Merge pull request DotBots#282 from aabadie/crypto_sw

crypto: add software sha256 and ed25519

Makefile

@@ -64,28 +64,24 @@ TESTBED_APPS ?= $(shell find testbed/ -maxdepth 1 -mindepth 1 -type d | tr -d "/
 
 # remove incompatible apps (nrf5340, sailbot gateway) for dotbot (v1, v2) builds
 ifneq (,$(filter dotbot-v1,$(BUILD_TARGET)))
-  PROJECTS := $(filter-out 01bsp_qdec 01crypto_% 01drv_lis3mdl 01drv_move 03app_dotbot_gateway 03app_dotbot_gateway_lr 03app_sailbot 03app_nrf5340_%,$(PROJECTS))
+  PROJECTS := $(filter-out 01bsp_qdec 01drv_lis3mdl 01drv_move 03app_dotbot_gateway 03app_dotbot_gateway_lr 03app_sailbot 03app_nrf5340_%,$(PROJECTS))
   ARTIFACT_PROJECTS := 03app_dotbot
   TESTBED_APPS := $(filter-out bootloader partition0 partition1,$(TESTBED_APPS))
 endif
 
 ifneq (,$(filter dotbot-v2,$(BUILD_TARGET)))
-  PROJECTS := $(filter-out 01crypto_% 03app_dotbot_gateway 03app_dotbot_gateway_lr 03app_sailbot 03app_nrf5340_net,$(PROJECTS))
+  PROJECTS := $(filter-out 03app_dotbot_gateway 03app_dotbot_gateway_lr 03app_sailbot 03app_nrf5340_net,$(PROJECTS))
   ARTIFACT_PROJECTS := 03app_dotbot
   TESTBED_APPS := $(filter-out bootloader partition0 partition1,$(TESTBED_APPS))
 endif
 
 # remove incompatible apps (nrf5340, dotbot, gateway) for sailbot-v1 build
 ifeq (sailbot-v1,$(BUILD_TARGET))
-  PROJECTS := $(filter-out 01bsp_qdec 01crypto_% 01drv_lis3mdl 01drv_move 03app_dotbot_gateway 03app_dotbot_gateway_lr 03app_dotbot 03app_nrf5340_%,$(PROJECTS))
+  PROJECTS := $(filter-out 01bsp_qdec 01drv_lis3mdl 01drv_move 03app_dotbot_gateway 03app_dotbot_gateway_lr 03app_dotbot 03app_nrf5340_%,$(PROJECTS))
   ARTIFACT_PROJECTS := 03app_sailbot
   TESTBED_APPS := $(filter-out bootloader partition0 partition1,$(TESTBED_APPS))
 endif
 
-ifneq (,$(filter nrf52833dk,$(BUILD_TARGET)))
-  PROJECTS := $(filter-out 01crypto_%,$(PROJECTS))
-endif
-
 # remove incompatible apps (nrf5340) for nrf52833dk/nrf52840dk build
 ifneq (,$(filter nrf52833dk nrf52840dk,$(BUILD_TARGET)))
   PROJECTS := $(filter-out 01bsp_qdec 01drv_move 03app_nrf5340_%,$(PROJECTS))

crypto/README.md

@@ -0,0 +1,16 @@
+## Software implementation
+
+### ed25519 signature implementation
+
+Source: https://github.com/ncme/c25519
+License: Public Domain
+Credits: Daniel Beer <[email protected]>
+
+### SHA256 hash implementation
+
+Source: https://github.com/B-Con/crypto-algorithms
+License: Public Domain
+Credits: Brad Conte (brad AT bradconte.com)
+
+Algorithm specification can be found at
+http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf

crypto/crypto.emProject

@@ -13,6 +13,16 @@
       project_type="Library" />
     <file file_name="ed25519.c" />
     <file file_name="ed25519.h" />
+    <file file_name="soft_ed25519.c" />
+    <file file_name="soft_ed25519.h" />
+    <file file_name="soft_edsign.c" />
+    <file file_name="soft_edsign.h" />
+    <file file_name="soft_f25519.c" />
+    <file file_name="soft_f25519.h" />
+    <file file_name="soft_fprime.c" />
+    <file file_name="soft_fprime.h" />
+    <file file_name="soft_sha512.c" />
+    <file file_name="soft_sha512.h" />
   </project>
   <project Name="00crypto_sha256">
     <configuration
@@ -22,5 +32,7 @@
       project_type="Library" />
     <file file_name="sha256.c" />
     <file file_name="sha256.h" />
+    <file file_name="soft_sha256.c" />
+    <file file_name="soft_sha256.h" />
   </project>
 </solution>

crypto/ed25519.c

@@ -16,11 +16,16 @@
 #include "ed25519.h"
 #include "utils.h"
 
+#if defined(USE_CRYPTOCELL)
 #include "nrf_cc310/include/crys_ec_edw_api.h"
+#else
+#include "soft_edsign.h"
+#endif
 
 size_t crypto_ed25519_sign(uint8_t *signature, const uint8_t *data, size_t data_len, const uint8_t *private_key, const uint8_t *public_key) {
+    size_t signature_len = 64;
+#if defined(USE_CRYPTOCELL)
     CRYS_ECEDW_TempBuff_t tmp;
-    size_t                signature_len                                                           = 64;
     uint8_t               secret_key[CRYS_ECEDW_ORD_SIZE_IN_BYTES + CRYS_ECEDW_MOD_SIZE_IN_BYTES] = { 0 };
     uint8_t               secret_key_len                                                          = CRYS_ECEDW_ORD_SIZE_IN_BYTES + CRYS_ECEDW_MOD_SIZE_IN_BYTES;
 
@@ -33,13 +38,23 @@ size_t crypto_ed25519_sign(uint8_t *signature, const uint8_t *data, size_t data_
         return 0;
     }
     return signature_len;
+#else
+    edsign_sign(signature, public_key, private_key, data, data_len);
+    return signature_len;
+#endif
 }
 
 bool crypto_ed25519_verify(const uint8_t *signature, size_t signature_len, const uint8_t *data, size_t data_len, const uint8_t *public_key) {
+#if defined(USE_CRYPTOCELL)
     CRYS_ECEDW_TempBuff_t tmp;
     crypto_enable_cryptocell();
     CRYSError_t result = CRYS_ECEDW_Verify(signature, signature_len, public_key, CRYS_ECEDW_MOD_SIZE_IN_BYTES, (uint8_t *)data, data_len, &tmp);
     crypto_disable_cryptocell();
 
     return result == CRYS_OK;
+#else
+    (void)signature_len;
+    uint8_t result = edsign_verify(signature, public_key, data, data_len);
+    return result != 0;
+#endif
 }

crypto/sha256.c

@@ -15,24 +15,42 @@
 #include "sha256.h"
 #include "utils.h"
 
+#if defined(USE_CRYPTOCELL)
 #include "nrf_cc310/include/crys_hash.h"
 
 static CRYS_HASHUserContext_t _hash_context;
+#else
+#include "soft_sha256.h"
+
+static SHA256_CTX _hash_context;
+#endif
 
 void crypto_sha256_init(void) {
+#if defined(USE_CRYPTOCELL)
     crypto_enable_cryptocell();
     CRYS_HASH_Init(&_hash_context, CRYS_HASH_SHA256_mode);
     crypto_disable_cryptocell();
+#else
+    sha256_init(&_hash_context);
+#endif
 }
 
 void crypto_sha256_update(const uint8_t *data, size_t len) {
+#if defined(USE_CRYPTOCELL)
     crypto_enable_cryptocell();
     CRYS_HASH_Update(&_hash_context, (uint8_t *)data, len);
     crypto_disable_cryptocell();
+#else
+    sha256_update(&_hash_context, (uint8_t *)data, len);
+#endif
 }
 
 void crypto_sha256(uint8_t *digest) {
+#if defined(USE_CRYPTOCELL)
     crypto_enable_cryptocell();
     CRYS_HASH_Finish(&_hash_context, (uint32_t *)digest);
     crypto_disable_cryptocell();
+#else
+    sha256_final(&_hash_context, (BYTE *)digest);
+#endif
 }