Google Git
Sign in
fuchsia / third_party / openthread / f71d88983e6c083bef8a4c57d36e60d2ed80d60a / . / third_party / NordicSemiconductor / libraries / nrf_cc310 / include / crys_ecpki_types.h
blob: f32aa7743a5c1706470c45113ce4deb6ee4237ef [file] [log] [blame]
/**************************************************************************************
* Copyright (c) 2016-2017, ARM Limited or its affiliates. All rights reserved *
* *
* This file and the related binary are licensed under the following license: *
* *
* ARM Object Code and Header Files License, v1.0 Redistribution. *
* *
* Redistribution and use of object code, header files, and documentation, without *
* modification, are permitted provided that the following conditions are met: *
* *
* 1) Redistributions must reproduce the above copyright notice and the *
* following disclaimer in the documentation and/or other materials *
* provided with the distribution. *
* *
* 2) Unless to the extent explicitly permitted by law, no reverse *
* engineering, decompilation, or disassembly of is permitted. *
* *
* 3) Redistribution and use is permitted solely for the purpose of *
* developing or executing applications that are targeted for use *
* on an ARM-based product. *
* *
* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND *
* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT *
* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, *
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE *
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, *
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED *
* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR *
* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF *
* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING *
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS *
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. *
**************************************************************************************/
#ifndef CRYS_ECPKI_TYPES_H
#define CRYS_ECPKI_TYPES_H
/*!
@file
@brief Contains all of the enums and definitions that are used for the CRYS ECPKI APIs.
@defgroup crys_ecpki_types CryptoCell ECC specific types
@{
@ingroup cryptocell_ecpki
*/
#include "ssi_pal_types_plat.h"
#include "crys_hash.h"
#include "crys_pka_defs_hw.h"
#include "ssi_pal_compiler.h"
#ifdef __cplusplus
extern "C"
{
#endif
/************************ Defines ******************************/
/*! Internal buffer size in words. */
#define CRYS_PKA_DOMAIN_LLF_BUFF_SIZE_IN_WORDS (10 + 3*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS)
/**************************************************************************************
* Enumerators
***************************************************************************************/
/*------------------------------------------------------------------*/
/*! Enumerator for the EC Domain idetifier
References: [13] - SEC 2: Recommended elliptic curve domain parameters.
Version 1.0. Certicom 2000.
[8] - WAP-261-WTLS-20010406-a, Version 06-April-2001. */
typedef enum
{
/* For prime field */
CRYS_ECPKI_DomainID_secp160k1, /*!< EC secp160r1 */
CRYS_ECPKI_DomainID_secp160r1, /*!< EC secp160k1 */
CRYS_ECPKI_DomainID_secp160r2, /*!< EC secp160r2 */
CRYS_ECPKI_DomainID_secp192k1, /*!< EC secp192k1 */
CRYS_ECPKI_DomainID_secp192r1, /*!< EC secp192r1 */
CRYS_ECPKI_DomainID_secp224k1, /*!< EC secp224k1 */
CRYS_ECPKI_DomainID_secp224r1, /*!< EC secp224r1 */
CRYS_ECPKI_DomainID_secp256k1, /*!< EC secp256k1 */
CRYS_ECPKI_DomainID_secp256r1, /*!< EC secp256r1 */
CRYS_ECPKI_DomainID_secp384r1, /*!< EC secp384r1 */
CRYS_ECPKI_DomainID_secp521r1, /*!< EC secp521r1 */
CRYS_ECPKI_DomainID_Builded, /*!< User given, not identified. */
CRYS_ECPKI_DomainID_OffMode, /*!< Reserved.*/
CRYS_ECPKI_DomainIDLast = 0x7FFFFFFF, /*! Reserved.*/
}CRYS_ECPKI_DomainID_t;
/*------------------------------------------------------------------*/
/*! Defines the enum for the HASH operation mode.
* The enumerator defines 6 HASH modes according to IEEE 1363.
*
*/
typedef enum
{
CRYS_ECPKI_HASH_SHA1_mode = 0, /*!< The message data will be hashed with SHA1. */
CRYS_ECPKI_HASH_SHA224_mode = 1, /*!< The message data will be hashed with SHA224. */
CRYS_ECPKI_HASH_SHA256_mode = 2, /*!< The message data will be hashed with SHA256. */
CRYS_ECPKI_HASH_SHA384_mode = 3, /*!< The message data will be hashed with SHA384. */
CRYS_ECPKI_HASH_SHA512_mode = 4, /*!< The message data will be hashed with SHA512. */
CRYS_ECPKI_AFTER_HASH_SHA1_mode = 5, /*!< The message data is a digest of SHA1 and will not be hashed. */
CRYS_ECPKI_AFTER_HASH_SHA224_mode = 6, /*!< The message data is a digest of SHA224 and will not be hashed. */
CRYS_ECPKI_AFTER_HASH_SHA256_mode = 7, /*!< The message data is a digest of SHA256 and will not be hashed. */
CRYS_ECPKI_AFTER_HASH_SHA384_mode = 8, /*!< The message data is a digest of SHA384 and will not be hashed. */
CRYS_ECPKI_AFTER_HASH_SHA512_mode = 9, /*!< The message data is a digest of SHA512 and will not be hashed. */
CRYS_ECPKI_HASH_NumOfModes, /*!< Maximal number of HASH modes. */
CRYS_ECPKI_HASH_OpModeLast = 0x7FFFFFFF, /*!< Reserved. */
}CRYS_ECPKI_HASH_OpMode_t;
/*---------------------------------------------------*/
/*! Enumerator for the EC point compression idetifier. */
typedef enum
{
CRYS_EC_PointCompressed = 2, /*!< Compressed point. */
CRYS_EC_PointUncompressed = 4, /*!< Uncompressed point. */
CRYS_EC_PointContWrong = 5, /*!< Wrong Point Control value. */
CRYS_EC_PointHybrid = 6, /*!< Hybrid point. */
CRYS_EC_PointCompresOffMode = 8, /*!< Reserved. */
CRYS_ECPKI_PointCompressionLast= 0x7FFFFFFF, /*!< Reserved. */
}CRYS_ECPKI_PointCompression_t;
/*! EC key checks defintions. */
typedef enum {
CheckPointersAndSizesOnly = 0, /*!< Only preliminary input parameters are checked. */
ECpublKeyPartlyCheck = 1, /*!< Preliminary input parameters check and verify that EC PubKey point is on the curve. */
ECpublKeyFullCheck = 2, /*!< All the above and in addition verifies that EC_GeneratorOrder*PubKey = O */
PublKeyChecingOffMode, /*! Reserved. */
EC_PublKeyCheckModeLast = 0x7FFFFFFF, /*! Reserved. */
}EC_PublKeyCheckMode_t;
/*----------------------------------------------------*/
/*! Defintion of sw SCA protection. */
typedef enum {
SCAP_Inactive, /*! Inactive.*/
SCAP_Active, /*! Active.*/
SCAP_OFF_MODE, /*! Reserved. */
SCAP_LAST = 0x7FFFFFFF /*! Reserved. */
} CRYS_ECPKI_ScaProtection_t;
/**************************************************************************************
* EC Domain structure definition
***************************************************************************************/
/*! The structure containing the EC domain parameters in little-endian form
EC equation: Y^2 = X^3 + A*X + B over prime fild GFp. */
typedef struct {
/*! EC modulus: P. */
uint32_t ecP [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS];
/*! EC equation parameter a. */
uint32_t ecA [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS];
/*! EC equation parameter b. */
uint32_t ecB [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS];
/*! Order of generator. */
uint32_t ecR [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 1];
/*! EC cofactor EC_Cofactor_K
Generator (EC base point) coordinates in projective form. */
uint32_t ecGx [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS];
/*! EC cofactor EC_Cofactor_K
Generator (EC base point) coordinates in projective form. */
uint32_t ecGy [CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS];
/*! EC cofactor EC_Cofactor_K
Generator (EC base point) coordinates in projective form. */
uint32_t ecH;
/*! Specific fields that are used by the low level.*/
uint32_t llfBuff[CRYS_PKA_DOMAIN_LLF_BUFF_SIZE_IN_WORDS];
/*! Size of fields in bits. */
uint32_t modSizeInBits;
/*! Order size in bits. */
uint32_t ordSizeInBits;
/*! Size of each inserted Barret tag in words; 0 - if not inserted.*/
uint32_t barrTagSizeInWords;
/*! EC Domain identifier.*/
CRYS_ECPKI_DomainID_t DomainID;
/*! Internal buffer. */
int8_t name[20];
} CRYS_ECPKI_Domain_t;
/**************************************************************************************
* EC point structures definitions
***************************************************************************************/
/*! The structure containing the EC point in affine coordinates
and little endian form. */
typedef struct
{
/*! Point coordinate X. */
uint32_t x[CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS];
/*! Point coordinate Y. */
uint32_t y[CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS];
}CRYS_ECPKI_PointAffine_t;
/**************************************************************************************
* ECPKI public and private key Structures
***************************************************************************************/
/* --------------------------------------------------------------------- */
/* .................. The public key structures definitions ............ */
/* --------------------------------------------------------------------- */
/*! The structure containing the Public Key in affine coordinates.*/
typedef struct
{
/*! Public Key coordinate X.*/
uint32_t x[CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS];
/*! Public Key coordinate Y.*/
uint32_t y[CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS];
/*! EC Domain.*/
CRYS_ECPKI_Domain_t domain;
/*! Point type.*/
uint32_t pointType;
} CRYS_ECPKI_PublKey_t;
/*! The EC public key's user structure prototype. This structure must be saved by the user, and is used as input to the ECC functions
(such as ::CRYS_ECDSA_Verify etc.). */
typedef struct CRYS_ECPKI_UserPublKey_t
{
/*! Validation tag.*/
uint32_t valid_tag;
/*! Public key data. */
uint32_t PublKeyDbBuff[(sizeof(CRYS_ECPKI_PublKey_t)+3)/4];
} CRYS_ECPKI_UserPublKey_t;
/* --------------------------------------------------------------------- */
/* .................. The private key structures definitions ........... */
/* --------------------------------------------------------------------- */
/*! Structure containing the Private key data. */
typedef struct
{
/*! Private Key data. */
uint32_t PrivKey[CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 1];
/*! Domain. */
CRYS_ECPKI_Domain_t domain;
/*! SCA protection mode. */
CRYS_ECPKI_ScaProtection_t scaProtection;
}CRYS_ECPKI_PrivKey_t;
/*! The EC private key's user structure prototype. This structure must be saved by the user, and is used as input to the ECC functions
(such as ::CRYS_ECDSA_Sign etc.). */
typedef struct CRYS_ECPKI_UserPrivKey_t
{
/*! Validation tag. */
uint32_t valid_tag;
/*! Private key data. */
uint32_t PrivKeyDbBuff[(sizeof(CRYS_ECPKI_PrivKey_t)+3)/4];
} CRYS_ECPKI_UserPrivKey_t;
/*! ECDH temporary data type */
typedef struct CRYS_ECDH_TempData_t
{
/*! Temporary buffers. */
uint32_t crysEcdhIntBuff[CRYS_PKA_ECDH_BUFF_MAX_LENGTH_IN_WORDS];
}CRYS_ECDH_TempData_t;
/*! EC build temporary data. */
typedef struct CRYS_ECPKI_BUILD_TempData_t
{
/*! Temporary buffers. */
uint32_t crysBuildTmpIntBuff[CRYS_PKA_ECPKI_BUILD_TMP_BUFF_MAX_LENGTH_IN_WORDS];
}CRYS_ECPKI_BUILD_TempData_t;
/**************************************************************************
* CRYS ECDSA context structures
**************************************************************************/
/* --------------------------------------------------------------------- */
/* CRYS ECDSA Signing context structure */
/* --------------------------------------------------------------------- */
/*! Internal buffer used in the signing process. */
typedef uint32_t CRYS_ECDSA_SignIntBuff[CRYS_PKA_ECDSA_SIGN_BUFF_MAX_LENGTH_IN_WORDS];
/*! Context definition for Signing operation. */
typedef struct
{
/*! Private Key data. */
CRYS_ECPKI_UserPrivKey_t ECDSA_SignerPrivKey;
/*! HASH context. */
CRYS_HASHUserContext_t hashUserCtxBuff;
/*! HASH result buffer. */
CRYS_HASH_Result_t hashResult;
/*! HASH result size in words. */
uint32_t hashResultSizeWords;
/*! HASH mode. */
CRYS_ECPKI_HASH_OpMode_t hashMode;
/*! Internal buffer. */
CRYS_ECDSA_SignIntBuff crysEcdsaSignIntBuff;
}ECDSA_SignContext_t;
/* --------------------------------------------------------------------- */
/* CRYS ECDSA Signing User context database */
/* --------------------------------------------------------------------- */
/*! User's context definition for signing operation. The context saves the state of the operation and must be saved by the user
till the end of the APIs flow */
typedef struct CRYS_ECDSA_SignUserContext_t
{
/*! Signing process data. */
uint32_t context_buff [(sizeof(ECDSA_SignContext_t)+3)/4];
/*! Validation tag*/
uint32_t valid_tag;
} CRYS_ECDSA_SignUserContext_t;
/****************************************************************************/
/* --------------------------------------------------------------------- */
/* CRYS ECDSA Verifying context structure */
/* --------------------------------------------------------------------- */
/*! Internal buffer used in the verification process. */
typedef uint32_t CRYS_ECDSA_VerifyIntBuff[CRYS_PKA_ECDSA_VERIFY_BUFF_MAX_LENGTH_IN_WORDS];
/*! Context definition for verification operation. */
typedef struct
{
/*! Public key data. */
CRYS_ECPKI_UserPublKey_t ECDSA_SignerPublKey;
/*! HASH context. */
CRYS_HASHUserContext_t hashUserCtxBuff;
/*! HASH result. */
CRYS_HASH_Result_t hashResult;
/*! HASH result size in words. */
uint32_t hashResultSizeWords;
/*! HASH mode. */
CRYS_ECPKI_HASH_OpMode_t hashMode;
/*! Internal buffer. */
CRYS_ECDSA_VerifyIntBuff crysEcdsaVerIntBuff;
}ECDSA_VerifyContext_t;
/* --------------------------------------------------------------------- */
/* CRYS ECDSA Verifying User context database */
/* --------------------------------------------------------------------- */
/*! User's context definition for verification operation. The context saves the state of the operation and must be saved by the user
till the end of the APIs flow */
typedef struct CRYS_ECDSA_VerifyUserContext_t
{
/*! Verification process data. */
uint32_t context_buff[(sizeof(ECDSA_VerifyContext_t)+3)/4];
/*! Validation tag. */
uint32_t valid_tag;
}CRYS_ECDSA_VerifyUserContext_t;
/* --------------------------------------------------------------------- */
/* .................. key generation temp buffer ........... */
/* --------------------------------------------------------------------- */
/*! ECPKI KG temporary data type */
typedef struct CRYS_ECPKI_KG_TempData_t
{
/*! Internal buffer. */
uint32_t crysKGIntBuff[CRYS_PKA_KG_BUFF_MAX_LENGTH_IN_WORDS];
}CRYS_ECPKI_KG_TempData_t;
/*! ECIES temporary data definition. */
typedef struct CRYS_ECIES_TempData_t {
/*! Private key data. */
CRYS_ECPKI_UserPrivKey_t PrivKey;
/*! Public key data. */
CRYS_ECPKI_UserPublKey_t PublKey;
/*! Internal buffer. */
uint32_t zz[3*CRYS_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 1];
/*! Internal buffers. */
union {
CRYS_ECPKI_BUILD_TempData_t buildTempbuff;
CRYS_ECPKI_KG_TempData_t KgTempBuff;
CRYS_ECDH_TempData_t DhTempBuff;
} tmp;
}CRYS_ECIES_TempData_t;
/* --------------------------------------------------------------------- */
/* .................. defines for FIPS ........... */
/* --------------------------------------------------------------------- */
/*! Order length for the FIPS ECC tests. */
#define CRYS_ECPKI_FIPS_ORDER_LENGTH (256/SASI_BITS_IN_BYTE) // the order of secp256r1 in bytes
/*! Context definition required for internal FIPS verification for ECPKI key generation. */
typedef struct CRYS_ECPKI_KG_FipsContext_t
{
/*! Signing and verification data. */
union {
CRYS_ECDSA_SignUserContext_t signCtx;
CRYS_ECDSA_VerifyUserContext_t verifyCtx;
}operationCtx;
/*! Internal buffer. */
uint32_t signBuff[2*CRYS_ECPKI_ORDER_MAX_LENGTH_IN_WORDS];
}CRYS_ECPKI_KG_FipsContext_t;
/*! Context defintion, required for internal FIPS verification for ECDSA KAT. *
* The ECDSA KAT tests defined for domain 256r1. */
typedef struct CRYS_ECDSAFipsKatContext_t{
/*! Key data. */
union {
/*! Private key data. */
struct {
CRYS_ECPKI_UserPrivKey_t PrivKey;
CRYS_ECDSA_SignUserContext_t signCtx;
}userSignData;
/*! Public key data. */
struct {
CRYS_ECPKI_UserPublKey_t PublKey;
union {
CRYS_ECDSA_VerifyUserContext_t verifyCtx;
CRYS_ECPKI_BUILD_TempData_t tempData;
}buildOrVerify;
}userVerifyData;
}keyContextData;
/*! Internal buffer. */
uint8_t signBuff[2*CRYS_ECPKI_FIPS_ORDER_LENGTH];
}CRYS_ECDSAFipsKatContext_t;
/*! Context definition, required for internal FIPS verification for ECDH KAT. */
typedef struct CRYS_ECDHFipsKatContext_t{
/*! Public key data. */
CRYS_ECPKI_UserPublKey_t pubKey;
/*! Private key data. */
CRYS_ECPKI_UserPrivKey_t privKey;
/*! Internal buffers. */
union {
CRYS_ECPKI_BUILD_TempData_t ecpkiTempData;
CRYS_ECDH_TempData_t ecdhTempBuff;
}tmpData;
/*! Buffer for the secret key. */
uint8_t secretBuff[CRYS_ECPKI_FIPS_ORDER_LENGTH];
}CRYS_ECDHFipsKatContext_t;
#ifdef __cplusplus
}
#endif
/**
@}
*/
#endif