Updating micro-ecc to more current algorithms to improve performance of the generation of shared secrets

Signed-off-by: Constanza Heath <[email protected]>

Author: Constanza Heath

Diff for: AUTHORS

@@ -1,2 +1,15 @@
-Open Source Maintainer: Constanza Heath <[email protected]>
-Author: Rafael Misoczki <[email protected]>
+Architect: 
+Rafael Misoczki <[email protected]>
+
+Open Source Maintainer: 
+Constanza Heath <[email protected]>
+Rafael Misoczki <[email protected]>
+
+Contributors:
+Constanza Heath <[email protected]>
+Rafael Misoczki <[email protected]> 
+Flavio Santes <[email protected]>
+Jarkko Sakkinen <[email protected]>
+Chris Morrison
+Marti Bolivar
+Colin Ian King

Diff for: LICENSE

@@ -5,7 +5,7 @@
 
 ================================================================================
 
-          Copyright (c) 2015, Intel Corporation. All rights reserved.         
+          Copyright (c) 2017, Intel Corporation. All rights reserved.         
 
 Redistribution and use in source and binary forms, with or without modification,
 are permitted provided that the following conditions are met:
@@ -34,8 +34,7 @@ ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 ================================================================================
-
-Copyright (c) 2013, Kenneth MacKay
+Copyright (c) 2014, Kenneth MacKay
 All rights reserved.
 
 https://github.com/kmackay/micro-ecc

Diff for: Makefile

@@ -1,6 +1,6 @@
 ################################################################################
 #
-#      Copyright (C) 2015 by Intel Corporation, All Rights Reserved.
+#      Copyright (C) 2017 by Intel Corporation, All Rights Reserved.
 #
 # 								           Global Makefile. 
 #	  		See lib/Makefile and tests/Makefile for further configuration.

Diff for: README

@@ -5,7 +5,7 @@
 
 ================================================================================
 
-          Copyright (c) 2015, Intel Corporation. All rights reserved.         
+          Copyright (c) 2017, Intel Corporation. All rights reserved.         
 
 Redistribution and use in source and binary forms, with or without modification,
 are permitted provided that the following conditions are met:
@@ -50,6 +50,7 @@ cryptographic primitive.
 Organization:
 
 /lib: C source code of the cryptographic primitives.
+/lib/include/tinycrypt: C header files of the cryptographic primitives.
 /tests: Test vectors of the cryptographic primitives.
 /doc: Documentation of TinyCrypt. 
 
@@ -60,6 +61,7 @@ Building:
 1) In Makefile.conf set: 
     - CFLAGS for compiler flags.
     - CC for compiler.
+    - ENABLE_TESTS for enabling (true) or disabling (false) tests compilation.
 2) In lib/Makefile select the primitives required by your project.
 3) In tests/Makefile select the corresponding tests of the selected primitives.
 4) make 

Diff for: VERSION

@@ -1 +1 @@
-0.2.6
+0.2.7

Diff for: config.mk

@@ -1,11 +1,12 @@
 ################################################################################
 #
-#      Copyright (C) 2015 by Intel Corporation, All Rights Reserved.
+#      Copyright (C) 2017 by Intel Corporation, All Rights Reserved.
 #
 #            Global configuration Makefile. Included everywhere.
 #
 ################################################################################
 
+# EDIT HERE:
 CC:=gcc
 CFLAGS:=-Os -std=c99 -Wall -Wextra -D_ISOC99_SOURCE -MMD -I../lib/include/ -I../lib/source/ -I../tests/include/
 vpath %.c ../lib/source/
@@ -19,11 +20,16 @@ ifeq ($(OS),Windows_NT)
 DOTEXE:=.exe
 endif
 
-# DO NOT EDIT THIS:
+# DO NOT EDIT AFTER THIS POINT:
 ifeq ($(ENABLE_TESTS), true)
 CFLAGS += -DENABLE_TESTS
 else
 CFLAGS += -DDISABLE_TESTS
 endif
 
+export CC
+export CFLAGS
+export VPATH
+export ENABLE_TESTS
+
 ################################################################################

Diff for: documentation/tinycrypt.rst

@@ -1,7 +1,7 @@
 
 TinyCrypt Cryptographic Library
 ###############################
-Copyright (C) 2015 by Intel Corporation, All Rights Reserved.
+Copyright (C) 2017 by Intel Corporation, All Rights Reserved.
 
 Overview
 ********
@@ -72,13 +72,13 @@ corresponding header file.
 
 * ECC-DH:
 
-  * Type of primitive: Key exchange.
+  * Type of primitive: Key exchange based on curve NIST p-256.
   * Standard Specification: RFC 6090.
   * Requires: ECC auxiliary functions (ecc.h/c).
 
 * ECC-DSA:
 
-  * Type of primitive: Digital signature.
+  * Type of primitive: Digital signature based on curve NIST p-256.
   * Standard Specification: RFC 6090.
   * Requires: ECC auxiliary functions (ecc.h/c).
 
@@ -102,15 +102,17 @@ Important Remarks
 
 The cryptographic implementations in TinyCrypt library have some limitations.
 Some of these limitations are inherent to the cryptographic primitives
-themselves, while others are specific to TinyCrypt. Some of these limitations
-are discussed in-depth below.
+themselves, while others are specific to TinyCrypt. These limitations were accepted
+in order to meet its design goals (in special, minimal code size) and to better 
+serve applications targeting constrained devices in general. Some of these 
+limitations are discussed in-depth below.
 
 General Remarks
 ***************
 
 * TinyCrypt does **not** intend to be fully side-channel resistant. Due to the
-  variety of side-channel attacks, many of them making certain platforms
-  vulnerable. In this sense, instead of penalizing all library users with
+  variety of side-channel attacks, many of them only relevant to certain 
+  platforms. In this sense, instead of penalizing all library users with
   side-channel countermeasures such as increasing the overall code size,
   TinyCrypt only implements certain generic timing-attack countermeasures.
 
@@ -134,7 +136,9 @@ Specific Remarks
 
   * The tc_hmac_final function, responsible for computing the message tag,
     cleans the state context before exiting. Thus, applications do not need to
-    clean the TCHmacState_t ctx after calling tc_hmac_final.
+    clean the TCHmacState_t ctx after calling tc_hmac_final. This should not
+    be changed in future versions of the library as there are applications
+    currently relying on this good-practice/feature of TinyCrypt.
 
 * HMAC-PRNG:
 
@@ -160,7 +164,7 @@ Specific Remarks
   * The AES-CTR mode limits the size of a data message they encrypt to 2^32
     blocks. If you need to encrypt larger data sets, your application would
     need to replace the key after 2^32 block encryptions.
-    
+
 * CTR-PRNG:
 
   * Before using CTR-PRNG, you *must* find an entropy source to produce a seed.
@@ -231,18 +235,24 @@ Specific Remarks
 
 * ECC-DH and ECC-DSA:
 
-  * TinyCrypt ECC implementation is based on nano-ecc (see
-    https://github.com/iSECPartners/nano-ecc) which in turn is based on
-    mciro-ecc (see https://github.com/kmackay/micro-ecc). In the original
-    nano and micro-ecc documentation, there is an important remark about the
-    way integers are represented:
+  * TinyCrypt ECC implementation is based on micro-ecc (see
+    https://github.com/kmackay/micro-ecc). In the original micro-ecc 
+    documentation, there is an important remark about the way integers are
+    represented:
 
     "Integer representation: To reduce code size, all large integers are
     represented using little-endian words - so the least significant word is
     first. You can use the 'ecc_bytes2native()' and 'ecc_native2bytes()'
     functions to convert between the native integer representation and the
     standardized octet representation."
 
+    Note that the assumed bit layout is: {31, 30, ..., 0}, {63, 62, ..., 32},
+    {95, 94, ..., 64}, {127, 126, ..., 96} for a very-long-integer (vli)
+    consisting of 4 unsigned integers (as an example).
+
+  * A cryptographically-secure PRNG function must be set (using uECC_set_rng())
+    before calling uECC_make_key() or uECC_sign().
+
 Examples of Applications
 ************************
 It is possible to do useful cryptography with only the given small set of
@@ -321,9 +331,9 @@ References
 .. _NIST SP 800-38C (AES-CCM):
     http://csrc.nist.gov/publications/nistpubs/800-38C/SP800-38C_updated-July20_2007.pdf
 
-* `NIST Statistical Test Suite`_
+* `NIST Statistical Test Suite (useful for testing HMAC-PRNG)`_
 
-.. _NIST Statistical Test Suite:
+.. _NIST Statistical Test Suite (useful for testing HMAC-PRNG):
    http://csrc.nist.gov/groups/ST/toolkit/rng/documentation_software.html
 
 * `NIST Cryptographic Algorithm Validation Program (CAVP) site`_

Diff for: lib/Makefile

@@ -1,8 +1,8 @@
 ################################################################################
 #
-#      Copyright (C) 2015 by Intel Corporation, All Rights Reserved.
+#      Copyright (C) 2017 by Intel Corporation, All Rights Reserved.
 #
-# 								   Cryptographic Primitives Makefile.
+# 			Cryptographic Primitives Makefile.
 #
 ################################################################################
 

Diff for: lib/include/tinycrypt/aes.h

@@ -1,7 +1,7 @@
 /* aes.h - TinyCrypt interface to an AES-128 implementation */
 
 /*
- *  Copyright (C) 2015 by Intel Corporation, All Rights Reserved.
+ *  Copyright (C) 2017 by Intel Corporation, All Rights Reserved.
  *
  *  Redistribution and use in source and binary forms, with or without
  *  modification, are permitted provided that the following conditions are met:
@@ -61,10 +61,9 @@ extern "C" {
 #define TC_AES_BLOCK_SIZE (Nb*Nk)
 #define TC_AES_KEY_SIZE (Nb*Nk)
 
-struct tc_aes_key_sched_struct {
-	uint32_t words[Nb*(Nr+1)];
-};
-typedef struct tc_aes_key_sched_struct *TCAesKeySched_t;
+typedef struct tc_aes_key_sched_struct {
+	unsigned int words[Nb*(Nr+1)];
+} *TCAesKeySched_t;
 
 /**
  *  @brief Set AES-128 encryption key
@@ -77,7 +76,7 @@ typedef struct tc_aes_key_sched_struct *TCAesKeySched_t;
  *  @param      s IN/OUT -- initialized struct tc_aes_key_sched_struct
  *  @param      k IN -- points to the AES key
  */
-int32_t tc_aes128_set_encrypt_key(TCAesKeySched_t s, const uint8_t *k);
+int tc_aes128_set_encrypt_key(TCAesKeySched_t s, const uint8_t *k);
 
 /**
  *  @brief AES-128 Encryption procedure
@@ -91,9 +90,8 @@ int32_t tc_aes128_set_encrypt_key(TCAesKeySched_t s, const uint8_t *k);
  *  @param in IN -- a plaintext block to encrypt
  *  @param s IN -- initialized AES key schedule
  */
-int32_t tc_aes_encrypt(uint8_t *out,
-		       const uint8_t *in,
-		       const TCAesKeySched_t s);
+int tc_aes_encrypt(uint8_t *out, const uint8_t *in, 
+		   const TCAesKeySched_t s);
 
 /**
  *  @brief Set the AES-128 decryption key
@@ -109,7 +107,7 @@ int32_t tc_aes_encrypt(uint8_t *out,
  *  @param s  IN/OUT -- initialized struct tc_aes_key_sched_struct
  *  @param k  IN -- points to the AES key
  */
-int32_t tc_aes128_set_decrypt_key(TCAesKeySched_t s, const uint8_t *k);
+int tc_aes128_set_decrypt_key(TCAesKeySched_t s, const uint8_t *k);
 
 /**
  *  @brief AES-128 Encryption procedure
@@ -122,12 +120,11 @@ int32_t tc_aes128_set_decrypt_key(TCAesKeySched_t s, const uint8_t *k);
  *  @param in IN -- a plaintext block to encrypt
  *  @param s IN -- initialized AES key schedule
  */
-int32_t tc_aes_decrypt(uint8_t *out,
-		       const uint8_t *in,
-		       const TCAesKeySched_t s);
+int tc_aes_decrypt(uint8_t *out, const uint8_t *in, 
+		   const TCAesKeySched_t s);
 
 #ifdef __cplusplus
 }
 #endif
 
-#endif
+#endif /* __TC_AES_H__ */

Diff for: lib/include/tinycrypt/cbc_mode.h

@@ -1,7 +1,7 @@
 /* cbc_mode.h - TinyCrypt interface to a CBC mode implementation */
 
 /*
- *  Copyright (C) 2015 by Intel Corporation, All Rights Reserved.
+ *  Copyright (C) 2017 by Intel Corporation, All Rights Reserved.
  *
  *  Redistribution and use in source and binary forms, with or without
  *  modification, are permitted provided that the following conditions are met:
@@ -107,9 +107,9 @@ extern "C" {
  *  @param iv IN -- the IV for the this encrypt/decrypt
  *  @param sched IN --  AES key schedule for this encrypt
  */
-int32_t tc_cbc_mode_encrypt(uint8_t *out, uint32_t outlen, const uint8_t *in,
-			    uint32_t inlen, const uint8_t *iv,
-			    const TCAesKeySched_t sched);
+int tc_cbc_mode_encrypt(uint8_t *out, unsigned int outlen, const uint8_t *in,
+			unsigned int inlen, const uint8_t *iv,
+			const TCAesKeySched_t sched);
 
 /**
  * @brief CBC decryption procedure
@@ -140,12 +140,12 @@ int32_t tc_cbc_mode_encrypt(uint8_t *out, uint32_t outlen, const uint8_t *in,
  * @param sched IN --  AES key schedule for this decrypt
  *
  */
-int32_t tc_cbc_mode_decrypt(uint8_t *out, uint32_t outlen, const uint8_t *in,
-			    uint32_t inlen, const uint8_t *iv,
-			    const TCAesKeySched_t sched);
+int tc_cbc_mode_decrypt(uint8_t *out, unsigned int outlen, const uint8_t *in,
+			unsigned int inlen, const uint8_t *iv,
+			const TCAesKeySched_t sched);
 
 #ifdef __cplusplus
 }
 #endif
 
-#endif
+#endif /* __TC_CBC_MODE_H__ */