123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285 |
- /**
- * Copyright (c) 2018 - 2020, Nordic Semiconductor ASA
- *
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without modification,
- * are permitted provided that the following conditions are met:
- *
- * 1. Redistributions of source code must retain the above copyright notice, this
- * list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form, except as embedded into a Nordic
- * Semiconductor ASA integrated circuit in a product or a software update for
- * such product, must reproduce the above copyright notice, this list of
- * conditions and the following disclaimer in the documentation and/or other
- * materials provided with the distribution.
- *
- * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
- * contributors may be used to endorse or promote products derived from this
- * software without specific prior written permission.
- *
- * 4. This software, with or without modification, must only be used with a
- * Nordic Semiconductor ASA integrated circuit.
- *
- * 5. Any software provided in binary form under this license must not be reverse
- * engineered, decompiled, modified and/or disassembled.
- *
- * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
- * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
- * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
- #ifndef NRF_CRYPTO_RNG_H__
- #define NRF_CRYPTO_RNG_H__
- /** @file
- *
- * @defgroup nrf_crypto_rng RNG related functions
- * @{
- * @ingroup nrf_crypto
- *
- * @brief RNG related functions
- *
- * @details There are two available RNG backends:
- * - ARM CryptoCell CC310 (default for devices with CC310).
- * - nRF HW RNG peripheral.
- * * CTR-DRBG mode - nRF HW RNG used for seeding mbed TLS CTR-DRBG (default for
- * devices without CC310).
- * * Raw mode - all data is generated by the nRF HW RNG.
- *
- * The CC310 backend meets the standards NIST 800-90B3 and AIS-31 (Class “P2 High”), and
- * should be preferred in most cases on devices that includes the CC310 core. Devices that
- * do not include CC310 should normally use the nRF HW RNG with mbed TLS CTR-DRBG. The
- * mbed TLS CTR-DRBG code is standardized by NIST (SP 800-90A Rev. 1).
- */
- #include "sdk_common.h"
- #include "nrf_crypto_error.h"
- #include "nrf_crypto_rng_shared.h"
- #include "nrf_crypto_rng_backend.h"
- #ifdef __cplusplus
- extern "C" {
- #endif
- /**
- * @brief Context type for RNG.
- *
- * @note The actual type depend on the backend in use.
- */
- typedef nrf_crypto_backend_rng_context_t nrf_crypto_rng_context_t;
- /**
- * @brief Temporary work buffer type for RNG.
- *
- * @details Only needed during initializing. Can be freed when @ref nrf_crypto_rng_init has
- * returned. Not needed if @ref NRF_CRYPTO_RNG_STATIC_MEMORY_BUFFERS_ENABLED is enabled
- * in @ref sdk_config.
- *
- * @note The actual type depend on the backend in use.
- */
- typedef nrf_crypto_backend_rng_temp_buffer_t nrf_crypto_rng_temp_buffer_t;
- /**@brief Initialize the random number generator.
- *
- * @details This function has no effect when @ref NRF_CRYPTO_RNG_AUTO_INIT_ENABLED is enabled.
- *
- * @warning The p_temp_buffer is 6112 bytes when using the CC310 backend. Ensure that stack size
- * is sufficient if allocated on stack. Applications that use nRF HW RNG as backend or are
- * not RAM constrained can use internal static allocation of context and temporary buffers
- * (@ref NRF_CRYPTO_RNG_STATIC_MEMORY_BUFFERS_ENABLED).
- *
- * @note The context object can be reused without the need for a full reinitialization of the
- * backend in case of for example wakeup from system OFF, provided that the context is
- * located in a memory block that is retained. This only apply to the CC310 backend, and when
- * the context is allocated manually (NRF_CRYPTO_RNG_STATIC_MEMORY_BUFFERS_ENABLED disabled).
- *
- * @param[in] p_context Pointer to context memory. The context will be managed
- * internally, and the pointer is not used for subsequent calls to
- * the nrf_crypto_rng API. The context memory is needed until
- * @ref nrf_crypto_rng_uninit is called, so it should normally not
- * be on the stack. Use NULL if
- * @ref NRF_CRYPTO_RNG_STATIC_MEMORY_BUFFERS_ENABLED is enabled
- * in @ref sdk_config (recommended for most applications).
- *
- * @param[in,out] p_temp_buffer Temporary buffer needed during initialization of the backend. It
- * is not used after the return of this function, and can be freed
- * at that point. Buffer is allocated internally if the pointer is
- * NULL, using the allocated defined by @ref NRF_CRYPTO_ALLOCATOR
- * in @c sdk_config.h. Use NULL if
- * @ref NRF_CRYPTO_RNG_STATIC_MEMORY_BUFFERS_ENABLED is enabled
- * in @ref sdk_config (recommended for most applications).
- *
- * @retval NRF_SUCCESS If random number generator was initialized
- * successfully.
- * @retval NRF_ERROR_CRYPTO_NOT_INITIALIZED @ref nrf_crypto_init was not called prior to this
- * function.
- * @retval NRF_ERROR_CRYPTO_CONTEXT_NULL p_context was NULL.
- * @retval NRF_ERROR_CRYPTO_INTERNAL If an internal error occurred in the nrf_crypto
- * backend.
- * @retval NRF_ERROR_CRYPTO_ALLOC_FAILED Unable to allocate memory for the context or work
- * buffer.
- * @retval NRF_ERROR_CRYPTO_STACK_OVERFLOW Stack overflow detected. Typically caused by
- * allocating an instance of
- * @ref nrf_crypto_rng_temp_buffer_t
- * on the stack when using CC310 backend.
- * @retval NRF_ERROR_CRYPTO_BUSY RNG is busy. Rerun at a later time.
- */
- ret_code_t nrf_crypto_rng_init(nrf_crypto_rng_context_t * p_context,
- nrf_crypto_rng_temp_buffer_t * p_temp_buffer);
- /**@brief Uninitialize the random number generator.
- *
- * @retval NRF_SUCCESS If RNG was uninitialized successfully.
- * @retval NRF_ERROR_CRYPTO_CONTEXT_NOT_INITIALIZED RNG has not been initialized.
- * @retval NRF_ERROR_CRYPTO_INTERNAL If an internal error occurred in the
- * nrf_crypto backend.
- * @retval NRF_ERROR_CRYPTO_BUSY RNG is busy. Rerun at a later time.
- */
- ret_code_t nrf_crypto_rng_uninit(void);
- /**@brief Generate random data of given size.
- *
- * @details @ref nrf_crypto_rng_init must be called prior to this function unless
- * @ref NRF_CRYPTO_RNG_AUTO_INIT_ENABLED is enabled in @ref sdk_config.
- *
- * @param[in,out] p_target Buffer to hold the random generated data.
- * This buffer must be at least as large as the size parameter.
- * @param[in] size Length (in bytes) to generate random data for.
- *
- * @retval NRF_SUCCESS Data was generated successfully.
- * @retval NRF_ERROR_CRYPTO_NOT_INITIALIZED @ref nrf_crypto_init was not called prior to
- * this function.
- * @retval NRF_ERROR_CRYPTO_CONTEXT_NOT_INITIALIZED @ref nrf_crypto_rng_init was not called
- * prior to this function and
- * @ref NRF_CRYPTO_RNG_AUTO_INIT_ENABLED is
- * disabled.
- * @retval NRF_ERROR_CRYPTO_OUTPUT_NULL p_target was NULL.
- * @retval NRF_ERROR_CRYPTO_OUTPUT_LENGTH Size was 0 or larger than the backend
- * supports.
- * @retval NRF_ERROR_CRYPTO_INTERNAL If an internal error occurred in the
- * backend.
- * @retval NRF_ERROR_CRYPTO_STACK_OVERFLOW Stack overflow detected in
- * @ref nrf_crypto_rng_init when using auto
- * initialization. Typically caused by
- * allocating an instance of
- * @ref nrf_crypto_rng_temp_buffer_t
- * on the stack when using CC310 backend.
- * @retval NRF_ERROR_CRYPTO_BUSY RNG is busy. Rerun at a later time.
- */
- ret_code_t nrf_crypto_rng_vector_generate(uint8_t * const p_target, size_t size);
- /**@brief Generate a vector of constrained random data of given size, between the specified min
- * and max values.
- *
- * @details @ref nrf_crypto_rng_init must be called prior to this function unless
- * @ref NRF_CRYPTO_RNG_AUTO_INIT_ENABLED is enabled in @ref sdk_config.
- *
- * All vectors are in big-endian format, with the most significant byte as the first
- * element / lowest address.
- *
- * @note This function may execute for a long time if the window between p_min and p_max is small.
- *
- * @param[in,out] p_target Buffer to hold the random generated data.
- * This buffer must be at least as large as the size parameter.
- * @param[in] p_min Byte array defining the lower limit of the random vector.
- * @param[in] p_max Byte array defining the upper limit of the random vector.
- * @param[in] size Length (in bytes) to generate random data for. Note that all three
- * buffers (p_target, p_min and p_max) must be of this size.
- *
- * @retval NRF_SUCCESS Data was generated successfully.
- * @retval NRF_ERROR_CRYPTO_NOT_INITIALIZED @ref nrf_crypto_init was not called prior to
- * this function.
- * @retval NRF_ERROR_CRYPTO_CONTEXT_NOT_INITIALIZED @ref nrf_crypto_rng_init was not called
- * prior to this function and
- * @ref NRF_CRYPTO_RNG_AUTO_INIT_ENABLED is
- * disabled.
- * @retval NRF_ERROR_CRYPTO_OUTPUT_NULL p_target was NULL.
- * @retval NRF_ERROR_CRYPTO_INPUT_NULL p_min or p_max was NULL.
- * @retval NRF_ERROR_CRYPTO_OUTPUT_LENGTH Size was 0 or larger than the backend
- * supports.
- * @retval NRF_ERROR_CRYPTO_INTERNAL If an internal error occurred in the
- * backend.
- * @retval NRF_ERROR_CRYPTO_STACK_OVERFLOW Stack overflow detected in
- * @ref nrf_crypto_rng_init when using auto
- * initialization. Typically caused by
- * allocating an instance of
- * @ref nrf_crypto_rng_temp_buffer_t
- * on the stack when using CC310 backend.
- * @retval NRF_ERROR_CRYPTO_BUSY RNG is busy. Rerun at a later time.
- */
- ret_code_t nrf_crypto_rng_vector_generate_in_range(uint8_t * const p_target,
- uint8_t const * const p_min,
- uint8_t const * const p_max,
- size_t size);
- /**
- * @brief This function is used for reseeding the RNG with additional entropy.
- *
- * @details The backends will reseed automatically when required. This function can be used to
- * reseed at specific times and to provide additional data that is used to add personalized
- * randomness.
- *
- * @note Reseeding is not supported if using the nRF HW RNG backend without mbed TLS CTR-DRBG
- * (NRF_CRYPTO_BACKEND_NRF_HW_RNG_MBEDTLS_CTR_DRBG_ENABLED disabled in sdk_config.h).
- *
- * @warning The p_temp_buffer is 6112 bytes when the CC310 backend is used. Ensure that stack size
- * is sufficient if allocated on stack.
- *
- * @param[in,out] p_temp_buffer Temporary buffer needed during reseeding. It
- * is not used after the return of this function, and can be freed
- * at that point. Buffer is allocated internally if the pointer is
- * NULL, using the allocated defined by @ref NRF_CRYPTO_ALLOCATOR
- * in @c sdk_config.h. Use NULL if
- * @ref NRF_CRYPTO_RNG_STATIC_MEMORY_BUFFERS_ENABLED is enabled
- * in @ref sdk_config (recommended for most applications).
- * @param[in] p_input_data Optional input data used to increase the entropy.
- * @param[in] size Length of input data. Must be 0, 4, 8 or 12 for CC310.
- *
- * @retval NRF_SUCCESS Data was generated successfully.
- * @retval NRF_ERROR_CRYPTO_NOT_INITIALIZED @ref nrf_crypto_init was not called prior to
- * this function.
- * @retval NRF_ERROR_CRYPTO_CONTEXT_NOT_INITIALIZED @ref nrf_crypto_rng_init was not called
- * prior to this function and
- * @ref NRF_CRYPTO_RNG_AUTO_INIT_ENABLED is
- * disabled.
- * @retval NRF_ERROR_CRYPTO_INPUT_NULL p_temp_buffer was NULL or p_input_data was
- * NULL and size > 0 .
- * @retval NRF_ERROR_CRYPTO_INPUT_LENGTH Invalid input data size.
- * @retval NRF_ERROR_CRYPTO_FEATURE_UNAVAILABLE Reseeding not supported by backend.
- * @retval NRF_ERROR_CRYPTO_INTERNAL If an internal error occurred in the
- * backend.
- * @retval NRF_ERROR_CRYPTO_STACK_OVERFLOW Stack overflow detected. Typically caused by
- * allocating an instance of
- * @ref nrf_crypto_rng_temp_buffer_t
- * on the stack when using CC310 backend.
- * @retval NRF_ERROR_CRYPTO_BUSY RNG is busy. Rerun at a later time.
- */
- ret_code_t nrf_crypto_rng_reseed(nrf_crypto_rng_temp_buffer_t * p_temp_buffer,
- uint8_t * p_input_data,
- size_t size);
- #ifdef __cplusplus
- }
- #endif
- /**@} */
- #endif // NRF_CRYPTO_RNG_H__
|