # Generate code + if param_type == "array" : + if endian_type is None: # Use memcpy + return_str += "\t" * indent_depth + "memcpy(" + lvalue + ", " + rvalue + ", sizeof(" + c_type + ") * (" + array_size + "));\n" + else: # Loop on array elements in order to switch endianess of each + return_str += "\t" * indent_depth + "for (" + iterator + " = 0; " + iterator + " < (" + array_size + "); " + iterator + "++) {\n\t" + indent_depth += 1 + return_str += "\t" * indent_depth + lvalue + " = " + rvalue + ";\n" # lvalue and rvalue already include the array index reference + indent_depth -= 1 + iter_depth = indent_depth; + return_str += "\t" * indent_depth + "}\n" + elif param_type == "wsbuf": + return_str += "\t" * indent_depth + "params." + param.get("name") + "_size = cpu_to_le32((" + array_size + "));\n" + else: # plain assignment + return_str += "\t" * indent_depth + lvalue + " = " + rvalue + ";\n" + + return return_str , iter_depth + + +## Generate code for parameters sizes and ranges validation in host wrapper code +# +# \param base_level indicates we are in the root of this function (no recursion) +# \param direction The direction ("in" or "out") of the parameters for this wrapper code +# \param ref_prefix A prefix string for structure fields (structure references) +# \param indent_depth The indentation depth (for array iterators) +# \param params_list A list of parameters/fields elements to validate (if have "range" attribute) +# \param inval_param_retcode The return code to use in case of validation failure +# +# \return A string of the generated code +def gen_params_code (base_level, direction, ref_prefix, indent_depth, params_list, inval_param_retcode): + return_str = "" + code_indent = "\t" * indent_depth + iterator = "i" + str(indent_depth) + max_iter_depth = 0 + + for param in params_list: + param_name = param.get("name") + param_type, array_size, array_size_max = parse_ptype(param.get("ptype")) + fields = param.findall("field") + is_a_struct = (len(fields) > 0) + iter_depth = 0 + + #param_full_name = ("__" if param_type == "ref" else "") + ref_prefix + param.get("name") + param_full_name = get_params_struct_ref(ref_prefix,param.get("name"),param_type) + if is_a_struct: # A struct with fields that needs to be verified + # Invoke this function in recursion + if (base_level == 1 and param_type == "array") or param_type == "ref": + return_str += code_indent + "if (" + param.get("name") + " == NULL) {\n" + "\t\tparams." + param_full_name + "_null_flag = 1;\n" + "\t} else {\n" + + params_code , iter_depth = gen_params_code(0, direction, + ref_prefix + param_name + ("." if param_type == "val" else "->"), + indent_depth + (2 if param_type == "array" else 0) + (1 if param_type == "ref" else 0), + fields, inval_param_retcode) + else: # Not a struct + params_code = "" + param_direction = param.get("direction") + + if (base_level == 1 and param_type == "array") or param_type == "ref": + struct_name = ref_prefix + param.get("name") + return_str += code_indent + "if (" + struct_name + " == NULL) {\n" + return_str += code_indent + "\tparams." + param_full_name + "_null_flag = 1;\n" + return_str += code_indent + "} else {\n" + indent_depth += 1 + code_indent = "\t" * indent_depth + + # Handle input parameters in case of "in" direction + if direction == "in" and (param_direction == "i" or param_direction == "io"): + # Only input parameters are validated for range + verify_code , verify_iter_depth = gen_a_param_verify_code(indent_depth, ref_prefix, param, inval_param_retcode) + copy_code , copy_iter_depth = gen_a_param_copy_code(indent_depth, ref_prefix, param, "in") + params_code += verify_code + copy_code + iter_depth = copy_iter_depth if verify_iter_depth < copy_iter_depth else verify_iter_depth + # Handle output paramters in case of "out" direction + elif direction == "out" and (param_direction == "o" or param_direction == "io"): + copy_code , iter_depth = gen_a_param_copy_code(indent_depth, ref_prefix, param, "out") + params_code += copy_code + + if direction == "in": # The array size is validated for all paramters in the input parameters valiadtion phase + if param_type == "array" and array_size_max != array_size: # Requires run time array size verification + return_str += code_indent + "/* Verify array size of " + param_name + " */\n" + return_str += code_indent + "SEP_RPC_ASSERT((" + array_size + ") <= (" + array_size_max + "), " + inval_param_retcode + ");\n" + + return_str += params_code + + if (base_level == 1 and param_type == "array") or param_type == "ref": + if not is_a_struct: + indent_depth -= 1 + code_indent = "\t" * indent_depth + return_str += code_indent + "\tparams." + param_full_name + "_null_flag = 0;\n" + return_str += code_indent + "}\n\n" + + if max_iter_depth < iter_depth: + max_iter_depth = iter_depth + + return return_str , max_iter_depth + + +## Generate memory references setup code +def gen_memref_setup_code(params_list): + return_str = "" + for memref in params_list: + param_type, buf_size, void = parse_ptype(memref.get("ptype")) + if param_type != "buf": + print("Invalid ptype -", param_type, "- for parameter", memref.get("name")) + direction = memref.get("direction") + if direction == "i": dma_dir = "DXDI_DATA_TO_DEVICE" + elif direction == "io": dma_dir = "DXDI_DATA_BIDIR" + elif direction == "o": dma_dir = "DXDI_DATA_FROM_DEVICE" + else: + print("Invalid memory reference direction -", direction, "- for parameter", memref.get("name")) + sys.exit(9) + memref_idx = "SEPRPC_MEMREF_IDX_" + memref.get("name") + return_str += "\t/* " + memref.get("name") + " */\n" + return_str += "\tmemRefs[" + memref_idx + "].start_or_offset = (unsigned long)" + memref.get("name") + ";\n" + return_str += "\tmemRefs[" + memref_idx + "].size = " + buf_size + ";\n" + return_str += "\tmemRefs[" + memref_idx + "].dma_direction = " + dma_dir + ";\n" + return_str += "\tmemRefs[" + memref_idx + "].ref_id = DXDI_MEMREF_ID_NULL;\n" + + return return_str + +# Generate the host side API wrapper +def gen_host_c_file (api_data, base_name, c_file_path): + host_c_fname = base_name + "_seprpc_stub.c" + print("Generating host C file at" , c_file_path + "/" + host_c_fname , "...") + host_c_file = open(c_file_path + "/" + host_c_fname, 'w') + + ####### File start comments ########### + gen_file_preamble(host_c_file) + + host_c_file.write("/* \\file " + host_c_fname + "\n") + host_c_file.write(" * SeP-RPC host wrappers/stubs implementation for " + api_data["name"] + " API */\n\n") + + # includes + host_c_file.write("#include <string.h>\n") + for header in api_data["headers"] : + host_c_file.write("#include \"" + header + "\"\n") + host_c_file.write("#include \"driver_interface.h\"\n") # DriverInterface for DxDI_SepRpcCall + host_c_file.write("#include \"" + base_name + "_seprpc.h\"\n") # RPC API generated header file + + # functions + for function in api_data["functions"] : + func_name = function["name"] + ret_type , endian_type = parse_dtype(function["return"]) + host_c_file.write("\n\n/************ " + func_name + " ***************/\n"); + # Function prototype + host_c_file.write(gen_func_prototype(func_name, ret_type, function["params"]) + "\n{\n") + host_c_file.write("\tDxDI_RetCode_t diRc;\n") + host_c_file.write("\tseprpc_retcode_t rpcRc;\n") + numOfMemRefs = len(function["params_buf"]) + if numOfMemRefs > 0: # Mem. Ref. data + host_c_file.write("\tstruct dxdi_memref memRefs[SEPRPC_MEMREF_NUM_" + func_name + "];\n") + # Local buffer for parameters structure + host_c_file.write("\tstruct SepRpc_" + func_name + "Params params;\n") + + # Generate parameters handling code (copy in/out and verify) + inparams_code , max_in_iter_depth = gen_params_code(1,"in", "", 1, + function["params_in"] + function["params_inout"] + function["params_out"], + function["retcodes"].get("invalid_param")) + outparams_code , max_out_iter_depth = gen_params_code(1,"out", "", 1, + function["params_inout"] + function["params_out"], + function["retcodes"].get("invalid_param")) + # Generate iterators declaration code (if any) + if (max_in_iter_depth > max_out_iter_depth): + max_iter_depth = max_in_iter_depth + else: + max_iter_depth = max_out_iter_depth + if max_iter_depth > 0: + for i in range(1, max_iter_depth): + host_c_file.write("\tunsigned int i" + str(i) + ";\n") + host_c_file.write("\n") + + if inparams_code != "": + host_c_file.write("\t/* Verify input parameters and copy into params. struct. */\n" + inparams_code + "\n") + del inparams_code # Free memory + + memref_code = gen_memref_setup_code(function["params_buf"]) + if memref_code != "": + host_c_file.write("\t/* User DMA buffers (memory references) */\n" + memref_code + "\n") + memref_param_str = "memRefs" + else: + memref_param_str = "NULL" + del memref_code # Free memory + + # Set number of mem. refs. + host_c_file.write("\tparams.num_of_memrefs = cpu_to_le32(" + "SEPRPC_MEMREF_NUM_" + func_name + ");\n\n") + + # Invoke IOCTL + host_c_file.write("\tdiRc = DxDI_SepRpcCall(SEPRPC_AGENT_ID_" + api_data["name"] + + ", SEPRPC_FUNC_ID_" + func_name + ",\n\t\t" + memref_param_str + + ", sizeof(params), (struct seprpc_params*)¶ms, &rpcRc);\n\n") + # Assert DxDI_SepRpcCall invocation success + host_c_file.write("\tSEP_RPC_ASSERT(diRc == DXDI_RET_OK, " + function["retcodes"].get("generic_error") + ");\n") + + # Handle return code + host_c_file.write("\tif (rpcRc != SEPRPC_RET_OK) {\n") + host_c_file.write("\t\tSEP_RPC_LOG(\"RPC of " + func_name + " failed with RPC error code %d\\n\", rpcRc);\n") + if function["return"] != "void": + host_c_file.write("\t\tswitch (rpcRc) {\n") + host_c_file.write("\t\tcase SEPRPC_RET_EINVAL:\n\t\t\treturn " + function["retcodes"].get("invalid_param") + ";\n") + host_c_file.write("\t\tcase SEPRPC_RET_ENORSC:\n\t\t\treturn " + function["retcodes"].get("not_enough_resources") + ";\n") + host_c_file.write("\t\tdefault:\n\t\t\treturn " + function["retcodes"].get("generic_error") +";\n") + host_c_file.write("\t\t}\n") + host_c_file.write("\t}\n\n") + # Copy data out + if outparams_code != "": + host_c_file.write("\t/* Copy back output parameters */\n" + outparams_code + "\n") + del outparams_code # Free memory + if function["return"] != "void": + c_type , endian_type = parse_dtype(function["return"]) + host_c_file.write("\treturn " + endian_type +"_to_cpu(params._funcRetCode);\n") + + host_c_file.write("} /* " + func_name + " */\n\n") # End of function + + host_c_file.close() + +## Generate "parser" function of a specific API function for SeP agent +def gen_sep_rpc_func_parser (function): + func_name = function["name"] + func_code = "static inline seprpc_retcode_t SepRpc_" + func_name + "Parser(\n" + func_code += "\tstruct SepRpc_" + func_name + "Params *params,\n" + func_code += "\tDX_DmaObjHandle_t dmaObjs[])\n{\n" + + # Set references (pointers) in structures + for param in function["params"]: + param_type, array_size, array_size_max = parse_ptype(param.get("ptype")) + fields = param.findall("field") + for field in fields: + field_type, field_array_size, field_array_size_max = parse_ptype(field.get("ptype")) + if field_type == "ref": # Put the pointer to the ref. field copy into the pointer field + field_ref = ("__" if param_type == "ref" else "") + param.get("name") + "." + field.get("name") + func_code += "\tif (params->__" + param.get("name") + "__" + field.get("name") + "_null_flag == 0) {\n" + func_code += "\t\tparams->" + field_ref + " = &(params->__" + param.get("name") + "__" + field.get("name") + ");\n\t} else {\n" + func_code += "\t\tparams->" + field_ref + " = NULL;\n\t}\n" + # Add workspace buffer size check + for param in function["params"]: + param_type, array_size, array_size_max = parse_ptype(param.get("ptype")) + if param_type == "wsbuf": + func_code += "\tif (params->" + param.get("name") + "_size > SEP_RPC_MAX_WORKSPACE_SIZE)\n" + func_code += "\t\treturn SEPRPC_RET_ENORSC;\n\n" + + # Generate function invocation code + func_code += "\t" + if function["return"] != "void": + func_code += "params->_funcRetCode = " + func_code += func_name + "(\n" + for param in function["params"]: + param_name = param.get("name") + param_type, array_size, array_size_max = parse_ptype(param.get("ptype")) + if param_type == "ref" or param_type == "array": + func_code += "\t\tparams->" + ("__" if param_type == "ref" else "") + param_name + "_null_flag != 0 ? NULL :" + if param_type == "buf": # Give DMA object for that parameter + func_code += "\t\t(" + param.get("dtype") + " *)(dmaObjs[SEPRPC_MEMREF_IDX_" + param_name + "])" + elif param_type == "ref": # Dereference copy in params struct + func_code += "&(params->__" + param_name + ")" + elif param_type == "wsbuf": + func_code += "\t\t(" + param.get("dtype") + " *)getWorkspacePtr()" + else: # Give the field in "params" directly + func_code += "\t\tparams->" + param_name + if param is not function["params"][-1]: # Is not last parameter? + func_code += ",\n" + func_code += ");\n" + # End parser function + func_code += "\n\treturn SEPRPC_RET_OK;\n" + func_code += "}\n" + return func_code + + +# Generate the SeP agent implementation C source file +def gen_sep_c_file(api_data, base_name, c_file_path): + sep_c_fname = base_name + "_seprpc_agent.c" + print("Generating SeP C file at" , c_file_path + "/" + sep_c_fname , "...") + sep_c_file = open(c_file_path + "/" + sep_c_fname, 'w') + + ####### File start comments ########### + gen_file_preamble(sep_c_file) + + sep_c_file.write("/* \\file " + sep_c_fname + "\n") + sep_c_file.write(" * SeP-RPC agent implementation for " + api_data["name"] + " API */\n\n") + + # includes + for header in api_data["headers"] : + sep_c_file.write("#include \"" + header + "\"\n") + sep_c_file.write("#include \"sep_log.h\"\n") + sep_c_file.write("#include \"sep_rpc_server.h\"\n") # SeP RPC agent infrastructure API (available at sep/include) + sep_c_file.write("#include \"" + base_name + "_seprpc.h\"\n\n") # RPC API generated header file + + # Parser functions + for function in api_data["functions"] : + sep_c_file.write(gen_sep_rpc_func_parser(function) + "\n"); + + # "Hub" function (agent's entry point) + hub_func_name = "SepRpc_" + api_data["name"] + "_Agent" + sep_c_file.write("DX_PAL_COMPILER_FUNC_DONT_INLINE static seprpc_retcode_t " + hub_func_name + "_Parser" + "(\n") + sep_c_file.write("\tseprpc_agent_id_t agentId,\n") + sep_c_file.write("\tseprpc_func_id_t funcId,\n") + sep_c_file.write("\tuint16_t paramsMsgSize,\n") + sep_c_file.write("\tstruct seprpc_params *params,\n") + sep_c_file.write("\tDX_DmaObjHandle_t dmaObjs[])\n{\n") + + # Function ID based switch statement + sep_c_file.write("\tswitch (funcId) {\n") + + # static functions to be invoked by the entry-point function + for function in api_data["functions"] : + func_name = function["name"] + sep_c_file.write("\tcase SEPRPC_FUNC_ID_" + func_name + ":\n"); + # Verify HMB size for requested params structure + sep_c_file.write("\t\tif (paramsMsgSize < sizeof(struct SepRpc_" + func_name + "Params)) {\n") + sep_c_file.write("\t\t\tSEP_LOG_ERR(\"Invalid HMB size for struct SepRpc_" + func_name + "Params\\n\");\n") + sep_c_file.write("\t\t\treturn SEPRPC_RET_EINVAL;\n") + sep_c_file.write("\t\t}\n") + sep_c_file.write("\t\treturn SepRpc_" + func_name + "Parser((struct SepRpc_" + func_name + "Params *)params, dmaObjs);\n\n") + + # End of switch statement + sep_c_file.write("\t} /* switch (funcId) */\n\n") + + # Error return code - not supposed to reach here (all functions are supposed to be handled in the switch statement + sep_c_file.write("\treturn SEPRPC_RET_EINVAL_FUNC;\n") + # End of "hub" function + sep_c_file.write("}\n\n"); + + # Wrapper function for d-cache stack replacement + hub_func_name = "SepRpc_" + api_data["name"] + "_Agent" + sep_c_file.write("static seprpc_retcode_t " + hub_func_name + "(\n") + sep_c_file.write("\tseprpc_agent_id_t agentId,\n") + sep_c_file.write("\tseprpc_func_id_t funcId,\n") + sep_c_file.write("\tuint16_t paramsMsgSize,\n") + sep_c_file.write("\tstruct seprpc_params *params,\n") + sep_c_file.write("\tDX_DmaObjHandle_t dmaObjs[])\n{\n") + + sep_c_file.write("\tregister seprpc_retcode_t rc = 0;\n") + sep_c_file.write("\n\tRPC_CHANGE_STACK();\n") + + sep_c_file.write("\n\trc = " + hub_func_name + "_Parser(\n") + sep_c_file.write("\t\tagentId,\n") + sep_c_file.write("\t\tfuncId,\n") + sep_c_file.write("\t\tparamsMsgSize,\n") + sep_c_file.write("\t\tparams,\n") + sep_c_file.write("\t\tdmaObjs);\n\n") + + sep_c_file.write("\tRPC_RESTORE_STACK();\n\n") + + sep_c_file.write("\treturn rc;\n}\n\n") + + + # Init. function for RPC agent: Register to RPC infrastructure + sep_c_file.write("seprpc_retcode_t SepRpc_Init" + api_data["name"] + "(void)\n{\n") + sep_c_file.write("\treturn SepRpc_RegisterHandler(" + api_data["id"] + ", " + hub_func_name + ", \"" + api_data["name"] + "\");\n") + sep_c_file.write("}\n") + + sep_c_file.close() + + +def main (): + spec_file , api_h_path , host_c_path , sep_c_path = parse_cmdline_arguments() + print("spec_file=" , spec_file , " api_h_path=" , api_h_path , " host_c_path=" , host_c_path , " sep_c_path=" , sep_c_path) + # Base name for all the files is taken from spec file name + spec_basename = re.sub(r".*/" , "", spec_file) # Remove leading directories + spec_basename = re.sub(r"\.[^/.]*$", "" , spec_basename) # Remove .xml suffix + + my_api = parse_api_spec(spec_file) + + if api_h_path is not None: + gen_h_file(my_api, spec_basename, api_h_path) + + if host_c_path is not None: + gen_host_c_file(my_api, spec_basename, host_c_path) + + if sep_c_path is not None: + gen_sep_c_file(my_api, spec_basename, sep_c_path) + + print("Done.") + + +############################# +if __name__ == "__main__": + main() |