diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/Kinetis_MemoryMap.xml b/IDE/ROWLEY-CROSSWORKS-ARM/Kinetis_MemoryMap.xml
deleted file mode 100644
index 562fdb70f..000000000
--- a/IDE/ROWLEY-CROSSWORKS-ARM/Kinetis_MemoryMap.xml
+++ /dev/null
@@ -1,11 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/README.md b/IDE/ROWLEY-CROSSWORKS-ARM/README.md
index 9fa89a27b..4a652d7eb 100644
--- a/IDE/ROWLEY-CROSSWORKS-ARM/README.md
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/README.md
@@ -34,6 +34,14 @@ To enable Freescale MMCAU:
3. Enable the `FREESCALE_MMCAU` define in `user_settings.h` and make sure its value is `1`.
4. Add the `lib_mmcau.a` file to `Source Files` in the application project.
+To enable the NXP LTC:
+
+1. [Download the NXP KSDK 2.0](https://nxp.flexnetoperations.com/control/frse/download?agree=Accept&element=7353807)
+2. Copy the following folders into IDE/ROWLEY-CROSSWORKS-ARM: drivers, mmcau_2.0.0 and CMSIS.
+3. Copy the following files into IDE/ROWLEY-CROSSWORKS-ARM: clock_config.c, clock_config.h, fsl_debug_console.c, fsl_debug_console.h, fsl_device_registers.h, system_MK82F25615.c, system_MK82F25615.h, MK82F25615.h and MK82F25615_features.h.
+4. Open the wolfssl_ltc.hzp CrossWorks project
+5. Build and run
+
# Project Files
* `arm_startup.c`: Handles startup from `reset_handler`. Disabled watchdog, initializes sections, initializes heap, starts harware and starts main.
diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/arm_startup.c b/IDE/ROWLEY-CROSSWORKS-ARM/arm_startup.c
index 358c0f2d7..28cdce3ea 100644
--- a/IDE/ROWLEY-CROSSWORKS-ARM/arm_startup.c
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/arm_startup.c
@@ -84,6 +84,8 @@ void reset_handler(void)
// Vector Exception/Interrupt Handlers
static void Default_Handler(void)
{
+ /* If we get here then need to implement real IRQ handler */
+ while(1);
}
void HardFault_HandlerC( uint32_t *hardfault_args )
@@ -93,48 +95,48 @@ void HardFault_HandlerC( uint32_t *hardfault_args )
values of the variables, make them global my moving their declaration outside
of this function. */
volatile uint32_t stacked_r0;
- volatile uint32_t stacked_r1;
- volatile uint32_t stacked_r2;
- volatile uint32_t stacked_r3;
- volatile uint32_t stacked_r12;
- volatile uint32_t stacked_lr;
+ volatile uint32_t stacked_r1;
+ volatile uint32_t stacked_r2;
+ volatile uint32_t stacked_r3;
+ volatile uint32_t stacked_r12;
+ volatile uint32_t stacked_lr;
volatile uint32_t stacked_pc;
- volatile uint32_t stacked_psr;
- volatile uint32_t _CFSR;
- volatile uint32_t _HFSR;
- volatile uint32_t _DFSR;
- volatile uint32_t _AFSR;
- volatile uint32_t _BFAR;
- volatile uint32_t _MMAR;
+ volatile uint32_t stacked_psr;
+ volatile uint32_t _CFSR;
+ volatile uint32_t _HFSR;
+ volatile uint32_t _DFSR;
+ volatile uint32_t _AFSR;
+ volatile uint32_t _BFAR;
+ volatile uint32_t _MMAR;
- stacked_r0 = ((uint32_t)hardfault_args[0]);
- stacked_r1 = ((uint32_t)hardfault_args[1]);
- stacked_r2 = ((uint32_t)hardfault_args[2]);
- stacked_r3 = ((uint32_t)hardfault_args[3]);
- stacked_r12 = ((uint32_t)hardfault_args[4]);
- stacked_lr = ((uint32_t)hardfault_args[5]);
- stacked_pc = ((uint32_t)hardfault_args[6]);
- stacked_psr = ((uint32_t)hardfault_args[7]);
+ stacked_r0 = ((uint32_t)hardfault_args[0]);
+ stacked_r1 = ((uint32_t)hardfault_args[1]);
+ stacked_r2 = ((uint32_t)hardfault_args[2]);
+ stacked_r3 = ((uint32_t)hardfault_args[3]);
+ stacked_r12 = ((uint32_t)hardfault_args[4]);
+ stacked_lr = ((uint32_t)hardfault_args[5]);
+ stacked_pc = ((uint32_t)hardfault_args[6]);
+ stacked_psr = ((uint32_t)hardfault_args[7]);
// Configurable Fault Status Register
// Consists of MMSR, BFSR and UFSR
- _CFSR = (*((volatile uint32_t *)(0xE000ED28)));
-
- // Hard Fault Status Register
- _HFSR = (*((volatile uint32_t *)(0xE000ED2C)));
+ _CFSR = (*((volatile uint32_t *)(0xE000ED28)));
+
+ // Hard Fault Status Register
+ _HFSR = (*((volatile uint32_t *)(0xE000ED2C)));
- // Debug Fault Status Register
- _DFSR = (*((volatile uint32_t *)(0xE000ED30)));
+ // Debug Fault Status Register
+ _DFSR = (*((volatile uint32_t *)(0xE000ED30)));
- // Auxiliary Fault Status Register
- _AFSR = (*((volatile uint32_t *)(0xE000ED3C)));
+ // Auxiliary Fault Status Register
+ _AFSR = (*((volatile uint32_t *)(0xE000ED3C)));
- // Read the Fault Address Registers. These may not contain valid values.
- // Check BFARVALID/MMARVALID to see if they are valid values
- // MemManage Fault Address Register
- _MMAR = (*((volatile uint32_t *)(0xE000ED34)));
- // Bus Fault Address Register
- _BFAR = (*((volatile uint32_t *)(0xE000ED38)));
+ // Read the Fault Address Registers. These may not contain valid values.
+ // Check BFARVALID/MMARVALID to see if they are valid values
+ // MemManage Fault Address Register
+ _MMAR = (*((volatile uint32_t *)(0xE000ED34)));
+ // Bus Fault Address Register
+ _BFAR = (*((volatile uint32_t *)(0xE000ED38)));
printf ("\n\nHard fault handler (all numbers in hex):\n");
printf ("R0 = %x\n", stacked_r0);
@@ -195,5 +197,114 @@ const vector_entry vectors[] __attribute__ ((section(".vectors"),used)) =
Default_Handler, // 0x0000_0038 14 - ARM core Pendable request for system service (PendableSrvReq)
Default_Handler, // 0x0000_003C 15 - ARM core System tick timer (SysTick)
+#ifdef CPU_MK82FN256VLL15
// Add specific driver interrupt handlers below
+ Default_Handler, /* DMA0_DMA16_IRQn = 0, /**< DMA channel 0,16 transfer complete */
+ Default_Handler, /* DMA1_DMA17_IRQn = 1, /**< DMA channel 1,17 transfer complete */
+ Default_Handler, /* DMA2_DMA18_IRQn = 2, /**< DMA channel 2,18 transfer complete */
+ Default_Handler, /* DMA3_DMA19_IRQn = 3, /**< DMA channel 3,19 transfer complete */
+ Default_Handler, /* DMA4_DMA20_IRQn = 4, /**< DMA channel 4,20 transfer complete */
+ Default_Handler, /* DMA5_DMA21_IRQn = 5, /**< DMA channel 5,21 transfer complete */
+ Default_Handler, /* DMA6_DMA22_IRQn = 6, /**< DMA channel 6,22 transfer complete */
+ Default_Handler, /* DMA7_DMA23_IRQn = 7, /**< DMA channel 7,23 transfer complete */
+ Default_Handler, /* DMA8_DMA24_IRQn = 8, /**< DMA channel 8,24 transfer complete */
+ Default_Handler, /* DMA9_DMA25_IRQn = 9, /**< DMA channel 9,25 transfer complete */
+ Default_Handler, /* DMA10_DMA26_IRQn = 10, /**< DMA channel 10,26 transfer complete */
+ Default_Handler, /* DMA11_DMA27_IRQn = 11, /**< DMA channel 11,27 transfer complete */
+ Default_Handler, /* DMA12_DMA28_IRQn = 12, /**< DMA channel 12,28 transfer complete */
+ Default_Handler, /* DMA13_DMA29_IRQn = 13, /**< DMA channel 13,29 transfer complete */
+ Default_Handler, /* DMA14_DMA30_IRQn = 14, /**< DMA channel 14,30 transfer complete */
+ Default_Handler, /* DMA15_DMA31_IRQn = 15, /**< DMA channel 15,31 transfer complete */
+ Default_Handler, /* DMA_Error_IRQn = 16, /**< DMA channel 0 - 31 error */
+ Default_Handler, /* MCM_IRQn = 17, /**< MCM normal interrupt */
+ Default_Handler, /* FTFA_IRQn = 18, /**< FTFA command complete */
+ Default_Handler, /* Read_Collision_IRQn = 19, /**< FTFA read collision */
+ Default_Handler, /* LVD_LVW_IRQn = 20, /**< PMC controller low-voltage detect, low-voltage warning */
+ Default_Handler, /* LLWU_IRQn = 21, /**< Low leakage wakeup unit */
+ Default_Handler, /* WDOG_EWM_IRQn = 22, /**< Single interrupt vector for WDOG and EWM */
+ Default_Handler, /* TRNG0_IRQn = 23, /**< True randon number generator */
+ Default_Handler, /* I2C0_IRQn = 24, /**< Inter-integrated circuit 0 */
+ Default_Handler, /* I2C1_IRQn = 25, /**< Inter-integrated circuit 1 */
+ Default_Handler, /* SPI0_IRQn = 26, /**< Serial peripheral Interface 0 */
+ Default_Handler, /* SPI1_IRQn = 27, /**< Serial peripheral Interface 1 */
+ Default_Handler, /* I2S0_Tx_IRQn = 28, /**< Integrated interchip sound 0 transmit interrupt */
+ Default_Handler, /* I2S0_Rx_IRQn = 29, /**< Integrated interchip sound 0 receive interrupt */
+ Default_Handler, /* LPUART0_IRQn = 30, /**< LPUART0 receive/transmit/error interrupt */
+ Default_Handler, /* LPUART1_IRQn = 31, /**< LPUART1 receive/transmit/error interrupt */
+ Default_Handler, /* LPUART2_IRQn = 32, /**< LPUART2 receive/transmit/error interrupt */
+ Default_Handler, /* LPUART3_IRQn = 33, /**< LPUART3 receive/transmit/error interrupt */
+ Default_Handler, /* LPUART4_IRQn = 34, /**< LPUART4 receive/transmit/error interrupt */
+ Default_Handler, /* Reserved51_IRQn = 35, /**< Reserved interrupt */
+ Default_Handler, /* Reserved52_IRQn = 36, /**< Reserved interrupt */
+ Default_Handler, /* EMVSIM0_IRQn = 37, /**< EMVSIM0 common interrupt */
+ Default_Handler, /* EMVSIM1_IRQn = 38, /**< EMVSIM1 common interrupt */
+ Default_Handler, /* ADC0_IRQn = 39, /**< Analog-to-digital converter 0 */
+ Default_Handler, /* CMP0_IRQn = 40, /**< Comparator 0 */
+ Default_Handler, /* CMP1_IRQn = 41, /**< Comparator 1 */
+ Default_Handler, /* FTM0_IRQn = 42, /**< FlexTimer module 0 fault, overflow and channels interrupt */
+ Default_Handler, /* FTM1_IRQn = 43, /**< FlexTimer module 1 fault, overflow and channels interrupt */
+ Default_Handler, /* FTM2_IRQn = 44, /**< FlexTimer module 2 fault, overflow and channels interrupt */
+ Default_Handler, /* CMT_IRQn = 45, /**< Carrier modulator transmitter */
+ Default_Handler, /* RTC_IRQn = 46, /**< Real time clock */
+ Default_Handler, /* RTC_Seconds_IRQn = 47, /**< Real time clock seconds */
+ Default_Handler, /* PIT0CH0_IRQn = 48, /**< Periodic interrupt timer 0 channel 0 */
+ Default_Handler, /* PIT0CH1_IRQn = 49, /**< Periodic interrupt timer 0 channel 1 */
+ Default_Handler, /* PIT0CH2_IRQn = 50, /**< Periodic interrupt timer 0 channel 2 */
+ Default_Handler, /* PIT0CH3_IRQn = 51, /**< Periodic interrupt timer 0 channel 3 */
+ Default_Handler, /* PDB0_IRQn = 52, /**< Programmable delay block */
+ Default_Handler, /* USB0_IRQn = 53, /**< USB OTG interrupt */
+ Default_Handler, /* USBDCD_IRQn = 54, /**< USB charger detect */
+ Default_Handler, /* Reserved71_IRQn = 55, /**< Reserved interrupt */
+ Default_Handler, /* DAC0_IRQn = 56, /**< Digital-to-analog converter 0 */
+ Default_Handler, /* MCG_IRQn = 57, /**< Multipurpose clock generator */
+ Default_Handler, /* LPTMR0_LPTMR1_IRQn = 58, /**< Single interrupt vector for Low Power Timer 0 and 1 */
+ Default_Handler, /* PORTA_IRQn = 59, /**< Port A pin detect interrupt */
+ Default_Handler, /* PORTB_IRQn = 60, /**< Port B pin detect interrupt */
+ Default_Handler, /* PORTC_IRQn = 61, /**< Port C pin detect interrupt */
+ Default_Handler, /* PORTD_IRQn = 62, /**< Port D pin detect interrupt */
+ Default_Handler, /* PORTE_IRQn = 63, /**< Port E pin detect interrupt */
+ Default_Handler, /* SWI_IRQn = 64, /**< Software interrupt */
+ Default_Handler, /* SPI2_IRQn = 65, /**< Serial peripheral Interface 2 */
+ Default_Handler, /* Reserved82_IRQn = 66, /**< Reserved interrupt */
+ Default_Handler, /* Reserved83_IRQn = 67, /**< Reserved interrupt */
+ Default_Handler, /* Reserved84_IRQn = 68, /**< Reserved interrupt */
+ Default_Handler, /* Reserved85_IRQn = 69, /**< Reserved interrupt */
+ Default_Handler, /* FLEXIO0_IRQn = 70, /**< FLEXIO0 */
+ Default_Handler, /* FTM3_IRQn = 71, /**< FlexTimer module 3 fault, overflow and channels interrupt */
+ Default_Handler, /* Reserved88_IRQn = 72, /**< Reserved interrupt */
+ Default_Handler, /* Reserved89_IRQn = 73, /**< Reserved interrupt */
+ Default_Handler, /* I2C2_IRQn = 74, /**< Inter-integrated circuit 2 */
+ Default_Handler, /* Reserved91_IRQn = 75, /**< Reserved interrupt */
+ Default_Handler, /* Reserved92_IRQn = 76, /**< Reserved interrupt */
+ Default_Handler, /* Reserved93_IRQn = 77, /**< Reserved interrupt */
+ Default_Handler, /* Reserved94_IRQn = 78, /**< Reserved interrupt */
+ Default_Handler, /* Reserved95_IRQn = 79, /**< Reserved interrupt */
+ Default_Handler, /* Reserved96_IRQn = 80, /**< Reserved interrupt */
+ Default_Handler, /* SDHC_IRQn = 81, /**< Secured digital host controller */
+ Default_Handler, /* Reserved98_IRQn = 82, /**< Reserved interrupt */
+ Default_Handler, /* Reserved99_IRQn = 83, /**< Reserved interrupt */
+ Default_Handler, /* Reserved100_IRQn = 84, /**< Reserved interrupt */
+ Default_Handler, /* Reserved101_IRQn = 85, /**< Reserved interrupt */
+ Default_Handler, /* Reserved102_IRQn = 86, /**< Reserved interrupt */
+ Default_Handler, /* TSI0_IRQn = 87, /**< Touch Sensing Input */
+ Default_Handler, /* TPM1_IRQn = 88, /**< TPM1 single interrupt vector for all sources */
+ Default_Handler, /* TPM2_IRQn = 89, /**< TPM2 single interrupt vector for all sources */
+ Default_Handler, /* Reserved106_IRQn = 90, /**< Reserved interrupt */
+ Default_Handler, /* I2C3_IRQn = 91, /**< Inter-integrated circuit 3 */
+ Default_Handler, /* Reserved108_IRQn = 92, /**< Reserved interrupt */
+ Default_Handler, /* Reserved109_IRQn = 93, /**< Reserved interrupt */
+ Default_Handler, /* Reserved110_IRQn = 94, /**< Reserved interrupt */
+ Default_Handler, /* Reserved111_IRQn = 95, /**< Reserved interrupt */
+ Default_Handler, /* Reserved112_IRQn = 96, /**< Reserved interrupt */
+ Default_Handler, /* Reserved113_IRQn = 97, /**< Reserved interrupt */
+ Default_Handler, /* Reserved114_IRQn = 98, /**< Reserved interrupt */
+ Default_Handler, /* Reserved115_IRQn = 99, /**< Reserved interrupt */
+ Default_Handler, /* QuadSPI0_IRQn = 100, /**< qspi */
+ Default_Handler, /* Reserved117_IRQn = 101, /**< Reserved interrupt */
+ Default_Handler, /* Reserved118_IRQn = 102, /**< Reserved interrupt */
+ Default_Handler, /* Reserved119_IRQn = 103, /**< Reserved interrupt */
+ Default_Handler, /* LTC0_IRQn = 104, /**< LP Trusted Cryptography */
+ Default_Handler, /* Reserved121_IRQn = 105, /**< Reserved interrupt */
+ Default_Handler, /* Reserved122_IRQn = 106 /**< Reserved interrupt */
+#endif /* CPU_MK82FN256VLL15 */
};
diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/include.am b/IDE/ROWLEY-CROSSWORKS-ARM/include.am
index e812cc7e6..c58c76192 100644
--- a/IDE/ROWLEY-CROSSWORKS-ARM/include.am
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/include.am
@@ -6,10 +6,10 @@ EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/arm_startup.c
EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/benchmark_main.c
EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/hw.h
EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/kinetis_hw.c
-EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/Kinetis_MemoryMap.xml
EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/Kinetis_FlashPlacement.xml
EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/README.md
EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/test_main.c
EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/retarget.c
EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h
EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/wolfssl.hzp
+EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/wolfssl_ltc.hzp
diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/kinetis_hw.c b/IDE/ROWLEY-CROSSWORKS-ARM/kinetis_hw.c
index 961e181d8..35b62fd41 100644
--- a/IDE/ROWLEY-CROSSWORKS-ARM/kinetis_hw.c
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/kinetis_hw.c
@@ -21,10 +21,10 @@
#include "hw.h"
+#include "user_settings.h"
#if defined(FREESCALE) && defined(K_SERIES)
-
/**********************************************
* NOTE: Customize for actual hardware
**********************************************/
@@ -33,27 +33,53 @@
// $(TargetsDir) location:
// On Mac OS/X: Users/USERNAME/Library/Rowley Associates Limited/CrossWorks for ARM/packages/targets/
// On Windows: C:/Users/USERNAME/Application Data/Local/Rowley Associates Limited/CrossWorks for ARM/packages/targets/
-#include // Located in $(TargetsDir)/Kinetis/CMSIS/
+
+// Located in $(TargetsDir)/Kinetis/CMSIS/
+#ifdef FREESCALE_KSDK_BM
+ #include "fsl_common.h"
+ #include "fsl_debug_console.h"
+ #include "fsl_rtc.h"
+ #include "fsl_trng.h"
+ #include "fsl_lpuart.h"
+ #include "fsl_port.h"
+ #include "clock_config.h"
+#else
+ #include // Located in $(TargetsDir)/Kinetis/CMSIS/
+#endif
+
// System clock
-#define SYS_CLK_KHZ 96000ul /* Core system clock in KHz */
-#define SYS_CLK_DRS MCG_C4_DRST_DRS(0x03) /* DRS 0=24MHz, 1=48MHz, 2=72MHz, 3=96MHz */
-#define SYS_CLK_DMX MCG_C4_DMX32_MASK /* 0=Disable DMX32 (lower actual speed), MCG_C4_DMX32_MASK=Enable DMX32 */
-#define SYS_CLK_DIV 1 /* System clock divisor */
-#define BUS_CLK_DIV 2 /* Bus clock divisor */
-#define BUS_CLK_KHZ (SYS_CLK_KHZ/BUS_CLK_DIV) /* Helper to calculate bus speed for UART */
-#define FLASH_CLK_DIV 4 /* Flash clock divisor */
+#ifdef FREESCALE_KSDK_BM
+ #define SYS_CLK_HZ SystemCoreClock
+#else
+ #define SYS_CLK_HZ 96000000ul /* Core system clock in Hz */
+ #define SYS_CLK_DRS MCG_C4_DRST_DRS(0x03) /* DRS 0=24MHz, 1=48MHz, 2=72MHz, 3=96MHz */
+ #define SYS_CLK_DMX MCG_C4_DMX32_MASK /* 0=Disable DMX32 (lower actual speed), MCG_C4_DMX32_MASK=Enable DMX32 */
+ #define SYS_CLK_DIV 1 /* System clock divisor */
+ #define BUS_CLK_DIV 2 /* Bus clock divisor */
+ #define BUS_CLK_KHZ (SYS_CLK_HZ/BUS_CLK_DIV) /* Helper to calculate bus speed for UART */
+ #define FLASH_CLK_DIV 4 /* Flash clock divisor */
+#endif
// UART TX Port, Pin, Mux and Baud
-#define UART_PORT UART4 /* UART Port */
-#define UART_TX_PORT PORTE /* UART TX Port */
-#define UART_TX_PIN 24 /* UART TX Pin */
-#define UART_TX_MUX 0x3 /* Kinetis UART pin mux */
-#define UART_BAUD 115200 /* UART Baud Rate */
+#ifdef FREESCALE_KSDK_BM
+ #define UART_PORT LPUART0 /* UART Port */
+ #define UART_TX_PORT PORTA /* UART TX Port */
+ #define UART_TX_PIN 2U /* UART TX Pin */
+ #define UART_TX_MUX kPORT_MuxAlt2 /* Kinetis UART pin mux */
+#else
+ #define UART_PORT UART4 /* UART Port */
+ #define UART_TX_PORT PORTE /* UART TX Port */
+ #define UART_TX_PIN 24U /* UART TX Pin */
+ #define UART_TX_MUX 0x3 /* Kinetis UART pin mux */
+#endif
+#define UART_BAUD 115200 /* UART Baud Rate */
+
/* Note: You will also need to update the UART clock gate in hw_uart_init (SIM_SCGC1_UART5_MASK) */
/* Note: TWR-K60 is UART3, PTC17 */
/* Note: FRDM-K64 is UART4, PTE24 */
/* Note: TWR-K64 is UART5, PTE8 */
+/* Note: FRDM-K82F is LPUART0 A2, LPUART4 PTC15 */
/***********************************************/
@@ -70,6 +96,9 @@ static void delay_nop(uint32_t count)
static void hw_mcg_init(void)
{
+#ifdef FREESCALE_KSDK_BM
+ BOARD_BootClockHSRUN();
+#else
/* Adjust clock dividers (core/system=div/1, bus=div/2, flex bus=div/2, flash=div/4) */
SIM->CLKDIV1 = SIM_CLKDIV1_OUTDIV1(SYS_CLK_DIV-1) | SIM_CLKDIV1_OUTDIV2(BUS_CLK_DIV-1) |
SIM_CLKDIV1_OUTDIV3(BUS_CLK_DIV-1) | SIM_CLKDIV1_OUTDIV4(FLASH_CLK_DIV-1);
@@ -77,10 +106,18 @@ static void hw_mcg_init(void)
/* Configure FEI internal clock speed */
MCG->C4 = (SYS_CLK_DMX | SYS_CLK_DRS);
while((MCG->C4 & (MCG_C4_DRST_DRS_MASK | MCG_C4_DMX32_MASK)) != (SYS_CLK_DMX | SYS_CLK_DRS));
+#endif
}
static void hw_gpio_init(void)
{
+#ifdef FREESCALE_KSDK_BM
+ CLOCK_EnableClock(kCLOCK_PortA);
+ CLOCK_EnableClock(kCLOCK_PortB);
+ CLOCK_EnableClock(kCLOCK_PortC);
+ CLOCK_EnableClock(kCLOCK_PortD);
+ CLOCK_EnableClock(kCLOCK_PortE);
+#else
/* Enable clocks to all GPIO ports */
SIM->SCGC5 |= (SIM_SCGC5_PORTA_MASK | SIM_SCGC5_PORTB_MASK
#ifdef SIM_SCGC5_PORTC_MASK
@@ -93,6 +130,7 @@ static void hw_gpio_init(void)
| SIM_SCGC5_PORTE_MASK
#endif
);
+#endif
}
static void hw_uart_init(void)
@@ -100,7 +138,13 @@ static void hw_uart_init(void)
register uint16_t sbr, brfa;
uint8_t temp;
+#ifdef FREESCALE_KSDK_BM
+ PORT_SetPinMux(UART_TX_PORT, UART_TX_PIN, UART_TX_MUX);
+ CLOCK_SetLpuartClock(1); /* MCGPLLCLK */
+ DbgConsole_Init((uint32_t)UART_PORT, UART_BAUD, DEBUG_CONSOLE_DEVICE_TYPE_LPUART, SYS_CLK_HZ);
+#else
/* Enable UART core clock */
+ /* Note: Remember to update me if UART_PORT changes */
SIM->SCGC1 |= SIM_SCGC1_UART4_MASK;
/* Configure UART TX pin */
@@ -125,12 +169,13 @@ static void hw_uart_init(void)
/* Enable receiver and transmitter */
UART_PORT->C2 |= (UART_C2_TE_MASK | UART_C2_RE_MASK);
+#endif
}
static void hw_rtc_init(void)
{
/* Init nop delay */
- mDelayCyclesPerUs = (SYS_CLK_KHZ / 1000 / NOP_FOR_LOOP_INSTRUCTION_COUNT);
+ mDelayCyclesPerUs = (SYS_CLK_HZ / 1000000 / NOP_FOR_LOOP_INSTRUCTION_COUNT);
/* Enable RTC clock and oscillator */
SIM->SCGC6 |= SIM_SCGC6_RTC_MASK;
@@ -145,7 +190,7 @@ static void hw_rtc_init(void)
}
/* Disable RTC Interrupts */
- RTC_IER = 0;
+ RTC->IER = 0;
/* Enable OSC */
if ((RTC->CR & RTC_CR_OSCE_MASK) == 0) {
@@ -164,6 +209,14 @@ static void hw_rtc_init(void)
static void hw_rand_init(void)
{
+#ifdef FREESCALE_KSDK_BM
+ trng_config_t trngConfig;
+ TRNG_GetDefaultConfig(&trngConfig);
+ /* Set sample mode of the TRNG ring oscillator to Von Neumann, for better random data.*/
+ trngConfig.sampleMode = kTRNG_SampleModeVonNeumann;
+ /* Initialize TRNG */
+ TRNG_Init(TRNG0, &trngConfig);
+#else
/* Enable RNG clocks */
SIM->SCGC6 |= SIM_SCGC6_RNGA_MASK;
SIM->SCGC3 |= SIM_SCGC3_RNGA_MASK;
@@ -176,6 +229,7 @@ static void hw_rand_init(void)
/* Enable RNG generation to RANDOUT FIFO */
RNG->CR |= RNG_CR_GO_MASK;
+#endif
}
@@ -204,14 +258,24 @@ uint32_t hw_get_time_msec(void)
void hw_uart_printchar(int c)
{
+#ifdef FREESCALE_KSDK_BM
+ LPUART_WriteBlocking(UART_PORT, (const uint8_t*)&c, 1); /* Send the character */
+#else
while(!(UART_PORT->S1 & UART_S1_TDRE_MASK)); /* Wait until space is available in the FIFO */
UART_PORT->D = (uint8_t)c; /* Send the character */
+#endif
}
uint32_t hw_rand(void)
{
+ uint32_t rng;
+#ifdef FREESCALE_KSDK_BM
+ TRNG_GetRandomData(TRNG0, &rng, sizeof(rng));
+#else
while((RNG->SR & RNG_SR_OREG_LVL(0xF)) == 0) {}; /* Wait until FIFO has a value available */
- return RNG->OR; /* Return next value in FIFO output register */
+ rng = RNG->OR; /* Return next value in FIFO output register */
+#endif
+ return rng;
}
void delay_us(uint32_t microseconds)
diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/retarget.c b/IDE/ROWLEY-CROSSWORKS-ARM/retarget.c
index 6a4dac38f..958316381 100644
--- a/IDE/ROWLEY-CROSSWORKS-ARM/retarget.c
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/retarget.c
@@ -22,6 +22,17 @@
#include "hw.h"
#include "user_settings.h"
+#include
+
+void __assert(const char *__expression, const char *__filename, int __line)
+{
+ printf("Assert: %s, File %s (%d)\n", __expression, __filename, __line);
+}
+
+unsigned int LowResTimer(void)
+{
+ return hw_get_time_sec();
+}
double current_time(int reset)
{
diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h b/IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h
index f8d751ff0..048de56d5 100644
--- a/IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h
@@ -140,7 +140,7 @@ extern "C" {
/* Ed25519 / Curve25519 */
#undef HAVE_CURVE25519
#undef HAVE_ED25519
-#if 0
+#if 1
#define HAVE_CURVE25519
#define HAVE_ED25519
@@ -196,7 +196,18 @@ extern "C" {
/* HW Crypto Acceleration */
/* ------------------------------------------------------------------------- */
// See README.md for instructions
-//#define FREESCALE_MMCAU 1
+#if 0
+ #define FREESCALE_MMCAU 1
+#endif
+
+/* NXP LTC Support (See README.md for instructions) */
+#if 0
+ #define FSL_HW_CRYPTO_MANUAL_SELECTION
+ #define FREESCALE_USE_MMCAU
+ #define FREESCALE_USE_LTC
+ #define LTC_MAX_ECC_BITS (512)
+ #define LTC_MAX_INT_BYTES (256)
+#endif
/* ------------------------------------------------------------------------- */
@@ -243,6 +254,7 @@ extern "C" {
/* Override Current Time */
/* Allows custom "custom_time()" function to be used for benchmark */
#define WOLFSSL_USER_CURRTIME
+#define USER_TICKS
/* ------------------------------------------------------------------------- */
diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/wolfssl.hzp b/IDE/ROWLEY-CROSSWORKS-ARM/wolfssl.hzp
index 74a4eeaff..ad5c68af8 100644
--- a/IDE/ROWLEY-CROSSWORKS-ARM/wolfssl.hzp
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/wolfssl.hzp
@@ -83,6 +83,9 @@
+
@@ -140,6 +143,8 @@
arm_target_loader_default_loader="Flash"
c_preprocessor_definitions="WOLFSSL_ROWLEY_ARM;WOLFSSL_USER_SETTINGS"
c_user_include_directories=".;../;../../;$(TargetsDir);$(TargetsDir)/Kinetis;$(TargetsDir)/Kinetis/CMSIS;$(TargetsDir)/Kinetis/CMSIS/include;$(TargetsDir)/CMSIS_3/CMSIS/include"
+ debug_register_definition_file="$(TargetsDir)/Kinetis/MK64F12_Peripherals.xml"
+ linker_memory_map_file="$(TargetsDir)/Kinetis/MK64FN1M0xxx12_MemoryMap.xml"
linker_memory_map_macros="FLASHSIZE=0x80000;SRAMSIZE=0x20000"
linker_output_format="bin"
project_dependencies="libwolfssl"
@@ -161,7 +166,6 @@
-
@@ -169,16 +173,21 @@
Name="Common"
Placement="Flash"
Target="MK64FN1M0xxx12"
+ arm_architecture="v7EM"
+ arm_core_type="Cortex-M4"
+ arm_fpu_type="FPv4-SP-D16"
arm_linker_fiq_stack_size="0"
arm_linker_heap_size="91136"
arm_linker_irq_stack_size="0"
arm_linker_stack_size="30720"
arm_simulator_memory_simulation_filename="$(TargetsDir)/Kinetis/KinetisSimulatorMemory.dll"
- arm_simulator_memory_simulation_parameter="MK64FN1M0xxx12;0x100000;0x0;0x0;0x40000"
+ arm_simulator_memory_simulation_parameter="MK64FN1M0xxx12;0x100000;0x0;0x0;0x40000;4"
arm_target_loader_applicable_loaders="Flash"
arm_target_loader_default_loader="Flash"
c_preprocessor_definitions="WOLFSSL_ROWLEY_ARM;WOLFSSL_USER_SETTINGS"
c_user_include_directories=".;../;../../;$(TargetsDir);$(TargetsDir)/Kinetis;$(TargetsDir)/Kinetis/CMSIS;$(TargetsDir)/Kinetis/CMSIS/include;$(TargetsDir)/CMSIS_3/CMSIS/include"
+ debug_register_definition_file="$(TargetsDir)/Kinetis/MK64F12_Peripherals.xml"
+ linker_memory_map_file="$(TargetsDir)/Kinetis/MK64FN1M0xxx12_MemoryMap.xml"
linker_memory_map_macros="FLASHSIZE=0x80000;SRAMSIZE=0x20000"
linker_output_format="bin"
project_dependencies="libwolfssl"
@@ -200,8 +209,11 @@
-
+
+ inherited_configurations="ARM;V7EM;Debug;Kinetis;THUMB;Flash" />
+ inherited_configurations="ARM;V7EM;Release;Kinetis;Flash;THUMB" />
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/src/internal.c b/src/internal.c
index 8b2413d90..ef62d7dc0 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -4507,7 +4507,32 @@ ProtocolVersion MakeDTLSv1_2(void)
-#ifdef USE_WINDOWS_API
+#if defined(USER_TICKS)
+#if 0
+ word32 LowResTimer(void)
+ {
+ /*
+ write your own clock tick function if don't want time(0)
+ needs second accuracy but doesn't have to correlated to EPOCH
+ */
+ }
+#endif
+
+#elif defined(TIME_OVERRIDES)
+
+ /* use same asn time overrides unless user wants tick override above */
+
+ #ifndef HAVE_TIME_T_TYPE
+ typedef long time_t;
+ #endif
+ extern time_t XTIME(time_t * timer);
+
+ word32 LowResTimer(void)
+ {
+ return (word32) XTIME(0);
+ }
+
+#elif defined(USE_WINDOWS_API)
word32 LowResTimer(void)
{
@@ -4618,33 +4643,8 @@ ProtocolVersion MakeDTLSv1_2(void)
return (word32)(uTaskerSystemTick / TICK_RESOLUTION);
}
-#elif defined(USER_TICKS)
-#if 0
- word32 LowResTimer(void)
- {
- /*
- write your own clock tick function if don't want time(0)
- needs second accuracy but doesn't have to correlated to EPOCH
- */
- }
-#endif
-
-#elif defined(TIME_OVERRIDES)
-
- /* use same asn time overrides unless user wants tick override above */
-
- #ifndef HAVE_TIME_T_TYPE
- typedef long time_t;
- #endif
- extern time_t XTIME(time_t * timer);
-
- word32 LowResTimer(void)
- {
- return (word32) XTIME(0);
- }
-
-#else /* !USE_WINDOWS_API && !HAVE_RTP_SYS && !MICRIUM && !USER_TICKS */
-
+#else
+ /* Posix style time */
#include
word32 LowResTimer(void)
@@ -4653,7 +4653,7 @@ ProtocolVersion MakeDTLSv1_2(void)
}
-#endif /* USE_WINDOWS_API */
+#endif
#ifndef NO_CERTS
diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c
index 4aac5afb9..9837e9f29 100644
--- a/wolfcrypt/src/aes.c
+++ b/wolfcrypt/src/aes.c
@@ -1953,57 +1953,26 @@ int wc_InitAes_h(Aes* aes, void* h)
void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
{
byte *key;
- uint32_t keySize = 0;
+ uint32_t keySize;
key = (byte*)aes->key;
+ wc_AesGetKeySize(aes, &keySize);
- switch (aes->rounds) {
- case 10:
- keySize = 16;
- break;
- case 12:
- keySize = 24;
- break;
- case 14:
- keySize = 32;
- break;
- }
-
- LTC_AES_EncryptEcb( LTC_BASE,
- in,
- out,
- 16,
- key,
- keySize);
+ LTC_AES_EncryptEcb(LTC_BASE, in, out, AES_BLOCK_SIZE,
+ key, keySize);
}
/* Allow direct access to one block decrypt */
void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
{
byte *key;
- uint32_t keySize = 0;
+ uint32_t keySize;
key = (byte*)aes->key;
+ wc_AesGetKeySize(aes, &keySize);
- switch (aes->rounds) {
- case 10:
- keySize = 16;
- break;
- case 12:
- keySize = 24;
- break;
- case 14:
- keySize = 32;
- break;
- }
-
- LTC_AES_DecryptEcb( LTC_BASE,
- in,
- out,
- 16,
- key,
- keySize,
- kLTC_EncryptKey);
+ LTC_AES_DecryptEcb(LTC_BASE, in, out, AES_BLOCK_SIZE,
+ key, keySize, kLTC_EncryptKey);
}
#else
@@ -2120,9 +2089,9 @@ int wc_InitAes_h(Aes* aes, void* h)
/* store iv for next call */
XMEMCPY(aes->reg, out + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
- sz -= 16;
- in += 16;
- out += 16;
+ sz -= AES_BLOCK_SIZE;
+ in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
}
/* disable crypto processor */
@@ -2242,9 +2211,9 @@ int wc_InitAes_h(Aes* aes, void* h)
/* store iv for next call */
XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
- sz -= 16;
- in += 16;
- out += 16;
+ sz -= AES_BLOCK_SIZE;
+ in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
}
/* disable crypto processor */
@@ -2362,65 +2331,40 @@ int wc_InitAes_h(Aes* aes, void* h)
#elif defined(FREESCALE_LTC)
int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
- uint32_t keySize = 0;
+ uint32_t keySize;
status_t status;
byte *iv, *enc_key;
iv = (byte*)aes->reg;
enc_key = (byte*)aes->key;
- switch (aes->rounds) {
- case 10:
- keySize = 16;
- break;
- case 12:
- keySize = 24;
- break;
- case 14:
- keySize = 32;
- break;
+ status = wc_AesGetKeySize(aes, &keySize);
+ if (status != 0) {
+ return status;
}
- status = LTC_AES_EncryptCbc(LTC_BASE,
- in,
- out,
- sz,
- iv,
- enc_key,
- keySize);
+ status = LTC_AES_EncryptCbc(LTC_BASE, in, out, sz,
+ iv, enc_key, keySize);
return (status == kStatus_Success) ? 0 : -1;
}
#ifdef HAVE_AES_DECRYPT
int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
- uint32_t keySize = 0;
+ uint32_t keySize;
status_t status;
byte* iv, *dec_key;
iv = (byte*)aes->reg;
dec_key = (byte*)aes->key;
- switch (aes->rounds) {
- case 10:
- keySize = 16;
- break;
- case 12:
- keySize = 24;
- break;
- case 14:
- keySize = 32;
- break;
+ status = wc_AesGetKeySize(aes, &keySize);
+ if (status != 0) {
+ return status;
}
- status = LTC_AES_DecryptCbc(LTC_BASE,
- in,
- out,
- sz,
- iv,
- dec_key,
- keySize,
- kLTC_EncryptKey);
+ status = LTC_AES_DecryptCbc(LTC_BASE, in, out, sz,
+ iv, dec_key, keySize, kLTC_EncryptKey);
return (status == kStatus_Success) ? 0 : -1;
}
#endif /* HAVE_AES_DECRYPT */
@@ -2437,7 +2381,6 @@ int wc_InitAes_h(Aes* aes, void* h)
iv = (byte*)aes->reg;
-
while (len > 0)
{
XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE);
@@ -2821,9 +2764,9 @@ int wc_InitAes_h(Aes* aes, void* h)
/* store iv for next call */
XMEMCPY(aes->reg, out + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
- sz -= 16;
- in += 16;
- out += 16;
+ sz -= AES_BLOCK_SIZE;
+ in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
}
/* disable crypto processor */
@@ -2894,7 +2837,7 @@ int wc_InitAes_h(Aes* aes, void* h)
#elif defined(FREESCALE_LTC)
void wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
- uint32_t keySize = 0;
+ uint32_t keySize;
byte *iv, *enc_key;
byte* tmp = (byte*)aes->tmp + AES_BLOCK_SIZE - aes->left;
@@ -2909,27 +2852,11 @@ int wc_InitAes_h(Aes* aes, void* h)
iv = (byte*)aes->reg;
enc_key = (byte*)aes->key;
- switch (aes->rounds) {
- case 10:
- keySize = 16;
- break;
- case 12:
- keySize = 24;
- break;
- case 14:
- keySize = 32;
- break;
- }
+ wc_AesGetKeySize(aes, &keySize);
- LTC_AES_CryptCtr( LTC_BASE,
- in,
- out,
- sz,
- iv,
- enc_key,
- keySize,
- (byte*)aes->tmp,
- (uint32_t*)&(aes->left));
+ LTC_AES_CryptCtr(LTC_BASE, in, out, sz,
+ iv, enc_key, keySize, (byte*)aes->tmp,
+ (uint32_t*)&(aes->left));
}
}
@@ -4068,35 +3995,18 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
{
#if defined(FREESCALE_LTC_AES_GCM)
byte *key;
- uint32_t keySize = 0;
+ uint32_t keySize;
status_t status;
key = (byte*)aes->key;
- switch (aes->rounds) {
- case 10:
- keySize = 16;
- break;
- case 12:
- keySize = 24;
- break;
- case 14:
- keySize = 32;
- break;
+ status = wc_AesGetKeySize(aes, &keySize);
+ if (status != 0) {
+ return status;
}
- status = LTC_AES_EncryptTagGcm( LTC_BASE,
- in,
- out,
- sz,
- iv,
- ivSz,
- authIn,
- authInSz,
- key,
- keySize,
- authTag,
- authTagSz);
+ status = LTC_AES_EncryptTagGcm(LTC_BASE, in, out, sz,
+ iv, ivSz, authIn, authInSz, key, keySize, authTag, authTagSz);
return (status == kStatus_Success) ? 0 : AES_GCM_AUTH_E;
@@ -4180,35 +4090,18 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
{
#if defined(FREESCALE_LTC_AES_GCM)
byte *key;
- uint32_t keySize = 0;
+ uint32_t keySize;
status_t status;
key = (byte*)aes->key;
- switch (aes->rounds) {
- case 10:
- keySize = 16;
- break;
- case 12:
- keySize = 24;
- break;
- case 14:
- keySize = 32;
- break;
+ status = wc_AesGetKeySize(aes, &keySize);
+ if (status != 0) {
+ return status;
}
- status = LTC_AES_DecryptTagGcm( LTC_BASE,
- in,
- out,
- sz,
- iv,
- ivSz,
- authIn,
- authInSz,
- key,
- keySize,
- authTag,
- authTagSz);
+ status = LTC_AES_DecryptTagGcm(LTC_BASE, in, out, sz,
+ iv, ivSz, authIn, authInSz, key, keySize, authTag, authTagSz);
return (status == kStatus_Success) ? 0 : AES_GCM_AUTH_E;
@@ -4417,40 +4310,20 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
{
#ifdef FREESCALE_LTC
byte *key;
- uint32_t keySize = 0;
+ uint32_t keySize;
status_t status;
key = (byte*)aes->key;
- switch (aes->rounds)
- {
- case 10:
- keySize = 16;
- break;
- case 12:
- keySize = 24;
- break;
- case 14:
- keySize = 32;
- break;
+ status = wc_AesGetKeySize(aes, &keySize);
+ if (status != 0) {
+ return status;
}
- status = LTC_AES_EncryptTagCcm(LTC_BASE,
- in,
- out,
- inSz,
- nonce,
- nonceSz,
- authIn,
- authInSz,
- key,
- keySize,
- authTag,
- authTagSz);
- if (kStatus_Success == status)
- return 0;
- else
- return BAD_FUNC_ARG;
+ status = LTC_AES_EncryptTagCcm(LTC_BASE, in, out, inSz,
+ nonce, nonceSz, authIn, authInSz, key, keySize, authTag, authTagSz);
+
+ return (kStatus_Success == status) ? 0 : BAD_FUNC_ARG;
#else
byte A[AES_BLOCK_SIZE];
byte B[AES_BLOCK_SIZE];
@@ -4521,35 +4394,18 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
{
#ifdef FREESCALE_LTC
byte *key;
- uint32_t keySize = 0;
+ uint32_t keySize;
status_t status;
key = (byte*)aes->key;
- switch (aes->rounds) {
- case 10:
- keySize = 16;
- break;
- case 12:
- keySize = 24;
- break;
- case 14:
- keySize = 32;
- break;
+ status = wc_AesGetKeySize(aes, &keySize);
+ if (status != 0) {
+ return status;
}
- status = LTC_AES_DecryptTagCcm( LTC_BASE,
- in,
- out,
- inSz,
- nonce,
- nonceSz,
- authIn,
- authInSz,
- key,
- keySize,
- authTag,
- authTagSz);
+ status = LTC_AES_DecryptTagCcm(LTC_BASE, in, out, inSz,
+ nonce, nonceSz, authIn, authInSz, key, keySize, authTag, authTagSz);
if (status == kStatus_Success) {
return 0;
@@ -4671,7 +4527,34 @@ void wc_AesAsyncFree(Aes* aes)
#endif /* WOLFSSL_ASYNC_CRYPT */
-#endif /* WOLFSSL_TI_CRYPT */
+
+int wc_AesGetKeySize(Aes* aes, word32* keySize)
+{
+ int ret = 0;
+
+ if (aes == NULL || keySize == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ switch (aes->rounds) {
+ case 10:
+ *keySize = 16;
+ break;
+ case 12:
+ *keySize = 24;
+ break;
+ case 14:
+ *keySize = 32;
+ break;
+ default:
+ *keySize = 0;
+ ret = BAD_FUNC_ARG;
+ }
+
+ return ret;
+}
+
+#endif /* !WOLFSSL_TI_CRYPT */
#endif /* HAVE_FIPS */
diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index 5b79f4298..84b4d8813 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -104,7 +104,26 @@ ASN Options:
#endif
#ifndef NO_ASN_TIME
-#if defined(HAVE_RTP_SYS)
+#if defined(USER_TIME)
+ /* user time, and gmtime compatible functions, there is a gmtime
+ implementation here that WINCE uses, so really just need some ticks
+ since the EPOCH
+ */
+ #define WOLFSSL_GMTIME
+ #define USE_WOLF_TM
+ #define USE_WOLF_TIME_T
+
+#elif defined(TIME_OVERRIDES)
+ /* user would like to override time() and gmtime() functionality */
+ #ifndef HAVE_TIME_T_TYPE
+ #define USE_WOLF_TIME_T
+ #endif
+ #ifndef HAVE_TM_TYPE
+ #define USE_WOLF_TM
+ #endif
+ #define NEED_TMP_TIME
+
+#elif defined(HAVE_RTP_SYS)
/* uses parital structures */
#define XTIME(tl) (0)
#define XGMTIME(c, t) rtpsys_gmtime((c))
@@ -134,25 +153,6 @@ ASN Options:
#endif
#define XGMTIME(c, t) gmtime((c))
-#elif defined(USER_TIME)
- /* user time, and gmtime compatible functions, there is a gmtime
- implementation here that WINCE uses, so really just need some ticks
- since the EPOCH
- */
- #define WOLFSSL_GMTIME
- #define USE_WOLF_TM
- #define USE_WOLF_TIME_T
-
-#elif defined(TIME_OVERRIDES)
- /* user would like to override time() and gmtime() functionality */
- #ifndef HAVE_TIME_T_TYPE
- #define USE_WOLF_TIME_T
- #endif
- #ifndef HAVE_TM_TYPE
- #define USE_WOLF_TM
- #endif
- #define NEED_TMP_TIME
-
#elif defined(IDIRECT_DEV_TIME)
/*Gets the timestamp from cloak software owned by VT iDirect
in place of time() from */
diff --git a/wolfcrypt/src/curve25519.c b/wolfcrypt/src/curve25519.c
index 2e90422e9..6740cc536 100644
--- a/wolfcrypt/src/curve25519.c
+++ b/wolfcrypt/src/curve25519.c
@@ -41,7 +41,7 @@
#endif
#if defined(FREESCALE_LTC_ECC)
- #include "nxp/ksdk_port.h"
+ #include
#endif
const curve25519_set_type curve25519_sets[] = {
@@ -53,11 +53,11 @@ const curve25519_set_type curve25519_sets[] = {
int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key)
{
- #ifdef FREESCALE_LTC_ECC
- ECPoint * basepoint = wc_curve25519_GetBasePoint();
- #else
- unsigned char basepoint[CURVE25519_KEYSIZE] = {9};
- #endif
+#ifdef FREESCALE_LTC_ECC
+ const ECPoint* basepoint = wc_curve25519_GetBasePoint();
+#else
+ unsigned char basepoint[CURVE25519_KEYSIZE] = {9};
+#endif
int ret;
if (key == NULL || rng == NULL)
@@ -79,7 +79,7 @@ int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key)
/* compute public key */
#ifdef FREESCALE_LTC_ECC
- ret = wc_curve25519(&key->p, key->k.point, basepoint, kLTC_Weierstrass /* input basepoint on Weierstrass curve */);
+ ret = wc_curve25519(&key->p, key->k.point, basepoint, kLTC_Weierstrass); /* input basepoint on Weierstrass curve */
#else
ret = curve25519(key->p.point, key->k.point, basepoint);
#endif
diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c
index bcfecf0dc..fbb488d26 100644
--- a/wolfcrypt/src/ecc.c
+++ b/wolfcrypt/src/ecc.c
@@ -104,7 +104,7 @@ ECC Curve Sizes:
#endif
#if defined(FREESCALE_LTC_ECC)
- #include "nxp/ksdk_port.h"
+ #include
#endif
#ifdef USE_FAST_MATH
@@ -983,7 +983,6 @@ static int get_digit_count(mp_int* a)
}
/* helper for either lib */
-#ifndef FREESCALE_LTC_ECC
static mp_digit get_digit(mp_int* a, int n)
{
if (a == NULL)
@@ -991,7 +990,6 @@ static mp_digit get_digit(mp_int* a, int n)
return (n >= a->used || n < 0) ? 0 : a->dp[n];
}
-#endif /* FREESCALE_LTC_ECC */
/**
Add two ECC points
@@ -1651,6 +1649,7 @@ done:
return err;
}
+#if !defined(FREESCALE_LTC_ECC)
#ifndef ECC_TIMING_RESISTANT
@@ -1926,7 +1925,6 @@ int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
(1==map, 0 == leave in projective)
return MP_OKAY on success
*/
-#if !defined(FREESCALE_LTC_ECC)
#ifdef FP_ECC
static int normal_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
mp_int* a, mp_int* modulus, int map, void* heap)
@@ -2118,7 +2116,6 @@ int wc_ecc_mulmod_ex(mp_int* k, ecc_point *G, ecc_point *R,
}
return err;
}
-#endif /* FREESCALE_LTC_ECC */
#ifndef FP_ECC
@@ -2130,6 +2127,8 @@ int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
#endif /* ! FP_ECC */
#endif /* ECC_TIMING_RESISTANT */
+#endif /* !FREESCALE_LTC_ECC */
+
#ifdef ALT_ECC_SIZE
@@ -2432,7 +2431,8 @@ int wc_ecc_shared_secret_ssh(ecc_key* private_key, ecc_point* point,
err = mp_read_radix(&a, private_key->dp->Af, 16);
if (err == MP_OKAY)
- err = wc_ecc_mulmod(&private_key->k, point, result, &a, &prime, 1);
+ err = wc_ecc_mulmod_ex(&private_key->k, point, result, &a, &prime, 1,
+ private_key->heap);
if (err == MP_OKAY) {
x = mp_unsigned_bin_size(&prime);
@@ -2588,6 +2588,12 @@ int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id)
err = mp_mod(&key->k, &order, &key->k);
}
+ /* the key should be smaller than the order of base point */
+ if (err == MP_OKAY) {
+ if (mp_cmp(&key->k, &order) != MP_LT)
+ err = mp_mod(&key->k, &order, &key->k);
+ }
+
/* make the public key */
if (err == MP_OKAY)
err = wc_ecc_mulmod_ex(&key->k, base, &key->pubkey, &a, &prime, 1,
@@ -3374,9 +3380,9 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
#ifdef FREESCALE_LTC_ECC
/* use PKHA to compute u1*mG + u2*mQ */
if (err == MP_OKAY)
- err = wc_ecc_mulmod(&u1, mG, mG, &m, 0);
+ err = wc_ecc_mulmod_ex(&u1, mG, mG, &m, 0, NULL);
if (err == MP_OKAY)
- err = wc_ecc_mulmod(&u2, mQ, mQ, &m, 0);
+ err = wc_ecc_mulmod_ex(&u2, mQ, mQ, &m, 0, NULL);
if (err == MP_OKAY)
err = wc_ecc_point_add(mG, mQ, mG, &m);
#else /* FREESCALE_LTC_ECC */
@@ -5656,6 +5662,7 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
}
#endif /* ECC_SHAMIR */
+#if !defined(FREESCALE_LTC_TFM)
/** ECC Fixed Point mulmod global
k The multiplicand
G Base point to multiply
@@ -5671,7 +5678,7 @@ int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
{
return wc_ecc_mulmod_ex(k, G, R, a, modulus, map, NULL);
}
-
+#endif /* !FREESCALE_LTC_TFM */
/** ECC Fixed Point mulmod global
k The multiplicand
diff --git a/wolfcrypt/src/ed25519.c b/wolfcrypt/src/ed25519.c
index 17aa2db04..310b6cfd6 100644
--- a/wolfcrypt/src/ed25519.c
+++ b/wolfcrypt/src/ed25519.c
@@ -42,7 +42,7 @@
#endif
#ifdef FREESCALE_LTC_ECC
- #include "nxp/ksdk_port.h"
+ #include
#endif
/* generate an ed25519 key pair.
diff --git a/wolfcrypt/src/integer.c b/wolfcrypt/src/integer.c
index ff7095bce..7e0c59820 100644
--- a/wolfcrypt/src/integer.c
+++ b/wolfcrypt/src/integer.c
@@ -4628,7 +4628,9 @@ LBL_U:mp_clear (&v);
/* chars used in radix conversions */
const char *mp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ\
abcdefghijklmnopqrstuvwxyz+/";
+#endif
+#ifdef HAVE_ECC
/* read a string [ASCII] in a given radix */
int mp_read_radix (mp_int * a, const char *str, int radix)
{
@@ -4692,6 +4694,7 @@ int mp_read_radix (mp_int * a, const char *str, int radix)
}
return MP_OKAY;
}
+#endif /* HAVE_ECC */
#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) || \
defined(WOLFSSL_DEBUG_MATH)
diff --git a/wolfcrypt/src/port/nxp/ksdk_port.c b/wolfcrypt/src/port/nxp/ksdk_port.c
index b187e04b1..c347d0244 100755
--- a/wolfcrypt/src/port/nxp/ksdk_port.c
+++ b/wolfcrypt/src/port/nxp/ksdk_port.c
@@ -1,45 +1,70 @@
/* ksdk_port.c
*
- * Copyright (C) 2006-2016 wolfSSL Inc. All rights reserved.
+ * Copyright (C) 2006-2016 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
- * Contact licensing@wolfssl.com with any questions or comments.
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
*
- * http://www.wolfssl.com
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifdef HAVE_CONFIG_H
-#include
+ #include
#endif
/* in case user set USE_FAST_MATH there */
#include
#ifdef NO_INLINE
-#include
+ #include
#else
-#include
+ #define WOLFSSL_MISC_INCLUDED
+ #include
#endif
-#ifdef USE_FAST_MATH
+/* If FREESCALE_LTC_TFM or FREESCALE_LTC_ECC */
+#if (defined(USE_FAST_MATH) && defined(FREESCALE_LTC_TFM)) ||\
+ defined(FREESCALE_LTC_ECC)
+#include
#include
-#include
-#include /* will define asm MACROS or C ones */
-
-#if defined(FREESCALE_LTC_TFM)
-
-#include "nxp/ksdk_port.h"
-#include "fsl_ltc.h"
+#include
+#include
#include
+#define ERROR_OUT(err) { ret = (err); goto done; }
+
+
+int ksdk_port_init(void)
+{
+#if defined(USE_FAST_MATH) && defined(FREESCALE_LTC_TFM)
+ LTC_Init(LTC0);
+#endif
+
+ return 0;
+}
+
+
+/* LTC TFM */
+#if defined(USE_FAST_MATH) && defined(FREESCALE_LTC_TFM)
+#include
+
/* Reverse array in memory (in place) */
static void ltc_reverse_array(uint8_t *src, size_t src_len)
{
int i;
- for (i = 0; i < src_len / 2; i++)
- {
+ for (i = 0; i < src_len / 2; i++) {
uint8_t tmp;
tmp = src[i];
@@ -77,8 +102,7 @@ void fp_mul(fp_int *A, fp_int *B, fp_int *C)
szB = fp_unsigned_bin_size(B);
/* if unsigned mul can fit into LTC PKHA let's use it, otherwise call software mul */
- if ((szA <= LTC_MAX_INT_BYTES / 2) && (szB <= LTC_MAX_INT_BYTES / 2))
- {
+ if ((szA <= LTC_MAX_INT_BYTES / 2) && (szB <= LTC_MAX_INT_BYTES / 2)) {
int neg;
neg = (A->sign == B->sign) ? FP_ZPOS : FP_NEG;
@@ -88,8 +112,7 @@ void fp_mul(fp_int *A, fp_int *B, fp_int *C)
uint8_t *ptrB = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, 0, DYNAMIC_TYPE_BIGINT);
uint8_t *ptrC = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, 0, DYNAMIC_TYPE_BIGINT);
- if (ptrA && ptrB && ptrC)
- {
+ if (ptrA && ptrB && ptrC) {
uint16_t sizeA, sizeB;
ltc_get_lsb_bin_from_mp_int(ptrA, A, &sizeA);
@@ -106,22 +129,18 @@ void fp_mul(fp_int *A, fp_int *B, fp_int *C)
/* fix sign */
C->sign = neg;
- if (ptrA)
- {
- XFREE(ptrA, 0, DYNAMIC_TYPE_BIGINT);
+ if (ptrA) {
+ XFREE(ptrA, NULL, DYNAMIC_TYPE_BIGINT);
}
- if (ptrB)
- {
- XFREE(ptrB, 0, DYNAMIC_TYPE_BIGINT);
+ if (ptrB) {
+ XFREE(ptrB, NULL, DYNAMIC_TYPE_BIGINT);
}
- if (ptrC)
- {
- XFREE(ptrC, 0, DYNAMIC_TYPE_BIGINT);
+ if (ptrC) {
+ XFREE(ptrC, NULL, DYNAMIC_TYPE_BIGINT);
}
return;
}
- else
- {
+ else {
wolfcrypt_fp_mul(A, B, C);
}
}
@@ -147,8 +166,7 @@ int fp_mod(fp_int *a, fp_int *b, fp_int *c)
neg = (a->sign == b->sign) ? FP_ZPOS : FP_NEG;
/* get remainder of unsigned a divided by unsigned b */
- if (ptrA && ptrB && ptrC)
- {
+ if (ptrA && ptrB && ptrC) {
uint16_t sizeA, sizeB, sizeC;
ltc_get_lsb_bin_from_mp_int(ptrA, a, &sizeA);
@@ -160,36 +178,30 @@ int fp_mod(fp_int *a, fp_int *b, fp_int *c)
ltc_reverse_array(ptrC, sizeC);
mp_read_unsigned_bin(c, ptrC, sizeC);
}
- else
- {
+ else {
res = FP_VAL;
}
}
- else
- {
+ else {
res = FP_MEM;
}
/* fix sign */
c->sign = neg;
- if (ptrA)
- {
- XFREE(ptrA, 0, DYNAMIC_TYPE_BIGINT);
+ if (ptrA) {
+ XFREE(ptrA, NULL, DYNAMIC_TYPE_BIGINT);
}
- if (ptrB)
- {
- XFREE(ptrB, 0, DYNAMIC_TYPE_BIGINT);
+ if (ptrB) {
+ XFREE(ptrB, NULL, DYNAMIC_TYPE_BIGINT);
}
- if (ptrC)
- {
- XFREE(ptrC, 0, DYNAMIC_TYPE_BIGINT);
+ if (ptrC) {
+ XFREE(ptrC, NULL, DYNAMIC_TYPE_BIGINT);
}
return res;
#if defined(FREESCALE_LTC_TFM_RSA_4096_ENABLE)
}
- else
- {
+ else {
return wolfcrypt_fp_mod(a, b, c);
}
#endif /* FREESCALE_LTC_TFM_RSA_4096_ENABLE */
@@ -202,8 +214,7 @@ int fp_invmod(fp_int *a, fp_int *b, fp_int *c)
int szA, szB;
szA = fp_unsigned_bin_size(a);
szB = fp_unsigned_bin_size(b);
- if ((szA <= LTC_MAX_INT_BYTES) && (szB <= LTC_MAX_INT_BYTES))
- {
+ if ((szA <= LTC_MAX_INT_BYTES) && (szB <= LTC_MAX_INT_BYTES)) {
#endif
int res = FP_OKAY;
@@ -211,8 +222,7 @@ int fp_invmod(fp_int *a, fp_int *b, fp_int *c)
uint8_t *ptrB = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, 0, DYNAMIC_TYPE_BIGINT);
uint8_t *ptrC = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, 0, DYNAMIC_TYPE_BIGINT);
- if (ptrA && ptrB && ptrC)
- {
+ if (ptrA && ptrB && ptrC) {
uint16_t sizeA, sizeB, sizeC;
ltc_get_lsb_bin_from_mp_int(ptrA, a, &sizeA);
@@ -224,37 +234,31 @@ int fp_invmod(fp_int *a, fp_int *b, fp_int *c)
ltc_reverse_array(ptrC, sizeC);
mp_read_unsigned_bin(c, ptrC, sizeC);
}
- else
- {
+ else {
res = FP_VAL;
}
}
- else
- {
+ else {
res = FP_MEM;
}
c->sign = a->sign;
- if (ptrA)
- {
- XFREE(ptrA, 0, DYNAMIC_TYPE_BIGINT);
+ if (ptrA) {
+ XFREE(ptrA, NULL, DYNAMIC_TYPE_BIGINT);
}
- if (ptrB)
- {
- XFREE(ptrB, 0, DYNAMIC_TYPE_BIGINT);
+ if (ptrB) {
+ XFREE(ptrB, NULL, DYNAMIC_TYPE_BIGINT);
}
- if (ptrC)
- {
- XFREE(ptrC, 0, DYNAMIC_TYPE_BIGINT);
+ if (ptrC) {
+ XFREE(ptrC, NULL, DYNAMIC_TYPE_BIGINT);
}
return res;
#if defined(FREESCALE_LTC_TFM_RSA_4096_ENABLE)
}
- else
- {
+ else {
return wolfcrypt_fp_invmod(a, b, c);
}
-#endif
+#endif /* FREESCALE_LTC_TFM_RSA_4096_ENABLE */
}
/* d = a * b (mod c) */
@@ -265,33 +269,29 @@ int fp_mulmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
szA = fp_unsigned_bin_size(a);
szB = fp_unsigned_bin_size(b);
szC = fp_unsigned_bin_size(c);
- if ((szA <= LTC_MAX_INT_BYTES) && (szB <= LTC_MAX_INT_BYTES) && (szC <= LTC_MAX_INT_BYTES))
- {
+ if ((szA <= LTC_MAX_INT_BYTES) && (szB <= LTC_MAX_INT_BYTES) && (szC <= LTC_MAX_INT_BYTES)) {
#endif /* FREESCALE_LTC_TFM_RSA_4096_ENABLE */
int res = FP_OKAY;
fp_int t;
- uint8_t *ptrA = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, 0, DYNAMIC_TYPE_BIGINT);
- uint8_t *ptrB = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, 0, DYNAMIC_TYPE_BIGINT);
- uint8_t *ptrC = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, 0, DYNAMIC_TYPE_BIGINT);
- uint8_t *ptrD = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, 0, DYNAMIC_TYPE_BIGINT);
+ uint8_t *ptrA = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT);
+ uint8_t *ptrB = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT);
+ uint8_t *ptrC = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT);
+ uint8_t *ptrD = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT);
/* if A or B is negative, substracta abs(A) or abs(B) from modulus to get positive integer representation of the
* same number */
fp_init(&t);
- if (a->sign)
- {
+ if (a->sign) {
fp_add(a, c, &t);
fp_copy(&t, a);
}
- if (b->sign)
- {
+ if (b->sign) {
fp_add(b, c, &t);
fp_copy(&t, b);
}
- if (ptrA && ptrB && ptrC && ptrD)
- {
+ if (ptrA && ptrB && ptrC && ptrD) {
uint16_t sizeA, sizeB, sizeC, sizeD;
ltc_get_lsb_bin_from_mp_int(ptrA, a, &sizeA);
@@ -299,8 +299,7 @@ int fp_mulmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
ltc_get_lsb_bin_from_mp_int(ptrC, c, &sizeC);
/* (A*B)mod C = ((A mod C) * (B mod C)) mod C */
- if (LTC_PKHA_CompareBigNum(ptrA, sizeA, ptrC, sizeC) >= 0)
- {
+ if (LTC_PKHA_CompareBigNum(ptrA, sizeA, ptrC, sizeC) >= 0) {
if (kStatus_Success !=
LTC_PKHA_ModRed(LTC_BASE, ptrA, sizeA, ptrC, sizeC, ptrA, &sizeA, kLTC_PKHA_IntegerArith))
{
@@ -316,8 +315,7 @@ int fp_mulmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
}
}
- if (FP_OKAY == res)
- {
+ if (FP_OKAY == res) {
if (kStatus_Success != LTC_PKHA_ModMul(LTC_BASE, ptrA, sizeA, ptrB, sizeB, ptrC, sizeC, ptrD, &sizeD,
kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized))
@@ -326,38 +324,31 @@ int fp_mulmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
}
}
- if (FP_OKAY == res)
- {
+ if (FP_OKAY == res) {
ltc_reverse_array(ptrD, sizeD);
mp_read_unsigned_bin(d, ptrD, sizeD);
}
}
- else
- {
+ else {
res = FP_MEM;
}
- if (ptrA)
- {
- XFREE(ptrA, 0, DYNAMIC_TYPE_BIGINT);
+ if (ptrA) {
+ XFREE(ptrA, NULL, DYNAMIC_TYPE_BIGINT);
}
- if (ptrB)
- {
- XFREE(ptrB, 0, DYNAMIC_TYPE_BIGINT);
+ if (ptrB) {
+ XFREE(ptrB, NULL, DYNAMIC_TYPE_BIGINT);
}
- if (ptrC)
- {
- XFREE(ptrC, 0, DYNAMIC_TYPE_BIGINT);
+ if (ptrC) {
+ XFREE(ptrC, NULL, DYNAMIC_TYPE_BIGINT);
}
- if (ptrD)
- {
- XFREE(ptrD, 0, DYNAMIC_TYPE_BIGINT);
+ if (ptrD) {
+ XFREE(ptrD, NULL, DYNAMIC_TYPE_BIGINT);
}
return res;
#if defined(FREESCALE_LTC_TFM_RSA_4096_ENABLE)
}
- else
- {
+ else {
return wolfcrypt_fp_mulmod(a, b, c, d);
}
#endif /* FREESCALE_LTC_TFM_RSA_4096_ENABLE */
@@ -371,9 +362,8 @@ int _fp_exptmod(fp_int *G, fp_int *X, fp_int *P, fp_int *Y)
szA = fp_unsigned_bin_size(G);
szB = fp_unsigned_bin_size(X);
szC = fp_unsigned_bin_size(P);
- if ((szA <= LTC_MAX_INT_BYTES) && (szB <= LTC_MAX_INT_BYTES) && (szC <= LTC_MAX_INT_BYTES))
- {
-#endif
+ if ((szA <= LTC_MAX_INT_BYTES) && (szB <= LTC_MAX_INT_BYTES) && (szC <= LTC_MAX_INT_BYTES)) {
+#endif /* FREESCALE_LTC_TFM_RSA_4096_ENABLE */
int res = FP_OKAY;
fp_int t;
@@ -384,14 +374,12 @@ int _fp_exptmod(fp_int *G, fp_int *X, fp_int *P, fp_int *Y)
/* if G is negative, add modulus to convert to positive number for LTC */
fp_init(&t);
- if (G->sign)
- {
+ if (G->sign) {
fp_add(G, P, &t);
fp_copy(&t, G);
}
- if (ptrG && ptrX && ptrP)
- {
+ if (ptrG && ptrX && ptrP) {
ltc_get_lsb_bin_from_mp_int(ptrG, G, &sizeG);
ltc_get_lsb_bin_from_mp_int(ptrX, X, &sizeX);
ltc_get_lsb_bin_from_mp_int(ptrP, P, &sizeP);
@@ -403,70 +391,52 @@ int _fp_exptmod(fp_int *G, fp_int *X, fp_int *P, fp_int *Y)
and then the modular exponentiation.
*/
/* if G >= P then */
- if (LTC_PKHA_CompareBigNum(ptrG, sizeG, ptrP, sizeP) >= 0)
- {
+ if (LTC_PKHA_CompareBigNum(ptrG, sizeG, ptrP, sizeP) >= 0) {
res = (int)LTC_PKHA_ModRed(LTC_BASE, ptrG, sizeG, ptrP, sizeP, ptrG, &sizeG, kLTC_PKHA_IntegerArith);
- if (res != kStatus_Success)
- {
+ if (res != kStatus_Success) {
res = FP_VAL;
}
}
- if (FP_OKAY == res)
- {
+ if (FP_OKAY == res) {
res = (int)LTC_PKHA_ModExp(LTC_BASE, ptrG, sizeG, ptrP, sizeP, ptrX, sizeX, ptrP, &sizeP,
kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
- if (res != kStatus_Success)
- {
+ if (res != kStatus_Success) {
res = FP_VAL;
}
- else
- {
+ else {
ltc_reverse_array(ptrP, sizeP);
mp_read_unsigned_bin(Y, ptrP, sizeP);
}
}
}
- else
- {
+ else {
res = FP_MEM;
}
- if (ptrG)
- {
- XFREE(ptrG, 0, DYNAMIC_TYPE_BIGINT);
+ if (ptrG) {
+ XFREE(ptrG, NULL, DYNAMIC_TYPE_BIGINT);
}
- if (ptrX)
- {
- XFREE(ptrX, 0, DYNAMIC_TYPE_BIGINT);
+ if (ptrX) {
+ XFREE(ptrX, NULL, DYNAMIC_TYPE_BIGINT);
}
- if (ptrP)
- {
- XFREE(ptrP, 0, DYNAMIC_TYPE_BIGINT);
+ if (ptrP) {
+ XFREE(ptrP, NULL, DYNAMIC_TYPE_BIGINT);
}
return res;
#if defined(FREESCALE_LTC_TFM_RSA_4096_ENABLE)
}
- else
- {
+ else {
return _wolfcrypt_fp_exptmod(G, X, P, Y);
}
-#endif
+#endif /* FREESCALE_LTC_TFM_RSA_4096_ENABLE */
}
#ifndef NO_RSA
-#include
-#include
int wc_RsaFunction(const byte *in, word32 inLen, byte *out, word32 *outLen, int type, RsaKey *key)
{
-#define ERROR_OUT(x) \
- { \
- ret = (x); \
- goto done; \
- }
-
mp_int tmp;
int ret = 0;
word32 keyLen, len;
@@ -479,12 +449,7 @@ int wc_RsaFunction(const byte *in, word32 inLen, byte *out, word32 *outLen, int
if (type == RSA_PRIVATE_DECRYPT || type == RSA_PRIVATE_ENCRYPT)
{
-#define INNER_ERROR_OUT(x) \
- { \
- ret = (x); \
- goto inner_done; \
- }
-
+ #define INNER_ERROR_OUT(x) { ret = (x); goto inner_done; }
mp_int tmpa, tmpb;
if (mp_init(&tmpa) != MP_OKAY)
@@ -526,42 +491,37 @@ int wc_RsaFunction(const byte *in, word32 inLen, byte *out, word32 *outLen, int
mp_clear(&tmpa);
mp_clear(&tmpb);
- if (ret != 0)
- return ret;
+ if (ret != 0) {
+ goto done;
+ }
+ #undef INNER_ERROR_OUT
}
- else if (type == RSA_PUBLIC_ENCRYPT || type == RSA_PUBLIC_DECRYPT)
- {
+ else if (type == RSA_PUBLIC_ENCRYPT || type == RSA_PUBLIC_DECRYPT) {
#if defined(FREESCALE_LTC_TFM_RSA_4096_ENABLE)
+ #define INNER_ERROR_OUT(x) { ret = (x); goto inner_done2; }
+
/* use CRT even for public key operation due to size of integer arguments
* because up to 256 bytes results can be achieved by LTC_PKHA_2048
*/
mp_int tmpa, tmpb;
mp_int dP;
mp_int dQ;
-#define INNER_ERROR_OUT2(x) \
- { \
- ret = (x); \
- goto inner_done; \
- }
if (mp_init(&tmpa) != MP_OKAY)
ERROR_OUT(MP_INIT_E);
- if (mp_init(&tmpb) != MP_OKAY)
- {
+ if (mp_init(&tmpb) != MP_OKAY) {
mp_clear(&tmpa);
ERROR_OUT(MP_INIT_E);
}
- if (mp_init(&dP) != MP_OKAY)
- {
+ if (mp_init(&dP) != MP_OKAY) {
mp_clear(&tmpa);
mp_clear(&tmpb);
ERROR_OUT(MP_INIT_E);
}
- if (mp_init(&dQ) != MP_OKAY)
- {
+ if (mp_init(&dQ) != MP_OKAY) {
mp_clear(&tmpa);
mp_clear(&tmpb);
mp_clear(&dP);
@@ -576,29 +536,29 @@ int wc_RsaFunction(const byte *in, word32 inLen, byte *out, word32 *outLen, int
/* tmpa = tmp^dP mod p */
if (mp_mod(&tmp, &key->p, &tmpa) != MP_OKAY)
- INNER_ERROR_OUT2(MP_EXPTMOD_E);
+ INNER_ERROR_OUT(MP_EXPTMOD_E);
if (mp_exptmod(&tmpa, &dP, &key->p, &tmpa) != MP_OKAY)
- INNER_ERROR_OUT2(MP_EXPTMOD_E);
+ INNER_ERROR_OUT(MP_EXPTMOD_E);
/* tmpb = tmp^dQ mod q */
if (mp_mod(&tmp, &key->q, &tmpb) != MP_OKAY)
- INNER_ERROR_OUT2(MP_EXPTMOD_E);
+ INNER_ERROR_OUT(MP_EXPTMOD_E);
if (mp_exptmod(&tmpb, &dQ, &key->q, &tmpb) != MP_OKAY)
- INNER_ERROR_OUT2(MP_EXPTMOD_E);
+ INNER_ERROR_OUT(MP_EXPTMOD_E);
/* tmp = (tmpa - tmpb) * qInv (mod p) */
if (mp_sub(&tmpa, &tmpb, &tmp) != MP_OKAY)
- INNER_ERROR_OUT2(MP_SUB_E);
+ INNER_ERROR_OUT(MP_SUB_E);
if (mp_mulmod(&tmp, &key->u, &key->p, &tmp) != MP_OKAY)
- INNER_ERROR_OUT2(MP_MULMOD_E);
+ INNER_ERROR_OUT(MP_MULMOD_E);
/* tmp = tmpb + q * tmp */
if (mp_mul(&tmp, &key->q, &tmp) != MP_OKAY)
- INNER_ERROR_OUT2(MP_MUL_E);
+ INNER_ERROR_OUT(MP_MUL_E);
if (mp_add(&tmp, &tmpb, &tmp) != MP_OKAY)
- INNER_ERROR_OUT2(MP_ADD_E);
+ INNER_ERROR_OUT(MP_ADD_E);
inner_done2:
mp_clear(&tmpa);
@@ -606,25 +566,29 @@ int wc_RsaFunction(const byte *in, word32 inLen, byte *out, word32 *outLen, int
mp_clear(&dP);
mp_clear(&dQ);
- if (ret != 0)
- return ret;
+ if (ret != 0) {
+ goto done;
+ }
+ #undef INNER_ERROR_OUT
#else
- if (mp_exptmod(&tmp, &key->e, &key->n, &tmp) != MP_OKAY)
+ if (mp_exptmod(&tmp, &key->e, &key->n, &tmp) != MP_OKAY) {
ERROR_OUT(MP_EXPTMOD_E);
+ }
#endif
}
- else
+ else {
ERROR_OUT(RSA_WRONG_TYPE_E);
+ }
keyLen = mp_unsigned_bin_size(&key->n);
- if (keyLen > *outLen)
+ if (keyLen > *outLen) {
ERROR_OUT(RSA_BUFFER_E);
+ }
len = mp_unsigned_bin_size(&tmp);
/* pad front w/ zeros to match key length */
- while (len < keyLen)
- {
+ while (len < keyLen) {
*out++ = 0x00;
len++;
}
@@ -632,26 +596,24 @@ int wc_RsaFunction(const byte *in, word32 inLen, byte *out, word32 *outLen, int
*outLen = keyLen;
/* convert */
- if (mp_to_unsigned_bin(&tmp, out) != MP_OKAY)
+ if (mp_to_unsigned_bin(&tmp, out) != MP_OKAY) {
ERROR_OUT(MP_TO_E);
+ }
done:
mp_clear(&tmp);
- if (ret == MP_EXPTMOD_E)
- {
+ if (ret == MP_EXPTMOD_E) {
WOLFSSL_MSG("RSA_FUNCTION MP_EXPTMOD_E: memory/config problem");
}
return ret;
}
#endif /* NO_RSA */
-#endif /* FREESCALE_LTC_TFM */
-#endif /* USE_FAST_MATH */
+#endif /* USE_FAST_MATH && FREESCALE_LTC_TFM */
-#ifdef FREESCALE_LTC_ECC
-#include
-#include "fsl_ltc.h"
-#include
+
+/* ECC */
+#if defined(HAVE_ECC) && defined(FREESCALE_LTC_ECC)
/* convert from mp_int to LTC integer, as array of bytes of size sz.
* if mp_int has less bytes than sz, add zero bytes at most significant byte positions.
@@ -676,7 +638,7 @@ static void ltc_get_from_mp_int(uint8_t *dst, mp_int *a, int sz)
/* add leading zeroes */
if (offset)
- memset(dst, 0, offset);
+ XMEMSET(dst, 0, offset);
/* convert mp_int to array of bytes */
mp_to_unsigned_bin(a, dst + offset);
@@ -701,104 +663,116 @@ static void ltc_get_from_mp_int(uint8_t *dst, mp_int *a, int sz)
/* P-256 */
#ifdef ECC256
-const uint8_t ltc_ecc256_modulus[32] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF};
-const uint8_t ltc_ecc256_r2modn[32] = {0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFB, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0x04, 0x00, 0x00, 0x00};
-const uint8_t ltc_ecc256_aCurveParam[32] = {0xFC, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF};
-const uint8_t ltc_ecc256_bCurveParam[32] = {0x4B, 0x60, 0xD2, 0x27, 0x3E, 0x3C, 0xCE, 0x3B, 0xF6, 0xB0, 0x53,
- 0xCC, 0xB0, 0x06, 0x1D, 0x65, 0xBC, 0x86, 0x98, 0x76, 0x55, 0xBD,
- 0xEB, 0xB3, 0xE7, 0x93, 0x3A, 0xAA, 0xD8, 0x35, 0xC6, 0x5A};
+static const uint8_t ltc_ecc256_modulus[32] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF};
+static const uint8_t ltc_ecc256_r2modn[32] = {
+ 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFB, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0x04, 0x00, 0x00, 0x00};
+static const uint8_t ltc_ecc256_aCurveParam[32] = {
+ 0xFC, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF};
+static const uint8_t ltc_ecc256_bCurveParam[32] = {
+ 0x4B, 0x60, 0xD2, 0x27, 0x3E, 0x3C, 0xCE, 0x3B, 0xF6, 0xB0, 0x53,
+ 0xCC, 0xB0, 0x06, 0x1D, 0x65, 0xBC, 0x86, 0x98, 0x76, 0x55, 0xBD,
+ 0xEB, 0xB3, 0xE7, 0x93, 0x3A, 0xAA, 0xD8, 0x35, 0xC6, 0x5A};
#endif
#ifdef ECC192
-const uint8_t ltc_ecc192_modulus[24] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
-const uint8_t ltc_ecc192_r2modn[24] = {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
-const uint8_t ltc_ecc192_aCurveParam[24] = {0xFC, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
-const uint8_t ltc_ecc192_bCurveParam[24] = {0xB1, 0xB9, 0x46, 0xC1, 0xEC, 0xDE, 0xB8, 0xFE, 0x49, 0x30, 0x24, 0x72,
- 0xAB, 0xE9, 0xA7, 0x0F, 0xE7, 0x80, 0x9C, 0xE5, 0x19, 0x05, 0x21, 0x64};
+static const uint8_t ltc_ecc192_modulus[24] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
+static const uint8_t ltc_ecc192_r2modn[24] = {
+ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
+static const uint8_t ltc_ecc192_aCurveParam[24] = {
+ 0xFC, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
+static const uint8_t ltc_ecc192_bCurveParam[24] = {
+ 0xB1, 0xB9, 0x46, 0xC1, 0xEC, 0xDE, 0xB8, 0xFE, 0x49, 0x30, 0x24, 0x72,
+ 0xAB, 0xE9, 0xA7, 0x0F, 0xE7, 0x80, 0x9C, 0xE5, 0x19, 0x05, 0x21, 0x64};
#endif
#ifdef ECC224
-const uint8_t ltc_ecc224_modulus[28] = {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
-const uint8_t ltc_ecc224_r2modn[28] = {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00};
-const uint8_t ltc_ecc224_aCurveParam[28] = {0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
-const uint8_t ltc_ecc224_bCurveParam[28] = {0xB4, 0xFF, 0x55, 0x23, 0x43, 0x39, 0x0B, 0x27, 0xBA, 0xD8,
- 0xBF, 0xD7, 0xB7, 0xB0, 0x44, 0x50, 0x56, 0x32, 0x41, 0xF5,
- 0xAB, 0xB3, 0x04, 0x0C, 0x85, 0x0A, 0x05, 0xB4};
+static const uint8_t ltc_ecc224_modulus[28] = {
+ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
+static const uint8_t ltc_ecc224_r2modn[28] = {
+ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00};
+static const uint8_t ltc_ecc224_aCurveParam[28] = {
+ 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
+static const uint8_t ltc_ecc224_bCurveParam[28] = {
+ 0xB4, 0xFF, 0x55, 0x23, 0x43, 0x39, 0x0B, 0x27, 0xBA, 0xD8,
+ 0xBF, 0xD7, 0xB7, 0xB0, 0x44, 0x50, 0x56, 0x32, 0x41, 0xF5,
+ 0xAB, 0xB3, 0x04, 0x0C, 0x85, 0x0A, 0x05, 0xB4};
#endif
#ifdef ECC384
-const uint8_t ltc_ecc384_modulus[48] = {0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
-const uint8_t ltc_ecc384_r2modn[48] = {0x01, 0x00, 0x00, 0x00, 0xfe, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00,
- 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfe, 0xff, 0xff, 0xff,
- 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
-const uint8_t ltc_ecc384_aCurveParam[48] = {0xfc, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
-const uint8_t ltc_ecc384_bCurveParam[48] = {0xef, 0x2a, 0xec, 0xd3, 0xed, 0xc8, 0x85, 0x2a, 0x9d, 0xd1, 0x2e, 0x8a,
- 0x8d, 0x39, 0x56, 0xc6, 0x5a, 0x87, 0x13, 0x50, 0x8f, 0x08, 0x14, 0x03,
- 0x12, 0x41, 0x81, 0xfe, 0x6e, 0x9c, 0x1d, 0x18, 0x19, 0x2d, 0xf8, 0xe3,
- 0x6b, 0x05, 0x8e, 0x98, 0xe4, 0xe7, 0x3e, 0xe2, 0xa7, 0x2f, 0x31, 0xb3};
+static const uint8_t ltc_ecc384_modulus[48] = {
+ 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
+static const uint8_t ltc_ecc384_r2modn[48] = {
+ 0x01, 0x00, 0x00, 0x00, 0xfe, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00,
+ 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfe, 0xff, 0xff, 0xff,
+ 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
+static const uint8_t ltc_ecc384_aCurveParam[48] = {
+ 0xfc, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
+static const uint8_t ltc_ecc384_bCurveParam[48] = {
+ 0xef, 0x2a, 0xec, 0xd3, 0xed, 0xc8, 0x85, 0x2a, 0x9d, 0xd1, 0x2e, 0x8a,
+ 0x8d, 0x39, 0x56, 0xc6, 0x5a, 0x87, 0x13, 0x50, 0x8f, 0x08, 0x14, 0x03,
+ 0x12, 0x41, 0x81, 0xfe, 0x6e, 0x9c, 0x1d, 0x18, 0x19, 0x2d, 0xf8, 0xe3,
+ 0x6b, 0x05, 0x8e, 0x98, 0xe4, 0xe7, 0x3e, 0xe2, 0xa7, 0x2f, 0x31, 0xb3};
#endif
-static int ltc_get_ecc_specs(
- const uint8_t **modulus, const uint8_t **r2modn, const uint8_t **aCurveParam, const uint8_t **bCurveParam, int size)
+static int ltc_get_ecc_specs(const uint8_t **modulus, const uint8_t **r2modn,
+ const uint8_t **aCurveParam, const uint8_t **bCurveParam, int size)
{
- if (32 == size)
- {
+ switch(size) {
+ case 32:
*modulus = ltc_ecc256_modulus;
*r2modn = ltc_ecc256_r2modn;
*aCurveParam = ltc_ecc256_aCurveParam;
*bCurveParam = ltc_ecc256_bCurveParam;
- }
+ break;
#ifdef ECC224
- else if (28 == size)
- {
+ case 28:
*modulus = ltc_ecc224_modulus;
*r2modn = ltc_ecc224_r2modn;
*aCurveParam = ltc_ecc224_aCurveParam;
*bCurveParam = ltc_ecc224_bCurveParam;
- }
+ break;
#endif
#ifdef ECC192
- else if (24 == size)
- {
+ case 24:
*modulus = ltc_ecc192_modulus;
*r2modn = ltc_ecc192_r2modn;
*aCurveParam = ltc_ecc192_aCurveParam;
*bCurveParam = ltc_ecc192_bCurveParam;
- }
+ break;
#endif
#ifdef HAVE_ECC384
- else if (48 == size)
- {
+ case 48:
*modulus = ltc_ecc384_modulus;
*r2modn = ltc_ecc384_r2modn;
*aCurveParam = ltc_ecc384_aCurveParam;
*bCurveParam = ltc_ecc384_bCurveParam;
- }
+ break;
#endif
- else
- {
+ default:
return -1;
}
return 0;
@@ -814,7 +788,8 @@ static int ltc_get_ecc_specs(
(1==map, 0 == leave in projective)
return MP_OKAY on success
*/
-int wc_ecc_mulmod(mp_int *k, ecc_point *G, ecc_point *R, mp_int *modulus, int map)
+int wc_ecc_mulmod_ex(mp_int *k, ecc_point *G, ecc_point *R, mp_int *modulus,
+ int map, void* heap)
{
ltc_pkha_ecc_point_t B;
uint8_t size;
@@ -832,8 +807,9 @@ int wc_ecc_mulmod(mp_int *k, ecc_point *G, ecc_point *R, mp_int *modulus, int ma
const uint8_t *bCurveParam;
const uint8_t *r2modn;
- if (k == NULL || G == NULL || R == NULL || modulus == NULL)
+ if (k == NULL || G == NULL || R == NULL || modulus == NULL) {
return ECC_BAD_ARG_E;
+ }
szModulus = mp_unsigned_bin_size(modulus);
szkbin = mp_unsigned_bin_size(k);
@@ -844,8 +820,7 @@ int wc_ecc_mulmod(mp_int *k, ecc_point *G, ecc_point *R, mp_int *modulus, int ma
size = szModulus;
/* find LTC friendly parameters for the selected curve */
- if (0 != ltc_get_ecc_specs(&modbin, &r2modn, &aCurveParam, &bCurveParam, size))
- {
+ if (0 != ltc_get_ecc_specs(&modbin, &r2modn, &aCurveParam, &bCurveParam, size)) {
return ECC_BAD_ARG_E;
}
@@ -854,8 +829,9 @@ int wc_ecc_mulmod(mp_int *k, ecc_point *G, ecc_point *R, mp_int *modulus, int ma
status = LTC_PKHA_ECC_PointMul(LTC_BASE, &B, kbin, szkbin, modbin, r2modn, aCurveParam, bCurveParam, size,
kLTC_PKHA_TimingEqualized, kLTC_PKHA_IntegerArith, &B, &point_of_infinity);
- if (status != kStatus_Success)
+ if (status != kStatus_Success) {
return FP_VAL;
+ }
ltc_reverse_array(Gxbin, size);
ltc_reverse_array(Gybin, size);
@@ -866,6 +842,7 @@ int wc_ecc_mulmod(mp_int *k, ecc_point *G, ecc_point *R, mp_int *modulus, int ma
*/
R->y->sign = k->sign;
mp_set(R->z, 1);
+
return MP_OKAY;
}
@@ -887,12 +864,10 @@ int wc_ecc_point_add(ecc_point *mG, ecc_point *mQ, ecc_point *mR, mp_int *m)
size = mp_unsigned_bin_size(m);
/* find LTC friendly parameters for the selected curve */
- if (0 != ltc_get_ecc_specs(&modbin, &r2modn, &aCurveParam, &bCurveParam, size))
- {
+ if (0 != ltc_get_ecc_specs(&modbin, &r2modn, &aCurveParam, &bCurveParam, size)) {
err = ECC_BAD_ARG_E;
}
- else
- {
+ else {
ltc_get_from_mp_int(Gxbin, mG->x, size);
ltc_get_from_mp_int(Gybin, mG->y, size);
ltc_get_from_mp_int(Qxbin, mQ->x, size);
@@ -906,12 +881,10 @@ int wc_ecc_point_add(ecc_point *mG, ecc_point *mQ, ecc_point *mR, mp_int *m)
status = LTC_PKHA_ECC_PointAdd(LTC_BASE, &A, &B, modbin, r2modn, aCurveParam, bCurveParam, size,
kLTC_PKHA_IntegerArith, &A);
- if (status != kStatus_Success)
- {
+ if (status != kStatus_Success) {
err = FP_VAL;
}
- else
- {
+ else {
ltc_reverse_array(Gxbin, size);
ltc_reverse_array(Gybin, size);
mp_read_unsigned_bin(mR->x, Gxbin, size);
@@ -925,18 +898,21 @@ int wc_ecc_point_add(ecc_point *mG, ecc_point *mQ, ecc_point *mR, mp_int *m)
#if defined(HAVE_ED25519) || defined(HAVE_CURVE25519)
/* Weierstrass parameters of prime 2^255 - 19 */
-static const uint8_t modbin[32] = {0xed, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f};
-
+static const uint8_t modbin[32] = {
+ 0xed, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f};
+/* precomputed R2modN for the curve25519 */
static const uint8_t r2mod[32] = {
- 0xa4, 0x05,
-}; /* precomputed R2modN for the curve25519 */
+ 0xa4, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
/* invThree = ModInv(3,modbin) in LSB first */
-static const uint8_t invThree[32] = {0x49, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
- 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
- 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55};
+static const uint8_t invThree[32] = {
+ 0x49, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+ 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+ 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55};
/*
*
@@ -954,13 +930,14 @@ r1 = 1*a*v*(i - 1) % p
r2 = -1*a*v*(i - 1) % p
puts "Gy=0x#{r2.to_s(16)}"
*/
-status_t LTC_PKHA_Prime25519SquareRootMod(const uint8_t *A, size_t sizeA, uint8_t *res, size_t *szRes, int sign)
+status_t LTC_PKHA_Prime25519SquareRootMod(const uint8_t *A, size_t sizeA,
+ uint8_t *res, size_t *szRes, int sign)
{
status_t status;
- const uint8_t curve25519_param[] = {0xfd, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x0f};
-
+ const uint8_t curve25519_param[] = {
+ 0xfd, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x0f};
uint8_t twoA[sizeof(modbin)] = {0};
uint8_t V[sizeof(modbin)] = {0};
uint8_t I[sizeof(modbin)] = {0};
@@ -973,79 +950,82 @@ status_t LTC_PKHA_Prime25519SquareRootMod(const uint8_t *A, size_t sizeA, uint8_
uint8_t one = 1;
/* twoA = 2*A % p */
- status =
- LTC_PKHA_ModAdd(LTC_BASE, A, sizeA, A, sizeA, modbin, sizeof(modbin), twoA, &szTwoA, kLTC_PKHA_IntegerArith);
+ status = LTC_PKHA_ModAdd(LTC_BASE, A, sizeA, A, sizeA, modbin,
+ sizeof(modbin), twoA, &szTwoA, kLTC_PKHA_IntegerArith);
/* V = ModularArithmetic.powmod(twoA, (p-5)/8, p) */
- if (status == kStatus_Success)
- {
+ if (status == kStatus_Success) {
status =
- LTC_PKHA_ModExp(LTC_BASE, twoA, szTwoA, modbin, sizeof(modbin), curve25519_param, sizeof(curve25519_param),
- V, &szV, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
+ LTC_PKHA_ModExp(LTC_BASE, twoA, szTwoA, modbin, sizeof(modbin),
+ curve25519_param, sizeof(curve25519_param), V, &szV,
+ kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_TimingEqualized);
}
/* VV = V*V % p */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModMul(LTC_BASE, V, szV, V, szV, modbin, sizeof(modbin), VV, &szVV, kLTC_PKHA_IntegerArith,
- kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModMul(LTC_BASE, V, szV, V, szV, modbin,
+ sizeof(modbin), VV, &szVV, kLTC_PKHA_IntegerArith,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_TimingEqualized);
}
/* I = twoA * VV = 2*A*V*V % p */
- if (status == kStatus_Success)
- {
- status =
- LTC_PKHA_ModMul(LTC_BASE, twoA, szTwoA, VV, szVV, modbin, sizeof(modbin), I, &szI, kLTC_PKHA_IntegerArith,
- kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModMul(LTC_BASE, twoA, szTwoA, VV, szVV, modbin,
+ sizeof(modbin), I, &szI, kLTC_PKHA_IntegerArith,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_TimingEqualized);
}
/* I = I - 1 */
- memset(VV, 0xff, sizeof(VV)); /* just temp for maximum integer - for non-modular substract */
- if (0 <= LTC_PKHA_CompareBigNum(I, szI, &one, sizeof(one)))
- {
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModSub1(LTC_BASE, I, szI, &one, sizeof(one), VV, sizeof(VV), I, &szI);
+ XMEMSET(VV, 0xff, sizeof(VV)); /* just temp for maximum integer - for non-modular substract */
+ if (0 <= LTC_PKHA_CompareBigNum(I, szI, &one, sizeof(one))) {
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModSub1(LTC_BASE, I, szI, &one, sizeof(one),
+ VV, sizeof(VV), I, &szI);
}
}
- else
- {
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModSub1(LTC_BASE, modbin, sizeof(modbin), &one, sizeof(one), VV, sizeof(VV), I, &szI);
+ else {
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModSub1(LTC_BASE, modbin, sizeof(modbin), &one,
+ sizeof(one), VV, sizeof(VV), I, &szI);
}
}
/* res = a*v mod p */
- status = LTC_PKHA_ModMul(LTC_BASE, A, sizeA, V, szV, modbin, sizeof(modbin), res, &szRes16, kLTC_PKHA_IntegerArith,
- kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
+ status = LTC_PKHA_ModMul(LTC_BASE, A, sizeA, V, szV, modbin,
+ sizeof(modbin), res, &szRes16, kLTC_PKHA_IntegerArith,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_TimingEqualized);
/* res = res * (i-1) mod p */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModMul(LTC_BASE, res, szRes16, I, szI, modbin, sizeof(modbin), res, &szRes16,
- kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
- kLTC_PKHA_TimingEqualized);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModMul(LTC_BASE, res, szRes16, I, szI, modbin,
+ sizeof(modbin), res, &szRes16, kLTC_PKHA_IntegerArith,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_TimingEqualized);
}
/* if X mod 2 != X_0 then we need the -X
*
* X mod 2 get from LSB bit0
*/
- if ((status == kStatus_Success) && ((bool)sign != (bool)(res[0] & 0x01u)))
+ if ((status == kStatus_Success) &&
+ ((bool)sign != (bool)(res[0] & 0x01u)))
{
- status = LTC_PKHA_ModSub1(LTC_BASE, modbin, sizeof(modbin), res, szRes16, VV, sizeof(VV), res,
- &szRes16); /* -a = p - a */
+ status = LTC_PKHA_ModSub1(LTC_BASE, modbin, sizeof(modbin), res,
+ szRes16, VV, sizeof(VV), res, &szRes16); /* -a = p - a */
}
- if (status == kStatus_Success)
- {
+ if (status == kStatus_Success) {
*szRes = szRes16;
}
return status;
}
-#endif
+#endif /* HAVE_ED25519 || HAVE_CURVE25519 */
+
#ifdef HAVE_CURVE25519
@@ -1053,42 +1033,49 @@ status_t LTC_PKHA_Prime25519SquareRootMod(const uint8_t *A, size_t sizeA, uint8_
* these two are base point X and Y.
* in LSB first format (native for LTC)
*/
-static ECPoint ecBasePoint = {
- {0x5a, 0x24, 0xad, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0x2a},
- {0xd9, 0xd3, 0xce, 0x7e, 0xa2, 0xc5, 0xe9, 0x29, 0xb2, 0x61, 0x7c, 0x6d, 0x7e, 0x4d, 0x3d, 0x92, 0x4c, 0xd1, 0x48,
- 0x77, 0x2c, 0xdd, 0x1e, 0xe0, 0xb4, 0x86, 0xa0, 0xb8, 0xa1, 0x19, 0xae, 0x20},
+static const ECPoint ecBasePoint = {
+ {0x5a, 0x24, 0xad, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0x2a},
+ {0xd9, 0xd3, 0xce, 0x7e, 0xa2, 0xc5, 0xe9, 0x29, 0xb2, 0x61, 0x7c,
+ 0x6d, 0x7e, 0x4d, 0x3d, 0x92, 0x4c, 0xd1, 0x48, 0x77, 0x2c, 0xdd,
+ 0x1e, 0xe0, 0xb4, 0x86, 0xa0, 0xb8, 0xa1, 0x19, 0xae, 0x20},
};
-ECPoint *wc_curve25519_GetBasePoint(void)
+const ECPoint *wc_curve25519_GetBasePoint(void)
{
return &ecBasePoint;
}
static const uint8_t aCurveParam[CURVE25519_KEYSIZE] = {
- 0x44, 0xa1, 0x14, 0x49, 0x98, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0x2a};
+ 0x44, 0xa1, 0x14, 0x49, 0x98, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0x2a};
static const uint8_t bCurveParam[CURVE25519_KEYSIZE] = {
- 0x64, 0xc8, 0x10, 0x77, 0x9c, 0x5e, 0x0b, 0x26, 0xb4, 0x97, 0xd0, 0x5e, 0x42, 0x7b, 0x09, 0xed,
- 0x25, 0xb4, 0x97, 0xd0, 0x5e, 0x42, 0x7b, 0x09, 0xed, 0x25, 0xb4, 0x97, 0xd0, 0x5e, 0x42, 0x7b};
+ 0x64, 0xc8, 0x10, 0x77, 0x9c, 0x5e, 0x0b, 0x26, 0xb4, 0x97, 0xd0,
+ 0x5e, 0x42, 0x7b, 0x09, 0xed,
+ 0x25, 0xb4, 0x97, 0xd0, 0x5e, 0x42, 0x7b, 0x09, 0xed, 0x25, 0xb4,
+ 0x97, 0xd0, 0x5e, 0x42, 0x7b};
/* transform a point on Montgomery curve to a point on Weierstrass curve */
-status_t LTC_PKHA_Curve25519ToWeierstrass(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut)
+status_t LTC_PKHA_Curve25519ToWeierstrass(
+ const ltc_pkha_ecc_point_t *ltcPointIn,ltc_pkha_ecc_point_t *ltcPointOut)
{
/* offset X point (in Montgomery) so that it becomes Weierstrass */
- const uint8_t offset[] = {0x51, 0x24, 0xad, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0x2a};
+ const uint8_t offset[] = {
+ 0x51, 0x24, 0xad, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0x2a};
uint16_t sizeRes = 0;
status_t status;
- status = LTC_PKHA_ModAdd(LTC_BASE, ltcPointIn->X, CURVE25519_KEYSIZE, offset, sizeof(offset), modbin,
- CURVE25519_KEYSIZE, ltcPointOut->X, &sizeRes, kLTC_PKHA_IntegerArith);
+ status = LTC_PKHA_ModAdd(LTC_BASE, ltcPointIn->X, CURVE25519_KEYSIZE,
+ offset, sizeof(offset), modbin, CURVE25519_KEYSIZE, ltcPointOut->X,
+ &sizeRes, kLTC_PKHA_IntegerArith);
- if (status == kStatus_Success)
- {
- if (ltcPointOut->Y != ltcPointIn->Y)
- {
+ if (status == kStatus_Success) {
+ if (ltcPointOut->Y != ltcPointIn->Y) {
XMEMCPY(ltcPointOut->Y, ltcPointIn->Y, CURVE25519_KEYSIZE);
}
}
@@ -1097,42 +1084,40 @@ status_t LTC_PKHA_Curve25519ToWeierstrass(const ltc_pkha_ecc_point_t *ltcPointIn
}
/* transform a point on Weierstrass curve to a point on Montgomery curve */
-status_t LTC_PKHA_WeierstrassToCurve25519(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut)
+status_t LTC_PKHA_WeierstrassToCurve25519(
+ const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut)
{
status_t status;
uint16_t resultSize = 0;
- uint8_t three = 0x03;
+ const uint8_t three = 0x03;
- status = LTC_PKHA_ModMul(LTC_BASE, &three, sizeof(three), ltcPointIn->X, CURVE25519_KEYSIZE, modbin,
- CURVE25519_KEYSIZE, ltcPointOut->X, &resultSize, kLTC_PKHA_IntegerArith,
- kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
+ status = LTC_PKHA_ModMul(LTC_BASE, &three, sizeof(three), ltcPointIn->X,
+ CURVE25519_KEYSIZE, modbin, CURVE25519_KEYSIZE, ltcPointOut->X,
+ &resultSize, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
- if (status == kStatus_Success)
- {
- static const uint8_t A[] = {0x06, 0x6d, 0x07};
- if (LTC_PKHA_CompareBigNum(ltcPointOut->X, resultSize, A, sizeof(A)))
- {
- status = LTC_PKHA_ModSub1(LTC_BASE, ltcPointOut->X, resultSize, A, sizeof(A), modbin, CURVE25519_KEYSIZE,
- ltcPointOut->X, &resultSize);
+ if (status == kStatus_Success) {
+ const uint8_t A[] = {0x06, 0x6d, 0x07};
+ if (LTC_PKHA_CompareBigNum(ltcPointOut->X, resultSize, A, sizeof(A))) {
+ status = LTC_PKHA_ModSub1(LTC_BASE, ltcPointOut->X, resultSize, A,
+ sizeof(A), modbin, CURVE25519_KEYSIZE, ltcPointOut->X, &resultSize);
}
- else
- {
- status = LTC_PKHA_ModSub2(LTC_BASE, ltcPointOut->X, resultSize, A, sizeof(A), modbin, CURVE25519_KEYSIZE,
- ltcPointOut->X, &resultSize);
+ else {
+ status = LTC_PKHA_ModSub2(LTC_BASE, ltcPointOut->X, resultSize, A,
+ sizeof(A), modbin, CURVE25519_KEYSIZE, ltcPointOut->X, &resultSize);
}
}
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModMul(LTC_BASE, invThree, CURVE25519_KEYSIZE, ltcPointOut->X, resultSize, modbin,
- CURVE25519_KEYSIZE, ltcPointOut->X, &resultSize, kLTC_PKHA_IntegerArith,
- kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModMul(LTC_BASE, invThree, CURVE25519_KEYSIZE,
+ ltcPointOut->X, resultSize, modbin, CURVE25519_KEYSIZE,
+ ltcPointOut->X, &resultSize, kLTC_PKHA_IntegerArith,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_TimingEqualized);
}
- if (status == kStatus_Success)
- {
- if (ltcPointOut->Y != ltcPointIn->Y)
- {
+ if (status == kStatus_Success) {
+ if (ltcPointOut->Y != ltcPointIn->Y) {
XMEMCPY(ltcPointOut->Y, ltcPointIn->Y, CURVE25519_KEYSIZE);
}
}
@@ -1144,7 +1129,7 @@ status_t LTC_PKHA_WeierstrassToCurve25519(const ltc_pkha_ecc_point_t *ltcPointIn
status_t LTC_PKHA_Curve25519ComputeY(ltc_pkha_ecc_point_t *ltcPoint)
{
uint8_t three = 3;
- uint8_t A[] = {0x06, 0x6d, 0x07};
+ const uint8_t A[] = {0x06, 0x6d, 0x07};
uint8_t U[CURVE25519_KEYSIZE] = {0};
uint8_t X2[CURVE25519_KEYSIZE] = {0};
uint16_t sizeU = 0;
@@ -1153,52 +1138,53 @@ status_t LTC_PKHA_Curve25519ComputeY(ltc_pkha_ecc_point_t *ltcPoint)
status_t status;
/* X^3 */
- status = LTC_PKHA_ModExp(LTC_BASE, ltcPoint->X, CURVE25519_KEYSIZE, modbin, CURVE25519_KEYSIZE, &three, 1, U,
- &sizeU, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
+ status = LTC_PKHA_ModExp(LTC_BASE, ltcPoint->X, CURVE25519_KEYSIZE, modbin,
+ CURVE25519_KEYSIZE, &three, 1, U, &sizeU, kLTC_PKHA_IntegerArith,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
/* X^2 */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModMul(LTC_BASE, ltcPoint->X, CURVE25519_KEYSIZE, ltcPoint->X, CURVE25519_KEYSIZE, modbin,
- CURVE25519_KEYSIZE, X2, &sizeX2, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
- kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModMul(LTC_BASE, ltcPoint->X, CURVE25519_KEYSIZE,
+ ltcPoint->X, CURVE25519_KEYSIZE, modbin, CURVE25519_KEYSIZE, X2,
+ &sizeX2, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
}
/* 486662*X^2 */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModMul(LTC_BASE, A, sizeof(A), X2, sizeX2, modbin, CURVE25519_KEYSIZE, X2, &sizeX2,
- kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
- kLTC_PKHA_TimingEqualized);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModMul(LTC_BASE, A, sizeof(A), X2, sizeX2, modbin,
+ CURVE25519_KEYSIZE, X2, &sizeX2, kLTC_PKHA_IntegerArith,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_TimingEqualized);
}
/* X^3 + 486662*X^2 */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModAdd(LTC_BASE, U, sizeU, X2, sizeX2, modbin, CURVE25519_KEYSIZE, U, &sizeU,
- kLTC_PKHA_IntegerArith);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModAdd(LTC_BASE, U, sizeU, X2, sizeX2, modbin,
+ CURVE25519_KEYSIZE, U, &sizeU, kLTC_PKHA_IntegerArith);
}
/* U = X^3 + 486662*X^2 + X */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModAdd(LTC_BASE, U, sizeU, ltcPoint->X, CURVE25519_KEYSIZE, modbin, CURVE25519_KEYSIZE, U,
- &sizeU, kLTC_PKHA_IntegerArith);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModAdd(LTC_BASE, U, sizeU, ltcPoint->X,
+ CURVE25519_KEYSIZE, modbin, CURVE25519_KEYSIZE, U, &sizeU,
+ kLTC_PKHA_IntegerArith);
}
/* Y = modular square root of U (U is Y^2) */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_Prime25519SquareRootMod(U, sizeU, ltcPoint->Y, &szRes, 1);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_Prime25519SquareRootMod(U, sizeU, ltcPoint->Y,
+ &szRes, 1);
}
return status;
}
/* Q = n*P */
-/* if type is set, the input point p is in Montgomery curve coordinates, so there is a map to Weierstrass curve */
+/* if type is set, the input point p is in Montgomery curve coordinates,
+ so there is a map to Weierstrass curve */
/* q output point is always in Montgomery curve coordinates */
-int wc_curve25519(ECPoint *q, byte *n, ECPoint *p, fsl_ltc_ecc_coordinate_system_t type)
+int wc_curve25519(ECPoint *q, byte *n, const ECPoint *p, fsl_ltc_ecc_coordinate_system_t type)
{
status_t status;
ltc_pkha_ecc_point_t ltcPoint;
@@ -1209,97 +1195,102 @@ int wc_curve25519(ECPoint *q, byte *n, ECPoint *p, fsl_ltc_ecc_coordinate_system
ltcPoint.X = &pIn.point[0];
ltcPoint.Y = &pIn.pointY[0];
- /* if input point P is on Curve25519 Montgomery curve, transform it to Weierstrass equivalent */
- if (type == kLTC_Curve25519)
- {
+ /* if input point P is on Curve25519 Montgomery curve, transform
+ it to Weierstrass equivalent */
+ if (type == kLTC_Curve25519) {
LTC_PKHA_Curve25519ToWeierstrass(<cPoint, <cPoint);
}
ltcPointOut.X = &q->point[0];
ltcPointOut.Y = &q->pointY[0];
- /* modbin, r2mod, aCurveParam, bCurveParam are Weierstrass equivalent with Curve25519 */
- status = LTC_PKHA_ECC_PointMul(LTC_BASE, <cPoint, n, CURVE25519_KEYSIZE, modbin, r2mod, aCurveParam, bCurveParam,
- CURVE25519_KEYSIZE, kLTC_PKHA_TimingEqualized, kLTC_PKHA_IntegerArith, <cPointOut,
- NULL);
+ /* modbin, r2mod, aCurveParam, bCurveParam are Weierstrass equivalent
+ with Curve25519 */
+ status = LTC_PKHA_ECC_PointMul(LTC_BASE, <cPoint, n, CURVE25519_KEYSIZE,
+ modbin, r2mod, aCurveParam, bCurveParam, CURVE25519_KEYSIZE,
+ kLTC_PKHA_TimingEqualized, kLTC_PKHA_IntegerArith, <cPointOut, NULL);
/* now need to map from Weierstrass form to Montgomery form */
- if (status == kStatus_Success)
- {
+ if (status == kStatus_Success) {
status = LTC_PKHA_WeierstrassToCurve25519(<cPointOut, <cPointOut);
}
- if (status == kStatus_Success)
- return 0;
- else
- return IS_POINT_E;
+ return (status == kStatus_Success) ? 0 : IS_POINT_E;
}
#endif /* HAVE_CURVE25519 */
-#ifdef HAVE_ED25519
-#include
+#ifdef HAVE_ED25519
/* a and d are Edwards curve parameters -1 and -121665/121666 prime is 2^255 - 19.
- *
- *
*
* https://en.wikipedia.org/wiki/Montgomery_curve#Equivalence_with_Edward_curves
*/
/* d parameter of ed25519 */
-static const uint8_t d_coefEd25519[] = {0xa3, 0x78, 0x59, 0x13, 0xca, 0x4d, 0xeb, 0x75, 0xab, 0xd8, 0x41,
- 0x41, 0x4d, 0x0a, 0x70, 0x00, 0x98, 0xe8, 0x79, 0x77, 0x79, 0x40,
- 0xc7, 0x8c, 0x73, 0xfe, 0x6f, 0x2b, 0xee, 0x6c, 0x03, 0x52};
+static const uint8_t d_coefEd25519[] = {
+ 0xa3, 0x78, 0x59, 0x13, 0xca, 0x4d, 0xeb, 0x75, 0xab, 0xd8, 0x41,
+ 0x41, 0x4d, 0x0a, 0x70, 0x00, 0x98, 0xe8, 0x79, 0x77, 0x79, 0x40,
+ 0xc7, 0x8c, 0x73, 0xfe, 0x6f, 0x2b, 0xee, 0x6c, 0x03, 0x52};
/* Montgomery curve parameter A for a Montgomery curve equivalent with ed25519 */
-static const uint8_t A_coefEd25519[] = {0x06, 0x6d, 0x07, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
+static const uint8_t A_coefEd25519[] = {
+ 0x06, 0x6d, 0x07, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
/* Montgomery curve parameter B for a Montgomery curve equivalent with ed25519 */
-static const uint8_t B_coefEd25519[] = {0xe5, 0x92, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f};
+static const uint8_t B_coefEd25519[] = {
+ 0xe5, 0x92, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f};
/* these are pre-computed constants used in computations */
/* = 3*B */
-static const uint8_t threeB_coefEd25519[] = {0xd5, 0xb8, 0xe9, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f};
+static const uint8_t threeB_coefEd25519[] = {
+ 0xd5, 0xb8, 0xe9, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f};
/* = -A */
-static const uint8_t minus_A_coefEd25519[] = {0xe7, 0x92, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f};
+static const uint8_t minus_A_coefEd25519[] = {
+ 0xe7, 0x92, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f};
/* = 1/B */
-static const uint8_t invB_coefEd25519[] = {0xc4, 0xa1, 0x29, 0x7b, 0x8d, 0x2c, 0x85, 0x22, 0xd5, 0x89, 0xaf,
- 0xaf, 0x6c, 0xfd, 0xe3, 0xff, 0xd9, 0x85, 0x21, 0xa2, 0xe1, 0x2f,
- 0xce, 0x1c, 0x63, 0x00, 0x24, 0x75, 0xc4, 0x24, 0x7f, 0x6b};
+static const uint8_t invB_coefEd25519[] = {
+0xc4, 0xa1, 0x29, 0x7b, 0x8d, 0x2c, 0x85, 0x22, 0xd5, 0x89, 0xaf,
+ 0xaf, 0x6c, 0xfd, 0xe3, 0xff, 0xd9, 0x85, 0x21, 0xa2, 0xe1, 0x2f,
+ 0xce, 0x1c, 0x63, 0x00, 0x24, 0x75, 0xc4, 0x24, 0x7f, 0x6b};
/* = 1/(3*B) */
-static const uint8_t A_mul_invThreeB_coefEd25519[] = {0xb9, 0x3e, 0xe4, 0xad, 0xa1, 0x37, 0xa7, 0x93, 0x1c, 0xa4, 0x35,
- 0xe0, 0x0c, 0x57, 0xbd, 0xaa, 0x6e, 0x51, 0x94, 0x3e, 0x14, 0xe0,
- 0xcb, 0xec, 0xbd, 0xff, 0xe7, 0xb1, 0x27, 0x92, 0x00, 0x63};
+static const uint8_t A_mul_invThreeB_coefEd25519[] = {
+ 0xb9, 0x3e, 0xe4, 0xad, 0xa1, 0x37, 0xa7, 0x93, 0x1c, 0xa4, 0x35,
+ 0xe0, 0x0c, 0x57, 0xbd, 0xaa, 0x6e, 0x51, 0x94, 0x3e, 0x14, 0xe0,
+ 0xcb, 0xec, 0xbd, 0xff, 0xe7, 0xb1, 0x27, 0x92, 0x00, 0x63};
/* Weierstrass curve parameter a for a Weierstrass curve equivalent with ed25519 */
-static const uint8_t a_coefEd25519[] = {0x2d, 0x17, 0xbc, 0xf8, 0x8e, 0xe1, 0x71, 0xac, 0xf7, 0x2a, 0xa5,
- 0x0c, 0x5d, 0xb6, 0xb8, 0x6b, 0xd6, 0x3d, 0x7b, 0x61, 0x0d, 0xe1,
- 0x97, 0x31, 0xe6, 0xbe, 0xb9, 0xa5, 0xd3, 0xac, 0x4e, 0x5d};
+static const uint8_t a_coefEd25519[] = {
+ 0x2d, 0x17, 0xbc, 0xf8, 0x8e, 0xe1, 0x71, 0xac, 0xf7, 0x2a, 0xa5,
+ 0x0c, 0x5d, 0xb6, 0xb8, 0x6b, 0xd6, 0x3d, 0x7b, 0x61, 0x0d, 0xe1,
+ 0x97, 0x31, 0xe6, 0xbe, 0xb9, 0xa5, 0xd3, 0xac, 0x4e, 0x5d};
/* Weierstrass curve parameter b for a Weierstrass curve equivalent with ed25519 */
-static const uint8_t b_coefEd25519[] = {0xa4, 0xb2, 0x64, 0xf3, 0xc1, 0xeb, 0x04, 0x90, 0x32, 0xbc, 0x9f,
- 0x6b, 0x97, 0x31, 0x48, 0xf5, 0xd5, 0x80, 0x57, 0x10, 0x06, 0xdb,
- 0x0d, 0x55, 0xe0, 0xb3, 0xd0, 0xcf, 0x9b, 0xb2, 0x11, 0x1d};
+static const uint8_t b_coefEd25519[] = {
+ 0xa4, 0xb2, 0x64, 0xf3, 0xc1, 0xeb, 0x04, 0x90, 0x32, 0xbc, 0x9f,
+ 0x6b, 0x97, 0x31, 0x48, 0xf5, 0xd5, 0x80, 0x57, 0x10, 0x06, 0xdb,
+ 0x0d, 0x55, 0xe0, 0xb3, 0xd0, 0xcf, 0x9b, 0xb2, 0x11, 0x1d};
/* Ed25519 basepoint B mapped to Weierstrass equivalent */
-static uint8_t Wx_Ed25519[ED25519_KEY_SIZE] = {0x35, 0xef, 0x5a, 0x02, 0x9b, 0xc8, 0x55, 0xca, 0x9a, 0x7c, 0x61,
- 0x0d, 0xdf, 0x3f, 0xc1, 0xa9, 0x18, 0x06, 0xc2, 0xf1, 0x02, 0x8f,
- 0x0b, 0xf0, 0x39, 0x03, 0x2c, 0xd0, 0x0f, 0xdd, 0x78, 0x2a};
-static uint8_t Wy_Ed25519[ED25519_KEY_SIZE] = {0x14, 0x1d, 0x2c, 0xf6, 0xf3, 0x30, 0x78, 0x9b, 0x65, 0x31, 0x71,
- 0x80, 0x61, 0xd0, 0x6f, 0xcf, 0x23, 0x83, 0x79, 0x63, 0xa5, 0x3b,
- 0x48, 0xbe, 0x2e, 0xa2, 0x1d, 0xc7, 0xa5, 0x44, 0xc6, 0x29};
+static uint8_t Wx_Ed25519[ED25519_KEY_SIZE] = {
+ 0x35, 0xef, 0x5a, 0x02, 0x9b, 0xc8, 0x55, 0xca, 0x9a, 0x7c, 0x61,
+ 0x0d, 0xdf, 0x3f, 0xc1, 0xa9, 0x18, 0x06, 0xc2, 0xf1, 0x02, 0x8f,
+ 0x0b, 0xf0, 0x39, 0x03, 0x2c, 0xd0, 0x0f, 0xdd, 0x78, 0x2a};
+static uint8_t Wy_Ed25519[ED25519_KEY_SIZE] = {
+ 0x14, 0x1d, 0x2c, 0xf6, 0xf3, 0x30, 0x78, 0x9b, 0x65, 0x31, 0x71,
+ 0x80, 0x61, 0xd0, 0x6f, 0xcf, 0x23, 0x83, 0x79, 0x63, 0xa5, 0x3b,
+ 0x48, 0xbe, 0x2e, 0xa2, 0x1d, 0xc7, 0xa5, 0x44, 0xc6, 0x29};
static const ltc_pkha_ecc_point_t basepointEd25519 = {
Wx_Ed25519, Wy_Ed25519,
@@ -1310,8 +1301,8 @@ const ltc_pkha_ecc_point_t *LTC_PKHA_Ed25519_BasePoint(void)
return &basepointEd25519;
}
-/* input point is on Weierstrass curve, typeOut determines the coordinates system of output point (either Weierstrass or
- * Ed25519) */
+/* input point is on Weierstrass curve, typeOut determines the coordinates
+ system of output point (either Weierstrass or Ed25519) */
status_t LTC_PKHA_Ed25519_PointMul(const ltc_pkha_ecc_point_t *ltcPointIn,
const uint8_t *N,
size_t sizeN,
@@ -1320,28 +1311,31 @@ status_t LTC_PKHA_Ed25519_PointMul(const ltc_pkha_ecc_point_t *ltcPointIn,
{
uint16_t szN = (uint16_t)sizeN;
status_t status;
- /* input on W, output in W, W parameters of ECC curve are Ed25519 curve parameters mapped to Weierstrass curve */
- status =
- LTC_PKHA_ECC_PointMul(LTC_BASE, ltcPointIn, N, szN, modbin, r2mod, a_coefEd25519, b_coefEd25519,
- ED25519_KEY_SIZE, kLTC_PKHA_TimingEqualized, kLTC_PKHA_IntegerArith, ltcPointOut, NULL);
+ /* input on W, output in W, W parameters of ECC curve are Ed25519 curve
+ parameters mapped to Weierstrass curve */
+ status = LTC_PKHA_ECC_PointMul(LTC_BASE, ltcPointIn, N, szN, modbin,
+ r2mod, a_coefEd25519, b_coefEd25519, ED25519_KEY_SIZE,
+ kLTC_PKHA_TimingEqualized, kLTC_PKHA_IntegerArith, ltcPointOut, NULL);
/* Weierstrass coordinates to Ed25519 coordinates */
- if ((status == kStatus_Success) && (typeOut == kLTC_Ed25519))
- {
+ if ((status == kStatus_Success) && (typeOut == kLTC_Ed25519)) {
status = LTC_PKHA_WeierstrassToEd25519(ltcPointOut, ltcPointOut);
}
return status;
}
-status_t LTC_PKHA_Ed25519ToWeierstrass(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut)
+status_t LTC_PKHA_Ed25519ToWeierstrass(const ltc_pkha_ecc_point_t *ltcPointIn,
+ ltc_pkha_ecc_point_t *ltcPointOut)
{
status_t status;
uint8_t Mx[ED25519_KEY_SIZE] = {0};
uint8_t My[ED25519_KEY_SIZE] = {0};
uint8_t temp[ED25519_KEY_SIZE] = {0};
uint8_t temp2[ED25519_KEY_SIZE] = {0};
- uint8_t max[32] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
+ const uint8_t max[32] = {
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
const uint8_t *Ex;
const uint8_t *Ey;
uint8_t *Gx;
@@ -1362,79 +1356,78 @@ status_t LTC_PKHA_Ed25519ToWeierstrass(const ltc_pkha_ecc_point_t *ltcPointIn, l
Mx = (1 + Ey) * ModularArithmetic.invert(1 - Ey, prime) % prime
My = (1 + Ey) * ModularArithmetic.invert((1 - Ey)*Ex, prime) % prime */
- /* Gx = ((Mx * ModularArithmetic.invert(B, prime)) + (A * ModularArithmetic.invert(3*B, prime))) % prime
+ /* Gx = ((Mx * ModularArithmetic.invert(B, prime)) +
+ (A * ModularArithmetic.invert(3*B, prime))) % prime
Gy = (My * ModularArithmetic.invert(B, prime)) % prime */
/* temp = 1 + Ey */
- status = LTC_PKHA_ModAdd(LTC_BASE, Ey, ED25519_KEY_SIZE, &one, sizeof(one), modbin, sizeof(modbin), temp, &szTemp,
- kLTC_PKHA_IntegerArith);
+ status = LTC_PKHA_ModAdd(LTC_BASE, Ey, ED25519_KEY_SIZE, &one, sizeof(one),
+ modbin, sizeof(modbin), temp, &szTemp, kLTC_PKHA_IntegerArith);
/* temp2 = 1 - Ey = 1 + (p - Ey) */
- if (status == kStatus_Success)
- {
- status =
- LTC_PKHA_ModSub1(LTC_BASE, modbin, sizeof(modbin), Ey, ED25519_KEY_SIZE, max, sizeof(max), temp2, &szTemp2);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModSub1(LTC_BASE, modbin, sizeof(modbin), Ey,
+ ED25519_KEY_SIZE, max, sizeof(max), temp2, &szTemp2);
}
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModAdd(LTC_BASE, temp2, szTemp2, &one, sizeof(one), modbin, sizeof(modbin), temp2, &szTemp2,
- kLTC_PKHA_IntegerArith);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModAdd(LTC_BASE, temp2, szTemp2, &one, sizeof(one),
+ modbin, sizeof(modbin), temp2, &szTemp2, kLTC_PKHA_IntegerArith);
}
/* Mx = ModInv(temp2,prime) */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModInv(LTC_BASE, temp2, szTemp2, modbin, sizeof(modbin), Mx, &szMx, kLTC_PKHA_IntegerArith);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModInv(LTC_BASE, temp2, szTemp2, modbin,
+ sizeof(modbin), Mx, &szMx, kLTC_PKHA_IntegerArith);
}
/* Mx = Mx * temp */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModMul(LTC_BASE, Mx, szMx, temp, szTemp, modbin, ED25519_KEY_SIZE, Mx, &szMx,
- kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
- kLTC_PKHA_TimingEqualized);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModMul(LTC_BASE, Mx, szMx, temp, szTemp, modbin,
+ ED25519_KEY_SIZE, Mx, &szMx, kLTC_PKHA_IntegerArith,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_TimingEqualized);
}
/* My = temp2 * Ex */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModMul(LTC_BASE, Ex, ED25519_KEY_SIZE, temp2, szTemp2, modbin, ED25519_KEY_SIZE, My, &szMy,
- kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
- kLTC_PKHA_TimingEqualized);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModMul(LTC_BASE, Ex, ED25519_KEY_SIZE, temp2,
+ szTemp2, modbin, ED25519_KEY_SIZE, My, &szMy,
+ kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
}
/* My = ModInv(My, prime) */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModInv(LTC_BASE, My, szMy, modbin, sizeof(modbin), My, &szMy, kLTC_PKHA_IntegerArith);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModInv(LTC_BASE, My, szMy, modbin, sizeof(modbin),
+ My, &szMy, kLTC_PKHA_IntegerArith);
}
/* My = My * temp */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModMul(LTC_BASE, My, szMy, temp, szTemp, modbin, ED25519_KEY_SIZE, My, &szMy,
- kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
- kLTC_PKHA_TimingEqualized);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModMul(LTC_BASE, My, szMy, temp, szTemp, modbin,
+ ED25519_KEY_SIZE, My, &szMy, kLTC_PKHA_IntegerArith,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_TimingEqualized);
}
/* Gx = Mx * invB_coefEd25519 + A_mul_invThreeB_coefEd25519 */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModMul(LTC_BASE, Mx, szMx, invB_coefEd25519, sizeof(invB_coefEd25519), modbin,
- ED25519_KEY_SIZE, Gx, &szGx, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
- kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModMul(LTC_BASE, Mx, szMx, invB_coefEd25519,
+ sizeof(invB_coefEd25519), modbin, ED25519_KEY_SIZE, Gx, &szGx,
+ kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
}
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModAdd(LTC_BASE, Gx, szGx, A_mul_invThreeB_coefEd25519, sizeof(A_mul_invThreeB_coefEd25519),
- modbin, sizeof(modbin), Gx, &szGx, kLTC_PKHA_IntegerArith);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModAdd(LTC_BASE, Gx, szGx,
+ A_mul_invThreeB_coefEd25519, sizeof(A_mul_invThreeB_coefEd25519),
+ modbin, sizeof(modbin), Gx, &szGx, kLTC_PKHA_IntegerArith);
}
/* Gy = My * invB_coefEd25519 */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModMul(LTC_BASE, My, szMy, invB_coefEd25519, sizeof(invB_coefEd25519), modbin,
- ED25519_KEY_SIZE, Gy, &szGy, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
- kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModMul(LTC_BASE, My, szMy, invB_coefEd25519,
+ sizeof(invB_coefEd25519), modbin, ED25519_KEY_SIZE, Gy, &szGy,
+ kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
}
return status;
@@ -1447,7 +1440,8 @@ Mx = ((3*B*Gx-A)*ModularArithmetic.invert(3, prime)) % prime
Ex = Mx*ModularArithmetic.invert(My, prime) % prime
Ey = (Mx - 1)*ModularArithmetic.invert(Mx + 1, prime) % prime
*/
-status_t LTC_PKHA_WeierstrassToEd25519(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut)
+status_t LTC_PKHA_WeierstrassToEd25519(const ltc_pkha_ecc_point_t *ltcPointIn,
+ ltc_pkha_ecc_point_t *ltcPointOut)
{
status_t status;
uint8_t Mx[ED25519_KEY_SIZE] = {0};
@@ -1470,83 +1464,83 @@ status_t LTC_PKHA_WeierstrassToEd25519(const ltc_pkha_ecc_point_t *ltcPointIn, l
Ey = ltcPointOut->Y;
/* My = (B*Gy) % prime */
- status = LTC_PKHA_ModMul(LTC_BASE, B_coefEd25519, sizeof(B_coefEd25519), Gy, ED25519_KEY_SIZE, modbin,
- ED25519_KEY_SIZE, My, &szMy, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
- kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
+ status = LTC_PKHA_ModMul(LTC_BASE, B_coefEd25519, sizeof(B_coefEd25519),
+ Gy, ED25519_KEY_SIZE, modbin, ED25519_KEY_SIZE, My, &szMy,
+ kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_TimingEqualized);
/* temp = 3*B*Gx mod p */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModMul(LTC_BASE, threeB_coefEd25519, sizeof(threeB_coefEd25519), Gx, ED25519_KEY_SIZE, modbin,
- ED25519_KEY_SIZE, temp, &szTemp, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
- kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModMul(LTC_BASE, threeB_coefEd25519,
+ sizeof(threeB_coefEd25519), Gx, ED25519_KEY_SIZE, modbin,
+ ED25519_KEY_SIZE, temp, &szTemp, kLTC_PKHA_IntegerArith,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_TimingEqualized);
}
/* temp = (temp - A) mod p */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModAdd(LTC_BASE, temp, szTemp, minus_A_coefEd25519, sizeof(minus_A_coefEd25519), modbin,
- sizeof(modbin), temp, &szTemp, kLTC_PKHA_IntegerArith);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModAdd(LTC_BASE, temp, szTemp, minus_A_coefEd25519,
+ sizeof(minus_A_coefEd25519), modbin, sizeof(modbin), temp, &szTemp,
+ kLTC_PKHA_IntegerArith);
}
/* Mx = (temp/3) mod p */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModMul(LTC_BASE, temp, szTemp, invThree, sizeof(invThree), modbin, sizeof(modbin), Mx, &szMx,
- kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
- kLTC_PKHA_TimingEqualized);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModMul(LTC_BASE, temp, szTemp, invThree,
+ sizeof(invThree), modbin, sizeof(modbin), Mx, &szMx,
+ kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
}
/* temp = 1/My mod p */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModInv(LTC_BASE, My, szMy, modbin, sizeof(modbin), temp, &szTemp, kLTC_PKHA_IntegerArith);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModInv(LTC_BASE, My, szMy, modbin, sizeof(modbin),
+ temp, &szTemp, kLTC_PKHA_IntegerArith);
}
/* Ex = Mx * temp mod p */
- if (status == kStatus_Success)
- {
- status =
- LTC_PKHA_ModMul(LTC_BASE, temp, szTemp, Mx, szMx, modbin, sizeof(modbin), Ex, &szEx, kLTC_PKHA_IntegerArith,
- kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModMul(LTC_BASE, temp, szTemp, Mx, szMx, modbin,
+ sizeof(modbin), Ex, &szEx, kLTC_PKHA_IntegerArith,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_TimingEqualized);
}
/* temp = Mx + 1 mod p */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModAdd(LTC_BASE, Mx, szMx, &one, sizeof(one), modbin, sizeof(modbin), temp, &szTemp,
- kLTC_PKHA_IntegerArith);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModAdd(LTC_BASE, Mx, szMx, &one, sizeof(one),
+ modbin, sizeof(modbin), temp, &szTemp, kLTC_PKHA_IntegerArith);
}
/* temp = 1/temp mod p */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModInv(LTC_BASE, temp, szTemp, modbin, sizeof(modbin), temp, &szTemp, kLTC_PKHA_IntegerArith);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModInv(LTC_BASE, temp, szTemp, modbin,
+ sizeof(modbin), temp, &szTemp, kLTC_PKHA_IntegerArith);
}
/* Mx = (Mx - 1) mod p */
- if (status == kStatus_Success)
- {
- if (LTC_PKHA_CompareBigNum(Mx, szMx, &one, sizeof(one)) >= 0)
- {
- status = LTC_PKHA_ModSub1(LTC_BASE, Mx, szMx, &one, sizeof(one), modbin, sizeof(modbin), Mx, &szMx);
+ if (status == kStatus_Success) {
+ if (LTC_PKHA_CompareBigNum(Mx, szMx, &one, sizeof(one)) >= 0) {
+ status = LTC_PKHA_ModSub1(LTC_BASE, Mx, szMx, &one, sizeof(one),
+ modbin, sizeof(modbin), Mx, &szMx);
}
- else
- {
+ else {
/* Mx is zero, so it is modulus, thus we do modulus - 1 */
XMEMCPY(Mx, modbin, sizeof(modbin));
Mx[0]--;
}
}
/* Ey = Mx * temp mod p */
- if (status == kStatus_Success)
- {
- status =
- LTC_PKHA_ModMul(LTC_BASE, temp, szTemp, Mx, szMx, modbin, sizeof(modbin), Ey, &szEy, kLTC_PKHA_IntegerArith,
- kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModMul(LTC_BASE, temp, szTemp, Mx, szMx, modbin,
+ sizeof(modbin), Ey, &szEy, kLTC_PKHA_IntegerArith,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_TimingEqualized);
}
return status;
}
-status_t LTC_PKHA_Ed25519_PointDecompress(const uint8_t *pubkey, size_t pubKeySize, ltc_pkha_ecc_point_t *ltcPointOut)
+status_t LTC_PKHA_Ed25519_PointDecompress(const uint8_t *pubkey,
+ size_t pubKeySize, ltc_pkha_ecc_point_t *ltcPointOut)
{
status_t status;
- uint8_t one = 1;
+ const uint8_t one = 1;
/* pubkey contains the Y coordinate and a sign of X
*/
@@ -1569,21 +1563,20 @@ status_t LTC_PKHA_Ed25519_PointDecompress(const uint8_t *pubkey, size_t pubKeySi
/* decode X from pubkey */
/* U = y * y mod p */
- status = LTC_PKHA_ModMul(LTC_BASE, Y, ED25519_KEY_SIZE, Y, ED25519_KEY_SIZE, modbin, ED25519_KEY_SIZE, U, &szU,
- kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
- kLTC_PKHA_TimingEqualized);
+ status = LTC_PKHA_ModMul(LTC_BASE, Y, ED25519_KEY_SIZE, Y,
+ ED25519_KEY_SIZE, modbin, ED25519_KEY_SIZE, U, &szU,
+ kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_TimingEqualized);
XMEMCPY(V, U, szU);
szV = szU;
/* U = U - 1 = y^2 - 1 */
- if (status == kStatus_Success)
- {
- if (LTC_PKHA_CompareBigNum(U, szU, &one, sizeof(one)) >= 0)
- {
- status = LTC_PKHA_ModSub1(LTC_BASE, U, szU, &one, sizeof(one), modbin, sizeof(modbin), U, &szU);
+ if (status == kStatus_Success) {
+ if (LTC_PKHA_CompareBigNum(U, szU, &one, sizeof(one)) >= 0) {
+ status = LTC_PKHA_ModSub1(LTC_BASE, U, szU, &one, sizeof(one),
+ modbin, sizeof(modbin), U, &szU);
}
- else
- {
+ else {
/* U is zero, so it is modulus, thus we do modulus - 1 */
XMEMCPY(U, modbin, sizeof(modbin));
U[0]--;
@@ -1591,33 +1584,32 @@ status_t LTC_PKHA_Ed25519_PointDecompress(const uint8_t *pubkey, size_t pubKeySi
}
/* V = d*y*y + 1 */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModMul(LTC_BASE, V, szV, d_coefEd25519, ED25519_KEY_SIZE, modbin, ED25519_KEY_SIZE, V, &szV,
- kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
- kLTC_PKHA_TimingEqualized);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModMul(LTC_BASE, V, szV, d_coefEd25519,
+ ED25519_KEY_SIZE, modbin, ED25519_KEY_SIZE, V, &szV,
+ kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
}
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModAdd(LTC_BASE, V, szV, &one, sizeof(one), modbin, sizeof(modbin), V, &szV,
- kLTC_PKHA_IntegerArith);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModAdd(LTC_BASE, V, szV, &one, sizeof(one),
+ modbin, sizeof(modbin), V, &szV, kLTC_PKHA_IntegerArith);
}
/* U = U / V (mod p) */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModInv(LTC_BASE, V, szV, modbin, sizeof(modbin), V, &szV, kLTC_PKHA_IntegerArith);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModInv(LTC_BASE, V, szV, modbin, sizeof(modbin),
+ V, &szV, kLTC_PKHA_IntegerArith);
}
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModMul(LTC_BASE, V, szV, U, szU, modbin, ED25519_KEY_SIZE, U, &szU, kLTC_PKHA_IntegerArith,
- kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModMul(LTC_BASE, V, szV, U, szU, modbin,
+ ED25519_KEY_SIZE, U, &szU, kLTC_PKHA_IntegerArith,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_TimingEqualized);
}
/* get square root */
- if (status == kStatus_Success)
- {
+ if (status == kStatus_Success) {
status = LTC_PKHA_Prime25519SquareRootMod(U, szU, X, &szRes, sign);
}
@@ -1625,9 +1617,10 @@ status_t LTC_PKHA_Ed25519_PointDecompress(const uint8_t *pubkey, size_t pubKeySi
}
/* LSByte first of Ed25519 parameter l = 2^252 + 27742317777372353535851937790883648493 */
-static const uint8_t l_coefEdDSA[] = {0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7,
- 0xa2, 0xde, 0xf9, 0xde, 0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10};
+static const uint8_t l_coefEdDSA[] = {
+ 0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7,
+ 0xa2, 0xde, 0xf9, 0xde, 0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10};
/*
Input:
@@ -1641,7 +1634,8 @@ Output:
status_t LTC_PKHA_sc_reduce(uint8_t *a)
{
uint16_t szA = 0;
- return LTC_PKHA_ModRed(LTC_BASE, a, 64, l_coefEdDSA, sizeof(l_coefEdDSA), a, &szA, kLTC_PKHA_IntegerArith);
+ return LTC_PKHA_ModRed(LTC_BASE, a, 64, l_coefEdDSA, sizeof(l_coefEdDSA),
+ a, &szA, kLTC_PKHA_IntegerArith);
}
/*
@@ -1654,29 +1648,32 @@ Output:
s[0]+256*s[1]+...+256^31*s[31] = (ab+c) mod l
where l = 2^252 + 27742317777372353535851937790883648493.
*/
-status_t LTC_PKHA_sc_muladd(uint8_t *s, const uint8_t *a, const uint8_t *b, const uint8_t *c)
+status_t LTC_PKHA_sc_muladd(uint8_t *s, const uint8_t *a,
+ const uint8_t *b, const uint8_t *c)
{
uint16_t szS = 0;
uint16_t szB = 0;
uint8_t tempB[32] = {0};
status_t status;
- /* Assume only b can be larger than modulus. It is called durind wc_ed25519_sign_msg() where hram (=a) and nonce(=c)
+ /* Assume only b can be larger than modulus. It is called durind
+ * wc_ed25519_sign_msg() where hram (=a) and nonce(=c)
* have been reduced by LTC_PKHA_sc_reduce()
* Thus reducing b only.
*/
- status = LTC_PKHA_ModRed(LTC_BASE, b, 32, l_coefEdDSA, sizeof(l_coefEdDSA), tempB, &szB, kLTC_PKHA_IntegerArith);
+ status = LTC_PKHA_ModRed(LTC_BASE, b, 32, l_coefEdDSA, sizeof(l_coefEdDSA),
+ tempB, &szB, kLTC_PKHA_IntegerArith);
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModMul(LTC_BASE, a, 32, tempB, szB, l_coefEdDSA, sizeof(l_coefEdDSA), s, &szS,
- kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
- kLTC_PKHA_TimingEqualized);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModMul(LTC_BASE, a, 32, tempB, szB, l_coefEdDSA,
+ sizeof(l_coefEdDSA), s, &szS, kLTC_PKHA_IntegerArith,
+ kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
+ kLTC_PKHA_TimingEqualized);
}
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModAdd(LTC_BASE, s, szS, c, 32, l_coefEdDSA, 32, s, &szS, kLTC_PKHA_IntegerArith);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModAdd(LTC_BASE, s, szS, c, 32, l_coefEdDSA, 32, s,
+ &szS, kLTC_PKHA_IntegerArith);
}
return status;
@@ -1689,7 +1686,8 @@ where a = a[0]+256*a[1]+...+256^31 a[31].
and b = b[0]+256*b[1]+...+256^31 b[31].
B is the Ed25519 base point (x,4/5) with x positive.
*/
-status_t LTC_PKHA_SignatureForVerify(uint8_t *rcheck, const unsigned char *a, const unsigned char *b, ed25519_key *key)
+status_t LTC_PKHA_SignatureForVerify(uint8_t *rcheck, const unsigned char *a,
+ const unsigned char *b, ed25519_key *key)
{
/* To verify a signature on a message M, first split the signature
into two 32-octet halves. Decode the first half as a point R,
@@ -1706,13 +1704,19 @@ status_t LTC_PKHA_SignatureForVerify(uint8_t *rcheck, const unsigned char *a, co
uint8_t X1[ED25519_PUB_KEY_SIZE] = {0};
uint8_t Y0[ED25519_PUB_KEY_SIZE] = {0};
uint8_t Y1[ED25519_PUB_KEY_SIZE] = {0};
- uint8_t max[32] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
+ const uint8_t max[32] = {
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
ltc_pkha_ecc_point_t ltc0;
ltc_pkha_ecc_point_t ltc1;
ltc_pkha_ecc_point_t pubKey;
status_t status;
+ /* The equality for the negative of a point P, in affine coordinates,
+ is -P = -(x,y) = (x, -y) */
+ uint16_t szY = 32;
+
ltc0.X = X0;
ltc1.X = X1;
ltc0.Y = Y0;
@@ -1721,39 +1725,33 @@ status_t LTC_PKHA_SignatureForVerify(uint8_t *rcheck, const unsigned char *a, co
pubKey.Y = key->pointY;
/* ltc0 = b*B */
- status = LTC_PKHA_Ed25519_PointMul(LTC_PKHA_Ed25519_BasePoint(), b, ED25519_KEY_SIZE, <c0,
- kLTC_Weierstrass /* result in W */);
+ status = LTC_PKHA_Ed25519_PointMul(LTC_PKHA_Ed25519_BasePoint(), b,
+ ED25519_KEY_SIZE, <c0, kLTC_Weierstrass /* result in W */);
/* ltc1 = a*A */
- if (status == kStatus_Success)
- {
+ if (status == kStatus_Success) {
status = LTC_PKHA_Ed25519ToWeierstrass(&pubKey, <c1);
}
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_Ed25519_PointMul(<c1, a, ED25519_KEY_SIZE, <c1, kLTC_Weierstrass /* result in W */);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_Ed25519_PointMul(<c1, a, ED25519_KEY_SIZE, <c1,
+ kLTC_Weierstrass /* result in W */);
}
- /* The equality for the negative of a point P, in affine coordinates, is -P = -(x,y) = (x, -y) */
- uint16_t szY = 32;
-
/* R = b*B - a*A */
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ModSub1(LTC_BASE, modbin, sizeof(modbin), ltc1.Y, szY, max, sizeof(max), ltc1.Y, &szY);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ModSub1(LTC_BASE, modbin, sizeof(modbin), ltc1.Y,
+ szY, max, sizeof(max), ltc1.Y, &szY);
}
- if (status == kStatus_Success)
- {
- status = LTC_PKHA_ECC_PointAdd(LTC_BASE, <c0, <c1, modbin, r2mod, a_coefEd25519, b_coefEd25519,
- ED25519_KEY_SIZE, kLTC_PKHA_IntegerArith, <c0);
+ if (status == kStatus_Success) {
+ status = LTC_PKHA_ECC_PointAdd(LTC_BASE, <c0, <c1, modbin, r2mod,
+ a_coefEd25519, b_coefEd25519, ED25519_KEY_SIZE,
+ kLTC_PKHA_IntegerArith, <c0);
}
/* map to Ed25519 */
- if (status == kStatus_Success)
- {
+ if (status == kStatus_Success) {
status = LTC_PKHA_WeierstrassToEd25519(<c0, <c0);
}
- if (((uint32_t)ltc0.X[0]) & 0x01u)
- {
+ if (((uint32_t)ltc0.X[0]) & 0x01u) {
ltc0.Y[ED25519_KEY_SIZE - 1] |= 0x80u;
}
@@ -1761,7 +1759,8 @@ status_t LTC_PKHA_SignatureForVerify(uint8_t *rcheck, const unsigned char *a, co
return status;
}
-status_t LTC_PKHA_Ed25519_Compress(const ltc_pkha_ecc_point_t *ltcPointIn, uint8_t *p)
+status_t LTC_PKHA_Ed25519_Compress(const ltc_pkha_ecc_point_t *ltcPointIn,
+ uint8_t *p)
{
/* compress */
/* get sign of X per https://tools.ietf.org/html/draft-josefsson-eddsa-ed25519-02
@@ -1770,13 +1769,16 @@ status_t LTC_PKHA_Ed25519_Compress(const ltc_pkha_ecc_point_t *ltcPointIn, uint8
the final octet
*/
XMEMCPY(p, ltcPointIn->Y, ED25519_KEY_SIZE);
- if (((uint32_t)ltcPointIn->X[0]) & 0x01u)
- {
+ if (((uint32_t)ltcPointIn->X[0]) & 0x01u) {
p[ED25519_KEY_SIZE - 1] |= 0x80u;
}
return kStatus_Success;
}
-#endif
-
+#endif /* HAVE_ED25519 */
#endif /* FREESCALE_LTC_ECC */
+
+
+#undef ERROR_OUT
+
+#endif /* (USE_FAST_MATH && FREESCALE_LTC_TFM) || FREESCALE_LTC_ECC */
diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c
index 6365b9e84..a7c652e0c 100644
--- a/wolfcrypt/src/rsa.c
+++ b/wolfcrypt/src/rsa.c
@@ -154,7 +154,7 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef FREESCALE_LTC_TFM
- #include
+ #include
#endif
enum {
diff --git a/wolfcrypt/src/sha.c b/wolfcrypt/src/sha.c
index f91a0fda3..64962b97d 100644
--- a/wolfcrypt/src/sha.c
+++ b/wolfcrypt/src/sha.c
@@ -20,13 +20,13 @@
*/
-
#ifdef HAVE_CONFIG_H
#include
#endif
#include
+
#if !defined(NO_SHA)
#include
@@ -40,6 +40,7 @@
#include
#endif
+
/* fips wrapper calls, user can call direct */
#ifdef HAVE_FIPS
int wc_InitSha(Sha* sha)
@@ -47,13 +48,11 @@
return InitSha_fips(sha);
}
-
int wc_ShaUpdate(Sha* sha, const byte* data, word32 len)
{
return ShaUpdate_fips(sha, data, len);
}
-
int wc_ShaFinal(Sha* sha, byte* out)
{
return ShaFinal_fips(sha,out);
@@ -61,306 +60,333 @@
#else /* else build without fips */
+
+/****************************************/
+/* SHA Hardware Variations */
+/****************************************/
#if defined(WOLFSSL_TI_HASH)
/* #include included by wc_port.c */
-#else
-#ifdef WOLFSSL_PIC32MZ_HASH
-#define wc_InitSha wc_InitSha_sw
-#define wc_ShaUpdate wc_ShaUpdate_sw
-#define wc_ShaFinal wc_ShaFinal_sw
-#endif
+#elif defined(WOLFSSL_PIC32MZ_HASH)
+ #define USE_SHA_SOFTWARE_IMPL
+ #define wc_InitSha wc_InitSha_sw
+ #define wc_ShaUpdate wc_ShaUpdate_sw
+ #define wc_ShaFinal wc_ShaFinal_sw
-
-#ifdef FREESCALE_MMCAU_SHA
- #include "fsl_mmcau.h"
- #define XTRANSFORM(S,B) Transform((S), (B))
-#else
- #define XTRANSFORM(S,B) Transform((S))
-#endif
-
-#ifdef STM32F2_HASH
-/*
- * STM32F2 hardware SHA1 support through the STM32F2 standard peripheral
- * library. Documentation located in STM32F2xx Standard Peripheral Library
- * document (See note in README).
- */
-#include "stm32f2xx.h"
-#include "stm32f2xx_hash.h"
-
-int wc_InitSha(Sha* sha)
-{
- /* STM32F2 struct notes:
- * sha->buffer = first 4 bytes used to hold partial block if needed
- * sha->buffLen = num bytes currently stored in sha->buffer
- * sha->loLen = num bytes that have been written to STM32 FIFO
+#elif defined(STM32F2_HASH)
+ /*
+ * STM32F2 hardware SHA1 support through the STM32F2 standard peripheral
+ * library. Documentation located in STM32F2xx Standard Peripheral Library
+ * document (See note in README).
*/
- XMEMSET(sha->buffer, 0, SHA_REG_SIZE);
- sha->buffLen = 0;
- sha->loLen = 0;
+ #include "stm32f2xx.h"
+ #include "stm32f2xx_hash.h"
- /* initialize HASH peripheral */
- HASH_DeInit();
+ int wc_InitSha(Sha* sha)
+ {
+ /* STM32F2 struct notes:
+ * sha->buffer = first 4 bytes used to hold partial block if needed
+ * sha->buffLen = num bytes currently stored in sha->buffer
+ * sha->loLen = num bytes that have been written to STM32 FIFO
+ */
+ XMEMSET(sha->buffer, 0, SHA_REG_SIZE);
+ sha->buffLen = 0;
+ sha->loLen = 0;
- /* configure algo used, algo mode, datatype */
- HASH->CR &= ~ (HASH_CR_ALGO | HASH_CR_DATATYPE | HASH_CR_MODE);
- HASH->CR |= (HASH_AlgoSelection_SHA1 | HASH_AlgoMode_HASH
- | HASH_DataType_8b);
+ /* initialize HASH peripheral */
+ HASH_DeInit();
- /* reset HASH processor */
- HASH->CR |= HASH_CR_INIT;
+ /* configure algo used, algo mode, datatype */
+ HASH->CR &= ~ (HASH_CR_ALGO | HASH_CR_DATATYPE | HASH_CR_MODE);
+ HASH->CR |= (HASH_AlgoSelection_SHA1 | HASH_AlgoMode_HASH
+ | HASH_DataType_8b);
- return 0;
-}
+ /* reset HASH processor */
+ HASH->CR |= HASH_CR_INIT;
-int wc_ShaUpdate(Sha* sha, const byte* data, word32 len)
-{
- word32 i = 0;
- word32 fill = 0;
- word32 diff = 0;
+ return 0;
+ }
- /* if saved partial block is available */
- if (sha->buffLen) {
- fill = 4 - sha->buffLen;
+ int wc_ShaUpdate(Sha* sha, const byte* data, word32 len)
+ {
+ word32 i = 0;
+ word32 fill = 0;
+ word32 diff = 0;
- /* if enough data to fill, fill and push to FIFO */
- if (fill <= len) {
- XMEMCPY((byte*)sha->buffer + sha->buffLen, data, fill);
+ /* if saved partial block is available */
+ if (sha->buffLen) {
+ fill = 4 - sha->buffLen;
+
+ /* if enough data to fill, fill and push to FIFO */
+ if (fill <= len) {
+ XMEMCPY((byte*)sha->buffer + sha->buffLen, data, fill);
+ HASH_DataIn(*(uint32_t*)sha->buffer);
+
+ data += fill;
+ len -= fill;
+ sha->loLen += 4;
+ sha->buffLen = 0;
+ } else {
+ /* append partial to existing stored block */
+ XMEMCPY((byte*)sha->buffer + sha->buffLen, data, len);
+ sha->buffLen += len;
+ return 0;
+ }
+ }
+
+ /* write input block in the IN FIFO */
+ for(i = 0; i < len; i += 4)
+ {
+ diff = len - i;
+ if ( diff < 4) {
+ /* store incomplete last block, not yet in FIFO */
+ XMEMSET(sha->buffer, 0, SHA_REG_SIZE);
+ XMEMCPY((byte*)sha->buffer, data, diff);
+ sha->buffLen = diff;
+ } else {
+ HASH_DataIn(*(uint32_t*)data);
+ data+=4;
+ }
+ }
+
+ /* keep track of total data length thus far */
+ sha->loLen += (len - sha->buffLen);
+
+ return 0;
+ }
+
+ int wc_ShaFinal(Sha* sha, byte* hash)
+ {
+ __IO uint16_t nbvalidbitsdata = 0;
+
+ /* finish reading any trailing bytes into FIFO */
+ if (sha->buffLen) {
HASH_DataIn(*(uint32_t*)sha->buffer);
-
- data += fill;
- len -= fill;
- sha->loLen += 4;
- sha->buffLen = 0;
- } else {
- /* append partial to existing stored block */
- XMEMCPY((byte*)sha->buffer + sha->buffLen, data, len);
- sha->buffLen += len;
- return 0;
+ sha->loLen += sha->buffLen;
}
+
+ /* calculate number of valid bits in last word of input data */
+ nbvalidbitsdata = 8 * (sha->loLen % SHA_REG_SIZE);
+
+ /* configure number of valid bits in last word of the data */
+ HASH_SetLastWordValidBitsNbr(nbvalidbitsdata);
+
+ /* start HASH processor */
+ HASH_StartDigest();
+
+ /* wait until Busy flag == RESET */
+ while (HASH_GetFlagStatus(HASH_FLAG_BUSY) != RESET) {}
+
+ /* read message digest */
+ sha->digest[0] = HASH->HR[0];
+ sha->digest[1] = HASH->HR[1];
+ sha->digest[2] = HASH->HR[2];
+ sha->digest[3] = HASH->HR[3];
+ sha->digest[4] = HASH->HR[4];
+
+ ByteReverseWords(sha->digest, sha->digest, SHA_DIGEST_SIZE);
+
+ XMEMCPY(hash, sha->digest, SHA_DIGEST_SIZE);
+
+ return wc_InitSha(sha); /* reset state */
}
- /* write input block in the IN FIFO */
- for(i = 0; i < len; i += 4)
+
+#elif defined(FREESCALE_LTC_SHA)
+
+ #include "fsl_ltc.h"
+ int wc_InitSha(Sha* sha)
{
- diff = len - i;
- if ( diff < 4) {
- /* store incomplete last block, not yet in FIFO */
- XMEMSET(sha->buffer, 0, SHA_REG_SIZE);
- XMEMCPY((byte*)sha->buffer, data, diff);
- sha->buffLen = diff;
- } else {
- HASH_DataIn(*(uint32_t*)data);
- data+=4;
+ LTC_HASH_Init(LTC_BASE, &sha->ctx, kLTC_Sha1, NULL, 0);
+ return 0;
+ }
+
+ int wc_ShaUpdate(Sha* sha, const byte* data, word32 len)
+ {
+ LTC_HASH_Update(&sha->ctx, data, len);
+ return 0;
+ }
+
+ int wc_ShaFinal(Sha* sha, byte* hash)
+ {
+ uint32_t hashlen = SHA_DIGEST_SIZE;
+ LTC_HASH_Finish(&sha->ctx, hash, &hashlen);
+ return wc_InitSha(sha); /* reset state */
+ }
+
+
+#elif defined(FREESCALE_MMCAU_SHA)
+
+ #include "fsl_mmcau.h"
+ #define USE_SHA_SOFTWARE_IMPL /* Only for API's, actual transform is here */
+ #define XSHATRANSFORM ShaTransform
+
+ int wc_InitSha(Sha* sha)
+ {
+ int ret = 0;
+ ret = wolfSSL_CryptHwMutexLock();
+ if(ret != 0) {
+ return ret;
}
- }
+ MMCAU_SHA1_InitializeOutput((uint32_t*)sha->digest);
+ wolfSSL_CryptHwMutexUnLock();
- /* keep track of total data length thus far */
- sha->loLen += (len - sha->buffLen);
+ sha->buffLen = 0;
+ sha->loLen = 0;
+ sha->hiLen = 0;
- return 0;
-}
-
-int wc_ShaFinal(Sha* sha, byte* hash)
-{
- __IO uint16_t nbvalidbitsdata = 0;
-
- /* finish reading any trailing bytes into FIFO */
- if (sha->buffLen) {
- HASH_DataIn(*(uint32_t*)sha->buffer);
- sha->loLen += sha->buffLen;
- }
-
- /* calculate number of valid bits in last word of input data */
- nbvalidbitsdata = 8 * (sha->loLen % SHA_REG_SIZE);
-
- /* configure number of valid bits in last word of the data */
- HASH_SetLastWordValidBitsNbr(nbvalidbitsdata);
-
- /* start HASH processor */
- HASH_StartDigest();
-
- /* wait until Busy flag == RESET */
- while (HASH_GetFlagStatus(HASH_FLAG_BUSY) != RESET) {}
-
- /* read message digest */
- sha->digest[0] = HASH->HR[0];
- sha->digest[1] = HASH->HR[1];
- sha->digest[2] = HASH->HR[2];
- sha->digest[3] = HASH->HR[3];
- sha->digest[4] = HASH->HR[4];
-
- ByteReverseWords(sha->digest, sha->digest, SHA_DIGEST_SIZE);
-
- XMEMCPY(hash, sha->digest, SHA_DIGEST_SIZE);
-
- return wc_InitSha(sha); /* reset state */
-}
-
-#else /* wc_ software implementation */
-
-#ifndef WOLFSSL_HAVE_MIN
-#define WOLFSSL_HAVE_MIN
-
- static INLINE word32 min(word32 a, word32 b)
- {
- return a > b ? b : a;
- }
-
-#endif /* WOLFSSL_HAVE_MIN */
-
-#ifdef FREESCALE_LTC_SHA
-int wc_InitSha(Sha* sha)
-{
- LTC_HASH_Init(LTC_BASE, &sha->ctx, kLTC_Sha1, NULL, 0);
- return 0;
-}
-#else /* FREESCALE_LTC_SHA */
-int wc_InitSha(Sha* sha)
-{
- int ret = 0;
-#ifdef FREESCALE_MMCAU_SHA
- ret = wolfSSL_CryptHwMutexLock();
- if(ret != 0) {
return ret;
}
- MMCAU_SHA1_InitializeOutput((uint32_t*)sha->digest);
- wolfSSL_CryptHwMutexUnLock();
+
+ static int ShaTransform(Sha* sha, byte* data)
+ {
+ int ret = wolfSSL_CryptHwMutexLock();
+ if(ret == 0) {
+ MMCAU_SHA1_HashN(data, 1, (uint32_t*)sha->digest);
+ wolfSSL_CryptHwMutexUnLock();
+ }
+ return ret;
+ }
+
#else
- sha->digest[0] = 0x67452301L;
- sha->digest[1] = 0xEFCDAB89L;
- sha->digest[2] = 0x98BADCFEL;
- sha->digest[3] = 0x10325476L;
- sha->digest[4] = 0xC3D2E1F0L;
+
+ /* Software implementation */
+ #define USE_SHA_SOFTWARE_IMPL
+
+ int wc_InitSha(Sha* sha)
+ {
+ int ret = 0;
+
+ sha->digest[0] = 0x67452301L;
+ sha->digest[1] = 0xEFCDAB89L;
+ sha->digest[2] = 0x98BADCFEL;
+ sha->digest[3] = 0x10325476L;
+ sha->digest[4] = 0xC3D2E1F0L;
+
+ sha->buffLen = 0;
+ sha->loLen = 0;
+ sha->hiLen = 0;
+
+ return ret;
+ }
+
#endif
- sha->buffLen = 0;
- sha->loLen = 0;
- sha->hiLen = 0;
- return ret;
-}
-#endif /* FREESCALE_LTC_SHA */
+/* Software implementation */
+#ifdef USE_SHA_SOFTWARE_IMPL
-#ifdef FREESCALE_MMCAU_SHA
-static int Transform(Sha* sha, byte* data)
-{
- int ret = wolfSSL_CryptHwMutexLock();
- if(ret == 0) {
- MMCAU_SHA1_HashN(data, 1, (uint32_t*)sha->digest);
- wolfSSL_CryptHwMutexUnLock();
+/* Check if custom Sha transform is used */
+#ifndef XSHATRANSFORM
+ #define XSHATRANSFORM ShaTransform
+
+ #define blk0(i) (W[i] = sha->buffer[i])
+ #define blk1(i) (W[(i)&15] = \
+ rotlFixed(W[((i)+13)&15]^W[((i)+8)&15]^W[((i)+2)&15]^W[(i)&15],1))
+
+ #define f1(x,y,z) ((z)^((x) &((y)^(z))))
+ #define f2(x,y,z) ((x)^(y)^(z))
+ #define f3(x,y,z) (((x)&(y))|((z)&((x)|(y))))
+ #define f4(x,y,z) ((x)^(y)^(z))
+
+ /* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
+ #define R0(v,w,x,y,z,i) (z)+= f1((w),(x),(y)) + blk0((i)) + 0x5A827999+ \
+ rotlFixed((v),5); (w) = rotlFixed((w),30);
+ #define R1(v,w,x,y,z,i) (z)+= f1((w),(x),(y)) + blk1((i)) + 0x5A827999+ \
+ rotlFixed((v),5); (w) = rotlFixed((w),30);
+ #define R2(v,w,x,y,z,i) (z)+= f2((w),(x),(y)) + blk1((i)) + 0x6ED9EBA1+ \
+ rotlFixed((v),5); (w) = rotlFixed((w),30);
+ #define R3(v,w,x,y,z,i) (z)+= f3((w),(x),(y)) + blk1((i)) + 0x8F1BBCDC+ \
+ rotlFixed((v),5); (w) = rotlFixed((w),30);
+ #define R4(v,w,x,y,z,i) (z)+= f4((w),(x),(y)) + blk1((i)) + 0xCA62C1D6+ \
+ rotlFixed((v),5); (w) = rotlFixed((w),30);
+
+ static void ShaTransform(Sha* sha, byte* data)
+ {
+ word32 W[SHA_BLOCK_SIZE / sizeof(word32)];
+
+ (void)data; /* Not used */
+
+ /* Copy context->state[] to working vars */
+ word32 a = sha->digest[0];
+ word32 b = sha->digest[1];
+ word32 c = sha->digest[2];
+ word32 d = sha->digest[3];
+ word32 e = sha->digest[4];
+
+ #ifdef USE_SLOW_SHA
+ word32 t, i;
+
+ for (i = 0; i < 16; i++) {
+ R0(a, b, c, d, e, i);
+ t = e; e = d; d = c; c = b; b = a; a = t;
+ }
+
+ for (; i < 20; i++) {
+ R1(a, b, c, d, e, i);
+ t = e; e = d; d = c; c = b; b = a; a = t;
+ }
+
+ for (; i < 40; i++) {
+ R2(a, b, c, d, e, i);
+ t = e; e = d; d = c; c = b; b = a; a = t;
+ }
+
+ for (; i < 60; i++) {
+ R3(a, b, c, d, e, i);
+ t = e; e = d; d = c; c = b; b = a; a = t;
+ }
+
+ for (; i < 80; i++) {
+ R4(a, b, c, d, e, i);
+ t = e; e = d; d = c; c = b; b = a; a = t;
+ }
+ #else
+ /* nearly 1 K bigger in code size but 25% faster */
+ /* 4 rounds of 20 operations each. Loop unrolled. */
+ R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
+ R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
+ R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
+ R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
+
+ R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
+
+ R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
+ R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
+ R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
+ R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
+ R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
+
+ R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
+ R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
+ R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
+ R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
+ R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
+
+ R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
+ R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
+ R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
+ R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
+ R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
+ #endif
+
+ /* Add the working vars back into digest state[] */
+ sha->digest[0] += a;
+ sha->digest[1] += b;
+ sha->digest[2] += c;
+ sha->digest[3] += d;
+ sha->digest[4] += e;
}
- return ret;
-}
-#endif /* FREESCALE_MMCAU_SHA */
-
-#if !(defined(FREESCALE_MMCAU_SHA) || defined(FREESCALE_LTC_SHA))
+#endif /* !USE_CUSTOM_SHA_TRANSFORM */
-#define blk0(i) (W[i] = sha->buffer[i])
-#define blk1(i) (W[(i)&15] = \
-rotlFixed(W[((i)+13)&15]^W[((i)+8)&15]^W[((i)+2)&15]^W[(i)&15],1))
-#define f1(x,y,z) ((z)^((x) &((y)^(z))))
-#define f2(x,y,z) ((x)^(y)^(z))
-#define f3(x,y,z) (((x)&(y))|((z)&((x)|(y))))
-#define f4(x,y,z) ((x)^(y)^(z))
-
-/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
-#define R0(v,w,x,y,z,i) (z)+= f1((w),(x),(y)) + blk0((i)) + 0x5A827999+ \
-rotlFixed((v),5); (w) = rotlFixed((w),30);
-#define R1(v,w,x,y,z,i) (z)+= f1((w),(x),(y)) + blk1((i)) + 0x5A827999+ \
-rotlFixed((v),5); (w) = rotlFixed((w),30);
-#define R2(v,w,x,y,z,i) (z)+= f2((w),(x),(y)) + blk1((i)) + 0x6ED9EBA1+ \
-rotlFixed((v),5); (w) = rotlFixed((w),30);
-#define R3(v,w,x,y,z,i) (z)+= f3((w),(x),(y)) + blk1((i)) + 0x8F1BBCDC+ \
-rotlFixed((v),5); (w) = rotlFixed((w),30);
-#define R4(v,w,x,y,z,i) (z)+= f4((w),(x),(y)) + blk1((i)) + 0xCA62C1D6+ \
-rotlFixed((v),5); (w) = rotlFixed((w),30);
-
-static void Transform(Sha* sha)
-{
- word32 W[SHA_BLOCK_SIZE / sizeof(word32)];
-
- /* Copy context->state[] to working vars */
- word32 a = sha->digest[0];
- word32 b = sha->digest[1];
- word32 c = sha->digest[2];
- word32 d = sha->digest[3];
- word32 e = sha->digest[4];
-
-#ifdef USE_SLOW_SHA
- word32 t, i;
-
- for (i = 0; i < 16; i++) {
- R0(a, b, c, d, e, i);
- t = e; e = d; d = c; c = b; b = a; a = t;
+#ifndef WOLFSSL_HAVE_MIN
+ #define WOLFSSL_HAVE_MIN
+ static INLINE word32 min(word32 a, word32 b) {
+ return a > b ? b : a;
}
+#endif /* WOLFSSL_HAVE_MIN */
- for (; i < 20; i++) {
- R1(a, b, c, d, e, i);
- t = e; e = d; d = c; c = b; b = a; a = t;
- }
-
- for (; i < 40; i++) {
- R2(a, b, c, d, e, i);
- t = e; e = d; d = c; c = b; b = a; a = t;
- }
-
- for (; i < 60; i++) {
- R3(a, b, c, d, e, i);
- t = e; e = d; d = c; c = b; b = a; a = t;
- }
-
- for (; i < 80; i++) {
- R4(a, b, c, d, e, i);
- t = e; e = d; d = c; c = b; b = a; a = t;
- }
-#else
- /* nearly 1 K bigger in code size but 25% faster */
- /* 4 rounds of 20 operations each. Loop unrolled. */
- R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
- R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
- R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
- R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
-
- R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
-
- R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
- R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
- R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
- R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
- R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
-
- R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
- R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
- R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
- R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
- R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
-
- R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
- R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
- R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
- R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
- R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
-#endif
-
- /* Add the working vars back into digest state[] */
- sha->digest[0] += a;
- sha->digest[1] += b;
- sha->digest[2] += c;
- sha->digest[3] += d;
- sha->digest[4] += e;
-}
-
-#endif /* FREESCALE_MMCAU_SHA */
-
-#ifdef FREESCALE_LTC_SHA
-int wc_ShaUpdate(Sha* sha, const byte* data, word32 len)
-{
- LTC_HASH_Update(&sha->ctx, data, len);
- return 0;
-}
-#else /* FREESCALE_LTC_SHA */
static INLINE void AddLength(Sha* sha, word32 len)
{
word32 tmp = sha->loLen;
@@ -386,7 +412,7 @@ int wc_ShaUpdate(Sha* sha, const byte* data, word32 len)
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
ByteReverseWords(sha->buffer, sha->buffer, SHA_BLOCK_SIZE);
#endif
- XTRANSFORM(sha, local);
+ XSHATRANSFORM(sha, local);
AddLength(sha, SHA_BLOCK_SIZE);
sha->buffLen = 0;
}
@@ -394,16 +420,7 @@ int wc_ShaUpdate(Sha* sha, const byte* data, word32 len)
return 0;
}
-#endif /* FREESCALE_LTC_SHA */
-#ifdef FREESCALE_LTC_SHA
-int wc_ShaFinal(Sha* sha, byte* hash)
-{
- uint32_t hashlen = SHA_DIGEST_SIZE;
- LTC_HASH_Finish(&sha->ctx, hash, &hashlen);
- return wc_InitSha(sha); /* reset state */
-}
-#else /* FREESCALE_LTC_SHA */
int wc_ShaFinal(Sha* sha, byte* hash)
{
byte* local = (byte*)sha->buffer;
@@ -420,7 +437,7 @@ int wc_ShaFinal(Sha* sha, byte* hash)
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
ByteReverseWords(sha->buffer, sha->buffer, SHA_BLOCK_SIZE);
#endif
- XTRANSFORM(sha, local);
+ XSHATRANSFORM(sha, local);
sha->buffLen = 0;
}
XMEMSET(&local[sha->buffLen], 0, SHA_PAD_SIZE - sha->buffLen);
@@ -445,7 +462,7 @@ int wc_ShaFinal(Sha* sha, byte* hash)
2 * sizeof(word32));
#endif
- XTRANSFORM(sha, local);
+ XSHATRANSFORM(sha, local);
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseWords(sha->digest, sha->digest, SHA_DIGEST_SIZE);
#endif
@@ -453,13 +470,8 @@ int wc_ShaFinal(Sha* sha, byte* hash)
return wc_InitSha(sha); /* reset state */
}
-#endif /* FREESCALE_LTC_SHA */
-
-#endif /* STM32F2_HASH */
-
+#endif /* USE_SHA_SOFTWARE_IMPL */
#endif /* HAVE_FIPS */
-#endif /* WOLFSSL_TI_HASH */
-#endif /* NO_SHA */
-
+#endif /* !NO_SHA */
diff --git a/wolfcrypt/src/tfm.c b/wolfcrypt/src/tfm.c
index 80d304cac..e73135a60 100644
--- a/wolfcrypt/src/tfm.c
+++ b/wolfcrypt/src/tfm.c
@@ -51,7 +51,7 @@
#include /* will define asm MACROS or C ones */
#if defined(FREESCALE_LTC_TFM)
- #include "nxp/ksdk_port.h"
+ #include
#endif
#ifdef WOLFSSL_DEBUG_MATH
#include
diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c
index 3080338cb..5e3c32a49 100644
--- a/wolfcrypt/src/wc_port.c
+++ b/wolfcrypt/src/wc_port.c
@@ -35,6 +35,10 @@
#include
#endif
+#if defined(FREESCALE_LTC_TFM)
+ #include
+#endif
+
#ifdef _MSC_VER
/* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
#pragma warning(disable: 4996)
@@ -69,6 +73,10 @@ int wolfCrypt_Init()
}
#endif
+ #if defined(FREESCALE_LTC_TFM) || defined(FREESCALE_LTC_ECC)
+ ksdk_port_init();
+ #endif
+
#ifdef WOLFSSL_ARMASM
WOLFSSL_MSG("Using ARM hardware acceleration");
#endif
diff --git a/wolfssl/wolfcrypt/aes.h b/wolfssl/wolfcrypt/aes.h
index c691357c3..046f81b0d 100644
--- a/wolfssl/wolfcrypt/aes.h
+++ b/wolfssl/wolfcrypt/aes.h
@@ -167,6 +167,8 @@ WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out,
const byte* authIn, word32 authInSz);
#endif /* HAVE_AESCCM */
+WOLFSSL_API int wc_AesGetKeySize(Aes* aes, word32* keySize);
+
#ifdef WOLFSSL_ASYNC_CRYPT
WOLFSSL_API int wc_AesAsyncInit(Aes*, int);
WOLFSSL_API void wc_AesAsyncFree(Aes*);
diff --git a/wolfssl/wolfcrypt/port/nxp/ksdk_port.h b/wolfssl/wolfcrypt/port/nxp/ksdk_port.h
index 703bf692b..72908885b 100755
--- a/wolfssl/wolfcrypt/port/nxp/ksdk_port.h
+++ b/wolfssl/wolfcrypt/port/nxp/ksdk_port.h
@@ -1,12 +1,22 @@
/* ksdk_port.h
*
- * Copyright (C) 2006-2016 wolfSSL Inc. All rights reserved.
+ * Copyright (C) 2006-2016 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
- * Contact licensing@wolfssl.com with any questions or comments.
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
*
- * http://www.wolfssl.com
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef _KSDK_PORT_H_
@@ -18,6 +28,10 @@
#include
#include
+
+/* API to init required hardware */
+int ksdk_port_init(void);
+
/* software algorithm, by wolfcrypt */
#if defined(FREESCALE_LTC_TFM)
void wolfcrypt_fp_mul(fp_int *A, fp_int *B, fp_int *C);
@@ -34,7 +48,6 @@
#endif /* FREESCALE_LTC_TFM */
#if defined(FREESCALE_LTC_ECC)
-
#include "fsl_ltc.h"
typedef enum _fsl_ltc_ecc_coordinate_system
@@ -47,8 +60,8 @@
int wc_ecc_point_add(ecc_point *mG, ecc_point *mQ, ecc_point *mR, mp_int *m);
#ifdef HAVE_CURVE25519
- int wc_curve25519(ECPoint *q, byte *n, ECPoint *p, fsl_ltc_ecc_coordinate_system_t type);
- ECPoint *wc_curve25519_GetBasePoint(void);
+ int wc_curve25519(ECPoint *q, byte *n, const ECPoint *p, fsl_ltc_ecc_coordinate_system_t type);
+ const ECPoint *wc_curve25519_GetBasePoint(void);
status_t LTC_PKHA_Curve25519ToWeierstrass(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut);
status_t LTC_PKHA_WeierstrassToCurve25519(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut);
status_t LTC_PKHA_Curve25519ComputeY(ltc_pkha_ecc_point_t *ltcPoint);
diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h
index 97ff1ff3c..cd269517a 100644
--- a/wolfssl/wolfcrypt/settings.h
+++ b/wolfssl/wolfcrypt/settings.h
@@ -185,7 +185,9 @@
#if defined(WOLFSSL_IAR_ARM) || defined(WOLFSSL_ROWLEY_ARM)
#define NO_MAIN_DRIVER
#define SINGLE_THREADED
- #define USE_CERT_BUFFERS_1024
+ #if !defined(USE_CERT_BUFFERS_2048) && !defined(USE_CERT_BUFFERS_4096)
+ #define USE_CERT_BUFFERS_1024
+ #endif
#define BENCH_EMBEDDED
#define NO_FILESYSTEM
#define NO_WRITEV
@@ -237,7 +239,9 @@
#define WOLFSSL_USER_IO
#define NO_FILESYSTEM
#define NO_CERT
- #define USE_CERT_BUFFERS_1024
+ #if !defined(USE_CERT_BUFFERS_2048) && !defined(USE_CERT_BUFFERS_4096)
+ #define USE_CERT_BUFFERS_1024
+ #endif
#define NO_WRITEV
#define NO_DEV_RANDOM
#define NO_SHA512
@@ -769,18 +773,19 @@ static char *fgets(char *buff, int sz, FILE *fp)
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
- //#define ALT_ECC_SIZE
#undef HAVE_ECC
#define HAVE_ECC
- #undef HAVE_AESCCM
- #define HAVE_AESCCM
- #undef HAVE_AESGCM
- #define HAVE_AESGCM
- #undef WOLFSSL_AES_COUNTER
- #define WOLFSSL_AES_COUNTER
- #undef WOLFSSL_AES_DIRECT
- #define WOLFSSL_AES_DIRECT
+ #ifndef NO_AES
+ #undef HAVE_AESCCM
+ #define HAVE_AESCCM
+ #undef HAVE_AESGCM
+ #define HAVE_AESGCM
+ #undef WOLFSSL_AES_COUNTER
+ #define WOLFSSL_AES_COUNTER
+ #undef WOLFSSL_AES_DIRECT
+ #define WOLFSSL_AES_DIRECT
+ #endif
#include "fsl_common.h"
@@ -849,7 +854,9 @@ static char *fgets(char *buff, int sz, FILE *fp)
/* the LTC PKHA hardware limit is 2048 bits (256 bytes) for integer arithmetic.
the LTC_MAX_INT_BYTES defines the size of local variables that hold big integers. */
- #define LTC_MAX_INT_BYTES (256)
+ #ifndef LTC_MAX_INT_BYTES
+ #define LTC_MAX_INT_BYTES (256)
+ #endif
/* This FREESCALE_LTC_TFM_RSA_4096_ENABLE macro can be defined.
* In such a case both software and hardware algorithm
@@ -857,7 +864,7 @@ static char *fgets(char *buff, int sz, FILE *fp)
* from size of inputs. If inputs and result can fit into LTC (see LTC_MAX_INT_BYTES)
* then we call hardware algorithm, otherwise we call software algorithm.
*
- * Chinese reminder theorem is used to break RSA 4096 exponentiations (both public and prive key)
+ * Chinese reminder theorem is used to break RSA 4096 exponentiations (both public and private key)
* into several computations with 2048-bit modulus and exponents.
*/
/* #define FREESCALE_LTC_TFM_RSA_4096_ENABLE */
@@ -870,14 +877,18 @@ static char *fgets(char *buff, int sz, FILE *fp)
/* the LTC PKHA hardware limit is 512 bits (64 bytes) for ECC.
the LTC_MAX_ECC_BITS defines the size of local variables that hold ECC parameters
and point coordinates */
- #define LTC_MAX_ECC_BITS (384)
+ #ifndef LTC_MAX_ECC_BITS
+ #define LTC_MAX_ECC_BITS (384)
+ #endif
/* Enable curves up to 384 bits */
- #define ECC_USER_CURVES
- #define HAVE_ECC192
- #define HAVE_ECC224
- #undef NO_ECC256
- #define HAVE_ECC384
+ #if !defined(ECC_USER_CURVES) && !defined(HAVE_ALL_CURVES)
+ #define ECC_USER_CURVES
+ #define HAVE_ECC192
+ #define HAVE_ECC224
+ #undef NO_ECC256
+ #define HAVE_ECC384
+ #endif
/* enable features */
#undef HAVE_CURVE25519