初始版本

components/libraries/crypto/backend/oberon/oberon_backend_chacha_poly_aead.c

@@ -0,0 +1,153 @@
+/**
+ * Copyright (c) 2018 - 2020, Nordic Semiconductor ASA
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ *
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ *
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "sdk_common.h"
+#if NRF_MODULE_ENABLED(NRF_CRYPTO)
+
+#include <stdbool.h>
+#include "oberon_backend_chacha_poly_aead.h"
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_OBERON_CHACHA_POLY_AEAD)
+
+static ret_code_t backend_cc310_init(void * const p_context, uint8_t * p_key)
+{
+    nrf_crypto_backend_chacha_poly_context_t * p_ctx =
+        (nrf_crypto_backend_chacha_poly_context_t *)p_context;
+
+
+    if (p_ctx->header.p_info->key_size != NRF_CRYPTO_KEY_SIZE_256)
+    {
+        return NRF_ERROR_CRYPTO_KEY_SIZE;
+    }
+
+    memcpy(p_ctx->key, p_key, sizeof(p_ctx->key));
+
+    return NRF_SUCCESS;
+}
+
+static inline ret_code_t backend_cc310_uninit(void * const p_context)
+{
+    return NRF_SUCCESS;
+}
+
+static ret_code_t backend_cc310_crypt(void * const           p_context,
+                                      nrf_crypto_operation_t operation,
+                                      uint8_t *              p_nonce,
+                                      uint8_t                nonce_size,
+                                      uint8_t *              p_adata,
+                                      size_t                 adata_size,
+                                      uint8_t *              p_data_in,
+                                      size_t                 data_in_size,
+                                      uint8_t *              p_data_out,
+                                      uint8_t *              p_mac,
+                                      uint8_t                mac_size)
+
+{
+    int result;
+
+    nrf_crypto_backend_chacha_poly_context_t * p_ctx =
+        (nrf_crypto_backend_chacha_poly_context_t *)p_context;
+
+    if ((adata_size == 0) || (data_in_size == 0))
+    {
+        return NRF_ERROR_CRYPTO_INPUT_LENGTH;
+    }
+
+    if (mac_size   != NRF_CRYPTO_CHACHA_POLY_MAC_SIZE)
+    {
+        return NRF_ERROR_CRYPTO_AEAD_MAC_SIZE;
+    }
+
+    if (nonce_size != NRF_CRYPTO_CHACHA_POLY_NONCE_SIZE)
+    {
+        return NRF_ERROR_CRYPTO_AEAD_NONCE_SIZE;
+    }
+
+    if (operation == NRF_CRYPTO_ENCRYPT)
+    {
+        ocrypto_chacha20_poly1305_encrypt_aad(p_mac,
+                                              p_data_out,
+                                              p_data_in,
+                                              data_in_size,
+                                              p_adata,
+                                              adata_size,
+                                              p_nonce,
+                                              (size_t)nonce_size,
+                                              p_ctx->key);
+    }
+    else if (operation == NRF_CRYPTO_DECRYPT)
+    {
+        result = ocrypto_chacha20_poly1305_decrypt_aad(p_mac,
+                                                       p_data_out,
+                                                       p_data_in,
+                                                       data_in_size,
+                                                       p_adata,
+                                                       adata_size,
+                                                       p_nonce,
+                                                       (size_t)nonce_size,
+                                                       p_ctx->key);
+
+        if (result != 0)
+        {
+            return NRF_ERROR_CRYPTO_AEAD_INVALID_MAC;
+        }
+    }
+    else
+    {
+        return NRF_ERROR_CRYPTO_INVALID_PARAM;
+    }
+
+    return NRF_SUCCESS;
+}
+
+nrf_crypto_aead_info_t const g_nrf_crypto_chacha_poly_256_info =
+{
+    .key_size  = NRF_CRYPTO_KEY_SIZE_256,
+    .mode      = NRF_CRYPTO_AEAD_MODE_CHACHA_POLY,
+
+    .init_fn   = backend_cc310_init,
+    .uninit_fn = backend_cc310_uninit,
+    .crypt_fn  = backend_cc310_crypt
+};
+
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_CC310_CHACHA_POLY_AEAD)
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO)
+

components/libraries/crypto/backend/oberon/oberon_backend_chacha_poly_aead.h

@@ -0,0 +1,100 @@
+/**
+ * Copyright (c) 2018 - 2020, Nordic Semiconductor ASA
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ *
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ *
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef OBERON_BACKEND_CHACHA_POLY_AEAD_H__
+#define OBERON_BACKEND_CHACHA_POLY_AEAD_H__
+
+/** @file
+ *
+ * @defgroup nrf_crypto_oberon_backend_chacha_poly_aead nrf_crypto Oberon backend CHACHA_POLY AEAD
+ * @{
+ * @ingroup nrf_crypto_oberon_backend
+ *
+ * @brief AES AEAD functionality provided by the nrf_crypto Oberon backend.
+ */
+
+#include "sdk_config.h"
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON)
+
+#include "nrf_crypto_aead_shared.h"
+#include "ocrypto_chacha20_poly1305.h"
+#include "nrf_crypto_error.h"
+#include "nrf_crypto_types.h"
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define NRF_CRYPTO_OBERON_CHACHA_POLY_BACKEND_KEY_SIZE (32)
+
+/* CHACHA-POLY */
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_CHACHA_POLY)
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_CHACHA_POLY)
+#error "Duplicate definition of CHACHA-POLY mode. More than one backend enabled");
+#endif
+#define NRF_CRYPTO_CHACHA_POLY_ENABLED  1
+#undef  NRF_CRYPTO_AEAD_ENABLED
+#define NRF_CRYPTO_AEAD_ENABLED  1  // Flag that nrf_crypto_aead frontend can be compiled
+#undef  NRF_CRYPTO_OBERON_CHACHA_POLY_AEAD_ENABLED
+#define NRF_CRYPTO_OBERON_CHACHA_POLY_AEAD_ENABLED   1   // aead backend for Oberon can be compiled
+
+/* defines for test purposes */
+#define NRF_CRYPTO_AES_CHACHA_POLY_256_ENABLED  1
+
+typedef struct
+{
+    nrf_crypto_aead_internal_context_t header;  /**< Common header for context. */
+
+    uint8_t key[NRF_CRYPTO_OBERON_CHACHA_POLY_BACKEND_KEY_SIZE];
+} nrf_crypto_backend_chacha_poly_context_t;
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON)
+
+/** @} */
+
+#endif // OBERON_BACKEND_CHACHA_POLY_AEAD_H__
+

components/libraries/crypto/backend/oberon/oberon_backend_ecc.c

@@ -0,0 +1,464 @@
+/**
+ * Copyright (c) 2018 - 2020, Nordic Semiconductor ASA
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ *
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ *
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "sdk_config.h"
+#include "nordic_common.h"
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON)
+
+#include <stdbool.h>
+#include <string.h>
+#include <stddef.h>
+
+#include "app_util.h"
+#include "nrf_crypto_ecc.h"
+#include "nrf_crypto_mem.h"
+#include "nrf_crypto_rng.h"
+#include "nrf_crypto_shared.h"
+#include "oberon_backend_ecc.h"
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_SECP256R1)
+#include "ocrypto_ecdh_p256.h"
+#endif
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_CURVE25519)
+#include "ocrypto_curve25519.h"
+#endif
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_ED25519)
+#include "ocrypto_ed25519.h"
+#endif
+
+
+/** @internal @brief Structure holding private key common to all curves implemented by the Oberon.
+ */
+typedef struct
+{
+    nrf_crypto_internal_ecc_key_header_t header;  /**< @internal @brief Common ECC key header. */
+    uint8_t key[32];                              /**< @internal @brief Raw key. */
+} nrf_crypto_backend_oberon_private_key_t;
+
+
+/** @internal @brief Structure holding public key common to all curves implemented by the Oberon.
+ */
+typedef struct
+{
+    nrf_crypto_internal_ecc_key_header_t header;  /**< @internal @brief Common ECC key header. */
+    uint8_t key[64];                              /**< @internal @brief Raw key. */
+} nrf_crypto_backend_oberon_public_key_t;
+
+
+/** @internal @brief Function to hold copy function (can be simple mem copy or copy with endian swap).
+ */
+typedef void (*copy_fn_t)(void * p_dest, void const * p_src, size_t size);
+
+
+ret_code_t nrf_crypto_backend_oberon_private_key_to_raw(
+    void    const * p_private_key,
+    uint8_t       * p_raw_data)
+{
+    nrf_crypto_backend_oberon_private_key_t const * p_prv =
+        (nrf_crypto_backend_oberon_private_key_t const *)p_private_key;
+
+    //lint -save -e611 (Suspicious cast)
+    copy_fn_t copy_fn = (copy_fn_t)p_prv->header.p_info->p_backend_data;
+    //lint -restore
+
+    copy_fn(p_raw_data, p_prv->key, p_prv->header.p_info->raw_private_key_size);
+
+    return NRF_SUCCESS;
+}
+
+
+ret_code_t nrf_crypto_backend_oberon_public_key_from_raw(
+    void          * p_public_key,
+    uint8_t const * p_raw_data)
+{
+    nrf_crypto_backend_oberon_public_key_t * p_pub =
+        (nrf_crypto_backend_oberon_public_key_t *)p_public_key;
+
+    //lint -save -e611 (Suspicious cast)
+    copy_fn_t copy_fn = (copy_fn_t)p_pub->header.p_info->p_backend_data;
+    //lint -restore
+
+    copy_fn(p_pub->key, p_raw_data, p_pub->header.p_info->raw_public_key_size);
+
+    return NRF_SUCCESS;
+}
+
+
+ret_code_t nrf_crypto_backend_oberon_public_key_to_raw(
+    void const * p_public_key,
+    uint8_t    * p_raw_data)
+{
+    nrf_crypto_backend_oberon_public_key_t const * p_pub =
+        (nrf_crypto_backend_oberon_public_key_t const *)p_public_key;
+
+    //lint -save -e611 (Suspicious cast)
+    copy_fn_t copy_fn = (copy_fn_t)p_pub->header.p_info->p_backend_data;
+    //lint -restore
+
+    copy_fn(p_raw_data, p_pub->key, p_pub->header.p_info->raw_public_key_size);
+
+    return NRF_SUCCESS;
+}
+
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_SECP256R1) \
+    || NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_CURVE25519)
+
+
+ret_code_t nrf_crypto_backend_oberon_private_key_from_raw(
+    void          * p_private_key,
+    uint8_t const * p_raw_data)
+{
+    nrf_crypto_backend_oberon_private_key_t * p_prv =
+        (nrf_crypto_backend_oberon_private_key_t *)p_private_key;
+
+    //lint -save -e611 (Suspicious cast)
+    copy_fn_t copy_fn = (copy_fn_t)p_prv->header.p_info->p_backend_data;
+    //lint -restore
+
+    copy_fn(p_prv->key, p_raw_data, p_prv->header.p_info->raw_private_key_size);
+
+    return NRF_SUCCESS;
+}
+
+
+#endif //NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_SECP256R1) || NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_CURVE25519)
+
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_CURVE25519) \
+    || NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_ED25519)
+
+
+static ret_code_t oberon_vector_generate(uint8_t * p_data, size_t size)
+{
+#if defined(NRF_CRYPTO_RNG_ENABLED) && (NRF_CRYPTO_RNG_ENABLED == 1)
+
+    return nrf_crypto_rng_vector_generate(p_data, size);
+
+#elif defined(NRF_CRYPTO_RNG_ENABLED) && (NRF_CRYPTO_RNG_ENABLED == 0)
+
+    return NRF_ERROR_CRYPTO_FEATURE_UNAVAILABLE;
+
+#else
+
+    #warning NRF_CRYPTO_RNG_ENABLED define not found in sdk_config.h (Is the sdk_config.h valid?).
+
+#endif
+}
+
+
+#endif //NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_CURVE25519) || NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_ED25519)
+
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_SECP256R1)
+
+
+// Make sure that common key structure match secp256r1 key structure to safely cast types.
+STATIC_ASSERT(offsetof(nrf_crypto_backend_oberon_private_key_t, key) ==
+              offsetof(nrf_crypto_backend_secp256r1_private_key_t, key),
+              "Common Oberon private key structure does not match secp256r1 one.");
+STATIC_ASSERT(offsetof(nrf_crypto_backend_oberon_public_key_t, key) ==
+              offsetof(nrf_crypto_backend_secp256r1_public_key_t, key),
+              "Common Oberon public key structure does not match secp256r1 one.");
+
+
+ret_code_t nrf_crypto_backend_oberon_ecc_secp256r1_rng(uint8_t data[32])
+{
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_RNG)
+
+    static const uint8_t min_value[32] =
+    {
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+    };
+    static const uint8_t max_value[32] =
+    {
+        0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x50,
+    };
+    return nrf_crypto_rng_vector_generate_in_range(data, min_value, max_value, 32);
+
+#else
+    return NRF_ERROR_CRYPTO_FEATURE_UNAVAILABLE;
+#endif
+}
+
+
+ret_code_t nrf_crypto_backend_secp256r1_key_pair_generate(
+    void * p_context,
+    void * p_private_key,
+    void * p_public_key)
+{
+    int result;
+
+    nrf_crypto_backend_secp256r1_private_key_t * p_prv =
+        (nrf_crypto_backend_secp256r1_private_key_t *)p_private_key;
+
+    nrf_crypto_backend_secp256r1_public_key_t * p_pub =
+        (nrf_crypto_backend_secp256r1_public_key_t *)p_public_key;
+
+    result = nrf_crypto_backend_oberon_ecc_secp256r1_rng(p_prv->key);
+
+    if (result != NRF_SUCCESS)
+    {
+        return result;
+    }
+
+    result = ocrypto_ecdh_p256_public_key(p_pub->key, p_prv->key);
+
+    if (result != 0)
+    {
+        return NRF_ERROR_CRYPTO_INTERNAL;
+    }
+    return NRF_SUCCESS;
+}
+
+
+ret_code_t nrf_crypto_backend_secp256r1_public_key_calculate(
+    void       * p_context,
+    void const * p_private_key,
+    void       * p_public_key)
+{
+    int result;
+
+    nrf_crypto_backend_secp256r1_private_key_t const * p_prv =
+        (nrf_crypto_backend_secp256r1_private_key_t const *)p_private_key;
+
+    nrf_crypto_backend_secp256r1_public_key_t * p_pub =
+        (nrf_crypto_backend_secp256r1_public_key_t *)p_public_key;
+
+    result = ocrypto_ecdh_p256_public_key(p_pub->key, p_prv->key);
+
+    if (result != 0)
+    {
+        return NRF_ERROR_CRYPTO_INTERNAL;
+    }
+    return NRF_SUCCESS;
+}
+
+
+const nrf_crypto_ecc_curve_info_t g_nrf_crypto_ecc_secp256r1_curve_info =
+{
+    .public_key_size      = sizeof(nrf_crypto_backend_secp256r1_public_key_t),
+    .private_key_size     = sizeof(nrf_crypto_backend_secp256r1_private_key_t),
+    .curve_type           = NRF_CRYPTO_ECC_SECP256R1_CURVE_TYPE,
+    .raw_private_key_size = NRF_CRYPTO_ECC_SECP256R1_RAW_PRIVATE_KEY_SIZE,
+    .raw_public_key_size  = NRF_CRYPTO_ECC_SECP256R1_RAW_PUBLIC_KEY_SIZE,
+    //lint -save -e611 -e546 (Suspicious cast, Suspicious use of &)
+    .p_backend_data       = (void *)&memcpy,
+    //lint -restore
+};
+
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_SECP256R1)
+
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_CURVE25519)
+
+
+// Make sure that common key structure match Curve25519 key structure to safely cast types.
+STATIC_ASSERT(offsetof(nrf_crypto_backend_oberon_private_key_t, key) ==
+              offsetof(nrf_crypto_backend_curve25519_private_key_t, key),
+              "Common Oberon private key structure does not match Curve25519 one.");
+STATIC_ASSERT(offsetof(nrf_crypto_backend_oberon_public_key_t, key) ==
+              offsetof(nrf_crypto_backend_curve25519_public_key_t, key),
+              "Common Oberon public key structure does not match Curve25519 one.");
+
+
+ret_code_t nrf_crypto_backend_curve25519_key_pair_generate(
+    void * p_context,
+    void * p_private_key,
+    void * p_public_key)
+{
+    ret_code_t result;
+
+    nrf_crypto_backend_curve25519_private_key_t * p_prv =
+        (nrf_crypto_backend_curve25519_private_key_t *)p_private_key;
+
+    nrf_crypto_backend_curve25519_public_key_t * p_pub =
+        (nrf_crypto_backend_curve25519_public_key_t *)p_public_key;
+
+    result = oberon_vector_generate(p_prv->key, sizeof(p_prv->key));
+
+    if (result != NRF_SUCCESS)
+    {
+        return result;
+    }
+
+    p_prv->key[0]  &= 0xF8; // Private key is multiply of 8 (by definition), so lower 3 bits are 0.
+    p_prv->key[31] &= 0x7F; // Highest bit has to be 0, because private key is 255-bit long.
+    p_prv->key[31] |= 0x40; // Bit 254 has to be 1 (by definition)
+
+    ocrypto_curve25519_scalarmult_base(p_pub->key, p_prv->key);
+
+    return NRF_SUCCESS;
+}
+
+
+ret_code_t nrf_crypto_backend_curve25519_public_key_calculate(
+    void       * p_context,
+    void const * p_private_key,
+    void       * p_public_key)
+{
+    nrf_crypto_backend_curve25519_private_key_t * p_prv =
+        (nrf_crypto_backend_curve25519_private_key_t *)p_private_key;
+
+    nrf_crypto_backend_curve25519_public_key_t * p_pub =
+        (nrf_crypto_backend_curve25519_public_key_t *)p_public_key;
+
+    // Private key bit fixing is done inside Oberon library.
+    ocrypto_curve25519_scalarmult_base(p_pub->key, p_prv->key);
+
+    return NRF_SUCCESS;
+}
+
+
+const nrf_crypto_ecc_curve_info_t g_nrf_crypto_ecc_curve25519_curve_info =
+{
+    .public_key_size      = sizeof(nrf_crypto_backend_curve25519_public_key_t),
+    .private_key_size     = sizeof(nrf_crypto_backend_curve25519_private_key_t),
+    .curve_type           = NRF_CRYPTO_ECC_CURVE25519_CURVE_TYPE,
+    .raw_private_key_size = NRF_CRYPTO_ECC_CURVE25519_RAW_PRIVATE_KEY_SIZE,
+    .raw_public_key_size  = NRF_CRYPTO_ECC_CURVE25519_RAW_PUBLIC_KEY_SIZE,
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_CURVE25519_BIG_ENDIAN)
+    //lint -save -e611 -e546 (Suspicious cast, Suspicious use of &)
+    .p_backend_data       = (void *)&nrf_crypto_internal_swap_endian,
+    //lint -restore
+#else
+    //lint -save -e611 -e546 (Suspicious cast, Suspicious use of &)
+    .p_backend_data       = (void *)&memcpy,
+    //lint -restore
+#endif
+};
+
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_CURVE25519)
+
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_ED25519)
+
+
+// Make sure that common key structure match Ed25519 key structure to safely cast types.
+STATIC_ASSERT(offsetof(nrf_crypto_backend_oberon_private_key_t, key) ==
+              offsetof(nrf_crypto_backend_ed25519_private_key_t, private_part),
+              "Common Oberon private key structure does not match Ed25519 one.");
+STATIC_ASSERT(offsetof(nrf_crypto_backend_oberon_public_key_t, key) ==
+              offsetof(nrf_crypto_backend_ed25519_public_key_t, key),
+              "Common Oberon public key structure does not match Ed25519 one.");
+
+
+ret_code_t nrf_crypto_backend_ed25519_private_key_from_raw(
+    void          * p_private_key,
+    uint8_t const * p_raw_data)
+{
+    nrf_crypto_backend_ed25519_private_key_t * p_prv =
+        (nrf_crypto_backend_ed25519_private_key_t *)p_private_key;
+
+    memcpy(p_prv->private_part, p_raw_data, sizeof(p_prv->private_part));
+
+    ocrypto_ed25519_public_key(p_prv->public_part, p_prv->private_part);
+
+    return NRF_SUCCESS;
+}
+
+
+ret_code_t nrf_crypto_backend_ed25519_key_pair_generate(
+    void * p_context,
+    void * p_private_key,
+    void * p_public_key)
+{
+    ret_code_t result;
+
+    nrf_crypto_backend_ed25519_private_key_t * p_prv =
+        (nrf_crypto_backend_ed25519_private_key_t *)p_private_key;
+
+    nrf_crypto_backend_ed25519_public_key_t * p_pub =
+        (nrf_crypto_backend_ed25519_public_key_t *)p_public_key;
+
+    result = oberon_vector_generate(p_prv->private_part, sizeof(p_prv->private_part));
+
+    if (result != NRF_SUCCESS)
+    {
+        return result;
+    }
+
+    ocrypto_ed25519_public_key(p_prv->public_part, p_prv->private_part);
+
+    memcpy(p_pub->key, p_prv->public_part, sizeof(p_pub->key));
+
+    return NRF_SUCCESS;
+}
+
+
+ret_code_t nrf_crypto_backend_ed25519_public_key_calculate(
+    void       * p_context,
+    void const * p_private_key,
+    void       * p_public_key)
+{
+    nrf_crypto_backend_ed25519_private_key_t * p_prv =
+        (nrf_crypto_backend_ed25519_private_key_t *)p_private_key;
+
+    nrf_crypto_backend_ed25519_public_key_t * p_pub =
+        (nrf_crypto_backend_ed25519_public_key_t *)p_public_key;
+
+    memcpy(p_pub->key, p_prv->public_part, sizeof(p_pub->key));
+
+    return NRF_SUCCESS;
+}
+
+
+const nrf_crypto_ecc_curve_info_t g_nrf_crypto_ecc_ed25519_curve_info =
+{
+    .public_key_size      = sizeof(nrf_crypto_backend_ed25519_public_key_t),
+    .private_key_size     = sizeof(nrf_crypto_backend_ed25519_private_key_t),
+    .curve_type           = NRF_CRYPTO_ECC_ED25519_CURVE_TYPE,
+    .raw_private_key_size = NRF_CRYPTO_ECC_ED25519_RAW_PRIVATE_KEY_SIZE,
+    .raw_public_key_size  = NRF_CRYPTO_ECC_ED25519_RAW_PUBLIC_KEY_SIZE,
+    //lint -save -e611 -e546 (Suspicious cast, Suspicious use of &)
+    .p_backend_data       = (void *)&memcpy,
+    //lint -restore
+};
+
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_ED25519)
+
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON)

components/libraries/crypto/backend/oberon/oberon_backend_ecc.h

@@ -0,0 +1,314 @@
+/**
+ * Copyright (c) 2018 - 2020, Nordic Semiconductor ASA
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ *
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ *
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef OBERON_BACKEND_ECC_H__
+#define OBERON_BACKEND_ECC_H__
+
+#include "sdk_config.h"
+#include "nordic_common.h"
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON)
+
+#include <stdint.h>
+#include <stdbool.h>
+#include "nrf_crypto_ecc_shared.h"
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+/** @internal See @ref nrf_crypto_backend_ecc_private_key_from_raw_fn_t.
+*/
+ret_code_t nrf_crypto_backend_oberon_private_key_from_raw(
+    void          * p_private_key,
+    uint8_t const * p_raw_data);
+
+
+/** @internal See @ref nrf_crypto_backend_ecc_private_key_to_raw_fn_t.
+*/
+ret_code_t nrf_crypto_backend_oberon_private_key_to_raw(
+    void    const * p_private_key,
+    uint8_t       * p_raw_data);
+
+
+/** @internal See @ref nrf_crypto_backend_ecc_public_key_from_raw_fn_t.
+*/
+ret_code_t nrf_crypto_backend_oberon_public_key_from_raw(
+    void          * p_public_key,
+    uint8_t const * p_raw_data);
+
+
+/** @internal See @ref nrf_crypto_backend_ecc_public_key_to_raw_fn_t.
+*/
+ret_code_t nrf_crypto_backend_oberon_public_key_to_raw(
+    void const * p_public_key,
+    uint8_t    * p_raw_data);
+
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_SECP256R1)
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_ECC_SECP256R1)
+#error "More than one backend enabled for secp256r1 (NIST 256-bit).");
+#endif
+#define NRF_CRYPTO_ECC_SECP256R1_ENABLED 1
+
+
+/** @internal @brief Generates random number that can be used as a private key for secp256r1.
+ *
+ *  It uses RNG from libary frontend to generate random numbers.
+ *
+ *  @param[out] data    Array where generated random number will be placed.
+ *  @returns            NRF_SUCCESS or error code passed from RNG frontend.
+ */
+ret_code_t nrf_crypto_backend_oberon_ecc_secp256r1_rng(uint8_t data[32]);
+
+
+/** @internal @brief Structure holding private key for Oberon's secp256r1.
+ */
+typedef struct
+{
+    nrf_crypto_internal_ecc_key_header_t header;  /**< @internal @brief Common ECC key header. */
+    uint8_t key[32];                              /**< @internal @brief Raw key. */
+} nrf_crypto_backend_secp256r1_private_key_t;
+
+
+/** @internal @brief Structure holding public key for Oberon's secp256r1.
+ */
+typedef struct
+{
+    nrf_crypto_internal_ecc_key_header_t header;  /**< @internal @brief Common ECC key header. */
+    uint8_t key[64];                              /**< @internal @brief Raw key. */
+} nrf_crypto_backend_secp256r1_public_key_t;
+
+
+/** @internal See @ref nrf_crypto_backend_ecc_key_pair_generate_fn_t.
+ */
+ret_code_t nrf_crypto_backend_secp256r1_key_pair_generate(
+    void * p_context,
+    void * p_private_key,
+    void * p_public_key);
+
+
+/** @internal See @ref nrf_crypto_backend_ecc_public_key_calculate_fn_t.
+*/
+ret_code_t nrf_crypto_backend_secp256r1_public_key_calculate(
+    void       * p_context,
+    void const * p_private_key,
+    void       * p_public_key);
+
+
+// Common key conversion functions
+#define nrf_crypto_backend_secp256r1_private_key_from_raw \
+    nrf_crypto_backend_oberon_private_key_from_raw
+#define nrf_crypto_backend_secp256r1_private_key_to_raw \
+    nrf_crypto_backend_oberon_private_key_to_raw
+#define nrf_crypto_backend_secp256r1_public_key_from_raw \
+    nrf_crypto_backend_oberon_public_key_from_raw
+#define nrf_crypto_backend_secp256r1_public_key_to_raw \
+    nrf_crypto_backend_oberon_public_key_to_raw
+
+// Free is not required for oberon keys
+#define nrf_crypto_backend_secp256r1_private_key_free NULL
+#define nrf_crypto_backend_secp256r1_public_key_free NULL
+
+// Context is not used in oberon functions
+#define NRF_CRYPTO_BACKEND_SECP256R1_KEY_PAIR_GENERATE_CONTEXT_SIZE 0
+#define NRF_CRYPTO_BACKEND_SECP256R1_PUBLIC_KEY_CALCULATE_CONTEXT_SIZE 0
+
+// Dummy typedef for unused context
+typedef uint32_t nrf_crypto_backend_secp256r1_key_pair_generate_context_t;
+typedef uint32_t nrf_crypto_backend_secp256r1_public_key_calculate_context_t;
+
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_SECP256R1)
+
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_CURVE25519)
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_ECC_CURVE25519)
+#error "More than one backend enabled for Curve25519.");
+#endif
+#define NRF_CRYPTO_ECC_CURVE25519_ENABLED 1
+
+
+/** @internal @brief Structure holding private key for Oberon's Curve25519.
+ */
+typedef struct
+{
+    nrf_crypto_internal_ecc_key_header_t header;  /**< @internal @brief Common ECC key header. */
+    uint8_t key[32];                              /**< @internal @brief Raw key in little endian order. */
+} nrf_crypto_backend_curve25519_private_key_t;
+
+
+/** @internal @brief Structure holding public key for Oberon's Curve25519.
+ */
+typedef struct
+{
+    nrf_crypto_internal_ecc_key_header_t header; /**< @internal @brief Common ECC key header. */
+    uint8_t key[32];                             /**< @internal @brief Raw key in little endian order. */
+} nrf_crypto_backend_curve25519_public_key_t;
+
+
+/** @internal See @ref nrf_crypto_backend_ecc_key_pair_generate_fn_t.
+ */
+ret_code_t nrf_crypto_backend_curve25519_key_pair_generate(
+    void * p_context,
+    void * p_private_key,
+    void * p_public_key);
+
+
+/** @internal See @ref nrf_crypto_backend_ecc_public_key_calculate_fn_t.
+*/
+ret_code_t nrf_crypto_backend_curve25519_public_key_calculate(
+    void       * p_context,
+    void const * p_private_key,
+    void       * p_public_key);
+
+
+// Common key conversion functions
+#define nrf_crypto_backend_curve25519_private_key_from_raw \
+    nrf_crypto_backend_oberon_private_key_from_raw
+#define nrf_crypto_backend_curve25519_private_key_to_raw \
+    nrf_crypto_backend_oberon_private_key_to_raw
+#define nrf_crypto_backend_curve25519_public_key_from_raw \
+    nrf_crypto_backend_oberon_public_key_from_raw
+#define nrf_crypto_backend_curve25519_public_key_to_raw \
+    nrf_crypto_backend_oberon_public_key_to_raw
+
+// Free is not required for oberon keys
+#define nrf_crypto_backend_curve25519_private_key_free NULL
+#define nrf_crypto_backend_curve25519_public_key_free NULL
+
+// Context is not used in oberon functions
+#define NRF_CRYPTO_BACKEND_CURVE25519_KEY_PAIR_GENERATE_CONTEXT_SIZE 0
+#define NRF_CRYPTO_BACKEND_CURVE25519_PUBLIC_KEY_CALCULATE_CONTEXT_SIZE 0
+
+// Dummy typedef for unused context
+typedef uint32_t nrf_crypto_backend_curve25519_key_pair_generate_context_t;
+typedef uint32_t nrf_crypto_backend_curve25519_public_key_calculate_context_t;
+
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_CURVE25519)
+
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_ED25519)
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_ECC_ED25519)
+#error "More than one backend enabled for Ed25519.");
+#endif
+#define NRF_CRYPTO_ECC_ED25519_ENABLED 1
+
+
+
+/** @internal @brief Structure holding private key for Oberon's Ed25519.
+ */
+typedef struct
+{
+    nrf_crypto_internal_ecc_key_header_t header; /**< @internal @brief Common ECC key header. */
+    uint8_t private_part[32];                    /**< @internal @brief Raw private key. */
+    uint8_t public_part[32];                     /**< @internal @brief Raw public key. It is also required for Ed25519 signing. */
+} nrf_crypto_backend_ed25519_private_key_t;
+
+
+/** @internal @brief Structure holding private key for Oberon's Ed25519.
+ */
+typedef struct
+{
+    nrf_crypto_internal_ecc_key_header_t header; /**< @internal @brief Common ECC key header. */
+    uint8_t key[32];                             /**< @internal @brief Raw key. */
+} nrf_crypto_backend_ed25519_public_key_t;
+
+
+/** @internal See @ref nrf_crypto_backend_ecc_private_key_from_raw_fn_t.
+*/
+ret_code_t nrf_crypto_backend_ed25519_private_key_from_raw(
+    void          * p_private_key,
+    uint8_t const * p_raw_data);
+
+
+/** @internal See @ref nrf_crypto_backend_ecc_key_pair_generate_fn_t.
+ */
+ret_code_t nrf_crypto_backend_ed25519_key_pair_generate(
+    void * p_context,
+    void * p_private_key,
+    void * p_public_key);
+
+
+/** @internal See @ref nrf_crypto_backend_ecc_public_key_calculate_fn_t.
+*/
+ret_code_t nrf_crypto_backend_ed25519_public_key_calculate(
+    void       * p_context,
+    void const * p_private_key,
+    void       * p_public_key);
+
+
+// Common key conversion functions
+#define nrf_crypto_backend_ed25519_private_key_to_raw \
+    nrf_crypto_backend_oberon_private_key_to_raw
+#define nrf_crypto_backend_ed25519_public_key_from_raw \
+    nrf_crypto_backend_oberon_public_key_from_raw
+#define nrf_crypto_backend_ed25519_public_key_to_raw \
+    nrf_crypto_backend_oberon_public_key_to_raw
+
+// Free is not required for oberon keys
+#define nrf_crypto_backend_ed25519_private_key_free NULL
+#define nrf_crypto_backend_ed25519_public_key_free NULL
+
+// Context is not used in oberon functions
+#define NRF_CRYPTO_BACKEND_ED25519_KEY_PAIR_GENERATE_CONTEXT_SIZE 0
+#define NRF_CRYPTO_BACKEND_ED25519_PUBLIC_KEY_CALCULATE_CONTEXT_SIZE 0
+
+// Dummy typedef for unused context
+typedef uint32_t nrf_crypto_backend_ed25519_key_pair_generate_context_t;
+typedef uint32_t nrf_crypto_backend_ed25519_public_key_calculate_context_t;
+
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_ED25519)
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON)
+
+#endif // OBERON_BACKEND_ECC_H__

components/libraries/crypto/backend/oberon/oberon_backend_ecdh.c

@@ -0,0 +1,116 @@
+/**
+ * Copyright (c) 2018 - 2020, Nordic Semiconductor ASA
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ *
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ *
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "sdk_config.h"
+#include "nordic_common.h"
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON)
+
+#include <stdint.h>
+
+#include "nrf_crypto_ecc.h"
+#include "nrf_crypto_ecdh.h"
+#include "nrf_crypto_shared.h"
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_SECP256R1)
+#include "ocrypto_ecdh_p256.h"
+#endif
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_CURVE25519)
+#include "ocrypto_curve25519.h"
+#endif
+
+
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_SECP256R1)
+
+ret_code_t nrf_crypto_backend_secp256r1_ecdh_compute(
+    void       * p_context,
+    void const * p_private_key,
+    void const * p_public_key,
+    uint8_t    * p_shared_secret)
+{
+    int result;
+
+    nrf_crypto_backend_secp256r1_private_key_t const * p_prv =
+        (nrf_crypto_backend_secp256r1_private_key_t const *)p_private_key;
+
+    nrf_crypto_backend_secp256r1_public_key_t const * p_pub =
+        (nrf_crypto_backend_secp256r1_public_key_t const *)p_public_key;
+
+    result = ocrypto_ecdh_p256_common_secret(p_shared_secret, p_prv->key, p_pub->key);
+
+    if (result != 0)
+    {
+        return NRF_ERROR_CRYPTO_INTERNAL;
+    }
+    return NRF_SUCCESS;
+}
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_SECP256R1)
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_CURVE25519)
+
+ret_code_t nrf_crypto_backend_curve25519_ecdh_compute(
+    void       * p_context,
+    void const * p_private_key,
+    void const * p_public_key,
+    uint8_t    * p_shared_secret)
+{
+    nrf_crypto_backend_curve25519_private_key_t const * p_prv =
+        (nrf_crypto_backend_curve25519_private_key_t const *)p_private_key;
+
+    nrf_crypto_backend_curve25519_public_key_t const * p_pub =
+        (nrf_crypto_backend_curve25519_public_key_t const *)p_public_key;
+
+    // Private key can be completely random at this point.
+    // Oberon library updates bits in the key according to Curve25519 specification before use.
+    ocrypto_curve25519_scalarmult(p_shared_secret, p_prv->key, p_pub->key);
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_CURVE25519_BIG_ENDIAN)
+    nrf_crypto_internal_swap_endian_in_place(p_shared_secret,
+                                             NRF_CRYPTO_ECDH_CURVE25519_SHARED_SECRET_SIZE);
+#endif
+
+    return NRF_SUCCESS;
+}
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_CURVE25519)
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON)

components/libraries/crypto/backend/oberon/oberon_backend_ecdh.h

@@ -0,0 +1,108 @@
+/**
+ * Copyright (c) 2018 - 2020, Nordic Semiconductor ASA
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ *
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ *
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef OBERON_BACKEND_ECDH_H__
+#define OBERON_BACKEND_ECDH_H__
+
+#include "sdk_config.h"
+#include "nordic_common.h"
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON)
+
+#include <stdint.h>
+#include "nrf_crypto_ecc.h"
+#include "nrf_crypto_ecdh_shared.h"
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_SECP256R1)
+
+
+/** @internal See @ref nrf_crypto_backend_ecdh_compute_fn_t.
+ */
+ret_code_t nrf_crypto_backend_secp256r1_ecdh_compute(
+    void       * p_context,
+    void const * p_private_key,
+    void const * p_public_key,
+    uint8_t    * p_shared_secret);
+
+// Context in not used in OBERON backend
+typedef uint32_t nrf_crypto_backend_secp256r1_ecdh_context_t;
+#define NRF_CRYPTO_BACKEND_SECP256R1_ECDH_CONTEXT_SIZE 0
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_SECP256R1)
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_CURVE25519)
+
+/** @internal See @ref nrf_crypto_backend_ecdh_compute_fn_t.
+ */
+ret_code_t nrf_crypto_backend_curve25519_ecdh_compute(
+    void       * p_context,
+    void const * p_private_key,
+    void const * p_public_key,
+    uint8_t    * p_shared_secret);
+
+// Context in not used in OBERON backend
+typedef uint32_t nrf_crypto_backend_curve25519_ecdh_context_t;
+#define NRF_CRYPTO_BACKEND_CURVE25519_ECDH_CONTEXT_SIZE 0
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_CURVE25519)
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_ED25519)
+
+// ECDH is not possible for Ed25519
+#define nrf_crypto_backend_ed25519_ecdh_compute NULL
+typedef uint32_t nrf_crypto_backend_ed25519_ecdh_context_t;
+#define NRF_CRYPTO_BACKEND_ED25519_ECDH_CONTEXT_SIZE 0
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_ED25519)
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON)
+
+#endif // OBERON_BACKEND_ECDH_H__

components/libraries/crypto/backend/oberon/oberon_backend_ecdsa.c

@@ -0,0 +1,120 @@
+/**
+ * Copyright (c) 2018 - 2020, Nordic Semiconductor ASA
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ *
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ *
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "sdk_config.h"
+#include "nordic_common.h"
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO) && \
+    NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON) && \
+    NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_SECP256R1)
+
+#include <stdint.h>
+#include <stdbool.h>
+#include <string.h>
+
+#include "nrf_crypto_ecc.h"
+#include "nrf_crypto_rng.h"
+#include "nrf_crypto_ecdsa.h"
+#include "oberon_backend_eddsa.h"
+#include "nrf_crypto_eddsa_shared.h"
+#include "ocrypto_ecdsa_p256.h"
+
+
+#define OBERON_HASH_SIZE_FOR_SECP256R1 (256 / 8)
+
+
+ret_code_t nrf_crypto_backend_secp256r1_sign(
+    void          * p_context,
+    void    const * p_private_key,
+    uint8_t const * p_data,
+    size_t          data_size,
+    uint8_t       * p_signature)
+{
+    int     result;
+    uint8_t session_key[32];
+
+    nrf_crypto_backend_secp256r1_private_key_t const * p_prv =
+        (nrf_crypto_backend_secp256r1_private_key_t const *)p_private_key;
+
+    if (data_size < OBERON_HASH_SIZE_FOR_SECP256R1)
+    {
+        return NRF_ERROR_CRYPTO_INPUT_LENGTH;
+    }
+
+    result = nrf_crypto_backend_oberon_ecc_secp256r1_rng(session_key);
+    if (result != NRF_SUCCESS)
+    {
+        return result;
+    }
+
+    result = ocrypto_ecdsa_p256_sign_hash(p_signature, p_data, p_prv->key, session_key);
+
+    return result == 0 ? NRF_SUCCESS : NRF_ERROR_CRYPTO_INTERNAL;
+}
+
+
+ret_code_t nrf_crypto_backend_secp256r1_verify(
+    void          * p_context,
+    void    const * p_public_key,
+    uint8_t const * p_data,
+    size_t          data_size,
+    uint8_t const * p_signature)
+{
+    int result;
+
+    nrf_crypto_backend_secp256r1_public_key_t const * p_pub =
+        (nrf_crypto_backend_secp256r1_public_key_t const *)p_public_key;
+
+    if (data_size < OBERON_HASH_SIZE_FOR_SECP256R1)
+    {
+        return NRF_ERROR_CRYPTO_INPUT_LENGTH;
+    }
+
+    result = ocrypto_ecdsa_p256_verify_hash(p_signature, p_data, p_pub->key);
+
+    if (result != 0)
+    {
+        return NRF_ERROR_CRYPTO_ECDSA_INVALID_SIGNATURE;
+    }
+    return NRF_SUCCESS;
+}
+
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_SECP256R1)

components/libraries/crypto/backend/oberon/oberon_backend_ecdsa.h

@@ -0,0 +1,109 @@
+/**
+ * Copyright (c) 2018 - 2020, Nordic Semiconductor ASA
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ *
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ *
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef OBERON_BACKEND_ECDSA_H__
+#define OBERON_BACKEND_ECDSA_H__
+
+#include "sdk_config.h"
+#include "nordic_common.h"
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON)
+
+#include <stdint.h>
+#include "nrf_crypto_ecc_shared.h"
+#include "nrf_crypto_ecdsa_shared.h"
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_SECP256R1)
+
+
+/** @internal See @ref nrf_crypto_backend_ecdsa_sign_fn_t.
+ */
+ret_code_t nrf_crypto_backend_secp256r1_sign(
+    void          * p_context,
+    void    const * p_private_key,
+    uint8_t const * p_data,
+    size_t          data_size,
+    uint8_t       * p_signature);
+
+
+/** @internal See @ref nrf_crypto_backend_ecdsa_verify_fn_t.
+ */
+ret_code_t nrf_crypto_backend_secp256r1_verify(
+    void          * p_context,
+    void    const * p_public_key,
+    uint8_t const * p_data,
+    size_t          data_size,
+    uint8_t const * p_signature);
+
+
+#define NRF_CRYPTO_BACKEND_SECP256R1_SIGN_CONTEXT_SIZE 0
+#define NRF_CRYPTO_BACKEND_SECP256R1_VERIFY_CONTEXT_SIZE 0
+typedef uint32_t nrf_crypto_backend_secp256r1_sign_context_t;
+typedef uint32_t nrf_crypto_backend_secp256r1_verify_context_t;
+
+#endif
+
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_CURVE25519)
+
+// Curve25519 is not designed for ECDSA
+#define NRF_CRYPTO_BACKEND_CURVE25519_SIGN_CONTEXT_SIZE 0
+#define NRF_CRYPTO_BACKEND_CURVE25519_VERIFY_CONTEXT_SIZE 0
+typedef uint32_t nrf_crypto_backend_curve25519_sign_context_t;
+typedef uint32_t nrf_crypto_backend_curve25519_verify_context_t;
+#define nrf_crypto_backend_curve25519_sign NULL
+#define nrf_crypto_backend_curve25519_verify NULL
+
+#endif
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON)
+
+#endif // OBERON_BACKEND_ECDSA_H__

components/libraries/crypto/backend/oberon/oberon_backend_eddsa.c

@@ -0,0 +1,97 @@
+/**
+ * Copyright (c) 2018 - 2020, Nordic Semiconductor ASA
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ *
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ *
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "sdk_config.h"
+#include "nordic_common.h"
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO) && \
+    NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON) && \
+    NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_ED25519)
+
+#include <stdint.h>
+#include <stdbool.h>
+#include <string.h>
+
+#include "nrf_crypto_ecc.h"
+#include "nrf_crypto_rng.h"
+#include "nrf_crypto_eddsa.h"
+#include "ocrypto_ed25519.h"
+
+
+ret_code_t nrf_crypto_backend_ed25519_sign(
+    void                                  * p_context,
+    nrf_crypto_ecc_private_key_t    const * p_private_key,
+    uint8_t                         const * p_message,
+    size_t                                  message_size,
+    uint8_t                               * p_signature)
+{
+    ocrypto_ed25519_sign(p_signature,
+                         p_message,
+                         message_size,
+                         p_private_key->key_ed25519.private_part,
+                         p_private_key->key_ed25519.public_part);
+
+    return NRF_SUCCESS;
+}
+
+ret_code_t nrf_crypto_backend_ed25519_verify(
+    void                              * p_context,
+    nrf_crypto_ecc_public_key_t const * p_public_key,
+    uint8_t                     const * p_message,
+    size_t                              message_size,
+    uint8_t                     const * p_signature)
+{
+    int result;
+
+    result = ocrypto_ed25519_verify(p_signature,
+                                    p_message,
+                                    message_size,
+                                    p_public_key->key_ed25519.key);
+
+    if (result != 0)
+    {
+        return NRF_ERROR_CRYPTO_ECDSA_INVALID_SIGNATURE;
+    }
+
+    return NRF_SUCCESS;
+}
+
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_ED25519)

components/libraries/crypto/backend/oberon/oberon_backend_eddsa.h

@@ -0,0 +1,72 @@
+/**
+ * Copyright (c) 2018 - 2020, Nordic Semiconductor ASA
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ *
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ *
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef OBERON_BACKEND_EDDSA_H__
+#define OBERON_BACKEND_EDDSA_H__
+
+#include "sdk_config.h"
+#include "nordic_common.h"
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO) && \
+    NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON) && \
+    NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_ED25519)
+
+#include <stdint.h>
+#include "nrf_crypto_ecc_shared.h"
+#include "nrf_crypto_eddsa_shared.h"
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define NRF_CRYPTO_BACKEND_ED25519_SIGN_CONTEXT_SIZE 0
+#define NRF_CRYPTO_BACKEND_ED25519_VERIFY_CONTEXT_SIZE 0
+typedef uint32_t nrf_crypto_backend_ed25519_sign_context_t;
+typedef uint32_t nrf_crypto_backend_ed25519_verify_context_t;
+
+#ifdef __cplusplus
+}
+#endif
+
+
+#endif // #if NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_ECC_ED25519)
+
+#endif // OBERON_BACKEND_EDDSA_H__

components/libraries/crypto/backend/oberon/oberon_backend_hash.c

@@ -0,0 +1,182 @@
+/**
+ * Copyright (c) 2018 - 2020, Nordic Semiconductor ASA
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ *
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ *
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "sdk_common.h"
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON)
+
+#include "oberon_backend_hash.h"
+#include "nrf_crypto_init.h"
+#include "nrf_crypto_types.h"
+#include "nrf_crypto_error.h"
+#include "nrf_crypto_hash_shared.h"
+#include "sdk_macros.h"
+#include "ocrypto_sha256.h"
+#include "ocrypto_sha512.h"
+#include "nrf_log.h"
+#include "nrf_assert.h"
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_HASH_SHA256)
+
+static ret_code_t oberon_backend_hash_sha256_init(void * const p_context)
+{
+    // No parameter testing on this level.
+    // This has been done on upper level.
+
+    ocrypto_sha256_ctx * p_backend_context
+        = &(((nrf_crypto_backend_hash_sha256_context_t *)p_context)->context);
+
+    ocrypto_sha256_init(p_backend_context);
+
+    return NRF_SUCCESS;
+}
+
+
+static uint32_t oberon_backend_hash_sha256_update(void     * const p_context,
+                                                  uint8_t  const * p_data,
+                                                  size_t           size)
+{
+    // Limited parameter testing on this level.
+    // This has been done on upper level.
+
+    ocrypto_sha256_ctx * p_backend_context
+        = &(((nrf_crypto_backend_hash_sha256_context_t *)p_context)->context);
+
+    ocrypto_sha256_update(p_backend_context, p_data, size);
+
+    return NRF_SUCCESS;
+}
+
+
+static uint32_t oberon_backend_hash_sha256_finalize(void   * const p_context,
+                                                 uint8_t         * p_digest,
+                                                 size_t    * const p_digest_size)
+{
+    // Limited parameter testing on this level.
+    // This has been done on upper level.
+
+    ocrypto_sha256_ctx * p_backend_context
+        = &(((nrf_crypto_backend_hash_sha256_context_t *)p_context)->context);
+
+    ocrypto_sha256_final(p_backend_context, p_digest);
+
+    *p_digest_size = NRF_CRYPTO_HASH_SIZE_SHA256;
+
+    return NRF_SUCCESS;
+}
+
+
+const nrf_crypto_hash_info_t g_nrf_crypto_hash_sha256_info =
+{
+    .init_fn        = oberon_backend_hash_sha256_init,
+    .update_fn      = oberon_backend_hash_sha256_update,
+    .finalize_fn    = oberon_backend_hash_sha256_finalize,
+    .digest_size    = NRF_CRYPTO_HASH_SIZE_SHA256,
+    .context_size   = sizeof(nrf_crypto_backend_hash_sha256_context_t),
+    .hash_mode      = NRF_CRYPTO_HASH_MODE_SHA256
+};
+
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_HASH_SHA256)
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_HASH_SHA512)
+
+
+static ret_code_t oberon_backend_hash_sha512_init(void * p_context)
+{
+    // No parameter testing on this level.
+    // This has been done on upper level.
+
+    ocrypto_sha512_ctx * p_backend_context
+        = &(((nrf_crypto_backend_hash_sha512_context_t *)p_context)->context);
+
+    ocrypto_sha512_init(p_backend_context);
+
+    return NRF_SUCCESS;
+}
+
+
+static ret_code_t oberon_backend_hash_sha512_update(void    * const p_context,
+                                                    uint8_t const * p_data,
+                                                    size_t          size)
+{
+    // Limited parameter testing on this level.
+    // This has been done on upper level.
+
+    ocrypto_sha512_ctx * p_backend_context
+        = &(((nrf_crypto_backend_hash_sha512_context_t *)p_context)->context);
+
+    ocrypto_sha512_update(p_backend_context, p_data, size);
+
+    return NRF_SUCCESS;
+}
+
+
+static ret_code_t oberon_backend_hash_sha512_finalize(void  * const p_context,
+                                                 uint8_t          * p_digest,
+                                                 size_t     * const p_digest_size)
+{
+    // Limited parameter testing on this level.
+    // This has been done on upper level.
+
+    ocrypto_sha512_ctx * p_backend_context
+        = &(((nrf_crypto_backend_hash_sha512_context_t *)p_context)->context);
+
+    ocrypto_sha512_final(p_backend_context, p_digest);
+
+    *p_digest_size = NRF_CRYPTO_HASH_SIZE_SHA512;
+
+    return NRF_SUCCESS;
+}
+
+
+const nrf_crypto_hash_info_t g_nrf_crypto_hash_sha512_info =
+{
+    .init_fn        = oberon_backend_hash_sha512_init,
+    .update_fn      = oberon_backend_hash_sha512_update,
+    .finalize_fn    = oberon_backend_hash_sha512_finalize,
+    .digest_size    = NRF_CRYPTO_HASH_SIZE_SHA512,
+    .context_size   = sizeof(nrf_crypto_backend_hash_sha512_context_t),
+    .hash_mode      = NRF_CRYPTO_HASH_MODE_SHA512
+};
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_HASH_SHA512)
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON)

components/libraries/crypto/backend/oberon/oberon_backend_hash.h

@@ -0,0 +1,123 @@
+/**
+ * Copyright (c) 2018 - 2020, Nordic Semiconductor ASA
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ *
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ *
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef OBERON_BACKEND_HASH_H__
+#define OBERON_BACKEND_HASH_H__
+
+/** @file
+ *
+ * @defgroup nrf_crypto_oberon_backend_hash Oberon backend hash
+ * @{
+ * @ingroup nrf_crypto_oberon_backend
+ *
+ * @brief Hash functionality provided by the Oberon nrf_crypto backend.
+ */
+#include "sdk_common.h"
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON)
+
+#include "sdk_errors.h"
+#include "nrf_crypto_hash_shared.h"
+#include "ocrypto_sha256.h"
+#include "ocrypto_sha512.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_HASH_SHA256)
+
+// Flag that nrf_crypto_hash frontend can be compiled
+#undef  NRF_CRYPTO_HASH_ENABLED
+#define NRF_CRYPTO_HASH_ENABLED 1
+
+// Duplicate backend enabled test for SHA-256
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_HASH_SHA256)
+#error "Duplicate definition of SHA-256. More than one backend enabled");
+#endif
+
+// Flag that SHA-256 is enabled in backend
+#define NRF_CRYPTO_HASH_SHA256_ENABLED 1
+
+
+/**@brief nrf_crypto_hash context for SHA-256 in nrf_crypto Oberon backend. */
+typedef struct
+{
+    nrf_crypto_hash_internal_context_t  header;     /**< Common header for context. */
+    ocrypto_sha256_ctx                  context;    /**< Hash context internal to Oberon. */
+} nrf_crypto_backend_hash_sha256_context_t;
+
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_HASH_SHA256)
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_HASH_SHA512)
+
+// Flag that nrf_crypto_hash frontend can be compiled
+#undef  NRF_CRYPTO_HASH_ENABLED
+#define NRF_CRYPTO_HASH_ENABLED 1
+
+// Duplicate backend enabled test for SHA-512
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_HASH_SHA512)
+#error "Duplicate definition of SHA-512. More than one backend enabled");
+#endif
+
+// Flag that SHA-512 is enabled in backend
+#define NRF_CRYPTO_HASH_SHA512_ENABLED 1
+
+
+/**@brief nrf_crypto_hash context for SHA-512 in nrf_crypto Oberon backend. */
+typedef struct
+{
+    nrf_crypto_hash_internal_context_t  header;     /**< Common header for context. */
+    ocrypto_sha512_ctx                  context;    /**< Hash context internal to Oberon. */
+} nrf_crypto_backend_hash_sha512_context_t;
+
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_HASH_SHA512)
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON)
+
+/**@} */
+
+#endif // OBERON_BACKEND_HASH_H__

components/libraries/crypto/backend/oberon/oberon_backend_hmac.c

@@ -0,0 +1,169 @@
+/**
+ * Copyright (c) 2018 - 2020, Nordic Semiconductor ASA
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ *
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ *
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "sdk_common.h"
+#if NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON)
+
+#include "nrf_log.h"
+#include "nrf_crypto_error.h"
+#include "nrf_crypto_types.h"
+#include "oberon_backend_hmac.h"
+
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_HMAC_SHA256)
+
+#define HMAC_SHA256_BLOCK_SIZE 64
+
+static ret_code_t oberon_backend_hmac_init_sha256(void      * const p_context,
+                                                  uint8_t   const * p_key,
+                                                  size_t            key_size)
+{
+    nrf_crypto_backend_oberon_hmac_sha256_context_t * p_ctx =
+        (nrf_crypto_backend_oberon_hmac_sha256_context_t *)p_context;
+
+    ocrypto_hmac_sha256_init(&p_ctx->oberon_ctx, p_key, key_size);
+
+    return NRF_SUCCESS;
+}
+
+
+static ret_code_t oberon_backend_hmac_update_sha256(void    * const p_context,
+                                                    uint8_t const * p_data,
+                                                    size_t          size)
+{
+    nrf_crypto_backend_oberon_hmac_sha256_context_t * p_ctx =
+        (nrf_crypto_backend_oberon_hmac_sha256_context_t *)p_context;
+
+    ocrypto_hmac_sha256_update(&p_ctx->oberon_ctx, p_data, size);
+
+    return NRF_SUCCESS;
+}
+
+
+static ret_code_t oberon_backend_hmac_finalize_sha256(void      * const p_context,
+                                                      uint8_t         * p_digest,
+                                                      size_t    * const p_size)
+{
+    nrf_crypto_backend_oberon_hmac_sha256_context_t * const p_ctx =
+        (nrf_crypto_backend_oberon_hmac_sha256_context_t *)p_context;
+
+    ocrypto_hmac_sha256_final(&p_ctx->oberon_ctx, p_digest);
+
+    // Assume operation was successful and update the digest size accordingly.
+    *p_size = p_ctx->header.p_info->digest_size;
+
+    return NRF_SUCCESS;
+}
+
+
+// Information structure for HMAC SHA256 using Oberon backend.
+const nrf_crypto_hmac_info_t g_nrf_crypto_hmac_sha256_info =
+{
+    .init_fn        = oberon_backend_hmac_init_sha256,
+    .update_fn      = oberon_backend_hmac_update_sha256,
+    .finalize_fn    = oberon_backend_hmac_finalize_sha256,
+    .digest_size    = NRF_CRYPTO_HASH_SIZE_SHA256,
+    .context_size   = sizeof(nrf_crypto_backend_oberon_hmac_sha256_context_t),
+    .type           = NRF_CRYPTO_HMAC_SHA256_TYPE
+};
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_HMAC_SHA256)
+
+
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_HMAC_SHA512)
+
+#define HMAC_SHA512_BLOCK_SIZE 128
+
+static ret_code_t oberon_backend_hmac_init_sha512(void      * const p_context,
+                                                  uint8_t   const * p_key,
+                                                  size_t            key_size)
+{
+    nrf_crypto_backend_oberon_hmac_sha512_context_t * p_ctx =
+        (nrf_crypto_backend_oberon_hmac_sha512_context_t *)p_context;
+
+    ocrypto_hmac_sha512_init(&p_ctx->oberon_ctx, p_key, key_size);
+
+    return NRF_SUCCESS;
+}
+
+
+static ret_code_t oberon_backend_hmac_update_sha512(void    * const p_context,
+                                                    uint8_t const * p_data,
+                                                    size_t          size)
+{
+    nrf_crypto_backend_oberon_hmac_sha512_context_t * p_ctx =
+        (nrf_crypto_backend_oberon_hmac_sha512_context_t *)p_context;
+
+    ocrypto_hmac_sha512_update(&p_ctx->oberon_ctx, p_data, size);
+
+    return NRF_SUCCESS;
+}
+
+
+static ret_code_t oberon_backend_hmac_finalize_sha512(void      * const p_context,
+                                                      uint8_t         * p_digest,
+                                                      size_t    * const p_size)
+{
+    nrf_crypto_backend_oberon_hmac_sha512_context_t * const p_ctx =
+        (nrf_crypto_backend_oberon_hmac_sha512_context_t *)p_context;
+
+    ocrypto_hmac_sha512_final(&p_ctx->oberon_ctx, p_digest);
+
+    // Assume operation was successful and update the digest size accordingly.
+    *p_size = p_ctx->header.p_info->digest_size;
+
+    return NRF_SUCCESS;
+}
+
+
+// Information structure for HMAC SHA512 using Oberon backend.
+const nrf_crypto_hmac_info_t g_nrf_crypto_hmac_sha512_info =
+{
+    .init_fn        = oberon_backend_hmac_init_sha512,
+    .update_fn      = oberon_backend_hmac_update_sha512,
+    .finalize_fn    = oberon_backend_hmac_finalize_sha512,
+    .digest_size    = NRF_CRYPTO_HASH_SIZE_SHA512,
+    .context_size   = sizeof(nrf_crypto_backend_oberon_hmac_sha512_context_t),
+    .type           = NRF_CRYPTO_HMAC_SHA512_TYPE
+};
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_HMAC_SHA512)
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO) && NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON)

components/libraries/crypto/backend/oberon/oberon_backend_hmac.h

@@ -0,0 +1,136 @@
+/**
+ * Copyright (c) 2018 - 2020, Nordic Semiconductor ASA
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this
+ *    list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form, except as embedded into a Nordic
+ *    Semiconductor ASA integrated circuit in a product or a software update for
+ *    such product, must reproduce the above copyright notice, this list of
+ *    conditions and the following disclaimer in the documentation and/or other
+ *    materials provided with the distribution.
+ *
+ * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * 4. This software, with or without modification, must only be used with a
+ *    Nordic Semiconductor ASA integrated circuit.
+ *
+ * 5. Any software provided in binary form under this license must not be reverse
+ *    engineered, decompiled, modified and/or disassembled.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef OBERON_BACKEND_HMAC_H__
+#define OBERON_BACKEND_HMAC_H__
+
+/** @file
+ *
+ * @defgroup nrf_crypto_oberon_backend_hmac Oberon backend for HMAC
+ * @{
+ * @ingroup nrf_crypto_oberon_backend
+ *
+ * @brief Backend wrapper for Oberon. None of these types should be used directly by the
+ * application.
+ */
+
+#include "sdk_common.h"
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON) &&                    \
+        ( NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_HMAC_SHA256) || \
+          NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_HMAC_SHA512) )
+
+#include "nrf_crypto_hmac_shared.h"
+#include "ocrypto_hmac_sha256.h"
+#include "ocrypto_hmac_sha512.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#undef  NRF_CRYPTO_HMAC_ENABLED
+#define NRF_CRYPTO_HMAC_ENABLED 1
+
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_HMAC_SHA256)
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_HMAC_SHA256)
+#error "Duplicate definition of HMAC SHA-256. More than one backend enabled"
+#endif // NRF_CRYPTO_HMAC_SHA256_ENABLED
+#define NRF_CRYPTO_HMAC_SHA256_ENABLED 1
+
+/**
+ * @internal @brief Internal context object used by the Oberon backend wrapper for HMAC SHA256.
+ *
+ * @note This should never be used directly. Use @ref nrf_crypto_backend_hmac_sha256_context_t
+ * instead.
+ */
+typedef struct
+{
+    nrf_crypto_hmac_internal_context_t  header;     //!< Internal nrf_crypto_hmac context.
+    ocrypto_hmac_sha256_ctx             oberon_ctx; //!< Oberon context object.
+} nrf_crypto_backend_oberon_hmac_sha256_context_t;
+
+
+/**
+ * @internal @brief Context for HMAC SHA256 using Oberon backend.
+ */
+typedef nrf_crypto_backend_oberon_hmac_sha256_context_t nrf_crypto_backend_hmac_sha256_context_t;
+
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_HMAC_SHA256)
+
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_HMAC_SHA512)
+
+#if NRF_MODULE_ENABLED(NRF_CRYPTO_HMAC_SHA512)
+#error "Duplicate definition of HMAC SHA-512. More than one backend enabled"
+#endif // NRF_CRYPTO_HMAC_SHA512_ENABLED
+#define NRF_CRYPTO_HMAC_SHA512_ENABLED 1
+
+/**
+ * @internal @brief Internal context object used by the Oberon backend wrapper for HMAC SHA512.
+ *
+ * @note This should never be used directly. Use @ref nrf_crypto_backend_hmac_sha512_context_t
+ * instead.
+ */
+typedef struct
+{
+    nrf_crypto_hmac_internal_context_t  header;     //!< Internal nrf_crypto_hmac context header.
+    ocrypto_hmac_sha512_ctx             oberon_ctx; //!< Oberon context object.
+} nrf_crypto_backend_oberon_hmac_sha512_context_t;
+
+/**
+ * @internal @brief Context for HMAC SHA512 using Oberon backend.
+ */
+typedef nrf_crypto_backend_oberon_hmac_sha512_context_t nrf_crypto_backend_hmac_sha512_context_t;
+
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_HMAC_SHA512)
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON && ( NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_HMAC_SHA256 || NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_OBERON_HMAC_SHA512) )
+
+/**@} */
+
+#endif // OBERON_BACKEND_HMAC_H__