1 /***************************************************************************//**
2 * \file cy_crypto_core_ecc_key_gen.c
3 * \version 2.40
4 *
5 * \brief
6 * This file provides constant and parameters for the API for the ECC key
7 * generations in the Crypto driver.
8 *
9 ********************************************************************************
10 * Copyright 2016-2020 Cypress Semiconductor Corporation
11 * SPDX-License-Identifier: Apache-2.0
12 *
13 * Licensed under the Apache License, Version 2.0 (the "License");
14 * you may not use this file except in compliance with the License.
15 * You may obtain a copy of the License at
16 *
17 * http://www.apache.org/licenses/LICENSE-2.0
18 *
19 * Unless required by applicable law or agreed to in writing, software
20 * distributed under the License is distributed on an "AS IS" BASIS,
21 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
22 * See the License for the specific language governing permissions and
23 * limitations under the License.
24 *******************************************************************************/
25
26 #include "cy_device.h"
27
28 #if defined (CY_IP_MXCRYPTO)
29
30 #include "cy_crypto_core_ecc.h"
31
32 #if defined(__cplusplus)
33 extern "C" {
34 #endif
35
36 #include "cy_crypto_core_ecc_nist_p.h"
37 #include "cy_crypto_core_vu.h"
38 #include "cy_crypto_core_trng.h"
39
40 #define CY_ECC_CONFIG_TR_GARO_CTL 0x6C740B8DuL
41 #define CY_ECC_CONFIG_TR_FIRO_CTL 0x52D246E1uL
42
43 /*******************************************************************************
44 * Function Name: Cy_Crypto_Core_ECC_MakeKeyPair
45 ****************************************************************************//**
46 *
47 * Make a new ECC key pair.
48 *
49 * \param base
50 * The pointer to a Crypto instance.
51 *
52 * \param curveID
53 * See \ref cy_en_crypto_ecc_curve_id_t.
54 *
55 * \param key
56 * [out] Destination of the newly created key. See \ref cy_stc_crypto_ecc_key.
57 *
58 * \param GetRandomDataFunc
59 * See \ref cy_func_get_random_data_t.
60 *
61 * \param randomDataInfo
62 *
63 * \return status code. See \ref cy_en_crypto_status_t.
64 *
65 *******************************************************************************/
Cy_Crypto_Core_ECC_MakeKeyPair(CRYPTO_Type * base,cy_en_crypto_ecc_curve_id_t curveID,cy_stc_crypto_ecc_key * key,cy_func_get_random_data_t GetRandomDataFunc,void * randomDataInfo)66 cy_en_crypto_status_t Cy_Crypto_Core_ECC_MakeKeyPair(CRYPTO_Type *base,
67 cy_en_crypto_ecc_curve_id_t curveID,
68 cy_stc_crypto_ecc_key *key,
69 cy_func_get_random_data_t GetRandomDataFunc,
70 void *randomDataInfo)
71 {
72 cy_en_crypto_status_t tmpResult = CY_CRYPTO_BAD_PARAMS;
73
74 if ((key != NULL) && (key->k != NULL) && (key->pubkey.x != NULL) && (key->pubkey.y != NULL))
75 {
76 tmpResult = Cy_Crypto_Core_ECC_MakePrivateKey(base, curveID, key->k, GetRandomDataFunc, randomDataInfo);
77 }
78
79 if (CY_CRYPTO_SUCCESS == tmpResult)
80 {
81 tmpResult = Cy_Crypto_Core_ECC_MakePublicKey(base, curveID, key->k, key);
82 key->type = PK_PRIVATE;
83 }
84
85 return (tmpResult);
86 }
87
88
89 /*******************************************************************************
90 * Function Name: Cy_Crypto_Core_ECC_MakePrivateKey
91 ****************************************************************************//**
92 *
93 * Make a new ECC private key
94 *
95 * \param base
96 * The pointer to a Crypto instance.
97 *
98 * \param curveID
99 * See \ref cy_en_crypto_ecc_curve_id_t.
100 *
101 * \param key
102 * [out] Destination of the newly created key.
103 *
104 * \param GetRandomDataFunc
105 * See \ref cy_func_get_random_data_t.
106 *
107 * \param randomDataInfo
108 *
109 * \return status code. See \ref cy_en_crypto_status_t.
110 *
111 *******************************************************************************/
Cy_Crypto_Core_ECC_MakePrivateKey(CRYPTO_Type * base,cy_en_crypto_ecc_curve_id_t curveID,uint8_t * key,cy_func_get_random_data_t GetRandomDataFunc,void * randomDataInfo)112 cy_en_crypto_status_t Cy_Crypto_Core_ECC_MakePrivateKey(CRYPTO_Type *base,
113 cy_en_crypto_ecc_curve_id_t curveID,
114 uint8_t *key,
115 cy_func_get_random_data_t GetRandomDataFunc, void *randomDataInfo)
116 {
117 cy_en_crypto_status_t tmpResult = CY_CRYPTO_BAD_PARAMS;
118
119 const cy_stc_crypto_ecc_dp_type *eccDp = Cy_Crypto_Core_ECC_GetCurveParams(curveID);
120
121 if ((eccDp != NULL) && (key != NULL))
122 {
123 tmpResult = CY_CRYPTO_SUCCESS;
124
125 uint32_t bitsize = eccDp->size;
126 uint32_t bytesize = CY_CRYPTO_BYTE_SIZE_OF_BITS(bitsize);
127
128 uint32_t p_temp = 8u; /* temporal values */
129 uint32_t p_key = 9u; /* private key */
130
131 /* Load random data into VU */
132 CY_CRYPTO_VU_ALLOC_MEM(base, VR_D, bitsize);
133 CY_CRYPTO_VU_ALLOC_MEM(base, p_key, bytesize * 8u);
134
135 /* generate random string */
136 uint32_t *keyRegPtr = Cy_Crypto_Core_Vu_RegMemPointer(base, p_key);
137
138 if (GetRandomDataFunc != NULL)
139 {
140 if (GetRandomDataFunc( randomDataInfo, (uint8_t *)keyRegPtr, bytesize ) != 0)
141 {
142 tmpResult = CY_CRYPTO_HW_ERROR;
143 }
144 }
145 else
146 {
147 uint32_t i = 0U;
148 int32_t randomsize = (int32_t)bitsize;
149 cy_en_crypto_status_t status = CY_CRYPTO_SUCCESS;
150
151 while ((randomsize > 0) && (CY_CRYPTO_SUCCESS == status))
152 {
153 uint32_t randombits = (uint32_t)CY_CRYPTO_MIN(randomsize, (int32_t)CY_CRYPTO_HW_REGS_WIDTH);
154
155 status = Cy_Crypto_Core_Trng(base, CY_ECC_CONFIG_TR_GARO_CTL, CY_ECC_CONFIG_TR_FIRO_CTL,
156 randombits, &(keyRegPtr)[i]);
157 randomsize -= (int32_t)CY_CRYPTO_HW_REGS_WIDTH;
158 i++;
159
160 if (CY_CRYPTO_SUCCESS != status)
161 {
162 tmpResult = CY_CRYPTO_HW_ERROR;
163 }
164 }
165 }
166
167 if (CY_CRYPTO_SUCCESS == tmpResult)
168 {
169 Cy_Crypto_Core_VU_RegInvertEndianness(base, p_key);
170
171 if ((bytesize * 8u) > bitsize)
172 {
173 /* Shift random data right */
174 CY_CRYPTO_VU_SET_REG(base, p_temp, (bytesize * 8u) - bitsize, 1u);
175 CY_CRYPTO_VU_LSR(base, p_key, p_key, p_temp);
176 }
177
178 CY_CRYPTO_VU_MOV(base, VR_D, p_key);
179 Cy_Crypto_Core_Vu_WaitForComplete(base);
180
181 /* load prime and order defining the curve as well as the barrett coefficient. */
182 /* P and BARRETT_U are "globally" defined in cy_crypto_core_ecc.h */
183 CY_CRYPTO_VU_ALLOC_MEM(base, VR_P, bitsize);
184 Cy_Crypto_Core_Vu_SetMemValue (base, VR_P, eccDp->order, bitsize);
185
186 /* check that key is smaller than the order of the base point */
187 if (!Cy_Crypto_Core_Vu_IsRegLess(base, VR_D, VR_P))
188 {
189 /* private key (random data) >= order, needs reduction */
190 CY_CRYPTO_VU_ALLOC_MEM(base, VR_BARRETT, bitsize + 1u);
191 Cy_Crypto_Core_Vu_SetMemValue (base, VR_BARRETT, eccDp->barrett_o, bitsize + 1u);
192
193 CY_CRYPTO_VU_ALLOC_MEM(base, p_temp, bitsize);
194 CY_CRYPTO_VU_MOV(base, p_temp, VR_D);
195
196 /* use Barrett reduction algorithm for operations modulo n (order of the base point) */
197 Cy_Crypto_Core_EC_NistP_SetRedAlg(eccDp->algo);
198 Cy_Crypto_Core_EC_NistP_SetMode(bitsize);
199
200 /* z = x % mod */
201 Cy_Crypto_Core_EC_Bar_MulRed(base, VR_D, p_temp, bitsize);
202
203 CY_CRYPTO_VU_FREE_MEM(base, CY_CRYPTO_VU_REG_BIT(VR_BARRETT) |
204 CY_CRYPTO_VU_REG_BIT(p_temp));
205 }
206
207 CY_CRYPTO_VU_FREE_MEM(base, CY_CRYPTO_VU_REG_BIT(VR_P));
208
209 Cy_Crypto_Core_Vu_GetMemValue(base, (uint8_t *)key, VR_D, bitsize);
210
211 tmpResult = CY_CRYPTO_SUCCESS;
212 }
213
214 CY_CRYPTO_VU_FREE_MEM(base, CY_CRYPTO_VU_REG_BIT(VR_D) | CY_CRYPTO_VU_REG_BIT(p_key));
215 }
216
217 return (tmpResult);
218 }
219
220
221 /*******************************************************************************
222 * Function Name: Cy_Crypto_Core_ECC_MakePublicKey
223 ****************************************************************************//**
224 *
225 * Make a new ECC public key
226 *
227 * \param base
228 * The pointer to a Crypto instance.
229 *
230 * \param curveID
231 * See \ref cy_en_crypto_ecc_curve_id_t.
232 *
233 * \param privateKey
234 * [out] Destination of the newly created key.
235 *
236 * \param publicKey
237 * See \ref cy_stc_crypto_ecc_key.
238 *
239 * \return status code. See \ref cy_en_crypto_status_t.
240 *
241 *******************************************************************************/
Cy_Crypto_Core_ECC_MakePublicKey(CRYPTO_Type * base,cy_en_crypto_ecc_curve_id_t curveID,const uint8_t * privateKey,cy_stc_crypto_ecc_key * publicKey)242 cy_en_crypto_status_t Cy_Crypto_Core_ECC_MakePublicKey(CRYPTO_Type *base,
243 cy_en_crypto_ecc_curve_id_t curveID,
244 const uint8_t *privateKey,
245 cy_stc_crypto_ecc_key *publicKey)
246 {
247 cy_en_crypto_status_t tmpResult = CY_CRYPTO_BAD_PARAMS;
248
249 cy_stc_crypto_ecc_dp_type *eccDp = Cy_Crypto_Core_ECC_GetCurveParams(curveID);
250
251 if ((eccDp != NULL) && (privateKey != NULL) && (publicKey != NULL) &&
252 (publicKey->pubkey.x != NULL) && (publicKey->pubkey.y != NULL))
253 {
254 uint32_t bitsize = eccDp->size;
255
256 uint32_t p_order = 9u; /* order of the curve */
257 uint32_t p_d = 10u; /* private key */
258 uint32_t p_x = 11u; /* x coordinate */
259 uint32_t p_y = 12u; /* y coordinate */
260
261 /* make the public key
262 * EC scalar multiplication - X,Y-only co-Z arithmetic
263 */
264 CY_CRYPTO_VU_ALLOC_MEM(base, VR_P, bitsize);
265 CY_CRYPTO_VU_ALLOC_MEM(base, p_order, bitsize);
266 CY_CRYPTO_VU_ALLOC_MEM(base, VR_BARRETT, bitsize + 1u);
267 CY_CRYPTO_VU_ALLOC_MEM(base, p_x, bitsize);
268 CY_CRYPTO_VU_ALLOC_MEM(base, p_y, bitsize);
269
270 /* Apply domain parameters */
271 /* load prime and order defining the curve as well as the barrett coefficient. */
272 /* P and BARRETT_U are "globally" defined in cy_crypto_core_ecc.h */
273 Cy_Crypto_Core_Vu_SetMemValue (base, VR_P, eccDp->prime, bitsize);
274 Cy_Crypto_Core_Vu_SetMemValue (base, p_order, eccDp->order, bitsize);
275 Cy_Crypto_Core_Vu_SetMemValue (base, VR_BARRETT, eccDp->barrett_p, bitsize + 1u);
276
277 /*Base Point, G = (p_x, p_y) */
278 Cy_Crypto_Core_Vu_SetMemValue (base, p_x, eccDp->Gx, bitsize);
279 Cy_Crypto_Core_Vu_SetMemValue (base, p_y, eccDp->Gy, bitsize);
280
281 Cy_Crypto_Core_EC_NistP_SetMode(bitsize);
282 Cy_Crypto_Core_EC_NistP_SetRedAlg(eccDp->algo);
283
284 /* Load private key */
285 CY_CRYPTO_VU_ALLOC_MEM(base, p_d, bitsize);
286 Cy_Crypto_Core_Vu_SetMemValue(base, p_d, (uint8_t *)privateKey, bitsize);
287
288 Cy_Crypto_Core_EC_NistP_PointMul(base, p_x, p_y, p_d, p_order, bitsize);
289
290 Cy_Crypto_Core_Vu_GetMemValue(base, (uint8_t *)publicKey->pubkey.x, p_x, bitsize);
291 Cy_Crypto_Core_Vu_GetMemValue(base, (uint8_t *)publicKey->pubkey.y, p_y, bitsize);
292
293 publicKey->type = PK_PUBLIC;
294 publicKey->curveID = curveID;
295
296 CY_CRYPTO_VU_FREE_MEM(base, CY_CRYPTO_VU_REG_BIT(VR_P) |
297 CY_CRYPTO_VU_REG_BIT(p_order) | CY_CRYPTO_VU_REG_BIT(VR_BARRETT) |
298 CY_CRYPTO_VU_REG_BIT(p_x) | CY_CRYPTO_VU_REG_BIT(p_y) |
299 CY_CRYPTO_VU_REG_BIT(p_d));
300
301 tmpResult = CY_CRYPTO_SUCCESS;
302 }
303
304 return (tmpResult);
305 }
306
307 #if defined(__cplusplus)
308 }
309 #endif
310
311 #endif /* CY_IP_MXCRYPTO */
312
313
314 /* [] END OF FILE */
315
