Adding ECC_DH, ECC_DSA, ECC_UTILS, and CMAC test cases. Adjusting nam…

…espacing to clarify when TC_ is for TinyCrypt vs Test Case. Signed-off-by: Constanza Heath <[email protected]>
intel · Apr 19, 2016 · 297706a · 297706a
1 parent c450df3
commit 297706a
Show file tree

Hide file tree

Showing 42 changed files with 2,575 additions and 457 deletions.
diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-0.3.0
+2.0.0
diff --git a/documentation/tinycrypt.rst b/documentation/tinycrypt.rst
@@ -1,4 +1,3 @@
-.. _crypto:
 
 TinyCrypt Cryptographic Library
 ###############################

diff --git a/lib/Makefile b/lib/Makefile
@@ -9,39 +9,41 @@
 include ../config.mk
 
 # Edit the OBJS content to add/remove primitives needed from TinyCrypt library:
-OBJS =	utils.o \
-	aes_decrypt.o \
+OBJS =	aes_decrypt.o \
 	aes_encrypt.o \
 	cbc_mode.o \
 	ctr_mode.o \
 	ctr_prng.o \
-	ccm_mode.o \
-	cmac_mode.o \
 	hmac.o \
 	hmac_prng.o \
 	sha256.o \
 	ecc.o \
 	ecc_dh.o \
-	ecc_dsa.o 
+	ecc_dsa.o \
+	ccm_mode.o \
+	cmac_mode.o \
+	utils.o
 
 all:	$(OBJS)
 
+.PHONY: clean
+
 clean:
-	$(RM) *.o *.gch core *dump *~
+	-$(RM) *.exe *.o *~
 
 # Dependencies
-aes_decrypt.o:		aes_decrypt.c aes.h utils.o 
-aes_encrypt.o:		aes_encrypt.c aes.h utils.o
-cbc_mode.o:		cbc_mode.c cbc_mode.h utils.o
-ctr_mode.o:	        ctr_mode.c ctr_mode.h utils.o
-ctr_prng.o:		ctr_prng.c ctr_prng.h
-ccm_mode.o:	        ccm_mode.c ccm_mode.h utils.o
-cmac_mode.o:	        ccm_mode.c ccm_mode.h utils.o
-hmac.o:		        hmac.c hmac.h utils.o
-hmac_prng.o:	        hmac_prng.c hmac_prng.h utils.o
-sha256.o:	        sha256.c sha256.h utils.o
-ecc_dh.o:		ecc_dh.c ecc_dh.h ecc.o
-ecc_dsa.o:		ecc_dsa.c ecc_dsa.h ecc.o
-ecc.o:			ecc.c ecc.h
-utils.o:		utils.c utils.h
+aes_decrypt.o:		aes.h constants.h utils.h
+aes_encrypt.o:		aes.h constants.h utils.h
+cbc_mode.o:			cbc_mode.h constants.h utils.h
+ctr_mode.o:			ctr_mode.h constants.h utils.h
+ctr_prng.o:		    ctr_prng.h constants.h utils.h
+ccm_mode.o:			ccm_mode.h constants.h utils.h
+cmac_mode.o:		cmac_mode.h aes.h constants.h utils.h
+hmac.o:				hmac.h constants.h utils.h
+hmac_prng.o:		hmac_prng.h constants.h utils.h
+sha256.o:			sha256.h constants.h utils.h
+ecc.o:				ecc.h
+ecc_dh.o:			ecc_dh.h
+ecc_dsa.o:			ecc_dsa.h
+utils.o:			utils.h
 
diff --git a/lib/include/tinycrypt/aes.h b/lib/include/tinycrypt/aes.h
@@ -69,8 +69,8 @@ typedef struct tc_aes_key_sched_struct *TCAesKeySched_t;
 /**
  *  @brief Set AES-128 encryption key
  *  Uses key k to initialize s
- *  @return  returns TC_SUCCESS (1)
- *           returns TC_FAIL (0) if: s == NULL or k == NULL
+ *  @return  returns TC_CRYPTO_SUCCESS (1)
+ *           returns TC_CRYPTO_FAIL (0) if: s == NULL or k == NULL
  *  @note       This implementation skips the additional steps required for keys
  *              larger than 128 bits, and must not be used for AES-192 or
  *              AES-256 key schedule -- see FIPS 197 for details
@@ -85,8 +85,8 @@ int32_t tc_aes128_set_encrypt_key(TCAesKeySched_t s, const uint8_t *k);
  *              schedule s
  *  @note Assumes s was initialized by aes_set_encrypt_key;
  *              out and in point to 16 byte buffers
- *  @return  returns TC_SUCCESS (1)
- *           returns TC_FAIL (0) if: out == NULL or in == NULL or s == NULL
+ *  @return  returns TC_CRYPTO_SUCCESS (1)
+ *           returns TC_CRYPTO_FAIL (0) if: out == NULL or in == NULL or s == NULL
  *  @param out IN/OUT -- buffer to receive ciphertext block
  *  @param in IN -- a plaintext block to encrypt
  *  @param s IN -- initialized AES key schedule
@@ -98,8 +98,8 @@ int32_t tc_aes_encrypt(uint8_t *out,
 /**
  *  @brief Set the AES-128 decryption key
  *  Uses key k to initialize s
- *  @return returns TC_SUCCESS (1)
- *          returns TC_FAIL (0) if: s == NULL or k == NULL
+ *  @return returns TC_CRYPTO_SUCCESS (1)
+ *          returns TC_CRYPTO_FAIL (0) if: s == NULL or k == NULL
  *  @note       This is the implementation of the straightforward inverse cipher
  *              using the cipher documented in FIPS-197 figure 12, not the
  *              equivalent inverse cipher presented in Figure 15
@@ -114,8 +114,8 @@ int32_t tc_aes128_set_decrypt_key(TCAesKeySched_t s, const uint8_t *k);
 /**
  *  @brief AES-128 Encryption procedure
  *  Decrypts in buffer into out buffer under key schedule s
- *  @return returns TC_SUCCESS (1)
- *          returns TC_FAIL (0) if: out is NULL or in is NULL or s is NULL
+ *  @return returns TC_CRYPTO_SUCCESS (1)
+ *          returns TC_CRYPTO_FAIL (0) if: out is NULL or in is NULL or s is NULL
  *  @note   Assumes s was initialized by aes_set_encrypt_key
  *          out and in point to 16 byte buffers
  *  @param out IN/OUT -- buffer to receive ciphertext block

diff --git a/lib/include/tinycrypt/cbc_mode.h b/lib/include/tinycrypt/cbc_mode.h
@@ -84,8 +84,8 @@ extern "C" {
  *  @brief CBC encryption procedure
  *  CBC encrypts inlen bytes of the in buffer into the out buffer
  *  using the encryption key schedule provided, prepends iv to out
- *  @return returns TC_SUCCESS (1)
- *          returns TC_FAIL (0) if:
+ *  @return returns TC_CRYPTO_SUCCESS (1)
+ *          returns TC_CRYPTO_FAIL (0) if:
  *                out == NULL or
  *                in == NULL or
  *                ctr == NULL or
@@ -115,8 +115,8 @@ int32_t tc_cbc_mode_encrypt(uint8_t *out, uint32_t outlen, const uint8_t *in,
  * @brief CBC decryption procedure
  * CBC decrypts inlen bytes of the in buffer into the out buffer
  * using the provided encryption key schedule
- * @return returns TC_SUCCESS (1)
- *         returns TC_FAIL (0) if:
+ * @return returns TC_CRYPTO_SUCCESS (1)
+ *         returns TC_CRYPTO_FAIL (0) if:
  *                out == NULL or
  *                in == NULL or
  *                sched == NULL or

diff --git a/lib/include/tinycrypt/ccm_mode.h b/lib/include/tinycrypt/ccm_mode.h
@@ -96,8 +96,8 @@ typedef struct tc_ccm_mode_struct {
 
 /**
  * @brief CCM configuration procedure
- * @return returns TC_SUCCESS (1)
- *          returns TC_FAIL (0) if:
+ * @return returns TC_CRYPTO_SUCCESS (1)
+ *          returns TC_CRYPTO_FAIL (0) if:
  *                c == NULL or
  *                sched == NULL or
  *                nonce == NULL or
@@ -113,8 +113,8 @@ int32_t tc_ccm_config(TCCcmMode_t c, TCAesKeySched_t sched, uint8_t *nonce,
 
 /**
  * @brief CCM tag generation and encryption procedure
- * @return returns TC_SUCCESS (1)
- *         returns TC_FAIL (0) if:
+ * @return returns TC_CRYPTO_SUCCESS (1)
+ *         returns TC_CRYPTO_FAIL (0) if:
  *                out == NULL or
  *                c == NULL or
  *                ((plen > 0) and (payload == NULL)) or
@@ -155,8 +155,8 @@ int32_t tc_ccm_generation_encryption(uint8_t *out, const uint8_t *associated_dat
 
 /**
  * @brief CCM decryption and tag verification procedure
- * @return returns TC_SUCCESS (1)
- *         returns TC_FAIL (0) if:
+ * @return returns TC_CRYPTO_SUCCESS (1)
+ *         returns TC_CRYPTO_FAIL (0) if:
  *                out == NULL or
  *                c == NULL or
  *                ((plen > 0) and (payload == NULL)) or

diff --git a/lib/include/tinycrypt/cmac_mode.h b/lib/include/tinycrypt/cmac_mode.h
@@ -130,8 +130,8 @@ typedef struct tc_cmac_struct {
 
 /**
  * @brief Configures the CMAC state to use the given AES key
- * @return returns TC_SUCCESS (1) after having configured the CMAC state
- *         returns TC_FAIL (0) if:
+ * @return returns TC_CRYPTO_SUCCESS (1) after having configured the CMAC state
+ *         returns TC_CRYPTO_FAIL (0) if:
  *              s == NULL or
  *              key == NULL
  *
@@ -144,8 +144,8 @@ int32_t tc_cmac_setup(TCCmacState_t s, const uint8_t *key,
 
 /**
  * @brief Erases the CMAC state
- * @return returns TC_SUCCESS (1) after having configured the CMAC state
- *         returns TC_FAIL (0) if:
+ * @return returns TC_CRYPTO_SUCCESS (1) after having configured the CMAC state
+ *         returns TC_CRYPTO_FAIL (0) if:
  *              s == NULL
  *
  * @param s IN/OUT -- the state to erase
@@ -154,8 +154,8 @@ int32_t tc_cmac_erase(TCCmacState_t s);
 
 /**
  * @brief Initializes a new CMAC computation
- * @return returns TC_SUCCESS (1) after having initialized the CMAC state
- *         returns TC_FAIL (0) if:
+ * @return returns TC_CRYPTO_SUCCESS (1) after having initialized the CMAC state
+ *         returns TC_CRYPTO_FAIL (0) if:
  *              s == NULL
  *
  * @param s IN/OUT -- the state to initialize
@@ -164,8 +164,8 @@ int32_t tc_cmac_init(TCCmacState_t s);
 
 /**
  * @brief Incrementally computes CMAC over the next data segment
- * @return returns TC_SUCCESS (1) after successfully updating the CMAC state
- *         returns TC_FAIL (0) if:
+ * @return returns TC_CRYPTO_SUCCESS (1) after successfully updating the CMAC state
+ *         returns TC_CRYPTO_FAIL (0) if:
  *              s == NULL or
  *              if data == NULL when dlen > 0
  *
@@ -177,8 +177,8 @@ int32_t tc_cmac_update(TCCmacState_t s, const uint8_t *data, size_t dlen);
 
 /**
  * @brief Generates the tag from the CMAC state
- * @return returns TC_SUCCESS (1) after successfully generating the tag
- *         returns TC_FAIL (0) if:
+ * @return returns TC_CRYPTO_SUCCESS (1) after successfully generating the tag
+ *         returns TC_CRYPTO_FAIL (0) if:
  *              tag == NULL or
  *              s == NULL
  *

diff --git a/lib/include/tinycrypt/ctr_mode.h b/lib/include/tinycrypt/ctr_mode.h
@@ -77,8 +77,8 @@ extern "C" {
 /**
  *  @brief CTR mode encryption/decryption procedure.
  *  CTR mode encrypts (or decrypts) inlen bytes from in buffer into out buffer
- *  @return returns TC_SUCCESS (1)
- *          returns TC_FAIL (0) if:
+ *  @return returns TC_CRYPTO_SUCCESS (1)
+ *          returns TC_CRYPTO_FAIL (0) if:
  *                out == NULL or
  *                in == NULL or
  *                ctr == NULL or

diff --git a/lib/include/tinycrypt/ctr_prng.h b/lib/include/tinycrypt/ctr_prng.h
@@ -61,6 +61,8 @@
 
 #include <tinycrypt/aes.h>
 
+#define TC_CTR_PRNG_RESEED_REQ -1
+
 #ifdef __cplusplus
 extern "C" {
 #endif
@@ -81,8 +83,8 @@ typedef struct
 /**
  *  @brief CTR-PRNG initialization procedure
  *  Initializes prng context with entropy and personalization string (if any)
- *  @return returns TC_SUCCESS (1)
- *          returns TC_FAIL (0) if:
+ *  @return returns TC_CRYPTO_SUCCESS (1)
+ *          returns TC_CRYPTO_FAIL (0) if:
  *                ctx == NULL,
  *                entropy == NULL,
  *                entropyLen < (TC_AES_KEY_SIZE + TC_AES_BLOCK_SIZE)
@@ -106,8 +108,8 @@ int32_t tc_ctr_prng_init(TCCtrPrng_t * const ctx,
 /**
  *  @brief CTR-PRNG reseed procedure
  *  Mixes entropy and additional_input into the prng context
- *  @return returns  TC_SUCCESS (1)
- *  returns TC_FAIL (0) if:
+ *  @return returns  TC_CRYPTO_SUCCESS (1)
+ *  returns TC_CRYPTO_FAIL (0) if:
  *          ctx == NULL,
  *          entropy == NULL,
  *          entropylen < (TC_AES_KEY_SIZE + TC_AES_BLOCK_SIZE)
@@ -131,9 +133,9 @@ int32_t tc_ctr_prng_reseed(TCCtrPrng_t * const ctx,
 /**
  *  @brief CTR-PRNG generate procedure
  *  Generates outlen pseudo-random bytes into out buffer, updates prng
- *  @return returns TC_SUCCESS (1)
- *          returns TC_RESEED_REQ (-1) if a reseed is needed
- *             returns TC_FAIL (0) if:
+ *  @return returns TC_CRYPTO_SUCCESS (1)
+ *          returns TC_CTR_PRNG_RESEED_REQ (-1) if a reseed is needed
+ *             returns TC_CRYPTO_FAIL (0) if:
  *                ctx == NULL,
  *                out == NULL,
  *                outlen >= 2^16

diff --git a/lib/include/tinycrypt/ecc.h b/lib/include/tinycrypt/ecc.h
@@ -277,8 +277,8 @@ void EccPoint_mult(EccPointJacobi *p_result, EccPoint *p_point,
 
 /*
  * @brief Convert an integer in standard octet representation to native format.
- * @return returns TC_SUCCESS (1)
- *         returns TC_FAIL (0) if:
+ * @return returns TC_CRYPTO_SUCCESS (1)
+ *         returns TC_CRYPTO_FAIL (0) if:
  *                out == NULL or
  *                c == NULL or
  *                ((plen > 0) and (payload == NULL)) or
@@ -296,8 +296,8 @@ void ecc_bytes2native(uint32_t p_native[NUM_ECC_DIGITS],
 
 /*
  * @brief Convert an integer in native format to standard octet representation.
- * @return returns TC_SUCCESS (1)
- *         returns TC_FAIL (0) if:
+ * @return returns TC_CRYPTO_SUCCESS (1)
+ *         returns TC_CRYPTO_FAIL (0) if:
  *                out == NULL or
  *                c == NULL or
  *                ((plen > 0) and (payload == NULL)) or

diff --git a/lib/include/tinycrypt/ecc_dh.h b/lib/include/tinycrypt/ecc_dh.h
@@ -80,8 +80,8 @@ extern "C" {
 
 /**
  * @brief Create a public/private key pair.
- * @return returns TC_SUCCESS (1) if the key pair was generated successfully
- *         returns TC_FAIL (0) if:
+ * @return returns TC_CRYPTO_SUCCESS (1) if the key pair was generated successfully
+ *         returns TC_CRYPTO_FAIL (0) if:
  *                the private key is 0
 
  * @param p_publicKey OUT -- the point representing the public key.
@@ -116,8 +116,8 @@ int32_t ecc_valid_public_key(EccPoint *p_publicKey);
 /**
  * @brief Compute a shared secret given your secret key and someone else's
  * public key.
- * @return returns TC_SUCCESS (1) if the shared secret was computed successfully
- *         returns TC_FAIL (0) otherwise
+ * @return returns TC_CRYPTO_SUCCESS (1) if the shared secret was computed successfully
+ *         returns TC_CRYPTO_FAIL (0) otherwise
  *
  * @param p_secret OUT -- The shared secret value.
  * @param p_publicKey IN -- The public key of the remote party.

diff --git a/lib/include/tinycrypt/ecc_dsa.h b/lib/include/tinycrypt/ecc_dsa.h
@@ -87,8 +87,8 @@ extern "C" {
 
 /**
  * @brief Generate an ECDSA signature for a given hash value.
- * @return returns TC_SUCCESS (1) if the the signature generated successfully
- *         returns TC_FAIL (0) if:
+ * @return returns TC_CRYPTO_SUCCESS (1) if the the signature generated successfully
+ *         returns TC_CRYPTO_FAIL (0) if:
  *                r == 0 or
  *                p_random == 0
  *
@@ -112,8 +112,8 @@ int32_t ecdsa_sign(uint32_t r[NUM_ECC_DIGITS], uint32_t s[NUM_ECC_DIGITS],
 
 /**
  * @brief Verify an ECDSA signature.
- * @return returns TC_SUCCESS (1) if the the signature generated successfully
- *         returns TC_FAIL (0) if:
+ * @return returns TC_CRYPTO_SUCCESS (1) if the the signature generated successfully
+ *         returns TC_CRYPTO_FAIL (0) if:
  *                r == 0 or
  *                p_random == 0
  *

diff --git a/lib/include/tinycrypt/hmac.h b/lib/include/tinycrypt/hmac.h
@@ -80,8 +80,8 @@ typedef struct tc_hmac_state_struct *TCHmacState_t;
 /**
  *  @brief HMAC set key procedure
  *  Configures ctx to use key
- *  @return returns TC_SUCCESS (1)
- *          returns TC_FAIL (0) if
+ *  @return returns TC_CRYPTO_SUCCESS (1)
+ *          returns TC_CRYPTO_FAIL (0) if
  *                ctx == NULL or
  *                key == NULL or
  *                key_size == 0
@@ -96,17 +96,17 @@ int32_t tc_hmac_set_key(TCHmacState_t ctx,
 /**
  * @brief HMAC init procedure
  * Initializes ctx to begin the next HMAC operation
- * @return returns TC_SUCCESS (1)
- *         returns TC_FAIL (0) if: ctx == NULL or key == NULL
+ * @return returns TC_CRYPTO_SUCCESS (1)
+ *         returns TC_CRYPTO_FAIL (0) if: ctx == NULL or key == NULL
  * @param ctx IN/OUT -- struct tc_hmac_state_struct buffer to init
  */
 int32_t tc_hmac_init(TCHmacState_t ctx);
 
 /**
  *  @brief HMAC update procedure
  *  Mixes data_length bytes addressed by data into state
- *  @return returns TC_SUCCCESS (1)
- *          returns TC_FAIL (0) if: ctx == NULL or key == NULL
+ *  @return returns TC_CRYPTO_SUCCCESS (1)
+ *          returns TC_CRYPTO_FAIL (0) if: ctx == NULL or key == NULL
  *  @note Assumes state has been initialized by tc_hmac_init
  *  @param ctx IN/OUT -- state of HMAC computation so far
  *  @param data IN -- data to incorporate into state
@@ -119,8 +119,8 @@ int32_t tc_hmac_update(TCHmacState_t ctx,
 /**
  *  @brief HMAC final procedure
  *  Writes the HMAC tag into the tag buffer
- *  @return returns TC_SUCCESS (1)
- *          returns TC_FAIL (0) if:
+ *  @return returns TC_CRYPTO_SUCCESS (1)
+ *          returns TC_CRYPTO_FAIL (0) if:
  *                tag == NULL or
  *                ctx == NULL or
  *                key == NULL or