1 /* 2 * Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 #include "aes.h" 8 9 /*! 10 @defgroup cryptocell_api CryptoCell runtime library 11 12 @{ 13 @} 14 */ 15 16 /* 17 ############################TOP-LEVEL APIs################################### 18 */ 19 /*! 20 @defgroup cc_top Basic CryptoCell library definitions 21 @brief Contains basic CryptoCell library definitions. 22 23 @{ 24 @ingroup cryptocell_api 25 @} 26 */ 27 28 /*! 29 @defgroup cc_lib Basic CryptoCell library APIs 30 @brief Contains basic CryptoCell library APIs. 31 32 This module lists the basic CryptoCell library APIs. 33 34 @{ 35 @ingroup cc_top 36 @} 37 */ 38 39 /*! 40 @defgroup cc_general_defs General CryptoCell definitions 41 @brief Contains general definitions of the CryptoCell runtime SW APIs. 42 43 @{ 44 @ingroup cc_top 45 @} 46 */ 47 48 /*! 49 @defgroup cc_error General base error codes for CryptoCell 50 @brief Contains general base-error codes for CryptoCell. 51 52 53 @{ 54 @ingroup cc_top 55 @} 56 */ 57 58 59 /* 60 ################################AES APIs##################################### 61 */ 62 /*! 63 @defgroup cc_aes CryptoCell AES APIs 64 65 @ingroup cryptocell_api 66 67 @brief AES is a symmetric block cipher that uses a combination of both substitution 68 and permutation. It is fast in both software and hardware. 69 70 AES has a fixed block size of 128 bits, and supports the following key sizes: 71 <ul><li>128 bits.</li><li>192 bits.</li><li>256 bits.</li></ul> 72 73 For the implementation of AES, see aes.h. 74 75 */ 76 77 /*! 78 @defgroup cc_aes_hw_limit CryptoCell-312 hardware limitations for AES 79 80 @ingroup cc_aes 81 82 The CrytoCell-312 hardware accelerates the following AES operations: 83 <ul><li>ECB.</li> 84 <li>CBC.</li> 85 <li>CTR.</li> 86 <li>CMAC. For the implementation of CMAC, see cmac.h.</li> 87 <li>OFB.</li> 88 <li>CCM. For the implementation of CCM, see ccm.h.</li> 89 <li>CCM star. For the implementation of CCM star, see mbedtls_cc_ccm_star.h and ccm.h.</li> 90 <li>GCM. For the implementation of GCM, see gcm.h.</li></ul> 91 92 To support the accelerated algorithms, the following conditions 93 must be met: 94 <ul><li>The input and output buffers must be DMA-able.</li> 95 <li>The input and output buffers must be physically contingous 96 blocks in memory.</li> 97 <li>Buffer size must be up to 64KB.</li> 98 <li>The context must also be DMA-able, as partial 99 and final results are written to the context.</li> 100 <li>Only integrated operations are supported for CCM, CCM star and GCM algorithms.</li></ul> 101 */ 102 103 /*! 104 @defgroup cc_aes_typical Typical usage of AES in CryptoCell-312 105 106 @ingroup cc_aes 107 108 The following is a typical AES Block operation flow: 109 <ol><li>mbedtls_aes_init().</li> 110 <li>mbedtls_aes_setkey_enc().</li> 111 <li>mbedtls_aes_crypt_cbc().</li></ol> 112 113 */ 114 115 /*! 116 @defgroup cc_aesccm_star CryptoCell AES-CCM star APIs 117 @brief Contains the CryptoCell AES-CCM star APIs. 118 119 @{ 120 @ingroup cc_aes 121 @} 122 */ 123 124 /*! 125 @defgroup cc_aes_defs Definitions of CryptoCell AES APIs 126 @brief Contains CryptoCell AES API type definitions. 127 128 @{ 129 @ingroup cc_aes 130 @} 131 */ 132 133 /*! 134 @defgroup cc_aes_defs_proj Project definitions of CryptoCell AES APIs 135 @brief Contains CryptoCell AES API project type definitions. 136 137 @{ 138 @ingroup cc_aes_defs 139 @} 140 */ 141 142 /*! 143 @defgroup cc_aesccm_star_common Common definitions of the CryptoCell AES-CCM star APIs 144 @brief Contains the CryptoCell AES-CCM star APIs. 145 146 @{ 147 @ingroup cc_aes_defs 148 @} 149 */ 150 151 152 /* 153 ################################DHM APIs##################################### 154 */ 155 /*! 156 @defgroup dhm_module CryptoCell DHM APIs 157 158 @ingroup cryptocell_api 159 160 @brief Diffie-Hellman-Merkle (DHM) is used to securely exchange cryptographic 161 keys over a public channel. 162 163 As described in <em>Public-Key Cryptography Standards (PKCS) #3: Diffie Hellman 164 Key Agreement Standard</em>: 165 "[T]wo parties, without any prior arrangements, can agree upon a secret key 166 that is known only to them...This secret key can then be used, for example, 167 to encrypt further communications between the parties." 168 169 The DHM module is implemented based on the definitions in the following 170 standards: 171 <ul><li><em>RFC-3526: More Modular Exponential (MODP) Diffie-Hellman groups 172 for Internet Key Exchange (IKE)</em>: defines a number of standardized 173 Diffie-Hellman groups for IKE.</li> 174 <li><em>RFC-5114: Additional Diffie-Hellman Groups for Use with IETF 175 Standards</em>: defines a number of standardized Diffie-Hellman 176 groups that can be used.</li></ul> 177 178 For the implementation of DHM, see dhm.h. 179 */ 180 181 /*! 182 @defgroup cc_dhm_hw_limit CryptoCell-312 hardware limitations for DHM 183 184 @ingroup dhm_module 185 186 To support the accelerated algorithms, the following conditions 187 must be met: 188 <ul><li>The contexts must be DMA-able, as they might 189 be used for some symmetric operations.</li></ul> 190 */ 191 192 /*! 193 @defgroup cc_dhm_typical Typical usage of DHM in CryptoCell-312 194 195 @ingroup dhm_module 196 197 The following is a typical DHM flow for one party: 198 <ol><li>mbedtls_dhm_init().</li> 199 <li>mbedtls_mpi_read_string().</li> 200 <li>mbedtls_mpi_read_string().</li> 201 <li>mbedtls_dhm_make_params().</li> 202 <li>mbedtls_dhm_read_public().</li> 203 <li>mbedtls_dhm_calc_secret().</li></ol> 204 */ 205 206 /* 207 ################################ECC APIs##################################### 208 */ 209 210 /*! 211 @defgroup cc_ecc CryptoCell Elliptic Curve APIs 212 @brief Contains all CryptoCell Elliptic Curve APIs. 213 214 Elliptic-curve cryptography (ECC) is defined in <em>Standards for Efficient 215 Cryptography Group (SECG): SEC1 Elliptic Curve Cryptography</em>. 216 217 @{ 218 @ingroup cryptocell_api 219 @} 220 */ 221 222 /*! 223 @defgroup ecdh_module ECDH module overview 224 225 @ingroup cc_ecc 226 227 @brief Elliptic-curve Diffie–Hellman (ECDH) is an anonymous key agreement 228 protocol. It allows two parties to establish a shared secret over an 229 insecure channel. Each party must have an elliptic-curve public–private 230 key pair. 231 232 For more information, see <em>NIST SP 800-56A Rev. 2: Recommendation 233 for Pair-Wise Key Establishment Schemes Using Discrete Logarithm 234 Cryptography</em>. 235 236 For the implementation of ECDH, see ecdh.h. 237 */ 238 239 /*! 240 @defgroup cc_ecdh_hw_limit CryptoCell-312 hardware limitations for ECDH 241 242 @ingroup ecdh_module 243 244 CryotoCell-312 does not support Brainpool curves. 245 246 */ 247 248 /*! 249 @defgroup cc_ecdh_typical Typical usage of ECDH in CryptoCell-312 250 251 @ingroup ecdh_module 252 253 The following is a typical ECDH operation flow: 254 <ol><li>mbedtls_ecp_group_init().</li> 255 <li>mbedtls_mpi_init() for each group parameter.</li> 256 <li>mbedtls_ecdh_gen_public().</li></ol> 257 */ 258 259 /*! 260 @defgroup ecdh_edwards CryptoCell ECDH Edwards curve APIs 261 @brief Contains the CryptoCell ECDH Edwards curve APIs. 262 @{ 263 @ingroup ecdh_module 264 @} 265 */ 266 267 /*! 268 @defgroup ecdsa_module ECDSA module overview 269 270 @ingroup cc_ecc 271 272 @brief The Elliptic Curve Digital Signature Algorithm (ECDSA) is a used for 273 generating and validating digital signatures. 274 275 For the definition of ECDSA, see <em>Standards for Efficient Cryptography Group (SECG): 276 SEC1 Elliptic Curve Cryptography</em>. 277 278 For the use of ECDSA for TLS, see <em>RFC-4492: Elliptic Curve 279 Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS)</em>. 280 281 For the implementation of ECDSA, see ecdsa.h. 282 */ 283 284 /*! 285 @defgroup cc_ecdsa_hw_limit CryptoCell-312 hardware limitations for ECDSA 286 287 @ingroup ecdsa_module 288 289 CryotoCell-312 does not support Brainpool curves. 290 291 \note Using hash functions with hash size greater than the EC modulus size 292 is not recommended. 293 */ 294 /*! 295 @defgroup cc_ecdsa_typical Typical usage of ECDSA in CryptoCell-312 296 297 @ingroup ecdsa_module 298 299 The following is a typical ECDSA operation flow: 300 <ol><li>mbedtls_ecp_group_init().</li> 301 <li>mbedtls_mpi_init() for each group parameter.</li> 302 <li>mbedtls_ecp_gen_keypair().</li> 303 <li>mbedtls_ecdsa_sign() or mbedtls_ecdsa_verify().</li></ol> 304 */ 305 306 /*! 307 @defgroup eddsa CryptoCell EDDSA Edwards curve APIs 308 @brief Contains the CryptoCell EDDSA Edwards curve APIs. 309 @{ 310 @ingroup ecdsa_module 311 @} 312 */ 313 314 /*! 315 @defgroup cc_ecies CryptoCell ECIES APIs 316 @brief Contains the CryptoCell Elliptic Curve Integrated Encryption Scheme (ECIES) APIs. 317 @{ 318 319 @ingroup cc_ecc 320 @} 321 */ 322 323 /*! 324 @defgroup cc_ecpki CryptoCell ECPKI APIs 325 @brief Contains all CryptoCell ECPKI APIs. 326 327 This module contains all definitions relating to Elliptic Curve Public Key Infrastructure. 328 @{ 329 @ingroup cc_ecc 330 @} 331 */ 332 333 /*! 334 @defgroup cc_ecpki_domains_defs CryptoCell ECPKI supported domains 335 @brief Contains CryptoCell ECPKI domains supported by the project. 336 337 @{ 338 @ingroup cc_ecpki 339 @} 340 */ 341 342 /*! 343 @defgroup cc_ecpki_types CryptoCell ECPKI type definitions 344 @brief Contains CryptoCell ECPKI API type definitions. 345 346 @{ 347 @ingroup cc_ecpki 348 @} 349 */ 350 351 /* 352 ##############################EXT DMA APIs################################### 353 */ 354 355 /*! 356 @defgroup ext_dma CryptoCell external DMA APIs 357 @brief Contains all CryptoCell external DMA API definitions. 358 359 @{ 360 @ingroup cryptocell_api 361 @} 362 */ 363 364 /*! 365 @defgroup aes_ext_dma CryptoCell AES external DMA APIs 366 @brief Contains CryptoCell AES external DMA API definitions. 367 368 @{ 369 @ingroup ext_dma 370 @} 371 */ 372 373 /*! 374 @defgroup chacha_ext_dma CryptoCell ChaCha external DMA APIs 375 @brief Contains CryptoCell ChaCha external DMA APIs. 376 377 @{ 378 @ingroup ext_dma 379 @} 380 */ 381 382 /*! 383 @defgroup hash_ext_dma CryptoCell hash external DMA APIs 384 @brief Contains CryptoCell hash external DMA APIs. 385 386 @{ 387 @ingroup ext_dma 388 @} 389 */ 390 391 /*! 392 @defgroup ext_dma_errors Specific errors of the CryptoCell external DMA APIs 393 @brief Contains the CryptoCell external DMA-API error definitions. 394 395 @{ 396 @ingroup ext_dma 397 @} 398 */ 399 400 401 /* 402 ###############################HASH APIs##################################### 403 */ 404 405 /*! 406 @defgroup cc_hash CryptoCell hash APIs 407 @brief Contains all CryptoCell hash APIs and definitions. 408 409 The hash or Message Digest (MD) module allows you to calculate 410 hash digests from data, and create signatures based on those hash digests. 411 412 HMAC is a wrapping algorithm that uses one of the supported 413 hash algorithms and a key, to generate a unique 414 authentication code over the input data. 415 416 All hash algorithms can be accessed via the generic MD layer. 417 For more information, see ::mbedtls_md_setup(). 418 419 For more information on supported hash algorithms, @see cc_hash_hw_limit. 420 421 For the implementation of hash and HMAC, see md.h. 422 @{ 423 @ingroup cryptocell_api 424 @} 425 */ 426 427 /*! 428 @defgroup cc_hash_hw_limit CryptoCell-312 hardware limitations for hash 429 430 @ingroup cc_hash 431 432 The CryptoCell-312 hardware supports accelerated hash operations for 433 the following modes: 434 <ul><li>SHA-1</li> 435 <li>SHA-224</li> 436 <li>SHA-256</li></ul> 437 438 SHA-384 and SHA-512 operations are only supported in a 439 non-accelerated software mode. 440 441 To support the accelerated algorithms, the following conditions 442 must be met: 443 <ul><li>The input buffer must be DMA-able.</li> 444 <li>The input buffer must be physically contingous 445 block in memory.</li> 446 <li>Buffer size must be up to 64KB.</li> 447 <li>The context must also be DMA-able, as partial 448 and final results are written to the context.</li></ul> 449 */ 450 451 /*! 452 @defgroup cc_hash_typical Typical usage of hash in CryptoCell-312 453 454 @ingroup cc_hash 455 456 The following is a typical hash Block operation flow 457 directly using the SHA module: 458 <ol><li>mbedtls_sha1_init().</li> 459 <li>mbedtls_sha1_starts_ret().</li> 460 <li>mbedtls_sha1_update_ret().</li> 461 <li>mbedtls_sha1_finish_ret().</li></ol> 462 463 The following is a typical HMAC Block operation flow 464 using the MD module: 465 <ol><li>mbedtls_md_setup().</li> 466 <li>mbedtls_md_hmac_starts().</li> 467 <li>mbedtls_md_hmac_update().</li> 468 <li>mbedtls_md_hmac_finish().</li></ol> 469 */ 470 471 /*! 472 @defgroup cc_sha512_t_h CryptoCell SHA-512 truncated APIs 473 474 @ingroup cc_hash 475 476 @brief Contains all CryptoCell SHA-512 truncated APIs. 477 478 */ 479 480 /*! 481 @defgroup cc_hash_defs CryptoCell hash API definitions 482 @brief Contains CryptoCell hash API definitions. 483 484 @{ 485 @ingroup cc_hash 486 @} 487 */ 488 489 /*! 490 @defgroup cc_hash_defs_proj CryptoCell hash API project-specific definitions 491 @brief Contains the project-specific hash API definitions. 492 493 @{ 494 @ingroup cc_hash 495 @} 496 */ 497 498 /* 499 ###############################MGMT APIs##################################### 500 */ 501 /*! 502 @defgroup cc_management CryptoCell management APIs 503 @brief Contains CryptoCell Management APIs. 504 505 @{ 506 @ingroup cryptocell_api 507 @} 508 */ 509 510 /*! 511 @defgroup cc_management_error Specific errors of the CryptoCell Management APIs 512 @brief Contains the CryptoCell management-API error definitions. 513 514 @{ 515 @ingroup cc_management 516 @} 517 */ 518 519 /* 520 ################################PAL APIs##################################### 521 */ 522 /*! 523 @defgroup cc_pal CryptoCell PAL APIs 524 @brief Groups all PAL APIs and definitions. 525 526 @{ 527 @ingroup cryptocell_api 528 @} 529 */ 530 531 /*! 532 @defgroup cc_pal_abort CryptoCell PAL abort operations 533 @brief Contains CryptoCell PAL abort operations. 534 535 @{ 536 @ingroup cc_pal 537 @} 538 */ 539 540 /*! 541 @defgroup cc_pal_apbc CryptoCell PAL APB-C APIs 542 @brief Contains PAL APB-C APIs. 543 544 @{ 545 @ingroup cc_pal 546 @} 547 */ 548 549 /*! 550 @defgroup cc_pal_sb_plat CryptoCell PAL definitions for Boot Services 551 @brief Contains CryptoCell PAL Secure Boot definitions. 552 553 @{ 554 @ingroup cc_pal 555 @} 556 */ 557 558 /*! 559 @defgroup cc_pal_init CryptoCell PAL entry or exit point APIs 560 @brief Contains PAL initialization and termination APIs. 561 562 @{ 563 @ingroup cc_pal 564 @} 565 */ 566 567 /*! 568 @defgroup cc_pal_log CryptoCell PAL logging APIs and definitions 569 @brief Contains CryptoCell PAL layer log definitions. 570 571 @{ 572 @ingroup cc_pal 573 @} 574 */ 575 576 /*! 577 @defgroup cc_pal_mem CryptoCell PAL memory operations 578 @brief Contains memory-operation functions. 579 580 @{ 581 @ingroup cc_pal 582 @} 583 */ 584 585 /*! 586 @defgroup cc_pal_barrier CryptoCell PAL memory Barrier APIs 587 @brief Contains memory-barrier implementation definitions and APIs. 588 589 @{ 590 @ingroup cc_pal_mem 591 @} 592 */ 593 594 /*! 595 @defgroup cc_pal_memmap CryptoCell PAL memory mapping APIs 596 @brief Contains memory mapping functions. 597 598 @{ 599 @ingroup cc_pal_mem 600 @} 601 */ 602 603 /*! 604 @defgroup cc_pal_mutex CryptoCell PAL mutex APIs 605 @brief Contains resource management functions. 606 607 @{ 608 @ingroup cc_pal 609 @} 610 */ 611 612 /*! 613 @defgroup cc_pal_types CryptoCell PAL platform-dependent definitions and types 614 @brief Contains CryptoCell PAL platform-dependent definitions and types. 615 616 @{ 617 @ingroup cc_pal 618 @} 619 */ 620 621 /*! 622 @defgroup cc_pal_compiler CryptoCell PAL platform-dependent compiler-related definitions 623 @brief Contains CryptoCell PAL platform-dependent compiler-related definitions. 624 @{ 625 @ingroup cc_pal 626 @} 627 */ 628 629 /*! 630 @defgroup cc_pal_pm CryptoCell PAL power-management APIs 631 @brief Contains PAL power-management APIs. 632 633 @{ 634 @ingroup cc_pal 635 @} 636 */ 637 638 /*! 639 @defgroup cc_pal_trng CryptoCell PAL TRNG APIs 640 @brief Contains APIs for retrieving TRNG user parameters. 641 642 @{ 643 @ingroup cc_pal 644 @} 645 */ 646 647 /*! 648 @defgroup cc_pal_error Specific errors of the CryptoCell PAL APIs 649 @brief Contains platform-dependent PAL-API error definitions. 650 651 @{ 652 @ingroup cc_pal 653 @} 654 */ 655 656 /* 657 ################################PKA APIs##################################### 658 */ 659 /*! 660 @defgroup cc_pka CryptoCell PKA APIs 661 @brief Contains all CryptoCell PKA APIs. 662 663 @{ 664 @ingroup cryptocell_api 665 @} 666 */ 667 668 /*! 669 @defgroup cc_pka_defs_hw CryptoCell PKA-specific definitions 670 @brief Contains the CryptoCell PKA API definitions. 671 672 @{ 673 @ingroup cc_pka 674 @} 675 */ 676 677 /*! 678 @defgroup cc_pka_hw_plat_defs CryptoCell PKA-API platform-dependent types and definitions 679 @brief Contains the platform-dependent definitions of the CryptoCell PKA APIs. 680 681 @{ 682 @ingroup cc_pka_defs_hw 683 @} 684 */ 685 686 687 /* 688 ###############################PROD APIs##################################### 689 */ 690 691 /*! 692 @addtogroup prod CryptoCell production-library APIs 693 @brief Contains CryptoCell production-library APIs. 694 695 @{ 696 @ingroup cryptocell_api 697 @} 698 */ 699 700 /*! 701 @defgroup prod_mem CryptoCell production-library definitions 702 @brief Contains CryptoCell production-library definitions. 703 704 @{ 705 @ingroup prod 706 @} 707 */ 708 709 /*! 710 @defgroup cc_cmpu CryptoCell ICV production library APIs 711 @brief Contains CryptoCell ICV production library APIs. 712 713 @{ 714 @ingroup prod 715 @} 716 */ 717 718 /*! 719 @defgroup cc_dmpu CryptoCell OEM production library APIs 720 @brief Contains CryptoCell OEM production library APIs. 721 722 @{ 723 @ingroup prod 724 @} 725 */ 726 727 /*! 728 @defgroup prod_errors Specific errors of the CryptoCell production-library APIs 729 @brief Contains the CryptoCell production-library-API error definitions. 730 731 @{ 732 @ingroup prod 733 @} 734 */ 735 736 737 /* 738 ################################RNG APIs##################################### 739 */ 740 /*! 741 @defgroup rng_module CryptoCell RNG APIs 742 743 @brief The Random Number Generator (RNG) module supports random number 744 generation, as defined in <em>NIST SP 800-90A: Recommendation for Random 745 Number Generation Using Deterministic Random Bit Generators</em>. 746 See mbedtls_ctr_drbg_random(). 747 748 The block-cipher counter-mode based deterministic random-bit 749 generator (CTR_DBRG). CryptoCell provides the source of entropy. 750 751 For the implementation of RNG, see ctr_drbg.h. 752 @{ 753 @ingroup cryptocell_api 754 @} 755 */ 756 757 /*! 758 @defgroup cc_rnd CryptoCell random-number generation APIs. 759 @brief Contains the CryptoCell random-number generation APIs. 760 @{ 761 @ingroup rng_module 762 @} 763 */ 764 765 766 /* 767 ################################RSA APIs##################################### 768 */ 769 /*! 770 @defgroup rsa_module CryptoCell RSA APIs 771 772 @ingroup cryptocell_api 773 774 @brief RSA is an asymmetric algorithm used for secure-data transmission. 775 776 @note As it is considered slow, it is mainly used to pass encrypted shared 777 keys for symmetric key cryptography. 778 779 The RSA module implements the standards defined in <em>Public-Key Cryptography 780 Standards (PKCS) #1 v1.5: RSA Encryption</em> and <em>Public-Key 781 Cryptography Standards (PKCS) #1 v2.1: RSA Cryptography Specifications</em>. 782 783 @note CryptoCell-312 does not support blinding for RSA. If a function receives 784 random pointers as input, these may be NULL. 785 786 For the implementation of RSA, see rsa.h 787 */ 788 789 /*! 790 @defgroup cc_rsa_hw_limit CryptoCell-312 hardware limitations for RSA 791 792 @ingroup rsa_module 793 794 CryptoCell-312 supports the following RSA key sizes for private-public 795 operations: 796 <ul><li>256 bytes (2048 bits).</li> 797 <li>384 bytes (3072 bits).</li> 798 <li>512 bytes (4096 bits).</li></ul> 799 800 For key-generation, CryptoCell-312 supports the following RSA key sizes: 801 <ul><li>256 bytes (2048 bits).</li> 802 <li>384 bytes (3072 bits).</li></ul> 803 */ 804 805 /*! 806 @defgroup cc_rsa_typical Typical usage of RSA in CryptoCell-312 807 808 @ingroup rsa_module 809 810 The following is a typical RSA operation flow: 811 <ol><li>mbedtls_rsa_init().</li> 812 <li>mbedtls_rsa_gen_key().</li> 813 <li>mbedtls_rsa_pkcs1_encrypt().</li></ol> 814 815 @note CryptoCell-312 requires that the same \c hash_id used for 816 mbedtls_rsa_init() is used for all subsequent operations. 817 Otherwise, it returns an error. 818 */ 819 820 /*! 821 @defgroup cc_rsa_typical_ki Typical insertion of keys in CryptoCell-312 822 823 @ingroup rsa_module 824 825 The following is a typical RSA key-insertion flow: 826 <ol><li>mbedtls_rsa_import() or mbedtls_rsa_import_raw().</li> 827 <li>mbedtls_rsa_complete().</li></ol> 828 829 If you insert keys that are not derived by CryptoCell-312, 830 the following restrictions apply: 831 <ul><li>The user may insert \c N, \c D, \c E, and the complete function does 832 not derive the \c P and \c Q (the CRT values).</li> 833 <li>The user may insert \c P and \c Q, and the complete function derives the 834 CRT values from that, but does not derive \c D.</li> 835 <li>Its Illegal to insert only part of the CRT key (only \c DP for example).</li> 836 <li> If all the required key parameters were inserted the function does nothing.</li></ul> 837 */ 838 839 /* 840 #############################Secure Boot APIs################################ 841 */ 842 /*! 843 @defgroup cc_sb CryptoCell Secure Boot and Secure Debug APIs. 844 @brief Contains all Secure Boot and Secure Debug APIs and definitions. 845 846 @{ 847 @ingroup cryptocell_api 848 @} 849 */ 850 851 /*! 852 @defgroup cc_sb_image_verifier CryptoCell Secure Boot and Secure Debug API definitions 853 @brief Contains definitions used for the Secure Boot and Secure Debug APIs. 854 855 @{ 856 @ingroup cc_sb 857 @} 858 */ 859 860 /*! 861 @defgroup cc_sb_basetypes CryptoCell Secure Boot basic type definitions 862 @brief Contains CryptoCell Secure Boot basic type definitions. 863 @{ 864 @ingroup cc_sb 865 @} 866 */ 867 868 /*! 869 @defgroup cc_sbrt CryptoCell Secure Boot certificate-chain-processing APIs. 870 @brief Contains CryptoCell Secure Boot certificate-chain-processing APIs. 871 872 @{ 873 @ingroup cc_sb 874 @} 875 */ 876 877 /*! 878 @defgroup cc_sb_defs CryptoCell Secure Boot type definitions 879 @brief Contains CryptoCell Secure Boot type definitions. 880 @{ 881 @ingroup cc_sb 882 @} 883 */ 884 885 /*! 886 @defgroup cc_sb_gen_defs CryptoCell Secure Boot and Secure Debug definitions and structures 887 @brief Contains CryptoCell Secure Boot and Secure Debug definitions and structures. 888 889 @{ 890 @ingroup cc_sb_defs 891 @} 892 */ 893 894 /* 895 ##############################SRAM MAP APIs################################### 896 */ 897 /*! 898 @defgroup cc_sram_map CryptoCell SRAM mapping APIs 899 @brief Contains internal SRAM mapping APIs. 900 901 @{ 902 @ingroup cryptocell_api 903 @} 904 */ 905 906 907 /* 908 ################################SRP APIs##################################### 909 */ 910 /*! 911 @defgroup cc_srp CryptoCell SRP APIs 912 @brief Contains CryptoCell SRP APIs. 913 914 @{ 915 @ingroup cryptocell_api 916 @} 917 */ 918 919 /*! 920 @defgroup cc_srp_errors Specific errors of the CryptoCell SRP APIs 921 @brief Contains the CryptoCell SRP-API error definitions. 922 @{ 923 @ingroup cc_srp 924 @} 925 */ 926 927 928 /* 929 ################################UTIL APIs#################################### 930 */ 931 /*! 932 @defgroup cc_utils CryptoCell utility APIs 933 @brief This contains all utility APIs. 934 @{ 935 @ingroup cryptocell_api 936 @} 937 */ 938 939 /*! 940 @defgroup cc_util_asset_prov CryptoCell runtime-library asset-provisioning APIs 941 @brief Contains CryptoCell runtime-library ICV and OEM asset-provisioning APIs 942 and definitions. 943 944 @{ 945 @ingroup cc_utils 946 @} 947 */ 948 949 /*! 950 @defgroup cc_utils_defs CryptoCell utility APIs general definitions 951 @brief Contains CryptoCell utility APIs general definitions. 952 @{ 953 @ingroup cc_utils 954 @} 955 */ 956 957 /*! 958 @defgroup cc_utils_key_defs CryptoCell utility general key definitions 959 @brief Contains KDF API definitions. 960 @{ 961 @ingroup cc_utils_key_derivation 962 @} 963 */ 964 965 /*! 966 @defgroup cc_utils_key_derivation CryptoCell utility key-derivation APIs 967 @brief Contains the CryptoCell utility key-derivation function API. 968 969 @{ 970 @ingroup cc_utils 971 @} 972 */ 973 974 /*! 975 @defgroup cc_utils_errors Specific errors of the CryptoCell utility module APIs 976 @brief Contains utility API error definitions. 977 978 @{ 979 @ingroup cc_utils 980 @} 981 */ 982 983
