diff options
author | Rob Austein <sra@hactrn.net> | 2015-09-06 13:46:41 -0400 |
---|---|---|
committer | Rob Austein <sra@hactrn.net> | 2015-09-06 13:46:41 -0400 |
commit | 12fd92723d71325b74a6c94eee4ca504773ad9da (patch) | |
tree | 9babd4f2fe503493be80ca1ec477cbe208bad952 | |
parent | 89cf9108af7ec93471f76510663ca1218133c6a2 (diff) |
Add ECPoint I/O functions. ASN.1 cleanup.
-rw-r--r-- | asn1.c | 24 | ||||
-rw-r--r-- | csprng.c | 50 | ||||
-rw-r--r-- | ecdsa.c | 196 | ||||
-rw-r--r-- | hal.h | 20 | ||||
-rw-r--r-- | hal_io_eim.c | 6 | ||||
-rw-r--r-- | hal_io_i2c.c | 6 | ||||
-rw-r--r-- | hash.c | 52 | ||||
-rw-r--r-- | novena-eim.c | 16 | ||||
-rw-r--r-- | rsa.c | 8 |
9 files changed, 254 insertions, 124 deletions
@@ -58,8 +58,18 @@ #include "asn1_internal.h" /* - * Encode tag and length fields of an ASN.1 object. If der is NULL, - * just return the size that would be encoded. + * Encode tag and length fields of an ASN.1 object. + * + * Sets *der_len to the size of of the ASN.1 header (tag and length + * fields); caller supplied length of value field, so presumably + * already knows it. + * + * If der is NULL, just return the size of the header that would be + * encoded and returns HAL_OK. + * + * If der isn't NULL, returns HAL_ERROR_RESULT_TOO_LONG unless full + * header plus value will fit; this is a bit weird, but is useful when + * using this to construct encoders for complte ASN.1 objects. */ hal_error_t hal_asn1_encode_header(const uint8_t tag, @@ -126,17 +136,15 @@ hal_error_t hal_asn1_encode_integer(const fp_int * const bn, hal_error_t err; size_t hlen; - if ((err = hal_asn1_encode_header(ASN1_INTEGER, vlen, der, &hlen, der_max)) != HAL_OK) - return err; + err = hal_asn1_encode_header(ASN1_INTEGER, vlen, der, &hlen, der_max); if (der_len != NULL) *der_len = hlen + vlen; - if (der == NULL) - return HAL_OK; + if (der == NULL || err != HAL_OK) + return err; - if (hlen + vlen > der_max) - return HAL_ERROR_RESULT_TOO_LONG; + assert(hlen + vlen <= der_max); der += hlen; if (leading_zero) @@ -1,34 +1,34 @@ -/* +/* * csprng.c * -------- * HAL interface to Cryptech CSPRNG. - * + * * Authors: Joachim Strömbergson, Paul Selkirk, Rob Austein * Copyright (c) 2014-2015, SUNET - * - * Redistribution and use in source and binary forms, with or - * without modification, are permitted provided that the following - * conditions are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ @@ -250,7 +250,7 @@ static inline void ff_add(const ecdsa_curve_t * const curve, } static inline void ff_sub(const ecdsa_curve_t * const curve, - const fp_int * const a, + const fp_int * const a, const fp_int * const b, fp_int *c) { @@ -408,7 +408,7 @@ static inline void point_add(const ec_point_t * const P, if (fp_cmp(unconst_fp_int(P->y), unconst_fp_int(Q->y)) == FP_EQ) return point_double(P, R, curve); - + fp_int Qy_neg[1]; fp_sub(unconst_fp_int(curve->q), unconst_fp_int(Q->y), Qy_neg); const int zero_sum = fp_cmp(unconst_fp_int(P->y), Qy_neg) == FP_EQ; @@ -717,7 +717,7 @@ static int point_is_on_curve(const ec_point_t * const P, { assert(P != NULL && curve != NULL); - fp_int t1[1]; fp_init(t1); + fp_int t1[1]; fp_init(t1); fp_int t2[1]; fp_init(t2); /* @@ -909,6 +909,117 @@ hal_error_t hal_ecdsa_key_load_private(hal_ecdsa_key_t **key_, } /* + * Write public key in X9.62 ECPoint format (ASN.1 OCTET STRING, first octet is compression flag). + */ + +hal_error_t hal_ecdsa_key_to_ecpoint(const hal_ecdsa_key_t * const key, + uint8_t *der, size_t *der_len, const size_t der_max) +{ + if (key == NULL) + return HAL_ERROR_BAD_ARGUMENTS; + + const ecdsa_curve_t * const curve = get_curve(key->curve); + if (curve == NULL) + return HAL_ERROR_IMPOSSIBLE; + + const size_t q_len = fp_unsigned_bin_size(unconst_fp_int(curve->q)); + const size_t Qx_len = fp_unsigned_bin_size(unconst_fp_int(key->Q->x)); + const size_t Qy_len = fp_unsigned_bin_size(unconst_fp_int(key->Q->y)); + assert(q_len >= Qx_len && q_len >= Qy_len); + + const size_t vlen = q_len * 2 + 1; + size_t hlen; + + hal_error_t err = hal_asn1_encode_header(ASN1_OCTET_STRING, vlen, der, &hlen, der_max); + + if (der_len != NULL) + *der_len = hlen + vlen; + + if (der == NULL || err != HAL_OK) + return err; + + assert(hlen + vlen <= der_max); + + uint8_t *d = der + hlen; + memset(d, 0, vlen); + + *d++ = 0x04; /* uncompressed */ + + fp_to_unsigned_bin(unconst_fp_int(key->Q->x), d + q_len - Qx_len); + d += q_len; + + fp_to_unsigned_bin(unconst_fp_int(key->Q->y), d + q_len - Qy_len); + d += q_len; + + assert(d <= der + der_max); + + return HAL_OK; +} + +/* + * Convenience wrapper to return how many bytes a key would take if + * encoded as an ECPoint. + */ + +size_t hal_ecdsa_key_to_ecpoint_len(const hal_ecdsa_key_t * const key) +{ + size_t len; + return hal_ecdsa_key_to_ecpoint(key, NULL, &len, 0) == HAL_OK ? len : 0; +} + +/* + * Read public key in X9.62 ECPoint format (ASN.1 OCTET STRING, first octet is compression flag). + * ECPoint format doesn't include a curve identifier, so caller has to supply one. + */ + +hal_error_t hal_ecdsa_key_from_ecpoint(hal_ecdsa_key_t **key_, + void *keybuf, const size_t keybuf_len, + const uint8_t * const der, const size_t der_len, + const hal_ecdsa_curve_t curve) +{ + hal_ecdsa_key_t *key = keybuf; + + if (key_ == NULL || key == NULL || keybuf_len < sizeof(*key) || get_curve(curve) == NULL) + return HAL_ERROR_BAD_ARGUMENTS; + + memset(keybuf, 0, keybuf_len); + key->type = HAL_ECDSA_PUBLIC; + key->curve = curve; + + size_t hlen, vlen; + hal_error_t err; + + if ((err = hal_asn1_decode_header(ASN1_OCTET_STRING, der, der_len, &hlen, &vlen)) != HAL_OK) + return err; + + const uint8_t * const der_end = der + hlen + vlen; + const uint8_t *d = der + hlen; + + if (vlen < 3 || (vlen & 1) == 0 || *d++ != 0x04) + lose(HAL_ERROR_ASN1_PARSE_FAILED); + + vlen = vlen/2 - 1; + + fp_read_unsigned_bin(key->Q->x, unconst_uint8_t(d), vlen); + d += vlen; + + fp_read_unsigned_bin(key->Q->y, unconst_uint8_t(d), vlen); + d += vlen; + + fp_set(key->Q->z, 1); + + if (d != der_end) + lose(HAL_ERROR_ASN1_PARSE_FAILED); + + *key_ = key; + return HAL_OK; + + fail: + memset(keybuf, 0, keybuf_len); + return err; +} + +/* * Write private key in RFC 5915 ASN.1 DER format. * * This is hand-coded, and is approaching the limit where one should @@ -945,20 +1056,19 @@ hal_error_t hal_ecdsa_key_to_der(const hal_ecdsa_key_t * const key, (err = hal_asn1_encode_header(ASN1_BIT_STRING, (q_len + 1) * 2, NULL, &hlen_bit, 0)) != HAL_OK || (err = hal_asn1_encode_header(ASN1_EXPLICIT_1, hlen_bit + (q_len + 1) * 2, NULL, &hlen_exp1, 0)) != HAL_OK) return err; - + const size_t vlen = (version_len + hlen_oct + q_len + hlen_oid + hlen_exp0 + curve->oid_len + hlen_bit + hlen_exp1 + (q_len + 1) * 2); - if ((err = hal_asn1_encode_header(ASN1_SEQUENCE, vlen, der, &hlen, der_max)) != HAL_OK) - return err; + err = hal_asn1_encode_header(ASN1_SEQUENCE, vlen, der, &hlen, der_max); if (der_len != NULL) *der_len = hlen + vlen; - if (der == NULL) - return HAL_OK; + if (der == NULL || err != HAL_OK) + return err; uint8_t *d = der + hlen; memset(d, 0, vlen); @@ -1067,7 +1177,7 @@ hal_error_t hal_ecdsa_key_from_der(hal_ecdsa_key_t **key_, if (curve == NULL) lose(HAL_ERROR_ASN1_PARSE_FAILED); d += vlen; - + if ((err = hal_asn1_decode_header(ASN1_EXPLICIT_1, d, der_end - d, &hlen, &vlen)) != HAL_OK) return err; d += hlen; @@ -1102,15 +1212,12 @@ hal_error_t hal_ecdsa_key_from_der(hal_ecdsa_key_t **key_, * to the byte length of the order of the base point. */ -hal_error_t encode_signature_pkcs11(const ecdsa_curve_t * const curve, - const fp_int * const r, const fp_int * const s, - uint8_t *signature, size_t *signature_len, const size_t signature_max) +static hal_error_t encode_signature_pkcs11(const ecdsa_curve_t * const curve, + const fp_int * const r, const fp_int * const s, + uint8_t *signature, size_t *signature_len, const size_t signature_max) { assert(curve != NULL && r != NULL && s != NULL); - if (signature == NULL || signature_len == NULL) - return HAL_ERROR_BAD_ARGUMENTS; - const size_t n_len = fp_unsigned_bin_size(unconst_fp_int(curve->n)); const size_t r_len = fp_unsigned_bin_size(unconst_fp_int(r)); const size_t s_len = fp_unsigned_bin_size(unconst_fp_int(s)); @@ -1118,13 +1225,18 @@ hal_error_t encode_signature_pkcs11(const ecdsa_curve_t * const curve, if (n_len < r_len || n_len < s_len) return HAL_ERROR_IMPOSSIBLE; + if (signature_len != NULL) + *signature_len = n_len * 2; + + if (signature == NULL) + return HAL_OK; + if (signature_max < n_len * 2) return HAL_ERROR_RESULT_TOO_LONG; memset(signature, 0, n_len * 2); fp_to_unsigned_bin(unconst_fp_int(r), signature + 1 * n_len - r_len); fp_to_unsigned_bin(unconst_fp_int(s), signature + 2 * n_len - s_len); - *signature_len = n_len * 2; return HAL_OK; } @@ -1135,9 +1247,9 @@ hal_error_t encode_signature_pkcs11(const ecdsa_curve_t * const curve, * the octet string (which must therefore be of even length). */ -hal_error_t decode_signature_pkcs11(const ecdsa_curve_t * const curve, - fp_int *r, fp_int *s, - const uint8_t * const signature, const size_t signature_len) +static hal_error_t decode_signature_pkcs11(const ecdsa_curve_t * const curve, + fp_int *r, fp_int *s, + const uint8_t * const signature, const size_t signature_len) { assert(curve != NULL && r != NULL && s != NULL); @@ -1159,46 +1271,46 @@ hal_error_t decode_signature_pkcs11(const ecdsa_curve_t * const curve, * Encode a signature in ASN.1 format SEQUENCE { INTEGER r, INTEGER s }. */ -hal_error_t encode_signature_asn1(const ecdsa_curve_t * const curve, - const fp_int * const r, const fp_int * const s, - uint8_t *signature, size_t *signature_len, const size_t signature_max) +static hal_error_t encode_signature_asn1(const ecdsa_curve_t * const curve, + const fp_int * const r, const fp_int * const s, + uint8_t *signature, size_t *signature_len, const size_t signature_max) { assert(curve != NULL && r != NULL && s != NULL); - if (signature == NULL || signature_len == NULL) - return HAL_ERROR_BAD_ARGUMENTS; - - hal_error_t err = HAL_ERROR_IMPOSSIBLE; - size_t r_len, s_len; + size_t hlen, r_len, s_len; + hal_error_t err; if ((err = hal_asn1_encode_integer(r, NULL, &r_len, 0)) != HAL_OK || - (err = hal_asn1_encode_integer(s, NULL, &s_len, 0)) != HAL_OK || - (err = hal_asn1_encode_header(ASN1_SEQUENCE, r_len + s_len, - signature, signature_len, signature_max)) != HAL_OK) - goto fail; + (err = hal_asn1_encode_integer(s, NULL, &s_len, 0)) != HAL_OK) + return err; + + const size_t vlen = r_len + s_len; + + err = hal_asn1_encode_header(ASN1_SEQUENCE, vlen, signature, &hlen, signature_max); + + if (signature_len != NULL) + *signature_len = hlen + vlen; + + if (signature == NULL || err != HAL_OK) + return err; - uint8_t * const r_out = signature + *signature_len; + uint8_t * const r_out = signature + hlen; uint8_t * const s_out = r_out + r_len; - *signature_len += r_len + s_len; - assert(*signature_len <= signature_max); if ((err = hal_asn1_encode_integer(r, r_out, NULL, signature_max - (r_out - signature))) != HAL_OK || (err = hal_asn1_encode_integer(s, s_out, NULL, signature_max - (s_out - signature))) != HAL_OK) - goto fail; - - err = HAL_OK; + return err; - fail: - return err; + return HAL_OK; } /* * Decode a signature from ASN.1 format SEQUENCE { INTEGER r, INTEGER s }. */ -hal_error_t decode_signature_asn1(const ecdsa_curve_t * const curve, - fp_int *r, fp_int *s, - const uint8_t * const signature, const size_t signature_len) +static hal_error_t decode_signature_asn1(const ecdsa_curve_t * const curve, + fp_int *r, fp_int *s, + const uint8_t * const signature, const size_t signature_len) { assert(curve != NULL && r != NULL && s != NULL); @@ -39,23 +39,23 @@ * 3 bits segment selector | up to 8 segments * 5 bits core selector | up to 32 cores/segment (see note below) * 8 bits register selector | up to 256 registers/core (see modexp below) - * + * * i.e, the address is structured as: * sss ccccc rrrrrrrr - * + * * The I2C and UART communication channels use this 16-bit address format * directly in their read and write commands. - * + * * The EIM communications channel translates this 16-bit address into a * 32-bit memory-mapped address in the range 0x08000000..807FFFF: * 00001000000000 sss 0 ccccc rrrrrrrr 00 - * + * * EIM, as implemented on the Novena, uses a 19-bit address space: * Bits 18..16 are the semgent selector. * Bits 15..10 are the core selector. * Bits 9..2 are the register selector. * Bits 1..0 are zero, because reads and writes are always word aligned. - * + * * Note that EIM can support 64 cores per segment, but we sacrifice one bit * in order to map it into a 16-bit address space. */ @@ -733,6 +733,16 @@ extern hal_error_t hal_ecdsa_key_from_der(hal_ecdsa_key_t **key, void *keybuf, const size_t keybuf_len, const uint8_t * const der, const size_t der_len); +extern hal_error_t hal_ecdsa_key_to_ecpoint(const hal_ecdsa_key_t * const key, + uint8_t *der, size_t *der_len, const size_t der_max); + +extern size_t hal_ecdsa_key_to_ecpoint_len(const hal_ecdsa_key_t * const key); + +extern hal_error_t hal_ecdsa_key_from_ecpoint(hal_ecdsa_key_t **key, + void *keybuf, const size_t keybuf_len, + const uint8_t * const der, const size_t der_len, + const hal_ecdsa_curve_t curve); + extern hal_error_t hal_ecdsa_sign(const hal_ecdsa_key_t * const key, const uint8_t * const hash, const size_t hash_len, uint8_t *signature, size_t *signature_len, const size_t signature_max, diff --git a/hal_io_eim.c b/hal_io_eim.c index bdc3171..3687b95 100644 --- a/hal_io_eim.c +++ b/hal_io_eim.c @@ -1,11 +1,11 @@ -/* +/* * hal_io_eim.c * ------------ * This module contains common code to talk to the FPGA over the EIM bus. - * + * * Author: Paul Selkirk * Copyright (c) 2014-2015, NORDUnet A/S All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are * met: diff --git a/hal_io_i2c.c b/hal_io_i2c.c index c98ea7d..9788232 100644 --- a/hal_io_i2c.c +++ b/hal_io_i2c.c @@ -1,11 +1,11 @@ -/* +/* * hal_io_i2c.c * ------------ * This module contains common code to talk to the FPGA over the I2C bus. - * + * * Author: Paul Selkirk * Copyright (c) 2014-2015, NORDUnet A/S All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are * met: @@ -1,34 +1,34 @@ -/* +/* * hashes.c * -------- * HAL interface to Cryptech hash cores. - * + * * Authors: Joachim Strömbergson, Paul Selkirk, Rob Austein * Copyright (c) 2014-2015, SUNET - * - * Redistribution and use in source and binary forms, with or - * without modification, are permitted provided that the following - * conditions are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ @@ -306,7 +306,7 @@ static hal_error_t hash_write_block(hal_hash_state_t * const state) return err; ctrl_cmd[0] = ctrl_cmd[1] = ctrl_cmd[2] = 0; - ctrl_cmd[3] = state->block_count == 0 ? CTRL_INIT : CTRL_NEXT; + ctrl_cmd[3] = state->block_count == 0 ? CTRL_INIT : CTRL_NEXT; ctrl_cmd[3] |= state->driver->ctrl_mode; /* diff --git a/novena-eim.c b/novena-eim.c index c8c47ad..b55b01c 100644 --- a/novena-eim.c +++ b/novena-eim.c @@ -1,12 +1,12 @@ -/* +/* * novena-eim.c * ------------ * This module contains the userland magic to set up and use the EIM bus. * - * + * * Author: Pavel Shatov * Copyright (c) 2014-2015, NORDUnet A/S All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are * met: @@ -118,9 +118,9 @@ enum IMX6DQ_REGISTER_OFFSET IOMUXC_SW_PAD_CTL_PAD_EIM_AD15 = 0x020E0464, IOMUXC_SW_PAD_CTL_PAD_EIM_WAIT_B = 0x020E0468, IOMUXC_SW_PAD_CTL_PAD_EIM_BCLK = 0x020E046C, - + CCM_CCGR6 = 0x020C4080, - + EIM_CS0GCR1 = 0x021B8000, EIM_CS0GCR2 = 0x021B8004, EIM_CS0RCR1 = 0x021B8008, @@ -166,17 +166,17 @@ struct CCM_CCGR6 unsigned int cg1_usdhc1 : 2; unsigned int cg2_usdhc2 : 2; unsigned int cg3_usdhc3 : 2; - + unsigned int cg3_usdhc4 : 2; unsigned int cg5_eim_slow : 2; unsigned int cg6_vdoaxiclk : 2; unsigned int cg7_vpu : 2; - + unsigned int cg8_reserved : 2; unsigned int cg9_reserved : 2; unsigned int cg10_reserved : 2; unsigned int cg11_reserved : 2; - + unsigned int cg12_reserved : 2; unsigned int cg13_reserved : 2; unsigned int cg14_reserved : 2; @@ -9,7 +9,7 @@ * (but no simpler). * * Much of the code in this module is based, at least loosely, on Tom - * St Denis's libtomcrypt code. + * St Denis's libtomcrypt code. * * Authors: Rob Austein * Copyright (c) 2015, SUNET @@ -394,7 +394,7 @@ hal_error_t hal_rsa_decrypt(const hal_rsa_key_t * const key, err = modexp(&i, &key->d, &key->n, &o); else err = rsa_crt(key, &i, &o); - + if (err != HAL_OK || (err = unpack_fp(&o, output, output_len)) != HAL_OK) goto fail; @@ -549,7 +549,7 @@ hal_error_t hal_rsa_key_get_public_exponent(const hal_rsa_key_t * const key, /* * Generate a prime factor for an RSA keypair. - * + * * Get random bytes, munge a few bits, and stuff into a bignum. Keep * doing this until we find a result that's (probably) prime and for * which result - 1 is relatively prime with respect to e. @@ -695,7 +695,7 @@ hal_error_t hal_rsa_key_to_der(const hal_rsa_key_t * const key, */ der += hlen; - + #define _(x) { size_t i; if ((err = hal_asn1_encode_integer(x, der, &i, vlen)) != HAL_OK) return err; der += i; vlen -= i; } RSAPrivateKey_fields; #undef _ |