1 /*
2  *  Copyright Nordic Semiconductor ASA
3  *  SPDX-License-Identifier: Apache-2.0
4  *
5  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
6  *  not use this file except in compliance with the License.
7  *  You may obtain a copy of the License at
8  *
9  *  http://www.apache.org/licenses/LICENSE-2.0
10  *
11  *  Unless required by applicable law or agreed to in writing, software
12  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
13  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  *  See the License for the specific language governing permissions and
15  *  limitations under the License.
16  */
17 
18 #include "cc310_glue.h"
19 
cc310_init(void)20 int cc310_init(void)
21 {
22     /* Only initialize once */
23     static bool initialized;
24 
25     if (!initialized) {
26         nrf_cc310_enable();
27         if (nrf_cc310_bl_init() != 0) {
28             return -1;
29         }
30         initialized = true;
31         nrf_cc310_disable();
32     }
33 
34     return 0;
35 }
36 
cc310_sha256_update(nrf_cc310_bl_hash_context_sha256_t * ctx,const void * data,uint32_t data_len)37 void cc310_sha256_update(nrf_cc310_bl_hash_context_sha256_t *ctx,
38                          const void *data,
39                          uint32_t data_len)
40 {
41     /*
42      * NRF Cryptocell can only read from RAM this allocates a buffer on the stack
43      * if the data provided is not located in RAM.
44      */
45 
46     if ((uint32_t) data < CONFIG_SRAM_BASE_ADDRESS) {
47         uint8_t stack_buffer[data_len];
48         uint32_t block_len = data_len;
49         memcpy(stack_buffer, data, block_len);
50         nrf_cc310_bl_hash_sha256_update(ctx, stack_buffer, block_len);
51     } else {
52         nrf_cc310_bl_hash_sha256_update(ctx, data, data_len);
53     }
54 };
55 
cc310_ecdsa_verify_secp256r1(uint8_t * hash,uint8_t * public_key,uint8_t * signature,size_t hash_len)56 int cc310_ecdsa_verify_secp256r1(uint8_t *hash,
57                                  uint8_t *public_key,
58                                  uint8_t *signature,
59                                  size_t hash_len)
60 {
61         int rc;
62         nrf_cc310_bl_ecdsa_verify_context_secp256r1_t ctx;
63         cc310_init();
64         nrf_cc310_enable();
65         rc = nrf_cc310_bl_ecdsa_verify_secp256r1(&ctx,
66                                                  (nrf_cc310_bl_ecc_public_key_secp256r1_t *) public_key,
67                                                  (nrf_cc310_bl_ecc_signature_secp256r1_t  *) signature,
68                                                  hash,
69                                                  hash_len);
70         nrf_cc310_disable();
71         return rc;
72 }
73 
74