m2354_crypto_pkc.c
Go to the documentation of this file.
1 /**
2  * @file m2354_crypto_pkc.c
3  * @brief M2354 public-key hardware accelerator
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2025 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneCRYPTO Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.5.0
29  **/
30 
31 //Switch to the appropriate trace level
32 #define TRACE_LEVEL CRYPTO_TRACE_LEVEL
33 
34 //Dependencies
35 #include "m2354.h"
36 #include "core/crypto.h"
37 #include "hardware/m2354/m2354_crypto.h"
38 #include "hardware/m2354/m2354_crypto_pkc.h"
39 #include "pkc/rsa.h"
40 #include "ecc/ec.h"
41 #include "ecc/ec_misc.h"
42 #include "debug.h"
43 
44 //Check crypto library configuration
45 #if (M2354_CRYPTO_PKC_SUPPORT == ENABLED)
46 #if (MPI_SUPPORT == ENABLED)
47 
48 //Global variables
49 static M2354RsaArgs rsaArgs;
50 
51 
52 /**
53  * @brief Import multiple-precision integer
54  * @param[in] dest Pointer to the operand
55  * @param[in] length Length of the operand, in bytes
56  * @param[in] a Pointer to the multiple-precision integer
57  **/
58 
59 void rsaImportMpi(uint32_t *dest, uint_t length, const Mpi *a)
60 {
61  uint_t i;
62  uint_t n;
63 
64  //Get the length of the operand, in words
65  length = (length + 3) / 4;
66 
67  //Get the actual length of the multiple-precision integer, in words
68  n = mpiGetLength(a);
69 
70  //Copy the multiple-precision integer to the CRYPTO peripheral
71  for(i = 0; i < n && i < length; i++)
72  {
73  dest[i] = a->data[i];
74  }
75 
76  //Pad the operand with zeroes
77  for(; i < length; i++)
78  {
79  dest[i] = 0;
80  }
81 }
82 
83 
84 /**
85  * @brief Export multiple-precision integer
86  * @param[in] src Pointer to the operand
87  * @param[in] length Length of the operand, in bytes
88  * @param[out] r Pointer to the multiple-precision integer
89  * @return Error code
90  **/
91 
92 error_t rsaExportMpi(uint32_t *src, uint_t length, Mpi *r)
93 {
94  error_t error;
95  uint_t i;
96 
97  //Get the length of the operand, in words
98  length = (length + 3) / 4;
99 
100  //Skip trailing zeroes
101  while(length > 0 && src[length - 1] == 0)
102  {
103  length--;
104  }
105 
106  //Ajust the size of the multiple precision integer
107  error = mpiGrow(r, length);
108 
109  //Check status code
110  if(!error)
111  {
112  //Copy the multiple-precision integer from the CRYPTO peripheral
113  for(i = 0; i < length; i++)
114  {
115  r->data[i] = src[i];
116  }
117 
118  //Pad the resulting value with zeroes
119  for(; i < r->size; i++)
120  {
121  r->data[i] = 0;
122  }
123 
124  //Set the sign
125  r->sign = 1;
126  }
127 
128  //Return status code
129  return error;
130 }
131 
132 
133 /**
134  * @brief Modular exponentiation (fast calculation)
135  * @param[out] r Resulting integer R = A ^ E mod P
136  * @param[in] a Pointer to a multiple precision integer
137  * @param[in] e Exponent
138  * @param[in] p Modulus
139  * @return Error code
140  **/
141 
142 error_t mpiExpModFast(Mpi *r, const Mpi *a, const Mpi *e, const Mpi *p)
143 {
144  error_t error;
145  size_t aLen;
146  size_t eLen;
147  size_t pLen;
148 
149  //Get the length of the integer, in bytes
150  aLen = mpiGetByteLength(a);
151  //Get the length of the exponent, in bytes
152  eLen = mpiGetByteLength(e);
153  //Get the length of the modulus, in bytes
154  pLen = mpiGetByteLength(p);
155 
156  //The accelerator supports operand lengths up to 4096 bits
157  if((aLen <= 128 && eLen <= 128 && pLen == 128) ||
158  (aLen <= 256 && eLen <= 256 && pLen == 256) ||
159  (aLen <= 384 && eLen <= 384 && pLen == 384) ||
160  (aLen <= 512 && eLen <= 512 && pLen == 512))
161  {
162  //Acquire exclusive access to the CRYPTO module
163  osAcquireMutex(&m2354CryptoMutex);
164 
165  //Reset CRYPTO controller
166  SYS->IPRST0 |= SYS_IPRST0_CRPTRST_Msk;
167  SYS->IPRST0 &= ~SYS_IPRST0_CRPTRST_Msk;
168 
169  //Copy the operands
170  rsaImportMpi(rsaArgs.m, pLen, a);
171  rsaImportMpi(rsaArgs.n, pLen, p);
172  rsaImportMpi(rsaArgs.e, pLen, e);
173 
174  //Program DMA source address to register CRYPTO_RSA_SADDR0-2
175  CRPT->RSA_SADDR[0] = (uint32_t) rsaArgs.m;
176  CRPT->RSA_SADDR[1] = (uint32_t) rsaArgs.n;
177  CRPT->RSA_SADDR[2] = (uint32_t) rsaArgs.e;
178 
179  //Program DMA destination address to register CRYPTO_RSA_DADDR
180  CRPT->RSA_DADDR = (uint32_t) rsaArgs.r;
181 
182  //Select appropriate key length
183  CRPT->RSA_CTL = (((pLen / 128) - 1) << CRPT_RSA_CTL_KEYLENG_Pos);
184 
185  //Clear RSA interrupt flag
186  CRPT->INTSTS = CRPT_INTSTS_RSAIF_Msk;
187  //Start operation
188  CRPT->RSA_CTL |= CRPT_RSA_CTL_START_Msk;
189 
190  //Wait for the operation to complete
191  while((CRPT->INTSTS & CRPT_INTSTS_RSAIF_Msk) == 0)
192  {
193  }
194 
195  //Read output data
196  rsaExportMpi(rsaArgs.r, pLen, r);
197 
198  //Release exclusive access to the CRYPTO module
199  osReleaseMutex(&m2354CryptoMutex);
200 
201  //Successful operation
202  error = NO_ERROR;
203  }
204  else
205  {
206  //Perform modular exponentiation (r = a ^ e mod p)
207  error = mpiExpMod(r, a, e, p);
208  }
209 
210  //Return status code
211  return error;
212 }
213 
214 
215 /**
216  * @brief Modular exponentiation (regular calculation)
217  * @param[out] r Resulting integer R = A ^ E mod P
218  * @param[in] a Pointer to a multiple precision integer
219  * @param[in] e Exponent
220  * @param[in] p Modulus
221  * @return Error code
222  **/
223 
224 error_t mpiExpModRegular(Mpi *r, const Mpi *a, const Mpi *e, const Mpi *p)
225 {
226  error_t error;
227  size_t aLen;
228  size_t eLen;
229  size_t pLen;
230 
231  //Get the length of the integer, in bytes
232  aLen = mpiGetByteLength(a);
233  //Get the length of the exponent, in bytes
234  eLen = mpiGetByteLength(e);
235  //Get the length of the modulus, in bytes
236  pLen = mpiGetByteLength(p);
237 
238  //The accelerator supports operand lengths up to 4096 bits
239  if((pLen == 128 && aLen <= 128 && eLen <= 128) ||
240  (pLen == 256 && aLen <= 256 && eLen <= 256) ||
241  (pLen == 384 && aLen <= 384 && eLen <= 384) ||
242  (pLen == 512 && aLen <= 512 && eLen <= 512))
243  {
244  //Acquire exclusive access to the CRYPTO module
245  osAcquireMutex(&m2354CryptoMutex);
246 
247  //Reset CRYPTO controller
248  SYS->IPRST0 |= SYS_IPRST0_CRPTRST_Msk;
249  SYS->IPRST0 &= ~SYS_IPRST0_CRPTRST_Msk;
250 
251  //Copy the operands
252  rsaImportMpi(rsaArgs.m, pLen, a);
253  rsaImportMpi(rsaArgs.n, pLen, p);
254  rsaImportMpi(rsaArgs.e, pLen, e);
255 
256  //Program DMA source address to register CRYPTO_RSA_SADDR0-2
257  CRPT->RSA_SADDR[0] = (uint32_t) rsaArgs.m;
258  CRPT->RSA_SADDR[1] = (uint32_t) rsaArgs.n;
259  CRPT->RSA_SADDR[2] = (uint32_t) rsaArgs.e;
260 
261  //Program DMA destination address to register CRYPTO_RSA_DADDR
262  CRPT->RSA_DADDR = (uint32_t) rsaArgs.r;
263 
264  //Select appropriate key length
265  CRPT->RSA_CTL = (((pLen / 128) - 1) << CRPT_RSA_CTL_KEYLENG_Pos);
266 
267  //Clear RSA interrupt flag
268  CRPT->INTSTS = CRPT_INTSTS_RSAIF_Msk;
269  //Start operation
270  CRPT->RSA_CTL |= CRPT_RSA_CTL_START_Msk;
271 
272  //Wait for the operation to complete
273  while((CRPT->INTSTS & CRPT_INTSTS_RSAIF_Msk) == 0)
274  {
275  }
276 
277  //Read output data
278  rsaExportMpi(rsaArgs.r, pLen, r);
279 
280  //Release exclusive access to the CRYPTO module
281  osReleaseMutex(&m2354CryptoMutex);
282 
283  //Successful operation
284  error = NO_ERROR;
285  }
286  else
287  {
288  //Perform modular exponentiation (r = a ^ e mod p)
289  error = mpiExpMod(r, a, e, p);
290  }
291 
292  //Return status code
293  return error;
294 }
295 
296 #endif
297 #if (RSA_SUPPORT == ENABLED)
298 
299 /**
300  * @brief RSA decryption primitive
301  *
302  * The RSA decryption primitive recovers the message representative from
303  * the ciphertext representative under the control of a private key
304  *
305  * @param[in] key RSA private key
306  * @param[in] c Ciphertext representative
307  * @param[out] m Message representative
308  * @return Error code
309  **/
310 
311 error_t rsadp(const RsaPrivateKey *key, const Mpi *c, Mpi *m)
312 {
313  error_t error;
314  size_t nLen;
315  size_t dLen;
316  size_t pLen;
317  size_t qLen;
318  size_t dpLen;
319  size_t dqLen;
320  size_t qinvLen;
321 
322  //Get the length of the private key
323  nLen = mpiGetByteLength(&key->n);
324  dLen = mpiGetByteLength(&key->d);
325  pLen = mpiGetByteLength(&key->p);
326  qLen = mpiGetByteLength(&key->q);
327  dpLen = mpiGetByteLength(&key->dp);
328  dqLen = mpiGetByteLength(&key->dq);
329  qinvLen = mpiGetByteLength(&key->qinv);
330 
331  //Sanity check
332  if(nLen == 0)
333  return ERROR_INVALID_PARAMETER;
334 
335  //The ciphertext representative c shall be between 0 and n - 1
336  if(mpiCompInt(c, 0) < 0 || mpiComp(c, &key->n) >= 0)
337  return ERROR_OUT_OF_RANGE;
338 
339  //Check the length of the private key
340  if((nLen == 128 && dLen <= 128) || (nLen == 384 && dLen <= 384))
341  {
342  //Let m = c ^ d mod n
343  error = mpiExpModRegular(m, c, &key->d, &key->n);
344  }
345  else if(nLen > 0 && pLen > 0 && qLen > 0 && dpLen > 0 && dqLen > 0 &&
346  qinvLen > 0)
347  {
348  Mpi m1;
349  Mpi m2;
350  Mpi h;
351 
352  //Initialize multiple-precision integers
353  mpiInit(&m1);
354  mpiInit(&m2);
355  mpiInit(&h);
356 
357  //Compute m1 = c ^ dP mod p
358  error = mpiMod(&m1, c, &key->p);
359 
360  if(!error)
361  {
362  error = mpiExpModRegular(&m1, &m1, &key->dp, &key->p);
363  }
364 
365  //Compute m2 = c ^ dQ mod q
366  if(!error)
367  {
368  error = mpiMod(&m2, c, &key->q);
369  }
370 
371  if(!error)
372  {
373  error = mpiExpModRegular(&m2, &m2, &key->dq, &key->q);
374  }
375 
376  //Let h = (m1 - m2) * qInv mod p
377  if(!error)
378  {
379  error = mpiSub(&h, &m1, &m2);
380  }
381 
382  if(!error)
383  {
384  error = mpiMulMod(&h, &h, &key->qinv, &key->p);
385  }
386 
387  //Let m = m2 + q * h
388  if(!error)
389  {
390  error = mpiMul(m, &key->q, &h);
391  }
392 
393  if(!error)
394  {
395  error = mpiAdd(m, m, &m2);
396  }
397 
398  //Free previously allocated memory
399  mpiFree(&m1);
400  mpiFree(&m2);
401  mpiFree(&h);
402  }
403  else if(nLen > 0 && dLen > 0)
404  {
405  //Let m = c ^ d mod n
406  error = mpiExpModRegular(m, c, &key->d, &key->n);
407  }
408  else
409  {
410  //Report an error
411  error = ERROR_INVALID_PARAMETER;
412  }
413 
414  //Return status code
415  return error;
416 }
417 
418 #endif
419 #if (EC_SUPPORT == ENABLED)
420 
421 /**
422  * @brief Import scalar
423  * @param[in] dest Pointer to the operand
424  * @param[in] length Length of the operand, in bits
425  * @param[in] src Pointer to the scalar
426  **/
427 
428 void eccImportScalar(volatile uint32_t *dest, uint_t length, const uint32_t *src)
429 {
430  uint_t i;
431 
432  //Get the length of the operand, in words
433  length = (length + 31) / 32;
434 
435  //Copy the scalar to the CRYPTO peripheral
436  for(i = 0; i < length; i++)
437  {
438  dest[i] = src[i];
439  }
440 }
441 
442 
443 /**
444  * @brief Export scalar
445  * @param[in] src Pointer to the operand
446  * @param[in] length Length of the operand, in bits
447  * @param[out] dest Pointer to the scalar
448  **/
449 
450 void eccExportScalar(volatile uint32_t *src, uint_t length, uint32_t *dest)
451 {
452  uint_t i;
453 
454  //Get the length of the operand, in words
455  length = (length + 31) / 32;
456 
457  //Copy the scalar from the CRYPTO peripheral
458  for(i = 0; i < length; i++)
459  {
460  dest[i] = src[i];
461  }
462 }
463 
464 
465 /**
466  * @brief Scalar multiplication (fast calculation)
467  * @param[in] curve Elliptic curve parameters
468  * @param[out] r Resulting point R = d.S
469  * @param[in] d An integer d such as 0 <= d < p
470  * @param[in] s EC point
471  * @return Error code
472  **/
473 
474 error_t ecMulFast(const EcCurve *curve, EcPoint3 *r, const uint32_t *d,
475  const EcPoint3 *s)
476 {
477  //Compute R = d.S
478  return ecMulRegular(curve, r, d, s);
479 }
480 
481 
482 /**
483  * @brief Scalar multiplication (regular calculation)
484  * @param[in] curve Elliptic curve parameters
485  * @param[out] r Resulting point R = d.S
486  * @param[in] d An integer d such as 0 <= d < q
487  * @param[in] s EC point
488  * @return Error code
489  **/
490 
491 error_t ecMulRegular(const EcCurve *curve, EcPoint3 *r, const uint32_t *d,
492  const EcPoint3 *s)
493 {
494  error_t error;
495  uint_t modLen;
496  uint_t orderLen;
497 
498  //Get the length of the modulus, in bits
499  modLen = curve->fieldSize;
500  //Get the length of the order, in bits
501  orderLen = curve->orderSize;
502 
503  //Check the length of the operands
504  if(modLen <= 576 && orderLen <= 576)
505  {
506  //Acquire exclusive access to the CRYPTO module
507  osAcquireMutex(&m2354CryptoMutex);
508 
509  //Reset CRYPTO controller
510  SYS->IPRST0 |= SYS_IPRST0_CRPTRST_Msk;
511  SYS->IPRST0 &= ~SYS_IPRST0_CRPTRST_Msk;
512 
513  //Load input arguments
514  eccImportScalar(CRPT->ECC_N, modLen, curve->p);
515  eccImportScalar(CRPT->ECC_A, modLen, curve->a);
516  eccImportScalar(CRPT->ECC_B, modLen, curve->b);
517  eccImportScalar(CRPT->ECC_K, orderLen, d);
518  eccImportScalar(CRPT->ECC_X1, modLen, s->x);
519  eccImportScalar(CRPT->ECC_Y1, modLen, s->y);
520  eccImportScalar(CRPT->ECC_X2, orderLen, curve->q);
521 
522  //Set up a point multiplication operation
523  CRPT->ECC_CTL = (modLen << CRPT_ECC_CTL_CURVEM_Pos) |
524  CRPT_ECC_CTL_SCAP_Msk | (0 << CRPT_ECC_CTL_ECCOP_Pos) |
525  CRPT_ECC_CTL_FSEL_Msk;
526 
527  //Clear ECC interrupt flag
528  CRPT->INTSTS = CRPT_INTSTS_ECCIF_Msk;
529  //Start operation
530  CRPT->ECC_CTL |= CRPT_ECC_CTL_START_Msk;
531 
532  //Wait for the operation to complete
533  while((CRPT->INTSTS & CRPT_INTSTS_ECCIF_Msk) == 0)
534  {
535  }
536 
537  //Copy the x-coordinate of the result
538  ecScalarSetInt(r->x, 0, EC_MAX_MODULUS_SIZE);
539  eccExportScalar(CRPT->ECC_X1, modLen, r->x);
540 
541  //Copy the y-coordinate of the result
542  ecScalarSetInt(r->y, 0, EC_MAX_MODULUS_SIZE);
543  eccExportScalar(CRPT->ECC_Y1, modLen, r->y);
544 
545  //Set the z-coordinate of the result
546  ecScalarSetInt(r->z, 1, EC_MAX_MODULUS_SIZE);
547 
548  //Release exclusive access to the CRYPTO module
549  osReleaseMutex(&m2354CryptoMutex);
550 
551  //Successful processing
552  error = NO_ERROR;
553  }
554  else
555  {
556  //Report an error
557  error = ERROR_FAILURE;
558  }
559 
560  //Return status code
561  return error;
562 }
563 
564 
565 /**
566  * @brief Twin multiplication
567  * @param[in] curve Elliptic curve parameters
568  * @param[out] r Resulting point R = d0.S + d1.T
569  * @param[in] d0 An integer d such as 0 <= d0 < p
570  * @param[in] s EC point
571  * @param[in] d1 An integer d such as 0 <= d1 < p
572  * @param[in] t EC point
573  * @return Error code
574  **/
575 
576 error_t ecTwinMul(const EcCurve *curve, EcPoint3 *r, const uint32_t *d0,
577  const EcPoint3 *s, const uint32_t *d1, const EcPoint3 *t)
578 {
579  error_t error;
580  EcPoint3 u;
581 #if (CRYPTO_STATIC_MEM_SUPPORT == DISABLED)
582  EcState *state;
583 #else
584  EcState state[1];
585 #endif
586 
587 #if (CRYPTO_STATIC_MEM_SUPPORT == DISABLED)
588  //Allocate working state
589  state = cryptoAllocMem(sizeof(EcState));
590  //Failed to allocate memory?
591  if(state == NULL)
592  return ERROR_OUT_OF_MEMORY;
593 #endif
594 
595  //Initialize working state
596  osMemset(state, 0, sizeof(EcState));
597  //Save elliptic curve parameters
598  state->curve = curve;
599 
600  //Compute d0.S
601  error = ecMulFast(curve, r, d0, s);
602 
603  //Check status code
604  if(!error)
605  {
606  //Compute d1.T
607  error = ecMulFast(curve, &u, d1, t);
608  }
609 
610  //Check status code
611  if(!error)
612  {
613  //Compute d0.S + d1.T
614  ecFullAdd(state, r, r, &u);
615  }
616 
617  //Return status code
618  return error;
619 }
620 
621 #endif
622 #endif
ERROR_OUT_OF_RANGE
@ ERROR_OUT_OF_RANGE
Definition: error.h:138
RsaPrivateKey::p
Mpi p
First factor.
Definition: rsa.h:72
a
uint8_t a
Definition: ndp.h:411
Mpi
Arbitrary precision integer.
Definition: mpi.h:102
p
uint8_t p
Definition: ndp.h:300
t
uint8_t t
Definition: lldp_ext_med.h:212
M2354RsaArgs::m
uint32_t m[128]
Definition: m2354_crypto_pkc.h:56
ecFullAdd
void ecFullAdd(EcState *state, EcPoint3 *r, const EcPoint3 *s, const EcPoint3 *t)
Point addition.
Definition: ec.c:1094
rsadp
error_t rsadp(const RsaPrivateKey *key, const Mpi *c, Mpi *m)
RSA decryption primitive.
Definition: m2354_crypto_pkc.c:311
M2354RsaArgs::e
uint32_t e[128]
Definition: m2354_crypto_pkc.h:58
RsaPrivateKey::n
Mpi n
Modulus.
Definition: rsa.h:69
ERROR_OUT_OF_MEMORY
@ ERROR_OUT_OF_MEMORY
Definition: error.h:63
mpiInit
void mpiInit(Mpi *r)
Initialize a multiple precision integer.
Definition: mpi.c:48
RsaPrivateKey::d
Mpi d
Private exponent.
Definition: rsa.h:71
r
uint8_t r
Definition: ndp.h:346
mpiMod
error_t mpiMod(Mpi *r, const Mpi *a, const Mpi *p)
Modulo operation.
Definition: mpi.c:1587
rsaExportMpi
error_t rsaExportMpi(uint32_t *src, uint_t length, Mpi *r)
Export multiple-precision integer.
Definition: m2354_crypto_pkc.c:92
ecMulRegular
error_t ecMulRegular(const EcCurve *curve, EcPoint3 *r, const uint32_t *d, const EcPoint3 *s)
Scalar multiplication (regular calculation)
Definition: m2354_crypto_pkc.c:491
mpiMul
error_t mpiMul(Mpi *r, const Mpi *a, const Mpi *b)
Multiple precision multiplication.
Definition: esp32_crypto_pkc.c:77
h
uint8_t h
Definition: ndp.h:302
ERROR_INVALID_PARAMETER
@ ERROR_INVALID_PARAMETER
Invalid parameter.
Definition: error.h:47
mpiSub
error_t mpiSub(Mpi *r, const Mpi *a, const Mpi *b)
Multiple precision subtraction.
Definition: mpi.c:969
error_t
error_t
Error codes.
Definition: error.h:43
m2354_crypto_pkc.h
M2354 public-key hardware accelerator.
mpiAdd
error_t mpiAdd(Mpi *r, const Mpi *a, const Mpi *b)
Multiple precision addition.
Definition: mpi.c:891
ERROR_FAILURE
@ ERROR_FAILURE
Generic error code.
Definition: error.h:45
ecScalarSetInt
void ecScalarSetInt(uint32_t *a, uint32_t b, uint_t n)
Set integer value.
Definition: ec_misc.c:505
RsaPrivateKey::q
Mpi q
Second factor.
Definition: rsa.h:73
eccExportScalar
void eccExportScalar(volatile uint32_t *src, uint_t length, uint32_t *dest)
Export scalar.
Definition: m2354_crypto_pkc.c:450
ec_misc.h
Helper routines for ECC.
crypto.h
General definitions for cryptographic algorithms.
rsa.h
RSA public-key cryptography standard.
M2354RsaArgs
RSA primitive arguments.
Definition: m2354_crypto_pkc.h:55
u
uint8_t u
Definition: lldp_ext_med.h:213
length
uint8_t length
Definition: tcp.h:375
M2354RsaArgs::r
uint32_t r[128]
Definition: m2354_crypto_pkc.h:59
RsaPrivateKey::qinv
Mpi qinv
CRT coefficient.
Definition: rsa.h:76
RsaPrivateKey::dq
Mpi dq
Second factor's CRT exponent.
Definition: rsa.h:75
ecTwinMul
error_t ecTwinMul(const EcCurve *curve, EcPoint3 *r, const uint32_t *d0, const EcPoint3 *s, const uint32_t *d1, const EcPoint3 *t)
Twin multiplication.
Definition: m2354_crypto_pkc.c:576
mpiGetLength
uint_t mpiGetLength(const Mpi *a)
Get the actual length in words.
Definition: mpi.c:188
EcState::curve
const EcCurve * curve
Definition: ec.h:446
EcState
Working state (point addition/subtraction/doubling)
Definition: ec.h:445
m
uint8_t m
Definition: ndp.h:304
n
uint8_t n
Definition: dhcpv6_common.h:416
RsaPrivateKey
RSA private key.
Definition: rsa.h:68
osAcquireMutex
void osAcquireMutex(OsMutex *mutex)
Acquire ownership of the specified mutex object.
Definition: os_port_chibios.c:396
EcPoint3
EC point (projective coordinates)
Definition: ec.h:409
osReleaseMutex
void osReleaseMutex(OsMutex *mutex)
Release ownership of the specified mutex object.
Definition: os_port_chibios.c:408
eccImportScalar
void eccImportScalar(volatile uint32_t *dest, uint_t length, const uint32_t *src)
Import scalar.
Definition: m2354_crypto_pkc.c:428
M2354RsaArgs::n
uint32_t n[128]
Definition: m2354_crypto_pkc.h:57
m2354CryptoMutex
OsMutex m2354CryptoMutex
Definition: m2354_crypto.c:42
mpiExpModFast
error_t mpiExpModFast(Mpi *r, const Mpi *a, const Mpi *e, const Mpi *p)
Modular exponentiation (fast calculation)
Definition: m2354_crypto_pkc.c:142
rsaImportMpi
void rsaImportMpi(uint32_t *dest, uint_t length, const Mpi *a)
Import multiple-precision integer.
Definition: m2354_crypto_pkc.c:59
ecMulFast
error_t ecMulFast(const EcCurve *curve, EcPoint3 *r, const uint32_t *d, const EcPoint3 *s)
Scalar multiplication (fast calculation)
Definition: m2354_crypto_pkc.c:474
cryptoAllocMem
#define cryptoAllocMem(size)
Definition: crypto.h:821
s
uint8_t s
Definition: igmp_common.h:234
m2354_crypto.h
M2354 hardware cryptographic accelerator.
EcCurve
#define EcCurve
Definition: ec.h:346
mpiComp
int_t mpiComp(const Mpi *a, const Mpi *b)
Compare two multiple precision integers.
Definition: mpi.c:358
RsaPrivateKey::dp
Mpi dp
First factor's CRT exponent.
Definition: rsa.h:74
mpiCompInt
int_t mpiCompInt(const Mpi *a, mpi_sword_t b)
Compare a multiple precision integer with an integer.
Definition: mpi.c:429
uint_t
unsigned int uint_t
Definition: compiler_port.h:57
osMemset
#define osMemset(p, value, length)
Definition: os_port.h:138
mpiMulMod
error_t mpiMulMod(Mpi *r, const Mpi *a, const Mpi *b, const Mpi *p)
Modular multiplication.
Definition: mimxrt1160_crypto_pkc.c:63
ec.h
ECC (Elliptic Curve Cryptography)
mpiGrow
error_t mpiGrow(Mpi *r, uint_t size)
Adjust the size of multiple precision integer.
Definition: mpi.c:102
mpiExpMod
error_t mpiExpMod(Mpi *r, const Mpi *a, const Mpi *e, const Mpi *p)
Modular exponentiation.
Definition: esp32_crypto_pkc.c:204
EC_MAX_MODULUS_SIZE
#define EC_MAX_MODULUS_SIZE
Definition: ec.h:284
NO_ERROR
@ NO_ERROR
Success.
Definition: error.h:44
mpiExpModRegular
error_t mpiExpModRegular(Mpi *r, const Mpi *a, const Mpi *e, const Mpi *p)
Modular exponentiation (regular calculation)
Definition: m2354_crypto_pkc.c:224
c
uint8_t c
Definition: ndp.h:514
debug.h
Debugging facilities.
mpiGetByteLength
uint_t mpiGetByteLength(const Mpi *a)
Get the actual length in bytes.
Definition: mpi.c:215
mpiFree
void mpiFree(Mpi *r)
Release a multiple precision integer.
Definition: mpi.c:64