helloyifa/lock_lfvx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
lock_lfvx/bk_idk/include/modules/securityip/api_val_random.h
helloyifa 40580710f2 first commit
2025-10-10 16:07:00 +08:00

301 lines
12 KiB
C
Executable File
Raw Blame History

/**
* @file api_val_random.h
*
* @brief VAL API - Random related services
*/
/*****************************************************************************
* Copyright (c) 2014-2018 INSIDE Secure B.V. All Rights Reserved.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 2 of the License, or
* any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*****************************************************************************/
#ifndef INCLUDE_GUARD_API_VAL_RANDOM_H
#define INCLUDE_GUARD_API_VAL_RANDOM_H
/*-----------------------------------------------------------------------------
* This module uses (requires) the following interface(s):
*/
#include "basic_defs.h" // uint8_t, u, uint32_t, etc.
#include "api_val_result.h" // ValStatus_t
#include "api_val_buffers.h" // ValOctetsIn_t, ValOctetsOut_t
#include "api_val_asset.h" // ValAssetId_t
/** ValTrngDrbgPPTest_t - TRNG DRBG Post-Processing test to perform */
typedef enum
{
VAL_TRNG_DRBGPP_CF_12B_REPEAT_PATTERN = 0,
VAL_TRNG_DRBGPP_CF_EXTERNAL_NOISE,
VAL_TRNG_DRBGPP_KNOWN_ANSWER,
} ValTrngDrbgPPTest_t;
/*-----------------------------------------------------------------------------
* val_RandomData
*/
/**
* This function generates a number of bytes (random number/data) from the
* Deterministic Random Bit Generator (DRBG) into the buffer at Data_p.
* The implementation is expected to perform post processing as well.
*
* @param [in] DataSize
* Number of random data bytes.
* Note: DataSize <= 65535.
*
* @param [in,out] Data_p
* Pointer to buffer in which random data will be returned.
*
* @return One of the ValStatus_t values.
*/
ValStatus_t
val_RandomData(
const ValSize_t DataSize,
ValOctetsOut_t * const Data_p);
/*-----------------------------------------------------------------------------
* val_RandomReseed
*/
/**
* This function triggers an internal re-seed of the Deterministic Random Bit
* Generator (DRBG). Use this function to guarantee fresh seed and key material
* for the post-processor.
*
* @return One of the ValStatus_t values.
*/
ValStatus_t
val_RandomReseed(void);
/*-----------------------------------------------------------------------------
* val_TrngConfig
*/
/**
* This function configures and starts the True Random Number Generator (TRNG)
* and Deterministic Random Bit Generator (DRBG).\n
* NOTE: The function can only be used by the Crypto Officer, therefore this
* function can only be used when Crypto Officer functionality is
* enabled.
*
* @param [in] AutoSeed
* Setting that defines the automatic reseed after 'AutoSeed' times
* 64K Bytes of DRBG random generation.
*
* @param [in] SampleCycles
* Setting that controls the number of (XOR-ed) FRO samples XOR-ed
* together to generate a single 'noise' bit. This value must be
* set such that the total amount of entropy in 8 'noise' bits
* equals at least 1 bit.
*
* @param [in] SampleDiv
* Setting that controls the number of module clock cycles between
* samples taken from the FROs.
*
* @param [in] NoiseBlocks
* Setting that defines number of 512 bit 'noise' blocks to process
* through the SHA-256 Conditioning function to generate a single
* 256 bits 'full entropy' result for (re-)seeding the DRBG.
*
* @param [in] fReseed
* Re-seed of the DRBG.
*
* @return One of the ValStatus_t values.
*/
ValStatus_t
val_TrngConfig(
uint8_t AutoSeed,
uint16_t SampleCycles,
uint8_t SampleDiv,
uint8_t NoiseBlocks,
uint8_t Scale, ////V3.0.2
bool fReseed);
/*-----------------------------------------------------------------------------
* val_TrngDrbgPostProcessing
*/
/**
* This function performs the TRNG post-processing verification operation that
* can be used to verify the SHA-2 Conditioning Function and AES-256 based
* CTR-DRBG random number generator.
*
* @param [in] Test
* Test to perform:
* 0 - Conditioning Function with 12 bits repeating pattern
* 1 - Conditioning Function with externally supplied 'noise' bits
* 2 - DRBG data generation using known input data
*
* @param [in] Pattern
* Repeating input pattern for the 'Conditioning Function with 12 bits
* repeating pattern' test. Please, read the Firmware Reference Manual
* for details.
*
* @param [in] Size
* The actual value of Size depends on the test that is performed:
* 0 - Number of 384 bits V & Key output blocks to generate in range 1-255.
* 1 - Number of 384 bits V & Key output blocks to generate in range 1-255;
* the number of 512 bit 'noise blocks' to read equals the value given
* here times the NoiseBlocks value in the TRNG configuration token.
* 2 - Splits the DataSize field in separate sub-fields:
* Bits [3:0] = Total number of 384 bits seed blocks to read (range
* 1-15). The first is used for an 'Instantiate'
* function, the others for a 're-seed' function.
* Bits [7:4] = Number of 128-bit DRBG output words to generate in a
* single data block (values 0-15 = 1-16 words).
* Bits [11:8] = Number of data blocks to generate before each re-seed
* (values 0-14 = 1-15 blocks, value 15 = 0 blocks).
* Bits [15:12] = Number of data blocks to generate after the last
* re-seed (or 'Instantiate' if bits [3:0] are value 1).
* Values 0-15 generate 1-16 blocks.
* Note: Using these sub-fields, several test-scenarios can be
* executed. Value 0x0002 performs an 'Instantiate-generate-
* reseed-generate' sequence while value 0x1F02 performs an
* 'Instantiate-reseed-generate-generate' sequence.
*
* @param [in] InputData_p
* Pointer to buffer with the input data.
*
* @param [in] InputDataSize
* The size of input data.
*
* @param [out] OutputData_p
* Pointer to buffer in which the output data must be written.
*
* @param [in] OutputDataSize
* The size of output data.
*
* @return One of the ValStatus_t values.
*/
ValStatus_t
val_TrngDrbgPostProcessing(
const ValTrngDrbgPPTest_t Test,
const uint16_t Pattern,
const ValSize_t Size,
ValOctetsIn_t * const InputData_p,
const ValSize_t InputDataSize,
ValOctetsOut_t * const OutputData_p,
const ValSize_t OutputDataSize);
/*-----------------------------------------------------------------------------
* val_TrngNrbgSelfTest
*/
/**
* This function performs a TRNG hardware self-test verification operation.
* This test focuses on the following hardware-related functions:
* - The NIST SP800-90B proposed 'Repetition Count' test on the noise source.
* - The NIST SP800-90B proposed 'Adaptive Proportion' tests (with 64 and 4K
* window sizes) on the noise source. and starts the True Random Number
* Generator (TRNG) and Deterministic Random Bit Generator (DRBG).
*
* @param [in] InputData_p
* Pointer to buffer with the input data.
*
* @param [in] Size
* Size of the input data in bytes.
*
* @param [in,out] RepCntCutoff_p
* Pointer to the 'Cutoff' value for the NIST SP800-90B 'Repetition Count'
* test. The default setting for this value is 31, unless overruled here.
* Setting this value to zero disables the 'Repetition Count' test.
* On success, the engine value at end of the test run is returned.
*
* @param [in,out] RepCntCount_p
* Pointer to the initial counter value for the NIST SP800-90B 'Repetition
* Count' test. Although it is possible to pre-load this counter, it will
* be reset to one (1) at the start of the test run.
* On success, the engine value at end of the test run is returned.
*
* @param [in,out] RepCntData_p
* Pointer to the initial compare data value for the NIST SP800-90B
* 'Repetition Count' test. At the start of the test, this value indicates
* the last 8-bits 'noise sample' value detected for repetition counting.
* On success, the engine value at end of the test run is returned.
*
* @param [in,out] AdaptProp64Cutoff_p
* Pointer to the 'Cutoff' value for the NIST SP800-90B 'Adaptive
* Proportion' test with a 64 'noise samples' window. The default setting
* for this value is 51, unless overruled here. Setting this value to zero
* disables the 'Adaptive Proportion' test with a 64 'noise samples' window.
* On success, the engine value at end of the test run is returned.
*
* @param [in,out] AdaptProp64Count_p
* Pointer to the initial counter value for the NIST SP800-90B 'Adaptive
* Proportion' test with a 64 'noise samples' window. Although it is
* possible to pre-load this counter, it will be reset to zero at the
* start of the test run.
* On success, the engine value at end of the test run is returned.
*
* @param [in,out] AdaptProp64Data_p
* Pointer to the initial compare data value for the NIST SP800-90B
* 'Adaptive Proportion' test with a 64 'noise samples' window. Although
* this value is loaded into the HW compare register before the test run
* start, it will be overwritten immediately with the first 8-bits 'noise
* sample' in the test data stream.
* On success, the engine value at end of the test run is returned.
*
* @param [in,out] AdaptProp4kCutoff_p
* Pointer to the 'Cutoff' value for the NIST SP800-90B 'Adaptive
* Proportion' test with a 4096 'noise samples' window. The default
* setting for this value is 2240, unless overruled here. Setting this
* value to zero disables the 'Adaptive Proportion' test with a 4096
* 'noise samples' window.
* On success, the engine value at end of the test run is returned.
*
* @param [in,out] AdaptProp4kCount_p
* Pointer to the initial counter value for the NIST SP800-90B 'Adaptive
* Proportion' test with a 4096 'noise samples' window. Although it is
* possible to pre-load this counter, it will be reset to zero at the
* start of the test run.
* On success, the engine value at end of the test run is returned.
*
* @param [in,out] AdaptProp4kData_p
* Pointer to the initial compare data value for the NIST SP800-90B
* 'Adaptive Proportion' test with a 4096 'noise samples' window. Although
* this value is loaded into the HW compare register before the test run
* start, it will be overwritten immediately with the first 8-bits 'noise
* sample' in the test data stream.
* On success, the engine value at end of the test run is returned.
*
* @param [out] AdaptProp64Fail_p
* Pointer to the buffer where the failure indication for the NIST SP800-90B
* 'Adaptive Proportion' test with a 64 'noise samples' window must be
* written.
*
* @param [out] AdaptProp4kFail_p
* Pointer to the buffer where the failure indication for the NIST SP800-90B
* 'Adaptive Proportion' test with a 4096 'noise samples' window must be
* written.
*
* @return One of the ValStatus_t values.
*/
ValStatus_t
val_TrngNrbgSelfTest(
ValOctetsIn_t * const InputData_p,
const ValSize_t Size,
uint8_t * const RepCntCutoff_p,
uint8_t * const RepCntCount_p,
uint8_t * const RepCntData_p,
uint8_t * const AdaptProp64Cutoff_p,
uint8_t * const AdaptProp64Count_p,
uint8_t * const AdaptProp64Data_p,
uint16_t * const AdaptProp4kCutoff_p,
uint16_t * const AdaptProp4kCount_p,
uint8_t * const AdaptProp4kData_p,
uint8_t * const AdaptProp64Fail_p,
uint8_t * const AdaptProp4kFail_p);
#endif /* Include Guard */
/* end of file api_val_random.h */
Reference in New Issue View Git Blame Copy Permalink