From 39bc73acb0c6618df71914c96528c5ec1fe37d11 Mon Sep 17 00:00:00 2001 From: tdejoigny-ledger Date: Mon, 29 May 2023 17:00:12 +0200 Subject: [PATCH 1/9] Deprecate all cx throwable functions (cherry picked from commit 67041d68ba389b55e8a60d0a790d255330b48c0b) --- include/decorators.h | 4 + include/os_utils.h | 8 +- lib_cxng/include/lcx_aes.h | 122 ++----------- lib_cxng/include/lcx_blake2.h | 49 +---- lib_cxng/include/lcx_des.h | 118 +----------- lib_cxng/include/lcx_ecdh.h | 40 +---- lib_cxng/include/lcx_ecdsa.h | 48 +---- lib_cxng/include/lcx_ecfp.h | 296 +++--------------------------- lib_cxng/include/lcx_ecschnorr.h | 50 +----- lib_cxng/include/lcx_eddsa.h | 53 +----- lib_cxng/include/lcx_groestl.h | 16 +- lib_cxng/include/lcx_hash.h | 36 +--- lib_cxng/include/lcx_hmac.h | 117 ++---------- lib_cxng/include/lcx_math.h | 298 ++++--------------------------- lib_cxng/include/lcx_pbkdf2.h | 32 +--- lib_cxng/include/lcx_rsa.h | 222 ++--------------------- lib_cxng/include/lcx_sha3.h | 132 ++------------ 17 files changed, 161 insertions(+), 1480 deletions(-) diff --git a/include/decorators.h b/include/decorators.h index a471f080d..8be37270d 100644 --- a/include/decorators.h +++ b/include/decorators.h @@ -62,3 +62,7 @@ #ifndef WARN_UNUSED_RESULT #define WARN_UNUSED_RESULT __attribute__ ((warn_unused_result)) #endif + +#ifndef DEPRECATED + #define DEPRECATED __attribute__ ((deprecated)) +#endif diff --git a/include/os_utils.h b/include/os_utils.h index d41d5e334..d317da4e2 100644 --- a/include/os_utils.h +++ b/include/os_utils.h @@ -79,10 +79,10 @@ char os_secure_memcmp(const void *src1, const void* src2, size_t length); #define offsetof(type, field) ((unsigned int)&(((type*)NULL)->field)) #endif -void *os_memmove(void *dest, const void *src, size_t n) __attribute__((deprecated)); -void *os_memcpy(void *dest, const void *src, size_t n) __attribute__((deprecated)); -int os_memcmp(const void *s1, const void *s2, size_t n) __attribute__((deprecated)); -void *os_memset(void *s, int c, size_t n) __attribute__((deprecated)); +void *os_memmove(void *dest, const void *src, size_t n) DEPRECATED; +void *os_memcpy(void *dest, const void *src, size_t n) DEPRECATED; +int os_memcmp(const void *s1, const void *s2, size_t n) DEPRECATED; +void *os_memset(void *s, int c, size_t n) DEPRECATED; // This call will reset the value of the entire BSS segment void os_explicit_zero_BSS_segment(void); diff --git a/lib_cxng/include/lcx_aes.h b/lib_cxng/include/lcx_aes.h index bc2e15b83..5d5e7f17f 100644 --- a/lib_cxng/include/lcx_aes.h +++ b/lib_cxng/include/lcx_aes.h @@ -56,27 +56,12 @@ */ cx_err_t cx_aes_init_key_no_throw(const uint8_t *rawkey, size_t key_len, cx_aes_key_t *key); + /** - * @brief Initializes an AES Key. - * - * @details Once initialized, the key can be stored in non-volatile memory - * and directly used for any AES processing. - * This function throws an exception if the initialization fails. - * - * @warning It is recommended to use #cx_aes_init_key_no_throw rather - * than this function. - * - * @param[in] rawkey Pointer to the supplied key. - * - * @param[in] key_len Length of the key: 16, 24 or 32 octets. - * - * @param[out] key Pointer to the key structure. This must not be NULL. - * - * @return Length of the key. - * - * @throw CX_INVALID_PARAMETER + * @deprecated + * See #cx_aes_init_key_no_throw */ -static inline size_t cx_aes_init_key ( const unsigned char * rawkey, unsigned int key_len, cx_aes_key_t * key ) +DEPRECATED static inline size_t cx_aes_init_key ( const unsigned char * rawkey, unsigned int key_len, cx_aes_key_t * key ) { CX_THROW(cx_aes_init_key_no_throw(rawkey, key_len, key)); return key_len; @@ -136,56 +121,10 @@ cx_err_t cx_aes_iv_no_throw(const cx_aes_key_t *key, size_t * out_len); /** - * @brief Encrypts, decrypts, signs or verifies data with AES algorithm. - * - * @details This function throws an exception if the computation - * doesn't succeed. - * - * @warning It is recommended to use #cx_aes_iv_no_throw rather than - * this function. - * - * @param[in] key Pointer to the key initialized with #cx_aes_init_key_no_throw. - * - * @param[in] mode Crypto mode flags - * Supported flags: - * - CX_LAST - * - CX_ENCRYPT - * - CX_DECRYPT - * - CX_SIGN - * - CX_VERIFY - * - CX_PAD_NONE - * - CX_PAD_ISO9797M1 - * - CX_PAD_ISO9797M2 - * - CX_CHAIN_ECB - * - CX_CHAIN_CBC - * - CX_CHAIN_CTR - * - * When using the CTR mode with AES, CX_ENCRYPT must be used for encryption - * and decryption. - * - * @param[in] iv Initialization vector. - * - * @param[in] iv_len Length of the initialization vector. - * - * @param[in] in Input data. - * - * @param[in] in_len Length of the input data. - * If CX_LAST is set, padding is automatically done according to the *mode*. - * Otherwise, *in_len* shall be a multiple of AES_BLOCK_SIZE. - * - * @param[out] out Output data according to the mode: - * - encrypted/decrypted output data - * - generated signature - * - signature to be verified - * - * @param[in] out_len Length of the output data. - * - * @return Length of the output. - * - * @throws CX_INVALID_PARAMETER - * @throws INVALID_PARAMETER + * @deprecated + * See #cx_aes_iv_no_throw */ -static inline size_t cx_aes_iv ( const cx_aes_key_t * key, uint32_t mode, unsigned char * iv, unsigned int iv_len, const unsigned char * in, unsigned int in_len, unsigned char * out, unsigned int out_len ) +DEPRECATED static inline size_t cx_aes_iv ( const cx_aes_key_t * key, uint32_t mode, unsigned char * iv, unsigned int iv_len, const unsigned char * in, unsigned int in_len, unsigned char * out, unsigned int out_len ) { size_t out_len_ = out_len; CX_THROW(cx_aes_iv_no_throw(key, mode, iv, iv_len, in, in_len, out, &out_len_)); @@ -235,51 +174,10 @@ static inline size_t cx_aes_iv ( const cx_aes_key_t * key, uint32_t mode, unsign cx_err_t cx_aes_no_throw(const cx_aes_key_t *key, uint32_t mode, const uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len); /** - * @brief Encrypts, decrypts, signs or verifies data with AES algorithm. - * - * @details Same as #cx_aes_iv_no_throw with initial IV assumed to be sixteen zeros. - * This function throws an exception if the computation - * doesn't succeed. - * - * @warning It is recommended to use #cx_aes_no_throw rather than this - * function. - * - * @param[in] key Pointer to the key initialized with - * #cx_aes_init_key_no_throw. - * - * @param[in] mode Crypto mode flags - * Supported flags: - * - CX_LAST - * - CX_ENCRYPT - * - CX_DECRYPT - * - CX_SIGN - * - CX_VERIFY - * - CX_PAD_NONE - * - CX_PAD_ISO9797M1 - * - CX_PAD_ISO9797M2 - * - CX_CHAIN_ECB - * - CX_CHAIN_CBC - * - CX_CHAIN_CTR - * - * @param[in] in Input data. - * - * @param[in] in_len Length of the input data. - * If CX_LAST is set, padding is automatically done according to the *mode*. - * Otherwise, *in_len* shall be a multiple of AES_BLOCK_SIZE. - * - * @param[out] out Output data according to the mode: - * - encrypted/decrypted output data - * - generated signature - * - signature to be verified - * - * @param[in] out_len Length of the output data. - * - * @return Length of the output. - * - * @throws CX_INVALID_PARAMETER - * @throws INVALID_PARAMETER + * @deprecated + * See #cx_aes_no_throw */ -static inline size_t cx_aes ( const cx_aes_key_t * key, uint32_t mode, const unsigned char * in, unsigned int in_len, unsigned char * out, unsigned int out_len ) +DEPRECATED static inline size_t cx_aes ( const cx_aes_key_t * key, uint32_t mode, const unsigned char * in, unsigned int in_len, unsigned char * out, unsigned int out_len ) { size_t out_len_ = out_len; CX_THROW(cx_aes_no_throw(key, mode, in, in_len, out, &out_len_)); diff --git a/lib_cxng/include/lcx_blake2.h b/lib_cxng/include/lcx_blake2.h index 732d3080c..9781e7191 100644 --- a/lib_cxng/include/lcx_blake2.h +++ b/lib_cxng/include/lcx_blake2.h @@ -81,24 +81,10 @@ typedef struct cx_blake2b_s cx_blake2b_t; cx_err_t cx_blake2b_init_no_throw(cx_blake2b_t *hash, size_t out_len); /** - * @brief Initializes BLAKE2b message digest context. - * - * @details This function throws an exception if the - * initialization fails. - * - * @warning It is recommended to use #cx_blake2b_init_no_throw - * rather than this function. - * - * @param[out] hash Pointer to the BLAKE2b context to initialize. - * The context shall be in RAM. - * - * @param[in] out_len Digest size in bits. - * - * @return BLAKE2b identifier. - * - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_blake2b_init_no_throw */ -static inline int cx_blake2b_init ( cx_blake2b_t * hash, unsigned int out_len ) +DEPRECATED static inline int cx_blake2b_init ( cx_blake2b_t * hash, unsigned int out_len ) { CX_THROW(cx_blake2b_init_no_throw(hash, out_len)); return CX_BLAKE2B; @@ -133,33 +119,10 @@ cx_err_t cx_blake2b_init2_no_throw(cx_blake2b_t *hash, size_t perso_len); /** - * @brief Initializes BLAKE2b message digest context with - * salt and personnalization string. - * - * @details This function throws an exception if the initialization - * fails. - * - * @warning It is recommended to use #cx_blake2b_init2_no_throw - * rather than this function. - * - * @param[out] hash Pointer to the BLAKE2b context to initialize. - * The context shall be in RAM. - * - * @param[in] out_len Digest size in bits. - * - * @param[in] salt Pointer to a salt (optional). - * - * @param[in] salt_len Length of the salt. - * - * @param[in] perso Pointer to a personalization string (optional). - * - * @param[in] perso_len Length of the personalization string. - * - * @return BLAKE2b identifier. - * - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_blake2b_init2_no_throw */ -static inline int cx_blake2b_init2 ( cx_blake2b_t * hash, unsigned int out_len, unsigned char * salt, unsigned int salt_len, unsigned char * perso, unsigned int perso_len ) +DEPRECATED static inline int cx_blake2b_init2 ( cx_blake2b_t * hash, unsigned int out_len, unsigned char * salt, unsigned int salt_len, unsigned char * perso, unsigned int perso_len ) { CX_THROW(cx_blake2b_init2_no_throw(hash, out_len, salt, salt_len, perso, perso_len)); return CX_BLAKE2B; diff --git a/lib_cxng/include/lcx_des.h b/lib_cxng/include/lcx_des.h index a98d112c4..3df4a1b40 100644 --- a/lib_cxng/include/lcx_des.h +++ b/lib_cxng/include/lcx_des.h @@ -66,27 +66,10 @@ cx_err_t cx_des_init_key_no_throw(const uint8_t *rawkey, size_t key_len, cx_des_key_t *key); /** - * @brief Initializes a DES key. - * - * @details Once initialized, the key can be stored in non-volatile memory - * and directly used for any DES processing. - * This function throws an exception if the initialization - * fails. - * - * @warning It is recommended to use #cx_des_init_key_no_throw rather - * than this function. - * - * @param[in] rawkey Pointer to the supplied key. - * - * @param[in] key_len Length of the key: 8, 16 or 24 octets. - * - * @param[out] key Pointer to the key structure. This must not be NULL. - * - * @return Length of the key. - * - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_des_init_key_no_throw */ -static inline size_t cx_des_init_key ( const unsigned char * rawkey, unsigned int key_len, cx_des_key_t * key ) +DEPRECATED static inline size_t cx_des_init_key ( const unsigned char * rawkey, unsigned int key_len, cx_des_key_t * key ) { CX_THROW(cx_des_init_key_no_throw(rawkey, key_len, key)); return key_len; @@ -144,54 +127,10 @@ cx_err_t cx_des_iv_no_throw(const cx_des_key_t *key, size_t * out_len); /** - * @brief Encrypts, decrypts, signs or verifies data with DES algorithm. - * - * @details This function throws an exception if the computation - * doesn't succeed. - * - * @warning It is recommended to use #cx_des_iv_no_throw rather - * than this function. - * - * @param[in] key Pointer to the key initialized with - * #cx_des_init_key_no_throw. - * - * @param[in] iv Initialization vector. - * - * @param[in] iv_len Length of the initialization vector. - * - * @param[in] mode Crypto mode flags. - * Supported flags: - * - CX_LAST - * - CX_ENCRYPT - * - CX_DECRYPT - * - CX_SIGN - * - CX_VERIFY - * - CX_PAD_NONE - * - CX_PAD_ISO9797M1 - * - CX_PAD_ISO9797M2 - * - CX_CHAIN_ECB - * - CX_CHAIN_CBC - * - CX_CHAIN_CTR - * - * @param[in] in Input data. - * - * @param[in] in_len Length of the input data. - * If CX_LAST is set, padding is automatically done according to the *mode*. - * Otherwise, *in_len* shall be a multiple of DES_BLOCK_SIZE. - * - * @param[out] out Output data according to the mode: - * - encrypted/decrypted output data - * - generated signature - * - signature to be verified - * - * @param[in] out_len Length of the output data. - * - * @return Length of the output. - * - * @throws CX_INVALID_PARAMETER - * @throws INVALID_PARAMETER + * @deprecated + * See #cx_des_iv_no_throw */ -static inline size_t cx_des_iv ( const cx_des_key_t * key, uint32_t mode, unsigned char * iv, unsigned int iv_len, const unsigned char * in, unsigned int in_len, unsigned char * out, unsigned int out_len ) +DEPRECATED static inline size_t cx_des_iv ( const cx_des_key_t * key, uint32_t mode, unsigned char * iv, unsigned int iv_len, const unsigned char * in, unsigned int in_len, unsigned char * out, unsigned int out_len ) { size_t out_len_ = out_len; CX_THROW(cx_des_iv_no_throw(key, mode, iv, iv_len, in, in_len, out, &out_len_)); @@ -239,49 +178,10 @@ static inline size_t cx_des_iv ( const cx_des_key_t * key, uint32_t mode, unsign cx_err_t cx_des_no_throw(const cx_des_key_t *key, uint32_t mode, const uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len); /** - * @brief Encrypts, decrypts, signs or verifies data with DES algorithm. - * - * @details This function throws an exception if the computation fails. - * - * @warning It is recommended to use #cx_des_no_throw rather than this - * function. - * - * @param[in] key Pointer to the key initialized with - * #cx_des_init_key_no_throw. - * - * @param[in] mode Crypto mode flags. - * Supported flags: - * - CX_LAST - * - CX_ENCRYPT - * - CX_DECRYPT - * - CX_SIGN - * - CX_VERIFY - * - CX_PAD_NONE - * - CX_PAD_ISO9797M1 - * - CX_PAD_ISO9797M2 - * - CX_CHAIN_ECB - * - CX_CHAIN_CBC - * - CX_CHAIN_CTR - * - * @param[in] in Input data. - * - * @param[in] in_len Length of the input data. - * If CX_LAST is set, padding is automatically done according to the *mode*. - * Otherwise, *in_len* shall be a multiple of DES_BLOCK_SIZE. - * - * @param[out] out Output data according to the mode: - * - encrypted/decrypted output data - * - generated signature - * - signature to be verified - * - * @param[in] out_len Length of the output data. - * - * @return Length of the output. - * - * @throws CX_INVALID_PARAMETER - * @throws INVALID_PARAMETER + * @deprecated + * See #cx_des_no_throw */ -static inline size_t cx_des ( const cx_des_key_t * key, uint32_t mode, const unsigned char * in, unsigned int in_len, unsigned char * out, unsigned int out_len ) +DEPRECATED static inline size_t cx_des ( const cx_des_key_t * key, uint32_t mode, const unsigned char * in, unsigned int in_len, unsigned char * out, unsigned int out_len ) { size_t out_len_ = out_len; CX_THROW(cx_des_no_throw(key, mode, in, in_len, out, &out_len_)); diff --git a/lib_cxng/include/lcx_ecdh.h b/lib_cxng/include/lcx_ecdh.h index 8d7780620..2b05f1013 100644 --- a/lib_cxng/include/lcx_ecdh.h +++ b/lib_cxng/include/lcx_ecdh.h @@ -80,44 +80,10 @@ cx_err_t cx_ecdh_no_throw(const cx_ecfp_private_key_t *pvkey, size_t secret_len); /** - * @brief Computes an ECDH shared secret. - * - * @details Depending on the mode, the shared secret is either the full point or - * only the *x* coordinate. - * This function throws an exception if the computation doesn't succeed. - * - * @warning It is recommended to use #cx_ecdh_no_throw rather than this function. - * - * @param[in] pvkey Private key. - * Shall be initialized with #cx_ecfp_init_private_key_no_throw. - * - * @param[in] mode Crypto mode flags. - * Supported flags: - * - CX_ECDH_POINT - * - CX_ECDH_X - * - * @param[in] P Pointer to the public key encoded as **04 || x || y**: - * *x* and *y* are encoded as big endian raw values - * and have a binary length equal to curve domain size. - * - * @param[in] P_len Length of the public key in octets. - * - * @param[out] secret Buffer where to store the shared secret (full or compressed). - * - * @param[in] secret_len Length of the buffer in octets. - * - * @return Length of the shared secret. - - * @throws CX_INVALID_PARAMETER - * @throws INVALID_PARAMETER - * @throws CX_EC_INVALID_CURVE - * @throws CX_MEMORY_FULL - * @throws CX_NOT_LOCKED - * @throws CX_EC_INVALID_POINT - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_EC_INFINITE_POINT + * @deprecated + * See #cx_ecdh_no_throw */ -static inline size_t cx_ecdh ( const cx_ecfp_private_key_t * pvkey, uint32_t mode, const unsigned char * P, unsigned int P_len, unsigned char * secret, unsigned int secret_len ) +DEPRECATED static inline size_t cx_ecdh ( const cx_ecfp_private_key_t * pvkey, uint32_t mode, const unsigned char * P, unsigned int P_len, unsigned char * secret, unsigned int secret_len ) { CX_THROW(cx_ecdh_no_throw(pvkey, mode, P, P_len, secret, secret_len)); diff --git a/lib_cxng/include/lcx_ecdsa.h b/lib_cxng/include/lcx_ecdsa.h index d16d29909..5d2f33fe7 100644 --- a/lib_cxng/include/lcx_ecdsa.h +++ b/lib_cxng/include/lcx_ecdsa.h @@ -88,52 +88,10 @@ cx_err_t cx_ecdsa_sign_no_throw(const cx_ecfp_private_key_t *pvkey, uint32_t * info); /** - * @brief Signs a message digest according to ECDSA specification. - * - * @details This function throws an exception if the signature - * doesn't succeed. - * - * @warning It is recommended to use #cx_ecdsa_sign_no_throw rather - * than this function. - * - * @param[in] pvkey Private key. - * Shall be initialized with #cx_ecfp_init_private_key_no_throw. - * - * @param[in] mode Crypto mode flags. - * Supported flags: - * - CX_RND_TRNG - * - CX_RND_RFC6979 - * - * @param[in] hashID Message digest algorithm identifier. - * This parameter is mandatory with the flag CX_RND_RFC6979. - * - * @param[in] hash Digest of the message to be signed. - * The length of *hash* must be shorter than the group order size. - * Otherwise it is truncated. - * - * @param[in] hash_len Length of the digest in octets. - * - * @param[out] sig Buffer where to store the signature. - * The signature is encoded in TLV: **30 || L || 02 || Lr || r || 02 || Ls || s** - * - * @param[in] sig_len Length of the buffer in octets. - * - * @param[out] info Set with CX_ECCINFO_PARITY_ODD if the y-coordinate is odd when computing **[k].G**. - * - * @return Length of the signature. - * - * @throws CX_EC_INVALID_CURVE - * @throws CX_INVALID_PARAMETER - * @throws CX_INTERNAL_ERROR - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_MEMORY_FULL - * @throws CX_NOT_LOCKED - * @throws CX_EC_INVALID_POINT - * @throws CX_EC_INFINITE_POINT - * @throws CX_INVALID_PARAMETER_VALUE + * @deprecated + * See #cx_ecdsa_sign_no_throw */ -static inline size_t cx_ecdsa_sign ( const cx_ecfp_private_key_t * pvkey, uint32_t mode, cx_md_t hashID, const unsigned char * hash, unsigned int hash_len, unsigned char * sig, unsigned int sig_len, unsigned int * info ) +DEPRECATED static inline size_t cx_ecdsa_sign ( const cx_ecfp_private_key_t * pvkey, uint32_t mode, cx_md_t hashID, const unsigned char * hash, unsigned int hash_len, unsigned char * sig, unsigned int sig_len, unsigned int * info ) { size_t sig_len_ = sig_len; uint32_t info_; diff --git a/lib_cxng/include/lcx_ecfp.h b/lib_cxng/include/lcx_ecfp.h index b23c7cde5..baea20172 100644 --- a/lib_cxng/include/lcx_ecfp.h +++ b/lib_cxng/include/lcx_ecfp.h @@ -163,39 +163,10 @@ typedef struct cx_ecfp_640_private_key_s cx_ecfp_640_private_key_t; cx_err_t cx_ecfp_add_point_no_throw(cx_curve_t curve, uint8_t *R, const uint8_t *P, const uint8_t *Q); /** - * @brief Adds two points of an elliptic curve. - * - * @details This function throws an exception if the - * computation doesn't succeed. - * - * @warning It is recommended to use #cx_ecfp_add_point_no_throw - * rather than this function. - * - * @param[in] curve Curve identifier. - * - * @param[out] R Resulting point encoded as **04 || x || y**. - * - * @param[in] P First operand: point on curve encoded as **04 || x || y**: - * *x* and *y* are encoded as big endian raw values - * and have a binary length equal to curve domain size. - * - * @param[in] Q Second operand: point on curve encoded as **04 || x || y**. - * - * @param[in] X_len Length of the x-coordinate. This parameter is not used. - * - * @return Length of the encoded point. - - * @throws CX_EC_INVALID_CURVE - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_EC_INVALID_CURVE - * @throws CX_MEMORY_FULL - * @throws CX_NOT_LOCKED - * @throws CX_INVALID_PARAMETER - * @throws CX_EC_INVALID_POINT - * @throws CX_EC_INFINITE_POINT + * @deprecated + * See #cx_ecfp_add_point_no_throw */ -static inline size_t cx_ecfp_add_point ( cx_curve_t curve, unsigned char * R, const unsigned char * P, const unsigned char * Q, unsigned int X_len ) +DEPRECATED static inline size_t cx_ecfp_add_point ( cx_curve_t curve, unsigned char * R, const unsigned char * P, const unsigned char * Q, unsigned int X_len ) { UNUSED(X_len); @@ -235,39 +206,10 @@ static inline size_t cx_ecfp_add_point ( cx_curve_t curve, unsigned char * R, co cx_err_t cx_ecfp_scalar_mult_no_throw(cx_curve_t curve, uint8_t *P, const uint8_t *k, size_t k_len); /** - * @brief Performs a scalar multiplication over an elliptic curve. - * - * @details This function throws an exception if the computation - * doesn't succeed. - * - * @warning It is recommended to use #cx_ecfp_scalar_mult_no_throw - * rather than this function. - * - * @param[in] curve Curve identifier. - * - * @param[in, out] P Point on curve encoded as **04 || x || y**: - * x and y are encoded as big endian raw values - * and have a binary length equal to curve domain size. - * This is also used for the result. - * - * @param[in] P_len Length of the input point. This parameter is not used. - * - * @param[in] k Scalar encoded as big endian integer. - * - * @param[in] k_len Length of the scalar. This should be equal to - * the curve domain length. - * - * @return Length of the encoded point. - * - * @throws CX_EC_INVALID_CURVE - * @throws CX_NOT_UNLOCKED - * @throws CX_EC_INVALID_CURVE - * @throws CX_MEMORY_FULL - * @throws CX_NOT_LOCKED - * @throws CX_INVALID_PARAMETER - * @throws CX_EC_INFINITE_POINT + * @deprecated + * See #cx_ecfp_scalar_mult_no_throw */ -static inline size_t cx_ecfp_scalar_mult ( cx_curve_t curve, unsigned char * P, unsigned int P_len, const unsigned char * k, unsigned int k_len ) +DEPRECATED static inline size_t cx_ecfp_scalar_mult ( cx_curve_t curve, unsigned char * P, unsigned int P_len, const unsigned char * k, unsigned int k_len ) { UNUSED(P_len); @@ -308,35 +250,10 @@ cx_err_t cx_ecfp_init_public_key_no_throw(cx_curve_t curve, cx_ecfp_public_key_t *key); /** - * @brief Initializes a public key. - * - * @details This function throws an exception - * if the computation doesn't succeed. - * - * @warning It is recommended to use #cx_ecfp_init_public_key_no_throw - * rather than this function. - * - * @param[in] curve Curve identifier. - * - * @param[in] rawkey Pointer to a raw key value or NULL pointer - * The value shall be the public point encoded as: - * - **04 || x || y** for Weiertrass curves - * - **04 || x || y** or **02 || y** (plus sign) for Twisted Edward curves - * - **04 || x || y** or **02 || x** for Montgomery curves - * - * where *x* and *y* are encoded as big endian raw values and have a - * binary length equal to the curve domain size. - * - * @param[in] key_len Length of the key. - * - * @param[out] key Public key to initialize. - * - * @return Length of the key. - * - * @throws CX_EC_INVALID_CURVE - * @throws INVALID_PARAMETER + * @deprecated + * See #cx_ecfp_init_public_key_no_throw */ -static inline size_t cx_ecfp_init_public_key ( cx_curve_t curve, const unsigned char * rawkey, unsigned int key_len, cx_ecfp_public_key_t * key ) +DEPRECATED static inline size_t cx_ecfp_init_public_key ( cx_curve_t curve, const unsigned char * rawkey, unsigned int key_len, cx_ecfp_public_key_t * key ) { CX_THROW(cx_ecfp_init_public_key_no_throw(curve, rawkey, key_len, key)); return key_len; @@ -368,31 +285,10 @@ cx_err_t cx_ecfp_init_private_key_no_throw(cx_curve_t curve, cx_ecfp_private_key_t *pvkey); /** - * @brief Initializes a private key. - * - * @details The key can be stored in non-volatile memory and - * used for ECDSA or ECDH processing. - * This function throws an exception if the computation - * doesn't succeed. - * - * @warning It is recommended to use #cx_ecfp_init_private_key_no_throw - * rather than this function. - * - * @param[in] curve Curve identifier. - * - * @param[in] rawkey Pointer to a raw key value or NULL pointer. - * The value shall be in big endian order. - * - * @param[in] key_len Length of the key. - * - * @param[out] pvkey Private key to initialize. - * - * @return Length of the key. - * - * @throws CX_EC_INVALID_CURVE - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_ecfp_init_private_key_no_throw */ -static inline size_t cx_ecfp_init_private_key ( cx_curve_t curve, const unsigned char * rawkey, size_t key_len, cx_ecfp_private_key_t * pvkey ) +DEPRECATED static inline size_t cx_ecfp_init_private_key ( cx_curve_t curve, const unsigned char * rawkey, size_t key_len, cx_ecfp_private_key_t * pvkey ) { CX_THROW(cx_ecfp_init_private_key_no_throw(curve, rawkey, key_len, pvkey)); return key_len; @@ -429,37 +325,10 @@ cx_err_t cx_ecfp_generate_pair_no_throw(cx_curve_t curve, bool keepprivate); /** - * @brief Generates a key pair with SHA-512 hash function. - * - * @details This function throws an exception if the computation - * doesn't succeed. - * - * @warning It is recommended to use #cx_ecfp_generate_pair_no_throw - * rather than this function. - * - * @param[in] curve Curve identifier. - * - * @param[out] pubkey Generated public key. - * - * @param[out] privkey Generated private key. - * - * @param[in] keepprivate If set, the private key is the one initialized - * with #cx_ecfp_init_private_key_no_throw. Otherwise, - * a new private key is generated. - * - * @return 0 - * - * @throws CX_EC_INVALID_CURVE - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_MEMORY_FULL - * @throws CX_NOT_LOCKED - * @throws CX_INVALID_PARAMETER - * @throws CX_INTERNAL_ERROR - * @throws CX_EC_INVALID_POINT - * @throws CX_EC_INFINITE_POINT + * @deprecated + * See #cx_ecfp_generate_pair_no_throw */ -static inline int cx_ecfp_generate_pair ( cx_curve_t curve, cx_ecfp_public_key_t * pubkey, cx_ecfp_private_key_t * privkey, int keepprivate ) +DEPRECATED static inline int cx_ecfp_generate_pair ( cx_curve_t curve, cx_ecfp_public_key_t * pubkey, cx_ecfp_private_key_t * privkey, int keepprivate ) { CX_THROW(cx_ecfp_generate_pair_no_throw(curve, pubkey, privkey, keepprivate)); return 0; @@ -499,39 +368,10 @@ cx_err_t cx_ecfp_generate_pair2_no_throw(cx_curve_t curve, cx_md_t hashID); /** - * @brief Generates a key pair. - * - * @details This function throws an exception if - * the computation doesn't succeed. - * - * @warning It is recommended to use #cx_ecfp_generate_pair2_no_throw - * rather than this function. - * - * @param[in] curve Curve identifier. - * - * @param[out] pubkey Generated public key. - * - * @param[out] privkey Generated private key. - * - * @param[in] keepprivate If set, the private key is the one initialized with - * #cx_ecfp_init_private_key_no_throw. - * Otherwise, a new private key is generated. - * - * @param[in] hashID Message digest algorithm identifier. - * - * @return 0 - * - * @throws CX_EC_INVALID_CURVE - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_MEMORY_FULL - * @throws CX_NOT_LOCKED - * @throws CX_INVALID_PARAMETER - * @throws CX_INTERNAL_ERROR - * @throws CX_EC_INVALID_POINT - * @throws CX_EC_INFINITE_POINT + * @deprecated + * See #cx_ecfp_generate_pair2_no_throw */ -static inline int cx_ecfp_generate_pair2 ( cx_curve_t curve, cx_ecfp_public_key_t * pubkey, cx_ecfp_private_key_t * privkey, int keepprivate, cx_md_t hashID ) +DEPRECATED static inline int cx_ecfp_generate_pair2 ( cx_curve_t curve, cx_ecfp_public_key_t * pubkey, cx_ecfp_private_key_t * privkey, int keepprivate, cx_md_t hashID ) { CX_THROW(cx_ecfp_generate_pair2_no_throw(curve, pubkey, privkey, keepprivate, hashID)); return 0; @@ -582,42 +422,10 @@ cx_err_t cx_eddsa_get_public_key_no_throw(const cx_ecfp_private_key_t *pvkey, size_t h_len); /** - * @brief Retrieves an EDDSA public key. - * - * @details Retrieves (a,h) = (Kr, Kl), such that (Kr, Kl) = Hash(pv_key) - * as specified at RFC8032 . - * This function throws an exception if the computation doesn't succeed. - * - * @warning It is recommended to use #cx_eddsa_get_public_key_no_throw rather than - * this function. - * - * @param[in] pvkey A private key fully initialized with #cx_ecfp_init_private_key_no_throw. - * - * @param[in] hashID Message digest algorithm identifier used to compute the input data. - * SHA512, SHA3 and Keccak are supported. - * - * @param[out] pukey Key container for retrieving the public key A. - * - * @param[out] a Private scalar such that A = a.B. - * - * @param[in] a_len Length of the scalar a. - * - * @param[out] h Signature prefix. - * - * @param[in] h_len Length of the prefix h. - * - * @throws CX_EC_INVALID_CURVE - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_INVALID_PARAMETER - * @throws CX_NOT_LOCKED - * @throws CX_MEMORY_FULL - * @throws CX_EC_INVALID_POINT - * @throws CX_EC_INFINITE_POINT - * @throws CX_INTERNAL_ERROR - * + * @deprecated + * See #cx_eddsa_get_public_key_no_throw */ -static inline void cx_eddsa_get_public_key ( const cx_ecfp_private_key_t * pvkey, cx_md_t hashID, cx_ecfp_public_key_t * pukey, unsigned char * a, unsigned int a_len, unsigned char * h, unsigned int h_len ) +DEPRECATED static inline void cx_eddsa_get_public_key ( const cx_ecfp_private_key_t * pvkey, cx_md_t hashID, cx_ecfp_public_key_t * pukey, unsigned char * a, unsigned int a_len, unsigned char * h, unsigned int h_len ) { CX_THROW(cx_eddsa_get_public_key_no_throw(pvkey, hashID, pukey, a, a_len, h, h_len)); } @@ -647,32 +455,10 @@ static inline void cx_eddsa_get_public_key ( const cx_ecfp_private_key_t * pvkey cx_err_t cx_edwards_compress_point_no_throw(cx_curve_t curve, uint8_t *p, size_t p_len); /** - * @brief Compresses a point according to - * RFC8032 . - * - * @details This function throws an exception if the - * computation doesn't succeed. - * - * @warning It is recommended to use #cx_edwards_compress_point_no_throw - * rather than this function. - * - * @param[in] curve Curve identifier. The curve must be - * a Twisted Edwards curve. - * - * @param[in, out] p Pointer to the point to compress. - * - * @param[in] p_len Length of the point buffer. - * - * @throws CX_EC_INVALID_CURVE - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_EC_INVALID_CURVE - * @throws CX_MEMORY_FULL - * @throws CX_NOT_LOCKED - * @throws CX_INVALID_PARAMETER - * @throws CX_EC_INFINITE_POINT + * @deprecated + * See #cx_edwards_compress_point_no_throw */ -static inline void cx_edwards_compress_point(cx_curve_t curve, uint8_t *p, size_t p_len) +DEPRECATED static inline void cx_edwards_compress_point(cx_curve_t curve, uint8_t *p, size_t p_len) { CX_THROW(cx_edwards_compress_point_no_throw(curve, p, p_len)); } @@ -704,34 +490,10 @@ static inline void cx_edwards_compress_point(cx_curve_t curve, uint8_t *p, size_ cx_err_t cx_edwards_decompress_point_no_throw(cx_curve_t curve, uint8_t *p, size_t p_len); /** - * @brief Decompresses a point according to - * RFC8032 . - * - * @details This function throws an exception if the computation - * doesn't succeed. - * - * @warning It is recommended to use #cx_edwards_decompress_point_no_throw - * rather than this function. - * - * @param[in] curve Curve identifier. The curve must be - * a Twisted Edwards curve. - * - * @param[in, out] p Pointer to the point to decompress. - * - * @param[in] p_len Length of the point buffer. - * - * @throws CX_EC_INVALID_CURVE - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_EC_INVALID_CURVE - * @throws CX_MEMORY_FULL - * @throws CX_NOT_LOCKED - * @throws CX_INVALID_PARAMETER - * @throws CX_EC_INFINITE_POINT - * @throws CX_NO_RESIDUE - * @throws INVALID_PARAMETER + * @deprecated + * See #cx_edwards_decompress_point_no_throw */ -static inline void cx_edwards_decompress_point(cx_curve_t curve, uint8_t *p, size_t p_len) +DEPRECATED static inline void cx_edwards_decompress_point(cx_curve_t curve, uint8_t *p, size_t p_len) { CX_THROW(cx_edwards_decompress_point_no_throw(curve, p, p_len)); } @@ -740,7 +502,7 @@ static inline void cx_edwards_decompress_point(cx_curve_t curve, uint8_t *p, siz * @deprecated * See #cx_edwards_compress_point_no_throw */ -__attribute__((deprecated)) static inline void cx_edward_compress_point(cx_curve_t curve, uint8_t *p, size_t p_len) { +DEPRECATED static inline void cx_edward_compress_point(cx_curve_t curve, uint8_t *p, size_t p_len) { CX_THROW(cx_edwards_compress_point_no_throw(curve, p, p_len)); } @@ -748,7 +510,7 @@ __attribute__((deprecated)) static inline void cx_edward_compress_point(cx_curve * @deprecated * See #cx_edwards_decompress_point_no_throw */ -__attribute__((deprecated)) static inline void cx_edward_decompress_point(cx_curve_t curve, uint8_t *p, size_t p_len) { +DEPRECATED static inline void cx_edward_decompress_point(cx_curve_t curve, uint8_t *p, size_t p_len) { CX_THROW(cx_edwards_decompress_point_no_throw(curve, p, p_len)); } diff --git a/lib_cxng/include/lcx_ecschnorr.h b/lib_cxng/include/lcx_ecschnorr.h index 0c59672cf..a26b7439c 100644 --- a/lib_cxng/include/lcx_ecschnorr.h +++ b/lib_cxng/include/lcx_ecschnorr.h @@ -80,54 +80,10 @@ cx_err_t cx_ecschnorr_sign_no_throw(const cx_ecfp_private_key_t *pvkey, size_t * sig_len); /** - * @brief Signs a digest message according to the given mode. - * - * @details This function throws an exception if the computation - * doesn't succeed. - * - * @warning It is recommended to use #cx_ecschnorr_sign_no_throw - * rather than this function. - * - * @param[in] pvkey Pointer to the private key initialized with - * #cx_ecfp_init_private_key_no_throw beforehand. - * - * @param[in] mode Mode. Supported flag: - * - CX_ECSCHNORR_XY - * - CX_ECSCHNORR_ISO14888_X - * - CX_ECSCHNORR_BSI03111 - * - CX_ECSCHNORR_LIBSECP - * - CX_ECSCHNORR_Z - * - CX_ECSCHNORR_BIP0340 - * - * @param[in] hashID Message digest algorithm identifier. - * This parameter is mandatory when - * using the CX_RND_RFC6979 - * pseudorandom number generator. - * - * @param[in] msg Input data to sign. - * - * @param[in] msg_len Length of input data. - * - * @param[out] sig ECSchnorr signature encoded in TLV: **30 || L || 02 || Lr || r || 02 || Ls || s**. - * This parameter holds the auxiliary random data when CX_ECSCHNORR_BIP0340 is used. - * - * @param[in] sig_len Length of the signature. - * - * @param[in] info Additional information. This parameter is not used. - * - * @return Length of the signature. - * - * @throws CX_EC_INVALID_CURVE - * @throws CX_INVALID_PARAMETER - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_NOT_LOCKED - * @throws CX_MEMORY_FULL - * @throws CX_EC_INVALID_POINT - * @throws CX_EC_INFINITE_POINT - * @throws CX_INVALID_PARAMETER_VALUE + * @deprecated + * See #cx_ecschnorr_sign_no_throw */ -static inline size_t cx_ecschnorr_sign ( const cx_ecfp_private_key_t * pvkey, uint32_t mode, cx_md_t hashID, const unsigned char * msg, unsigned int msg_len, unsigned char * sig, size_t sig_len, unsigned int * info ) +DEPRECATED static inline size_t cx_ecschnorr_sign ( const cx_ecfp_private_key_t * pvkey, uint32_t mode, cx_md_t hashID, const unsigned char * msg, unsigned int msg_len, unsigned char * sig, size_t sig_len, unsigned int * info ) { UNUSED(info); CX_THROW(cx_ecschnorr_sign_no_throw(pvkey, mode, hashID, msg, msg_len, sig, &sig_len)); diff --git a/lib_cxng/include/lcx_eddsa.h b/lib_cxng/include/lcx_eddsa.h index 58f85b18c..83e390574 100644 --- a/lib_cxng/include/lcx_eddsa.h +++ b/lib_cxng/include/lcx_eddsa.h @@ -79,57 +79,10 @@ cx_err_t cx_eddsa_sign_no_throw(const cx_ecfp_private_key_t *pvkey, size_t sig_len); /** - * @brief Signs a message digest. - * - * @details The signature is done according to the EDDSA specification - * RFC8032 . - * This function throws an exception if the computation doesn't - * succeed. - * - * @warning It is recommended to use #cx_eddsa_sign_no_throw rather than - * this function. - * - * @param[in] pvkey Private key. - * This shall be initialized with #cx_ecfp_init_private_key_no_throw. - * - * @param[in] mode Mode. This parameter is not used. - * - * @param[in] hashID Message digest algorithm identifier. - * Algorithms supported: - * - SHA512 - * - SHA3 - * - Keccak - * - * @param[in] hash Pointer to the message digest. - * - * @param[in] hash_len Length of the digest. - * - * @param[in] ctx Pointer to the context. This parameter is not used. - * - * @param[in] ctx_len Length of *ctx*. This parameter is not used. - * - * @param[out] sig Buffer where to store the signature. - * - * @param[in] sig_len Length of the signature. - * - * @param[in] info Additional information. This parameter is not used. - * - * @return Length of the signature. - * - * @throws CX_EC_INVALID_CURVE - * @throws CX_INVALID_PARAMETER - * @throws INVALID_PARAMETER - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_MEMORY_FULL - * @throws CX_NOT_LOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_EC_INVALID_POINT - * @throws CX_EC_INFINITE_POINT - * @throws CX_INTERNAL_ERROR - * @throws CX_INVALID_PARAMETER_VALUE + * @deprecated + * See #cx_eddsa_sign_no_throw */ -static inline size_t cx_eddsa_sign ( const cx_ecfp_private_key_t * pvkey, int mode, cx_md_t hashID, const unsigned char * hash, unsigned int hash_len, const unsigned char * ctx, unsigned int ctx_len, unsigned char * sig, unsigned int sig_len, unsigned int * info ) +DEPRECATED static inline size_t cx_eddsa_sign ( const cx_ecfp_private_key_t * pvkey, int mode, cx_md_t hashID, const unsigned char * hash, unsigned int hash_len, const unsigned char * ctx, unsigned int ctx_len, unsigned char * sig, unsigned int sig_len, unsigned int * info ) { UNUSED(ctx); UNUSED(ctx_len); diff --git a/lib_cxng/include/lcx_groestl.h b/lib_cxng/include/lcx_groestl.h index a3d89194b..0547ca2eb 100644 --- a/lib_cxng/include/lcx_groestl.h +++ b/lib_cxng/include/lcx_groestl.h @@ -76,20 +76,10 @@ size_t cx_groestl_get_output_size(const cx_groestl_t *ctx); cx_err_t cx_groestl_init_no_throw(cx_groestl_t *hash, size_t size); /** - * @brief Initializes a GROESTL context. - * - * @details Throws an exception if the - * initialization fails. - * - * @param[out] hash Pointer to the context to initialize. - * - * @param[in] size Length of the digest. - * - * @return GROESTL identifier. - * - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_groestl_init_no_throw */ -static inline void cx_groestl_init ( cx_groestl_t * hash, unsigned int size ) +DEPRECATED static inline void cx_groestl_init ( cx_groestl_t * hash, unsigned int size ) { CX_THROW(cx_groestl_init_no_throw(hash, size)); } diff --git a/lib_cxng/include/lcx_hash.h b/lib_cxng/include/lcx_hash.h index 584fbe897..5ef8ea856 100644 --- a/lib_cxng/include/lcx_hash.h +++ b/lib_cxng/include/lcx_hash.h @@ -142,40 +142,10 @@ size_t cx_hash_get_size(const cx_hash_t *ctx); cx_err_t cx_hash_no_throw(cx_hash_t *hash, uint32_t mode, const uint8_t *in, size_t len, uint8_t *out, size_t out_len); /** - * @brief Hashes data according to the specified algorithm. - * - * @details This function throws an exception if the computation - * doesn't succeed. - * - * @warning It is recommended to use #cx_hash_no_throw rather than - * this function. - * - * @param[in] hash Pointer to the hash context. - * Shall be in RAM. - * Should be called with a cast. - * - * @param[in] mode Crypto flag. Supported flag: CX_LAST. If set: - * - the structure is not modified after finishing - * - if out is not NULL, the message digest is stored in out - * - the context is NOT automatically re-initialized. - * - * @param[in] in Input data to be hashed. - * - * @param[in] len Length of the input data. - * - * @param[out] out Buffer where to store the message digest: - * - NULL (ignored) if CX_LAST is NOT set - * - message digest if CX_LAST is set - * - * @param[out] out_len The size of the output buffer or 0 if out is NULL. - * If buffer is too small to store the hash an exception is thrown. - * - * @return Length of the digest. - * - * @throws INVALID_PARAMETER - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_hash_no_throw */ -static inline size_t cx_hash ( cx_hash_t * hash, uint32_t mode, const unsigned char * in, unsigned int len, unsigned char * out, unsigned int out_len ) +DEPRECATED static inline size_t cx_hash ( cx_hash_t * hash, uint32_t mode, const unsigned char * in, unsigned int len, unsigned char * out, unsigned int out_len ) { CX_THROW(cx_hash_no_throw(hash, mode, in, len, out, out_len)); return cx_hash_get_size(hash); diff --git a/lib_cxng/include/lcx_hmac.h b/lib_cxng/include/lcx_hmac.h index 0eb91a710..9d246a9f3 100644 --- a/lib_cxng/include/lcx_hmac.h +++ b/lib_cxng/include/lcx_hmac.h @@ -78,30 +78,10 @@ typedef struct { cx_err_t cx_hmac_ripemd160_init_no_throw(cx_hmac_ripemd160_t *hmac, const uint8_t *key, size_t key_len); /** - * @brief Initializes a HMAC-RIPEMD160 context. - * - * @details This function throws an exception if the - * initialization fails. - * - * @warning It is recommended to use #cx_hmac_ripemd160_init_no_throw - * rather than this function. - * - * @param[out] hmac Pointer to the HMAC context. - * The context shall be in RAM. - * - * @param[in] key Pointer to the HMAC key value. - * If a key has been set, passing - * NULL pointer will reinitialize - * the context with the previously set key. - * - * @param [in] key_len Length of the key. - * The key length shall be less than 64 bytes. - * - * @return RIPEMD160 identifier. - * - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_hmac_ripemd160_init_no_throw */ -static inline int cx_hmac_ripemd160_init ( cx_hmac_ripemd160_t * hmac, const unsigned char * key, unsigned int key_len ) +DEPRECATED static inline int cx_hmac_ripemd160_init ( cx_hmac_ripemd160_t * hmac, const unsigned char * key, unsigned int key_len ) { CX_THROW(cx_hmac_ripemd160_init_no_throw(hmac, key, key_len)); return CX_RIPEMD160; @@ -165,30 +145,10 @@ cx_err_t cx_hmac_sha224_init(cx_hmac_sha256_t *hmac, const uint8_t *key, unsigne cx_err_t cx_hmac_sha256_init_no_throw(cx_hmac_sha256_t *hmac, const uint8_t *key, size_t key_len); /** - * @brief Initializes a HMAC-SHA256 context. - * - * @details This function throws an exception if - * the initialization fails. - * - * @warning It is recommended to use #cx_hmac_sha256_init_no_throw - * rather than this function. - * - * @param[out] hmac Pointer to the HMAC context. - * The context shall be in RAM. - * - * @param[in] key Pointer to the HMAC key value. - * If a key has been set, passing - * NULL pointer will reinitialize - * the context with the previously set key. - * - * @param [in] key_len Length of the key. - * The key length shall be less than 64 bytes. - * - * @return SHA256 identifier. - * - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_hmac_sha256_init_no_throw */ -static inline int cx_hmac_sha256_init ( cx_hmac_sha256_t * hmac, const unsigned char * key, unsigned int key_len ) +DEPRECATED static inline int cx_hmac_sha256_init ( cx_hmac_sha256_t * hmac, const unsigned char * key, unsigned int key_len ) { CX_THROW(cx_hmac_sha256_init_no_throw(hmac, key, key_len)); return CX_SHA256; @@ -274,30 +234,10 @@ cx_err_t cx_hmac_sha384_init(cx_hmac_sha512_t *hmac, const uint8_t *key, unsigne cx_err_t cx_hmac_sha512_init_no_throw(cx_hmac_sha512_t *hmac, const uint8_t *key, size_t key_len); /** - * @brief Initializes a HMAC-SHA512 context. - * - * @details This function throws an exception if - * if the initialization fails. - * - * @warning It is recommended to use #cx_hmac_sha512_init_no_throw - * rather than this function. - * - * @param[out] hmac Pointer to the context. - * The context shall be in RAM. - * - * @param[in] key Pointer to the HMAC key value. - * If a key has been set, passing - * NULL pointer will reinitialize - * the context with the previously set key. - * - * @param[in] key_len Length of the key. - * The key length shall be less than 128 bytes. - * - * @return SHA512 identifier. - * - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_hmac_sha512_init_no_throw */ -static inline int cx_hmac_sha512_init ( cx_hmac_sha512_t * hmac, const unsigned char * key, unsigned int key_len ) +DEPRECATED static inline int cx_hmac_sha512_init ( cx_hmac_sha512_t * hmac, const unsigned char * key, unsigned int key_len ) { CX_THROW(cx_hmac_sha512_init_no_throw(hmac, key, key_len)); return CX_SHA512; @@ -360,43 +300,10 @@ size_t cx_hmac_sha512(const uint8_t *key, size_t key_len, const uint8_t *in, siz cx_err_t cx_hmac_no_throw(cx_hmac_t *hmac, uint32_t mode, const uint8_t *in, size_t len, uint8_t *mac, size_t mac_len); /** - * @brief Computes a HMAC value according to the specified - * hash function. - * - * @details This function throws an exception - * if the computation doesn't succeed. - * - * @warning It is recommended to use #cx_hmac_no_throw rather than - * this function. - * - * @param[in] hmac Pointer to the HMAC context. - * The context shall be initialized with - * one of the initialization functions. - * The context shall be in RAM. - * The function shall be called with the cast - * (cx_hmac_t *). - * - * @param[in] mode Crypto mode flags. Supported flags: - * - CX_LAST - * - CX_NO_REINIT - * If CX_LAST is set and CX_NO_REINIT is not set, the context is - * reinitialized. - * - * @param[in] in Input data to add to the context. - * - * @param[in] len Length of the input data. - * - * @param[out] mac Pointer to the computed HMAC or NULL pointer (if CX_LAST is not set). - * - * @param[in] mac_len Length of the output buffer if not NULL, 0 otherwise. - * The buffer size must be larger - * than the length of the HMAC value. - * - * @return Identifier of the hash function. - * - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_hmac_no_throw */ -static inline int cx_hmac ( cx_hmac_t * hmac, uint32_t mode, const unsigned char * in, unsigned int len, unsigned char * mac, unsigned int mac_len ) +DEPRECATED static inline int cx_hmac ( cx_hmac_t * hmac, uint32_t mode, const unsigned char * in, unsigned int len, unsigned char * mac, unsigned int mac_len ) { CX_THROW(cx_hmac_no_throw(hmac, mode, in, len, mac, mac_len)); diff --git a/lib_cxng/include/lcx_math.h b/lib_cxng/include/lcx_math.h index c80343153..73e8f67f0 100644 --- a/lib_cxng/include/lcx_math.h +++ b/lib_cxng/include/lcx_math.h @@ -54,32 +54,10 @@ cx_err_t cx_math_cmp_no_throw(const uint8_t *a, const uint8_t *b, size_t length, int *diff); /** - * @brief Compares two integers represented as byte arrays. - * - * @details This function throws an exception if the computation - * doesn't succeed. - * - * @warning It is recommended to use #cx_math_cmp_no_throw - * rather than this function. - * - * @param[in] a Pointer to the first integer. - * - * @param[in] b Pointer to the second integer. - * - * @param[in] length Number of bytes taken into account for the comparison. - * - * @return Result of the comparison: - * - 0 if a and b are identical - * - < 0 if a is less than b - * - > 0 if a is greater than b - * - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_NOT_LOCKED - * @throws CX_MEMORY_FULL - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_math_cmp_no_throw */ -static inline int32_t cx_math_cmp(const uint8_t *a, const uint8_t *b, size_t length) { +DEPRECATED static inline int32_t cx_math_cmp(const uint8_t *a, const uint8_t *b, size_t length) { int diff; CX_THROW(cx_math_cmp_no_throw(a, b, length, &diff)); return diff; @@ -215,29 +193,10 @@ static inline uint32_t cx_math_sub(uint8_t *r, const uint8_t *a, const uint8_t * cx_err_t cx_math_mult_no_throw(uint8_t *r, const uint8_t *a, const uint8_t *b, size_t len); /** - * @brief Multiplies two integers represented as byte arrays. - * - * @details This function throws an exception if the computation - * doesn't succeed. - * - * @warning It is recommended to use #cx_math_mult_no_throw rather - * than this function. - * - * @param[out] r Buffer for the result. - * - * @param[in] a Pointer to the first integer. - * - * @param[in] b Pointer to the second integer. - * - * @param[in] len Number of bytes taken into account for the multiplication. - * - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_NOT_LOCKED - * @throws CX_MEMORY_FULL - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_math_mult_no_throw */ -static inline void cx_math_mult(uint8_t *r, const uint8_t *a, const uint8_t *b, size_t len) { +DEPRECATED static inline void cx_math_mult(uint8_t *r, const uint8_t *a, const uint8_t *b, size_t len) { CX_THROW(cx_math_mult_no_throw(r, a, b, len)); } @@ -268,34 +227,10 @@ static inline void cx_math_mult(uint8_t *r, const uint8_t *a, const uint8_t *b, cx_err_t cx_math_addm_no_throw(uint8_t *r, const uint8_t *a, const uint8_t *b, const uint8_t *m, size_t len); /** - * @brief Performs a modular addition of - * two integers represented as byte arrays. - * - * @details This function throws an exception if the computation doesn't - * succeed. - * - * @warning It is recommended to use #cx_math_addm_no_throw rather than - * this function. - * - * @param[out] r Buffer for the result. - * - * @param[in] a Pointer to the first integer. - * This must be strictly smaller than the modulus. - * - * @param[in] b Pointer to the second integer. - * This must be strictly smaller than the modulus. - * - * @param[in] m Modulus - * - * @param[in] len Number of bytes taken into account for the operation. - * - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_NOT_LOCKED - * @throws CX_MEMORY_FULL - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_math_addm_no_throw */ -static inline void cx_math_addm(uint8_t *r, const uint8_t *a, const uint8_t *b, const uint8_t *m, size_t len) { +DEPRECATED static inline void cx_math_addm(uint8_t *r, const uint8_t *a, const uint8_t *b, const uint8_t *m, size_t len) { CX_THROW(cx_math_addm_no_throw(r, a, b, m, len)); } @@ -326,34 +261,10 @@ static inline void cx_math_addm(uint8_t *r, const uint8_t *a, const uint8_t *b, cx_err_t cx_math_subm_no_throw(uint8_t *r, const uint8_t *a, const uint8_t *b, const uint8_t *m, size_t len); /** - * @brief Performs a modular subtraction of - * two integers represented as byte arrays. - * - * @details This function throws an exception if the computation doesn't - * succeed. - * - * @warning It is recommended to use #cx_math_subm_no_throw rather than - * this function. - * - * @param[out] r Buffer for the result. - * - * @param[in] a Pointer to the first integer. - * This must be strictly smaller than the modulus. - * - * @param[in] b Pointer to the second integer. - * This must be strictly smaller than the modulus. - * - * @param[in] m Modulus - * - * @param[in] len Number of bytes taken into account for the operation. - * - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_NOT_LOCKED - * @throws CX_MEMORY_FULL - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_math_subm_no_throw */ -static inline void cx_math_subm(uint8_t *r, const uint8_t *a, const uint8_t *b, const uint8_t *m, size_t len) { +DEPRECATED static inline void cx_math_subm(uint8_t *r, const uint8_t *a, const uint8_t *b, const uint8_t *m, size_t len) { CX_THROW(cx_math_subm_no_throw(r, a, b, m, len)); } @@ -384,34 +295,10 @@ static inline void cx_math_subm(uint8_t *r, const uint8_t *a, const uint8_t *b, cx_err_t cx_math_multm_no_throw(uint8_t *r, const uint8_t *a, const uint8_t *b, const uint8_t *m, size_t len); /** - * @brief Performs a modular multiplication of - * two integers represented as byte arrays. - * - * @details This function throws an exception if the computation doesn't - * succeed. - * - * @warning It is recommended to use #cx_math_multm_no_throw rather than - * this function. - * - * @param[out] r Buffer for the result. - * - * @param[in] a Pointer to the first integer. - * - * @param[in] b Pointer to the second integer. - * This must be strictly smaller than the modulus. - * - * @param[in] m Modulus - * - * @param[in] len Number of bytes taken into account for the operation. - * - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_NOT_LOCKED - * @throws CX_MEMORY_FULL - * @throws CX_INVALID_PARAMETER - * @throws CX_INVALID_PARAMETER_VALUE + * @deprecated + * See #cx_math_multm_no_throw */ -static inline void cx_math_multm(uint8_t *r, const uint8_t *a, const uint8_t *b, const uint8_t *m, size_t len) { +DEPRECATED static inline void cx_math_multm(uint8_t *r, const uint8_t *a, const uint8_t *b, const uint8_t *m, size_t len) { CX_THROW(cx_math_multm_no_throw(r, a, b, m, len)); } @@ -439,29 +326,10 @@ static inline void cx_math_multm(uint8_t *r, const uint8_t *a, const uint8_t *b, cx_err_t cx_math_modm_no_throw(uint8_t *v, size_t len_v, const uint8_t *m, size_t len_m); /** - * @brief Performs a modular reduction. - * - * @details This function throws an exception if the computation doesn't - * succeed. - * - * @warning It is recommended to use #cx_math_modm_no_throw rather - * than this function. - * - * @param[in,out] v Pointer to the dividend and buffer for the result. - * - * @param[in] len_v Number of bytes of the dividend. - * - * @param[in] m Modulus. - * - * @param[in] len_m Number of bytes of the modulus. - * - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_NOT_LOCKED - * @throws CX_MEMORY_FULL - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_math_modm_no_throw */ -static inline void cx_math_modm(uint8_t *v, size_t len_v, const uint8_t *m, size_t len_m) { +DEPRECATED static inline void cx_math_modm(uint8_t *v, size_t len_v, const uint8_t *m, size_t len_m) { CX_THROW(cx_math_modm_no_throw(v, len_v, m, len_m)); } @@ -493,34 +361,10 @@ static inline void cx_math_modm(uint8_t *v, size_t len_v, const uint8_t *m, size cx_err_t cx_math_powm_no_throw(uint8_t *r, const uint8_t *a, const uint8_t *e, size_t len_e, const uint8_t *m, size_t len); /** - * @brief Performs a modular exponentiation. - * - * @details It computes the result of **a^e mod m**. - * This function throws an exception - * if the computation doesn't succeed. - * - * @warning It is recommended to use #cx_math_powm_no_throw - * rather than this function. - * - * @param[out] r Buffer for the result. - * - * @param[in] a Pointer to an integer. - * - * @param[in] e Pointer to the exponent. - * - * @param[in] len_e Number of bytes of the exponent. - * - * @param[in] m Modulus - * - * @param[in] len Number of bytes of the result. - * - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_NOT_LOCKED - * @throws CX_MEMORY_FULL - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_math_powm_no_throw */ -static inline void cx_math_powm(uint8_t *r, const uint8_t *a, const uint8_t *e, size_t len_e, const uint8_t *m, size_t len) { +DEPRECATED static inline void cx_math_powm(uint8_t *r, const uint8_t *a, const uint8_t *e, size_t len_e, const uint8_t *m, size_t len) { CX_THROW(cx_math_powm_no_throw(r, a, e, len_e, m, len)); } @@ -548,30 +392,10 @@ static inline void cx_math_powm(uint8_t *r, const uint8_t *a, const uint8_t *e, cx_err_t cx_math_invprimem_no_throw(uint8_t *r, const uint8_t *a, const uint8_t *m, size_t len); /** - * @brief Computes the modular inverse with a prime modulus. - * - * @details It computes the result of **a^(-1) mod m**, for a prime *m*. - * This function throws an exception if the computation doesn't - * succeed. - * - * @warning It is recommended to use #cx_math_invprimem_no_throw rather than - * this function. - * - * @param[out] r Buffer for the result. - * - * @param[in] a Pointer to the integer. - * - * @param[in] m Modulus. Must be a prime number. - * - * @param[in] len Number of bytes of the result. - * - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_NOT_LOCKED - * @throws CX_MEMORY_FULL - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_math_invprimem_no_throw */ -static inline void cx_math_invprimem(uint8_t *r, const uint8_t *a, const uint8_t *m, size_t len) { +DEPRECATED static inline void cx_math_invprimem(uint8_t *r, const uint8_t *a, const uint8_t *m, size_t len) { CX_THROW(cx_math_invprimem_no_throw(r, a, m, len)); } @@ -600,30 +424,10 @@ static inline void cx_math_invprimem(uint8_t *r, const uint8_t *a, const uint8_t cx_err_t cx_math_invintm_no_throw(uint8_t *r, uint32_t a, const uint8_t *m, size_t len); /** - * @brief Computes the modular inverse. - * - * @details It computes the result of **a^(-1) mod m**. a must be invertible modulo *m*, - * i.e. the greatest common divisor of *a* and *m* is 1. - * This function throws an exception if the computation doesn't succeed. - * - * @warning It is recommended to use #cx_math_invintm_no_throw rather than this - * function. - * - * @param[out] r Buffer for the result. - * - * @param[in] a Pointer to the integer. - * - * @param[in] m Modulus. - * - * @param[in] len Number of bytes of the result. - * - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_NOT_LOCKED - * @throws CX_MEMORY_FULL - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_math_invintm_no_throw */ -static inline void cx_math_invintm(uint8_t *r, uint32_t a, const uint8_t *m, size_t len) { +DEPRECATED static inline void cx_math_invintm(uint8_t *r, uint32_t a, const uint8_t *m, size_t len) { CX_THROW(cx_math_invintm_no_throw(r, a, m, len)); } @@ -649,29 +453,10 @@ static inline void cx_math_invintm(uint8_t *r, uint32_t a, const uint8_t *m, siz cx_err_t cx_math_is_prime_no_throw(const uint8_t *r, size_t len, bool *prime); /** - * @brief Checks whether a number is probably prime. - * - * @details This function throws an exception if the - * computation doesn't succeed. - * - * @warning It is recommended to use #cx_math_is_prime_no_throw - * rather than this function. - * - * @param[in] r Pointer to an integer. - * - * @param[in] len Number of bytes of the integer. - * - * @return Bool indicating whether r is prime or not: - * - 0 : not prime - * - 1 : prime - * - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_NOT_LOCKED - * @throws CX_MEMORY_FULL - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_math_is_prime_no_throw */ -static inline bool cx_math_is_prime(const uint8_t *r, size_t len) { +DEPRECATED static inline bool cx_math_is_prime(const uint8_t *r, size_t len) { bool prime; CX_THROW(cx_math_is_prime_no_throw(r, len, &prime)); return prime; @@ -697,27 +482,10 @@ static inline bool cx_math_is_prime(const uint8_t *r, size_t len) { cx_err_t cx_math_next_prime_no_throw(uint8_t *r, uint32_t len); /** - * @brief Computes the next prime after a given number. - * - * @details This function throws an exception if the computation - * doesn't succeed. - * - * @warning It is recommended to use #cx_math_next_prime_no_throw - * rather than this function. - * - * @param[in] r Pointer to the integer and buffer for the result. - * - * @param[in] len Number of bytes of the integer. - * - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_MEMORY_FULL - * @throws CX_NOT_LOCKED - * @throws CX_INVALID_PARAMETER - * @throws CX_INTERNAL_ERROR - * @throws CX_OVERFLOW + * @deprecated + * See #cx_math_next_prime_no_throw */ -static inline void cx_math_next_prime(uint8_t *r, uint32_t len) { +DEPRECATED static inline void cx_math_next_prime(uint8_t *r, uint32_t len) { CX_THROW(cx_math_next_prime_no_throw(r, len)); } diff --git a/lib_cxng/include/lcx_pbkdf2.h b/lib_cxng/include/lcx_pbkdf2.h index 816632420..c45378f1b 100644 --- a/lib_cxng/include/lcx_pbkdf2.h +++ b/lib_cxng/include/lcx_pbkdf2.h @@ -72,36 +72,10 @@ cx_err_t cx_pbkdf2_no_throw(cx_md_t md_type, size_t outLength); /** - * @brief Computes a PBKDF2 bytes sequence. - * - * @details It computes the bytes sequence according to - * RFC 2898 . - * This function throws an exception if the computation doesn't succeed. - * - * @warning It is recommended to use #cx_pbkdf2_no_throw rather - * than this function. - * - * @param[in] md_type Message digest algorithm identifier. - * - * @param[in] password Password used as a base key to compute - * the HMAC. - * - * @param[in] passwordlen Length of the password i.e. the length - * of the HMAC key. - * - * @param[in] salt Initial salt. - * - * @param[in] saltlen Length of the salt. - * - * @param[in] iterations Per block iteration. - * - * @param[out] out Buffer where to store the output. - * - * @param[in] outLength Length of the output buffer. - * - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_pbkdf2_no_throw */ -static inline void cx_pbkdf2 ( cx_md_t md_type, const unsigned char * password, unsigned short passwordlen, unsigned char * salt, unsigned short saltlen, unsigned int iterations, unsigned char * out, unsigned int outLength ) +DEPRECATED static inline void cx_pbkdf2 ( cx_md_t md_type, const unsigned char * password, unsigned short passwordlen, unsigned char * salt, unsigned short saltlen, unsigned int iterations, unsigned char * out, unsigned int outLength ) { CX_THROW(cx_pbkdf2_no_throw(md_type, password, passwordlen, salt, saltlen, iterations, out, outLength)); } diff --git a/lib_cxng/include/lcx_rsa.h b/lib_cxng/include/lcx_rsa.h index 4ee924eed..7b0e9b8db 100644 --- a/lib_cxng/include/lcx_rsa.h +++ b/lib_cxng/include/lcx_rsa.h @@ -159,33 +159,10 @@ cx_err_t cx_rsa_init_public_key_no_throw(const uint8_t * exponent, cx_rsa_public_key_t *key); /** - * @brief Initializes a RSA public key. - * - * @details Once initialized, the key may be stored in non-volatile memory - * and used for any RSA processing. - * - * Passing NULL as raw key initializes the key without any value. - * The key cannot be used. - * This function throws an exception if the initialization fails. - * - * @warning It is recommended to use #cx_rsa_init_public_key_no_throw rather - * than this function. - * - * @param[in] exponent Public exponent: pointer to a raw key value (4 bytes) or NULL. - * - * @param[in] exponent_len Length of the exponent. - * - * @param[in] modulus Modulus: pointer to a raw key as big endian value or NULL. - * - * @param[in] modulus_len Length of the modulus. - * - * @param[out] key Pointer to the RSA public key. - * - * @return Length of the modulus. - * - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_rsa_init_public_key_no_throw */ -static inline int cx_rsa_init_public_key ( const unsigned char * exponent, unsigned int exponent_len, const unsigned char * modulus, unsigned int modulus_len, cx_rsa_public_key_t * key ) +DEPRECATED static inline int cx_rsa_init_public_key ( const unsigned char * exponent, unsigned int exponent_len, const unsigned char * modulus, unsigned int modulus_len, cx_rsa_public_key_t * key ) { CX_THROW(cx_rsa_init_public_key_no_throw(exponent, exponent_len, modulus, modulus_len, key)); return modulus_len; @@ -221,33 +198,10 @@ cx_err_t cx_rsa_init_private_key_no_throw(const uint8_t * exponent, cx_rsa_private_key_t *key); /** - * @brief Initializes a RSA private key. - * - * @details Once initialized, the key may be stored in non-volatile memory - * and used for any RSA processing. - * - * Passing NULL as raw key initializes the key without any value. - * The key cannot be used. - * This function throws an exception if the initialization fails. - * - * @warning It is recommended to use #cx_rsa_init_private_key_no_throw rather - * than this function. - * - * @param[in] exponent Private exponent: pointer to a raw key value or NULL. - * - * @param[in] exponent_len Length of the exponent. - * - * @param[in] modulus Modulus: pointer to a raw key as big endian value or NULL. - * - * @param[in] modulus_len Length of the modulus. - * - * @param[out] key Pointer to the RSA private key. - * - * @return Length of the modulus. - * - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_rsa_init_private_key_no_throw */ -static inline int cx_rsa_init_private_key ( const unsigned char * exponent, unsigned int exponent_len, const unsigned char * modulus, unsigned int modulus_len, cx_rsa_private_key_t * key ) +DEPRECATED static inline int cx_rsa_init_private_key ( const unsigned char * exponent, unsigned int exponent_len, const unsigned char * modulus, unsigned int modulus_len, cx_rsa_private_key_t * key ) { CX_THROW(cx_rsa_init_private_key_no_throw(exponent, exponent_len, modulus, modulus_len, key)); return modulus_len; @@ -296,47 +250,10 @@ cx_err_t cx_rsa_generate_pair_no_throw(size_t modulus_len, const uint8_t * externalPQ); /** - * @brief Generates a RSA key pair. - * - * @details This function throws an exception - * if the generation failed. - * - * @warning It is recommended to use #cx_rsa_generate_pair_no_throw - * rather than this function. - * - * @param[in] modulus_len Size of the modulus in bytes. Expected sizes: - * - 256 - * - 384 - * - 512 - * - * @param[out] public_key Pointer to the RSA public key. The structure shall match - * *modulus_len*. - * - * @param[out] private_key Pointer to the RSA private key. The structure shall match - * *modulus_len*. - * - * @param[in] pub_exponent Public exponent. ZERO means default value: 0x010001 (65337). - * The public exponent shall be less than 0x0FFFFFFF. - * No verification is done on the public exponent value except its range. - * - * @param[in] exponent_len Length of the exponent. - * - * @param[in] externalPQ Pointer to the prime factors of the modulus or NULL pointer. Each prime consists of modulus_len/2 - * bytes in big endian order. - * P = externalPQ[0:modulus_len/2-1], Q = externalPQ[modulus_len/2 : modulus_len-1] - * There is no verification on provided P and Q. - * - * @return Length of the modulus. - * - * @throws CX_INVALID_PARAMETER - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_MEMORY_FULL - * @throws CX_NOT_LOCKED - * @throws CX_INTERNAL_ERROR - * @throws CX_OVERFLOW + * @deprecated + * See #cx_rsa_generate_pair_no_throw */ -static inline int cx_rsa_generate_pair ( unsigned int modulus_len, cx_rsa_public_key_t * public_key, cx_rsa_private_key_t * private_key, const unsigned char * pub_exponent, unsigned int exponent_len, const unsigned char * externalPQ ) +DEPRECATED static inline int cx_rsa_generate_pair ( unsigned int modulus_len, cx_rsa_public_key_t * public_key, cx_rsa_private_key_t * private_key, const unsigned char * pub_exponent, unsigned int exponent_len, const unsigned char * externalPQ ) { CX_THROW(cx_rsa_generate_pair_no_throw(modulus_len, public_key, private_key, pub_exponent, exponent_len, externalPQ)); return modulus_len; @@ -437,47 +354,10 @@ cx_err_t cx_rsa_sign_no_throw(const cx_rsa_private_key_t *key, size_t sig_len); /** - * @brief Computes a message digest signature according to RSA specification. - * - * @details When using PSS padding, the salt length is fixed to the hash output length. - * If another salt length is used, call #cx_rsa_sign_with_salt_len instead. - * The MGF1 function is the one descrided in PKCS1 v2.0 specification, using the - * the same hash algorithm as specified by hashID. - * This function throws an exception if the computation doesn't succeed. - * - * @warning It is recommended to use #cx_rsa_sign_no_throw rather than this function. - * - * @param[in] key RSA private key initialized with #cx_rsa_init_private_key_no_throw. - * - * @param[in] mode Crypto mode flags. Supported flags: - * - CX_PAD_PKCS1_1o5 - * - CX_PAD_PKCS1_PSS - * - * @param[in] hashID Message digest algorithm identifier. Expected identifiers: - * - CX_SHA224 - * - CX_SHA256 - * - CX_SHA384 - * - CX_SHA512 - * - CX_SHA3_256 (for CX_PAD_PKCS1_1o5 mode only) - * - CX_SHA3_512 (for CX_PAD_PKCS1_1o5 mode only) - * - * @param[in] hash Input data to be signed. - * - * @param[in] hash_len Length of the input data. - * - * @param[in] sig Buffer where to store the signature. - * - * @param[in] sig_len Length of the output buffer. - * - * @return Length of the key. - * - * @throws CX_INVALID_PARAMETER - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_MEMORY_FULL - * @throws CX_NOT_LOCKED + * @deprecated + * See #cx_rsa_sign_no_throw */ -static inline int cx_rsa_sign ( const cx_rsa_private_key_t * key, int mode, cx_md_t hashID, const unsigned char * hash, unsigned int hash_len, unsigned char * sig, unsigned int sig_len ) +DEPRECATED static inline int cx_rsa_sign ( const cx_rsa_private_key_t * key, int mode, cx_md_t hashID, const unsigned char * hash, unsigned int hash_len, unsigned char * sig, unsigned int sig_len ) { CX_THROW(cx_rsa_sign_no_throw(key, mode, hashID, hash, hash_len, sig, sig_len)); return key->size; @@ -609,43 +489,10 @@ cx_err_t cx_rsa_encrypt_no_throw(const cx_rsa_public_key_t *key, size_t enc_len); /** - * @brief Encrypts a message according to RSA specification. - * - * @details This function throws an exception if the computation doesn't succeed. - * - * @warning It is recommended to use #cx_rsa_encrypt_no_throw rather than this - * function. - * - * @param[in] key RSA public key initialized with #cx_rsa_init_public_key_no_throw. - * - * @param[in] mode Crypto mode flags. Supported flags: - * - CX_PAD_PKCS1_1o5 - * - CX_PAD_PKCS1_OAEP - * - * @param[in] hashID Message digest algorithm identifier. Expected identifiers - * used in OAEP padding: - * - CX_SHA224 - * - CX_SHA256 - * - CX_SHA384 - * - CX_SHA512 - * - * @param[in] mesg Input data to encrypt. - * - * @param[in] mesg_len Length of the input. - * - * @param[in] enc Buffer where to store the ciphertext. - * - * @param[in] enc_len Length of the ciphertext. - * - * @return Length of the key. - * - * @throws CX_INVALID_PARAMETER - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_MEMORY_FULL - * @throws CX_NOT_LOCKED + * @deprecated + * See #cx_rsa_encrypt_no_throw */ -static inline int cx_rsa_encrypt ( const cx_rsa_public_key_t * key, int mode, cx_md_t hashID, const unsigned char * mesg, unsigned int mesg_len, unsigned char * enc, unsigned int enc_len ) +DEPRECATED static inline int cx_rsa_encrypt ( const cx_rsa_public_key_t * key, int mode, cx_md_t hashID, const unsigned char * mesg, unsigned int mesg_len, unsigned char * enc, unsigned int enc_len ) { CX_THROW(cx_rsa_encrypt_no_throw(key, mode, hashID, mesg, mesg_len, enc, enc_len)); return key->size; @@ -692,43 +539,10 @@ cx_err_t cx_rsa_decrypt_no_throw(const cx_rsa_private_key_t *key, size_t * dec_len); /** - * @brief Decrypts a message according to RSA specification. - * - * @details This function throws an exception if the computation doesn't succeed. - * - * @warning It is recommended to use #cx_rsa_decrypt_no_throw rather than this - * function. - * - * @param[in] key RSA private key initialized with #cx_rsa_init_private_key_no_throw. - * - * @param[in] mode Crypto mode flags. Supported flags: - * - CX_PAD_PKCS1_1o5 - * - CX_PAD_PKCS1_OAEP - * - * @param[in] hashID Message digest algorithm identifier. Expected identifiers - * used in OAEP padding: - * - CX_SHA224 - * - CX_SHA256 - * - CX_SHA384 - * - CX_SHA512 - * - * @param[in] mesg Input data to decrypt. - * - * @param[in] mesg_len Length of the input. - * - * @param[in] dec Buffer where to store the decrypted data. - * - * @param[in] dec_len Length of the output. - * - * @return Length of the decrypted message. - * - * @throws CX_INVALID_PARAMETER - * @throws CX_NOT_UNLOCKED - * @throws CX_INVALID_PARAMETER_SIZE - * @throws CX_MEMORY_FULL - * @throws CX_NOT_LOCKED + * @deprecated + * See #cx_rsa_decrypt_no_throw */ -static inline int cx_rsa_decrypt ( const cx_rsa_private_key_t * key, int mode, cx_md_t hashID, const unsigned char * mesg, unsigned int mesg_len, unsigned char * dec, unsigned int dec_len ) +DEPRECATED static inline int cx_rsa_decrypt ( const cx_rsa_private_key_t * key, int mode, cx_md_t hashID, const unsigned char * mesg, unsigned int mesg_len, unsigned char * dec, unsigned int dec_len ) { size_t dec_len_ = dec_len; CX_THROW(cx_rsa_decrypt_no_throw(key, mode, hashID, mesg, mesg_len, dec, &dec_len_)); diff --git a/lib_cxng/include/lcx_sha3.h b/lib_cxng/include/lcx_sha3.h index 49b722937..d89ad49ac 100644 --- a/lib_cxng/include/lcx_sha3.h +++ b/lib_cxng/include/lcx_sha3.h @@ -70,30 +70,10 @@ typedef struct cx_sha3_s cx_sha3_t; cx_err_t cx_sha3_init_no_throw(cx_sha3_t *hash, size_t size); /** - * @brief Initializes a SHA3 context. - * - * @details Supported output sizes in bits: - * - 224 - * - 256 - * - 384 - * - 512 - * - * This function throws an exception if the - * initialization fails. - * - * @warning It is recommended to use #cx_sha3_init_no_throw - * rather than this function. - * - * @param[out] hash Pointer to the SHA3 context. - * The context shall be in RAM. - * - * @param[in] size Length of the hash output in bits. - * - * @return SHA3 identifier. - * - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_sha3_init_no_throw */ -static inline int cx_sha3_init ( cx_sha3_t * hash, size_t size ) +DEPRECATED static inline int cx_sha3_init ( cx_sha3_t * hash, size_t size ) { CX_THROW(cx_sha3_init_no_throw(hash, size)); return CX_SHA3; @@ -121,30 +101,10 @@ static inline int cx_sha3_init ( cx_sha3_t * hash, size_t size ) cx_err_t cx_keccak_init_no_throw(cx_sha3_t *hash, size_t size); /** - * @brief Initializes a KECCAK context. - * - * @details Supported output sizes in bits: - * - 224 - * - 256 - * - 384 - * - 512 - * - * This function throws an exception if the - * initialization fails. - * - * @warning It is recommended to use #cx_keccak_init_no_throw - * rather than this function. - * - * @param[out] hash Pointer to the KECCAK context. - * The context shall be in RAM. - * - * @param[in] size Length of the hash output in bits. - * - * @return KECCAK identifier. - * - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_keccak_init_no_throw */ -static inline int cx_keccak_init ( cx_sha3_t * hash, size_t size ) +DEPRECATED static inline int cx_keccak_init ( cx_sha3_t * hash, size_t size ) { CX_THROW(cx_keccak_init_no_throw(hash, size)); return CX_KECCAK; @@ -171,30 +131,10 @@ static inline int cx_keccak_init ( cx_sha3_t * hash, size_t size ) cx_err_t cx_shake128_init_no_throw(cx_sha3_t *hash, size_t out_size); /** - * @brief Initializes a SHA3-XOF context. - * - * @details SHAKE128 is a SHA3-XOF (Extendable Output Function - * based on SHA3) with a 128-bit security. - * Supported output sizes in bits: - * - 256 - * - 512 - * - * This function throws an exception if the initialization - * doesn't succeed. - * - * @warning It is recommended to use #cx_shake128_init_no_throw - * rather than this function. - * - * @param[out] hash Pointer to the context. - * The context shall be in RAM. - * - * @param[in] out_size Length of the output in bits. - * - * @return SHAKE128 identifier. - * - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_shake128_init_no_throw */ -static inline int cx_shake128_init ( cx_sha3_t * hash, unsigned int out_size ) +DEPRECATED static inline int cx_shake128_init ( cx_sha3_t * hash, unsigned int out_size ) { CX_THROW(cx_shake128_init_no_throw(hash, out_size)); return CX_SHAKE128; @@ -221,30 +161,10 @@ static inline int cx_shake128_init ( cx_sha3_t * hash, unsigned int out_size ) cx_err_t cx_shake256_init_no_throw(cx_sha3_t *hash, size_t out_size); /** - * @brief Initializes a SHA3-XOF context. - * - * @details SHAKE256 is a SHA3-XOF (Extendable Output Function - * based on SHA3) with a 256-bit security. - * Supported output sizes in bits: - * - 256 - * - 512 - * - * This function throws an exception if the initialization - * doesn't succeed. - * - * @warning It is recommended to use #cx_shake256_init_no_throw - * rather than this function. - * - * @param[out] hash Pointer to the context. - * The context shall be in RAM. - * - * @param[in] out_size Length of the output in bits. - * - * @return SHA256 identifier. - * - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_shake256_init_no_throw */ -static inline int cx_shake256_init ( cx_sha3_t * hash, unsigned int out_size ) +DEPRECATED static inline int cx_shake256_init ( cx_sha3_t * hash, unsigned int out_size ) { CX_THROW(cx_shake256_init_no_throw(hash, out_size)); return CX_SHAKE256; @@ -273,32 +193,10 @@ static inline int cx_shake256_init ( cx_sha3_t * hash, unsigned int out_size ) cx_err_t cx_sha3_xof_init_no_throw(cx_sha3_t *hash, size_t size, size_t out_length); /** - * @brief Initializes a SHA3-XOF context. - * - * @details This can be used to initialize either SHAKE128 - * or SHAKE256. - * Supported output sizes in bits: - * - 256 - * - 512 - * - * This function throws an exception if the computation - * doesn't succeed. - * - * @warning It is recommended to use #cx_sha3_xof_init_no_throw - * rather than this function. - * - * @param[out] hash Pointer to the context. - * The context shall be in RAM. - * - * @param[in] size Length of SHA3 digest in bits. - * - * @param[in] out_length Length of the output in bytes. - * - * @return Either SHAKE128 or SHAKE256 identifier. - * - * @throws CX_INVALID_PARAMETER + * @deprecated + * See #cx_sha3_xof_init_no_throw */ -static inline int cx_sha3_xof_init ( cx_sha3_t * hash, unsigned int size, unsigned int out_length ) +DEPRECATED static inline int cx_sha3_xof_init ( cx_sha3_t * hash, unsigned int size, unsigned int out_length ) { CX_THROW(cx_sha3_xof_init_no_throw(hash, size, out_length)); From d7258418b4189bdfbde84ac275eac655aa3d6b7b Mon Sep 17 00:00:00 2001 From: Xavier Chapron Date: Mon, 5 Jun 2023 15:42:31 +0200 Subject: [PATCH 2/9] Makefile.standard_app: Change IO_USB_MAX_ENDPOINTS value from 6 to 4 Used endpoints are: Setup: index 0 U2F : index 1 HID: index 2 WEBUSB: index 3 So setting IO_USB_MAX_ENDPOINTS to 4 is enough (cherry picked from commit cba1cc7911faa4097b348f2ba9aa27566cb1347b) --- Makefile.standard_app | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile.standard_app b/Makefile.standard_app index 5a5620508..9ff283a17 100644 --- a/Makefile.standard_app +++ b/Makefile.standard_app @@ -85,7 +85,7 @@ ifneq ($(DISABLE_STANDARD_SNPRINTF), 1) endif ifneq ($(DISABLE_STANDARD_USB), 1) - DEFINES += HAVE_IO_USB HAVE_L4_USBLIB IO_USB_MAX_ENDPOINTS=6 HAVE_USB_APDU + DEFINES += HAVE_IO_USB HAVE_L4_USBLIB IO_USB_MAX_ENDPOINTS=4 HAVE_USB_APDU DEFINES += USB_SEGMENT_SIZE=64 SDK_SOURCE_PATH += lib_stusb lib_stusb_impl endif From 2c44849342430a884b32bd02c198d3358c28f676 Mon Sep 17 00:00:00 2001 From: Xavier Chapron Date: Fri, 9 Jun 2023 17:52:52 +0200 Subject: [PATCH 3/9] include: os_seed.h: Lint to improve readability (cherry picked from commit 8e38d2c5c7cacb9bdc2b37ef5bad79ee44fa4086) --- include/os_seed.h | 99 +++++++++++++++++++++++++++++++++-------------- 1 file changed, 70 insertions(+), 29 deletions(-) diff --git a/include/os_seed.h b/include/os_seed.h index e893a346a..1900d970c 100644 --- a/include/os_seed.h +++ b/include/os_seed.h @@ -28,30 +28,49 @@ typedef enum { /** * Set the persisted seed if none yet, else override the volatile seed (in RAM) */ -SYSCALL PERMISSION(APPLICATION_FLAG_BOLOS_UX) void os_perso_set_seed(unsigned int identity, unsigned int algorithm, unsigned char* seed PLENGTH(length), unsigned int length); +SYSCALL PERMISSION(APPLICATION_FLAG_BOLOS_UX) void os_perso_set_seed( + unsigned int identity, + unsigned int algorithm, + unsigned char *seed PLENGTH(length), + unsigned int length); -SYSCALL PERMISSION(APPLICATION_FLAG_BOLOS_UX) void os_perso_derive_and_set_seed(unsigned char identity, - const char* prefix PLENGTH(prefix_length), unsigned int prefix_length, - const char* passphrase PLENGTH(passphrase_length), unsigned int passphrase_length, - const char* words PLENGTH(words_length), unsigned int words_length); +SYSCALL PERMISSION(APPLICATION_FLAG_BOLOS_UX) void os_perso_derive_and_set_seed( + unsigned char identity, + const char *prefix PLENGTH(prefix_length), + unsigned int prefix_length, + const char *passphrase PLENGTH(passphrase_length), + unsigned int passphrase_length, + const char *words PLENGTH(words_length), + unsigned int words_length); #if defined(HAVE_VAULT_RECOVERY_ALGO) -SYSCALL PERMISSION(APPLICATION_FLAG_BOLOS_UX) void os_perso_derive_and_prepare_seed(const char* words, unsigned int words_length, uint8_t *vault_recovery_work_buffer); -SYSCALL PERMISSION(APPLICATION_FLAG_BOLOS_UX) void os_perso_derive_and_xor_seed(uint8_t *vault_recovery_work_buffer); -SYSCALL PERMISSION(APPLICATION_FLAG_BOLOS_UX) unsigned char os_perso_get_seed_algorithm(void); +SYSCALL PERMISSION(APPLICATION_FLAG_BOLOS_UX) void os_perso_derive_and_prepare_seed( + const char * words, + unsigned int words_length, + uint8_t *vault_recovery_work_buffer); +SYSCALL PERMISSION(APPLICATION_FLAG_BOLOS_UX) void os_perso_derive_and_xor_seed( + uint8_t *vault_recovery_work_buffer); +SYSCALL PERMISSION(APPLICATION_FLAG_BOLOS_UX) unsigned char os_perso_get_seed_algorithm(void); #endif // HAVE_VAULT_RECOVERY_ALGO -SYSCALL PERMISSION(APPLICATION_FLAG_BOLOS_UX) void os_perso_set_words(const unsigned char* words PLENGTH(length), unsigned int length); -SYSCALL PERMISSION(APPLICATION_FLAG_BOLOS_UX) void os_perso_finalize(void); +SYSCALL PERMISSION(APPLICATION_FLAG_BOLOS_UX) void os_perso_set_words( + const unsigned char *words PLENGTH(length), + unsigned int length); +SYSCALL PERMISSION(APPLICATION_FLAG_BOLOS_UX) void os_perso_finalize(void); #if defined(HAVE_RECOVER) -SYSCALL PERMISSION(APPLICATION_FLAG_BOLOS_UX) void os_perso_master_seed(uint8_t* master_seed PLENGTH(length), size_t length, os_action_t action); -SYSCALL PERMISSION(APPLICATION_FLAG_BOLOS_UX) void os_perso_recover_state(uint8_t* state, os_action_t action); +SYSCALL PERMISSION(APPLICATION_FLAG_BOLOS_UX) void os_perso_master_seed( + uint8_t *master_seed PLENGTH(length), + size_t length, + os_action_t action); +SYSCALL PERMISSION(APPLICATION_FLAG_BOLOS_UX) void os_perso_recover_state( + uint8_t *state, + os_action_t action); #endif // HAVE_RECOVER // checked in the ux flow to avoid asking the pin for example // NBA : could also be checked by applications running in insecure mode - thus unprivilegied // @return BOLOS_UX_OK when perso is onboarded. -SYSCALL bolos_bool_t os_perso_isonboarded(void); +SYSCALL bolos_bool_t os_perso_isonboarded(void); enum { ONBOARDING_STATUS_WELCOME = 0, @@ -71,10 +90,16 @@ enum { ONBOARDING_STATUS_SETUP_CHOICE_RESTORE_SEED, ONBOARDING_STATUS_CHECKING }; -SYSCALL void os_perso_set_onboarding_status(unsigned int state, unsigned int count, unsigned int total); +SYSCALL void os_perso_set_onboarding_status(unsigned int state, + unsigned int count, + unsigned int total); // derive the seed for the requested BIP32 path -SYSCALL void os_perso_derive_node_bip32(cx_curve_t curve, const unsigned int* path PLENGTH(4 * (pathLength&0x0FFFFFFFu)), unsigned int pathLength, unsigned char *privateKey PLENGTH(64), unsigned char* chain PLENGTH(32)); +SYSCALL void os_perso_derive_node_bip32(cx_curve_t curve, + const unsigned int *path PLENGTH(4 * (pathLength & 0x0FFFFFFFu)), + unsigned int pathLength, + unsigned char *privateKey PLENGTH(64), + unsigned char *chain PLENGTH(32)); #define HDW_NORMAL 0 #define HDW_ED25519_SLIP10 1 @@ -82,11 +107,23 @@ SYSCALL void os_perso_derive_nod // this only supports derivation of the master node (level 1) // the beginning of the authorized path is to be provided in the authorized derivation tag of the registry // starting with a \x00 -// Note: for SLIP21, the path is a string and the pathLength is the number of chars including the starting \0 byte. However, firewall checks are processing a number of integers, therefore, take care not to locate the buffer too far in memory to pass the firewall check. +// Note: for SLIP21, the path is a string and the pathLength is the number of chars including the starting \0 byte. +// However, firewall checks are processing a number of integers, therefore, take care not to locate the buffer too far +// in memory to pass the firewall check. #define HDW_SLIP21 2 -// derive the seed for the requested BIP32 path, with the custom provided seed_key for the sha512 hmac ("Bitcoin Seed", "Nist256p1 Seed", "ed25519 seed", ...) -SYSCALL void os_perso_derive_node_with_seed_key(unsigned int mode, cx_curve_t curve, const unsigned int* path PLENGTH(4 * (pathLength&0x0FFFFFFFu)), unsigned int pathLength, unsigned char *privateKey PLENGTH(64), unsigned char* chain PLENGTH(32), unsigned char* seed_key PLENGTH(seed_key_length), unsigned int seed_key_length); -#define os_perso_derive_node_bip32_seed_key(mode, curve, path, pathLength, privateKey, chain, seed_key, seed_key_length) os_perso_derive_node_with_seed_key(mode, curve, path, pathLength, privateKey, chain, seed_key, seed_key_length) + +// derive the seed for the requested BIP32 path, with the custom provided seed_key for the sha512 hmac ("Bitcoin Seed", +// "Nist256p1 Seed", "ed25519 seed", ...) +SYSCALL void os_perso_derive_node_with_seed_key(unsigned int mode, + cx_curve_t curve, + const unsigned int *path PLENGTH(4 * (pathLength & 0x0FFFFFFFu)), + unsigned int pathLength, + unsigned char *privateKey PLENGTH(64), + unsigned char *chain PLENGTH(32), + unsigned char *seed_key PLENGTH(seed_key_length), + unsigned int seed_key_length); + +#define os_perso_derive_node_bip32_seed_key os_perso_derive_node_with_seed_key /** * @brief Gets the private key from the device seed using the specified bip32 path and seed key. @@ -112,14 +149,14 @@ SYSCALL void os_perso_derive_nod * - CX_INTERNAL_ERROR */ WARN_UNUSED_RESULT static inline cx_err_t os_derive_bip32_with_seed_no_throw( - unsigned int derivation_mode, - cx_curve_t curve, - const unsigned int *path, - unsigned int path_len, - unsigned char raw_privkey[static 64], - unsigned char *chain_code, - unsigned char *seed, - unsigned int seed_len) { + unsigned int derivation_mode, + cx_curve_t curve, + const unsigned int *path, + unsigned int path_len, + unsigned char raw_privkey[static 64], + unsigned char * chain_code, + unsigned char * seed, + unsigned int seed_len) { cx_err_t error = CX_OK; BEGIN_TRY { @@ -182,7 +219,11 @@ WARN_UNUSED_RESULT static inline cx_err_t os_derive_bip32_no_throw( 0); } -SYSCALL void os_perso_derive_eip2333(cx_curve_t curve, const unsigned int* path PLENGTH(4 * (pathLength&0x0FFFFFFFu)), unsigned int pathLength, unsigned char *privateKey PLENGTH(32)); +SYSCALL void os_perso_derive_eip2333( + cx_curve_t curve, + const unsigned int *path PLENGTH(4 * (pathLength & 0x0FFFFFFFu)), + unsigned int pathLength, + unsigned char *privateKey PLENGTH(32)); /** * @brief Gets the private key from the device seed using the specified eip2333 path. @@ -234,5 +275,5 @@ WARN_UNUSED_RESULT static inline cx_err_t os_derive_eip2333_no_throw( #if defined(HAVE_SEED_COOKIE) // seed_cookie length has to be CX_SHA512_SIZE. // return BOLOS_TRUE if the seed has been generated, return BOLOS_FALSE otherwise. -SYSCALL bolos_bool_t os_perso_seed_cookie(unsigned char * seed_cookie PLENGTH(CX_SHA512_SIZE)); +SYSCALL bolos_bool_t os_perso_seed_cookie(unsigned char *seed_cookie PLENGTH(CX_SHA512_SIZE)); #endif // HAVE_SEED_COOKIE From f8e3f4bd19f0f25f6fbee39a9c753713aa20e499 Mon Sep 17 00:00:00 2001 From: Xavier Chapron Date: Fri, 9 Jun 2023 17:54:27 +0200 Subject: [PATCH 4/9] include: os_seed.h: Deprecate the os_derive_x() throwable functions (cherry picked from commit 7cff77179f38fbf83e2554b8cb37353f67f9fca1) --- include/os_seed.h | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/include/os_seed.h b/include/os_seed.h index 1900d970c..7795f4c06 100644 --- a/include/os_seed.h +++ b/include/os_seed.h @@ -95,6 +95,10 @@ SYSCALL void os_perso_set_onboarding_status(unsigned int state, unsigned int total); // derive the seed for the requested BIP32 path +// Deprecated : see "os_derive_bip32_no_throw" +#ifndef HAVE_BOLOS +DEPRECATED +#endif SYSCALL void os_perso_derive_node_bip32(cx_curve_t curve, const unsigned int *path PLENGTH(4 * (pathLength & 0x0FFFFFFFu)), unsigned int pathLength, @@ -114,6 +118,10 @@ SYSCALL void os_perso_derive_node_bip32(cx_curve_t curve, // derive the seed for the requested BIP32 path, with the custom provided seed_key for the sha512 hmac ("Bitcoin Seed", // "Nist256p1 Seed", "ed25519 seed", ...) +// Deprecated : see "os_derive_bip32_with_seed_no_throw" +#ifndef HAVE_BOLOS +DEPRECATED +#endif SYSCALL void os_perso_derive_node_with_seed_key(unsigned int mode, cx_curve_t curve, const unsigned int *path PLENGTH(4 * (pathLength & 0x0FFFFFFFu)), @@ -161,6 +169,9 @@ WARN_UNUSED_RESULT static inline cx_err_t os_derive_bip32_with_seed_no_throw( BEGIN_TRY { TRY { + // ignore the deprecated warning, pragma to remove when the "no throw" OS function will be available + #pragma GCC diagnostic push + #pragma GCC diagnostic ignored "-Wdeprecated-declarations" // Derive the seed with path os_perso_derive_node_bip32_seed_key(derivation_mode, curve, @@ -170,6 +181,7 @@ WARN_UNUSED_RESULT static inline cx_err_t os_derive_bip32_with_seed_no_throw( chain_code, seed, seed_len); + #pragma GCC diagnostic pop } CATCH_OTHER(e) { error = e; @@ -219,6 +231,10 @@ WARN_UNUSED_RESULT static inline cx_err_t os_derive_bip32_no_throw( 0); } +// Deprecated : see "os_derive_eip2333_no_throw" +#ifndef HAVE_BOLOS +DEPRECATED +#endif SYSCALL void os_perso_derive_eip2333( cx_curve_t curve, const unsigned int *path PLENGTH(4 * (pathLength & 0x0FFFFFFFu)), @@ -249,8 +265,12 @@ WARN_UNUSED_RESULT static inline cx_err_t os_derive_eip2333_no_throw( BEGIN_TRY { TRY { + // ignore the deprecated warning, pragma to remove when the "no throw" OS function will be available + #pragma GCC diagnostic push + #pragma GCC diagnostic ignored "-Wdeprecated-declarations" // Derive the seed with path os_perso_derive_eip2333(curve, path, path_len, raw_privkey); + #pragma GCC diagnostic pop } CATCH_OTHER(e) { error = e; From 64122b3e4c16c7f3c98df246d2e82afa0c472b2c Mon Sep 17 00:00:00 2001 From: Xavier Chapron Date: Mon, 19 Jun 2023 19:48:33 +0200 Subject: [PATCH 5/9] os_printf.c: Bufferize hex data printf sending (cherry picked from commit dfefb3964065ee56a0dd0f9909004ac913be99e3) --- src/os_printf.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/src/os_printf.c b/src/os_printf.c index c30dabd13..fefa90810 100644 --- a/src/os_printf.c +++ b/src/os_printf.c @@ -326,19 +326,27 @@ void mcu_usb_printf(const char* format, ...) { break; case 16: { unsigned char nibble1, nibble2; + unsigned int idx = 0; for (ulCount = 0; ulCount < ulIdx; ulCount++) { nibble1 = (pcStr[ulCount]>>4)&0xF; nibble2 = pcStr[ulCount]&0xF; switch(ulCap) { case 0: - mcu_usb_prints(&g_pcHex[nibble1], 1); - mcu_usb_prints(&g_pcHex[nibble2], 1); + pcBuf[idx++] = g_pcHex[nibble1]; + pcBuf[idx++] = g_pcHex[nibble2]; break; case 1: - mcu_usb_prints(&g_pcHex_cap[nibble1], 1); - mcu_usb_prints(&g_pcHex_cap[nibble2], 1); + pcBuf[idx++] = g_pcHex_cap[nibble1]; + pcBuf[idx++] = g_pcHex_cap[nibble2]; break; } + if (idx + 1 >= sizeof(pcBuf)) { + mcu_usb_prints(pcBuf, idx); + idx = 0; + } + } + if (idx != 0) { + mcu_usb_prints(pcBuf, idx); } break; } From ce7c8364bb936da846e35e7d1677cebc50dff7ea Mon Sep 17 00:00:00 2001 From: Xavier Chapron Date: Thu, 22 Jun 2023 11:29:32 +0200 Subject: [PATCH 6/9] lib_standard_app: main.c: Remove app_exit TRY/CATCH This Syscall can't THROW, and even if it could, it's better to not CATCH the exception and let the app crash rather than catching it and doing nothing. (cherry picked from commit 0b773ff063962e68cb5b794fc69c3624ee5879ed) --- lib_standard_app/main.c | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/lib_standard_app/main.c b/lib_standard_app/main.c index 7ed547801..f677aaf71 100644 --- a/lib_standard_app/main.c +++ b/lib_standard_app/main.c @@ -26,15 +26,8 @@ bolos_ux_params_t G_ux_params; /** * Exit the application and go back to the dashboard. */ -WEAK void app_exit() { - BEGIN_TRY_L(exit) { - TRY_L(exit) { - os_sched_exit(-1); - } - FINALLY_L(exit) { - } - } - END_TRY_L(exit); +WEAK void __attribute__((noreturn)) app_exit(void) { + os_sched_exit(-1); } /** From 03e02dd8351532df4fce91ae4c9126294f95210c Mon Sep 17 00:00:00 2001 From: Xavier Chapron Date: Thu, 22 Jun 2023 11:35:18 +0200 Subject: [PATCH 7/9] lib_standard_app: main.c: Change TRY/CATCH behavior to exit the app Previous behavior was to catch the Exception and somehow restart the app. This was somehow hiding the error as the user would not see the app crash. As Exception should not be raised in nominal situation or should be caught before, we changed the behavior to directly exit the app. This also have the benefit of avoiding issue where the whole app BSS should be reset to have a sane behavior when the app was restarted. (cherry picked from commit 3c83546929746cdf0dfb01973c19f4ea3dd05854) --- lib_standard_app/main.c | 42 ++++++++++++++++++----------------------- 1 file changed, 18 insertions(+), 24 deletions(-) diff --git a/lib_standard_app/main.c b/lib_standard_app/main.c index f677aaf71..f9f52439a 100644 --- a/lib_standard_app/main.c +++ b/lib_standard_app/main.c @@ -38,40 +38,34 @@ WEAK __attribute__((section(".boot"))) int main() { os_boot(); - for (;;) { - // Initialize the UX system - UX_INIT(); + BEGIN_TRY { + TRY { + UX_INIT(); - BEGIN_TRY { - TRY { - io_seproxyhal_init(); + io_seproxyhal_init(); #ifdef HAVE_BLE - G_io_app.plane_mode = os_setting_get(OS_SETTING_PLANEMODE, NULL, 0); + G_io_app.plane_mode = os_setting_get(OS_SETTING_PLANEMODE, NULL, 0); #endif // HAVE_BLE - USB_power(0); - USB_power(1); + USB_power(0); + USB_power(1); #ifdef HAVE_BLE - BLE_power(0, NULL); - BLE_power(1, NULL); + BLE_power(0, NULL); + BLE_power(1, NULL); #endif // HAVE_BLE - app_main(); - } - CATCH(EXCEPTION_IO_RESET) { - CLOSE_TRY; - continue; - } - CATCH_ALL { - CLOSE_TRY; - break; - } - FINALLY { - } + + app_main(); + } + CATCH_OTHER(e) { + PRINTF("Exiting following exception: %d\n", e); + } + FINALLY { } - END_TRY; } + END_TRY; + // Exit the application and go back to the dashboard. app_exit(); return 0; From 6cfd8c2ac005b5a555e65e5fe4c368c3369d141a Mon Sep 17 00:00:00 2001 From: Xavier Chapron Date: Thu, 22 Jun 2023 11:39:16 +0200 Subject: [PATCH 8/9] lib_standard_app: main.c: Remove G_io_app.plane_mode init as it is not used by the SDK nor standard apps (cherry picked from commit 219513d1d2b38202fbecd7cfa1482ed0465d6643) --- lib_standard_app/main.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/lib_standard_app/main.c b/lib_standard_app/main.c index f9f52439a..f2d970607 100644 --- a/lib_standard_app/main.c +++ b/lib_standard_app/main.c @@ -44,9 +44,6 @@ WEAK __attribute__((section(".boot"))) int main() { io_seproxyhal_init(); -#ifdef HAVE_BLE - G_io_app.plane_mode = os_setting_get(OS_SETTING_PLANEMODE, NULL, 0); -#endif // HAVE_BLE USB_power(0); USB_power(1); From 42c9b844f0886de58ad0a8efb92be1b0672e389a Mon Sep 17 00:00:00 2001 From: Xavier Chapron Date: Thu, 4 May 2023 14:54:19 +0200 Subject: [PATCH 9/9] lib_standard_app: Introduce support for ENABLE_SWAP feature (cherry picked from commit b9e7792842574d59128133deb35d07d369a7f0f6) --- Makefile.standard_app | 8 +++ lib_standard_app/io.c | 18 +++++ lib_standard_app/main.c | 108 +++++++++++++++++++++++----- lib_standard_app/swap.h | 24 +++++++ lib_standard_app/swap_entrypoints.h | 47 ++++++++++++ lib_standard_app/swap_lib_calls.h | 80 +++++++++++++++++++++ lib_standard_app/swap_utils.c | 63 ++++++++++++++++ lib_standard_app/swap_utils.h | 30 ++++++++ 8 files changed, 362 insertions(+), 16 deletions(-) create mode 100644 lib_standard_app/swap.h create mode 100644 lib_standard_app/swap_entrypoints.h create mode 100644 lib_standard_app/swap_lib_calls.h create mode 100644 lib_standard_app/swap_utils.c create mode 100644 lib_standard_app/swap_utils.h diff --git a/Makefile.standard_app b/Makefile.standard_app index 9ff283a17..eac625d6b 100644 --- a/Makefile.standard_app +++ b/Makefile.standard_app @@ -38,6 +38,14 @@ ifeq ($(TARGET_NAME),$(filter $(TARGET_NAME), TARGET_STAX)) endif endif +##################################################################### +# SWAP # +##################################################################### +ifeq ($(ENABLE_SWAP), 1) + HAVE_APPLICATION_FLAG_LIBRARY = 1 + DEFINES += HAVE_SWAP +endif + ##################################################################### # DEBUG # ##################################################################### diff --git a/lib_standard_app/io.c b/lib_standard_app/io.c index b3007d081..6eb4199b1 100644 --- a/lib_standard_app/io.c +++ b/lib_standard_app/io.c @@ -21,8 +21,13 @@ #include "io.h" #include "write.h" +#ifdef HAVE_SWAP +#include "swap.h" +#endif + // TODO: Temporary workaround, at some point all status words should be defined by the SDK and // removed from the application +#define SW_OK 0x9000 #define SW_WRONG_RESPONSE_LENGTH 0xB000 uint8_t G_io_seproxyhal_spi_buffer[IO_SEPROXYHAL_BUFFER_SIZE_B]; @@ -166,6 +171,19 @@ WEAK int io_send_response_buffer(const buffer_t *rdata, uint16_t sw) { write_u16_be(G_io_apdu_buffer, G_output_len, sw); G_output_len += 2; +#ifdef HAVE_SWAP + // If we are in swap mode and have validated a TX, we send it and immediately quit + if (G_called_from_swap && G_swap_response_ready) { + PRINTF("Swap answer is processed. Send it\n"); + if (io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, G_output_len) == 0) { + swap_finalize_exchange_sign_transaction(sw == SW_OK); + } else { + PRINTF("Unrecoverable\n"); + os_sched_exit(-1); + } + } +#endif // HAVE_SWAP + switch (G_io_state) { case READY: ret = -1; diff --git a/lib_standard_app/main.c b/lib_standard_app/main.c index f2d970607..c4fa902d3 100644 --- a/lib_standard_app/main.c +++ b/lib_standard_app/main.c @@ -20,6 +20,10 @@ #include "os.h" #include "io.h" +#ifdef HAVE_SWAP +#include "swap.h" +#endif // HAVE_SWAP + ux_state_t G_ux; bolos_ux_params_t G_ux_params; @@ -30,27 +34,29 @@ WEAK void __attribute__((noreturn)) app_exit(void) { os_sched_exit(-1); } -/** - * Main loop to setup USB, Bluetooth, UI and launch app_main(). - */ -WEAK __attribute__((section(".boot"))) int main() { - __asm volatile("cpsie i"); - - os_boot(); +static void common_app_init(void) { + UX_INIT(); - BEGIN_TRY { - TRY { - UX_INIT(); + io_seproxyhal_init(); - io_seproxyhal_init(); - - USB_power(0); - USB_power(1); + USB_power(0); + USB_power(1); #ifdef HAVE_BLE - BLE_power(0, NULL); - BLE_power(1, NULL); + BLE_power(0, NULL); + BLE_power(1, NULL); #endif // HAVE_BLE +} + +static void standalone_app_main(void) { +#ifdef HAVE_SWAP + G_called_from_swap = false; + G_swap_response_ready = false; +#endif // HAVE_SWAP + + BEGIN_TRY { + TRY { + common_app_init(); app_main(); } @@ -64,6 +70,76 @@ WEAK __attribute__((section(".boot"))) int main() { // Exit the application and go back to the dashboard. app_exit(); +} + +#ifdef HAVE_SWAP +static void library_app_main(libargs_t *args) { + G_called_from_swap = true; + G_swap_response_ready = false; + + BEGIN_TRY { + TRY { + PRINTF("Inside library\n"); + switch (args->command) { + case SIGN_TRANSACTION: + { + // Backup up transaction parameters and wipe BSS to avoid collusion with app-exchange + // BSS data. + bool success = swap_copy_transaction_parameters(args->create_transaction); + if (success) { + // BSS was wiped, so init these global again + G_called_from_swap = true; + G_swap_response_ready = false; + + common_app_init(); + + app_main(); + } + break; + } + case CHECK_ADDRESS: + swap_handle_check_address(args->check_address); + break; + case GET_PRINTABLE_AMOUNT: + swap_handle_get_printable_amount(args->get_printable_amount); + break; + default: + break; + } + } + CATCH_OTHER(e) { + PRINTF("Exiting following exception: %d\n", e); + } + FINALLY { + os_lib_end(); + } + } + END_TRY; +} +#endif // HAVE_SWAP + +__attribute__((section(".boot"))) int main(int arg0) { + // exit critical section + __asm volatile("cpsie i"); + + // Ensure exception will work as planned + os_boot(); + + if (arg0 == 0) { + // Called from dashboard as standalone App + standalone_app_main(); + } +#ifdef HAVE_SWAP + else { + // Called as library from another app + libargs_t *args = (libargs_t *) arg0; + if (args->id == 0x100) { + library_app_main(args); + } else { + app_exit(); + } + } +#endif // HAVE_SWAP return 0; } diff --git a/lib_standard_app/swap.h b/lib_standard_app/swap.h new file mode 100644 index 000000000..72cd8bb85 --- /dev/null +++ b/lib_standard_app/swap.h @@ -0,0 +1,24 @@ +/******************************************************************************* + * (c) 2023 Ledger + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ********************************************************************************/ +#pragma once + +#include +#include +#include + +#include "swap_entrypoints.h" +#include "swap_lib_calls.h" +#include "swap_utils.h" diff --git a/lib_standard_app/swap_entrypoints.h b/lib_standard_app/swap_entrypoints.h new file mode 100644 index 000000000..1f431ddd9 --- /dev/null +++ b/lib_standard_app/swap_entrypoints.h @@ -0,0 +1,47 @@ +/******************************************************************************* + * (c) 2023 Ledger + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ********************************************************************************/ +#pragma once + +#include +#include +#include + +#include "swap_lib_calls.h" + +/* + * These functions must be defined by the application + */ + +/* Check check_address_parameters_t.address_to_check against specified parameters. + * + * Must set params.result to 0 on error, 1 otherwise */ +void swap_handle_check_address(check_address_parameters_t* params); + +/* Format printable amount including the ticker from specified parameters. + * + * Must set empty printable_amount on error, printable amount otherwise */ +void swap_handle_get_printable_amount(get_printable_amount_parameters_t* params); + +/* Backup up transaction parameters and wipe BSS to avoid collusion with + * app-exchange BSS data. + * + * return false on error, true otherwise */ +bool swap_copy_transaction_parameters(create_transaction_parameters_t *sign_transaction_params); + +/* Set create_transaction.result and call os_lib_end(). + * + * Doesn't return */ +void __attribute__((noreturn)) swap_finalize_exchange_sign_transaction(bool is_success); diff --git a/lib_standard_app/swap_lib_calls.h b/lib_standard_app/swap_lib_calls.h new file mode 100644 index 000000000..213d8b21b --- /dev/null +++ b/lib_standard_app/swap_lib_calls.h @@ -0,0 +1,80 @@ +#pragma once + +/* This file is the shared API between Exchange and the apps started in Library mode for Exchange + * + * DO NOT MODIFY THIS FILE IN APPLICATIONS OTHER THAN EXCHANGE + * On modification in Exchange, forward the changes to all applications supporting Exchange + */ + +#include "stdbool.h" +#include "stdint.h" + +#define RUN_APPLICATION 1 + +#define SIGN_TRANSACTION 2 + +#define CHECK_ADDRESS 3 + +#define GET_PRINTABLE_AMOUNT 4 + +/* + * Amounts are stored as bytes, with a max size of 16 (see protobuf + * specifications). Max 16B integer is 340282366920938463463374607431768211455 + * in decimal, which is a 32-long char string. + * The printable amount also contains spaces, the ticker symbol (with variable + * size, up to 12 in Ethereum for instance) and a terminating null byte, so 50 + * bytes total should be a fair maximum. + */ +#define MAX_PRINTABLE_AMOUNT_SIZE 50 + +// structure that should be send to specific coin application to get address +typedef struct check_address_parameters_s { + // IN + uint8_t *coin_configuration; + uint8_t coin_configuration_length; + // serialized path, segwit, version prefix, hash used, dictionary etc. + // fields and serialization format depends on specific coin app + uint8_t *address_parameters; + uint8_t address_parameters_length; + char *address_to_check; + char *extra_id_to_check; + // OUT + int result; +} check_address_parameters_t; + +// structure that should be send to specific coin application to get printable amount +typedef struct get_printable_amount_parameters_s { + // IN + uint8_t *coin_configuration; + uint8_t coin_configuration_length; + uint8_t *amount; + uint8_t amount_length; + bool is_fee; + // OUT + char printable_amount[MAX_PRINTABLE_AMOUNT_SIZE]; +} get_printable_amount_parameters_t; + +typedef struct create_transaction_parameters_s { + // IN + uint8_t *coin_configuration; + uint8_t coin_configuration_length; + uint8_t *amount; + uint8_t amount_length; + uint8_t *fee_amount; + uint8_t fee_amount_length; + char *destination_address; + char *destination_address_extra_id; + // OUT + uint8_t result; +} create_transaction_parameters_t; + +typedef struct libargs_s { + unsigned int id; + unsigned int command; + unsigned int unused; + union { + check_address_parameters_t *check_address; + create_transaction_parameters_t *create_transaction; + get_printable_amount_parameters_t *get_printable_amount; + }; +} libargs_t; diff --git a/lib_standard_app/swap_utils.c b/lib_standard_app/swap_utils.c new file mode 100644 index 000000000..be292bb1d --- /dev/null +++ b/lib_standard_app/swap_utils.c @@ -0,0 +1,63 @@ +/******************************************************************************* + * (c) 2023 Ledger + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ********************************************************************************/ +#ifdef HAVE_SWAP + +#include +#include +#include +#include + +volatile bool G_called_from_swap; +volatile bool G_swap_response_ready; + +bool swap_str_to_u64(const uint8_t* src, size_t length, uint64_t* result) { + if (length > sizeof(uint64_t)) { + return false; + } + uint64_t value = 0; + for (size_t i = 0; i < length; i++) { + value <<= 8; + value |= src[i]; + } + *result = value; + return true; +} + +bool swap_parse_config(const uint8_t *config, + uint8_t config_len, + char *ticker, + uint8_t ticker_buf_len, + uint8_t *decimals) { + uint8_t ticker_len, offset = 0; + if (config_len == 0 || config == NULL) { + return false; + } + ticker_len = config[offset++]; + if (ticker_len == 0 || ticker_len >= ticker_buf_len - 1 || config_len - offset < ticker_len) { + return false; + } + memcpy(ticker, config + offset, ticker_len); + offset += ticker_len; + ticker[ticker_len] = '\0'; + + if (config_len - offset < 1) { + return false; + } + *decimals = config[offset]; + return true; +} + +#endif // HAVE_SWAP diff --git a/lib_standard_app/swap_utils.h b/lib_standard_app/swap_utils.h new file mode 100644 index 000000000..f8c4d1d38 --- /dev/null +++ b/lib_standard_app/swap_utils.h @@ -0,0 +1,30 @@ +/******************************************************************************* + * (c) 2023 Ledger + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ********************************************************************************/ +#pragma once + +#include +#include +#include + +extern volatile bool G_called_from_swap; +extern volatile bool G_swap_response_ready; + +bool swap_str_to_u64(const uint8_t *src, size_t length, uint64_t *result); +bool swap_parse_config(const uint8_t *config, + uint8_t config_len, + char *ticker, + uint8_t ticker_buf_len, + uint8_t *decimals);