crypto: Add nrf_oberon 3.0.15 version

* Added missing ocrypto functions for SECP160 curves which
  broke some configurations.
* Fixed a bug which resulted in AEAD encryption/decryptionwith
  AES-CCM producing incorrect results for large buffers
  (>1MB data with 12 byte nonce).

Ref: NCSDK-26596

Signed-off-by: Georgios Vasilakis <[email protected]>

crypto/CMakeLists.txt

@@ -15,7 +15,7 @@ add_library(nrfxlib_crypto INTERFACE)
 if(CONFIG_NRF_OBERON OR CONFIG_BUILD_WITH_TFM OR CONFIG_OBERON_BACKEND OR CONFIG_PSA_CRYPTO_DRIVER_OBERON)
 
   set(OBERON_BASE ${CMAKE_CURRENT_SOURCE_DIR}/nrf_oberon)
-  set(OBERON_VER 3.0.14)
+  set(OBERON_VER 3.0.15)
 
   nrfxlib_calculate_lib_path(OBERON_LIB_DIR
     BASE_DIR ${OBERON_BASE}

crypto/doc/CHANGELOG_oberon.rst

@@ -9,6 +9,96 @@ Changelog - nrf_oberon
 
 All notable changes to this project are documented in this file.
 
+nrf_oberon - 3.0.15
+*******************
+
+New version of the nrf_oberon library with the following changes.
+
+Added
+=====
+
+* Added missing ocrypto functions for SECP160 curves that broke some configurations.
+* Fixed a bug that caused AEAD encryption/decryption with AES-CCM to produce incorrect results for large buffers (>1MB data with 12 byte nonce).
+
+Library built against Mbed TLS version 3.5.2.
+
+Added the following Oberon crypto libraries for nRF91, nRF53, nRF52, and nRF51 Series.
+
+.. note::
+   The *short-wchar* libraries are compiled with a wchar_t size of 16 bits.
+
+* nrf_oberon, nRF91 and nRF53 Series application core variants
+
+  * :file:`cortex-m33/hard-float/liboberon_3.0.15.a`
+  * :file:`cortex-m33/hard-float/liboberon_mbedtls_3.0.15.a`
+  * :file:`cortex-m33/soft-float/liboberon_3.0.15.a`
+  * :file:`cortex-m33/soft-float/liboberon_mbedtls_3.0.15.a`
+
+  * short-wchar
+
+    * :file:`cortex-m33/hard-float/short-wchar/liboberon_3.0.15.a`
+    * :file:`cortex-m33/hard-float/short-wchar/liboberon_mbedtls_3.0.15.a`
+    * :file:`cortex-m33/soft-float/short-wchar/liboberon_3.0.15.a`
+    * :file:`cortex-m33/soft-float/short-wchar/liboberon_mbedtls_3.0.15.a`
+
+  * Keil
+
+    * :file:`cortex-m33/hard-float/short-wchar/oberon_3.0.15.lib``
+    * :file:`cortex-m33/hard-float/short-wchar/oberon_mbedtls_3.0.15.lib``
+    * :file:`cortex-m33/soft-float/short-wchar/oberon_3.0.15.lib``
+    * :file:`cortex-m33/soft-float/short-wchar/oberon_mbedtls_3.0.15.lib``
+
+* nrf_oberon, nRF53 Series network core variants
+
+  * :file:`cortex-m33+nodsp/soft-float/liboberon_3.0.15.a`
+  * :file:`cortex-m33+nodsp/soft-float/liboberon_mbedtls_3.0.15.a`
+
+  * short-wchar
+
+    * :file:`cortex-m33+nodsp/soft-float/short-wchar/liboberon_3.0.15.a`
+    * :file:`cortex-m33+nodsp/soft-float/short-wchar/liboberon_mbedtls_3.0.15.a`
+
+  * Keil
+
+    * :file:`cortex-m33/soft-float/short-wchar/oberon_3.0.15.lib``
+    * :file:`cortex-m33/soft-float/short-wchar/oberon_mbedtls_3.0.15.lib``
+
+* nrf_oberon, nRF52 Series variants
+
+  * :file:`cortex-m4/hard-float/liboberon_3.0.15.a`
+  * :file:`cortex-m4/hard-float/liboberon_mbedtls_3.0.15.a`
+  * :file:`cortex-m4/soft-float/liboberon_3.0.15.a`
+  * :file:`cortex-m4/soft-float/liboberon_mbedtls_3.0.15.a.a`
+
+  * short-wchar
+
+    * :file:`cortex-m4/hard-float/short-wchar/liboberon_3.0.15.a`
+    * :file:`cortex-m4/hard-float/short-wchar/liboberon_mbedtls_3.0.15.a`
+    * :file:`cortex-m4/soft-float/short-wchar/liboberon_3.0.15.a`
+    * :file:`cortex-m4/soft-float/short-wchar/liboberon_mbedtls_3.0.15.a`
+
+  * Keil
+
+    * :file:`cortex-m4/soft-float/short-wchar/oberon_3.0.15.lib``
+    * :file:`cortex-m4/soft-float/short-wchar/oberon_mbedtls_3.0.15.lib``
+    * :file:`cortex-m4/hard-float/short-wchar/oberon_3.0.15.lib``
+    * :file:`cortex-m4/hard-float/short-wchar/oberon_mbedtls_3.0.15.lib``
+
+* nrf_oberon, nRF51 Series variants
+
+  * :file:`cortex-m0/soft-float/liboberon_3.0.15.a`
+  * :file:`cortex-m0/soft-float/liboberon_mbedtls_3.0.15.a`
+
+  * short-wchar
+
+    * :file:`cortex-m0/soft-float/short-wchar/liboberon_3.0.15.a`
+    * :file:`cortex-m0/soft-float/short-wchar/liboberon_mbedtls_3.0.15.a`
+
+  * Keil
+
+    * :file:`cortex-m0/soft-float/short-wchar/oberon_3.0.15.lib``
+    * :file:`cortex-m0/soft-float/short-wchar/oberon_mbedtls_3.0.15.lib``
+
 nrf_oberon - 3.0.14
 *******************
 

crypto/nrf_oberon/include/ocrypto_constant_time.h

@@ -38,7 +38,7 @@ extern "C" {
 int ocrypto_constant_time_equal(const void *x, const void *y, size_t length);
 
 /**
- * Variable length compared to zero.
+ * Variable length compare to zero.
  *
  * @param x      Memory region that will be compared.
  * @param length Number of bytes to compare, @p length > 0.

crypto/nrf_oberon/include/ocrypto_secp160r1.h

@@ -28,6 +28,16 @@ extern "C" {
  */
 void ocrypto_p160_scalar_mult(uint8_t r[40], const uint8_t s[32]);
 
+/**
+ * ECDH secp160r1 scalar multiplication `r = (s mod n) * G`.
+ *
+ * @param[out] r Resulting curve point in the form (x,y).
+ * @param      s Scalar value. 256 bit big endian.
+ *
+ * @remark @p r may be same as @p s.
+ */
+void ocrypto_p160_scalar_mult_alt(uint8_t r[40], const uint8_t s[32]);
+
 
 #ifdef __cplusplus
 }

crypto/nrf_oberon/include/ocrypto_srp.h

@@ -119,7 +119,7 @@ extern "C" {
  * The verifier is generated for a given user name @p user, a password @p pass
  * and salt @p salt.
  *
- * @param[out] v        Generated password verifier, must be 32-bit aligned.
+ * @param[out] v        Generated password verifier.
  * @param      salt     Salt.
  * @param      user     User name.
  * @param      user_len Length of @p user.
@@ -145,7 +145,7 @@ void ocrypto_srp_verifier(
  * The public key for a given private key @p priv_b is generated using the
  * password verifier @p v and put into @p pub_b.
  *
- * @param[out] pub_b  Generated public key, must be 32-bit aligned.
+ * @param[out] pub_b  Generated public key.
  * @param      priv_b Private key.
  * @param      v      Password verifier.
  */
@@ -158,7 +158,7 @@ void ocrypto_srp_public_key(
 /**
  * SRP-6 Server Public Key.
  *
- * @param[out] pub_b  Generated public key, must be 32 bit aligned.
+ * @param[out] pub_b  Generated public key.
  * @param      priv_b Private key.
  * @param      k      Multiplier.
  * @param      v      Password verifier.
@@ -170,7 +170,7 @@ void ocrypto_srp_server_public_key(
     const uint8_t v[ocrypto_srp_VERIFIER_BYTES]);
 
 /**
- * SRP - 6 Client Public Key.
+ * SRP-6 Client Public Key.
  *
  * @param[out] pub_a  Generated public key.
  * @param      priv_a Private key.
@@ -212,7 +212,7 @@ void ocrypto_srp_scrambling_parameter(
  * @p pub_a is valid, the premaster secret is then put into @p s. The premaster
  * secret can be used to generate encryption keys.
  *
- * @param[out] s      Generated premaster secret, must be 32-bit aligned.
+ * @param[out] s      Generated premaster secret.
  * @param      pub_a  Client public key.
  * @param      priv_b Server private key.
  * @param      u      Scrambling parameter; generated with @c ocrypto_srp_scrambling_parameter.
@@ -237,7 +237,7 @@ int ocrypto_srp_premaster_secret(
  * @p pub_a is valid, the premaster secret is then put into @p s. The premaster
  * secret can be used to generate encryption keys.
  *
- * @param[out] s      Generated premaster secret, must be 32-bit aligned.
+ * @param[out] s      Generated premaster secret.
  * @param      pub_a  Client public key.
  * @param      priv_b Server private key.
  * @param      u      Scrambling parameter; generated with @c ocrypto_srp_scrambling_parameter.
@@ -257,7 +257,7 @@ int ocrypto_srp_server_premaster_secret(
 /**
  * SRP-6 client premaster secret.
  *
- * @param[out] s      Generated premaster secret, must be 32 bit aligned.
+ * @param[out] s      Generated premaster secret.
  * @param      priv_a Client private key.
  * @param      pub_b  Server public key.
  * @param      k      Multiplier.
@@ -358,7 +358,7 @@ void ocrypto_srp_proof_m2(
  * and salt @p salt.
  *
  * @param      ctx      Context.
- * @param[out] v        Generated password verifier, must be 32-bit aligned.
+ * @param[out] v        Generated password verifier.
  * @param      salt     Salt.
  * @param      user     User name.
  * @param      user_len Length of @p user.
@@ -386,7 +386,7 @@ void ocrypto_srp_verifier_ctx(
  * password verifier @p v and put into @p pub_b.
  *
  * @param      ctx    Context.
- * @param[out] pub_b  Generated public key, must be 32-bit aligned.
+ * @param[out] pub_b  Generated public key.
  * @param      priv_b Private key.
  * @param      v      Password verifier.
  */
@@ -432,7 +432,7 @@ void ocrypto_srp_scrambling_parameter_ctx(
  * secret can be used to generate encryption keys.
  *
  * @param      ctx    Context.
- * @param[out] s      Generated premaster secret, must be 32-bit aligned.
+ * @param[out] s      Generated premaster secret.
  * @param      pub_a  Client public key.
  * @param      priv_b Server private key.
  * @param      u      Scrambling parameter; generated with @c ocrypto_srp_scrambling_parameter.

crypto/nrf_oberon/nrf_oberon.packsc

@@ -16,63 +16,63 @@
                     "autogen"
                 ],
                 "_condition": "'cortex-m4f' in _links and ('ses' in _toolchains or 'armgcc' in _toolchains)",
-                "_value": "lib\\cortex-m4\\hard-float\\liboberon_3.0.14.a"
+                "_value": "lib\\cortex-m4\\hard-float\\liboberon_3.0.15.a"
             },
             {
                 "_attrs": [
                     "autogen"
                 ],
                 "_condition": "'cortex-m4f' in _links and 'keilx' in _toolchains",
-                "_value": "lib\\cortex-m4\\hard-float\\short-wchar\\oberon_3.0.14.lib"
+                "_value": "lib\\cortex-m4\\hard-float\\short-wchar\\oberon_3.0.15.lib"
             },
             {
                 "_attrs": [
                     "autogen"
                 ],
                 "_condition": "'cortex-m4f' in _links and ('iar' in _toolchains)",
-                "_value": "lib\\cortex-m4\\hard-float\\short-wchar\\liboberon_3.0.14.a"
+                "_value": "lib\\cortex-m4\\hard-float\\short-wchar\\liboberon_3.0.15.a"
             },
             {
                 "_attrs": [
                     "autogen"
                 ],
                 "_condition": "'cortex-m4nf' in _links and ('ses' in _toolchains or 'armgcc' in _toolchains)",
-                "_value": "lib\\cortex-m4\\soft-float\\liboberon_3.0.14.a"
+                "_value": "lib\\cortex-m4\\soft-float\\liboberon_3.0.15.a"
             },
             {
                 "_attrs": [
                     "autogen"
                 ],
                 "_condition": "'cortex-m4nf' in _links and 'keilx' in _toolchains",
-                "_value": "lib\\cortex-m4\\soft-float\\short-wchar\\oberon_3.0.14.lib"
+                "_value": "lib\\cortex-m4\\soft-float\\short-wchar\\oberon_3.0.15.lib"
             },
             {
                 "_attrs": [
                     "autogen"
                 ],
                 "_condition": "'cortex-m4nf' in _links and 'iar' in _toolchains",
-                "_value": "lib\\cortex-m4\\soft-float\\short-wchar\\liboberon_3.0.14.a"
+                "_value": "lib\\cortex-m4\\soft-float\\short-wchar\\liboberon_3.0.15.a"
             },
             {
                 "_attrs": [
                     "autogen"
                 ],
                 "_condition": "'cortex-m0' in _links and ('ses' in _toolchains or 'armgcc' in _toolchains)",
-                "_value": "lib\\cortex-m0\\soft-float\\liboberon_3.0.14.a"
+                "_value": "lib\\cortex-m0\\soft-float\\liboberon_3.0.15.a"
             },
             {
                 "_attrs": [
                     "autogen"
                 ],
                 "_condition": "'cortex-m0' in _links and 'iar' in _toolchains",
-                "_value": "lib\\cortex-m0\\soft-float\\short-wchar\\liboberon_3.0.14.a"
+                "_value": "lib\\cortex-m0\\soft-float\\short-wchar\\liboberon_3.0.15.a"
             },
             {
                 "_attrs": [
                     "autogen"
                 ],
                 "_condition": "'cortex-m0' in _links and 'keilx' in _toolchains",
-                "_value": "lib\\cortex-m0\\soft-float\\short-wchar\\oberon_3.0.14.lib"
+                "_value": "lib\\cortex-m0\\soft-float\\short-wchar\\oberon_3.0.15.lib"
             }
         ]
     }