diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_DUALCPU/src/platform_multicore.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_DUALCPU/src/platform_multicore.c deleted file mode 100644 index e860ae0..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_DUALCPU/src/platform_multicore.c +++ /dev/null @@ -1,131 +0,0 @@ -/* - * Copyright (c) 2019 Arm Limited. All rights reserved. - * Copyright (c) 2019 Cypress Semiconductor Corporation. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#include "cmsis_compiler.h" - -#include "platform_multicore.h" -#include "tfm_multi_core_api.h" -#include "tfm_ns_mailbox.h" - -#include "cy_ipc_drv.h" -#include "cy_sysint.h" -#if CY_SYSTEM_CPU_CM0P -#include "spe_ipc_config.h" -#else -#include "ns_ipc_config.h" -#endif - -int platform_mailbox_fetch_msg_ptr(void **msg_ptr) -{ - cy_en_ipcdrv_status_t status; - - if (!msg_ptr) { - return PLATFORM_MAILBOX_INVAL_PARAMS; - } - - status = Cy_IPC_Drv_ReadMsgPtr(Cy_IPC_Drv_GetIpcBaseAddress(IPC_RX_CHAN), - msg_ptr); - if (status != CY_IPC_DRV_SUCCESS) { - return PLATFORM_MAILBOX_RX_ERROR; - } - - Cy_IPC_Drv_ReleaseNotify(Cy_IPC_Drv_GetIpcBaseAddress(IPC_RX_CHAN), - IPC_RX_RELEASE_MASK); - return PLATFORM_MAILBOX_SUCCESS; -} - -int platform_mailbox_fetch_msg_data(uint32_t *data_ptr) -{ - cy_en_ipcdrv_status_t status; - - if (!data_ptr) { - return PLATFORM_MAILBOX_INVAL_PARAMS; - } - - status = Cy_IPC_Drv_ReadMsgWord(Cy_IPC_Drv_GetIpcBaseAddress(IPC_RX_CHAN), - data_ptr); - if (status != CY_IPC_DRV_SUCCESS) { - return PLATFORM_MAILBOX_RX_ERROR; - } - - Cy_IPC_Drv_ReleaseNotify(Cy_IPC_Drv_GetIpcBaseAddress(IPC_RX_CHAN), - IPC_RX_RELEASE_MASK); - return PLATFORM_MAILBOX_SUCCESS; -} - -int platform_mailbox_send_msg_ptr(const void *msg_ptr) -{ - cy_en_ipcdrv_status_t status; - - if (!msg_ptr) - return PLATFORM_MAILBOX_INVAL_PARAMS; - - status = Cy_IPC_Drv_SendMsgPtr(Cy_IPC_Drv_GetIpcBaseAddress(IPC_TX_CHAN), - IPC_TX_NOTIFY_MASK, msg_ptr); - if (status != CY_IPC_DRV_SUCCESS) { - return PLATFORM_MAILBOX_TX_ERROR; - } - - return PLATFORM_MAILBOX_SUCCESS; -} - -int platform_mailbox_send_msg_data(uint32_t data) -{ - cy_en_ipcdrv_status_t status; - - status = Cy_IPC_Drv_SendMsgWord(Cy_IPC_Drv_GetIpcBaseAddress(IPC_TX_CHAN), - IPC_TX_NOTIFY_MASK, data); - if (status != CY_IPC_DRV_SUCCESS) { - return PLATFORM_MAILBOX_TX_ERROR; - } - - return PLATFORM_MAILBOX_SUCCESS; -} - -void platform_mailbox_wait_for_notify(void) -{ - uint32_t status; - - while (1) { - status = Cy_IPC_Drv_GetInterruptStatusMasked( - Cy_IPC_Drv_GetIntrBaseAddr(IPC_RX_INTR_STRUCT)); - status >>= CY_IPC_NOTIFY_SHIFT; - if (status & IPC_RX_INT_MASK) { - break; - } - } - - Cy_IPC_Drv_ClearInterrupt(Cy_IPC_Drv_GetIntrBaseAddr(IPC_RX_INTR_STRUCT), - 0, IPC_RX_INT_MASK); -} - -int platform_ns_ipc_init(void) -{ - Cy_IPC_Drv_SetInterruptMask(Cy_IPC_Drv_GetIntrBaseAddr(IPC_RX_INTR_STRUCT), - 0, IPC_RX_INT_MASK); - return PLATFORM_MAILBOX_SUCCESS; -} - -int32_t tfm_platform_ns_wait_for_s_cpu_ready(void) -{ - uint32_t data = 0; - - if (platform_ns_ipc_init() != PLATFORM_MAILBOX_SUCCESS) { - return PLATFORM_MAILBOX_INVAL_PARAMS; - } - while(data != IPC_SYNC_MAGIC) - { - platform_mailbox_wait_for_notify(); - platform_mailbox_fetch_msg_data(&data); - } - - if (platform_mailbox_send_msg_data(~IPC_SYNC_MAGIC) != - PLATFORM_MAILBOX_SUCCESS) { - return PLATFORM_MAILBOX_RX_ERROR; - } - return PLATFORM_MAILBOX_SUCCESS; -} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_DUALCPU/src/platform_ns_mailbox.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_DUALCPU/src/platform_ns_mailbox.c deleted file mode 100644 index af08ac1..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_DUALCPU/src/platform_ns_mailbox.c +++ /dev/null @@ -1,309 +0,0 @@ -/* - * Copyright (c) 2019-2020, Arm Limited. All rights reserved. - * Copyright (c) 2019, Cypress Semiconductor Corporation. All rights reserved - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -/* -------------------------------------- Includes ----------------------------------- */ -#include -#include - -#include "cmsis_compiler.h" - -#include "cy_ipc_drv.h" -#include "cy_sysint.h" -#include "cy_ipc_sema.h" - -#include "ns_ipc_config.h" -#include "tfm_ns_mailbox.h" -#include "platform_multicore.h" -#include "cmsis_os2.h" - -static uint8_t saved_irq_state = 1; - -/* -------------------------------------- HAL API ------------------------------------ */ - -static void mailbox_ipc_init(void) -{ - Cy_IPC_Drv_SetInterruptMask(Cy_IPC_Drv_GetIntrBaseAddr(IPC_RX_INTR_STRUCT), - 0, IPC_RX_INT_MASK); -} - -static void mailbox_ipc_config(void) -{ - NVIC_SetPriority(PSA_CLIENT_REPLY_NVIC_IRQn, PSA_CLIENT_REPLY_IRQ_PRIORITY); - - NVIC_EnableIRQ(PSA_CLIENT_REPLY_NVIC_IRQn); -} - -int32_t tfm_ns_mailbox_hal_notify_peer(void) -{ - cy_en_ipcdrv_status_t status; - - status = Cy_IPC_Drv_SendMsgWord(Cy_IPC_Drv_GetIpcBaseAddress(IPC_TX_CHAN), - IPC_TX_NOTIFY_MASK, - PSA_CLIENT_CALL_REQ_MAGIC); - - if (status == CY_IPC_DRV_SUCCESS) { - return MAILBOX_SUCCESS; - } else { - return MAILBOX_CHAN_BUSY; - } -} - -static int32_t mailbox_sema_init(void) -{ - /* semaphore data */ - static uint32_t tfm_sema __attribute__((section("TFM_SHARED_DATA"))); - - if (Cy_IPC_Sema_Init(PLATFORM_MAILBOX_IPC_CHAN_SEMA, - sizeof(tfm_sema) * CHAR_BIT, - &tfm_sema) != CY_IPC_SEMA_SUCCESS) { - return PLATFORM_MAILBOX_INIT_ERROR; - } - return PLATFORM_MAILBOX_SUCCESS; -} - -int32_t tfm_ns_mailbox_hal_init(struct ns_mailbox_queue_t *queue) -{ - uint32_t stage; - - if (!queue) { - return MAILBOX_INVAL_PARAMS; - } - - /* Init semaphores used for critical sections */ - if (mailbox_sema_init() != PLATFORM_MAILBOX_SUCCESS) - return MAILBOX_INIT_ERROR; - - /* - * FIXME - * Further verification of mailbox queue address may be required according - * to diverse NSPE implementations. - */ - - mailbox_ipc_init(); - - /* - * Wait until SPE mailbox library is ready to receive NSPE mailbox queue - * address. - */ - while (1) { - platform_mailbox_wait_for_notify(); - - platform_mailbox_fetch_msg_data(&stage); - if (stage == NS_MAILBOX_INIT_ENABLE) { - break; - } - } - - /* Send out the address */ - platform_mailbox_send_msg_ptr(queue); - - /* Wait until SPE mailbox service is ready */ - while (1) { - platform_mailbox_wait_for_notify(); - - platform_mailbox_fetch_msg_data(&stage); - if (stage == S_MAILBOX_READY) { - break; - } - } - - mailbox_ipc_config(); - - return MAILBOX_SUCCESS; -} - -const void *tfm_ns_mailbox_get_task_handle(void) -{ -#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL - return osThreadGetId(); -#else - return NULL; -#endif -} - -void tfm_ns_mailbox_hal_wait_reply(mailbox_msg_handle_t handle) -{ - osThreadFlagsWait(handle, osFlagsWaitAll, osWaitForever); -} - -static cy_en_ipcsema_status_t mailbox_raw_spin_lock(uint32_t ipc_channel, - uint32_t sema_num) -{ - uint32_t semaIndex; - uint32_t semaMask; - cy_stc_ipc_sema_t *semaStruct; - cy_en_ipcdrv_status_t acqStatus; - cy_en_ipcsema_status_t ret = CY_IPC_SEMA_BAD_PARAM; - bool is_lock = false; - IPC_STRUCT_Type *semaIpcStruct; - - /* Get IPC register structure */ - semaIpcStruct = Cy_IPC_Drv_GetIpcBaseAddress(ipc_channel); - /* Get pointer to structure */ - semaStruct = (cy_stc_ipc_sema_t *)Cy_IPC_Drv_ReadDataValue(semaIpcStruct); - - if (sema_num < semaStruct->maxSema) { - semaIndex = sema_num / CY_IPC_SEMA_PER_WORD; - semaMask = (uint32_t)(1ul << (sema_num - \ - (semaIndex * CY_IPC_SEMA_PER_WORD))); - - while (!is_lock) { - /* Check to make sure the IPC channel is released - If so, check if specific channel can be locked. */ - do { - acqStatus = Cy_IPC_Drv_LockAcquire(semaIpcStruct); - } while (acqStatus != CY_IPC_DRV_SUCCESS); - - if ((semaStruct->arrayPtr[semaIndex] & semaMask) == 0ul) { - semaStruct->arrayPtr[semaIndex] |= semaMask; - is_lock = true; - } - - /* Release, but do not trigger a release event */ - (void)Cy_IPC_Drv_LockRelease(semaIpcStruct, - CY_IPC_NO_NOTIFICATION); - - if (!is_lock) { - /* - * The secure core is occupying this lock. Insert a small delay - * to give the secure core a chance to acquire the IPC channel - * and release the lock. - * Otherwise, the secure core may not be able to release the - * lock if non-secure core has higher CPU frequency. It will - * generate a deadlock. - * This delay won't harm performance too much since non-secure - * core has to busy wait here anyway. - * Alternatively, non-secure core can wait for release - * notification event from secure core. However, it is more - * complex and requires more code and more modifications. - */ - volatile uint32_t count = 1000; - while(count > 0) { - count--; - } - Cy_IPC_Sema_Status(sema_num); - } - } - - ret = CY_IPC_SEMA_SUCCESS; - } - - return ret; -} - -static cy_en_ipcsema_status_t mailbox_raw_spin_unlock(uint32_t ipc_channel, - uint32_t sema_num) -{ - uint32_t semaIndex; - uint32_t semaMask; - cy_stc_ipc_sema_t *semaStruct; - cy_en_ipcdrv_status_t acqStatus; - cy_en_ipcsema_status_t ret = CY_IPC_SEMA_BAD_PARAM; - bool is_unlock = false; - IPC_STRUCT_Type *semaIpcStruct; - - /* Get IPC register structure */ - semaIpcStruct = Cy_IPC_Drv_GetIpcBaseAddress(ipc_channel); - /* Get pointer to structure */ - semaStruct = (cy_stc_ipc_sema_t *)Cy_IPC_Drv_ReadDataValue(semaIpcStruct); - - if (sema_num < semaStruct->maxSema) { - semaIndex = sema_num / CY_IPC_SEMA_PER_WORD; - semaMask = (uint32_t)(1ul << (sema_num - \ - (semaIndex * CY_IPC_SEMA_PER_WORD))); - - while (!is_unlock) { - /* Check to make sure the IPC channel is released - If so, check if specific channel can be locked. */ - do { - acqStatus = Cy_IPC_Drv_LockAcquire(semaIpcStruct); - } while (acqStatus != CY_IPC_DRV_SUCCESS); - - if ((semaStruct->arrayPtr[semaIndex] & semaMask) != 0ul) { - semaStruct->arrayPtr[semaIndex] &= ~semaMask; - is_unlock = true; - } - - /* Release, but do not trigger a release event */ - (void)Cy_IPC_Drv_LockRelease(semaIpcStruct, - CY_IPC_NO_NOTIFICATION); - } - - ret = CY_IPC_SEMA_SUCCESS; - } - - return ret; -} - -void tfm_ns_mailbox_hal_enter_critical(void) -{ - saved_irq_state = Cy_SysLib_EnterCriticalSection(); - - mailbox_raw_spin_lock(CY_IPC_CHAN_SEMA, MAILBOX_SEMAPHORE_NUM); -} - -void tfm_ns_mailbox_hal_exit_critical(void) -{ - mailbox_raw_spin_unlock(CY_IPC_CHAN_SEMA, MAILBOX_SEMAPHORE_NUM); - - Cy_SysLib_ExitCriticalSection(saved_irq_state); -} - -void tfm_ns_mailbox_hal_enter_critical_isr(void) -{ - mailbox_raw_spin_lock(CY_IPC_CHAN_SEMA, MAILBOX_SEMAPHORE_NUM); -} - -void tfm_ns_mailbox_hal_exit_critical_isr(void) -{ - mailbox_raw_spin_unlock(CY_IPC_CHAN_SEMA, MAILBOX_SEMAPHORE_NUM); -} - -static bool mailbox_clear_intr(void) -{ - uint32_t status; - - status = Cy_IPC_Drv_GetInterruptStatusMasked( - Cy_IPC_Drv_GetIntrBaseAddr(IPC_RX_INTR_STRUCT)); - status >>= CY_IPC_NOTIFY_SHIFT; - if ((status & IPC_RX_INT_MASK) == 0) { - return false; - } - - Cy_IPC_Drv_ClearInterrupt(Cy_IPC_Drv_GetIntrBaseAddr(IPC_RX_INTR_STRUCT), - 0, IPC_RX_INT_MASK); - return true; -} - -void cpuss_interrupts_ipc_5_IRQHandler(void) -{ - uint32_t magic; - mailbox_msg_handle_t handle; - osThreadId_t task_handle; - - if (!mailbox_clear_intr()) - return; - - platform_mailbox_fetch_msg_data(&magic); - if (magic == PSA_CLIENT_CALL_REPLY_MAGIC) { - /* Handle all the pending replies */ - while (1) { - handle = tfm_ns_mailbox_fetch_reply_msg_isr(); - if (handle == MAILBOX_MSG_NULL_HANDLE) { - break; - } - - task_handle = (osThreadId_t)tfm_ns_mailbox_get_msg_owner(handle); - if (task_handle) { - /* According to the description of CMSIS-RTOS v2 Thread Flags, - * osThreadFlagsSet() can be called inside Interrupt Service - * Routine. */ - osThreadFlagsSet(task_handle, handle); - } - } - } -} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_DUALCPU/src/tfm_mbed_boot.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_DUALCPU/src/tfm_mbed_boot.c deleted file mode 100644 index c8d595f..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_DUALCPU/src/tfm_mbed_boot.c +++ /dev/null @@ -1,67 +0,0 @@ -/* mbed Microcontroller Library - * Copyright (c) 2020 ARM Limited - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "mbed_error.h" -#include "tfm_multi_core_api.h" -#include "tfm_ns_mailbox.h" -#include "platform_multicore.h" -#include "tfm_ns_interface.h" - -static struct ns_mailbox_queue_t ns_mailbox_queue; - -void mbed_tfm_init(void) -{ - /* - * In case the of dual CPU, we need to initialize IPC, mailbox - * and NS interface after the RTOS has started to enable - * communication from Secure and Non-Secure cores. - */ - int32_t ret; - - ret = tfm_ns_wait_for_s_cpu_ready(); - /* - * Normally would expect "TFM_SUCCESS" returned here by TF-M, as this - * isn't a mailbox function. There may be some platforms other than PSoC6, - * which doesn't require tfm_ns_wait_for_s_cpu_ready() implementation. - * "PLATFORM_MAILBOX_SUCCESS" is a low-level error code and should be - * replaced by "TFM_SUCCESS". - * As the function definition has been imported from the TF-M, therefore - * a issue has been raised - https://developer.trustedfirmware.org/T660 - */ - if (ret != PLATFORM_MAILBOX_SUCCESS) { - /* Avoid undefined behavior after multi-core sync-up failed */ - MBED_ERROR(MBED_MAKE_ERROR(MBED_MODULE_PLATFORM, - MBED_ERROR_CODE_INITIALIZATION_FAILED), - "Failed to sync-up multi-core"); - } - - ret = tfm_ns_mailbox_init(&ns_mailbox_queue); - if (ret != MAILBOX_SUCCESS) { - /* Avoid undefined behavior after NS mailbox initialization failed */ - MBED_ERROR(MBED_MAKE_ERROR(MBED_MODULE_PLATFORM, - MBED_ERROR_CODE_INITIALIZATION_FAILED), - "Failed to initialize NS mailbox"); - } - - ret = tfm_ns_interface_init(); - if (ret != TFM_SUCCESS) { - /* Avoid undefined behavior after NS interface initialization failed */ - MBED_ERROR(MBED_MAKE_ERROR(MBED_MODULE_PLATFORM, - MBED_ERROR_CODE_INITIALIZATION_FAILED), - "Failed to initialize NS interface"); - } -} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_DUALCPU/src/tfm_multi_core_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_DUALCPU/src/tfm_multi_core_api.c deleted file mode 100644 index b58738f..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_DUALCPU/src/tfm_multi_core_api.c +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include "tfm_api.h" -#include "tfm_mailbox.h" -#include "tfm_multi_core_api.h" -#include "cmsis_os2.h" - -#define MAX_SEMAPHORE_COUNT NUM_MAILBOX_QUEUE_SLOT - -static osSemaphoreId_t ns_lock_handle = NULL; - -__attribute__((weak)) -enum tfm_status_e tfm_ns_interface_init(void) -{ - osSemaphoreAttr_t sema_attrib = {0}; - - ns_lock_handle = osSemaphoreNew(MAX_SEMAPHORE_COUNT, - MAX_SEMAPHORE_COUNT, - &sema_attrib); - if (!ns_lock_handle) { - return TFM_ERROR_GENERIC; - } - - return TFM_SUCCESS; -} - -int32_t tfm_ns_wait_for_s_cpu_ready(void) -{ - return tfm_platform_ns_wait_for_s_cpu_ready(); -} - -uint32_t tfm_ns_multi_core_lock_acquire(void) -{ - return osSemaphoreAcquire(ns_lock_handle, osWaitForever); -} - -uint32_t tfm_ns_multi_core_lock_release(void) -{ - return osSemaphoreRelease(ns_lock_handle); -} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_DUALCPU/src/tfm_multi_core_psa_ns_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_DUALCPU/src/tfm_multi_core_psa_ns_api.c deleted file mode 100644 index 3af3af8..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_DUALCPU/src/tfm_multi_core_psa_ns_api.c +++ /dev/null @@ -1,224 +0,0 @@ -/* - * Copyright (c) 2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include -#include - -#include "psa/client.h" -#include "psa/error.h" -#include "tfm_api.h" -#include "tfm_multi_core_api.h" -#include "tfm_ns_mailbox.h" - -/* - * TODO - * Currently, force all the non-secure client to share the same ID. - * - * It requires a more clear mechanism to synchronize the non-secure client - * ID with SPE in dual core scenario. - * In current design, the value is transferred to SPE via mailbox message. - * A dedicated routine to receive the non-secure client information in - * TF-M core/SPM in dual core scenario should be added besides current - * implementation for single Armv8-M. - * The non-secure client identification is shared with SPE in - * single Armv8-M scenario via CMSIS TrustZone context management API, - * which may not work in dual core scenario. - */ -#define NON_SECURE_CLIENT_ID (1) - -/* - * TODO - * Require a formal definition of errors related to mailbox in PSA client call. - */ -#define PSA_INTER_CORE_COMM_ERR (INT32_MIN + 0xFF) - -static void mailbox_wait_reply(mailbox_msg_handle_t handle) -{ - /* - * If the system can support multiple outstanding NS PSA Client calls, call - * tfm_ns_mailbox_wait_reply() to sleep and wait for reply. The NS side - * should implement tfm_ns_mailbox_hal_wait_reply() and wake-up mechanism. - * Otherwise, by default, call tfm_ns_mailbox_is_msg_replied() to simply - * poll the reply status of the mailbox message of current thread. - */ -#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL - tfm_ns_mailbox_wait_reply(handle); -#else - while (!tfm_ns_mailbox_is_msg_replied(handle)) { - } -#endif -} - -/**** API functions ****/ - -uint32_t psa_framework_version(void) -{ - struct psa_client_params_t params; - mailbox_msg_handle_t handle; - uint32_t version; - int32_t ret; - - if (tfm_ns_multi_core_lock_acquire() != TFM_SUCCESS) { - return PSA_VERSION_NONE; - } - - handle = tfm_ns_mailbox_tx_client_req(MAILBOX_PSA_FRAMEWORK_VERSION, - ¶ms, NON_SECURE_CLIENT_ID); - if (handle < 0) { - tfm_ns_multi_core_lock_release(); - return PSA_VERSION_NONE; - } - - mailbox_wait_reply(handle); - - ret = tfm_ns_mailbox_rx_client_reply(handle, (int32_t *)&version); - if (ret != MAILBOX_SUCCESS) { - version = PSA_VERSION_NONE; - } - - if (tfm_ns_multi_core_lock_release() != TFM_SUCCESS) { - return PSA_VERSION_NONE; - } - - return version; -} - -uint32_t psa_version(uint32_t sid) -{ - struct psa_client_params_t params; - mailbox_msg_handle_t handle; - uint32_t version; - int32_t ret; - - params.psa_version_params.sid = sid; - - if (tfm_ns_multi_core_lock_acquire() != TFM_SUCCESS) { - return PSA_VERSION_NONE; - } - - handle = tfm_ns_mailbox_tx_client_req(MAILBOX_PSA_VERSION, ¶ms, - NON_SECURE_CLIENT_ID); - if (handle < 0) { - tfm_ns_multi_core_lock_release(); - return PSA_VERSION_NONE; - } - - mailbox_wait_reply(handle); - - ret = tfm_ns_mailbox_rx_client_reply(handle, (int32_t *)&version); - if (ret != MAILBOX_SUCCESS) { - version = PSA_VERSION_NONE; - } - - if (tfm_ns_multi_core_lock_release() != TFM_SUCCESS) { - return PSA_VERSION_NONE; - } - - return version; -} - -psa_handle_t psa_connect(uint32_t sid, uint32_t version) -{ - struct psa_client_params_t params; - mailbox_msg_handle_t handle; - psa_handle_t psa_handle; - int32_t ret; - - params.psa_connect_params.sid = sid; - params.psa_connect_params.version = version; - - if (tfm_ns_multi_core_lock_acquire() != TFM_SUCCESS) { - return PSA_NULL_HANDLE; - } - - handle = tfm_ns_mailbox_tx_client_req(MAILBOX_PSA_CONNECT, ¶ms, - NON_SECURE_CLIENT_ID); - if (handle < 0) { - tfm_ns_multi_core_lock_release(); - return PSA_NULL_HANDLE; - } - - mailbox_wait_reply(handle); - - ret = tfm_ns_mailbox_rx_client_reply(handle, (int32_t *)&psa_handle); - if (ret != MAILBOX_SUCCESS) { - psa_handle = PSA_NULL_HANDLE; - } - - if (tfm_ns_multi_core_lock_release() != TFM_SUCCESS) { - return PSA_NULL_HANDLE; - } - - return psa_handle; -} - -psa_status_t psa_call(psa_handle_t handle, int32_t type, - const psa_invec *in_vec, size_t in_len, - psa_outvec *out_vec, size_t out_len) -{ - struct psa_client_params_t params; - mailbox_msg_handle_t msg_handle; - int32_t ret; - psa_status_t status; - - params.psa_call_params.handle = handle; - params.psa_call_params.type = type; - params.psa_call_params.in_vec = in_vec; - params.psa_call_params.in_len = in_len; - params.psa_call_params.out_vec = out_vec; - params.psa_call_params.out_len = out_len; - - if (tfm_ns_multi_core_lock_acquire() != TFM_SUCCESS) { - return PSA_ERROR_GENERIC_ERROR; - } - - msg_handle = tfm_ns_mailbox_tx_client_req(MAILBOX_PSA_CALL, ¶ms, - NON_SECURE_CLIENT_ID); - if (msg_handle < 0) { - tfm_ns_multi_core_lock_release(); - return PSA_INTER_CORE_COMM_ERR; - } - - mailbox_wait_reply(msg_handle); - - ret = tfm_ns_mailbox_rx_client_reply(msg_handle, (int32_t *)&status); - if (ret != MAILBOX_SUCCESS) { - status = PSA_INTER_CORE_COMM_ERR; - } - - if (tfm_ns_multi_core_lock_release() != TFM_SUCCESS) { - return PSA_ERROR_GENERIC_ERROR; - } - - return status; -} - -void psa_close(psa_handle_t handle) -{ - struct psa_client_params_t params; - mailbox_msg_handle_t msg_handle; - int32_t reply; - - params.psa_close_params.handle = handle; - - if (tfm_ns_multi_core_lock_acquire() != TFM_SUCCESS) { - return; - } - - msg_handle = tfm_ns_mailbox_tx_client_req(MAILBOX_PSA_CLOSE, ¶ms, - NON_SECURE_CLIENT_ID); - if (msg_handle < 0) { - tfm_ns_multi_core_lock_release(); - return; - } - - mailbox_wait_reply(msg_handle); - - (void)tfm_ns_mailbox_rx_client_reply(msg_handle, &reply); - - tfm_ns_multi_core_lock_release(); -} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_DUALCPU/src/tfm_ns_mailbox.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_DUALCPU/src/tfm_ns_mailbox.c deleted file mode 100644 index f7326f0..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_DUALCPU/src/tfm_ns_mailbox.c +++ /dev/null @@ -1,425 +0,0 @@ -/* - * Copyright (c) 2019-2020, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include -#include "tfm_ns_mailbox.h" - -/* The pointer to NSPE mailbox queue */ -static struct ns_mailbox_queue_t *mailbox_queue_ptr = NULL; - -static inline void clear_queue_slot_empty(uint8_t idx) -{ - if (idx < NUM_MAILBOX_QUEUE_SLOT) { - mailbox_queue_ptr->empty_slots &= ~(1 << idx); - } -} - -static inline void set_queue_slot_empty(uint8_t idx) -{ - if (idx < NUM_MAILBOX_QUEUE_SLOT) { - mailbox_queue_ptr->empty_slots |= (1 << idx); - } -} - -static inline void set_queue_slot_pend(uint8_t idx) -{ - if (idx < NUM_MAILBOX_QUEUE_SLOT) { - mailbox_queue_ptr->pend_slots |= (1 << idx); - } -} - -static inline int32_t get_mailbox_msg_handle(uint8_t idx, - mailbox_msg_handle_t *handle) -{ - if ((idx >= NUM_MAILBOX_QUEUE_SLOT) || !handle) { - return MAILBOX_INVAL_PARAMS; - } - - *handle = (mailbox_msg_handle_t)(idx + 1); - - return MAILBOX_SUCCESS; -} - -static inline int32_t get_mailbox_msg_idx(mailbox_msg_handle_t handle, - uint8_t *idx) -{ - if ((handle == MAILBOX_MSG_NULL_HANDLE) || !idx) { - return MAILBOX_INVAL_PARAMS; - } - - *idx = (uint8_t)(handle - 1); - - return MAILBOX_SUCCESS; -} - -static inline void clear_queue_slot_replied(uint8_t idx) -{ - if (idx < NUM_MAILBOX_QUEUE_SLOT) { - mailbox_queue_ptr->replied_slots &= ~(1 << idx); - } -} - -static inline void set_queue_slot_woken(uint8_t idx) -{ - if (idx < NUM_MAILBOX_QUEUE_SLOT) { - mailbox_queue_ptr->queue[idx].is_woken = true; - } -} - -static inline bool is_queue_slot_woken(uint8_t idx) -{ - if (idx < NUM_MAILBOX_QUEUE_SLOT) { - return mailbox_queue_ptr->queue[idx].is_woken; - } - - return false; -} - -static inline void clear_queue_slot_woken(uint8_t idx) -{ - if (idx < NUM_MAILBOX_QUEUE_SLOT) { - mailbox_queue_ptr->queue[idx].is_woken = false; - } -} - -static uint8_t acquire_empty_slot(const struct ns_mailbox_queue_t *queue) -{ - uint8_t idx; - mailbox_queue_status_t status; - - tfm_ns_mailbox_hal_enter_critical(); - status = queue->empty_slots; - - if (!status) { - /* No empty slot */ - tfm_ns_mailbox_hal_exit_critical(); - return NUM_MAILBOX_QUEUE_SLOT; - } - - for (idx = 0; idx < NUM_MAILBOX_QUEUE_SLOT; idx++) { - if (status & (1 << idx)) { - break; - } - } - - clear_queue_slot_empty(idx); - - tfm_ns_mailbox_hal_exit_critical(); - - return idx; -} - -static void set_msg_owner(uint8_t idx, const void *owner) -{ - if (idx < NUM_MAILBOX_QUEUE_SLOT) { - mailbox_queue_ptr->queue[idx].owner = owner; - } -} - -#ifdef TFM_MULTI_CORE_TEST -void tfm_ns_mailbox_tx_stats_init(void) -{ - if (!mailbox_queue_ptr) { - return; - } - - tfm_ns_mailbox_hal_enter_critical(); - - mailbox_queue_ptr->nr_tx = 0; - mailbox_queue_ptr->nr_used_slots = 0; - - tfm_ns_mailbox_hal_exit_critical(); -} - -static void mailbox_tx_stats_update(struct ns_mailbox_queue_t *ns_queue) -{ - mailbox_queue_status_t empty_status; - uint8_t idx, nr_empty = 0; - - if (!ns_queue) { - return; - } - - tfm_ns_mailbox_hal_enter_critical(); - - ns_queue->nr_tx++; - - /* Count the number of used slots when this tx arrives */ - empty_status = ns_queue->empty_slots; - tfm_ns_mailbox_hal_exit_critical(); - - if (empty_status) { - for (idx = 0; idx < NUM_MAILBOX_QUEUE_SLOT; idx++) { - if (empty_status & (0x1UL << idx)) { - nr_empty++; - } - } - } - - tfm_ns_mailbox_hal_enter_critical(); - ns_queue->nr_used_slots += (NUM_MAILBOX_QUEUE_SLOT - nr_empty); - tfm_ns_mailbox_hal_exit_critical(); -} - -void tfm_ns_mailbox_stats_avg_slot(struct ns_mailbox_stats_res_t *stats_res) -{ - uint32_t nr_used_slots, nr_tx; - - if (!mailbox_queue_ptr || !stats_res) { - return; - } - - tfm_ns_mailbox_hal_enter_critical(); - nr_used_slots = mailbox_queue_ptr->nr_used_slots; - nr_tx = mailbox_queue_ptr->nr_tx; - tfm_ns_mailbox_hal_exit_critical(); - - stats_res->avg_nr_slots = nr_used_slots / nr_tx; - nr_used_slots %= nr_tx; - stats_res->avg_nr_slots_tenths = nr_used_slots * 10 / nr_tx; -} -#endif - -mailbox_msg_handle_t tfm_ns_mailbox_tx_client_req(uint32_t call_type, - const struct psa_client_params_t *params, - int32_t client_id) -{ - uint8_t idx; - struct mailbox_msg_t *msg_ptr; - mailbox_msg_handle_t handle; - const void *task_handle; - - if (!mailbox_queue_ptr) { - return MAILBOX_MSG_NULL_HANDLE; - } - - if (!params) { - return MAILBOX_MSG_NULL_HANDLE; - } - - idx = acquire_empty_slot(mailbox_queue_ptr); - if (idx >= NUM_MAILBOX_QUEUE_SLOT) { - return MAILBOX_QUEUE_FULL; - } - -#ifdef TFM_MULTI_CORE_TEST - mailbox_tx_stats_update(mailbox_queue_ptr); -#endif - - /* Fill the mailbox message */ - msg_ptr = &mailbox_queue_ptr->queue[idx].msg; - - msg_ptr->call_type = call_type; - memcpy(&msg_ptr->params, params, sizeof(msg_ptr->params)); - msg_ptr->client_id = client_id; - - /* - * Fetch the current task handle. The task will be woken up according the - * handle value set in the owner field. - */ - task_handle = tfm_ns_mailbox_get_task_handle(); - set_msg_owner(idx, task_handle); - - get_mailbox_msg_handle(idx, &handle); - - tfm_ns_mailbox_hal_enter_critical(); - set_queue_slot_pend(idx); - tfm_ns_mailbox_hal_exit_critical(); - - tfm_ns_mailbox_hal_notify_peer(); - - return handle; -} - -int32_t tfm_ns_mailbox_rx_client_reply(mailbox_msg_handle_t handle, - int32_t *reply) -{ - uint8_t idx; - int32_t ret; - - if (!mailbox_queue_ptr) { - return MAILBOX_INVAL_PARAMS; - } - - if ((handle == MAILBOX_MSG_NULL_HANDLE) || (!reply)) { - return MAILBOX_INVAL_PARAMS; - } - - ret = get_mailbox_msg_idx(handle, &idx); - if (ret != MAILBOX_SUCCESS) { - return ret; - } - - *reply = mailbox_queue_ptr->queue[idx].reply.return_val; - - /* Clear up the owner field */ - set_msg_owner(idx, NULL); - - tfm_ns_mailbox_hal_enter_critical(); - clear_queue_slot_replied(idx); - clear_queue_slot_woken(idx); - /* - * Make sure that the empty flag is set after all the other status flags are - * re-initialized. - */ - set_queue_slot_empty(idx); - tfm_ns_mailbox_hal_exit_critical(); - - return MAILBOX_SUCCESS; -} - -bool tfm_ns_mailbox_is_msg_replied(mailbox_msg_handle_t handle) -{ - uint8_t idx; - int32_t ret; - mailbox_queue_status_t status; - - if (!mailbox_queue_ptr) { - return false; - } - - if (handle == MAILBOX_MSG_NULL_HANDLE) { - return false; - } - - ret = get_mailbox_msg_idx(handle, &idx); - if (ret != MAILBOX_SUCCESS) { - return false; - } - - tfm_ns_mailbox_hal_enter_critical(); - status = mailbox_queue_ptr->replied_slots; - tfm_ns_mailbox_hal_exit_critical(); - - if (status & (1 << idx)) { - return true; - } - - return false; -} - -mailbox_msg_handle_t tfm_ns_mailbox_fetch_reply_msg_isr(void) -{ - uint8_t idx; - mailbox_msg_handle_t handle; - mailbox_queue_status_t replied_status; - - if (!mailbox_queue_ptr) { - return MAILBOX_MSG_NULL_HANDLE; - } - - tfm_ns_mailbox_hal_enter_critical_isr(); - replied_status = mailbox_queue_ptr->replied_slots; - tfm_ns_mailbox_hal_exit_critical_isr(); - - if (!replied_status) { - return MAILBOX_MSG_NULL_HANDLE; - } - - for (idx = 0; idx < NUM_MAILBOX_QUEUE_SLOT; idx++) { - /* Find the first replied message in queue */ - if (replied_status & (0x1UL << idx)) { - tfm_ns_mailbox_hal_enter_critical_isr(); - clear_queue_slot_replied(idx); - set_queue_slot_woken(idx); - tfm_ns_mailbox_hal_exit_critical_isr(); - - if (get_mailbox_msg_handle(idx, &handle) == MAILBOX_SUCCESS) { - return handle; - } - } - } - - return MAILBOX_MSG_NULL_HANDLE; -} - -const void *tfm_ns_mailbox_get_msg_owner(mailbox_msg_handle_t handle) -{ - uint8_t idx; - - if (get_mailbox_msg_idx(handle, &idx) != MAILBOX_SUCCESS) { - return NULL; - } - - if (idx < NUM_MAILBOX_QUEUE_SLOT) { - return mailbox_queue_ptr->queue[idx].owner; - } - - return NULL; -} - -int32_t tfm_ns_mailbox_init(struct ns_mailbox_queue_t *queue) -{ - int32_t ret; - - if (!queue) { - return MAILBOX_INVAL_PARAMS; - } - - /* - * Further verification of mailbox queue address may be required according - * to non-secure memory assignment. - */ - - memset(queue, 0, sizeof(*queue)); - - /* Initialize empty bitmask */ - queue->empty_slots = - (mailbox_queue_status_t)((1UL << (NUM_MAILBOX_QUEUE_SLOT - 1)) - 1); - queue->empty_slots += - (mailbox_queue_status_t)(1UL << (NUM_MAILBOX_QUEUE_SLOT - 1)); - - mailbox_queue_ptr = queue; - - /* Platform specific initialization. */ - ret = tfm_ns_mailbox_hal_init(queue); - -#ifdef TFM_MULTI_CORE_TEST - tfm_ns_mailbox_tx_stats_init(); -#endif - - return ret; -} - -#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL -int32_t tfm_ns_mailbox_wait_reply(mailbox_msg_handle_t handle) -{ - uint8_t idx; - int32_t ret; - - if (!mailbox_queue_ptr) { - return MAILBOX_INVAL_PARAMS; - } - - if (handle == MAILBOX_MSG_NULL_HANDLE) { - return MAILBOX_INVAL_PARAMS; - } - - ret = get_mailbox_msg_idx(handle, &idx); - if (ret != MAILBOX_SUCCESS) { - return ret; - } - - while (1) { - tfm_ns_mailbox_hal_wait_reply(handle); - - /* - * Woken up from sleep - * Check the completed flag to make sure that the current thread is - * woken up by reply event, rather than other events. - */ - tfm_ns_mailbox_hal_enter_critical(); - if (is_queue_slot_woken(idx)) { - tfm_ns_mailbox_hal_exit_critical(); - break; - } - tfm_ns_mailbox_hal_exit_critical(); - } - - return MAILBOX_SUCCESS; -} -#endif diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_DUALCPU/src/platform_multicore.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_DUALCPU/src/platform_multicore.c new file mode 100644 index 0000000..e860ae0 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_DUALCPU/src/platform_multicore.c @@ -0,0 +1,131 @@ +/* + * Copyright (c) 2019 Arm Limited. All rights reserved. + * Copyright (c) 2019 Cypress Semiconductor Corporation. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include "cmsis_compiler.h" + +#include "platform_multicore.h" +#include "tfm_multi_core_api.h" +#include "tfm_ns_mailbox.h" + +#include "cy_ipc_drv.h" +#include "cy_sysint.h" +#if CY_SYSTEM_CPU_CM0P +#include "spe_ipc_config.h" +#else +#include "ns_ipc_config.h" +#endif + +int platform_mailbox_fetch_msg_ptr(void **msg_ptr) +{ + cy_en_ipcdrv_status_t status; + + if (!msg_ptr) { + return PLATFORM_MAILBOX_INVAL_PARAMS; + } + + status = Cy_IPC_Drv_ReadMsgPtr(Cy_IPC_Drv_GetIpcBaseAddress(IPC_RX_CHAN), + msg_ptr); + if (status != CY_IPC_DRV_SUCCESS) { + return PLATFORM_MAILBOX_RX_ERROR; + } + + Cy_IPC_Drv_ReleaseNotify(Cy_IPC_Drv_GetIpcBaseAddress(IPC_RX_CHAN), + IPC_RX_RELEASE_MASK); + return PLATFORM_MAILBOX_SUCCESS; +} + +int platform_mailbox_fetch_msg_data(uint32_t *data_ptr) +{ + cy_en_ipcdrv_status_t status; + + if (!data_ptr) { + return PLATFORM_MAILBOX_INVAL_PARAMS; + } + + status = Cy_IPC_Drv_ReadMsgWord(Cy_IPC_Drv_GetIpcBaseAddress(IPC_RX_CHAN), + data_ptr); + if (status != CY_IPC_DRV_SUCCESS) { + return PLATFORM_MAILBOX_RX_ERROR; + } + + Cy_IPC_Drv_ReleaseNotify(Cy_IPC_Drv_GetIpcBaseAddress(IPC_RX_CHAN), + IPC_RX_RELEASE_MASK); + return PLATFORM_MAILBOX_SUCCESS; +} + +int platform_mailbox_send_msg_ptr(const void *msg_ptr) +{ + cy_en_ipcdrv_status_t status; + + if (!msg_ptr) + return PLATFORM_MAILBOX_INVAL_PARAMS; + + status = Cy_IPC_Drv_SendMsgPtr(Cy_IPC_Drv_GetIpcBaseAddress(IPC_TX_CHAN), + IPC_TX_NOTIFY_MASK, msg_ptr); + if (status != CY_IPC_DRV_SUCCESS) { + return PLATFORM_MAILBOX_TX_ERROR; + } + + return PLATFORM_MAILBOX_SUCCESS; +} + +int platform_mailbox_send_msg_data(uint32_t data) +{ + cy_en_ipcdrv_status_t status; + + status = Cy_IPC_Drv_SendMsgWord(Cy_IPC_Drv_GetIpcBaseAddress(IPC_TX_CHAN), + IPC_TX_NOTIFY_MASK, data); + if (status != CY_IPC_DRV_SUCCESS) { + return PLATFORM_MAILBOX_TX_ERROR; + } + + return PLATFORM_MAILBOX_SUCCESS; +} + +void platform_mailbox_wait_for_notify(void) +{ + uint32_t status; + + while (1) { + status = Cy_IPC_Drv_GetInterruptStatusMasked( + Cy_IPC_Drv_GetIntrBaseAddr(IPC_RX_INTR_STRUCT)); + status >>= CY_IPC_NOTIFY_SHIFT; + if (status & IPC_RX_INT_MASK) { + break; + } + } + + Cy_IPC_Drv_ClearInterrupt(Cy_IPC_Drv_GetIntrBaseAddr(IPC_RX_INTR_STRUCT), + 0, IPC_RX_INT_MASK); +} + +int platform_ns_ipc_init(void) +{ + Cy_IPC_Drv_SetInterruptMask(Cy_IPC_Drv_GetIntrBaseAddr(IPC_RX_INTR_STRUCT), + 0, IPC_RX_INT_MASK); + return PLATFORM_MAILBOX_SUCCESS; +} + +int32_t tfm_platform_ns_wait_for_s_cpu_ready(void) +{ + uint32_t data = 0; + + if (platform_ns_ipc_init() != PLATFORM_MAILBOX_SUCCESS) { + return PLATFORM_MAILBOX_INVAL_PARAMS; + } + while(data != IPC_SYNC_MAGIC) + { + platform_mailbox_wait_for_notify(); + platform_mailbox_fetch_msg_data(&data); + } + + if (platform_mailbox_send_msg_data(~IPC_SYNC_MAGIC) != + PLATFORM_MAILBOX_SUCCESS) { + return PLATFORM_MAILBOX_RX_ERROR; + } + return PLATFORM_MAILBOX_SUCCESS; +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_DUALCPU/src/platform_ns_mailbox.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_DUALCPU/src/platform_ns_mailbox.c new file mode 100644 index 0000000..3c642c0 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_DUALCPU/src/platform_ns_mailbox.c @@ -0,0 +1,304 @@ +/* + * Copyright (c) 2019-2020, Arm Limited. All rights reserved. + * Copyright (c) 2019, Cypress Semiconductor Corporation. All rights reserved + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* -------------------------------------- Includes ----------------------------------- */ +#include +#include + +#include "cmsis_compiler.h" + +#include "cy_ipc_drv.h" +#include "cy_sysint.h" +#include "cy_ipc_sema.h" + +#include "ns_ipc_config.h" +#include "tfm_ns_mailbox.h" +#include "platform_multicore.h" +#include "cmsis_os2.h" + +static uint8_t saved_irq_state = 1; + +/* -------------------------------------- HAL API ------------------------------------ */ + +static void mailbox_ipc_init(void) +{ + Cy_IPC_Drv_SetInterruptMask(Cy_IPC_Drv_GetIntrBaseAddr(IPC_RX_INTR_STRUCT), + 0, IPC_RX_INT_MASK); +} + +static void mailbox_ipc_config(void) +{ + NVIC_SetPriority(PSA_CLIENT_REPLY_NVIC_IRQn, PSA_CLIENT_REPLY_IRQ_PRIORITY); + + NVIC_EnableIRQ(PSA_CLIENT_REPLY_NVIC_IRQn); +} + +int32_t tfm_ns_mailbox_hal_notify_peer(void) +{ + cy_en_ipcdrv_status_t status; + + status = Cy_IPC_Drv_SendMsgWord(Cy_IPC_Drv_GetIpcBaseAddress(IPC_TX_CHAN), + IPC_TX_NOTIFY_MASK, + PSA_CLIENT_CALL_REQ_MAGIC); + + if (status == CY_IPC_DRV_SUCCESS) { + return MAILBOX_SUCCESS; + } else { + return MAILBOX_CHAN_BUSY; + } +} + +static int32_t mailbox_sema_init(void) +{ +#if defined(CY_IPC_DEFAULT_CFG_DISABLE) + /* semaphore data */ + static uint32_t tfm_sema __attribute__((section("TFM_SHARED_DATA"))); + + if (Cy_IPC_Sema_Init(PLATFORM_MAILBOX_IPC_CHAN_SEMA, + sizeof(tfm_sema) * CHAR_BIT, + &tfm_sema) != CY_IPC_SEMA_SUCCESS) { + return PLATFORM_MAILBOX_INIT_ERROR; + } +#endif + return PLATFORM_MAILBOX_SUCCESS; +} + +int32_t tfm_ns_mailbox_hal_init(struct ns_mailbox_queue_t *queue) +{ + uint32_t stage; + + if (!queue) { + return MAILBOX_INVAL_PARAMS; + } + + /* Init semaphores used for critical sections */ + if (mailbox_sema_init() != PLATFORM_MAILBOX_SUCCESS) + return MAILBOX_INIT_ERROR; + + /* + * FIXME + * Further verification of mailbox queue address may be required according + * to diverse NSPE implementations. + */ + + mailbox_ipc_init(); + + /* + * Wait until SPE mailbox library is ready to receive NSPE mailbox queue + * address. + */ + while (1) { + platform_mailbox_wait_for_notify(); + + platform_mailbox_fetch_msg_data(&stage); + if (stage == NS_MAILBOX_INIT_ENABLE) { + break; + } + } + + /* Send out the address */ + platform_mailbox_send_msg_ptr(queue); + + /* Wait until SPE mailbox service is ready */ + while (1) { + platform_mailbox_wait_for_notify(); + + platform_mailbox_fetch_msg_data(&stage); + if (stage == S_MAILBOX_READY) { + break; + } + } + + mailbox_ipc_config(); + + return MAILBOX_SUCCESS; +} + +const void *tfm_ns_mailbox_get_task_handle(void) +{ + return osThreadGetId();; +} + +void tfm_ns_mailbox_hal_wait_reply(mailbox_msg_handle_t handle) +{ + osThreadFlagsWait(handle, osFlagsWaitAll, osWaitForever); +} + +static cy_en_ipcsema_status_t mailbox_raw_spin_lock(uint32_t ipc_channel, + uint32_t sema_num) +{ + uint32_t semaIndex; + uint32_t semaMask; + cy_stc_ipc_sema_t *semaStruct; + cy_en_ipcdrv_status_t acqStatus; + cy_en_ipcsema_status_t ret = CY_IPC_SEMA_BAD_PARAM; + bool is_lock = false; + IPC_STRUCT_Type *semaIpcStruct; + + /* Get IPC register structure */ + semaIpcStruct = Cy_IPC_Drv_GetIpcBaseAddress(ipc_channel); + /* Get pointer to structure */ + semaStruct = (cy_stc_ipc_sema_t *)Cy_IPC_Drv_ReadDataValue(semaIpcStruct); + + if (sema_num < semaStruct->maxSema) { + semaIndex = sema_num / CY_IPC_SEMA_PER_WORD; + semaMask = (uint32_t)(1ul << (sema_num - \ + (semaIndex * CY_IPC_SEMA_PER_WORD))); + + while (!is_lock) { + /* Check to make sure the IPC channel is released + If so, check if specific channel can be locked. */ + do { + acqStatus = Cy_IPC_Drv_LockAcquire(semaIpcStruct); + } while (acqStatus != CY_IPC_DRV_SUCCESS); + + if ((semaStruct->arrayPtr[semaIndex] & semaMask) == 0ul) { + semaStruct->arrayPtr[semaIndex] |= semaMask; + is_lock = true; + } + + /* Release, but do not trigger a release event */ + (void)Cy_IPC_Drv_LockRelease(semaIpcStruct, + CY_IPC_NO_NOTIFICATION); + + if (!is_lock) { + /* + * The secure core is occupying this lock. Insert a small delay + * to give the secure core a chance to acquire the IPC channel + * and release the lock. + * Otherwise, the secure core may not be able to release the + * lock if non-secure core has higher CPU frequency. It will + * generate a deadlock. + * This delay won't harm performance too much since non-secure + * core has to busy wait here anyway. + * Alternatively, non-secure core can wait for release + * notification event from secure core. However, it is more + * complex and requires more code and more modifications. + */ + volatile uint32_t count = 1000; + while(count > 0) { + count--; + } + Cy_IPC_Sema_Status(sema_num); + } + } + + ret = CY_IPC_SEMA_SUCCESS; + } + + return ret; +} + +static cy_en_ipcsema_status_t mailbox_raw_spin_unlock(uint32_t ipc_channel, + uint32_t sema_num) +{ + uint32_t semaIndex; + uint32_t semaMask; + cy_stc_ipc_sema_t *semaStruct; + cy_en_ipcdrv_status_t acqStatus; + cy_en_ipcsema_status_t ret = CY_IPC_SEMA_BAD_PARAM; + bool is_unlock = false; + IPC_STRUCT_Type *semaIpcStruct; + + /* Get IPC register structure */ + semaIpcStruct = Cy_IPC_Drv_GetIpcBaseAddress(ipc_channel); + /* Get pointer to structure */ + semaStruct = (cy_stc_ipc_sema_t *)Cy_IPC_Drv_ReadDataValue(semaIpcStruct); + + if (sema_num < semaStruct->maxSema) { + semaIndex = sema_num / CY_IPC_SEMA_PER_WORD; + semaMask = (uint32_t)(1ul << (sema_num - \ + (semaIndex * CY_IPC_SEMA_PER_WORD))); + + while (!is_unlock) { + /* Check to make sure the IPC channel is released + If so, check if specific channel can be locked. */ + do { + acqStatus = Cy_IPC_Drv_LockAcquire(semaIpcStruct); + } while (acqStatus != CY_IPC_DRV_SUCCESS); + + if ((semaStruct->arrayPtr[semaIndex] & semaMask) != 0ul) { + semaStruct->arrayPtr[semaIndex] &= ~semaMask; + is_unlock = true; + } + + /* Release, but do not trigger a release event */ + (void)Cy_IPC_Drv_LockRelease(semaIpcStruct, + CY_IPC_NO_NOTIFICATION); + } + + ret = CY_IPC_SEMA_SUCCESS; + } + + return ret; +} + +void tfm_ns_mailbox_hal_enter_critical(void) +{ + saved_irq_state = Cy_SysLib_EnterCriticalSection(); + + mailbox_raw_spin_lock(CY_IPC_CHAN_SEMA, MAILBOX_SEMAPHORE_NUM); +} + +void tfm_ns_mailbox_hal_exit_critical(void) +{ + mailbox_raw_spin_unlock(CY_IPC_CHAN_SEMA, MAILBOX_SEMAPHORE_NUM); + + Cy_SysLib_ExitCriticalSection(saved_irq_state); +} + +void tfm_ns_mailbox_hal_enter_critical_isr(void) +{ + mailbox_raw_spin_lock(CY_IPC_CHAN_SEMA, MAILBOX_SEMAPHORE_NUM); +} + +void tfm_ns_mailbox_hal_exit_critical_isr(void) +{ + mailbox_raw_spin_unlock(CY_IPC_CHAN_SEMA, MAILBOX_SEMAPHORE_NUM); +} + +static bool mailbox_clear_intr(void) +{ + uint32_t status; + + status = Cy_IPC_Drv_GetInterruptStatusMasked( + Cy_IPC_Drv_GetIntrBaseAddr(IPC_RX_INTR_STRUCT)); + status >>= CY_IPC_NOTIFY_SHIFT; + if ((status & IPC_RX_INT_MASK) == 0) { + return false; + } + + Cy_IPC_Drv_ClearInterrupt(Cy_IPC_Drv_GetIntrBaseAddr(IPC_RX_INTR_STRUCT), + 0, IPC_RX_INT_MASK); + return true; +} + +void cpuss_interrupts_ipc_8_IRQHandler(void) +{ + uint32_t magic; + mailbox_msg_handle_t handle; + osThreadId_t task_handle; + + if (!mailbox_clear_intr()) + return; + + platform_mailbox_fetch_msg_data(&magic); + if (magic == PSA_CLIENT_CALL_REPLY_MAGIC) { + /* Handle all the pending replies */ + while (1) { + handle = tfm_ns_mailbox_fetch_reply_msg_isr(); + if (handle == MAILBOX_MSG_NULL_HANDLE) { + break; + } + + task_handle = (osThreadId_t)tfm_ns_mailbox_get_msg_owner(handle); + if (task_handle) { + osThreadFlagsSet(task_handle, handle); + } + } + } +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_DUALCPU/src/tfm_mbed_boot.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_DUALCPU/src/tfm_mbed_boot.c new file mode 100644 index 0000000..c8d595f --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_DUALCPU/src/tfm_mbed_boot.c @@ -0,0 +1,67 @@ +/* mbed Microcontroller Library + * Copyright (c) 2020 ARM Limited + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "mbed_error.h" +#include "tfm_multi_core_api.h" +#include "tfm_ns_mailbox.h" +#include "platform_multicore.h" +#include "tfm_ns_interface.h" + +static struct ns_mailbox_queue_t ns_mailbox_queue; + +void mbed_tfm_init(void) +{ + /* + * In case the of dual CPU, we need to initialize IPC, mailbox + * and NS interface after the RTOS has started to enable + * communication from Secure and Non-Secure cores. + */ + int32_t ret; + + ret = tfm_ns_wait_for_s_cpu_ready(); + /* + * Normally would expect "TFM_SUCCESS" returned here by TF-M, as this + * isn't a mailbox function. There may be some platforms other than PSoC6, + * which doesn't require tfm_ns_wait_for_s_cpu_ready() implementation. + * "PLATFORM_MAILBOX_SUCCESS" is a low-level error code and should be + * replaced by "TFM_SUCCESS". + * As the function definition has been imported from the TF-M, therefore + * a issue has been raised - https://developer.trustedfirmware.org/T660 + */ + if (ret != PLATFORM_MAILBOX_SUCCESS) { + /* Avoid undefined behavior after multi-core sync-up failed */ + MBED_ERROR(MBED_MAKE_ERROR(MBED_MODULE_PLATFORM, + MBED_ERROR_CODE_INITIALIZATION_FAILED), + "Failed to sync-up multi-core"); + } + + ret = tfm_ns_mailbox_init(&ns_mailbox_queue); + if (ret != MAILBOX_SUCCESS) { + /* Avoid undefined behavior after NS mailbox initialization failed */ + MBED_ERROR(MBED_MAKE_ERROR(MBED_MODULE_PLATFORM, + MBED_ERROR_CODE_INITIALIZATION_FAILED), + "Failed to initialize NS mailbox"); + } + + ret = tfm_ns_interface_init(); + if (ret != TFM_SUCCESS) { + /* Avoid undefined behavior after NS interface initialization failed */ + MBED_ERROR(MBED_MAKE_ERROR(MBED_MODULE_PLATFORM, + MBED_ERROR_CODE_INITIALIZATION_FAILED), + "Failed to initialize NS interface"); + } +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_DUALCPU/src/tfm_multi_core_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_DUALCPU/src/tfm_multi_core_api.c new file mode 100644 index 0000000..231e895 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_DUALCPU/src/tfm_multi_core_api.c @@ -0,0 +1,52 @@ +/* + * Copyright (c) 2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include "tfm_api.h" +#include "tfm_mailbox.h" +#include "tfm_multi_core_api.h" +#include "cmsis_os2.h" +#include "mbed_rtos_storage.h" + +#define MAX_SEMAPHORE_COUNT NUM_MAILBOX_QUEUE_SLOT + +static void *ns_lock_handle = NULL; +static mbed_rtos_storage_semaphore_t tfm_ns_sema_obj; + +__attribute__((weak)) +enum tfm_status_e tfm_ns_interface_init(void) +{ + osSemaphoreAttr_t sema_attrib = { + .name = "tfm_ns_lock", + .attr_bits = 0, + .cb_size = sizeof(tfm_ns_sema_obj), + .cb_mem = &tfm_ns_sema_obj + }; + + ns_lock_handle = osSemaphoreNew(MAX_SEMAPHORE_COUNT, + MAX_SEMAPHORE_COUNT, + &sema_attrib); + if (!ns_lock_handle) { + return TFM_ERROR_GENERIC; + } + + return TFM_SUCCESS; +} + +int32_t tfm_ns_wait_for_s_cpu_ready(void) +{ + return tfm_platform_ns_wait_for_s_cpu_ready(); +} + +uint32_t tfm_ns_multi_core_lock_acquire(void) +{ + return osSemaphoreAcquire(ns_lock_handle, osWaitForever); +} + +uint32_t tfm_ns_multi_core_lock_release(void) +{ + return osSemaphoreRelease(ns_lock_handle); +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_DUALCPU/src/tfm_multi_core_psa_ns_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_DUALCPU/src/tfm_multi_core_psa_ns_api.c new file mode 100644 index 0000000..fae580e --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_DUALCPU/src/tfm_multi_core_psa_ns_api.c @@ -0,0 +1,224 @@ +/* + * Copyright (c) 2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include +#include + +#include "psa/client.h" +#include "psa/error.h" +#include "tfm_api.h" +#include "tfm_multi_core_api.h" +#include "tfm_ns_mailbox.h" + +/* + * TODO + * Currently, force all the non-secure client to share the same ID. + * + * It requires a more clear mechanism to synchronize the non-secure client + * ID with SPE in dual core scenario. + * In current design, the value is transferred to SPE via mailbox message. + * A dedicated routine to receive the non-secure client information in + * TF-M core/SPM in dual core scenario should be added besides current + * implementation for single Armv8-M. + * The non-secure client identification is shared with SPE in + * single Armv8-M scenario via CMSIS TrustZone context management API, + * which may not work in dual core scenario. + */ +#define NON_SECURE_CLIENT_ID (1) + +/* + * TODO + * Require a formal definition of errors related to mailbox in PSA client call. + */ +#define PSA_INTER_CORE_COMM_ERR (INT32_MIN + 0xFF) + +static void mailbox_wait_reply(mailbox_msg_handle_t handle) +{ + /* + * If the system can support multiple outstanding NS PSA Client calls, call + * tfm_ns_mailbox_wait_reply() to sleep and wait for reply. The NS side + * should implement tfm_ns_mailbox_hal_wait_reply() and wake-up mechanism. + * Otherwise, by default, call tfm_ns_mailbox_is_msg_replied() to simply + * poll the reply status of the mailbox message of current thread. + */ +#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL + tfm_ns_mailbox_wait_reply(handle); +#else + while (!tfm_ns_mailbox_is_msg_replied(handle)) { + } +#endif +} + +/**** API functions ****/ + +uint32_t psa_framework_version(void) +{ + struct psa_client_params_t params; + mailbox_msg_handle_t handle; + uint32_t version; + int32_t ret; + + if (tfm_ns_multi_core_lock_acquire() != 0) { + return PSA_VERSION_NONE; + } + + handle = tfm_ns_mailbox_tx_client_req(MAILBOX_PSA_FRAMEWORK_VERSION, + ¶ms, NON_SECURE_CLIENT_ID); + if (handle < 0) { + tfm_ns_multi_core_lock_release(); + return PSA_VERSION_NONE; + } + + mailbox_wait_reply(handle); + + ret = tfm_ns_mailbox_rx_client_reply(handle, (int32_t *)&version); + if (ret != MAILBOX_SUCCESS) { + version = PSA_VERSION_NONE; + } + + if (tfm_ns_multi_core_lock_release() != 0) { + return PSA_VERSION_NONE; + } + + return version; +} + +uint32_t psa_version(uint32_t sid) +{ + struct psa_client_params_t params; + mailbox_msg_handle_t handle; + uint32_t version; + int32_t ret; + + params.psa_version_params.sid = sid; + + if (tfm_ns_multi_core_lock_acquire() != 0) { + return PSA_VERSION_NONE; + } + + handle = tfm_ns_mailbox_tx_client_req(MAILBOX_PSA_VERSION, ¶ms, + NON_SECURE_CLIENT_ID); + if (handle < 0) { + tfm_ns_multi_core_lock_release(); + return PSA_VERSION_NONE; + } + + mailbox_wait_reply(handle); + + ret = tfm_ns_mailbox_rx_client_reply(handle, (int32_t *)&version); + if (ret != MAILBOX_SUCCESS) { + version = PSA_VERSION_NONE; + } + + if (tfm_ns_multi_core_lock_release() != 0) { + return PSA_VERSION_NONE; + } + + return version; +} + +psa_handle_t psa_connect(uint32_t sid, uint32_t version) +{ + struct psa_client_params_t params; + mailbox_msg_handle_t handle; + psa_handle_t psa_handle; + int32_t ret; + + params.psa_connect_params.sid = sid; + params.psa_connect_params.version = version; + + if (tfm_ns_multi_core_lock_acquire() != 0) { + return PSA_NULL_HANDLE; + } + + handle = tfm_ns_mailbox_tx_client_req(MAILBOX_PSA_CONNECT, ¶ms, + NON_SECURE_CLIENT_ID); + if (handle < 0) { + tfm_ns_multi_core_lock_release(); + return PSA_NULL_HANDLE; + } + + mailbox_wait_reply(handle); + + ret = tfm_ns_mailbox_rx_client_reply(handle, (int32_t *)&psa_handle); + if (ret != MAILBOX_SUCCESS) { + psa_handle = PSA_NULL_HANDLE; + } + + if (tfm_ns_multi_core_lock_release() != 0) { + return PSA_NULL_HANDLE; + } + + return psa_handle; +} + +psa_status_t psa_call(psa_handle_t handle, int32_t type, + const psa_invec *in_vec, size_t in_len, + psa_outvec *out_vec, size_t out_len) +{ + struct psa_client_params_t params; + mailbox_msg_handle_t msg_handle; + int32_t ret; + psa_status_t status; + + params.psa_call_params.handle = handle; + params.psa_call_params.type = type; + params.psa_call_params.in_vec = in_vec; + params.psa_call_params.in_len = in_len; + params.psa_call_params.out_vec = out_vec; + params.psa_call_params.out_len = out_len; + + if (tfm_ns_multi_core_lock_acquire() != 0) { + return PSA_ERROR_GENERIC_ERROR; + } + + msg_handle = tfm_ns_mailbox_tx_client_req(MAILBOX_PSA_CALL, ¶ms, + NON_SECURE_CLIENT_ID); + if (msg_handle < 0) { + tfm_ns_multi_core_lock_release(); + return PSA_INTER_CORE_COMM_ERR; + } + + mailbox_wait_reply(msg_handle); + + ret = tfm_ns_mailbox_rx_client_reply(msg_handle, (int32_t *)&status); + if (ret != MAILBOX_SUCCESS) { + status = PSA_INTER_CORE_COMM_ERR; + } + + if (tfm_ns_multi_core_lock_release() != 0) { + return PSA_ERROR_GENERIC_ERROR; + } + + return status; +} + +void psa_close(psa_handle_t handle) +{ + struct psa_client_params_t params; + mailbox_msg_handle_t msg_handle; + int32_t reply; + + params.psa_close_params.handle = handle; + + if (tfm_ns_multi_core_lock_acquire() != 0) { + return; + } + + msg_handle = tfm_ns_mailbox_tx_client_req(MAILBOX_PSA_CLOSE, ¶ms, + NON_SECURE_CLIENT_ID); + if (msg_handle < 0) { + tfm_ns_multi_core_lock_release(); + return; + } + + mailbox_wait_reply(msg_handle); + + (void)tfm_ns_mailbox_rx_client_reply(msg_handle, &reply); + + tfm_ns_multi_core_lock_release(); +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_DUALCPU/src/tfm_ns_mailbox.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_DUALCPU/src/tfm_ns_mailbox.c new file mode 100644 index 0000000..f7326f0 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_DUALCPU/src/tfm_ns_mailbox.c @@ -0,0 +1,425 @@ +/* + * Copyright (c) 2019-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include +#include "tfm_ns_mailbox.h" + +/* The pointer to NSPE mailbox queue */ +static struct ns_mailbox_queue_t *mailbox_queue_ptr = NULL; + +static inline void clear_queue_slot_empty(uint8_t idx) +{ + if (idx < NUM_MAILBOX_QUEUE_SLOT) { + mailbox_queue_ptr->empty_slots &= ~(1 << idx); + } +} + +static inline void set_queue_slot_empty(uint8_t idx) +{ + if (idx < NUM_MAILBOX_QUEUE_SLOT) { + mailbox_queue_ptr->empty_slots |= (1 << idx); + } +} + +static inline void set_queue_slot_pend(uint8_t idx) +{ + if (idx < NUM_MAILBOX_QUEUE_SLOT) { + mailbox_queue_ptr->pend_slots |= (1 << idx); + } +} + +static inline int32_t get_mailbox_msg_handle(uint8_t idx, + mailbox_msg_handle_t *handle) +{ + if ((idx >= NUM_MAILBOX_QUEUE_SLOT) || !handle) { + return MAILBOX_INVAL_PARAMS; + } + + *handle = (mailbox_msg_handle_t)(idx + 1); + + return MAILBOX_SUCCESS; +} + +static inline int32_t get_mailbox_msg_idx(mailbox_msg_handle_t handle, + uint8_t *idx) +{ + if ((handle == MAILBOX_MSG_NULL_HANDLE) || !idx) { + return MAILBOX_INVAL_PARAMS; + } + + *idx = (uint8_t)(handle - 1); + + return MAILBOX_SUCCESS; +} + +static inline void clear_queue_slot_replied(uint8_t idx) +{ + if (idx < NUM_MAILBOX_QUEUE_SLOT) { + mailbox_queue_ptr->replied_slots &= ~(1 << idx); + } +} + +static inline void set_queue_slot_woken(uint8_t idx) +{ + if (idx < NUM_MAILBOX_QUEUE_SLOT) { + mailbox_queue_ptr->queue[idx].is_woken = true; + } +} + +static inline bool is_queue_slot_woken(uint8_t idx) +{ + if (idx < NUM_MAILBOX_QUEUE_SLOT) { + return mailbox_queue_ptr->queue[idx].is_woken; + } + + return false; +} + +static inline void clear_queue_slot_woken(uint8_t idx) +{ + if (idx < NUM_MAILBOX_QUEUE_SLOT) { + mailbox_queue_ptr->queue[idx].is_woken = false; + } +} + +static uint8_t acquire_empty_slot(const struct ns_mailbox_queue_t *queue) +{ + uint8_t idx; + mailbox_queue_status_t status; + + tfm_ns_mailbox_hal_enter_critical(); + status = queue->empty_slots; + + if (!status) { + /* No empty slot */ + tfm_ns_mailbox_hal_exit_critical(); + return NUM_MAILBOX_QUEUE_SLOT; + } + + for (idx = 0; idx < NUM_MAILBOX_QUEUE_SLOT; idx++) { + if (status & (1 << idx)) { + break; + } + } + + clear_queue_slot_empty(idx); + + tfm_ns_mailbox_hal_exit_critical(); + + return idx; +} + +static void set_msg_owner(uint8_t idx, const void *owner) +{ + if (idx < NUM_MAILBOX_QUEUE_SLOT) { + mailbox_queue_ptr->queue[idx].owner = owner; + } +} + +#ifdef TFM_MULTI_CORE_TEST +void tfm_ns_mailbox_tx_stats_init(void) +{ + if (!mailbox_queue_ptr) { + return; + } + + tfm_ns_mailbox_hal_enter_critical(); + + mailbox_queue_ptr->nr_tx = 0; + mailbox_queue_ptr->nr_used_slots = 0; + + tfm_ns_mailbox_hal_exit_critical(); +} + +static void mailbox_tx_stats_update(struct ns_mailbox_queue_t *ns_queue) +{ + mailbox_queue_status_t empty_status; + uint8_t idx, nr_empty = 0; + + if (!ns_queue) { + return; + } + + tfm_ns_mailbox_hal_enter_critical(); + + ns_queue->nr_tx++; + + /* Count the number of used slots when this tx arrives */ + empty_status = ns_queue->empty_slots; + tfm_ns_mailbox_hal_exit_critical(); + + if (empty_status) { + for (idx = 0; idx < NUM_MAILBOX_QUEUE_SLOT; idx++) { + if (empty_status & (0x1UL << idx)) { + nr_empty++; + } + } + } + + tfm_ns_mailbox_hal_enter_critical(); + ns_queue->nr_used_slots += (NUM_MAILBOX_QUEUE_SLOT - nr_empty); + tfm_ns_mailbox_hal_exit_critical(); +} + +void tfm_ns_mailbox_stats_avg_slot(struct ns_mailbox_stats_res_t *stats_res) +{ + uint32_t nr_used_slots, nr_tx; + + if (!mailbox_queue_ptr || !stats_res) { + return; + } + + tfm_ns_mailbox_hal_enter_critical(); + nr_used_slots = mailbox_queue_ptr->nr_used_slots; + nr_tx = mailbox_queue_ptr->nr_tx; + tfm_ns_mailbox_hal_exit_critical(); + + stats_res->avg_nr_slots = nr_used_slots / nr_tx; + nr_used_slots %= nr_tx; + stats_res->avg_nr_slots_tenths = nr_used_slots * 10 / nr_tx; +} +#endif + +mailbox_msg_handle_t tfm_ns_mailbox_tx_client_req(uint32_t call_type, + const struct psa_client_params_t *params, + int32_t client_id) +{ + uint8_t idx; + struct mailbox_msg_t *msg_ptr; + mailbox_msg_handle_t handle; + const void *task_handle; + + if (!mailbox_queue_ptr) { + return MAILBOX_MSG_NULL_HANDLE; + } + + if (!params) { + return MAILBOX_MSG_NULL_HANDLE; + } + + idx = acquire_empty_slot(mailbox_queue_ptr); + if (idx >= NUM_MAILBOX_QUEUE_SLOT) { + return MAILBOX_QUEUE_FULL; + } + +#ifdef TFM_MULTI_CORE_TEST + mailbox_tx_stats_update(mailbox_queue_ptr); +#endif + + /* Fill the mailbox message */ + msg_ptr = &mailbox_queue_ptr->queue[idx].msg; + + msg_ptr->call_type = call_type; + memcpy(&msg_ptr->params, params, sizeof(msg_ptr->params)); + msg_ptr->client_id = client_id; + + /* + * Fetch the current task handle. The task will be woken up according the + * handle value set in the owner field. + */ + task_handle = tfm_ns_mailbox_get_task_handle(); + set_msg_owner(idx, task_handle); + + get_mailbox_msg_handle(idx, &handle); + + tfm_ns_mailbox_hal_enter_critical(); + set_queue_slot_pend(idx); + tfm_ns_mailbox_hal_exit_critical(); + + tfm_ns_mailbox_hal_notify_peer(); + + return handle; +} + +int32_t tfm_ns_mailbox_rx_client_reply(mailbox_msg_handle_t handle, + int32_t *reply) +{ + uint8_t idx; + int32_t ret; + + if (!mailbox_queue_ptr) { + return MAILBOX_INVAL_PARAMS; + } + + if ((handle == MAILBOX_MSG_NULL_HANDLE) || (!reply)) { + return MAILBOX_INVAL_PARAMS; + } + + ret = get_mailbox_msg_idx(handle, &idx); + if (ret != MAILBOX_SUCCESS) { + return ret; + } + + *reply = mailbox_queue_ptr->queue[idx].reply.return_val; + + /* Clear up the owner field */ + set_msg_owner(idx, NULL); + + tfm_ns_mailbox_hal_enter_critical(); + clear_queue_slot_replied(idx); + clear_queue_slot_woken(idx); + /* + * Make sure that the empty flag is set after all the other status flags are + * re-initialized. + */ + set_queue_slot_empty(idx); + tfm_ns_mailbox_hal_exit_critical(); + + return MAILBOX_SUCCESS; +} + +bool tfm_ns_mailbox_is_msg_replied(mailbox_msg_handle_t handle) +{ + uint8_t idx; + int32_t ret; + mailbox_queue_status_t status; + + if (!mailbox_queue_ptr) { + return false; + } + + if (handle == MAILBOX_MSG_NULL_HANDLE) { + return false; + } + + ret = get_mailbox_msg_idx(handle, &idx); + if (ret != MAILBOX_SUCCESS) { + return false; + } + + tfm_ns_mailbox_hal_enter_critical(); + status = mailbox_queue_ptr->replied_slots; + tfm_ns_mailbox_hal_exit_critical(); + + if (status & (1 << idx)) { + return true; + } + + return false; +} + +mailbox_msg_handle_t tfm_ns_mailbox_fetch_reply_msg_isr(void) +{ + uint8_t idx; + mailbox_msg_handle_t handle; + mailbox_queue_status_t replied_status; + + if (!mailbox_queue_ptr) { + return MAILBOX_MSG_NULL_HANDLE; + } + + tfm_ns_mailbox_hal_enter_critical_isr(); + replied_status = mailbox_queue_ptr->replied_slots; + tfm_ns_mailbox_hal_exit_critical_isr(); + + if (!replied_status) { + return MAILBOX_MSG_NULL_HANDLE; + } + + for (idx = 0; idx < NUM_MAILBOX_QUEUE_SLOT; idx++) { + /* Find the first replied message in queue */ + if (replied_status & (0x1UL << idx)) { + tfm_ns_mailbox_hal_enter_critical_isr(); + clear_queue_slot_replied(idx); + set_queue_slot_woken(idx); + tfm_ns_mailbox_hal_exit_critical_isr(); + + if (get_mailbox_msg_handle(idx, &handle) == MAILBOX_SUCCESS) { + return handle; + } + } + } + + return MAILBOX_MSG_NULL_HANDLE; +} + +const void *tfm_ns_mailbox_get_msg_owner(mailbox_msg_handle_t handle) +{ + uint8_t idx; + + if (get_mailbox_msg_idx(handle, &idx) != MAILBOX_SUCCESS) { + return NULL; + } + + if (idx < NUM_MAILBOX_QUEUE_SLOT) { + return mailbox_queue_ptr->queue[idx].owner; + } + + return NULL; +} + +int32_t tfm_ns_mailbox_init(struct ns_mailbox_queue_t *queue) +{ + int32_t ret; + + if (!queue) { + return MAILBOX_INVAL_PARAMS; + } + + /* + * Further verification of mailbox queue address may be required according + * to non-secure memory assignment. + */ + + memset(queue, 0, sizeof(*queue)); + + /* Initialize empty bitmask */ + queue->empty_slots = + (mailbox_queue_status_t)((1UL << (NUM_MAILBOX_QUEUE_SLOT - 1)) - 1); + queue->empty_slots += + (mailbox_queue_status_t)(1UL << (NUM_MAILBOX_QUEUE_SLOT - 1)); + + mailbox_queue_ptr = queue; + + /* Platform specific initialization. */ + ret = tfm_ns_mailbox_hal_init(queue); + +#ifdef TFM_MULTI_CORE_TEST + tfm_ns_mailbox_tx_stats_init(); +#endif + + return ret; +} + +#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL +int32_t tfm_ns_mailbox_wait_reply(mailbox_msg_handle_t handle) +{ + uint8_t idx; + int32_t ret; + + if (!mailbox_queue_ptr) { + return MAILBOX_INVAL_PARAMS; + } + + if (handle == MAILBOX_MSG_NULL_HANDLE) { + return MAILBOX_INVAL_PARAMS; + } + + ret = get_mailbox_msg_idx(handle, &idx); + if (ret != MAILBOX_SUCCESS) { + return ret; + } + + while (1) { + tfm_ns_mailbox_hal_wait_reply(handle); + + /* + * Woken up from sleep + * Check the completed flag to make sure that the current thread is + * woken up by reply event, rather than other events. + */ + tfm_ns_mailbox_hal_enter_critical(); + if (is_queue_slot_woken(idx)) { + tfm_ns_mailbox_hal_exit_critical(); + break; + } + tfm_ns_mailbox_hal_exit_critical(); + } + + return MAILBOX_SUCCESS; +} +#endif diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_V8M/src/cmsis_nvic_virtual.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_V8M/src/cmsis_nvic_virtual.c new file mode 100644 index 0000000..bee8597 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_V8M/src/cmsis_nvic_virtual.c @@ -0,0 +1,25 @@ +/* + * Copyright (c) 2019-2020 Arm Limited + * + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cmsis_nvic_virtual.h" +#include "tfm_platform_api.h" + +void NVIC_SystemReset(void) +{ + tfm_platform_system_reset(); +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_V8M/src/tfm_mbed_boot.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_V8M/src/tfm_mbed_boot.c new file mode 100644 index 0000000..87bcbbb --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_V8M/src/tfm_mbed_boot.c @@ -0,0 +1,37 @@ +/* mbed Microcontroller Library + * Copyright (c) 2020 ARM Limited + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "mbed_error.h" +#include "tfm_ns_interface.h" + +void mbed_tfm_init(void) +{ + /* + * In case of V8-M, we need to initialize NS interface + * after the RTOS has started to enable + * communication from Secure and Non-Secure cores. + */ + int32_t ret; + + ret = tfm_ns_interface_init(); + if (ret != TFM_SUCCESS) { + /* Avoid undefined behavior after NS interface initialization failed */ + MBED_ERROR(MBED_MAKE_ERROR(MBED_MODULE_PLATFORM, + MBED_ERROR_CODE_INITIALIZATION_FAILED), + "Failed to initialize NS interface"); + } +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_V8M/src/tfm_ns_interface.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_V8M/src/tfm_ns_interface.c new file mode 100644 index 0000000..9759145 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_V8M/src/tfm_ns_interface.c @@ -0,0 +1,64 @@ +/* + * Copyright (c) 2017-2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +#include +#include + +#include "tfm_api.h" +#include "tfm_ns_interface.h" +#include "cmsis_os2.h" + +/** + * \brief the ns_lock ID + */ +static osMutexId_t ns_lock_handle = NULL; + +__attribute__((weak)) +int32_t tfm_ns_interface_dispatch(veneer_fn fn, + uint32_t arg0, uint32_t arg1, + uint32_t arg2, uint32_t arg3) +{ + int32_t result; + osStatus_t status; + + /* TFM request protected by NS lock */ + status = osMutexAcquire(ns_lock_handle, osWaitForever); + if (status != osOK) { + return (int32_t)TFM_ERROR_GENERIC; + } + + result = fn(arg0, arg1, arg2, arg3); + + status = osMutexRelease(ns_lock_handle); + if (status != osOK) { + return (int32_t)TFM_ERROR_GENERIC; + } + + return result; +} + +__attribute__((weak)) +enum tfm_status_e tfm_ns_interface_init(void) +{ + const osMutexAttr_t attr = { + .name = NULL, + .attr_bits = osMutexPrioInherit, /* Priority inheritance is recommended + * to enable if it is supported. + * For recursive mutex and the ability + * of auto release when owner being + * terminated is not required. + */ + .cb_mem = NULL, + .cb_size = 0U + }; + + ns_lock_handle = osMutexNew(&attr); + if (!ns_lock_handle) { + return TFM_ERROR_GENERIC; + } + + return TFM_SUCCESS; +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_V8M/src/tfm_psa_ns_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_V8M/src/tfm_psa_ns_api.c new file mode 100644 index 0000000..9a677a2 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/TARGET_TFM_V8M/src/tfm_psa_ns_api.c @@ -0,0 +1,79 @@ +/* + * Copyright (c) 2018-2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include "psa/client.h" +#include "tfm_ns_interface.h" +#include "tfm_api.h" + +/**** API functions ****/ + +uint32_t psa_framework_version(void) +{ + return tfm_ns_interface_dispatch( + (veneer_fn)tfm_psa_framework_version_veneer, + 0, + 0, + 0, + 0); +} + +uint32_t psa_version(uint32_t sid) +{ + return tfm_ns_interface_dispatch( + (veneer_fn)tfm_psa_version_veneer, + sid, + 0, + 0, + 0); +} + +psa_handle_t psa_connect(uint32_t sid, uint32_t version) +{ + return tfm_ns_interface_dispatch( + (veneer_fn)tfm_psa_connect_veneer, + sid, + version, + 0, + 0); +} + +psa_status_t psa_call(psa_handle_t handle, int32_t type, + const psa_invec *in_vec, + size_t in_len, + psa_outvec *out_vec, + size_t out_len) +{ + /* FixMe: sanity check can be added to offload some NS thread checks from + * TFM secure API + */ + + /* Due to v8M restrictions, TF-M NS API needs to add another layer of + * serialization in order for NS to pass arguments to S + */ + const struct tfm_control_parameter_t ctrl_param = { + .type = type, + .in_len = in_len, + .out_len = out_len, + }; + + return tfm_ns_interface_dispatch( + (veneer_fn)tfm_psa_call_veneer, + (uint32_t)handle, + (uint32_t)&ctrl_param, + (uint32_t)in_vec, + (uint32_t)out_vec); +} + +void psa_close(psa_handle_t handle) +{ + (void)tfm_ns_interface_dispatch( + (veneer_fn)tfm_psa_close_veneer, + (uint32_t)handle, + 0, + 0, + 0); +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/VERSION.txt b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/VERSION.txt new file mode 100644 index 0000000..f10c477 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/VERSION.txt @@ -0,0 +1 @@ +eecaad9e4014 diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/cmsis_nvic_virtual.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/cmsis_nvic_virtual.h new file mode 100644 index 0000000..a1a8b61 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/cmsis_nvic_virtual.h @@ -0,0 +1,52 @@ +/* + * Copyright (c) 2019 Arm Limited + * + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cmsis.h" + +#ifndef NVIC_VIRTUAL_H +#define NVIC_VIRTUAL_H + +#ifdef __cplusplus +extern "C" { +#endif + +/* NVIC functions */ +#define NVIC_SetPriorityGrouping __NVIC_SetPriorityGrouping +#define NVIC_GetPriorityGrouping __NVIC_GetPriorityGrouping +#define NVIC_EnableIRQ __NVIC_EnableIRQ +#define NVIC_GetEnableIRQ __NVIC_GetEnableIRQ +#define NVIC_DisableIRQ __NVIC_DisableIRQ +#define NVIC_GetPendingIRQ __NVIC_GetPendingIRQ +#define NVIC_SetPendingIRQ __NVIC_SetPendingIRQ +#define NVIC_ClearPendingIRQ __NVIC_ClearPendingIRQ +#define NVIC_GetActive __NVIC_GetActive +#define NVIC_SetPriority __NVIC_SetPriority +#define NVIC_GetPriority __NVIC_GetPriority + +/** + * \brief Overriding the default CMSIS system reset implementation by calling + * secure TFM service. + * + */ +void NVIC_SystemReset(void); + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/ns_ipc_config.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/ns_ipc_config.h new file mode 100644 index 0000000..e1cd7b7 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/ns_ipc_config.h @@ -0,0 +1,22 @@ +/* + * Copyright (c) 2019 Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef _IPC_CONFIG_H_ +#define _IPC_CONFIG_H_ + +#include "platform_multicore.h" + +#define IPC_RX_CHAN IPC_PSA_CLIENT_REPLY_CHAN +#define IPC_RX_INTR_STRUCT IPC_PSA_CLIENT_REPLY_INTR_STRUCT +#define IPC_RX_INT_MASK IPC_PSA_CLIENT_REPLY_INTR_MASK + +#define IPC_TX_CHAN IPC_PSA_CLIENT_CALL_CHAN +#define IPC_TX_NOTIFY_MASK IPC_PSA_CLIENT_CALL_NOTIFY_MASK + +#define PSA_CLIENT_REPLY_NVIC_IRQn IPC_PSA_CLIENT_REPLY_IPC_INTR +#define PSA_CLIENT_REPLY_IRQ_PRIORITY 3 + +#endif diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/platform_multicore.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/platform_multicore.h new file mode 100644 index 0000000..d0d72d4 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/platform_multicore.h @@ -0,0 +1,102 @@ +/* + * Copyright (c) 2019, Arm Limited. All rights reserved. + * Copyright (c) 2019, Cypress Semiconductor Corporation. All rights reserved + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef _TFM_PLATFORM_MULTICORE_ +#define _TFM_PLATFORM_MULTICORE_ + +#include +#include "cy_device_headers.h" + +#define IPC_PSA_CLIENT_CALL_CHAN (8) +#define IPC_PSA_CLIENT_CALL_INTR_STRUCT (6) +#define IPC_PSA_CLIENT_CALL_INTR_MASK (1 << IPC_PSA_CLIENT_CALL_CHAN) +#define IPC_PSA_CLIENT_CALL_NOTIFY_MASK (1 << IPC_PSA_CLIENT_CALL_INTR_STRUCT) +#define IPC_PSA_CLIENT_CALL_IPC_INTR cpuss_interrupts_ipc_6_IRQn + +#define IPC_PSA_CLIENT_REPLY_CHAN (9) +#define IPC_PSA_CLIENT_REPLY_INTR_STRUCT (8) +#define IPC_PSA_CLIENT_REPLY_INTR_MASK (1 << IPC_PSA_CLIENT_REPLY_CHAN) +#define IPC_PSA_CLIENT_REPLY_NOTIFY_MASK (1 << IPC_PSA_CLIENT_REPLY_INTR_STRUCT) +#define IPC_PSA_CLIENT_REPLY_IPC_INTR cpuss_interrupts_ipc_8_IRQn + +#define IPC_RX_RELEASE_MASK (0) + +#define CY_IPC_NOTIFY_SHIFT (16) + +#define PSA_CLIENT_CALL_REQ_MAGIC (0xA5CF50C6) +#define PSA_CLIENT_CALL_REPLY_MAGIC (0xC605FC5A) + +#define NS_MAILBOX_INIT_ENABLE (0xAE) +#define S_MAILBOX_READY (0xC3) + +#define PLATFORM_MAILBOX_SUCCESS (0x0) +#define PLATFORM_MAILBOX_INVAL_PARAMS (INT32_MIN + 1) +#define PLATFORM_MAILBOX_TX_ERROR (INT32_MIN + 2) +#define PLATFORM_MAILBOX_RX_ERROR (INT32_MIN + 3) +#define PLATFORM_MAILBOX_INIT_ERROR (INT32_MIN + 4) + +/* Inter-Processor Communication (IPC) data channel for the Semaphores */ +#define PLATFORM_MAILBOX_IPC_CHAN_SEMA CY_IPC_CHAN_SEMA +#define MAILBOX_SEMAPHORE_NUM (16) + +#define IPC_SYNC_MAGIC 0x7DADE011 + +/** + * \brief Fetch a pointer from mailbox message + * + * \param[out] msg_ptr The address to write the pointer value to. + * + * \retval 0 The operation succeeds. + * \retval else The operation fails. + */ +int platform_mailbox_fetch_msg_ptr(void **msg_ptr); + +/** + * \brief Fetch a data value from mailbox message + * + * \param[out] data_ptr The address to write the pointer value to. + * + * \retval 0 The operation succeeds. + * \retval else The operation fails. + */ +int platform_mailbox_fetch_msg_data(uint32_t *data_ptr); + +/** + * \brief Send a pointer via mailbox message + * + * \param[in] msg_ptr The pointer value to be sent. + * + * \retval 0 The operation succeeds. + * \retval else The operation fails. + */ +int platform_mailbox_send_msg_ptr(const void *msg_ptr); + +/** + * \brief Send a data value via mailbox message + * + * \param[in] data The data value to be sent + * + * \retval 0 The operation succeeds. + * \retval else The operation fails. + */ +int platform_mailbox_send_msg_data(uint32_t data); + +/** + * \brief Wait for a mailbox notify event. + */ +void platform_mailbox_wait_for_notify(void); + +/** + * \brief IPC initialization + * + * \retval 0 The operation succeeds. + * \retval else The operation fails. + */ +int platform_ns_ipc_init(void); + +#endif diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/client.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/client.h new file mode 100644 index 0000000..4115f93 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/client.h @@ -0,0 +1,175 @@ +/* + * Copyright (c) 2018-2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __PSA_CLIENT_H__ +#define __PSA_CLIENT_H__ + +#include +#include + +#include "psa/error.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/*********************** PSA Client Macros and Types *************************/ + +/** + * The version of the PSA Framework API that is being used to build the calling + * firmware. + */ +#define PSA_FRAMEWORK_VERSION (0x0100u) + +/** + * Return value from psa_version() if the requested RoT Service is not present + * in the system. + */ +#define PSA_VERSION_NONE (0u) + +/** + * The zero-value null handle can be assigned to variables used in clients and + * RoT Services, indicating that there is no current connection or message. + */ +#define PSA_NULL_HANDLE ((psa_handle_t)0) + +/** + * Tests whether a handle value returned by psa_connect() is valid. + */ +#define PSA_HANDLE_IS_VALID(handle) ((psa_handle_t)(handle) > 0) + +/** + * Converts the handle value returned from a failed call psa_connect() into + * an error code. + */ +#define PSA_HANDLE_TO_ERROR(handle) ((psa_status_t)(handle)) + +/** + * Maximum number of input and output vectors for a request to psa_call(). + */ +#define PSA_MAX_IOVEC (4u) + +/** + * An IPC message type that indicates a generic client request. + */ +#define PSA_IPC_CALL (0) + +typedef int32_t psa_handle_t; + +/** + * A read-only input memory region provided to an RoT Service. + */ +typedef struct psa_invec { + const void *base; /*!< the start address of the memory buffer */ + size_t len; /*!< the size in bytes */ +} psa_invec; + +/** + * A writable output memory region provided to an RoT Service. + */ +typedef struct psa_outvec { + void *base; /*!< the start address of the memory buffer */ + size_t len; /*!< the size in bytes */ +} psa_outvec; + +/*************************** PSA Client API **********************************/ + +/** + * \brief Retrieve the version of the PSA Framework API that is implemented. + * + * \return version The version of the PSA Framework implementation + * that is providing the runtime services to the + * caller. The major and minor version are encoded + * as follows: + * \arg version[15:8] -- major version number. + * \arg version[7:0] -- minor version number. + */ +uint32_t psa_framework_version(void); + +/** + * \brief Retrieve the version of an RoT Service or indicate that it is not + * present on this system. + * + * \param[in] sid ID of the RoT Service to query. + * + * \retval PSA_VERSION_NONE The RoT Service is not implemented, or the + * caller is not permitted to access the service. + * \retval > 0 The version of the implemented RoT Service. + */ +uint32_t psa_version(uint32_t sid); + +/** + * \brief Connect to an RoT Service by its SID. + * + * \param[in] sid ID of the RoT Service to connect to. + * \param[in] version Requested version of the RoT Service. + * + * \retval > 0 A handle for the connection. + * \retval PSA_ERROR_CONNECTION_REFUSED The SPM or RoT Service has refused the + * connection. + * \retval PSA_ERROR_CONNECTION_BUSY The SPM or RoT Service cannot make the + * connection at the moment. + * \retval "PROGRAMMER ERROR" The call is a PROGRAMMER ERROR if one or more + * of the following are true: + * \arg The RoT Service ID is not present. + * \arg The RoT Service version is not supported. + * \arg The caller is not allowed to access the RoT + * service. + */ +psa_handle_t psa_connect(uint32_t sid, uint32_t version); + +/** + * \brief Call an RoT Service on an established connection. + * + * \param[in] handle A handle to an established connection. + * \param[in] type The reuqest type. + * Must be zero( \ref PSA_IPC_CALL) or positive. + * \param[in] in_vec Array of input \ref psa_invec structures. + * \param[in] in_len Number of input \ref psa_invec structures. + * \param[in/out] out_vec Array of output \ref psa_outvec structures. + * \param[in] out_len Number of output \ref psa_outvec structures. + * + * \retval >=0 RoT Service-specific status value. + * \retval <0 RoT Service-specific error code. + * \retval PSA_ERROR_PROGRAMMER_ERROR The connection has been terminated by the + * RoT Service. The call is a PROGRAMMER ERROR if + * one or more of the following are true: + * \arg An invalid handle was passed. + * \arg The connection is already handling a request. + * \arg type < 0. + * \arg An invalid memory reference was provided. + * \arg in_len + out_len > PSA_MAX_IOVEC. + * \arg The message is unrecognized by the RoT + * Service or incorrectly formatted. + */ +psa_status_t psa_call(psa_handle_t handle, int32_t type, + const psa_invec *in_vec, + size_t in_len, + psa_outvec *out_vec, + size_t out_len); + +/** + * \brief Close a connection to an RoT Service. + * + * \param[in] handle A handle to an established connection, or the + * null handle. + * + * \retval void Success. + * \retval "PROGRAMMER ERROR" The call is a PROGRAMMER ERROR if one or more + * of the following are true: + * \arg An invalid handle was provided that is not + * the null handle. + * \arg The connection is currently handling a + * request. + */ +void psa_close(psa_handle_t handle); + +#ifdef __cplusplus +} +#endif + +#endif /* __PSA_CLIENT_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto.h new file mode 100644 index 0000000..9158117 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto.h @@ -0,0 +1,3770 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +/** + * \file psa/crypto.h + * \brief Platform Security Architecture cryptography module + */ + +#ifndef PSA_CRYPTO_H +#define PSA_CRYPTO_H + +#include "psa/crypto_platform.h" + +#include + +#ifdef __DOXYGEN_ONLY__ +/* This __DOXYGEN_ONLY__ block contains mock definitions for things that + * must be defined in the crypto_platform.h header. These mock definitions + * are present in this file as a convenience to generate pretty-printed + * documentation that includes those definitions. */ + +/** \defgroup platform Implementation-specific definitions + * @{ + */ + +/** \brief Key handle. + * + * This type represents open handles to keys. It must be an unsigned integral + * type. The choice of type is implementation-dependent. + * + * 0 is not a valid key handle. How other handle values are assigned is + * implementation-dependent. + */ +typedef _unsigned_integral_type_ psa_key_handle_t; + +/**@}*/ +#endif /* __DOXYGEN_ONLY__ */ + +#ifdef __cplusplus +extern "C" { +#endif + +/* The file "crypto_types.h" declares types that encode errors, + * algorithms, key types, policies, etc. */ +#include "psa/crypto_types.h" + +/** \defgroup version API version + * @{ + */ + +/** + * The major version of this implementation of the PSA Crypto API + */ +#define PSA_CRYPTO_API_VERSION_MAJOR 1 + +/** + * The minor version of this implementation of the PSA Crypto API + */ +#define PSA_CRYPTO_API_VERSION_MINOR 0 + +/**@}*/ + +/* The file "crypto_values.h" declares macros to build and analyze values + * of integral types defined in "crypto_types.h". */ +#include "psa/crypto_values.h" + +/** \defgroup initialization Library initialization + * @{ + */ + +/** + * \brief Library initialization. + * + * Applications must call this function before calling any other + * function in this module. + * + * Applications may call this function more than once. Once a call + * succeeds, subsequent calls are guaranteed to succeed. + * + * If the application calls other functions before calling psa_crypto_init(), + * the behavior is undefined. Implementations are encouraged to either perform + * the operation as if the library had been initialized or to return + * #PSA_ERROR_BAD_STATE or some other applicable error. In particular, + * implementations should not return a success status if the lack of + * initialization may have security implications, for example due to improper + * seeding of the random number generator. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + */ +psa_status_t psa_crypto_init(void); + +/**@}*/ + +/** \addtogroup attributes + * @{ + */ + +/** \def PSA_KEY_ATTRIBUTES_INIT + * + * This macro returns a suitable initializer for a key attribute structure + * of type #psa_key_attributes_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_KEY_ATTRIBUTES_INIT {0} +#endif + +/** Return an initial value for a key attributes structure. + */ +static psa_key_attributes_t psa_key_attributes_init(void); + +/** Declare a key as persistent and set its key identifier. + * + * If the attribute structure currently declares the key as volatile (which + * is the default content of an attribute structure), this function sets + * the lifetime attribute to #PSA_KEY_LIFETIME_PERSISTENT. + * + * This function does not access storage, it merely stores the given + * value in the structure. + * The persistent key will be written to storage when the attribute + * structure is passed to a key creation function such as + * psa_import_key(), psa_generate_key(), + * psa_key_derivation_output_key() or psa_copy_key(). + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] attributes The attribute structure to write to. + * \param id The persistent identifier for the key. + */ +static void psa_set_key_id(psa_key_attributes_t *attributes, + psa_key_id_t id); + +/** Set the location of a persistent key. + * + * To make a key persistent, you must give it a persistent key identifier + * with psa_set_key_id(). By default, a key that has a persistent identifier + * is stored in the default storage area identifier by + * #PSA_KEY_LIFETIME_PERSISTENT. Call this function to choose a storage + * area, or to explicitly declare the key as volatile. + * + * This function does not access storage, it merely stores the given + * value in the structure. + * The persistent key will be written to storage when the attribute + * structure is passed to a key creation function such as + * psa_import_key(), psa_generate_key(), + * psa_key_derivation_output_key() or psa_copy_key(). + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] attributes The attribute structure to write to. + * \param lifetime The lifetime for the key. + * If this is #PSA_KEY_LIFETIME_VOLATILE, the + * key will be volatile, and the key identifier + * attribute is reset to 0. + */ +static void psa_set_key_lifetime(psa_key_attributes_t *attributes, + psa_key_lifetime_t lifetime); + +/** Retrieve the key identifier from key attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] attributes The key attribute structure to query. + * + * \return The persistent identifier stored in the attribute structure. + * This value is unspecified if the attribute structure declares + * the key as volatile. + */ +static psa_key_id_t psa_get_key_id(const psa_key_attributes_t *attributes); + +/** Retrieve the lifetime from key attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] attributes The key attribute structure to query. + * + * \return The lifetime value stored in the attribute structure. + */ +static psa_key_lifetime_t psa_get_key_lifetime( + const psa_key_attributes_t *attributes); + +/** Declare usage flags for a key. + * + * Usage flags are part of a key's usage policy. They encode what + * kind of operations are permitted on the key. For more details, + * refer to the documentation of the type #psa_key_usage_t. + * + * This function overwrites any usage flags + * previously set in \p attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] attributes The attribute structure to write to. + * \param usage_flags The usage flags to write. + */ +static void psa_set_key_usage_flags(psa_key_attributes_t *attributes, + psa_key_usage_t usage_flags); + +/** Retrieve the usage flags from key attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] attributes The key attribute structure to query. + * + * \return The usage flags stored in the attribute structure. + */ +static psa_key_usage_t psa_get_key_usage_flags( + const psa_key_attributes_t *attributes); + +/** Declare the permitted algorithm policy for a key. + * + * The permitted algorithm policy of a key encodes which algorithm or + * algorithms are permitted to be used with this key. The following + * algorithm policies are supported: + * - 0 does not allow any cryptographic operation with the key. The key + * may be used for non-cryptographic actions such as exporting (if + * permitted by the usage flags). + * - An algorithm value permits this particular algorithm. + * - An algorithm wildcard built from #PSA_ALG_ANY_HASH allows the specified + * signature scheme with any hash algorithm. + * + * This function overwrites any algorithm policy + * previously set in \p attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] attributes The attribute structure to write to. + * \param alg The permitted algorithm policy to write. + */ +static void psa_set_key_algorithm(psa_key_attributes_t *attributes, + psa_algorithm_t alg); + + +/** Retrieve the algorithm policy from key attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] attributes The key attribute structure to query. + * + * \return The algorithm stored in the attribute structure. + */ +static psa_algorithm_t psa_get_key_algorithm( + const psa_key_attributes_t *attributes); + +/** Declare the type of a key. + * + * This function overwrites any key type + * previously set in \p attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] attributes The attribute structure to write to. + * \param type The key type to write. + * If this is 0, the key type in \p attributes + * becomes unspecified. + */ +static void psa_set_key_type(psa_key_attributes_t *attributes, + psa_key_type_t type); + + +/** Declare the size of a key. + * + * This function overwrites any key size previously set in \p attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] attributes The attribute structure to write to. + * \param bits The key size in bits. + * If this is 0, the key size in \p attributes + * becomes unspecified. Keys of size 0 are + * not supported. + */ +static void psa_set_key_bits(psa_key_attributes_t *attributes, + size_t bits); + +/** Retrieve the key type from key attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] attributes The key attribute structure to query. + * + * \return The key type stored in the attribute structure. + */ +static psa_key_type_t psa_get_key_type(const psa_key_attributes_t *attributes); + +/** Retrieve the key size from key attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] attributes The key attribute structure to query. + * + * \return The key size stored in the attribute structure, in bits. + */ +static size_t psa_get_key_bits(const psa_key_attributes_t *attributes); + +/** Retrieve the attributes of a key. + * + * This function first resets the attribute structure as with + * psa_reset_key_attributes(). It then copies the attributes of + * the given key into the given attribute structure. + * + * \note This function may allocate memory or other resources. + * Once you have called this function on an attribute structure, + * you must call psa_reset_key_attributes() to free these resources. + * + * \param[in] handle Handle to the key to query. + * \param[in,out] attributes On success, the attributes of the key. + * On failure, equivalent to a + * freshly-initialized structure. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_get_key_attributes(psa_key_handle_t handle, + psa_key_attributes_t *attributes); + +/** Reset a key attribute structure to a freshly initialized state. + * + * You must initialize the attribute structure as described in the + * documentation of the type #psa_key_attributes_t before calling this + * function. Once the structure has been initialized, you may call this + * function at any time. + * + * This function frees any auxiliary resources that the structure + * may contain. + * + * \param[in,out] attributes The attribute structure to reset. + */ +void psa_reset_key_attributes(psa_key_attributes_t *attributes); + +/**@}*/ + +/** \defgroup key_management Key management + * @{ + */ + +/** Open a handle to an existing persistent key. + * + * Open a handle to a persistent key. A key is persistent if it was created + * with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE. A persistent key + * always has a nonzero key identifier, set with psa_set_key_id() when + * creating the key. Implementations may provide additional pre-provisioned + * keys that can be opened with psa_open_key(). Such keys have a key identifier + * in the vendor range, as documented in the description of #psa_key_id_t. + * + * The application must eventually close the handle with psa_close_key() or + * psa_destroy_key() to release associated resources. If the application dies + * without calling one of these functions, the implementation should perform + * the equivalent of a call to psa_close_key(). + * + * Some implementations permit an application to open the same key multiple + * times. If this is successful, each call to psa_open_key() will return a + * different key handle. + * + * \note Applications that rely on opening a key multiple times will not be + * portable to implementations that only permit a single key handle to be + * opened. See also :ref:\`key-handles\`. + * + * \param id The persistent identifier of the key. + * \param[out] handle On success, a handle to the key. + * + * \retval #PSA_SUCCESS + * Success. The application can now use the value of `*handle` + * to access the key. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * The implementation does not have sufficient resources to open the + * key. This can be due to reaching an implementation limit on the + * number of open keys, the number of open key handles, or available + * memory. + * \retval #PSA_ERROR_DOES_NOT_EXIST + * There is no persistent key with key identifier \p id. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p id is not a valid persistent key identifier. + * \retval #PSA_ERROR_NOT_PERMITTED + * The specified key exists, but the application does not have the + * permission to access it. Note that this specification does not + * define any way to create such a key, but it may be possible + * through implementation-specific means. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_open_key(psa_key_id_t id, + psa_key_handle_t *handle); + + +/** Close a key handle. + * + * If the handle designates a volatile key, this will destroy the key material + * and free all associated resources, just like psa_destroy_key(). + * + * If this is the last open handle to a persistent key, then closing the handle + * will free all resources associated with the key in volatile memory. The key + * data in persistent storage is not affected and can be opened again later + * with a call to psa_open_key(). + * + * Closing the key handle makes the handle invalid, and the key handle + * must not be used again by the application. + * + * \note If the key handle was used to set up an active + * :ref:\`multipart operation \`, then closing the + * key handle can cause the multipart operation to fail. Applications should + * maintain the key handle until after the multipart operation has finished. + * + * \param handle The key handle to close. + * If this is \c 0, do nothing and return \c PSA_SUCCESS. + * + * \retval #PSA_SUCCESS + * \p handle was a valid handle or \c 0. It is now closed. + * \retval #PSA_ERROR_INVALID_HANDLE + * \p handle is not a valid handle nor \c 0. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_close_key(psa_key_handle_t handle); + +/** Make a copy of a key. + * + * Copy key material from one location to another. + * + * This function is primarily useful to copy a key from one location + * to another, since it populates a key using the material from + * another key which may have a different lifetime. + * + * This function may be used to share a key with a different party, + * subject to implementation-defined restrictions on key sharing. + * + * The policy on the source key must have the usage flag + * #PSA_KEY_USAGE_COPY set. + * This flag is sufficient to permit the copy if the key has the lifetime + * #PSA_KEY_LIFETIME_VOLATILE or #PSA_KEY_LIFETIME_PERSISTENT. + * Some secure elements do not provide a way to copy a key without + * making it extractable from the secure element. If a key is located + * in such a secure element, then the key must have both usage flags + * #PSA_KEY_USAGE_COPY and #PSA_KEY_USAGE_EXPORT in order to make + * a copy of the key outside the secure element. + * + * The resulting key may only be used in a way that conforms to + * both the policy of the original key and the policy specified in + * the \p attributes parameter: + * - The usage flags on the resulting key are the bitwise-and of the + * usage flags on the source policy and the usage flags in \p attributes. + * - If both allow the same algorithm or wildcard-based + * algorithm policy, the resulting key has the same algorithm policy. + * - If either of the policies allows an algorithm and the other policy + * allows a wildcard-based algorithm policy that includes this algorithm, + * the resulting key allows the same algorithm. + * - If the policies do not allow any algorithm in common, this function + * fails with the status #PSA_ERROR_INVALID_ARGUMENT. + * + * The effect of this function on implementation-defined attributes is + * implementation-defined. + * + * \param source_handle The key to copy. It must be a valid key handle. + * \param[in] attributes The attributes for the new key. + * They are used as follows: + * - The key type and size may be 0. If either is + * nonzero, it must match the corresponding + * attribute of the source key. + * - The key location (the lifetime and, for + * persistent keys, the key identifier) is + * used directly. + * - The policy constraints (usage flags and + * algorithm policy) are combined from + * the source key and \p attributes so that + * both sets of restrictions apply, as + * described in the documentation of this function. + * \param[out] target_handle On success, a handle to the newly created key. + * \c 0 on failure. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \p source_handle is invalid. + * \retval #PSA_ERROR_ALREADY_EXISTS + * This is an attempt to create a persistent key, and there is + * already a persistent key with the given identifier. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The lifetime or identifier in \p attributes are invalid. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The policy constraints on the source and specified in + * \p attributes are incompatible. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p attributes specifies a key type or key size + * which does not match the attributes of the source key. + * \retval #PSA_ERROR_NOT_PERMITTED + * The source key does not have the #PSA_KEY_USAGE_COPY usage flag. + * \retval #PSA_ERROR_NOT_PERMITTED + * The source key is not exportable and its lifetime does not + * allow copying it to the target's lifetime. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_copy_key(psa_key_handle_t source_handle, + const psa_key_attributes_t *attributes, + psa_key_handle_t *target_handle); + + +/** + * \brief Destroy a key. + * + * This function destroys a key from both volatile + * memory and, if applicable, non-volatile storage. Implementations shall + * make a best effort to ensure that that the key material cannot be recovered. + * + * This function also erases any metadata such as policies and frees + * resources associated with the key. To free all resources associated with + * the key, all handles to the key must be closed or destroyed. + * + * Destroying the key makes the handle invalid, and the key handle + * must not be used again by the application. Using other open handles to the + * destroyed key in a cryptographic operation will result in an error. + * + * If a key is currently in use in a multipart operation, then destroying the + * key will cause the multipart operation to fail. + * + * \param handle Handle to the key to erase. + * If this is \c 0, do nothing and return \c PSA_SUCCESS. + * + * \retval #PSA_SUCCESS + * \p handle was a valid handle and the key material that it + * referred to has been erased. + * Alternatively, \p handle is \c 0. + * \retval #PSA_ERROR_NOT_PERMITTED + * The key cannot be erased because it is + * read-only, either due to a policy or due to physical restrictions. + * \retval #PSA_ERROR_INVALID_HANDLE + * \p handle is not a valid handle nor \c 0. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * There was an failure in communication with the cryptoprocessor. + * The key material may still be present in the cryptoprocessor. + * \retval #PSA_ERROR_STORAGE_FAILURE + * The storage is corrupted. Implementations shall make a best effort + * to erase key material even in this stage, however applications + * should be aware that it may be impossible to guarantee that the + * key material is not recoverable in such cases. + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * An unexpected condition which is not a storage corruption or + * a communication failure occurred. The cryptoprocessor may have + * been compromised. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_destroy_key(psa_key_handle_t handle); + +/**@}*/ + +/** \defgroup import_export Key import and export + * @{ + */ + +/** + * \brief Import a key in binary format. + * + * This function supports any output from psa_export_key(). Refer to the + * documentation of psa_export_public_key() for the format of public keys + * and to the documentation of psa_export_key() for the format for + * other key types. + * + * The key data determines the key size. The attributes may optionally + * specify a key size; in this case it must match the size determined + * from the key data. A key size of 0 in \p attributes indicates that + * the key size is solely determined by the key data. + * + * Implementations must reject an attempt to import a key of size 0. + * + * This specification supports a single format for each key type. + * Implementations may support other formats as long as the standard + * format is supported. Implementations that support other formats + * should ensure that the formats are clearly unambiguous so as to + * minimize the risk that an invalid input is accidentally interpreted + * according to a different format. + * + * \param[in] attributes The attributes for the new key. + * The key size is always determined from the + * \p data buffer. + * If the key size in \p attributes is nonzero, + * it must be equal to the size from \p data. + * \param[out] handle On success, a handle to the newly created key. + * \c 0 on failure. + * \param[in] data Buffer containing the key data. The content of this + * buffer is interpreted according to the type declared + * in \p attributes. + * All implementations must support at least the format + * described in the documentation + * of psa_export_key() or psa_export_public_key() for + * the chosen type. Implementations may allow other + * formats, but should be conservative: implementations + * should err on the side of rejecting content if it + * may be erroneous (e.g. wrong type or truncated data). + * \param data_length Size of the \p data buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * If the key is persistent, the key material and the key's metadata + * have been saved to persistent storage. + * \retval #PSA_ERROR_ALREADY_EXISTS + * This is an attempt to create a persistent key, and there is + * already a persistent key with the given identifier. + * \retval #PSA_ERROR_NOT_SUPPORTED + * The key type or key size is not supported, either by the + * implementation in general or in this particular persistent location. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The key attributes, as a whole, are invalid. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The key data is not correctly formatted. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The size in \p attributes is nonzero and does not match the size + * of the key data. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_import_key(const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + psa_key_handle_t *handle); + + + +/** + * \brief Export a key in binary format. + * + * The output of this function can be passed to psa_import_key() to + * create an equivalent object. + * + * If the implementation of psa_import_key() supports other formats + * beyond the format specified here, the output from psa_export_key() + * must use the representation specified here, not the original + * representation. + * + * For standard key types, the output format is as follows: + * + * - For symmetric keys (including MAC keys), the format is the + * raw bytes of the key. + * - For DES, the key data consists of 8 bytes. The parity bits must be + * correct. + * - For Triple-DES, the format is the concatenation of the + * two or three DES keys. + * - For RSA key pairs (#PSA_KEY_TYPE_RSA_KEY_PAIR), the format + * is the non-encrypted DER encoding of the representation defined by + * PKCS\#1 (RFC 8017) as `RSAPrivateKey`, version 0. + * ``` + * RSAPrivateKey ::= SEQUENCE { + * version INTEGER, -- must be 0 + * modulus INTEGER, -- n + * publicExponent INTEGER, -- e + * privateExponent INTEGER, -- d + * prime1 INTEGER, -- p + * prime2 INTEGER, -- q + * exponent1 INTEGER, -- d mod (p-1) + * exponent2 INTEGER, -- d mod (q-1) + * coefficient INTEGER, -- (inverse of q) mod p + * } + * ``` + * - For elliptic curve key pairs (key types for which + * #PSA_KEY_TYPE_IS_ECC_KEY_PAIR is true), the format is + * a representation of the private value as a `ceiling(m/8)`-byte string + * where `m` is the bit size associated with the curve, i.e. the bit size + * of the order of the curve's coordinate field. This byte string is + * in little-endian order for Montgomery curves (curve types + * `PSA_ECC_CURVE_CURVEXXX`), and in big-endian order for Weierstrass + * curves (curve types `PSA_ECC_CURVE_SECTXXX`, `PSA_ECC_CURVE_SECPXXX` + * and `PSA_ECC_CURVE_BRAINPOOL_PXXX`). + * This is the content of the `privateKey` field of the `ECPrivateKey` + * format defined by RFC 5915. + * - For Diffie-Hellman key exchange key pairs (key types for which + * #PSA_KEY_TYPE_IS_DH_KEY_PAIR is true), the + * format is the representation of the private key `x` as a big-endian byte + * string. The length of the byte string is the private key size in bytes + * (leading zeroes are not stripped). + * - For public keys (key types for which #PSA_KEY_TYPE_IS_PUBLIC_KEY is + * true), the format is the same as for psa_export_public_key(). + * + * The policy on the key must have the usage flag #PSA_KEY_USAGE_EXPORT set. + * + * \param handle Handle to the key to export. + * \param[out] data Buffer where the key data is to be written. + * \param data_size Size of the \p data buffer in bytes. + * \param[out] data_length On success, the number of bytes + * that make up the key data. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * The key does not have the #PSA_KEY_USAGE_EXPORT flag. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p data buffer is too small. You can determine a + * sufficient buffer size by calling + * #PSA_KEY_EXPORT_MAX_SIZE(\c type, \c bits) + * where \c type is the key type + * and \c bits is the key size in bits. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_export_key(psa_key_handle_t handle, + uint8_t *data, + size_t data_size, + size_t *data_length); + +/** + * \brief Export a public key or the public part of a key pair in binary format. + * + * The output of this function can be passed to psa_import_key() to + * create an object that is equivalent to the public key. + * + * This specification supports a single format for each key type. + * Implementations may support other formats as long as the standard + * format is supported. Implementations that support other formats + * should ensure that the formats are clearly unambiguous so as to + * minimize the risk that an invalid input is accidentally interpreted + * according to a different format. + * + * For standard key types, the output format is as follows: + * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the DER encoding of + * the representation defined by RFC 3279 §2.3.1 as `RSAPublicKey`. + * ``` + * RSAPublicKey ::= SEQUENCE { + * modulus INTEGER, -- n + * publicExponent INTEGER } -- e + * ``` + * - For elliptic curve public keys (key types for which + * #PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY is true), the format is the uncompressed + * representation defined by SEC1 §2.3.3 as the content of an ECPoint. + * Let `m` be the bit size associated with the curve, i.e. the bit size of + * `q` for a curve over `F_q`. The representation consists of: + * - The byte 0x04; + * - `x_P` as a `ceiling(m/8)`-byte string, big-endian; + * - `y_P` as a `ceiling(m/8)`-byte string, big-endian. + * - For Diffie-Hellman key exchange public keys (key types for which + * #PSA_KEY_TYPE_IS_DH_PUBLIC_KEY is true), + * the format is the representation of the public key `y = g^x mod p` as a + * big-endian byte string. The length of the byte string is the length of the + * base prime `p` in bytes. + * + * Exporting a public key object or the public part of a key pair is + * always permitted, regardless of the key's usage flags. + * + * \param handle Handle to the key to export. + * \param[out] data Buffer where the key data is to be written. + * \param data_size Size of the \p data buffer in bytes. + * \param[out] data_length On success, the number of bytes + * that make up the key data. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The key is neither a public key nor a key pair. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p data buffer is too small. You can determine a + * sufficient buffer size by calling + * #PSA_KEY_EXPORT_MAX_SIZE(#PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(\c type), \c bits) + * where \c type is the key type + * and \c bits is the key size in bits. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_export_public_key(psa_key_handle_t handle, + uint8_t *data, + size_t data_size, + size_t *data_length); + + + +/**@}*/ + +/** \defgroup hash Message digests + * @{ + */ + +/** Calculate the hash (digest) of a message. + * + * \note To verify the hash of a message against an + * expected value, use psa_hash_compare() instead. + * + * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_HASH(\p alg) is true). + * \param[in] input Buffer containing the message to hash. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] hash Buffer where the hash is to be written. + * \param hash_size Size of the \p hash buffer in bytes. + * \param[out] hash_length On success, the number of bytes + * that make up the hash value. This is always + * #PSA_HASH_SIZE(\p alg). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a hash algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p hash_size is too small + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_hash_compute(psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *hash, + size_t hash_size, + size_t *hash_length); + +/** Calculate the hash (digest) of a message and compare it with a + * reference value. + * + * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_HASH(\p alg) is true). + * \param[in] input Buffer containing the message to hash. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] hash Buffer containing the expected hash value. + * \param hash_length Size of the \p hash buffer in bytes. + * + * \retval #PSA_SUCCESS + * The expected hash is identical to the actual hash of the input. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The hash of the message was calculated successfully, but it + * differs from the expected hash. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a hash algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p input_length or \p hash_length do not match the hash size for \p alg + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_hash_compare(psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *hash, + const size_t hash_length); + +/** The type of the state data structure for multipart hash operations. + * + * Before calling any function on a hash operation object, the application must + * initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_hash_operation_t operation; + * memset(&operation, 0, sizeof(operation)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_hash_operation_t operation = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_HASH_OPERATION_INIT, + * for example: + * \code + * psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; + * \endcode + * - Assign the result of the function psa_hash_operation_init() + * to the structure, for example: + * \code + * psa_hash_operation_t operation; + * operation = psa_hash_operation_init(); + * \endcode + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. */ +typedef struct psa_hash_operation_s psa_hash_operation_t; + +/** \def PSA_HASH_OPERATION_INIT + * + * This macro returns a suitable initializer for a hash operation object + * of type #psa_hash_operation_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_HASH_OPERATION_INIT {0} +#endif + +/** Return an initial value for a hash operation object. + */ +static psa_hash_operation_t psa_hash_operation_init(void); + +/** Set up a multipart hash operation. + * + * The sequence of operations to calculate a hash (message digest) + * is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_hash_operation_t, e.g. #PSA_HASH_OPERATION_INIT. + * -# Call psa_hash_setup() to specify the algorithm. + * -# Call psa_hash_update() zero, one or more times, passing a fragment + * of the message each time. The hash that is calculated is the hash + * of the concatenation of these messages in order. + * -# To calculate the hash, call psa_hash_finish(). + * To compare the hash with an expected value, call psa_hash_verify(). + * + * If an error occurs at any step after a call to psa_hash_setup(), the + * operation will need to be reset by a call to psa_hash_abort(). The + * application may call psa_hash_abort() at any time after the operation + * has been initialized. + * + * After a successful call to psa_hash_setup(), the application must + * eventually terminate the operation. The following events terminate an + * operation: + * - A successful call to psa_hash_finish() or psa_hash_verify(). + * - A call to psa_hash_abort(). + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_hash_operation_t and not yet in use. + * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_HASH(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not a supported hash algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p alg is not a hash algorithm. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_hash_setup(psa_hash_operation_t *operation, + psa_algorithm_t alg); + +/** Add a message fragment to a multipart hash operation. + * + * The application must call psa_hash_setup() before calling this function. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_hash_abort(). + * + * \param[in,out] operation Active hash operation. + * \param[in] input Buffer containing the message fragment to hash. + * \param input_length Size of the \p input buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it muct be active). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_hash_update(psa_hash_operation_t *operation, + const uint8_t *input, + size_t input_length); + +/** Finish the calculation of the hash of a message. + * + * The application must call psa_hash_setup() before calling this function. + * This function calculates the hash of the message formed by concatenating + * the inputs passed to preceding calls to psa_hash_update(). + * + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_hash_abort(). + * + * \warning Applications should not call this function if they expect + * a specific value for the hash. Call psa_hash_verify() instead. + * Beware that comparing integrity or authenticity data such as + * hash values with a function such as \c memcmp is risky + * because the time taken by the comparison may leak information + * about the hashed data which could allow an attacker to guess + * a valid hash and thereby bypass security controls. + * + * \param[in,out] operation Active hash operation. + * \param[out] hash Buffer where the hash is to be written. + * \param hash_size Size of the \p hash buffer in bytes. + * \param[out] hash_length On success, the number of bytes + * that make up the hash value. This is always + * #PSA_HASH_SIZE(\c alg) where \c alg is the + * hash algorithm that is calculated. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p hash buffer is too small. You can determine a + * sufficient buffer size by calling #PSA_HASH_SIZE(\c alg) + * where \c alg is the hash algorithm that is calculated. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_hash_finish(psa_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length); + +/** Finish the calculation of the hash of a message and compare it with + * an expected value. + * + * The application must call psa_hash_setup() before calling this function. + * This function calculates the hash of the message formed by concatenating + * the inputs passed to preceding calls to psa_hash_update(). It then + * compares the calculated hash with the expected hash passed as a + * parameter to this function. + * + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_hash_abort(). + * + * \note Implementations shall make the best effort to ensure that the + * comparison between the actual hash and the expected hash is performed + * in constant time. + * + * \param[in,out] operation Active hash operation. + * \param[in] hash Buffer containing the expected hash value. + * \param hash_length Size of the \p hash buffer in bytes. + * + * \retval #PSA_SUCCESS + * The expected hash is identical to the actual hash of the message. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The hash of the message was calculated successfully, but it + * differs from the expected hash. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_hash_verify(psa_hash_operation_t *operation, + const uint8_t *hash, + size_t hash_length); + +/** Abort a hash operation. + * + * Aborting an operation frees all associated resources except for the + * \p operation structure itself. Once aborted, the operation object + * can be reused for another operation by calling + * psa_hash_setup() again. + * + * You may call this function any time after the operation object has + * been initialized by one of the methods described in #psa_hash_operation_t. + * + * In particular, calling psa_hash_abort() after the operation has been + * terminated by a call to psa_hash_abort(), psa_hash_finish() or + * psa_hash_verify() is safe and has no effect. + * + * \param[in,out] operation Initialized hash operation. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_hash_abort(psa_hash_operation_t *operation); + +/** Clone a hash operation. + * + * This function copies the state of an ongoing hash operation to + * a new operation object. In other words, this function is equivalent + * to calling psa_hash_setup() on \p target_operation with the same + * algorithm that \p source_operation was set up for, then + * psa_hash_update() on \p target_operation with the same input that + * that was passed to \p source_operation. After this function returns, the + * two objects are independent, i.e. subsequent calls involving one of + * the objects do not affect the other object. + * + * \param[in] source_operation The active hash operation to clone. + * \param[in,out] target_operation The operation object to set up. + * It must be initialized but not active. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_BAD_STATE + * The \p source_operation state is not valid (it must be active). + * \retval #PSA_ERROR_BAD_STATE + * The \p target_operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, + psa_hash_operation_t *target_operation); + +/**@}*/ + +/** \defgroup MAC Message authentication codes + * @{ + */ + +/** Calculate the MAC (message authentication code) of a message. + * + * \note To verify the MAC of a message against an + * expected value, use psa_mac_verify() instead. + * Beware that comparing integrity or authenticity data such as + * MAC values with a function such as \c memcmp is risky + * because the time taken by the comparison may leak information + * about the MAC value which could allow an attacker to guess + * a valid MAC and thereby bypass security controls. + * + * \param handle Handle to the key to use for the operation. + * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_MAC(\p alg) is true). + * \param[in] input Buffer containing the input message. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] mac Buffer where the MAC value is to be written. + * \param mac_size Size of the \p mac buffer in bytes. + * \param[out] mac_length On success, the number of bytes + * that make up the MAC value. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a MAC algorithm. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p mac_size is too small + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * The key could not be retrieved from storage. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_mac_compute(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *mac, + size_t mac_size, + size_t *mac_length); + +/** Calculate the MAC of a message and compare it with a reference value. + * + * \param handle Handle to the key to use for the operation. + * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_MAC(\p alg) is true). + * \param[in] input Buffer containing the input message. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] mac Buffer containing the expected MAC value. + * \param mac_length Size of the \p mac buffer in bytes. + * + * \retval #PSA_SUCCESS + * The expected MAC is identical to the actual MAC of the input. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The MAC of the message was calculated successfully, but it + * differs from the expected value. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a MAC algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * The key could not be retrieved from storage. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_mac_verify(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *mac, + const size_t mac_length); + +/** The type of the state data structure for multipart MAC operations. + * + * Before calling any function on a MAC operation object, the application must + * initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_mac_operation_t operation; + * memset(&operation, 0, sizeof(operation)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_mac_operation_t operation = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_MAC_OPERATION_INIT, + * for example: + * \code + * psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; + * \endcode + * - Assign the result of the function psa_mac_operation_init() + * to the structure, for example: + * \code + * psa_mac_operation_t operation; + * operation = psa_mac_operation_init(); + * \endcode + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. */ +typedef struct psa_mac_operation_s psa_mac_operation_t; + +/** \def PSA_MAC_OPERATION_INIT + * + * This macro returns a suitable initializer for a MAC operation object of type + * #psa_mac_operation_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_MAC_OPERATION_INIT {0} +#endif + +/** Return an initial value for a MAC operation object. + */ +static psa_mac_operation_t psa_mac_operation_init(void); + +/** Set up a multipart MAC calculation operation. + * + * This function sets up the calculation of the MAC + * (message authentication code) of a byte string. + * To verify the MAC of a message against an + * expected value, use psa_mac_verify_setup() instead. + * + * The sequence of operations to calculate a MAC is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_mac_operation_t, e.g. #PSA_MAC_OPERATION_INIT. + * -# Call psa_mac_sign_setup() to specify the algorithm and key. + * -# Call psa_mac_update() zero, one or more times, passing a fragment + * of the message each time. The MAC that is calculated is the MAC + * of the concatenation of these messages in order. + * -# At the end of the message, call psa_mac_sign_finish() to finish + * calculating the MAC value and retrieve it. + * + * If an error occurs at any step after a call to psa_mac_sign_setup(), the + * operation will need to be reset by a call to psa_mac_abort(). The + * application may call psa_mac_abort() at any time after the operation + * has been initialized. + * + * After a successful call to psa_mac_sign_setup(), the application must + * eventually terminate the operation through one of the following methods: + * - A successful call to psa_mac_sign_finish(). + * - A call to psa_mac_abort(). + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_mac_operation_t and not yet in use. + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_MAC(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a MAC algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * The key could not be retrieved from storage. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg); + +/** Set up a multipart MAC verification operation. + * + * This function sets up the verification of the MAC + * (message authentication code) of a byte string against an expected value. + * + * The sequence of operations to verify a MAC is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_mac_operation_t, e.g. #PSA_MAC_OPERATION_INIT. + * -# Call psa_mac_verify_setup() to specify the algorithm and key. + * -# Call psa_mac_update() zero, one or more times, passing a fragment + * of the message each time. The MAC that is calculated is the MAC + * of the concatenation of these messages in order. + * -# At the end of the message, call psa_mac_verify_finish() to finish + * calculating the actual MAC of the message and verify it against + * the expected value. + * + * If an error occurs at any step after a call to psa_mac_verify_setup(), the + * operation will need to be reset by a call to psa_mac_abort(). The + * application may call psa_mac_abort() at any time after the operation + * has been initialized. + * + * After a successful call to psa_mac_verify_setup(), the application must + * eventually terminate the operation through one of the following methods: + * - A successful call to psa_mac_verify_finish(). + * - A call to psa_mac_abort(). + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_mac_operation_t and not yet in use. + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_MAC(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c key is not compatible with \c alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \c alg is not supported or is not a MAC algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * The key could not be retrieved from storage + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg); + +/** Add a message fragment to a multipart MAC operation. + * + * The application must call psa_mac_sign_setup() or psa_mac_verify_setup() + * before calling this function. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_mac_abort(). + * + * \param[in,out] operation Active MAC operation. + * \param[in] input Buffer containing the message fragment to add to + * the MAC calculation. + * \param input_length Size of the \p input buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_mac_update(psa_mac_operation_t *operation, + const uint8_t *input, + size_t input_length); + +/** Finish the calculation of the MAC of a message. + * + * The application must call psa_mac_sign_setup() before calling this function. + * This function calculates the MAC of the message formed by concatenating + * the inputs passed to preceding calls to psa_mac_update(). + * + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_mac_abort(). + * + * \warning Applications should not call this function if they expect + * a specific value for the MAC. Call psa_mac_verify_finish() instead. + * Beware that comparing integrity or authenticity data such as + * MAC values with a function such as \c memcmp is risky + * because the time taken by the comparison may leak information + * about the MAC value which could allow an attacker to guess + * a valid MAC and thereby bypass security controls. + * + * \param[in,out] operation Active MAC operation. + * \param[out] mac Buffer where the MAC value is to be written. + * \param mac_size Size of the \p mac buffer in bytes. + * \param[out] mac_length On success, the number of bytes + * that make up the MAC value. This is always + * #PSA_MAC_FINAL_SIZE(\c key_type, \c key_bits, \c alg) + * where \c key_type and \c key_bits are the type and + * bit-size respectively of the key and \c alg is the + * MAC algorithm that is calculated. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be an active mac sign + * operation). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p mac buffer is too small. You can determine a + * sufficient buffer size by calling PSA_MAC_FINAL_SIZE(). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, + uint8_t *mac, + size_t mac_size, + size_t *mac_length); + +/** Finish the calculation of the MAC of a message and compare it with + * an expected value. + * + * The application must call psa_mac_verify_setup() before calling this function. + * This function calculates the MAC of the message formed by concatenating + * the inputs passed to preceding calls to psa_mac_update(). It then + * compares the calculated MAC with the expected MAC passed as a + * parameter to this function. + * + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_mac_abort(). + * + * \note Implementations shall make the best effort to ensure that the + * comparison between the actual MAC and the expected MAC is performed + * in constant time. + * + * \param[in,out] operation Active MAC operation. + * \param[in] mac Buffer containing the expected MAC value. + * \param mac_length Size of the \p mac buffer in bytes. + * + * \retval #PSA_SUCCESS + * The expected MAC is identical to the actual MAC of the message. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The MAC of the message was calculated successfully, but it + * differs from the expected MAC. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be an active mac verify + * operation). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, + const uint8_t *mac, + size_t mac_length); + +/** Abort a MAC operation. + * + * Aborting an operation frees all associated resources except for the + * \p operation structure itself. Once aborted, the operation object + * can be reused for another operation by calling + * psa_mac_sign_setup() or psa_mac_verify_setup() again. + * + * You may call this function any time after the operation object has + * been initialized by one of the methods described in #psa_mac_operation_t. + * + * In particular, calling psa_mac_abort() after the operation has been + * terminated by a call to psa_mac_abort(), psa_mac_sign_finish() or + * psa_mac_verify_finish() is safe and has no effect. + * + * \param[in,out] operation Initialized MAC operation. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_mac_abort(psa_mac_operation_t *operation); + +/**@}*/ + +/** \defgroup cipher Symmetric ciphers + * @{ + */ + +/** Encrypt a message using a symmetric cipher. + * + * This function encrypts a message with a random IV (initialization + * vector). Use the multipart operation interface with a + * #psa_cipher_operation_t object to provide other forms of IV. + * + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The cipher algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_CIPHER(\p alg) is true). + * \param[in] input Buffer containing the message to encrypt. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] output Buffer where the output is to be written. + * The output contains the IV followed by + * the ciphertext proper. + * \param output_size Size of the \p output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a cipher algorithm. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/** Decrypt a message using a symmetric cipher. + * + * This function decrypts a message encrypted with a symmetric cipher. + * + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The cipher algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_CIPHER(\p alg) is true). + * \param[in] input Buffer containing the message to decrypt. + * This consists of the IV followed by the + * ciphertext proper. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] output Buffer where the plaintext is to be written. + * \param output_size Size of the \p output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a cipher algorithm. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_cipher_decrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/** The type of the state data structure for multipart cipher operations. + * + * Before calling any function on a cipher operation object, the application + * must initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_cipher_operation_t operation; + * memset(&operation, 0, sizeof(operation)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_cipher_operation_t operation = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_CIPHER_OPERATION_INIT, + * for example: + * \code + * psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; + * \endcode + * - Assign the result of the function psa_cipher_operation_init() + * to the structure, for example: + * \code + * psa_cipher_operation_t operation; + * operation = psa_cipher_operation_init(); + * \endcode + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. */ +typedef struct psa_cipher_operation_s psa_cipher_operation_t; + +/** \def PSA_CIPHER_OPERATION_INIT + * + * This macro returns a suitable initializer for a cipher operation object of + * type #psa_cipher_operation_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_CIPHER_OPERATION_INIT {0} +#endif + +/** Return an initial value for a cipher operation object. + */ +static psa_cipher_operation_t psa_cipher_operation_init(void); + +/** Set the key for a multipart symmetric encryption operation. + * + * The sequence of operations to encrypt a message with a symmetric cipher + * is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_cipher_operation_t, e.g. + * #PSA_CIPHER_OPERATION_INIT. + * -# Call psa_cipher_encrypt_setup() to specify the algorithm and key. + * -# Call either psa_cipher_generate_iv() or psa_cipher_set_iv() to + * generate or set the IV (initialization vector). You should use + * psa_cipher_generate_iv() unless the protocol you are implementing + * requires a specific IV value. + * -# Call psa_cipher_update() zero, one or more times, passing a fragment + * of the message each time. + * -# Call psa_cipher_finish(). + * + * If an error occurs at any step after a call to psa_cipher_encrypt_setup(), + * the operation will need to be reset by a call to psa_cipher_abort(). The + * application may call psa_cipher_abort() at any time after the operation + * has been initialized. + * + * After a successful call to psa_cipher_encrypt_setup(), the application must + * eventually terminate the operation. The following events terminate an + * operation: + * - A successful call to psa_cipher_finish(). + * - A call to psa_cipher_abort(). + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_cipher_operation_t and not yet in use. + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The cipher algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_CIPHER(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a cipher algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg); + +/** Set the key for a multipart symmetric decryption operation. + * + * The sequence of operations to decrypt a message with a symmetric cipher + * is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_cipher_operation_t, e.g. + * #PSA_CIPHER_OPERATION_INIT. + * -# Call psa_cipher_decrypt_setup() to specify the algorithm and key. + * -# Call psa_cipher_set_iv() with the IV (initialization vector) for the + * decryption. If the IV is prepended to the ciphertext, you can call + * psa_cipher_update() on a buffer containing the IV followed by the + * beginning of the message. + * -# Call psa_cipher_update() zero, one or more times, passing a fragment + * of the message each time. + * -# Call psa_cipher_finish(). + * + * If an error occurs at any step after a call to psa_cipher_decrypt_setup(), + * the operation will need to be reset by a call to psa_cipher_abort(). The + * application may call psa_cipher_abort() at any time after the operation + * has been initialized. + * + * After a successful call to psa_cipher_decrypt_setup(), the application must + * eventually terminate the operation. The following events terminate an + * operation: + * - A successful call to psa_cipher_finish(). + * - A call to psa_cipher_abort(). + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_cipher_operation_t and not yet in use. + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The cipher algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_CIPHER(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a cipher algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg); + +/** Generate an IV for a symmetric encryption operation. + * + * This function generates a random IV (initialization vector), nonce + * or initial counter value for the encryption operation as appropriate + * for the chosen algorithm, key type and key size. + * + * The application must call psa_cipher_encrypt_setup() before + * calling this function. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_cipher_abort(). + * + * \param[in,out] operation Active cipher operation. + * \param[out] iv Buffer where the generated IV is to be written. + * \param iv_size Size of the \p iv buffer in bytes. + * \param[out] iv_length On success, the number of bytes of the + * generated IV. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, with no IV set). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p iv buffer is too small. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, + uint8_t *iv, + size_t iv_size, + size_t *iv_length); + +/** Set the IV for a symmetric encryption or decryption operation. + * + * This function sets the IV (initialization vector), nonce + * or initial counter value for the encryption or decryption operation. + * + * The application must call psa_cipher_encrypt_setup() before + * calling this function. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_cipher_abort(). + * + * \note When encrypting, applications should use psa_cipher_generate_iv() + * instead of this function, unless implementing a protocol that requires + * a non-random IV. + * + * \param[in,out] operation Active cipher operation. + * \param[in] iv Buffer containing the IV to use. + * \param iv_length Size of the IV in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be an active cipher + * encrypt operation, with no IV set). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The size of \p iv is not acceptable for the chosen algorithm, + * or the chosen algorithm does not use an IV. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, + const uint8_t *iv, + size_t iv_length); + +/** Encrypt or decrypt a message fragment in an active cipher operation. + * + * Before calling this function, you must: + * 1. Call either psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup(). + * The choice of setup function determines whether this function + * encrypts or decrypts its input. + * 2. If the algorithm requires an IV, call psa_cipher_generate_iv() + * (recommended when encrypting) or psa_cipher_set_iv(). + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_cipher_abort(). + * + * \param[in,out] operation Active cipher operation. + * \param[in] input Buffer containing the message fragment to + * encrypt or decrypt. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] output Buffer where the output is to be written. + * \param output_size Size of the \p output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the returned output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, with an IV set + * if required for the algorithm). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/** Finish encrypting or decrypting a message in a cipher operation. + * + * The application must call psa_cipher_encrypt_setup() or + * psa_cipher_decrypt_setup() before calling this function. The choice + * of setup function determines whether this function encrypts or + * decrypts its input. + * + * This function finishes the encryption or decryption of the message + * formed by concatenating the inputs passed to preceding calls to + * psa_cipher_update(). + * + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_cipher_abort(). + * + * \param[in,out] operation Active cipher operation. + * \param[out] output Buffer where the output is to be written. + * \param output_size Size of the \p output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the returned output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total input size passed to this operation is not valid for + * this particular algorithm. For example, the algorithm is a based + * on block cipher and requires a whole number of blocks, but the + * total input size is not a multiple of the block size. + * \retval #PSA_ERROR_INVALID_PADDING + * This is a decryption operation for an algorithm that includes + * padding, and the ciphertext does not contain valid padding. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, with an IV set + * if required for the algorithm). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/** Abort a cipher operation. + * + * Aborting an operation frees all associated resources except for the + * \p operation structure itself. Once aborted, the operation object + * can be reused for another operation by calling + * psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup() again. + * + * You may call this function any time after the operation object has + * been initialized as described in #psa_cipher_operation_t. + * + * In particular, calling psa_cipher_abort() after the operation has been + * terminated by a call to psa_cipher_abort() or psa_cipher_finish() + * is safe and has no effect. + * + * \param[in,out] operation Initialized cipher operation. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); + +/**@}*/ + +/** \defgroup aead Authenticated encryption with associated data (AEAD) + * @{ + */ + +/** Process an authenticated encryption operation. + * + * \param handle Handle to the key to use for the operation. + * \param alg The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * \param[in] nonce Nonce or IV to use. + * \param nonce_length Size of the \p nonce buffer in bytes. + * \param[in] additional_data Additional data that will be authenticated + * but not encrypted. + * \param additional_data_length Size of \p additional_data in bytes. + * \param[in] plaintext Data that will be authenticated and + * encrypted. + * \param plaintext_length Size of \p plaintext in bytes. + * \param[out] ciphertext Output buffer for the authenticated and + * encrypted data. The additional data is not + * part of this output. For algorithms where the + * encrypted data and the authentication tag + * are defined as separate outputs, the + * authentication tag is appended to the + * encrypted data. + * \param ciphertext_size Size of the \p ciphertext buffer in bytes. + * This must be at least + * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg, + * \p plaintext_length). + * \param[out] ciphertext_length On success, the size of the output + * in the \p ciphertext buffer. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not an AEAD algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p ciphertext_size is too small + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_encrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *plaintext, + size_t plaintext_length, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length); + +/** Process an authenticated decryption operation. + * + * \param handle Handle to the key to use for the operation. + * \param alg The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * \param[in] nonce Nonce or IV to use. + * \param nonce_length Size of the \p nonce buffer in bytes. + * \param[in] additional_data Additional data that has been authenticated + * but not encrypted. + * \param additional_data_length Size of \p additional_data in bytes. + * \param[in] ciphertext Data that has been authenticated and + * encrypted. For algorithms where the + * encrypted data and the authentication tag + * are defined as separate inputs, the buffer + * must contain the encrypted data followed + * by the authentication tag. + * \param ciphertext_length Size of \p ciphertext in bytes. + * \param[out] plaintext Output buffer for the decrypted data. + * \param plaintext_size Size of the \p plaintext buffer in bytes. + * This must be at least + * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg, + * \p ciphertext_length). + * \param[out] plaintext_length On success, the size of the output + * in the \p plaintext buffer. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The ciphertext is not authentic. + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not an AEAD algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p plaintext_size or \p nonce_length is too small + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_decrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *ciphertext, + size_t ciphertext_length, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length); + +/** The type of the state data structure for multipart AEAD operations. + * + * Before calling any function on an AEAD operation object, the application + * must initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_aead_operation_t operation; + * memset(&operation, 0, sizeof(operation)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_aead_operation_t operation = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_AEAD_OPERATION_INIT, + * for example: + * \code + * psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT; + * \endcode + * - Assign the result of the function psa_aead_operation_init() + * to the structure, for example: + * \code + * psa_aead_operation_t operation; + * operation = psa_aead_operation_init(); + * \endcode + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. */ +typedef struct psa_aead_operation_s psa_aead_operation_t; + +/** \def PSA_AEAD_OPERATION_INIT + * + * This macro returns a suitable initializer for an AEAD operation object of + * type #psa_aead_operation_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_AEAD_OPERATION_INIT {0} +#endif + +/** Return an initial value for an AEAD operation object. + */ +static psa_aead_operation_t psa_aead_operation_init(void); + +/** Set the key for a multipart authenticated encryption operation. + * + * The sequence of operations to encrypt a message with authentication + * is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_aead_operation_t, e.g. + * #PSA_AEAD_OPERATION_INIT. + * -# Call psa_aead_encrypt_setup() to specify the algorithm and key. + * -# If needed, call psa_aead_set_lengths() to specify the length of the + * inputs to the subsequent calls to psa_aead_update_ad() and + * psa_aead_update(). See the documentation of psa_aead_set_lengths() + * for details. + * -# Call either psa_aead_generate_nonce() or psa_aead_set_nonce() to + * generate or set the nonce. You should use + * psa_aead_generate_nonce() unless the protocol you are implementing + * requires a specific nonce value. + * -# Call psa_aead_update_ad() zero, one or more times, passing a fragment + * of the non-encrypted additional authenticated data each time. + * -# Call psa_aead_update() zero, one or more times, passing a fragment + * of the message to encrypt each time. + * -# Call psa_aead_finish(). + * + * If an error occurs at any step after a call to psa_aead_encrypt_setup(), + * the operation will need to be reset by a call to psa_aead_abort(). The + * application may call psa_aead_abort() at any time after the operation + * has been initialized. + * + * After a successful call to psa_aead_encrypt_setup(), the application must + * eventually terminate the operation. The following events terminate an + * operation: + * - A successful call to psa_aead_finish(). + * - A call to psa_aead_abort(). + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_aead_operation_t and not yet in use. + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not an AEAD algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg); + +/** Set the key for a multipart authenticated decryption operation. + * + * The sequence of operations to decrypt a message with authentication + * is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_aead_operation_t, e.g. + * #PSA_AEAD_OPERATION_INIT. + * -# Call psa_aead_decrypt_setup() to specify the algorithm and key. + * -# If needed, call psa_aead_set_lengths() to specify the length of the + * inputs to the subsequent calls to psa_aead_update_ad() and + * psa_aead_update(). See the documentation of psa_aead_set_lengths() + * for details. + * -# Call psa_aead_set_nonce() with the nonce for the decryption. + * -# Call psa_aead_update_ad() zero, one or more times, passing a fragment + * of the non-encrypted additional authenticated data each time. + * -# Call psa_aead_update() zero, one or more times, passing a fragment + * of the ciphertext to decrypt each time. + * -# Call psa_aead_verify(). + * + * If an error occurs at any step after a call to psa_aead_decrypt_setup(), + * the operation will need to be reset by a call to psa_aead_abort(). The + * application may call psa_aead_abort() at any time after the operation + * has been initialized. + * + * After a successful call to psa_aead_decrypt_setup(), the application must + * eventually terminate the operation. The following events terminate an + * operation: + * - A successful call to psa_aead_verify(). + * - A call to psa_aead_abort(). + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_aead_operation_t and not yet in use. + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not an AEAD algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg); + +/** Generate a random nonce for an authenticated encryption operation. + * + * This function generates a random nonce for the authenticated encryption + * operation with an appropriate size for the chosen algorithm, key type + * and key size. + * + * The application must call psa_aead_encrypt_setup() before + * calling this function. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). + * + * \param[in,out] operation Active AEAD operation. + * \param[out] nonce Buffer where the generated nonce is to be + * written. + * \param nonce_size Size of the \p nonce buffer in bytes. + * \param[out] nonce_length On success, the number of bytes of the + * generated nonce. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be an active aead encrypt + operation, with no nonce set). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p nonce buffer is too small. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, + uint8_t *nonce, + size_t nonce_size, + size_t *nonce_length); + +/** Set the nonce for an authenticated encryption or decryption operation. + * + * This function sets the nonce for the authenticated + * encryption or decryption operation. + * + * The application must call psa_aead_encrypt_setup() or + * psa_aead_decrypt_setup() before calling this function. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). + * + * \note When encrypting, applications should use psa_aead_generate_nonce() + * instead of this function, unless implementing a protocol that requires + * a non-random IV. + * + * \param[in,out] operation Active AEAD operation. + * \param[in] nonce Buffer containing the nonce to use. + * \param nonce_length Size of the nonce in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, with no nonce + * set). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The size of \p nonce is not acceptable for the chosen algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, + const uint8_t *nonce, + size_t nonce_length); + +/** Declare the lengths of the message and additional data for AEAD. + * + * The application must call this function before calling + * psa_aead_update_ad() or psa_aead_update() if the algorithm for + * the operation requires it. If the algorithm does not require it, + * calling this function is optional, but if this function is called + * then the implementation must enforce the lengths. + * + * You may call this function before or after setting the nonce with + * psa_aead_set_nonce() or psa_aead_generate_nonce(). + * + * - For #PSA_ALG_CCM, calling this function is required. + * - For the other AEAD algorithms defined in this specification, calling + * this function is not required. + * - For vendor-defined algorithm, refer to the vendor documentation. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). + * + * \param[in,out] operation Active AEAD operation. + * \param ad_length Size of the non-encrypted additional + * authenticated data in bytes. + * \param plaintext_length Size of the plaintext to encrypt in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, and + * psa_aead_update_ad() and psa_aead_update() must not have been + * called yet). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * At least one of the lengths is not acceptable for the chosen + * algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, + size_t ad_length, + size_t plaintext_length); + +/** Pass additional data to an active AEAD operation. + * + * Additional data is authenticated, but not encrypted. + * + * You may call this function multiple times to pass successive fragments + * of the additional data. You may not call this function after passing + * data to encrypt or decrypt with psa_aead_update(). + * + * Before calling this function, you must: + * 1. Call either psa_aead_encrypt_setup() or psa_aead_decrypt_setup(). + * 2. Set the nonce with psa_aead_generate_nonce() or psa_aead_set_nonce(). + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). + * + * \warning When decrypting, until psa_aead_verify() has returned #PSA_SUCCESS, + * there is no guarantee that the input is valid. Therefore, until + * you have called psa_aead_verify() and it has returned #PSA_SUCCESS, + * treat the input as untrusted and prepare to undo any action that + * depends on the input if psa_aead_verify() returns an error status. + * + * \param[in,out] operation Active AEAD operation. + * \param[in] input Buffer containing the fragment of + * additional data. + * \param input_length Size of the \p input buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, have a nonce + * set, have lengths set if required by the algorithm, and + * psa_aead_update() must not have been called yet). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total input length overflows the additional data length that + * was previously specified with psa_aead_set_lengths(). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, + const uint8_t *input, + size_t input_length); + +/** Encrypt or decrypt a message fragment in an active AEAD operation. + * + * Before calling this function, you must: + * 1. Call either psa_aead_encrypt_setup() or psa_aead_decrypt_setup(). + * The choice of setup function determines whether this function + * encrypts or decrypts its input. + * 2. Set the nonce with psa_aead_generate_nonce() or psa_aead_set_nonce(). + * 3. Call psa_aead_update_ad() to pass all the additional data. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). + * + * \warning When decrypting, until psa_aead_verify() has returned #PSA_SUCCESS, + * there is no guarantee that the input is valid. Therefore, until + * you have called psa_aead_verify() and it has returned #PSA_SUCCESS: + * - Do not use the output in any way other than storing it in a + * confidential location. If you take any action that depends + * on the tentative decrypted data, this action will need to be + * undone if the input turns out not to be valid. Furthermore, + * if an adversary can observe that this action took place + * (for example through timing), they may be able to use this + * fact as an oracle to decrypt any message encrypted with the + * same key. + * - In particular, do not copy the output anywhere but to a + * memory or storage space that you have exclusive access to. + * + * This function does not require the input to be aligned to any + * particular block boundary. If the implementation can only process + * a whole block at a time, it must consume all the input provided, but + * it may delay the end of the corresponding output until a subsequent + * call to psa_aead_update(), psa_aead_finish() or psa_aead_verify() + * provides sufficient input. The amount of data that can be delayed + * in this way is bounded by #PSA_AEAD_UPDATE_OUTPUT_SIZE. + * + * \param[in,out] operation Active AEAD operation. + * \param[in] input Buffer containing the message fragment to + * encrypt or decrypt. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] output Buffer where the output is to be written. + * \param output_size Size of the \p output buffer in bytes. + * This must be at least + * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c alg, + * \p input_length) where \c alg is the + * algorithm that is being calculated. + * \param[out] output_length On success, the number of bytes + * that make up the returned output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, have a nonce + * set, and have lengths set if required by the algorithm). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. + * You can determine a sufficient buffer size by calling + * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c alg, \p input_length) + * where \c alg is the algorithm that is being calculated. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total length of input to psa_aead_update_ad() so far is + * less than the additional data length that was previously + * specified with psa_aead_set_lengths(). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total input length overflows the plaintext length that + * was previously specified with psa_aead_set_lengths(). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_update(psa_aead_operation_t *operation, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/** Finish encrypting a message in an AEAD operation. + * + * The operation must have been set up with psa_aead_encrypt_setup(). + * + * This function finishes the authentication of the additional data + * formed by concatenating the inputs passed to preceding calls to + * psa_aead_update_ad() with the plaintext formed by concatenating the + * inputs passed to preceding calls to psa_aead_update(). + * + * This function has two output buffers: + * - \p ciphertext contains trailing ciphertext that was buffered from + * preceding calls to psa_aead_update(). + * - \p tag contains the authentication tag. Its length is always + * #PSA_AEAD_TAG_LENGTH(\c alg) where \c alg is the AEAD algorithm + * that the operation performs. + * + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). + * + * \param[in,out] operation Active AEAD operation. + * \param[out] ciphertext Buffer where the last part of the ciphertext + * is to be written. + * \param ciphertext_size Size of the \p ciphertext buffer in bytes. + * This must be at least + * #PSA_AEAD_FINISH_OUTPUT_SIZE(\c alg) where + * \c alg is the algorithm that is being + * calculated. + * \param[out] ciphertext_length On success, the number of bytes of + * returned ciphertext. + * \param[out] tag Buffer where the authentication tag is + * to be written. + * \param tag_size Size of the \p tag buffer in bytes. + * This must be at least + * #PSA_AEAD_TAG_LENGTH(\c alg) where \c alg is + * the algorithm that is being calculated. + * \param[out] tag_length On success, the number of bytes + * that make up the returned tag. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be an active encryption + * operation with a nonce set). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p ciphertext or \p tag buffer is too small. + * You can determine a sufficient buffer size for \p ciphertext by + * calling #PSA_AEAD_FINISH_OUTPUT_SIZE(\c alg) + * where \c alg is the algorithm that is being calculated. + * You can determine a sufficient buffer size for \p tag by + * calling #PSA_AEAD_TAG_LENGTH(\c alg). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total length of input to psa_aead_update_ad() so far is + * less than the additional data length that was previously + * specified with psa_aead_set_lengths(). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total length of input to psa_aead_update() so far is + * less than the plaintext length that was previously + * specified with psa_aead_set_lengths(). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_finish(psa_aead_operation_t *operation, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length, + uint8_t *tag, + size_t tag_size, + size_t *tag_length); + +/** Finish authenticating and decrypting a message in an AEAD operation. + * + * The operation must have been set up with psa_aead_decrypt_setup(). + * + * This function finishes the authenticated decryption of the message + * components: + * + * - The additional data consisting of the concatenation of the inputs + * passed to preceding calls to psa_aead_update_ad(). + * - The ciphertext consisting of the concatenation of the inputs passed to + * preceding calls to psa_aead_update(). + * - The tag passed to this function call. + * + * If the authentication tag is correct, this function outputs any remaining + * plaintext and reports success. If the authentication tag is not correct, + * this function returns #PSA_ERROR_INVALID_SIGNATURE. + * + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). + * + * \note Implementations shall make the best effort to ensure that the + * comparison between the actual tag and the expected tag is performed + * in constant time. + * + * \param[in,out] operation Active AEAD operation. + * \param[out] plaintext Buffer where the last part of the plaintext + * is to be written. This is the remaining data + * from previous calls to psa_aead_update() + * that could not be processed until the end + * of the input. + * \param plaintext_size Size of the \p plaintext buffer in bytes. + * This must be at least + * #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c alg) where + * \c alg is the algorithm that is being + * calculated. + * \param[out] plaintext_length On success, the number of bytes of + * returned plaintext. + * \param[in] tag Buffer containing the authentication tag. + * \param tag_length Size of the \p tag buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The calculations were successful, but the authentication tag is + * not correct. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be an active decryption + * operation with a nonce set). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p plaintext buffer is too small. + * You can determine a sufficient buffer size for \p plaintext by + * calling #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c alg) + * where \c alg is the algorithm that is being calculated. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total length of input to psa_aead_update_ad() so far is + * less than the additional data length that was previously + * specified with psa_aead_set_lengths(). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total length of input to psa_aead_update() so far is + * less than the plaintext length that was previously + * specified with psa_aead_set_lengths(). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_verify(psa_aead_operation_t *operation, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length, + const uint8_t *tag, + size_t tag_length); + +/** Abort an AEAD operation. + * + * Aborting an operation frees all associated resources except for the + * \p operation structure itself. Once aborted, the operation object + * can be reused for another operation by calling + * psa_aead_encrypt_setup() or psa_aead_decrypt_setup() again. + * + * You may call this function any time after the operation object has + * been initialized as described in #psa_aead_operation_t. + * + * In particular, calling psa_aead_abort() after the operation has been + * terminated by a call to psa_aead_abort(), psa_aead_finish() or + * psa_aead_verify() is safe and has no effect. + * + * \param[in,out] operation Initialized AEAD operation. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_abort(psa_aead_operation_t *operation); + +/**@}*/ + +/** \defgroup asymmetric Asymmetric cryptography + * @{ + */ + +/** + * \brief Sign a hash or short message with a private key. + * + * Note that to perform a hash-and-sign signature algorithm, you must + * first calculate the hash by calling psa_hash_setup(), psa_hash_update() + * and psa_hash_finish(). Then pass the resulting hash as the \p hash + * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) + * to determine the hash algorithm to use. + * + * \param handle Handle to the key to use for the operation. + * It must be an asymmetric key pair. + * \param alg A signature algorithm that is compatible with + * the type of \p handle. + * \param[in] hash The hash or message to sign. + * \param hash_length Size of the \p hash buffer in bytes. + * \param[out] signature Buffer where the signature is to be written. + * \param signature_size Size of the \p signature buffer in bytes. + * \param[out] signature_length On success, the number of bytes + * that make up the returned signature value. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p signature buffer is too small. You can + * determine a sufficient buffer size by calling + * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) + * where \c key_type and \c key_bits are the type and bit-size + * respectively of \p handle. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_sign_hash(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length); + +/** + * \brief Verify the signature a hash or short message using a public key. + * + * Note that to perform a hash-and-sign signature algorithm, you must + * first calculate the hash by calling psa_hash_setup(), psa_hash_update() + * and psa_hash_finish(). Then pass the resulting hash as the \p hash + * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) + * to determine the hash algorithm to use. + * + * \param handle Handle to the key to use for the operation. + * It must be a public key or an asymmetric key pair. + * \param alg A signature algorithm that is compatible with + * the type of \p handle. + * \param[in] hash The hash or message whose signature is to be + * verified. + * \param hash_length Size of the \p hash buffer in bytes. + * \param[in] signature Buffer containing the signature to verify. + * \param signature_length Size of the \p signature buffer in bytes. + * + * \retval #PSA_SUCCESS + * The signature is valid. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The calculation was perfomed successfully, but the passed + * signature is not a valid signature. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_verify_hash(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length); + +/** + * \brief Encrypt a short message with a public key. + * + * \param handle Handle to the key to use for the operation. + * It must be a public key or an asymmetric + * key pair. + * \param alg An asymmetric encryption algorithm that is + * compatible with the type of \p handle. + * \param[in] input The message to encrypt. + * \param input_length Size of the \p input buffer in bytes. + * \param[in] salt A salt or label, if supported by the + * encryption algorithm. + * If the algorithm does not support a + * salt, pass \c NULL. + * If the algorithm supports an optional + * salt and you do not want to pass a salt, + * pass \c NULL. + * + * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is + * supported. + * \param salt_length Size of the \p salt buffer in bytes. + * If \p salt is \c NULL, pass 0. + * \param[out] output Buffer where the encrypted message is to + * be written. + * \param output_size Size of the \p output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the returned output. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. You can + * determine a sufficient buffer size by calling + * #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) + * where \c key_type and \c key_bits are the type and bit-size + * respectively of \p handle. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/** + * \brief Decrypt a short message with a private key. + * + * \param handle Handle to the key to use for the operation. + * It must be an asymmetric key pair. + * \param alg An asymmetric encryption algorithm that is + * compatible with the type of \p handle. + * \param[in] input The message to decrypt. + * \param input_length Size of the \p input buffer in bytes. + * \param[in] salt A salt or label, if supported by the + * encryption algorithm. + * If the algorithm does not support a + * salt, pass \c NULL. + * If the algorithm supports an optional + * salt and you do not want to pass a salt, + * pass \c NULL. + * + * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is + * supported. + * \param salt_length Size of the \p salt buffer in bytes. + * If \p salt is \c NULL, pass 0. + * \param[out] output Buffer where the decrypted message is to + * be written. + * \param output_size Size of the \c output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the returned output. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. You can + * determine a sufficient buffer size by calling + * #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) + * where \c key_type and \c key_bits are the type and bit-size + * respectively of \p handle. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_INVALID_PADDING + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_asymmetric_decrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/**@}*/ + +/** \defgroup key_derivation Key derivation and pseudorandom generation + * @{ + */ + +/** The type of the state data structure for key derivation operations. + * + * Before calling any function on a key derivation operation object, the + * application must initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_key_derivation_operation_t operation; + * memset(&operation, 0, sizeof(operation)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_key_derivation_operation_t operation = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_KEY_DERIVATION_OPERATION_INIT, + * for example: + * \code + * psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; + * \endcode + * - Assign the result of the function psa_key_derivation_operation_init() + * to the structure, for example: + * \code + * psa_key_derivation_operation_t operation; + * operation = psa_key_derivation_operation_init(); + * \endcode + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. + */ +typedef struct psa_key_derivation_s psa_key_derivation_operation_t; + +/** \def PSA_KEY_DERIVATION_OPERATION_INIT + * + * This macro returns a suitable initializer for a key derivation operation + * object of type #psa_key_derivation_operation_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_KEY_DERIVATION_OPERATION_INIT {0} +#endif + +/** Return an initial value for a key derivation operation object. + */ +static psa_key_derivation_operation_t psa_key_derivation_operation_init(void); + +/** Set up a key derivation operation. + * + * A key derivation algorithm takes some inputs and uses them to generate + * a byte stream in a deterministic way. + * This byte stream can be used to produce keys and other + * cryptographic material. + * + * To derive a key: + * -# Start with an initialized object of type #psa_key_derivation_operation_t. + * -# Call psa_key_derivation_setup() to select the algorithm. + * -# Provide the inputs for the key derivation by calling + * psa_key_derivation_input_bytes() or psa_key_derivation_input_key() + * as appropriate. Which inputs are needed, in what order, and whether + * they may be keys and if so of what type depends on the algorithm. + * -# Optionally set the operation's maximum capacity with + * psa_key_derivation_set_capacity(). You may do this before, in the middle + * of or after providing inputs. For some algorithms, this step is mandatory + * because the output depends on the maximum capacity. + * -# To derive a key, call psa_key_derivation_output_key(). + * To derive a byte string for a different purpose, call + * psa_key_derivation_output_bytes(). + * Successive calls to these functions use successive output bytes + * calculated by the key derivation algorithm. + * -# Clean up the key derivation operation object with + * psa_key_derivation_abort(). + * + * If this function returns an error, the key derivation operation object is + * not changed. + * + * If an error occurs at any step after a call to psa_key_derivation_setup(), + * the operation will need to be reset by a call to psa_key_derivation_abort(). + * + * Implementations must reject an attempt to derive a key of size 0. + * + * \param[in,out] operation The key derivation operation object + * to set up. It must + * have been initialized but not set up yet. + * \param alg The key derivation algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_KEY_DERIVATION(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c alg is not a key derivation algorithm. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \c alg is not supported or is not a key derivation algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_setup( + psa_key_derivation_operation_t *operation, + psa_algorithm_t alg); + +/** Retrieve the current capacity of a key derivation operation. + * + * The capacity of a key derivation is the maximum number of bytes that it can + * return. When you get *N* bytes of output from a key derivation operation, + * this reduces its capacity by *N*. + * + * \param[in] operation The operation to query. + * \param[out] capacity On success, the capacity of the operation. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active). + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_get_capacity( + const psa_key_derivation_operation_t *operation, + size_t *capacity); + +/** Set the maximum capacity of a key derivation operation. + * + * The capacity of a key derivation operation is the maximum number of bytes + * that the key derivation operation can return from this point onwards. + * + * \param[in,out] operation The key derivation operation object to modify. + * \param capacity The new capacity of the operation. + * It must be less or equal to the operation's + * current capacity. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p capacity is larger than the operation's current capacity. + * In this case, the operation object remains valid and its capacity + * remains unchanged. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active). + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_set_capacity( + psa_key_derivation_operation_t *operation, + size_t capacity); + +/** Use the maximum possible capacity for a key derivation operation. + * + * Use this value as the capacity argument when setting up a key derivation + * to indicate that the operation should have the maximum possible capacity. + * The value of the maximum possible capacity depends on the key derivation + * algorithm. + */ +#define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ((size_t)(-1)) + +/** Provide an input for key derivation or key agreement. + * + * Which inputs are required and in what order depends on the algorithm. + * Refer to the documentation of each key derivation or key agreement + * algorithm for information. + * + * This function passes direct inputs, which is usually correct for + * non-secret inputs. To pass a secret input, which should be in a key + * object, call psa_key_derivation_input_key() instead of this function. + * Refer to the documentation of individual step types + * (`PSA_KEY_DERIVATION_INPUT_xxx` values of type ::psa_key_derivation_step_t) + * for more information. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_key_derivation_abort(). + * + * \param[in,out] operation The key derivation operation object to use. + * It must have been set up with + * psa_key_derivation_setup() and must not + * have produced any output yet. + * \param step Which step the input data is for. + * \param[in] data Input data to use. + * \param data_length Size of the \p data buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step is not compatible with the operation's algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step does not allow direct inputs. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid for this input \p step. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_input_bytes( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length); + +/** Provide an input for key derivation in the form of a key. + * + * Which inputs are required and in what order depends on the algorithm. + * Refer to the documentation of each key derivation or key agreement + * algorithm for information. + * + * This function obtains input from a key object, which is usually correct for + * secret inputs or for non-secret personalization strings kept in the key + * store. To pass a non-secret parameter which is not in the key store, + * call psa_key_derivation_input_bytes() instead of this function. + * Refer to the documentation of individual step types + * (`PSA_KEY_DERIVATION_INPUT_xxx` values of type ::psa_key_derivation_step_t) + * for more information. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_key_derivation_abort(). + * + * \param[in,out] operation The key derivation operation object to use. + * It must have been set up with + * psa_key_derivation_setup() and must not + * have produced any output yet. + * \param step Which step the input data is for. + * \param handle Handle to the key. It must have an + * appropriate type for \p step and must + * allow the usage #PSA_KEY_USAGE_DERIVE. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step is not compatible with the operation's algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step does not allow key inputs of the given type + * or does not allow key inputs at all. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid for this input \p step. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_input_key( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + psa_key_handle_t handle); + +/** Perform a key agreement and use the shared secret as input to a key + * derivation. + * + * A key agreement algorithm takes two inputs: a private key \p private_key + * a public key \p peer_key. + * The result of this function is passed as input to a key derivation. + * The output of this key derivation can be extracted by reading from the + * resulting operation to produce keys and other cryptographic material. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_key_derivation_abort(). + * + * \param[in,out] operation The key derivation operation object to use. + * It must have been set up with + * psa_key_derivation_setup() with a + * key agreement and derivation algorithm + * \c alg (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_KEY_AGREEMENT(\c alg) is true + * and #PSA_ALG_IS_RAW_KEY_AGREEMENT(\c alg) + * is false). + * The operation must be ready for an + * input of the type given by \p step. + * \param step Which step the input data is for. + * \param private_key Handle to the private key to use. + * \param[in] peer_key Public key of the peer. The peer key must be in the + * same format that psa_import_key() accepts for the + * public key type corresponding to the type of + * private_key. That is, this function performs the + * equivalent of + * #psa_import_key(..., + * `peer_key`, `peer_key_length`) where + * with key attributes indicating the public key + * type corresponding to the type of `private_key`. + * For example, for EC keys, this means that peer_key + * is interpreted as a point on the curve that the + * private key is on. The standard formats for public + * keys are documented in the documentation of + * psa_export_public_key(). + * \param peer_key_length Size of \p peer_key in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid for this key agreement \p step. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c private_key is not compatible with \c alg, + * or \p peer_key is not valid for \c alg or not compatible with + * \c private_key. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \c alg is not supported or is not a key derivation algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step does not allow an input resulting from a key agreement. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_key_agreement( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + psa_key_handle_t private_key, + const uint8_t *peer_key, + size_t peer_key_length); + +/** Read some data from a key derivation operation. + * + * This function calculates output bytes from a key derivation algorithm and + * return those bytes. + * If you view the key derivation's output as a stream of bytes, this + * function destructively reads the requested number of bytes from the + * stream. + * The operation's capacity decreases by the number of bytes read. + * + * If this function returns an error status other than + * #PSA_ERROR_INSUFFICIENT_DATA, the operation enters an error + * state and must be aborted by calling psa_key_derivation_abort(). + * + * \param[in,out] operation The key derivation operation object to read from. + * \param[out] output Buffer where the output will be written. + * \param output_length Number of bytes to output. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INSUFFICIENT_DATA + * The operation's capacity was less than + * \p output_length bytes. Note that in this case, + * no output is written to the output buffer. + * The operation's capacity is set to 0, thus + * subsequent calls to this function will not + * succeed, even with a smaller output buffer. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active and completed + * all required input steps). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_output_bytes( + psa_key_derivation_operation_t *operation, + uint8_t *output, + size_t output_length); + +/** Derive a key from an ongoing key derivation operation. + * + * This function calculates output bytes from a key derivation algorithm + * and uses those bytes to generate a key deterministically. + * The key's location, usage policy, type and size are taken from + * \p attributes. + * + * If you view the key derivation's output as a stream of bytes, this + * function destructively reads as many bytes as required from the + * stream. + * The operation's capacity decreases by the number of bytes read. + * + * If this function returns an error status other than + * #PSA_ERROR_INSUFFICIENT_DATA, the operation enters an error + * state and must be aborted by calling psa_key_derivation_abort(). + * + * How much output is produced and consumed from the operation, and how + * the key is derived, depends on the key type: + * + * - For key types for which the key is an arbitrary sequence of bytes + * of a given size, this function is functionally equivalent to + * calling #psa_key_derivation_output_bytes + * and passing the resulting output to #psa_import_key. + * However, this function has a security benefit: + * if the implementation provides an isolation boundary then + * the key material is not exposed outside the isolation boundary. + * As a consequence, for these key types, this function always consumes + * exactly (\p bits / 8) bytes from the operation. + * The following key types defined in this specification follow this scheme: + * + * - #PSA_KEY_TYPE_AES; + * - #PSA_KEY_TYPE_ARC4; + * - #PSA_KEY_TYPE_CAMELLIA; + * - #PSA_KEY_TYPE_DERIVE; + * - #PSA_KEY_TYPE_HMAC. + * + * - For ECC keys on a Montgomery elliptic curve + * (#PSA_KEY_TYPE_ECC_KEY_PAIR(\c curve) where \c curve designates a + * Montgomery curve), this function always draws a byte string whose + * length is determined by the curve, and sets the mandatory bits + * accordingly. That is: + * + * - #PSA_ECC_CURVE_CURVE25519: draw a 32-byte string + * and process it as specified in RFC 7748 §5. + * - #PSA_ECC_CURVE_CURVE448: draw a 56-byte string + * and process it as specified in RFC 7748 §5. + * + * - For key types for which the key is represented by a single sequence of + * \p bits bits with constraints as to which bit sequences are acceptable, + * this function draws a byte string of length (\p bits / 8) bytes rounded + * up to the nearest whole number of bytes. If the resulting byte string + * is acceptable, it becomes the key, otherwise the drawn bytes are discarded. + * This process is repeated until an acceptable byte string is drawn. + * The byte string drawn from the operation is interpreted as specified + * for the output produced by psa_export_key(). + * The following key types defined in this specification follow this scheme: + * + * - #PSA_KEY_TYPE_DES. + * Force-set the parity bits, but discard forbidden weak keys. + * For 2-key and 3-key triple-DES, the three keys are generated + * successively (for example, for 3-key triple-DES, + * if the first 8 bytes specify a weak key and the next 8 bytes do not, + * discard the first 8 bytes, use the next 8 bytes as the first key, + * and continue reading output from the operation to derive the other + * two keys). + * - Finite-field Diffie-Hellman keys (#PSA_KEY_TYPE_DH_KEY_PAIR(\c group) + * where \c group designates any Diffie-Hellman group) and + * ECC keys on a Weierstrass elliptic curve + * (#PSA_KEY_TYPE_ECC_KEY_PAIR(\c curve) where \c curve designates a + * Weierstrass curve). + * For these key types, interpret the byte string as integer + * in big-endian order. Discard it if it is not in the range + * [0, *N* - 2] where *N* is the boundary of the private key domain + * (the prime *p* for Diffie-Hellman, the subprime *q* for DSA, + * or the order of the curve's base point for ECC). + * Add 1 to the resulting integer and use this as the private key *x*. + * This method allows compliance to NIST standards, specifically + * the methods titled "key-pair generation by testing candidates" + * in NIST SP 800-56A §5.6.1.1.4 for Diffie-Hellman, + * in FIPS 186-4 §B.1.2 for DSA, and + * in NIST SP 800-56A §5.6.1.2.2 or + * FIPS 186-4 §B.4.2 for elliptic curve keys. + * + * - For other key types, including #PSA_KEY_TYPE_RSA_KEY_PAIR, + * the way in which the operation output is consumed is + * implementation-defined. + * + * In all cases, the data that is read is discarded from the operation. + * The operation's capacity is decreased by the number of bytes read. + * + * For algorithms that take an input step #PSA_KEY_DERIVATION_INPUT_SECRET, + * the input to that step must be provided with psa_key_derivation_input_key(). + * Future versions of this specification may include additional restrictions + * on the derived key based on the attributes and strength of the secret key. + * + * \param[in] attributes The attributes for the new key. + * \param[in,out] operation The key derivation operation object to read from. + * \param[out] handle On success, a handle to the newly created key. + * \c 0 on failure. + * + * \retval #PSA_SUCCESS + * Success. + * If the key is persistent, the key material and the key's metadata + * have been saved to persistent storage. + * \retval #PSA_ERROR_ALREADY_EXISTS + * This is an attempt to create a persistent key, and there is + * already a persistent key with the given identifier. + * \retval #PSA_ERROR_INSUFFICIENT_DATA + * There was not enough data to create the desired key. + * Note that in this case, no output is written to the output buffer. + * The operation's capacity is set to 0, thus subsequent calls to + * this function will not succeed, even with a smaller output buffer. + * \retval #PSA_ERROR_NOT_SUPPORTED + * The key type or key size is not supported, either by the + * implementation in general or in this particular location. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The provided key attributes are not valid for the operation. + * \retval #PSA_ERROR_NOT_PERMITTED + * The #PSA_KEY_DERIVATION_INPUT_SECRET input was not provided through + * a key. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active and completed + * all required input steps). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_output_key( + const psa_key_attributes_t *attributes, + psa_key_derivation_operation_t *operation, + psa_key_handle_t *handle); + +/** Abort a key derivation operation. + * + * Aborting an operation frees all associated resources except for the \c + * operation structure itself. Once aborted, the operation object can be reused + * for another operation by calling psa_key_derivation_setup() again. + * + * This function may be called at any time after the operation + * object has been initialized as described in #psa_key_derivation_operation_t. + * + * In particular, it is valid to call psa_key_derivation_abort() twice, or to + * call psa_key_derivation_abort() on an operation that has not been set up. + * + * \param[in,out] operation The operation to abort. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_abort( + psa_key_derivation_operation_t *operation); + +/** Perform a key agreement and return the raw shared secret. + * + * \warning The raw result of a key agreement algorithm such as finite-field + * Diffie-Hellman or elliptic curve Diffie-Hellman has biases and should + * not be used directly as key material. It should instead be passed as + * input to a key derivation algorithm. To chain a key agreement with + * a key derivation, use psa_key_derivation_key_agreement() and other + * functions from the key derivation interface. + * + * \param alg The key agreement algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_RAW_KEY_AGREEMENT(\p alg) + * is true). + * \param private_key Handle to the private key to use. + * \param[in] peer_key Public key of the peer. It must be + * in the same format that psa_import_key() + * accepts. The standard formats for public + * keys are documented in the documentation + * of psa_export_public_key(). + * \param peer_key_length Size of \p peer_key in bytes. + * \param[out] output Buffer where the decrypted message is to + * be written. + * \param output_size Size of the \c output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the returned output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p alg is not a key agreement algorithm + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p private_key is not compatible with \p alg, + * or \p peer_key is not valid for \p alg or not compatible with + * \p private_key. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p output_size is too small + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not a supported key agreement algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, + psa_key_handle_t private_key, + const uint8_t *peer_key, + size_t peer_key_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/**@}*/ + +/** \defgroup random Random generation + * @{ + */ + +/** + * \brief Generate random bytes. + * + * \warning This function **can** fail! Callers MUST check the return status + * and MUST NOT use the content of the output buffer if the return + * status is not #PSA_SUCCESS. + * + * \note To generate a key, use psa_generate_key() instead. + * + * \param[out] output Output buffer for the generated data. + * \param output_size Number of bytes to generate and output. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_generate_random(uint8_t *output, + size_t output_size); + +/** + * \brief Generate a key or key pair. + * + * The key is generated randomly. + * Its location, usage policy, type and size are taken from \p attributes. + * + * Implementations must reject an attempt to generate a key of size 0. + * + * The following type-specific considerations apply: + * - For RSA keys (#PSA_KEY_TYPE_RSA_KEY_PAIR), + * the public exponent is 65537. + * The modulus is a product of two probabilistic primes + * between 2^{n-1} and 2^n where n is the bit size specified in the + * attributes. + * + * \param[in] attributes The attributes for the new key. + * \param[out] handle On success, a handle to the newly created key. + * \c 0 on failure. + * + * \retval #PSA_SUCCESS + * Success. + * If the key is persistent, the key material and the key's metadata + * have been saved to persistent storage. + * \retval #PSA_ERROR_ALREADY_EXISTS + * This is an attempt to create a persistent key, and there is + * already a persistent key with the given identifier. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, + psa_key_handle_t *handle); + +/**@}*/ + +#ifdef __cplusplus +} +#endif + +/* The file "crypto_sizes.h" contains definitions for size calculation + * macros whose definitions are implementation-specific. */ +#include "psa/crypto_sizes.h" + +/* The file "crypto_struct.h" contains definitions for + * implementation-specific structs that are declared above. */ +#include "psa/crypto_struct.h" + +/* The file "crypto_extra.h" contains vendor-specific definitions. This + * can include vendor-defined algorithms, extra functions, etc. */ +#include "psa/crypto_extra.h" + +#endif /* PSA_CRYPTO_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_compat.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_compat.h new file mode 100644 index 0000000..518008b --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_compat.h @@ -0,0 +1,111 @@ +/** + * \file psa/crypto_compat.h + * + * \brief PSA cryptography module: Backward compatibility aliases + * + * This header declares alternative names for macro and functions. + * New application code should not use these names. + * These names may be removed in a future version of Mbed Crypto. + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + */ +/* + * Copyright (C) 2019-2020, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef PSA_CRYPTO_COMPAT_H +#define PSA_CRYPTO_COMPAT_H + +#ifdef __cplusplus +extern "C" { +#endif + +#if !defined(MBEDTLS_DEPRECATED_REMOVED) + +/* + * Mechanism for declaring deprecated values + */ +#if defined(MBEDTLS_DEPRECATED_WARNING) && !defined(MBEDTLS_PSA_DEPRECATED) +#define MBEDTLS_PSA_DEPRECATED __attribute__((deprecated)) +#else +#define MBEDTLS_PSA_DEPRECATED +#endif + +typedef MBEDTLS_PSA_DEPRECATED size_t mbedtls_deprecated_size_t; +typedef MBEDTLS_PSA_DEPRECATED psa_status_t mbedtls_deprecated_psa_status_t; +typedef MBEDTLS_PSA_DEPRECATED psa_key_usage_t mbedtls_deprecated_psa_key_usage_t; + +#define MBEDTLS_DEPRECATED_CONSTANT( type, value ) \ + ( (mbedtls_deprecated_##type) ( value ) ) + +/* + * Deprecated PSA Crypto error code definitions (PSA Crypto API <= 1.0 beta2) + */ +#define PSA_ERROR_UNKNOWN_ERROR \ + MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_GENERIC_ERROR ) +#define PSA_ERROR_OCCUPIED_SLOT \ + MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_ALREADY_EXISTS ) +#define PSA_ERROR_EMPTY_SLOT \ + MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_DOES_NOT_EXIST ) +#define PSA_ERROR_INSUFFICIENT_CAPACITY \ + MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_INSUFFICIENT_DATA ) +#define PSA_ERROR_TAMPERING_DETECTED \ + MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_CORRUPTION_DETECTED ) + +/* + * Deprecated PSA Crypto numerical encodings (PSA Crypto API <= 1.0 beta3) + */ +#define PSA_KEY_USAGE_SIGN \ + MBEDTLS_DEPRECATED_CONSTANT( psa_key_usage_t, PSA_KEY_USAGE_SIGN_HASH ) +#define PSA_KEY_USAGE_VERIFY \ + MBEDTLS_DEPRECATED_CONSTANT( psa_key_usage_t, PSA_KEY_USAGE_VERIFY_HASH ) + +/* + * Deprecated PSA Crypto size calculation macros (PSA Crypto API <= 1.0 beta3) + */ +#define PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE \ + MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_SIGNATURE_MAX_SIZE ) +#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ) \ + MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ) ) + +/* + * Deprecated PSA Crypto function names (PSA Crypto API <= 1.0 beta3) + */ +MBEDTLS_PSA_DEPRECATED psa_status_t psa_asymmetric_sign( psa_key_handle_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length ); + +MBEDTLS_PSA_DEPRECATED psa_status_t psa_asymmetric_verify( psa_key_handle_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length ); + +#endif /* MBEDTLS_DEPRECATED_REMOVED */ + +#ifdef __cplusplus +} +#endif + +#endif /* PSA_CRYPTO_COMPAT_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_extra.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_extra.h new file mode 100644 index 0000000..33c9c05 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_extra.h @@ -0,0 +1,57 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +/** + * \file psa/crypto_extra.h + * + * \brief PSA cryptography module: vendor extensions + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + * + * This file is reserved for vendor-specific definitions. + */ + +#ifndef PSA_CRYPTO_EXTRA_H +#define PSA_CRYPTO_EXTRA_H + +#include "psa/crypto_compat.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** \brief Declare the enrollment algorithm for a key. + * + * An operation on a key may indifferently use the algorithm set with + * psa_set_key_algorithm() or with this function. + * + * \param[out] attributes The attribute structure to write to. + * \param alg2 A second algorithm that the key may be used + * for, in addition to the algorithm set with + * psa_set_key_algorithm(). + * + * \warning Setting an enrollment algorithm is not recommended, because + * using the same key with different algorithms can allow some + * attacks based on arithmetic relations between different + * computations made with the same key, or can escalate harmless + * side channels into exploitable ones. Use this function only + * if it is necessary to support a protocol for which it has been + * verified that the usage of the key with multiple algorithms + * is safe. + */ +static inline void psa_set_key_enrollment_algorithm( + psa_key_attributes_t *attributes, + psa_algorithm_t alg2) +{ + attributes->core.policy.alg2 = alg2; +} + +#ifdef __cplusplus +} +#endif + +#endif /* PSA_CRYPTO_EXTRA_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_platform.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_platform.h new file mode 100644 index 0000000..c3120e4 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_platform.h @@ -0,0 +1,51 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +/** + * \file psa/crypto_platform.h + * + * \brief PSA cryptography module: Mbed TLS platform definitions + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + * + * This file contains platform-dependent type definitions. + * + * In implementations with isolation between the application and the + * cryptography module, implementers should take care to ensure that + * the definitions that are exposed to applications match what the + * module implements. + */ + +#ifndef PSA_CRYPTO_PLATFORM_H +#define PSA_CRYPTO_PLATFORM_H + +/* PSA requires several types which C99 provides in stdint.h. */ +#include + +/* Integral type representing a key handle. */ +typedef uint16_t psa_key_handle_t; + +/* This implementation distinguishes *application key identifiers*, which + * are the key identifiers specified by the application, from + * *key file identifiers*, which are the key identifiers that the library + * sees internally. The two types can be different if there is a remote + * call layer between the application and the library which supports + * multiple client applications that do not have access to each others' + * keys. The point of having different types is that the key file + * identifier may encode not only the key identifier specified by the + * application, but also the the identity of the application. + * + * Note that this is an internal concept of the library and the remote + * call layer. The application itself never sees anything other than + * #psa_app_key_id_t with its standard definition. + */ + +/* The application key identifier is always what the application sees as + * #psa_key_id_t. */ +typedef uint32_t psa_app_key_id_t; + +#endif /* PSA_CRYPTO_PLATFORM_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_sizes.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_sizes.h new file mode 100644 index 0000000..4f67501 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_sizes.h @@ -0,0 +1,650 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +/** + * \file psa/crypto_sizes.h + * + * \brief PSA cryptography module: Mbed TLS buffer size macros + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + * + * This file contains the definitions of macros that are useful to + * compute buffer sizes. The signatures and semantics of these macros + * are standardized, but the definitions are not, because they depend on + * the available algorithms and, in some cases, on permitted tolerances + * on buffer sizes. + * + * In implementations with isolation between the application and the + * cryptography module, implementers should take care to ensure that + * the definitions that are exposed to applications match what the + * module implements. + * + * Macros that compute sizes whose values do not depend on the + * implementation are in crypto.h. + */ + +#ifndef PSA_CRYPTO_SIZES_H +#define PSA_CRYPTO_SIZES_H + +#define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8) +#define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8) + +#define PSA_ROUND_UP_TO_MULTIPLE(block_size, length) \ + (((length) + (block_size) - 1) / (block_size) * (block_size)) + +/** The size of the output of psa_hash_finish(), in bytes. + * + * This is also the hash size that psa_hash_verify() expects. + * + * \param alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p alg) is true), or an HMAC algorithm + * (#PSA_ALG_HMAC(\c hash_alg) where \c hash_alg is a + * hash algorithm). + * + * \return The hash size for the specified hash algorithm. + * If the hash algorithm is not recognized, return 0. + * An implementation may return either 0 or the correct size + * for a hash algorithm that it recognizes, but does not support. + */ +#define PSA_HASH_SIZE(alg) \ + ( \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 16 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \ + 0) + +/** \def PSA_HASH_MAX_SIZE + * + * Maximum size of a hash. + * + * This macro must expand to a compile-time constant integer. This value + * should be the maximum size of a hash supported by the implementation, + * in bytes, and must be no smaller than this maximum. + */ +/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-226, + * 136 bytes for HMAC-SHA3-256, 104 bytes for SHA3-384, 72 bytes for + * HMAC-SHA3-512. */ +#define PSA_HASH_MAX_SIZE 64 +#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128 + +/** \def PSA_MAC_MAX_SIZE + * + * Maximum size of a MAC. + * + * This macro must expand to a compile-time constant integer. This value + * should be the maximum size of a MAC supported by the implementation, + * in bytes, and must be no smaller than this maximum. + */ +/* All non-HMAC MACs have a maximum size that's smaller than the + * minimum possible value of PSA_HASH_MAX_SIZE in this implementation. */ +/* Note that the encoding of truncated MAC algorithms limits this value + * to 64 bytes. + */ +#define PSA_MAC_MAX_SIZE PSA_HASH_MAX_SIZE + +/** The tag size for an AEAD algorithm, in bytes. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \return The tag size for the specified algorithm. + * If the AEAD algorithm does not have an identified + * tag that can be distinguished from the rest of + * the ciphertext, return 0. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. + */ +#define PSA_AEAD_TAG_LENGTH(alg) \ + (PSA_ALG_IS_AEAD(alg) ? \ + (((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET) : \ + 0) + +/* The maximum size of an RSA key on this implementation, in bits. + * This is a vendor-specific macro. + * + * Mbed TLS does not set a hard limit on the size of RSA keys: any key + * whose parameters fit in a bignum is accepted. However large keys can + * induce a large memory usage and long computation times. Unlike other + * auxiliary macros in this file and in crypto.h, which reflect how the + * library is configured, this macro defines how the library is + * configured. This implementation refuses to import or generate an + * RSA key whose size is larger than the value defined here. + * + * Note that an implementation may set different size limits for different + * operations, and does not need to accept all key sizes up to the limit. */ +#define PSA_VENDOR_RSA_MAX_KEY_BITS 4096 + +/* The maximum size of an ECC key on this implementation, in bits. + * This is a vendor-specific macro. */ +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 521 + +/** Bit size associated with an elliptic curve. + * + * \param curve An elliptic curve (value of type #psa_ecc_curve_t). + * + * \return The size associated with \p curve, in bits. + * This may be 0 if the implementation does not support + * the specified curve. + */ +#define PSA_ECC_CURVE_BITS(curve) \ + ((curve) == PSA_ECC_CURVE_SECT163K1 ? 163 : \ + (curve) == PSA_ECC_CURVE_SECT163R1 ? 163 : \ + (curve) == PSA_ECC_CURVE_SECT163R2 ? 163 : \ + (curve) == PSA_ECC_CURVE_SECT193R1 ? 193 : \ + (curve) == PSA_ECC_CURVE_SECT193R2 ? 193 : \ + (curve) == PSA_ECC_CURVE_SECT233K1 ? 233 : \ + (curve) == PSA_ECC_CURVE_SECT233R1 ? 233 : \ + (curve) == PSA_ECC_CURVE_SECT239K1 ? 239 : \ + (curve) == PSA_ECC_CURVE_SECT283K1 ? 283 : \ + (curve) == PSA_ECC_CURVE_SECT283R1 ? 283 : \ + (curve) == PSA_ECC_CURVE_SECT409K1 ? 409 : \ + (curve) == PSA_ECC_CURVE_SECT409R1 ? 409 : \ + (curve) == PSA_ECC_CURVE_SECT571K1 ? 571 : \ + (curve) == PSA_ECC_CURVE_SECT571R1 ? 571 : \ + (curve) == PSA_ECC_CURVE_SECP160K1 ? 160 : \ + (curve) == PSA_ECC_CURVE_SECP160R1 ? 160 : \ + (curve) == PSA_ECC_CURVE_SECP160R2 ? 160 : \ + (curve) == PSA_ECC_CURVE_SECP192K1 ? 192 : \ + (curve) == PSA_ECC_CURVE_SECP192R1 ? 192 : \ + (curve) == PSA_ECC_CURVE_SECP224K1 ? 224 : \ + (curve) == PSA_ECC_CURVE_SECP224R1 ? 224 : \ + (curve) == PSA_ECC_CURVE_SECP256K1 ? 256 : \ + (curve) == PSA_ECC_CURVE_SECP256R1 ? 256 : \ + (curve) == PSA_ECC_CURVE_SECP384R1 ? 384 : \ + (curve) == PSA_ECC_CURVE_SECP521R1 ? 521 : \ + (curve) == PSA_ECC_CURVE_BRAINPOOL_P256R1 ? 256 : \ + (curve) == PSA_ECC_CURVE_BRAINPOOL_P384R1 ? 384 : \ + (curve) == PSA_ECC_CURVE_BRAINPOOL_P512R1 ? 512 : \ + (curve) == PSA_ECC_CURVE_CURVE25519 ? 255 : \ + (curve) == PSA_ECC_CURVE_CURVE448 ? 448 : \ + 0) + +/** \def PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN + * + * This macro returns the maximum length of the PSK supported + * by the TLS-1.2 PSK-to-MS key derivation. + * + * Quoting RFC 4279, Sect 5.3: + * TLS implementations supporting these ciphersuites MUST support + * arbitrary PSK identities up to 128 octets in length, and arbitrary + * PSKs up to 64 octets in length. Supporting longer identities and + * keys is RECOMMENDED. + * + * Therefore, no implementation should define a value smaller than 64 + * for #PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN. + */ +#define PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN 128 + +/** The maximum size of a block cipher supported by the implementation. */ +#define PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE 16 + +/** The size of the output of psa_mac_sign_finish(), in bytes. + * + * This is also the MAC size that psa_mac_verify_finish() expects. + * + * \param key_type The type of the MAC key. + * \param key_bits The size of the MAC key in bits. + * \param alg A MAC algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_MAC(\p alg) is true). + * + * \return The MAC size for the specified algorithm with + * the specified key parameters. + * \return 0 if the MAC algorithm is not recognized. + * \return Either 0 or the correct size for a MAC algorithm that + * the implementation recognizes, but does not support. + * \return Unspecified if the key parameters are not consistent + * with the algorithm. + */ +#define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \ + ((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) : \ + PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_GET_HASH(alg)) : \ + PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \ + ((void)(key_type), (void)(key_bits), 0)) + +/** The maximum size of the output of psa_aead_encrypt(), in bytes. + * + * If the size of the ciphertext buffer is at least this large, it is + * guaranteed that psa_aead_encrypt() will not fail due to an + * insufficient buffer size. Depending on the algorithm, the actual size of + * the ciphertext may be smaller. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * \param plaintext_length Size of the plaintext in bytes. + * + * \return The AEAD ciphertext size for the specified + * algorithm. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. + */ +#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) \ + (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \ + (plaintext_length) + PSA_AEAD_TAG_LENGTH(alg) : \ + 0) + +/** The maximum size of the output of psa_aead_decrypt(), in bytes. + * + * If the size of the plaintext buffer is at least this large, it is + * guaranteed that psa_aead_decrypt() will not fail due to an + * insufficient buffer size. Depending on the algorithm, the actual size of + * the plaintext may be smaller. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * \param ciphertext_length Size of the plaintext in bytes. + * + * \return The AEAD ciphertext size for the specified + * algorithm. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. + */ +#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \ + (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \ + (ciphertext_length) - PSA_AEAD_TAG_LENGTH(alg) : \ + 0) + +/** A sufficient output buffer size for psa_aead_update(). + * + * If the size of the output buffer is at least this large, it is + * guaranteed that psa_aead_update() will not fail due to an + * insufficient buffer size. The actual size of the output may be smaller + * in any given call. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * \param input_length Size of the input in bytes. + * + * \return A sufficient output buffer size for the specified + * algorithm. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. + */ +/* For all the AEAD modes defined in this specification, it is possible + * to emit output without delay. However, hardware may not always be + * capable of this. So for modes based on a block cipher, allow the + * implementation to delay the output until it has a full block. */ +#define PSA_AEAD_UPDATE_OUTPUT_SIZE(alg, input_length) \ + (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_ROUND_UP_TO_MULTIPLE(PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE, (input_length)) : \ + (input_length)) + +/** A sufficient ciphertext buffer size for psa_aead_finish(). + * + * If the size of the ciphertext buffer is at least this large, it is + * guaranteed that psa_aead_finish() will not fail due to an + * insufficient ciphertext buffer size. The actual size of the output may + * be smaller in any given call. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \return A sufficient ciphertext buffer size for the + * specified algorithm. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. + */ +#define PSA_AEAD_FINISH_OUTPUT_SIZE(alg) \ + (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE : \ + 0) + +/** A sufficient plaintext buffer size for psa_aead_verify(). + * + * If the size of the plaintext buffer is at least this large, it is + * guaranteed that psa_aead_verify() will not fail due to an + * insufficient plaintext buffer size. The actual size of the output may + * be smaller in any given call. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \return A sufficient plaintext buffer size for the + * specified algorithm. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. + */ +#define PSA_AEAD_VERIFY_OUTPUT_SIZE(alg) \ + (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE : \ + 0) + +#define PSA_RSA_MINIMUM_PADDING_SIZE(alg) \ + (PSA_ALG_IS_RSA_OAEP(alg) ? \ + 2 * PSA_HASH_SIZE(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 : \ + 11 /*PKCS#1v1.5*/) + +/** + * \brief ECDSA signature size for a given curve bit size + * + * \param curve_bits Curve size in bits. + * \return Signature size in bytes. + * + * \note This macro returns a compile-time constant if its argument is one. + */ +#define PSA_ECDSA_SIGNATURE_SIZE(curve_bits) \ + (PSA_BITS_TO_BYTES(curve_bits) * 2) + +/** Sufficient signature buffer size for psa_sign_hash(). + * + * This macro returns a sufficient buffer size for a signature using a key + * of the specified type and size, with the specified algorithm. + * Note that the actual size of the signature may be smaller + * (some algorithms produce a variable-size signature). + * + * \warning This function may call its arguments multiple times or + * zero times, so you should not pass arguments that contain + * side effects. + * + * \param key_type An asymmetric key type (this may indifferently be a + * key pair type or a public key type). + * \param key_bits The size of the key in bits. + * \param alg The signature algorithm. + * + * \return If the parameters are valid and supported, return + * a buffer size in bytes that guarantees that + * psa_sign_hash() will not fail with + * #PSA_ERROR_BUFFER_TOO_SMALL. + * If the parameters are a valid combination that is not supported + * by the implementation, this macro shall return either a + * sensible size or 0. + * If the parameters are not valid, the + * return value is unspecified. + */ +#define PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \ + (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ + PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \ + ((void)alg, 0)) + +#define PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE \ + PSA_ECDSA_SIGNATURE_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) + +/** \def PSA_SIGNATURE_MAX_SIZE + * + * Maximum size of an asymmetric signature. + * + * This macro must expand to a compile-time constant integer. This value + * should be the maximum size of a signature supported by the implementation, + * in bytes, and must be no smaller than this maximum. + */ +#define PSA_SIGNATURE_MAX_SIZE \ + (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) > PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE ? \ + PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) : \ + PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE) + +/** Sufficient output buffer size for psa_asymmetric_encrypt(). + * + * This macro returns a sufficient buffer size for a ciphertext produced using + * a key of the specified type and size, with the specified algorithm. + * Note that the actual size of the ciphertext may be smaller, depending + * on the algorithm. + * + * \warning This function may call its arguments multiple times or + * zero times, so you should not pass arguments that contain + * side effects. + * + * \param key_type An asymmetric key type (this may indifferently be a + * key pair type or a public key type). + * \param key_bits The size of the key in bits. + * \param alg The signature algorithm. + * + * \return If the parameters are valid and supported, return + * a buffer size in bytes that guarantees that + * psa_asymmetric_encrypt() will not fail with + * #PSA_ERROR_BUFFER_TOO_SMALL. + * If the parameters are a valid combination that is not supported + * by the implementation, this macro shall return either a + * sensible size or 0. + * If the parameters are not valid, the + * return value is unspecified. + */ +#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ + (PSA_KEY_TYPE_IS_RSA(key_type) ? \ + ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ + 0) + +/** Sufficient output buffer size for psa_asymmetric_decrypt(). + * + * This macro returns a sufficient buffer size for a ciphertext produced using + * a key of the specified type and size, with the specified algorithm. + * Note that the actual size of the ciphertext may be smaller, depending + * on the algorithm. + * + * \warning This function may call its arguments multiple times or + * zero times, so you should not pass arguments that contain + * side effects. + * + * \param key_type An asymmetric key type (this may indifferently be a + * key pair type or a public key type). + * \param key_bits The size of the key in bits. + * \param alg The signature algorithm. + * + * \return If the parameters are valid and supported, return + * a buffer size in bytes that guarantees that + * psa_asymmetric_decrypt() will not fail with + * #PSA_ERROR_BUFFER_TOO_SMALL. + * If the parameters are a valid combination that is not supported + * by the implementation, this macro shall return either a + * sensible size or 0. + * If the parameters are not valid, the + * return value is unspecified. + */ +#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ + (PSA_KEY_TYPE_IS_RSA(key_type) ? \ + PSA_BITS_TO_BYTES(key_bits) - PSA_RSA_MINIMUM_PADDING_SIZE(alg) : \ + 0) + +/* Maximum size of the ASN.1 encoding of an INTEGER with the specified + * number of bits. + * + * This definition assumes that bits <= 2^19 - 9 so that the length field + * is at most 3 bytes. The length of the encoding is the length of the + * bit string padded to a whole number of bytes plus: + * - 1 type byte; + * - 1 to 3 length bytes; + * - 0 to 1 bytes of leading 0 due to the sign bit. + */ +#define PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(bits) \ + ((bits) / 8 + 5) + +/* Maximum size of the export encoding of an RSA public key. + * Assumes that the public exponent is less than 2^32. + * + * RSAPublicKey ::= SEQUENCE { + * modulus INTEGER, -- n + * publicExponent INTEGER } -- e + * + * - 4 bytes of SEQUENCE overhead; + * - n : INTEGER; + * - 7 bytes for the public exponent. + */ +#define PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) \ + (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) + 11) + +/* Maximum size of the export encoding of an RSA key pair. + * Assumes thatthe public exponent is less than 2^32 and that the size + * difference between the two primes is at most 1 bit. + * + * RSAPrivateKey ::= SEQUENCE { + * version Version, -- 0 + * modulus INTEGER, -- N-bit + * publicExponent INTEGER, -- 32-bit + * privateExponent INTEGER, -- N-bit + * prime1 INTEGER, -- N/2-bit + * prime2 INTEGER, -- N/2-bit + * exponent1 INTEGER, -- N/2-bit + * exponent2 INTEGER, -- N/2-bit + * coefficient INTEGER, -- N/2-bit + * } + * + * - 4 bytes of SEQUENCE overhead; + * - 3 bytes of version; + * - 7 half-size INTEGERs plus 2 full-size INTEGERs, + * overapproximated as 9 half-size INTEGERS; + * - 7 bytes for the public exponent. + */ +#define PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits) \ + (9 * PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE((key_bits) / 2 + 1) + 14) + +/* Maximum size of the export encoding of a DSA public key. + * + * SubjectPublicKeyInfo ::= SEQUENCE { + * algorithm AlgorithmIdentifier, + * subjectPublicKey BIT STRING } -- contains DSAPublicKey + * AlgorithmIdentifier ::= SEQUENCE { + * algorithm OBJECT IDENTIFIER, + * parameters Dss-Parms } -- SEQUENCE of 3 INTEGERs + * DSAPublicKey ::= INTEGER -- public key, Y + * + * - 3 * 4 bytes of SEQUENCE overhead; + * - 1 + 1 + 7 bytes of algorithm (DSA OID); + * - 4 bytes of BIT STRING overhead; + * - 3 full-size INTEGERs (p, g, y); + * - 1 + 1 + 32 bytes for 1 sub-size INTEGER (q <= 256 bits). + */ +#define PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) \ + (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3 + 59) + +/* Maximum size of the export encoding of a DSA key pair. + * + * DSAPrivateKey ::= SEQUENCE { + * version Version, -- 0 + * prime INTEGER, -- p + * subprime INTEGER, -- q + * generator INTEGER, -- g + * public INTEGER, -- y + * private INTEGER, -- x + * } + * + * - 4 bytes of SEQUENCE overhead; + * - 3 bytes of version; + * - 3 full-size INTEGERs (p, g, y); + * - 2 * (1 + 1 + 32) bytes for 2 sub-size INTEGERs (q, x <= 256 bits). + */ +#define PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits) \ + (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3 + 75) + +/* Maximum size of the export encoding of an ECC public key. + * + * The representation of an ECC public key is: + * - The byte 0x04; + * - `x_P` as a `ceiling(m/8)`-byte string, big-endian; + * - `y_P` as a `ceiling(m/8)`-byte string, big-endian; + * - where m is the bit size associated with the curve. + * + * - 1 byte + 2 * point size. + */ +#define PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) \ + (2 * PSA_BITS_TO_BYTES(key_bits) + 1) + +/* Maximum size of the export encoding of an ECC key pair. + * + * An ECC key pair is represented by the secret value. + */ +#define PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) \ + (PSA_BITS_TO_BYTES(key_bits)) + +/** Sufficient output buffer size for psa_export_key() or psa_export_public_key(). + * + * This macro returns a compile-time constant if its arguments are + * compile-time constants. + * + * \warning This function may call its arguments multiple times or + * zero times, so you should not pass arguments that contain + * side effects. + * + * The following code illustrates how to allocate enough memory to export + * a key by querying the key type and size at runtime. + * \code{c} + * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + * psa_status_t status; + * status = psa_get_key_attributes(key, &attributes); + * if (status != PSA_SUCCESS) handle_error(...); + * psa_key_type_t key_type = psa_get_key_type(&attributes); + * size_t key_bits = psa_get_key_bits(&attributes); + * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits); + * psa_reset_key_attributes(&attributes); + * uint8_t *buffer = malloc(buffer_size); + * if (buffer == NULL) handle_error(...); + * size_t buffer_length; + * status = psa_export_key(key, buffer, buffer_size, &buffer_length); + * if (status != PSA_SUCCESS) handle_error(...); + * \endcode + * + * For psa_export_public_key(), calculate the buffer size from the + * public key type. You can use the macro #PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR + * to convert a key pair type to the corresponding public key type. + * \code{c} + * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + * psa_status_t status; + * status = psa_get_key_attributes(key, &attributes); + * if (status != PSA_SUCCESS) handle_error(...); + * psa_key_type_t key_type = psa_get_key_type(&attributes); + * psa_key_type_t public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(key_type); + * size_t key_bits = psa_get_key_bits(&attributes); + * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(public_key_type, key_bits); + * psa_reset_key_attributes(&attributes); + * uint8_t *buffer = malloc(buffer_size); + * if (buffer == NULL) handle_error(...); + * size_t buffer_length; + * status = psa_export_public_key(key, buffer, buffer_size, &buffer_length); + * if (status != PSA_SUCCESS) handle_error(...); + * \endcode + * + * \param key_type A supported key type. + * \param key_bits The size of the key in bits. + * + * \return If the parameters are valid and supported, return + * a buffer size in bytes that guarantees that + * psa_sign_hash() will not fail with + * #PSA_ERROR_BUFFER_TOO_SMALL. + * If the parameters are a valid combination that is not supported + * by the implementation, this macro shall return either a + * sensible size or 0. + * If the parameters are not valid, the + * return value is unspecified. + */ +#define PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits) \ + (PSA_KEY_TYPE_IS_UNSTRUCTURED(key_type) ? PSA_BITS_TO_BYTES(key_bits) : \ + (key_type) == PSA_KEY_TYPE_RSA_KEY_PAIR ? PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits) : \ + (key_type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY ? PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \ + (key_type) == PSA_KEY_TYPE_DSA_KEY_PAIR ? PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits) : \ + (key_type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY ? PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \ + PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type) ? PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) : \ + PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \ + 0) + +#endif /* PSA_CRYPTO_SIZES_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_struct.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_struct.h new file mode 100644 index 0000000..403a734 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_struct.h @@ -0,0 +1,301 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +/** + * \file psa/crypto_struct.h + * + * \brief PSA cryptography module: structured type implementations + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + * + * This file contains the definitions of some data structures with + * implementation-specific definitions. + * + * In implementations with isolation between the application and the + * cryptography module, it is expected that the front-end and the back-end + * would have different versions of this file. + */ + +#ifndef PSA_CRYPTO_STRUCT_H +#define PSA_CRYPTO_STRUCT_H + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * Note that the below structures are different from the decalrations in + * mbed-crypto. This is because TF-M maintains 'front-end' and 'back-end' + * versions of this header. In the front-end version, exported to NS + * clients in interface/include/psa, a crypto operation is defined as an + * opaque handle to a context in the Crypto service. The back-end + * version, directly included from the mbed-crypto repo by the Crypto + * service, contains the full definition of the operation structs. + * + * One of the functions of the Crypto service is to allocate the back-end + * operation contexts in its own partition memory (in crypto_alloc.c), + * and then do the mapping between front-end operation handles passed by + * NS clients and the corresponding back-end operation contexts. The + * advantage of doing it this way is that internal mbed-crypto state is never + * exposed to the NS client. + */ + +struct psa_hash_operation_s +{ + uint32_t handle; +}; + +#define PSA_HASH_OPERATION_INIT {0} +static inline struct psa_hash_operation_s psa_hash_operation_init( void ) +{ + const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT; + return( v ); +} + +struct psa_mac_operation_s +{ + uint32_t handle; +}; + +#define PSA_MAC_OPERATION_INIT {0} +static inline struct psa_mac_operation_s psa_mac_operation_init( void ) +{ + const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT; + return( v ); +} + +struct psa_cipher_operation_s +{ + uint32_t handle; +}; + +#define PSA_CIPHER_OPERATION_INIT {0} +static inline struct psa_cipher_operation_s psa_cipher_operation_init( void ) +{ + const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT; + return( v ); +} + +struct psa_aead_operation_s +{ + uint32_t handle; +}; + +#define PSA_AEAD_OPERATION_INIT {0} +static inline struct psa_aead_operation_s psa_aead_operation_init( void ) +{ + const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT; + return( v ); +} + +struct psa_key_derivation_s +{ + uint32_t handle; +}; + +#define PSA_KEY_DERIVATION_OPERATION_INIT {0} +static inline struct psa_key_derivation_s psa_key_derivation_operation_init( void ) +{ + const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT; + return( v ); +} + +struct psa_key_policy_s +{ + psa_key_usage_t usage; + psa_algorithm_t alg; + psa_algorithm_t alg2; +}; +typedef struct psa_key_policy_s psa_key_policy_t; + +#define PSA_KEY_POLICY_INIT {0, 0, 0} +static inline struct psa_key_policy_s psa_key_policy_init( void ) +{ + const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT; + return( v ); +} + +/* The type used internally for key sizes. + * Public interfaces use size_t, but internally we use a smaller type. */ +typedef uint16_t psa_key_bits_t; +/* The maximum value of the type used to represent bit-sizes. + * This is used to mark an invalid key size. */ +#define PSA_KEY_BITS_TOO_LARGE ( (psa_key_bits_t) ( -1 ) ) +/* The maximum size of a key in bits. + * Currently defined as the maximum that can be represented, rounded down + * to a whole number of bytes. + * This is an uncast value so that it can be used in preprocessor + * conditionals. */ +#define PSA_MAX_KEY_BITS 0xfff8 + +/** A mask of flags that can be stored in key attributes. + * + * This type is also used internally to store flags in slots. Internal + * flags are defined in library/psa_crypto_core.h. Internal flags may have + * the same value as external flags if they are properly handled during + * key creation and in psa_get_key_attributes. + */ +typedef uint16_t psa_key_attributes_flag_t; + +#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER \ + ( (psa_key_attributes_flag_t) 0x0001 ) + +/* A mask of key attribute flags used externally only. + * Only meant for internal checks inside the library. */ +#define MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ( \ + MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER | \ + 0 ) + +/* A mask of key attribute flags used both internally and externally. + * Currently there aren't any. */ +#define MBEDTLS_PSA_KA_MASK_DUAL_USE ( \ + 0 ) + +typedef struct +{ + psa_key_type_t type; + psa_key_lifetime_t lifetime; + psa_key_id_t id; + psa_key_policy_t policy; + psa_key_bits_t bits; + psa_key_attributes_flag_t flags; +} psa_core_key_attributes_t; + +#define PSA_CORE_KEY_ATTRIBUTES_INIT {0, 0, PSA_KEY_ID_INIT, PSA_KEY_POLICY_INIT, 0, 0} + +struct psa_key_attributes_s +{ + psa_core_key_attributes_t core; +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + psa_key_slot_number_t slot_number; +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + void *domain_parameters; + size_t domain_parameters_size; +}; + +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) +#define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, 0, NULL, 0} +#else +#define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0} +#endif + +static inline struct psa_key_attributes_s psa_key_attributes_init( void ) +{ + const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT; + return( v ); +} + +static inline void psa_set_key_id(psa_key_attributes_t *attributes, + psa_key_id_t id) +{ + attributes->core.id = id; + if( attributes->core.lifetime == PSA_KEY_LIFETIME_VOLATILE ) + attributes->core.lifetime = PSA_KEY_LIFETIME_PERSISTENT; +} + +static inline psa_key_id_t psa_get_key_id( + const psa_key_attributes_t *attributes) +{ + return( attributes->core.id ); +} + +static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, + psa_key_lifetime_t lifetime) +{ + attributes->core.lifetime = lifetime; + if( lifetime == PSA_KEY_LIFETIME_VOLATILE ) + { +#ifdef MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER + attributes->core.id.key_id = 0; + attributes->core.id.owner = 0; +#else + attributes->core.id = 0; +#endif + } +} + +static inline psa_key_lifetime_t psa_get_key_lifetime( + const psa_key_attributes_t *attributes) +{ + return( attributes->core.lifetime ); +} + +static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes, + psa_key_usage_t usage_flags) +{ + attributes->core.policy.usage = usage_flags; +} + +static inline psa_key_usage_t psa_get_key_usage_flags( + const psa_key_attributes_t *attributes) +{ + return( attributes->core.policy.usage ); +} + +static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes, + psa_algorithm_t alg) +{ + attributes->core.policy.alg = alg; +} + +static inline psa_algorithm_t psa_get_key_algorithm( + const psa_key_attributes_t *attributes) +{ + return( attributes->core.policy.alg ); +} + +/* This function is declared in crypto_extra.h, which comes after this + * header file, but we need the function here, so repeat the declaration. */ +psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, + psa_key_type_t type, + const uint8_t *data, + size_t data_length); + +static inline void psa_set_key_type(psa_key_attributes_t *attributes, + psa_key_type_t type) +{ + if( attributes->domain_parameters == NULL ) + { + /* Common case: quick path */ + attributes->core.type = type; + } + else + { + /* Call the bigger function to free the old domain paramteres. + * Ignore any errors which may arise due to type requiring + * non-default domain parameters, since this function can't + * report errors. */ + (void) psa_set_key_domain_parameters( attributes, type, NULL, 0 ); + } +} + +static inline psa_key_type_t psa_get_key_type( + const psa_key_attributes_t *attributes) +{ + return( attributes->core.type ); +} + +static inline void psa_set_key_bits(psa_key_attributes_t *attributes, + size_t bits) +{ + if( bits > PSA_MAX_KEY_BITS ) + attributes->core.bits = PSA_KEY_BITS_TOO_LARGE; + else + attributes->core.bits = (psa_key_bits_t) bits; +} + +static inline size_t psa_get_key_bits( + const psa_key_attributes_t *attributes) +{ + return( attributes->core.bits ); +} + +#ifdef __cplusplus +} +#endif + +#endif /* PSA_CRYPTO_STRUCT_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_types.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_types.h new file mode 100644 index 0000000..690999f --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_types.h @@ -0,0 +1,313 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +/** + * \file psa/crypto_types.h + * + * \brief PSA cryptography module: type aliases. + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. Drivers must include the appropriate driver + * header file. + * + * This file contains portable definitions of integral types for properties + * of cryptographic keys, designations of cryptographic algorithms, and + * error codes returned by the library. + * + * This header file does not declare any function. + */ + +#ifndef PSA_CRYPTO_TYPES_H +#define PSA_CRYPTO_TYPES_H + +#include + +/** \defgroup error Error codes + * @{ + */ + +/** + * \brief Function return status. + * + * This is either #PSA_SUCCESS (which is zero), indicating success, + * or a small negative value indicating that an error occurred. Errors are + * encoded as one of the \c PSA_ERROR_xxx values defined here. */ +/* If #PSA_SUCCESS is already defined, it means that #psa_status_t + * is also defined in an external header, so prevent its multiple + * definition. + */ +#ifndef PSA_SUCCESS +typedef int32_t psa_status_t; +#endif + +/**@}*/ + +/** \defgroup crypto_types Key and algorithm types + * @{ + */ + +/** \brief Encoding of a key type. + */ +typedef uint32_t psa_key_type_t; + +/** The type of PSA elliptic curve identifiers. + * + * The curve identifier is required to create an ECC key using the + * PSA_KEY_TYPE_ECC_KEY_PAIR() or PSA_KEY_TYPE_ECC_PUBLIC_KEY() + * macros. + * + * The encoding of curve identifiers is taken from the + * TLS Supported Groups Registry (formerly known as the + * TLS EC Named Curve Registry) + * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 + * + * This specification defines identifiers for some of the curves in the IANA + * registry. Implementations that support other curves that are in the IANA + * registry should use the IANA value and a implementation-specific identifier. + * Implemenations that support non-IANA curves should use one of the following + * approaches for allocating a key type: + * + * 1. Select a ::psa_ecc_curve_t value in the range #PSA_ECC_CURVE_VENDOR_MIN to + * #PSA_ECC_CURVE_VENDOR_MAX, which is a subset of the IANA private use + * range. + * 2. Use a ::psa_key_type_t value that is vendor-defined. + * + * The first option is recommended. + */ +typedef uint16_t psa_ecc_curve_t; + +/** The type of PSA Diffie-Hellman group identifiers. + * + * The group identifier is required to create an Diffie-Hellman key using the + * PSA_KEY_TYPE_DH_KEY_PAIR() or PSA_KEY_TYPE_DH_PUBLIC_KEY() + * macros. + * + * The encoding of group identifiers is taken from the + * TLS Supported Groups Registry (formerly known as the + * TLS EC Named Curve Registry) + * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 + * + * This specification defines identifiers for some of the groups in the IANA + * registry. Implementations that support other groups that are in the IANA + * registry should use the IANA value and a implementation-specific identifier. + * Implemenations that support non-IANA groups should use one of the following + * approaches for allocating a key type: + * + * 1. Select a ::psa_dh_group_t value in the range #PSA_DH_GROUP_VENDOR_MIN to + * #PSA_DH_GROUP_VENDOR_MAX, which is a subset of the IANA private use + * range. + * 2. Select a ::psa_dh_group_t value from the named groups allocated for + * GREASE in the IETF draft specification. The GREASE specification and + * values are listed below. + * 3. Use a ::psa_key_type_t value that is vendor-defined. + * + * Option 1 or 2 are recommended. + * + * The current draft of the GREASE specification is + * https://datatracker.ietf.org/doc/draft-ietf-tls-grease + * + * The following GREASE values are allocated for named groups: + * \code + * 0x0A0A + * 0x1A1A + * 0x2A2A + * 0x3A3A + * 0x4A4A + * 0x5A5A + * 0x6A6A + * 0x7A7A + * 0x8A8A + * 0x9A9A + * 0xAAAA + * 0xBABA + * 0xCACA + * 0xDADA + * 0xEAEA + * 0xFAFA + * \endcode + */ +typedef uint16_t psa_dh_group_t; + +/** \brief Encoding of a cryptographic algorithm. + * + * For algorithms that can be applied to multiple key types, this type + * does not encode the key type. For example, for symmetric ciphers + * based on a block cipher, #psa_algorithm_t encodes the block cipher + * mode and the padding mode while the block cipher itself is encoded + * via #psa_key_type_t. + */ +typedef uint32_t psa_algorithm_t; + +/**@}*/ + +/** \defgroup key_lifetimes Key lifetimes + * @{ + */ + +/** Encoding of key lifetimes. + * + * The lifetime of a key indicates where it is stored and what system actions + * may create and destroy it. + * + * Keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE are automatically + * destroyed when the application terminates or on a power reset. + * + * Keys with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE are said + * to be _persistent_. + * Persistent keys are preserved if the application or the system restarts. + * Persistent keys have a key identifier of type #psa_key_id_t. + * The application can call psa_open_key() to open a persistent key that + * it created previously. + */ +typedef uint32_t psa_key_lifetime_t; + +/** Encoding of identifiers of persistent keys. + * + * - Applications may freely choose key identifiers in the range + * #PSA_KEY_ID_USER_MIN to #PSA_KEY_ID_USER_MAX. + * - Implementations may define additional key identifiers in the range + * #PSA_KEY_ID_VENDOR_MIN to #PSA_KEY_ID_VENDOR_MAX. + * - 0 is reserved as an invalid key identifier. + * - Key identifiers outside these ranges are reserved for future use. + */ +typedef uint32_t psa_key_id_t; +#define PSA_KEY_ID_INIT 0 + +/**@}*/ + +/** \defgroup policy Key policies + * @{ + */ + +/** \brief Encoding of permitted usage on a key. */ +typedef uint32_t psa_key_usage_t; + +/**@}*/ + +/** \defgroup attributes Key attributes + * @{ + */ + +/** The type of a structure containing key attributes. + * + * This is an opaque structure that can represent the metadata of a key + * object. Metadata that can be stored in attributes includes: + * - The location of the key in storage, indicated by its key identifier + * and its lifetime. + * - The key's policy, comprising usage flags and a specification of + * the permitted algorithm(s). + * - Information about the key itself: the key type and its size. + * - Implementations may define additional attributes. + * + * The actual key material is not considered an attribute of a key. + * Key attributes do not contain information that is generally considered + * highly confidential. + * + * An attribute structure can be a simple data structure where each function + * `psa_set_key_xxx` sets a field and the corresponding function + * `psa_get_key_xxx` retrieves the value of the corresponding field. + * However, implementations may report values that are equivalent to the + * original one, but have a different encoding. For example, an + * implementation may use a more compact representation for types where + * many bit-patterns are invalid or not supported, and store all values + * that it does not support as a special marker value. In such an + * implementation, after setting an invalid value, the corresponding + * get function returns an invalid value which may not be the one that + * was originally stored. + * + * An attribute structure may contain references to auxiliary resources, + * for example pointers to allocated memory or indirect references to + * pre-calculated values. In order to free such resources, the application + * must call psa_reset_key_attributes(). As an exception, calling + * psa_reset_key_attributes() on an attribute structure is optional if + * the structure has only been modified by the following functions + * since it was initialized or last reset with psa_reset_key_attributes(): + * - psa_set_key_id() + * - psa_set_key_lifetime() + * - psa_set_key_type() + * - psa_set_key_bits() + * - psa_set_key_usage_flags() + * - psa_set_key_algorithm() + * + * Before calling any function on a key attribute structure, the application + * must initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_key_attributes_t attributes; + * memset(&attributes, 0, sizeof(attributes)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_key_attributes_t attributes = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_KEY_ATTRIBUTES_INIT, + * for example: + * \code + * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + * \endcode + * - Assign the result of the function psa_key_attributes_init() + * to the structure, for example: + * \code + * psa_key_attributes_t attributes; + * attributes = psa_key_attributes_init(); + * \endcode + * + * A freshly initialized attribute structure contains the following + * values: + * + * - lifetime: #PSA_KEY_LIFETIME_VOLATILE. + * - key identifier: 0 (which is not a valid key identifier). + * - type: \c 0 (meaning that the type is unspecified). + * - key size: \c 0 (meaning that the size is unspecified). + * - usage flags: \c 0 (which allows no usage except exporting a public key). + * - algorithm: \c 0 (which allows no cryptographic usage, but allows + * exporting). + * + * A typical sequence to create a key is as follows: + * -# Create and initialize an attribute structure. + * -# If the key is persistent, call psa_set_key_id(). + * Also call psa_set_key_lifetime() to place the key in a non-default + * location. + * -# Set the key policy with psa_set_key_usage_flags() and + * psa_set_key_algorithm(). + * -# Set the key type with psa_set_key_type(). + * Skip this step if copying an existing key with psa_copy_key(). + * -# When generating a random key with psa_generate_key() or deriving a key + * with psa_key_derivation_output_key(), set the desired key size with + * psa_set_key_bits(). + * -# Call a key creation function: psa_import_key(), psa_generate_key(), + * psa_key_derivation_output_key() or psa_copy_key(). This function reads + * the attribute structure, creates a key with these attributes, and + * outputs a handle to the newly created key. + * -# The attribute structure is now no longer necessary. + * You may call psa_reset_key_attributes(), although this is optional + * with the workflow presented here because the attributes currently + * defined in this specification do not require any additional resources + * beyond the structure itself. + * + * A typical sequence to query a key's attributes is as follows: + * -# Call psa_get_key_attributes(). + * -# Call `psa_get_key_xxx` functions to retrieve the attribute(s) that + * you are interested in. + * -# Call psa_reset_key_attributes() to free any resources that may be + * used by the attribute structure. + * + * Once a key has been created, it is impossible to change its attributes. + */ +typedef struct psa_key_attributes_s psa_key_attributes_t; + +/**@}*/ + +/** \defgroup derivation Key derivation + * @{ + */ + +/** \brief Encoding of the step of a key derivation. */ +typedef uint16_t psa_key_derivation_step_t; + +/**@}*/ + +#endif /* PSA_CRYPTO_TYPES_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_values.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_values.h new file mode 100644 index 0000000..7fde073 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_values.h @@ -0,0 +1,1701 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +/** + * \file psa/crypto_values.h + * + * \brief PSA cryptography module: macros to build and analyze integer values. + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. Drivers must include the appropriate driver + * header file. + * + * This file contains portable definitions of macros to build and analyze + * values of integral types that encode properties of cryptographic keys, + * designations of cryptographic algorithms, and error codes returned by + * the library. + * + * This header file only defines preprocessor macros. + */ + +#ifndef PSA_CRYPTO_VALUES_H +#define PSA_CRYPTO_VALUES_H + +/** \defgroup error Error codes + * @{ + */ + +/* PSA error codes */ + +/** The action was completed successfully. */ +#ifndef PSA_SUCCESS +#define PSA_SUCCESS ((psa_status_t)0) +#endif + +/** An error occurred that does not correspond to any defined + * failure cause. + * + * Implementations may use this error code if none of the other standard + * error codes are applicable. */ +#define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132) + +/** The requested operation or a parameter is not supported + * by this implementation. + * + * Implementations should return this error code when an enumeration + * parameter such as a key type, algorithm, etc. is not recognized. + * If a combination of parameters is recognized and identified as + * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */ +#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134) + +/** The requested action is denied by a policy. + * + * Implementations should return this error code when the parameters + * are recognized as valid and supported, and a policy explicitly + * denies the requested operation. + * + * If a subset of the parameters of a function call identify a + * forbidden operation, and another subset of the parameters are + * not valid or not supported, it is unspecified whether the function + * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or + * #PSA_ERROR_INVALID_ARGUMENT. */ +#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133) + +/** An output buffer is too small. + * + * Applications can call the \c PSA_xxx_SIZE macro listed in the function + * description to determine a sufficient buffer size. + * + * Implementations should preferably return this error code only + * in cases when performing the operation with a larger output + * buffer would succeed. However implementations may return this + * error if a function has invalid or unsupported parameters in addition + * to the parameters that determine the necessary output buffer size. */ +#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138) + +/** Asking for an item that already exists + * + * Implementations should return this error, when attempting + * to write an item (like a key) that already exists. */ +#define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139) + +/** Asking for an item that doesn't exist + * + * Implementations should return this error, if a requested item (like + * a key) does not exist. */ +#define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140) + +/** The requested action cannot be performed in the current state. + * + * Multipart operations return this error when one of the + * functions is called out of sequence. Refer to the function + * descriptions for permitted sequencing of functions. + * + * Implementations shall not return this error code to indicate + * that a key either exists or not, + * but shall instead return #PSA_ERROR_ALREADY_EXISTS or #PSA_ERROR_DOES_NOT_EXIST + * as applicable. + * + * Implementations shall not return this error code to indicate that a + * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE + * instead. */ +#define PSA_ERROR_BAD_STATE ((psa_status_t)-137) + +/** The parameters passed to the function are invalid. + * + * Implementations may return this error any time a parameter or + * combination of parameters are recognized as invalid. + * + * Implementations shall not return this error code to indicate that a + * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE + * instead. + */ +#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135) + +/** There is not enough runtime memory. + * + * If the action is carried out across multiple security realms, this + * error can refer to available memory in any of the security realms. */ +#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141) + +/** There is not enough persistent storage. + * + * Functions that modify the key storage return this error code if + * there is insufficient storage space on the host media. In addition, + * many functions that do not otherwise access storage may return this + * error code if the implementation requires a mandatory log entry for + * the requested action and the log storage space is full. */ +#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142) + +/** There was a communication failure inside the implementation. + * + * This can indicate a communication failure between the application + * and an external cryptoprocessor or between the cryptoprocessor and + * an external volatile or persistent memory. A communication failure + * may be transient or permanent depending on the cause. + * + * \warning If a function returns this error, it is undetermined + * whether the requested action has completed or not. Implementations + * should return #PSA_SUCCESS on successful completion whenever + * possible, however functions may return #PSA_ERROR_COMMUNICATION_FAILURE + * if the requested action was completed successfully in an external + * cryptoprocessor but there was a breakdown of communication before + * the cryptoprocessor could report the status to the application. + */ +#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145) + +/** There was a storage failure that may have led to data loss. + * + * This error indicates that some persistent storage is corrupted. + * It should not be used for a corruption of volatile memory + * (use #PSA_ERROR_CORRUPTION_DETECTED), for a communication error + * between the cryptoprocessor and its external storage (use + * #PSA_ERROR_COMMUNICATION_FAILURE), or when the storage is + * in a valid state but is full (use #PSA_ERROR_INSUFFICIENT_STORAGE). + * + * Note that a storage failure does not indicate that any data that was + * previously read is invalid. However this previously read data may no + * longer be readable from storage. + * + * When a storage failure occurs, it is no longer possible to ensure + * the global integrity of the keystore. Depending on the global + * integrity guarantees offered by the implementation, access to other + * data may or may not fail even if the data is still readable but + * its integrity cannot be guaranteed. + * + * Implementations should only use this error code to report a + * permanent storage corruption. However application writers should + * keep in mind that transient errors while reading the storage may be + * reported using this error code. */ +#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146) + +/** A hardware failure was detected. + * + * A hardware failure may be transient or permanent depending on the + * cause. */ +#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147) + +/** A tampering attempt was detected. + * + * If an application receives this error code, there is no guarantee + * that previously accessed or computed data was correct and remains + * confidential. Applications should not perform any security function + * and should enter a safe failure state. + * + * Implementations may return this error code if they detect an invalid + * state that cannot happen during normal operation and that indicates + * that the implementation's security guarantees no longer hold. Depending + * on the implementation architecture and on its security and safety goals, + * the implementation may forcibly terminate the application. + * + * This error code is intended as a last resort when a security breach + * is detected and it is unsure whether the keystore data is still + * protected. Implementations shall only return this error code + * to report an alarm from a tampering detector, to indicate that + * the confidentiality of stored data can no longer be guaranteed, + * or to indicate that the integrity of previously returned data is now + * considered compromised. Implementations shall not use this error code + * to indicate a hardware failure that merely makes it impossible to + * perform the requested operation (use #PSA_ERROR_COMMUNICATION_FAILURE, + * #PSA_ERROR_STORAGE_FAILURE, #PSA_ERROR_HARDWARE_FAILURE, + * #PSA_ERROR_INSUFFICIENT_ENTROPY or other applicable error code + * instead). + * + * This error indicates an attack against the application. Implementations + * shall not return this error code as a consequence of the behavior of + * the application itself. */ +#define PSA_ERROR_CORRUPTION_DETECTED ((psa_status_t)-151) + +/** There is not enough entropy to generate random data needed + * for the requested action. + * + * This error indicates a failure of a hardware random generator. + * Application writers should note that this error can be returned not + * only by functions whose purpose is to generate random data, such + * as key, IV or nonce generation, but also by functions that execute + * an algorithm with a randomized result, as well as functions that + * use randomization of intermediate computations as a countermeasure + * to certain attacks. + * + * Implementations should avoid returning this error after psa_crypto_init() + * has succeeded. Implementations should generate sufficient + * entropy during initialization and subsequently use a cryptographically + * secure pseudorandom generator (PRNG). However implementations may return + * this error at any time if a policy requires the PRNG to be reseeded + * during normal operation. */ +#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)-148) + +/** The signature, MAC or hash is incorrect. + * + * Verification functions return this error if the verification + * calculations completed successfully, and the value to be verified + * was determined to be incorrect. + * + * If the value to verify has an invalid size, implementations may return + * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */ +#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) + +/** The decrypted padding is incorrect. + * + * \warning In some protocols, when decrypting data, it is essential that + * the behavior of the application does not depend on whether the padding + * is correct, down to precise timing. Applications should prefer + * protocols that use authenticated encryption rather than plain + * encryption. If the application must perform a decryption of + * unauthenticated data, the application writer should take care not + * to reveal whether the padding is invalid. + * + * Implementations should strive to make valid and invalid padding + * as close as possible to indistinguishable to an external observer. + * In particular, the timing of a decryption operation should not + * depend on the validity of the padding. */ +#define PSA_ERROR_INVALID_PADDING ((psa_status_t)-150) + +/** Return this error when there's insufficient data when attempting + * to read from a resource. */ +#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143) + +/** The key handle is not valid. See also :ref:\`key-handles\`. + */ +#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136) + +/**@}*/ + +/** \defgroup crypto_types Key and algorithm types + * @{ + */ + +/** An invalid key type value. + * + * Zero is not the encoding of any key type. + */ +#define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x00000000) + +/** Vendor-defined key type flag. + * + * Key types defined by this standard will never have the + * #PSA_KEY_TYPE_VENDOR_FLAG bit set. Vendors who define additional key types + * must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should + * respect the bitwise structure used by standard encodings whenever practical. + */ +#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000) + +#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x70000000) +#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x40000000) +#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x50000000) +#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x60000000) +#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x70000000) + +#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x10000000) + +/** Whether a key type is vendor-defined. + * + * See also #PSA_KEY_TYPE_VENDOR_FLAG. + */ +#define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \ + (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0) + +/** Whether a key type is an unstructured array of bytes. + * + * This encompasses both symmetric keys and non-key data. + */ +#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \ + PSA_KEY_TYPE_CATEGORY_SYMMETRIC) + +/** Whether a key type is asymmetric: either a key pair or a public key. */ +#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK \ + & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \ + PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) +/** Whether a key type is the public part of a key pair. */ +#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) +/** Whether a key type is a key pair containing a private part and a public + * part. */ +#define PSA_KEY_TYPE_IS_KEY_PAIR(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR) +/** The key pair type corresponding to a public key type. + * + * You may also pass a key pair type as \p type, it will be left unchanged. + * + * \param type A public key type or key pair type. + * + * \return The corresponding key pair type. + * If \p type is not a public key or a key pair, + * the return value is undefined. + */ +#define PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type) \ + ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) +/** The public key type corresponding to a key pair type. + * + * You may also pass a key pair type as \p type, it will be left unchanged. + * + * \param type A public key type or key pair type. + * + * \return The corresponding public key type. + * If \p type is not a public key or a key pair, + * the return value is undefined. + */ +#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) \ + ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) + +/** Raw data. + * + * A "key" of this type cannot be used for any cryptographic operation. + * Applications may use this type to store arbitrary data in the keystore. */ +#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x50000001) + +/** HMAC key. + * + * The key policy determines which underlying hash algorithm the key can be + * used for. + * + * HMAC keys should generally have the same size as the underlying hash. + * This size can be calculated with #PSA_HASH_SIZE(\c alg) where + * \c alg is the HMAC algorithm or the underlying hash algorithm. */ +#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x51000000) + +/** A secret for key derivation. + * + * The key policy determines which key derivation algorithm the key + * can be used for. + */ +#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x52000000) + +/** Key for a cipher, AEAD or MAC algorithm based on the AES block cipher. + * + * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or + * 32 bytes (AES-256). + */ +#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x40000001) + +/** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES). + * + * The size of the key can be 8 bytes (single DES), 16 bytes (2-key 3DES) or + * 24 bytes (3-key 3DES). + * + * Note that single DES and 2-key 3DES are weak and strongly + * deprecated and should only be used to decrypt legacy data. 3-key 3DES + * is weak and deprecated and should only be used in legacy protocols. + */ +#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x40000002) + +/** Key for a cipher, AEAD or MAC algorithm based on the + * Camellia block cipher. */ +#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x40000003) + +/** Key for the RC4 stream cipher. + * + * Note that RC4 is weak and deprecated and should only be used in + * legacy protocols. */ +#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x40000004) + +/** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm. + * + * ChaCha20 and the ChaCha20_Poly1305 construction are defined in RFC 7539. + * + * Implementations must support 12-byte nonces, may support 8-byte nonces, + * and should reject other sizes. + */ +#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x40000005) + +/** RSA public key. */ +#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000) +/** RSA key pair (private and public key). */ +#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x70010000) +/** Whether a key type is an RSA key (pair or public-only). */ +#define PSA_KEY_TYPE_IS_RSA(type) \ + (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) + +#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000) +#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x70030000) +#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) +/** Elliptic curve key pair. + * + * \param curve A value of type ::psa_ecc_curve_t that identifies the + * ECC curve to be used. + */ +#define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) \ + (PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve)) +/** Elliptic curve public key. + * + * \param curve A value of type ::psa_ecc_curve_t that identifies the + * ECC curve to be used. + */ +#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \ + (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve)) + +/** Whether a key type is an elliptic curve key (pair or public-only). */ +#define PSA_KEY_TYPE_IS_ECC(type) \ + ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \ + ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) +/** Whether a key type is an elliptic curve key pair. */ +#define PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type) \ + (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ + PSA_KEY_TYPE_ECC_KEY_PAIR_BASE) +/** Whether a key type is an elliptic curve public key. */ +#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \ + (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ + PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) + +/** Extract the curve from an elliptic curve key type. */ +#define PSA_KEY_TYPE_GET_CURVE(type) \ + ((psa_ecc_curve_t) (PSA_KEY_TYPE_IS_ECC(type) ? \ + ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \ + 0)) + +/* The encoding of curve identifiers is currently aligned with the + * TLS Supported Groups Registry (formerly known as the + * TLS EC Named Curve Registry) + * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 + * The values are defined by RFC 8422 and RFC 7027. */ +#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x0001) +#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x0002) +#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x0003) +#define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t) 0x0004) +#define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t) 0x0005) +#define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t) 0x0006) +#define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t) 0x0007) +#define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t) 0x0008) +#define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t) 0x0009) +#define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t) 0x000a) +#define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t) 0x000b) +#define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t) 0x000c) +#define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t) 0x000d) +#define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t) 0x000e) +#define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x000f) +#define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t) 0x0010) +#define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t) 0x0011) +#define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x0012) +#define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t) 0x0013) +#define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x0014) +#define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t) 0x0015) +#define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t) 0x0016) +#define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t) 0x0017) +#define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t) 0x0018) +#define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t) 0x0019) +#define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x001a) +#define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x001b) +#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c) +/** Curve25519. + * + * This is the curve defined in Bernstein et al., + * _Curve25519: new Diffie-Hellman speed records_, LNCS 3958, 2006. + * The algorithm #PSA_ALG_ECDH performs X25519 when used with this curve. + */ +#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d) +/** Curve448 + * + * This is the curve defined in Hamburg, + * _Ed448-Goldilocks, a new elliptic curve_, NIST ECC Workshop, 2015. + * The algorithm #PSA_ALG_ECDH performs X448 when used with this curve. + */ +#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e) + +/** Minimum value for a vendor-defined ECC curve identifier + * + * The range for vendor-defined curve identifiers is a subset of the IANA + * registry private use range, `0xfe00` - `0xfeff`. + */ +#define PSA_ECC_CURVE_VENDOR_MIN ((psa_ecc_curve_t) 0xfe00) +/** Maximum value for a vendor-defined ECC curve identifier + * + * The range for vendor-defined curve identifiers is a subset of the IANA + * registry private use range, `0xfe00` - `0xfeff`. + */ +#define PSA_ECC_CURVE_VENDOR_MAX ((psa_ecc_curve_t) 0xfe7f) + +#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x60040000) +#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x70040000) +#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x0000ffff) +/** Diffie-Hellman key pair. + * + * \param group A value of type ::psa_dh_group_t that identifies the + * Diffie-Hellman group to be used. + */ +#define PSA_KEY_TYPE_DH_KEY_PAIR(group) \ + (PSA_KEY_TYPE_DH_KEY_PAIR_BASE | (group)) +/** Diffie-Hellman public key. + * + * \param group A value of type ::psa_dh_group_t that identifies the + * Diffie-Hellman group to be used. + */ +#define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \ + (PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE | (group)) + +/** Whether a key type is a Diffie-Hellman key (pair or public-only). */ +#define PSA_KEY_TYPE_IS_DH(type) \ + ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \ + ~PSA_KEY_TYPE_DH_GROUP_MASK) == PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE) +/** Whether a key type is a Diffie-Hellman key pair. */ +#define PSA_KEY_TYPE_IS_DH_KEY_PAIR(type) \ + (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \ + PSA_KEY_TYPE_DH_KEY_PAIR_BASE) +/** Whether a key type is a Diffie-Hellman public key. */ +#define PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) \ + (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \ + PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE) + +/** Extract the group from a Diffie-Hellman key type. */ +#define PSA_KEY_TYPE_GET_GROUP(type) \ + ((psa_dh_group_t) (PSA_KEY_TYPE_IS_DH(type) ? \ + ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \ + 0)) + +/* The encoding of group identifiers is currently aligned with the + * TLS Supported Groups Registry (formerly known as the + * TLS EC Named Curve Registry) + * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 + * The values are defined by RFC 7919. */ +#define PSA_DH_GROUP_FFDHE2048 ((psa_dh_group_t) 0x0100) +#define PSA_DH_GROUP_FFDHE3072 ((psa_dh_group_t) 0x0101) +#define PSA_DH_GROUP_FFDHE4096 ((psa_dh_group_t) 0x0102) +#define PSA_DH_GROUP_FFDHE6144 ((psa_dh_group_t) 0x0103) +#define PSA_DH_GROUP_FFDHE8192 ((psa_dh_group_t) 0x0104) + +/** Minimum value for a vendor-defined Diffie Hellman group identifier + * + * The range for vendor-defined group identifiers is a subset of the IANA + * registry private use range, `0x01fc` - `0x01ff`. + */ +#define PSA_DH_GROUP_VENDOR_MIN ((psa_dh_group_t) 0x01fc) +/** Maximum value for a vendor-defined Diffie Hellman group identifier + * + * The range for vendor-defined group identifiers is a subset of the IANA + * registry private use range, `0x01fc` - `0x01ff`. + */ +#define PSA_DH_GROUP_VENDOR_MAX ((psa_dh_group_t) 0x01fd) + +/** The block size of a block cipher. + * + * \param type A cipher key type (value of type #psa_key_type_t). + * + * \return The block size for a block cipher, or 1 for a stream cipher. + * The return value is undefined if \p type is not a supported + * cipher key type. + * + * \note It is possible to build stream cipher algorithms on top of a block + * cipher, for example CTR mode (#PSA_ALG_CTR). + * This macro only takes the key type into account, so it cannot be + * used to determine the size of the data that #psa_cipher_update() + * might buffer for future processing in general. + * + * \note This macro returns a compile-time constant if its argument is one. + * + * \warning This macro may evaluate its argument multiple times. + */ +#define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \ + ( \ + (type) == PSA_KEY_TYPE_AES ? 16 : \ + (type) == PSA_KEY_TYPE_DES ? 8 : \ + (type) == PSA_KEY_TYPE_CAMELLIA ? 16 : \ + (type) == PSA_KEY_TYPE_ARC4 ? 1 : \ + (type) == PSA_KEY_TYPE_CHACHA20 ? 1 : \ + 0) + +/** Vendor-defined algorithm flag. + * + * Algorithms defined by this standard will never have the #PSA_ALG_VENDOR_FLAG + * bit set. Vendors who define additional algorithms must use an encoding with + * the #PSA_ALG_VENDOR_FLAG bit set and should respect the bitwise structure + * used by standard encodings whenever practical. + */ +#define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000) + +#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000) +#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000) +#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x02000000) +#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000) +#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x06000000) +#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x10000000) +#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000) +#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x20000000) +#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x30000000) + +/** Whether an algorithm is vendor-defined. + * + * See also #PSA_ALG_VENDOR_FLAG. + */ +#define PSA_ALG_IS_VENDOR_DEFINED(alg) \ + (((alg) & PSA_ALG_VENDOR_FLAG) != 0) + +/** Whether the specified algorithm is a hash algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a hash algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_HASH(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH) + +/** Whether the specified algorithm is a MAC algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a MAC algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_MAC(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC) + +/** Whether the specified algorithm is a symmetric cipher algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a symmetric cipher algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_CIPHER(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER) + +/** Whether the specified algorithm is an authenticated encryption + * with associated data (AEAD) algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is an AEAD algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_AEAD(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD) + +/** Whether the specified algorithm is a public-key signature algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a public-key signature algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_SIGN(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN) + +/** Whether the specified algorithm is a public-key encryption algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a public-key encryption algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION) + +/** Whether the specified algorithm is a key agreement algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a key agreement algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_KEY_AGREEMENT(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT) + +/** Whether the specified algorithm is a key derivation algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a key derivation algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_KEY_DERIVATION(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION) + +#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) +/** MD2 */ +#define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001) +/** MD4 */ +#define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002) +/** MD5 */ +#define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003) +/** PSA_ALG_RIPEMD160 */ +#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004) +/** SHA1 */ +#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005) +/** SHA2-224 */ +#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008) +/** SHA2-256 */ +#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009) +/** SHA2-384 */ +#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a) +/** SHA2-512 */ +#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b) +/** SHA2-512/224 */ +#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c) +/** SHA2-512/256 */ +#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d) +/** SHA3-224 */ +#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010) +/** SHA3-256 */ +#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011) +/** SHA3-384 */ +#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012) +/** SHA3-512 */ +#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013) + +/** In a hash-and-sign algorithm policy, allow any hash algorithm. + * + * This value may be used to form the algorithm usage field of a policy + * for a signature algorithm that is parametrized by a hash. The key + * may then be used to perform operations using the same signature + * algorithm parametrized with any supported hash. + * + * That is, suppose that `PSA_xxx_SIGNATURE` is one of the following macros: + * - #PSA_ALG_RSA_PKCS1V15_SIGN, #PSA_ALG_RSA_PSS, + * - #PSA_ALG_ECDSA, #PSA_ALG_DETERMINISTIC_ECDSA. + * Then you may create and use a key as follows: + * - Set the key usage field using #PSA_ALG_ANY_HASH, for example: + * ``` + * psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); // or VERIFY + * psa_set_key_algorithm(&attributes, PSA_xxx_SIGNATURE(PSA_ALG_ANY_HASH)); + * ``` + * - Import or generate key material. + * - Call psa_sign_hash() or psa_verify_hash(), passing + * an algorithm built from `PSA_xxx_SIGNATURE` and a specific hash. Each + * call to sign or verify a message may use a different hash. + * ``` + * psa_sign_hash(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_256), ...); + * psa_sign_hash(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_512), ...); + * psa_sign_hash(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA3_256), ...); + * ``` + * + * This value may not be used to build other algorithms that are + * parametrized over a hash. For any valid use of this macro to build + * an algorithm \c alg, #PSA_ALG_IS_HASH_AND_SIGN(\c alg) is true. + * + * This value may not be used to build an algorithm specification to + * perform an operation. It is only valid to build policies. + */ +#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x010000ff) + +#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) +#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000) +/** Macro to build an HMAC algorithm. + * + * For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * + * \return The corresponding HMAC algorithm. + * \return Unspecified if \p hash_alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_HMAC(hash_alg) \ + (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) + +#define PSA_ALG_HMAC_GET_HASH(hmac_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK)) + +/** Whether the specified algorithm is an HMAC algorithm. + * + * HMAC is a family of MAC algorithms that are based on a hash function. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is an HMAC algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_HMAC(alg) \ + (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ + PSA_ALG_HMAC_BASE) + +/* In the encoding of a MAC algorithm, the bits corresponding to + * PSA_ALG_MAC_TRUNCATION_MASK encode the length to which the MAC is + * truncated. As an exception, the value 0 means the untruncated algorithm, + * whatever its length is. The length is encoded in 6 bits, so it can + * reach up to 63; the largest MAC is 64 bytes so its trivial truncation + * to full length is correctly encoded as 0 and any non-trivial truncation + * is correctly encoded as a value between 1 and 63. */ +#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x00003f00) +#define PSA_MAC_TRUNCATION_OFFSET 8 + +/** Macro to build a truncated MAC algorithm. + * + * A truncated MAC algorithm is identical to the corresponding MAC + * algorithm except that the MAC value for the truncated algorithm + * consists of only the first \p mac_length bytes of the MAC value + * for the untruncated algorithm. + * + * \note This macro may allow constructing algorithm identifiers that + * are not valid, either because the specified length is larger + * than the untruncated MAC or because the specified length is + * smaller than permitted by the implementation. + * + * \note It is implementation-defined whether a truncated MAC that + * is truncated to the same length as the MAC of the untruncated + * algorithm is considered identical to the untruncated algorithm + * for policy comparison purposes. + * + * \param mac_alg A MAC algorithm identifier (value of type + * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) + * is true). This may be a truncated or untruncated + * MAC algorithm. + * \param mac_length Desired length of the truncated MAC in bytes. + * This must be at most the full length of the MAC + * and must be at least an implementation-specified + * minimum. The implementation-specified minimum + * shall not be zero. + * + * \return The corresponding MAC algorithm with the specified + * length. + * \return Unspecified if \p alg is not a supported + * MAC algorithm or if \p mac_length is too small or + * too large for the specified MAC algorithm. + */ +#define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \ + (((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) | \ + ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK)) + +/** Macro to build the base MAC algorithm corresponding to a truncated + * MAC algorithm. + * + * \param mac_alg A MAC algorithm identifier (value of type + * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) + * is true). This may be a truncated or untruncated + * MAC algorithm. + * + * \return The corresponding base MAC algorithm. + * \return Unspecified if \p alg is not a supported + * MAC algorithm. + */ +#define PSA_ALG_FULL_LENGTH_MAC(mac_alg) \ + ((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) + +/** Length to which a MAC algorithm is truncated. + * + * \param mac_alg A MAC algorithm identifier (value of type + * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) + * is true). + * + * \return Length of the truncated MAC in bytes. + * \return 0 if \p alg is a non-truncated MAC algorithm. + * \return Unspecified if \p alg is not a supported + * MAC algorithm. + */ +#define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \ + (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET) + +#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000) +/** The CBC-MAC construction over a block cipher + * + * \warning CBC-MAC is insecure in many cases. + * A more secure mode, such as #PSA_ALG_CMAC, is recommended. + */ +#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001) +/** The CMAC construction over a block cipher */ +#define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002) + +/** Whether the specified algorithm is a MAC algorithm based on a block cipher. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a MAC algorithm based on a block cipher, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \ + (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ + PSA_ALG_CIPHER_MAC_BASE) + +#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000) +#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) + +/** Whether the specified algorithm is a stream cipher. + * + * A stream cipher is a symmetric cipher that encrypts or decrypts messages + * by applying a bitwise-xor with a stream of bytes that is generated + * from a key. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a stream cipher algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier or if it is not a symmetric cipher algorithm. + */ +#define PSA_ALG_IS_STREAM_CIPHER(alg) \ + (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \ + (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG)) + +/** The ARC4 stream cipher algorithm. + */ +#define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800001) + +/** The ChaCha20 stream cipher. + * + * ChaCha20 is defined in RFC 7539. + * + * The nonce size for psa_cipher_set_iv() or psa_cipher_generate_iv() + * must be 12. + * + * The initial block counter is always 0. + * + */ +#define PSA_ALG_CHACHA20 ((psa_algorithm_t)0x04800005) + +/** The CTR stream cipher mode. + * + * CTR is a stream cipher which is built from a block cipher. + * The underlying block cipher is determined by the key type. + * For example, to use AES-128-CTR, use this algorithm with + * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes). + */ +#define PSA_ALG_CTR ((psa_algorithm_t)0x04c00001) + +/** The CFB stream cipher mode. + * + * The underlying block cipher is determined by the key type. + */ +#define PSA_ALG_CFB ((psa_algorithm_t)0x04c00002) + +/** The OFB stream cipher mode. + * + * The underlying block cipher is determined by the key type. + */ +#define PSA_ALG_OFB ((psa_algorithm_t)0x04c00003) + +/** The XTS cipher mode. + * + * XTS is a cipher mode which is built from a block cipher. It requires at + * least one full block of input, but beyond this minimum the input + * does not need to be a whole number of blocks. + */ +#define PSA_ALG_XTS ((psa_algorithm_t)0x044000ff) + +/** The CBC block cipher chaining mode, with no padding. + * + * The underlying block cipher is determined by the key type. + * + * This symmetric cipher mode can only be used with messages whose lengths + * are whole number of blocks for the chosen block cipher. + */ +#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04600100) + +/** The CBC block cipher chaining mode with PKCS#7 padding. + * + * The underlying block cipher is determined by the key type. + * + * This is the padding method defined by PKCS#7 (RFC 2315) §10.3. + */ +#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04600101) + +#define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) + +/** Whether the specified algorithm is an AEAD mode on a block cipher. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is an AEAD algorithm which is an AEAD mode based on + * a block cipher, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) \ + (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) == \ + (PSA_ALG_CATEGORY_AEAD | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) + +/** The CCM authenticated encryption algorithm. + * + * The underlying block cipher is determined by the key type. + */ +#define PSA_ALG_CCM ((psa_algorithm_t)0x06401001) + +/** The GCM authenticated encryption algorithm. + * + * The underlying block cipher is determined by the key type. + */ +#define PSA_ALG_GCM ((psa_algorithm_t)0x06401002) + +/** The Chacha20-Poly1305 AEAD algorithm. + * + * The ChaCha20_Poly1305 construction is defined in RFC 7539. + * + * Implementations must support 12-byte nonces, may support 8-byte nonces, + * and should reject other sizes. + * + * Implementations must support 16-byte tags and should reject other sizes. + */ +#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x06001005) + +/* In the encoding of a AEAD algorithm, the bits corresponding to + * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag. + * The constants for default lengths follow this encoding. + */ +#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x00003f00) +#define PSA_AEAD_TAG_LENGTH_OFFSET 8 + +/** Macro to build a shortened AEAD algorithm. + * + * A shortened AEAD algorithm is similar to the corresponding AEAD + * algorithm, but has an authentication tag that consists of fewer bytes. + * Depending on the algorithm, the tag length may affect the calculation + * of the ciphertext. + * + * \param aead_alg An AEAD algorithm identifier (value of type + * #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p alg) + * is true). + * \param tag_length Desired length of the authentication tag in bytes. + * + * \return The corresponding AEAD algorithm with the specified + * length. + * \return Unspecified if \p alg is not a supported + * AEAD algorithm or if \p tag_length is not valid + * for the specified AEAD algorithm. + */ +#define PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, tag_length) \ + (((aead_alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) | \ + ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \ + PSA_ALG_AEAD_TAG_LENGTH_MASK)) + +/** Calculate the corresponding AEAD algorithm with the default tag length. + * + * \param aead_alg An AEAD algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \return The corresponding AEAD algorithm with the default + * tag length for that algorithm. + */ +#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(aead_alg) \ + ( \ + PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_CCM) \ + PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_GCM) \ + PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_CHACHA20_POLY1305) \ + 0) +#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, ref) \ + PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, 0) == \ + PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ? \ + ref : + +#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x10020000) +/** RSA PKCS#1 v1.5 signature with hashing. + * + * This is the signature scheme defined by RFC 8017 + * (PKCS#1: RSA Cryptography Specifications) under the name + * RSASSA-PKCS1-v1_5. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. + * + * \return The corresponding RSA PKCS#1 v1.5 signature algorithm. + * \return Unspecified if \p hash_alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \ + (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +/** Raw PKCS#1 v1.5 signature. + * + * The input to this algorithm is the DigestInfo structure used by + * RFC 8017 (PKCS#1: RSA Cryptography Specifications), §9.2 + * steps 3–6. + */ +#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE +#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE) + +#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x10030000) +/** RSA PSS signature with hashing. + * + * This is the signature scheme defined by RFC 8017 + * (PKCS#1: RSA Cryptography Specifications) under the name + * RSASSA-PSS, with the message generation function MGF1, and with + * a salt length equal to the length of the hash. The specified + * hash algorithm is used to hash the input message, to create the + * salted hash, and for the mask generation. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. + * + * \return The corresponding RSA PSS signature algorithm. + * \return Unspecified if \p hash_alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_RSA_PSS(hash_alg) \ + (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_RSA_PSS(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE) + +#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000) +/** ECDSA signature with hashing. + * + * This is the ECDSA signature scheme defined by ANSI X9.62, + * with a random per-message secret number (*k*). + * + * The representation of the signature as a byte string consists of + * the concatentation of the signature values *r* and *s*. Each of + * *r* and *s* is encoded as an *N*-octet string, where *N* is the length + * of the base point of the curve in octets. Each value is represented + * in big-endian order (most significant octet first). + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. + * + * \return The corresponding ECDSA signature algorithm. + * \return Unspecified if \p hash_alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_ECDSA(hash_alg) \ + (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +/** ECDSA signature without hashing. + * + * This is the same signature scheme as #PSA_ALG_ECDSA(), but + * without specifying a hash algorithm. This algorithm may only be + * used to sign or verify a sequence of bytes that should be an + * already-calculated hash. Note that the input is padded with + * zeros on the left or truncated on the left as required to fit + * the curve size. + */ +#define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE +#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x10070000) +/** Deterministic ECDSA signature with hashing. + * + * This is the deterministic ECDSA signature scheme defined by RFC 6979. + * + * The representation of a signature is the same as with #PSA_ALG_ECDSA(). + * + * Note that when this algorithm is used for verification, signatures + * made with randomized ECDSA (#PSA_ALG_ECDSA(\p hash_alg)) with the + * same private key are accepted. In other words, + * #PSA_ALG_DETERMINISTIC_ECDSA(\p hash_alg) differs from + * #PSA_ALG_ECDSA(\p hash_alg) only for signature, not for verification. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. + * + * \return The corresponding deterministic ECDSA signature + * algorithm. + * \return Unspecified if \p hash_alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \ + (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000) +#define PSA_ALG_IS_ECDSA(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \ + PSA_ALG_ECDSA_BASE) +#define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \ + (((alg) & PSA_ALG_ECDSA_DETERMINISTIC_FLAG) != 0) +#define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \ + (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) +#define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \ + (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) + +/** Whether the specified algorithm is a hash-and-sign algorithm. + * + * Hash-and-sign algorithms are public-key signature algorithms structured + * in two parts: first the calculation of a hash in a way that does not + * depend on the key, then the calculation of a signature from the + * hash value and the key. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a hash-and-sign algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_HASH_AND_SIGN(alg) \ + (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ + PSA_ALG_IS_ECDSA(alg)) + +/** Get the hash used by a hash-and-sign signature algorithm. + * + * A hash-and-sign algorithm is a signature algorithm which is + * composed of two phases: first a hashing phase which does not use + * the key and produces a hash of the input message, then a signing + * phase which only uses the hash and the key and not the message + * itself. + * + * \param alg A signature algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_SIGN(\p alg) is true). + * + * \return The underlying hash algorithm if \p alg is a hash-and-sign + * algorithm. + * \return 0 if \p alg is a signature algorithm that does not + * follow the hash-and-sign structure. + * \return Unspecified if \p alg is not a signature algorithm or + * if it is not supported by the implementation. + */ +#define PSA_ALG_SIGN_GET_HASH(alg) \ + (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \ + ((alg) & PSA_ALG_HASH_MASK) == 0 ? /*"raw" algorithm*/ 0 : \ + ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ + 0) + +/** RSA PKCS#1 v1.5 encryption. + */ +#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000) + +#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x12030000) +/** RSA OAEP encryption. + * + * This is the encryption scheme defined by RFC 8017 + * (PKCS#1: RSA Cryptography Specifications) under the name + * RSAES-OAEP, with the message generation function MGF1. + * + * \param hash_alg The hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true) to use + * for MGF1. + * + * \return The corresponding RSA OAEP signature algorithm. + * \return Unspecified if \p hash_alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_RSA_OAEP(hash_alg) \ + (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_RSA_OAEP(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE) +#define PSA_ALG_RSA_OAEP_GET_HASH(alg) \ + (PSA_ALG_IS_RSA_OAEP(alg) ? \ + ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ + 0) + +#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x20000100) +/** Macro to build an HKDF algorithm. + * + * For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256. + * + * This key derivation algorithm uses the following inputs: + * - #PSA_KEY_DERIVATION_INPUT_SALT is the salt used in the "extract" step. + * It is optional; if omitted, the derivation uses an empty salt. + * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key used in the "extract" step. + * - #PSA_KEY_DERIVATION_INPUT_INFO is the info string used in the "expand" step. + * You must pass #PSA_KEY_DERIVATION_INPUT_SALT before #PSA_KEY_DERIVATION_INPUT_SECRET. + * You may pass #PSA_KEY_DERIVATION_INPUT_INFO at any time after steup and before + * starting to generate output. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * + * \return The corresponding HKDF algorithm. + * \return Unspecified if \p hash_alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_HKDF(hash_alg) \ + (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +/** Whether the specified algorithm is an HKDF algorithm. + * + * HKDF is a family of key derivation algorithms that are based on a hash + * function and the HMAC construction. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is an HKDF algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * key derivation algorithm identifier. + */ +#define PSA_ALG_IS_HKDF(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE) +#define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) + +#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x20000200) +/** Macro to build a TLS-1.2 PRF algorithm. + * + * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule, + * specified in Section 5 of RFC 5246. It is based on HMAC and can be + * used with either SHA-256 or SHA-384. + * + * This key derivation algorithm uses the following inputs, which must be + * passed in the order given here: + * - #PSA_KEY_DERIVATION_INPUT_SEED is the seed. + * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key. + * - #PSA_KEY_DERIVATION_INPUT_LABEL is the label. + * + * For the application to TLS-1.2 key expansion, the seed is the + * concatenation of ServerHello.Random + ClientHello.Random, + * and the label is "key expansion". + * + * For example, `PSA_ALG_TLS12_PRF(PSA_ALG_SHA256)` represents the + * TLS 1.2 PRF using HMAC-SHA-256. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * + * \return The corresponding TLS-1.2 PRF algorithm. + * \return Unspecified if \p hash_alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_TLS12_PRF(hash_alg) \ + (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) + +/** Whether the specified algorithm is a TLS-1.2 PRF algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a TLS-1.2 PRF algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * key derivation algorithm identifier. + */ +#define PSA_ALG_IS_TLS12_PRF(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE) +#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) + +#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x20000300) +/** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm. + * + * In a pure-PSK handshake in TLS 1.2, the master secret is derived + * from the PreSharedKey (PSK) through the application of padding + * (RFC 4279, Section 2) and the TLS-1.2 PRF (RFC 5246, Section 5). + * The latter is based on HMAC and can be used with either SHA-256 + * or SHA-384. + * + * This key derivation algorithm uses the following inputs, which must be + * passed in the order given here: + * - #PSA_KEY_DERIVATION_INPUT_SEED is the seed. + * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key. + * - #PSA_KEY_DERIVATION_INPUT_LABEL is the label. + * + * For the application to TLS-1.2, the seed (which is + * forwarded to the TLS-1.2 PRF) is the concatenation of the + * ClientHello.Random + ServerHello.Random, + * and the label is "master secret" or "extended master secret". + * + * For example, `PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA256)` represents the + * TLS-1.2 PSK to MasterSecret derivation PRF using HMAC-SHA-256. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * + * \return The corresponding TLS-1.2 PSK to MS algorithm. + * \return Unspecified if \p hash_alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \ + (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) + +/** Whether the specified algorithm is a TLS-1.2 PSK to MS algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a TLS-1.2 PSK to MS algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * key derivation algorithm identifier. + */ +#define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE) +#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) + +#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x0803ffff) +#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0x10fc0000) + +/** Macro to build a combined algorithm that chains a key agreement with + * a key derivation. + * + * \param ka_alg A key agreement algorithm (\c PSA_ALG_XXX value such + * that #PSA_ALG_IS_KEY_AGREEMENT(\p ka_alg) is true). + * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such + * that #PSA_ALG_IS_KEY_DERIVATION(\p kdf_alg) is true). + * + * \return The corresponding key agreement and derivation + * algorithm. + * \return Unspecified if \p ka_alg is not a supported + * key agreement algorithm or \p kdf_alg is not a + * supported key derivation algorithm. + */ +#define PSA_ALG_KEY_AGREEMENT(ka_alg, kdf_alg) \ + ((ka_alg) | (kdf_alg)) + +#define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \ + (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION) + +#define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \ + (((alg) & PSA_ALG_KEY_AGREEMENT_MASK) | PSA_ALG_CATEGORY_KEY_AGREEMENT) + +/** Whether the specified algorithm is a raw key agreement algorithm. + * + * A raw key agreement algorithm is one that does not specify + * a key derivation function. + * Usually, raw key agreement algorithms are constructed directly with + * a \c PSA_ALG_xxx macro while non-raw key agreement algorithms are + * constructed with PSA_ALG_KEY_AGREEMENT(). + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a raw key agreement algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_RAW_KEY_AGREEMENT(alg) \ + (PSA_ALG_IS_KEY_AGREEMENT(alg) && \ + PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) == PSA_ALG_CATEGORY_KEY_DERIVATION) + +#define PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT(alg) \ + ((PSA_ALG_IS_KEY_DERIVATION(alg) || PSA_ALG_IS_KEY_AGREEMENT(alg))) + +/** The finite-field Diffie-Hellman (DH) key agreement algorithm. + * + * The shared secret produced by key agreement is + * `g^{ab}` in big-endian format. + * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p` + * in bits. + */ +#define PSA_ALG_FFDH ((psa_algorithm_t)0x30100000) + +/** Whether the specified algorithm is a finite field Diffie-Hellman algorithm. + * + * This includes the raw finite field Diffie-Hellman algorithm as well as + * finite-field Diffie-Hellman followed by any supporter key derivation + * algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a finite field Diffie-Hellman algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * key agreement algorithm identifier. + */ +#define PSA_ALG_IS_FFDH(alg) \ + (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH) + +/** The elliptic curve Diffie-Hellman (ECDH) key agreement algorithm. + * + * The shared secret produced by key agreement is the x-coordinate of + * the shared secret point. It is always `ceiling(m / 8)` bytes long where + * `m` is the bit size associated with the curve, i.e. the bit size of the + * order of the curve's coordinate field. When `m` is not a multiple of 8, + * the byte containing the most significant bit of the shared secret + * is padded with zero bits. The byte order is either little-endian + * or big-endian depending on the curve type. + * + * - For Montgomery curves (curve types `PSA_ECC_CURVE_CURVEXXX`), + * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` + * in little-endian byte order. + * The bit size is 448 for Curve448 and 255 for Curve25519. + * - For Weierstrass curves over prime fields (curve types + * `PSA_ECC_CURVE_SECPXXX` and `PSA_ECC_CURVE_BRAINPOOL_PXXX`), + * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` + * in big-endian byte order. + * The bit size is `m = ceiling(log_2(p))` for the field `F_p`. + * - For Weierstrass curves over binary fields (curve types + * `PSA_ECC_CURVE_SECTXXX`), + * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` + * in big-endian byte order. + * The bit size is `m` for the field `F_{2^m}`. + */ +#define PSA_ALG_ECDH ((psa_algorithm_t)0x30200000) + +/** Whether the specified algorithm is an elliptic curve Diffie-Hellman + * algorithm. + * + * This includes the raw elliptic curve Diffie-Hellman algorithm as well as + * elliptic curve Diffie-Hellman followed by any supporter key derivation + * algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is an elliptic curve Diffie-Hellman algorithm, + * 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * key agreement algorithm identifier. + */ +#define PSA_ALG_IS_ECDH(alg) \ + (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH) + +/** Whether the specified algorithm encoding is a wildcard. + * + * Wildcard values may only be used to set the usage algorithm field in + * a policy, not to perform an operation. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a wildcard algorithm encoding. + * \return 0 if \c alg is a non-wildcard algorithm encoding (suitable for + * an operation). + * \return This macro may return either 0 or 1 if \c alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_WILDCARD(alg) \ + (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \ + PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \ + (alg) == PSA_ALG_ANY_HASH) + +/**@}*/ + +/** \defgroup key_lifetimes Key lifetimes + * @{ + */ + +/** A volatile key only exists as long as the handle to it is not closed. + * The key material is guaranteed to be erased on a power reset. + */ +#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) + +/** The default storage area for persistent keys. + * + * A persistent key remains in storage until it is explicitly destroyed or + * until the corresponding storage area is wiped. This specification does + * not define any mechanism to wipe a storage area, but implementations may + * provide their own mechanism (for example to perform a factory reset, + * to prepare for device refurbishment, or to uninstall an application). + * + * This lifetime value is the default storage area for the calling + * application. Implementations may offer other storage areas designated + * by other lifetime values as implementation-specific extensions. + */ +#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) + +/** The minimum value for a key identifier chosen by the application. + */ +#define PSA_KEY_ID_USER_MIN ((psa_app_key_id_t)0x00000001) +/** The maximum value for a key identifier chosen by the application. + */ +#define PSA_KEY_ID_USER_MAX ((psa_app_key_id_t)0x3fffffff) +/** The minimum value for a key identifier chosen by the implementation. + */ +#define PSA_KEY_ID_VENDOR_MIN ((psa_app_key_id_t)0x40000000) +/** The maximum value for a key identifier chosen by the implementation. + */ +#define PSA_KEY_ID_VENDOR_MAX ((psa_app_key_id_t)0x7fffffff) + +/**@}*/ + +/** \defgroup policy Key policies + * @{ + */ + +/** Whether the key may be exported. + * + * A public key or the public part of a key pair may always be exported + * regardless of the value of this permission flag. + * + * If a key does not have export permission, implementations shall not + * allow the key to be exported in plain form from the cryptoprocessor, + * whether through psa_export_key() or through a proprietary interface. + * The key may however be exportable in a wrapped form, i.e. in a form + * where it is encrypted by another key. + */ +#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001) + +/** Whether the key may be copied. + * + * This flag allows the use of psa_copy_key() to make a copy of the key + * with the same policy or a more restrictive policy. + * + * For lifetimes for which the key is located in a secure element which + * enforce the non-exportability of keys, copying a key outside the secure + * element also requires the usage flag #PSA_KEY_USAGE_EXPORT. + * Copying the key inside the secure element is permitted with just + * #PSA_KEY_USAGE_COPY if the secure element supports it. + * For keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE or + * #PSA_KEY_LIFETIME_PERSISTENT, the usage flag #PSA_KEY_USAGE_COPY + * is sufficient to permit the copy. + */ +#define PSA_KEY_USAGE_COPY ((psa_key_usage_t)0x00000002) + +/** Whether the key may be used to encrypt a message. + * + * This flag allows the key to be used for a symmetric encryption operation, + * for an AEAD encryption-and-authentication operation, + * or for an asymmetric encryption operation, + * if otherwise permitted by the key's type and policy. + * + * For a key pair, this concerns the public key. + */ +#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100) + +/** Whether the key may be used to decrypt a message. + * + * This flag allows the key to be used for a symmetric decryption operation, + * for an AEAD decryption-and-verification operation, + * or for an asymmetric decryption operation, + * if otherwise permitted by the key's type and policy. + * + * For a key pair, this concerns the private key. + */ +#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200) + +/** Whether the key may be used to sign a message. + * + * This flag allows the key to be used for a MAC calculation operation + * or for an asymmetric signature operation, + * if otherwise permitted by the key's type and policy. + * + * For a key pair, this concerns the private key. + */ +#define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t)0x00000400) + +/** Whether the key may be used to verify a message signature. + * + * This flag allows the key to be used for a MAC verification operation + * or for an asymmetric signature verification operation, + * if otherwise permitted by by the key's type and policy. + * + * For a key pair, this concerns the public key. + */ +#define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t)0x00000800) + +/** Whether the key may be used to derive other keys. + */ +#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00001000) + +/**@}*/ + +/** \defgroup derivation Key derivation + * @{ + */ + +/** A secret input for key derivation. + * + * This should be a key of type #PSA_KEY_TYPE_DERIVE + * (passed to psa_key_derivation_input_key()) + * or the shared secret resulting from a key agreement + * (obtained via psa_key_derivation_key_agreement()). + * + * The secret can also be a direct input (passed to + * key_derivation_input_bytes()). In this case, the derivation operation + * may not be used to derive keys: the operation will only allow + * psa_key_derivation_output_bytes(), not psa_key_derivation_output_key(). + */ +#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101) + +/** A label for key derivation. + * + * This should be a direct input. + * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. + */ +#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201) + +/** A salt for key derivation. + * + * This should be a direct input. + * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. + */ +#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202) + +/** An information string for key derivation. + * + * This should be a direct input. + * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. + */ +#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203) + +/** A seed for key derivation. + * + * This should be a direct input. + * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. + */ +#define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t)0x0204) + +/**@}*/ + +#endif /* PSA_CRYPTO_VALUES_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/error.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/error.h new file mode 100644 index 0000000..439dba4 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/error.h @@ -0,0 +1,57 @@ +/* + * Copyright (c) 2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/** + * \file psa/error.h + * \brief Standard error codes for the SPM and RoT Services + */ + +#ifndef __PSA_ERROR_H__ +#define __PSA_ERROR_H__ + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/* If #PSA_SUCCESS is already defined, it means that #psa_status_t + * is also defined in an external header, so prevent its multiple + * definition. + */ +#ifndef PSA_SUCCESS +typedef int32_t psa_status_t; +#endif + +#define PSA_SUCCESS ((psa_status_t)0) + +#define PSA_ERROR_PROGRAMMER_ERROR ((psa_status_t)-129) +#define PSA_ERROR_CONNECTION_REFUSED ((psa_status_t)-130) +#define PSA_ERROR_CONNECTION_BUSY ((psa_status_t)-131) +#define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132) +#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133) +#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134) +#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135) +#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136) +#define PSA_ERROR_BAD_STATE ((psa_status_t)-137) +#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138) +#define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139) +#define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140) +#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141) +#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142) +#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143) +#define PSA_ERROR_SERVICE_FAILURE ((psa_status_t)-144) +#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145) +#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146) +#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147) +#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) + +#ifdef __cplusplus +} +#endif + +#endif /* __PSA_ERROR_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/initial_attestation.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/initial_attestation.h new file mode 100644 index 0000000..c125a4d --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/initial_attestation.h @@ -0,0 +1,228 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/***************************************************************************/ +/* DRAFT UNDER REVIEW */ +/* These APIs are still evolving and are meant as a prototype for review.*/ +/* The APIs will change depending on feedback and will be firmed up */ +/* to a stable set of APIs once all the feedback has been considered. */ +/***************************************************************************/ + +#ifndef __PSA_INITIAL_ATTESTATION_H__ +#define __PSA_INITIAL_ATTESTATION_H__ + +#include +#include +#include +#include "psa/crypto.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief PSA INITIAL ATTESTATION API version + * + * Initial attestation API version is: 1.0.0 + */ +#define PSA_INITIAL_ATTEST_API_VERSION_MAJOR (1) +#define PSA_INITIAL_ATTEST_API_VERSION_MINOR (0) + +/** + * The allowed size of input challenge in bytes: 32, 48, 64 + * Challenge can be a nonce from server + * or the hash of some combined data : nonce + attested data by caller. + */ +#define PSA_INITIAL_ATTEST_CHALLENGE_SIZE_32 (32u) +#define PSA_INITIAL_ATTEST_CHALLENGE_SIZE_48 (48u) +#define PSA_INITIAL_ATTEST_CHALLENGE_SIZE_64 (64u) + +/** + * The maximum size of an attestation token that can be generated by the + * attestation service. Used to configure buffers for services that verify the + * produced tokens. + */ +#define PSA_INITIAL_ATTEST_MAX_TOKEN_SIZE (0x400) + +/** + * The list of fixed claims in the initial attestation token is still evolving, + * you can expect slight changes in the future. + * + * The initial attestation token is planned to be aligned with future version of + * Entity Attestation Token format: + * https://tools.ietf.org/html/draft-mandyam-eat-01 + * + * Current list of claims: + * - Challenge: Input object from caller. Can be a single nonce from server + * or hash of nonce and attested data. It is intended to provide + * freshness to reports and the caller has responsibility to + * arrange this. Allowed length: 32, 48, 64 bytes. The claim is + * modeled to be eventually represented by the EAT standard + * claim nonce. Until such a time as that standard exists, + * the claim will be represented by a custom claim. Value + * is encoded as byte string. + * + * - Instance ID: It represents the unique identifier of the instance. In the + * PSA definition it is a hash of the public attestation key + * of the instance. The claim is modeled to be eventually + * represented by the EAT standard claim UEID of type GUID. + * Until such a time as that standard exists, the claim will be + * represented by a custom claim Value is encoded as byte + * string. + * + * - Verification service indicator: Optional, recommended claim. It is used by + * a Relying Party to locate a validation service for the token. + * The value is a text string that can be used to locate the + * service or a URL specifying the address of the service. The + * claim is modeled to be eventually represented by the EAT + * standard claim origination. Until such a time as that + * standard exists, the claim will be represented by a custom + * claim. Value is encoded as text string. + * + * - Profile definition: Optional, recommended claim. It contains the name of + * a document that describes the 'profile' of the token, being + * a full description of the claims, their usage, verification + * and token signing. The document name may include versioning. + * Custom claim with a value encoded as text string. + * + * - Implementation ID: It represents the original implementation signer of the + * attestation key and identifies the contract between the + * report and verification. A verification service will use this + * claim to locate the details of the verification process. + * Custom claim with a value encoded as byte string. + * + * - Security lifecycle: It represents the current lifecycle state of the + * instance. Custom claim with a value encoded as integer that + * is divided to convey a major state and a minor state. The + * PSA state and implementation state are encoded as follows: + * - version[15:8] - PSA lifecycle state - major + * - version[7:0] - IMPLEMENTATION DEFINED state - minor + * Possible PSA lifecycle states: + * - Unknown (0x1000u), + * - PSA_RoT_Provisioning (0x2000u), + * - Secured (0x3000u), + * - Non_PSA_RoT_Debug(0x4000u), + * - Recoverable_PSA_RoT_Debug (0x5000u), + * - Decommissioned (0x6000u) + * + * - Client ID: The partition ID of that secure partition or non-secure + * thread who called the initial attestation API. Custom claim + * with a value encoded as a *signed* integer. Negative number + * represents non-secure caller, positive numbers represents + * secure callers, zero is invalid. + * + * - HW version: Optional claim. Globally unique number in EAN-13 format + * identifying the GDSII that went to fabrication, HW and ROM. + * It can be used to reference the security level of the PSA-ROT + * via a certification website. Custom claim with a value is + * encoded as text string. + + * - Boot seed: It represents a random value created at system boot time that + * will allow differentiation of reports from different system + * sessions. The size is 32 bytes. Custom claim with a value is + * encoded as byte string. + * + * - Software components: Recommended claim. It represents the software state + * of the system. The value of the claim is an array of CBOR map + * entries, with one entry per software component within the + * device. Each map contains multiple claims that describe + * evidence about the details of the software component. + * + * - Measurement type: Optional claim. It represents the role of the + * software component. Value is encoded as short(!) text + * string. + * + * - Measurement value: It represents a hash of the invariant software + * component in memory at start-up time. The value must be a + * cryptographic hash of 256 bits or stronger.Value is + * encoded as byte string. + * + * - Version: Optional claim. It represents the issued software version. + * Value is encoded as text string. + * + * - Signer ID: It represents the hash of a signing authority public key. + * Value is encoded as byte string. + * + * - Measurement description: Optional claim. It represents the way in which + * the measurement value of the software component is + * computed. Value is encoded as text string containing an + * abbreviated description (name) of the measurement method. + * + * - No software measurements: In the event that the implementation does not + * contain any software measurements then the software + * components claim above can be omitted but instead + * it is mandatory to include this claim to indicate this is a + * deliberate state. Custom claim a value is encoded as unsigned + * integer set to 1. + */ + +/** + * \brief Get initial attestation token + * + * \param[in] auth_challenge Pointer to buffer where challenge input is + * stored. Nonce and / or hash of attested data. + * Must be always + * \ref PSA_INITIAL_ATTEST_TOKEN_SIZE bytes + * long. + * \param[in] challenge_size Size of challenge object in bytes. + * \param[out] token_buf Pointer to the buffer where attestation token + * will be stored. + * \param[in] token_buf_size Size of allocated buffer for token, in bytes. + * \param[out] token_size Size of the token that has been returned, in + * bytes. + * + * \return Returns error code as specified in \ref psa_status_t + */ +psa_status_t +psa_initial_attest_get_token(const uint8_t *auth_challenge, + size_t challenge_size, + uint8_t *token_buf, + size_t token_buf_size, + size_t *token_size); + +/** + * \brief Get the exact size of initial attestation token in bytes. + * + * It just returns with the size of the IAT token. It can be used if the caller + * dynamically allocates memory for the token buffer. + * + * \param[in] challenge_size Size of challenge object in bytes. This must be + * a supported challenge size (as above). + * \param[out] token_size Size of the token in bytes, which is created by + * initial attestation service. + * + * \return Returns error code as specified in \ref psa_status_t + */ +psa_status_t +psa_initial_attest_get_token_size(size_t challenge_size, + size_t *token_size); + +/** + * \brief Get the initial attestation public key. + * + * \param[out] public_key Pointer to the buffer where the public key + * will be stored. + * \param[in] key_buf_size Size of allocated buffer for key, in bytes. + * \param[out] public_key_len Size of public key in bytes. + * \param[out] public_key_curve Type of the elliptic curve which the key + * belongs to. + * + * \note Currently only the ECDSA P-256 over SHA-256 algorithm is supported. + * + * \return Returns error code as specified in \ref psa_status_t + */ +psa_status_t +tfm_initial_attest_get_public_key(uint8_t *public_key, + size_t public_key_buf_size, + size_t *public_key_len, + psa_ecc_curve_t *elliptic_curve_type); + +#ifdef __cplusplus +} +#endif + +#endif /* __PSA_INITIAL_ATTESTATION_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/internal_trusted_storage.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/internal_trusted_storage.h new file mode 100644 index 0000000..3920bc9 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/internal_trusted_storage.h @@ -0,0 +1,164 @@ +/* + * Copyright (c) 2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/** This file describes the PSA Internal Trusted Storage API +*/ + +#ifndef PSA_INTERNAL_TRUSTED_STORAGE_H +#define PSA_INTERNAL_TRUSTED_STORAGE_H + +#include +#include + +#include "psa/error.h" +#include "psa/storage_common.h" + +#ifdef __cplusplus +extern "C" { +#endif +#define PSA_ITS_API_VERSION_MAJOR 1 /**< The major version number of the + * PSA ITS API + */ +#define PSA_ITS_API_VERSION_MINOR 0 /**< The minor version number of the + * PSA ITS API + */ +// This version of the header file is associated with 1.0 final release. + +/** + * \brief Create a new, or modify an existing, uid/value pair + * + * Stores data in the internal storage. + * + * \param[in] uid The identifier for the data + * \param[in] data_length The size in bytes of the data in `p_data` + * \param[in] p_data A buffer containing the data + * \param[in] create_flags The flags that the data will be stored with + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the + * provided `uid` value was already + * created with + * PSA_STORAGE_FLAG_WRITE_ONCE + * \retval PSA_ERROR_NOT_SUPPORTED The operation failed because one or + * more of the flags provided in + * `create_flags` is not supported or is + * not valid + * \retval PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there + * was insufficient space on the + * storage medium + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the + * physical storage has failed (Fatal + * error) + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one + * of the provided pointers(`p_data`) + * is invalid, for example is `NULL` or + * references memory the caller cannot + * access + */ +psa_status_t psa_its_set(psa_storage_uid_t uid, + size_t data_length, + const void *p_data, + psa_storage_create_flags_t create_flags); + +/** + * \brief Retrieve data associated with a provided UID + * + * Retrieves up to `data_size` bytes of the data associated with `uid`, starting + * at `data_offset` bytes from the beginning of the data. Upon successful + * completion, the data will be placed in the `p_data` buffer, which must be at + * least `data_size` bytes in size. The length of the data returned will be in + * `p_data_length`. If `data_size` is 0, the contents of `p_data_length` will + * be set to zero. + * + * \param[in] uid The uid value + * \param[in] data_offset The starting offset of the data requested + * \param[in] data_size The amount of data requested + * \param[out] p_data On success, the buffer where the data will + * be placed + * \param[out] p_data_length On success, this will contain size of the data + * placed in `p_data` + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the + * provided `uid` value was not found in + * the storage + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the + * physical storage has failed (Fatal + * error) + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the + * provided arguments (`p_data`, + * `p_data_length`) is invalid, for example + * is `NULL` or references memory the + * caller cannot access. In addition, this + * can also happen if `data_offset` is + * larger than the size of the data + * associated with `uid` + */ +psa_status_t psa_its_get(psa_storage_uid_t uid, + size_t data_offset, + size_t data_size, + void *p_data, + size_t *p_data_length); + +/** + * \brief Retrieve the metadata about the provided uid + * + * Retrieves the metadata stored for a given `uid` as a `psa_storage_info_t` + * structure. + * + * \param[in] uid The `uid` value + * \param[out] p_info A pointer to the `psa_storage_info_t` struct that will + * be populated with the metadata + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided + * uid value was not found in the storage + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical + * storage has failed (Fatal error) + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the + * provided pointers(`p_info`) + * is invalid, for example is `NULL` or + * references memory the caller cannot + * access + */ +psa_status_t psa_its_get_info(psa_storage_uid_t uid, + struct psa_storage_info_t *p_info); + +/** + * \brief Remove the provided uid and its associated data from the storage + * + * Deletes the data from internal storage. + * + * \param[in] uid The `uid` value + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more + * of the given arguments were invalid (null + * pointer, wrong flags and so on) + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided + * uid value was not found in the storage + * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided + * uid value was created with + * PSA_STORAGE_FLAG_WRITE_ONCE + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical + * storage has failed (Fatal error) + */ +psa_status_t psa_its_remove(psa_storage_uid_t uid); + +#ifdef __cplusplus +} +#endif + +#endif // PSA_INTERNAL_TRUSTED_STORAGE_H diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/protected_storage.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/protected_storage.h new file mode 100644 index 0000000..e76205c --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/protected_storage.h @@ -0,0 +1,282 @@ +/* + * Copyright (c) 2019-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/* This file describes the PSA Protected Storage API */ + +#ifndef PSA_PROTECTED_STORAGE_H +#define PSA_PROTECTED_STORAGE_H + +#include +#include + +#include "psa/error.h" +#include "psa/storage_common.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief PSA_PS_API_VERSION version + * + * Major and minor PSA_PS_API_VERSION numbers + */ +#define PSA_PS_API_VERSION_MAJOR 1 +#define PSA_PS_API_VERSION_MINOR 0 + +// This version of the header file is associated with 1.0 final release + +/** + * \brief Create a new, or modify an existing, uid/value pair + * + * Stores data in the protected storage. + * + * \param[in] uid The identifier for the data + * \param[in] data_length The size in bytes of the data in `p_data` + * \param[in] p_data A buffer containing the data + * \param[in] create_flags The flags that the data will be stored with + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the + * provided `uid` value was already + * created with + * PSA_STORAGE_FLAG_WRITE_ONCE + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one + * of the provided pointers(`p_data`) + * is invalid, for example is `NULL` or + * references memory the caller cannot + * access + * \retval PSA_ERROR_NOT_SUPPORTED The operation failed because one or + * more of the flags provided in + * `create_flags` is not supported or is + * not valid + * \retval PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there + * was insufficient space on the + * storage medium + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the + * physical storage has failed (Fatal + * error) + * \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an + * unspecified internal failure + */ +psa_status_t psa_ps_set(psa_storage_uid_t uid, + size_t data_length, + const void *p_data, + psa_storage_create_flags_t create_flags); + +/** + * \brief Retrieve data associated with a provided uid + * + * Retrieves up to `data_size` bytes of the data associated with `uid`, starting + * at `data_offset` bytes from the beginning of the data. Upon successful + * completion, the data will be placed in the `p_data` buffer, which must be at + * least `data_size` bytes in size. The length of the data returned will be in + * `p_data_length`. If `data_size` is 0, the contents of `p_data_length` will + * be set to zero. + * + * \param[in] uid The uid value + * \param[in] data_offset The starting offset of the data requested + * \param[in] data_size The amount of data requested + * \param[out] p_data On success, the buffer where the data will + * be placed + * \param[out] p_data_length On success, this will contain size of the data + * placed in `p_data` + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the + * provided arguments (`p_data`, + * `p_data_length`) is invalid, for example + * is `NULL` or references memory the + * caller cannot access. In addition, this + * can also happen if `data_offset` is + * larger than the size of the data + * associated with `uid` + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the + * provided `uid` value was not found in + * the storage + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the + * physical storage has failed (Fatal + * error) + * \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an + * unspecified internal failure + * \retval PSA_ERROR_DATA_CORRUPT The operation failed because the data + * associated with the UID was corrupt + * \retval PSA_ERROR_INVALID_SIGNATURE The operation failed because the data + * associated with the UID failed + * authentication + */ +psa_status_t psa_ps_get(psa_storage_uid_t uid, + size_t data_offset, + size_t data_size, + void *p_data, + size_t *p_data_length); + +/** + * \brief Retrieve the metadata about the provided uid + * + * Retrieves the metadata stored for a given `uid` + * + * \param[in] uid The `uid` value + * \param[out] p_info A pointer to the `psa_storage_info_t` struct that will + * be populated with the metadata + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the + * provided pointers(`p_info`) + * is invalid, for example is `NULL` or + * references memory the caller cannot + * access + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided + * uid value was not found in the storage + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical + * storage has failed (Fatal error) + * \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an + * unspecified internal failure + * \retval PSA_ERROR_DATA_CORRUPT The operation failed because the data + * associated with the UID was corrupt + */ +psa_status_t psa_ps_get_info(psa_storage_uid_t uid, + struct psa_storage_info_t *p_info); + +/** + * \brief Remove the provided uid and its associated data from the storage + * + * Removes previously stored data and any associated metadata, + * including rollback protection data. + * + * \param[in] uid The `uid` value + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more + * of the given arguments were invalid (null + * pointer, wrong flags and so on) + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided + * uid value was not found in the storage + * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided + * uid value was created with + * PSA_STORAGE_FLAG_WRITE_ONCE + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical + * storage has failed (Fatal error) + * \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an + * unspecified internal failure + */ +psa_status_t psa_ps_remove(psa_storage_uid_t uid); + +/** + * \brief Reserves storage for the specified uid + * + * Upon success, the capacity of the storage will be capacity, and the size + * will be 0. It is only necessary to call this function for assets that will + * be written with the psa_ps_set_extended function. If only the psa_ps_set + * function is needed, calls to this function are redundant. + * + * \param[in] uid The `uid` value + * \param[in] capacity The capacity to be allocated in bytes + * \param[in] create_flags Flags indicating properties of storage + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the + * physical storage has failed + * (Fatal error) + * \retval PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because the + * capacity is bigger than the current + * available space + * \retval PSA_ERROR_NOT_SUPPORTED The operation failed because the + * function is not implemented or one + * or more create_flags are not + * supported. + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because uid was + * 0 or create_flags specified flags + * that are not defined in the API. + * \retval PSA_ERROR_GENERIC_ERROR The operation failed due to an + * unspecified error + * \retval PSA_ERROR_ALREADY_EXISTS Storage for the specified uid + * already exists + */ +psa_status_t psa_ps_create(psa_storage_uid_t uid, + size_t capacity, + psa_storage_create_flags_t create_flags); + +/** + * \brief Sets partial data into an asset + * + * Before calling this function, the storage must have been reserved with a call + * to psa_ps_create. It can also be used to overwrite data in an asset that was + * created with a call to psa_ps_set. Calling this function with data_length = 0 + * is permitted, which will make no change to the stored data.This function can + * overwrite existing data and/or extend it up to the capacity for the uid + * specified in psa_ps_create, but cannot create gaps. + * + * That is, it has preconditions: + * - data_offset <= size + * - data_offset + data_length <= capacity + * and postconditions: + * - size = max(size, data_offset + data_length) + * - capacity unchanged. + * + * \param[in] uid The `uid` value + * \param[in] data_offset Offset within the asset to start the write + * \param[in] data_length The size in bytes of the data in p_data to write + * \param[in] p_data Pointer to a buffer which contains the data to write + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The asset exists, the input parameters + * are correct and the data is correctly + * written in the physical storage. + * \retval PSA_ERROR_STORAGE_FAILURE The data was not written correctly in + * the physical storage + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more + * of the preconditions listed above + * regarding data_offset, size, or + * data_length was violated. + * \retval PSA_ERROR_DOES_NOT_EXIST The specified uid was not found + * \retval PSA_ERROR_NOT_SUPPORTED The implementation of the API does not + * support this function + * \retval PSA_ERROR_GENERIC_ERROR The operation failed due to an + * unspecified error + * \retval PSA_ERROR_DATA_CORRUPT The operation failed because the + * existing data has been corrupted. + * \retval PSA_ERROR_INVALID_SIGNATURE The operation failed because the + * existing data failed authentication + * (MAC check failed). + * \retval PSA_ERROR_NOT_PERMITTED The operation failed because it was + * attempted on an asset which was written + * with the flag + * PSA_STORAGE_FLAG_WRITE_ONCE + */ +psa_status_t psa_ps_set_extended(psa_storage_uid_t uid, + size_t data_offset, + size_t data_length, + const void *p_data); + +/** + * \brief Lists optional features. + * + * \return A bitmask with flags set for all of + * the optional features supported by the + * implementation.Currently defined flags + * are limited to + * PSA_STORAGE_SUPPORT_SET_EXTENDED + */ +uint32_t psa_ps_get_support(void); + +#ifdef __cplusplus +} +#endif + +#endif /* PSA_PROTECTED_STORAGE_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/storage_common.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/storage_common.h new file mode 100644 index 0000000..3f901c5 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa/storage_common.h @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/* This file includes common definitions for PSA storage +*/ + +#ifndef PSA_STORAGE_COMMON_H +#define PSA_STORAGE_COMMON_H + +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +typedef uint32_t psa_storage_create_flags_t; + +typedef uint64_t psa_storage_uid_t; + +/* Flags */ + +#define PSA_STORAGE_FLAG_NONE 0u +#define PSA_STORAGE_FLAG_WRITE_ONCE (1u << 0) +#define PSA_STORAGE_FLAG_NO_CONFIDENTIALITY (1u << 1) +#define PSA_STORAGE_FLAG_NO_REPLAY_PROTECTION (1u << 2) + +/* A container for metadata associated with a specific uid */ + +struct psa_storage_info_t { + size_t capacity; + size_t size; + psa_storage_create_flags_t flags; +}; + +#define PSA_STORAGE_SUPPORT_SET_EXTENDED (1u << 0) + +#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) +#define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152) + +#ifdef __cplusplus +} +#endif + +#endif // PSA_STORAGE_COMMON_H diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa_manifest/sid.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa_manifest/sid.h new file mode 100644 index 0000000..2fc3394 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/psa_manifest/sid.h @@ -0,0 +1,151 @@ +/* + * Copyright (c) 2019-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/*********** WARNING: This is an auto-generated file. Do not edit! ***********/ + +#ifndef __PSA_MANIFEST_SID_H__ +#define __PSA_MANIFEST_SID_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +/******** TFM_SP_STORAGE ********/ +#define TFM_SST_SET_SID (0x00000060U) +#define TFM_SST_SET_VERSION (1U) +#define TFM_SST_GET_SID (0x00000061U) +#define TFM_SST_GET_VERSION (1U) +#define TFM_SST_GET_INFO_SID (0x00000062U) +#define TFM_SST_GET_INFO_VERSION (1U) +#define TFM_SST_REMOVE_SID (0x00000063U) +#define TFM_SST_REMOVE_VERSION (1U) +#define TFM_SST_GET_SUPPORT_SID (0x00000064U) +#define TFM_SST_GET_SUPPORT_VERSION (1U) + +/******** TFM_SP_ITS ********/ +#define TFM_ITS_SET_SID (0x00000070U) +#define TFM_ITS_SET_VERSION (1U) +#define TFM_ITS_GET_SID (0x00000071U) +#define TFM_ITS_GET_VERSION (1U) +#define TFM_ITS_GET_INFO_SID (0x00000072U) +#define TFM_ITS_GET_INFO_VERSION (1U) +#define TFM_ITS_REMOVE_SID (0x00000073U) +#define TFM_ITS_REMOVE_VERSION (1U) + +/******** TFM_SP_CRYPTO ********/ +#define TFM_CRYPTO_SID (0x00000080U) +#define TFM_CRYPTO_VERSION (1U) + +/******** TFM_SP_PLATFORM ********/ +#define TFM_SP_PLATFORM_SYSTEM_RESET_SID (0x00000040U) +#define TFM_SP_PLATFORM_SYSTEM_RESET_VERSION (1U) +#define TFM_SP_PLATFORM_IOCTL_SID (0x00000041U) +#define TFM_SP_PLATFORM_IOCTL_VERSION (1U) +#define TFM_SP_PLATFORM_NV_COUNTER_SID (0x00000042U) +#define TFM_SP_PLATFORM_NV_COUNTER_VERSION (1U) + +/******** TFM_SP_INITIAL_ATTESTATION ********/ +#define TFM_ATTEST_GET_TOKEN_SID (0x00000020U) +#define TFM_ATTEST_GET_TOKEN_VERSION (1U) +#define TFM_ATTEST_GET_TOKEN_SIZE_SID (0x00000021U) +#define TFM_ATTEST_GET_TOKEN_SIZE_VERSION (1U) +#define TFM_ATTEST_GET_PUBLIC_KEY_SID (0x00000022U) +#define TFM_ATTEST_GET_PUBLIC_KEY_VERSION (1U) + +/******** TFM_SP_CORE_TEST ********/ +#define SPM_CORE_TEST_INIT_SUCCESS_SID (0x0000F020U) +#define SPM_CORE_TEST_INIT_SUCCESS_VERSION (1U) +#define SPM_CORE_TEST_DIRECT_RECURSION_SID (0x0000F021U) +#define SPM_CORE_TEST_DIRECT_RECURSION_VERSION (1U) +#define SPM_CORE_TEST_MPU_ACCESS_SID (0x0000F022U) +#define SPM_CORE_TEST_MPU_ACCESS_VERSION (1U) +#define SPM_CORE_TEST_MEMORY_PERMISSIONS_SID (0x0000F023U) +#define SPM_CORE_TEST_MEMORY_PERMISSIONS_VERSION (1U) +#define SPM_CORE_TEST_SS_TO_SS_SID (0x0000F024U) +#define SPM_CORE_TEST_SS_TO_SS_VERSION (1U) +#define SPM_CORE_TEST_SS_TO_SS_BUFFER_SID (0x0000F025U) +#define SPM_CORE_TEST_SS_TO_SS_BUFFER_VERSION (1U) +#define SPM_CORE_TEST_OUTVEC_WRITE_SID (0x0000F026U) +#define SPM_CORE_TEST_OUTVEC_WRITE_VERSION (1U) +#define SPM_CORE_TEST_PERIPHERAL_ACCESS_SID (0x0000F027U) +#define SPM_CORE_TEST_PERIPHERAL_ACCESS_VERSION (1U) +#define SPM_CORE_TEST_GET_CALLER_CLIENT_ID_SID (0x0000F028U) +#define SPM_CORE_TEST_GET_CALLER_CLIENT_ID_VERSION (1U) +#define SPM_CORE_TEST_SPM_REQUEST_SID (0x0000F029U) +#define SPM_CORE_TEST_SPM_REQUEST_VERSION (1U) +#define SPM_CORE_TEST_BLOCK_SID (0x0000F02AU) +#define SPM_CORE_TEST_BLOCK_VERSION (1U) +#define SPM_CORE_TEST_NS_THREAD_SID (0x0000F02BU) +#define SPM_CORE_TEST_NS_THREAD_VERSION (1U) + +/******** TFM_SP_CORE_TEST_2 ********/ +#define SPM_CORE_TEST_2_SLAVE_SERVICE_SID (0x0000F040U) +#define SPM_CORE_TEST_2_SLAVE_SERVICE_VERSION (1U) +#define SPM_CORE_TEST_2_CHECK_CALLER_CLIENT_ID_SID (0x0000F041U) +#define SPM_CORE_TEST_2_CHECK_CALLER_CLIENT_ID_VERSION (1U) +#define SPM_CORE_TEST_2_GET_EVERY_SECOND_BYTE_SID (0x0000F042U) +#define SPM_CORE_TEST_2_GET_EVERY_SECOND_BYTE_VERSION (1U) +#define SPM_CORE_TEST_2_INVERT_SID (0x0000F043U) +#define SPM_CORE_TEST_2_INVERT_VERSION (1U) +#define SPM_CORE_TEST_2_PREPARE_TEST_SCENARIO_SID (0x0000F044U) +#define SPM_CORE_TEST_2_PREPARE_TEST_SCENARIO_VERSION (1U) +#define SPM_CORE_TEST_2_EXECUTE_TEST_SCENARIO_SID (0x0000F045U) +#define SPM_CORE_TEST_2_EXECUTE_TEST_SCENARIO_VERSION (1U) + +/******** TFM_SP_SECURE_TEST_PARTITION ********/ +#define TFM_SECURE_CLIENT_SFN_RUN_TESTS_SID (0x0000F000U) +#define TFM_SECURE_CLIENT_SFN_RUN_TESTS_VERSION (1U) + +/******** TFM_SP_IPC_SERVICE_TEST ********/ +#define IPC_SERVICE_TEST_BASIC_SID (0x0000F080U) +#define IPC_SERVICE_TEST_BASIC_VERSION (1U) +#define IPC_SERVICE_TEST_PSA_ACCESS_APP_MEM_SID (0x0000F081U) +#define IPC_SERVICE_TEST_PSA_ACCESS_APP_MEM_VERSION (1U) +#define IPC_SERVICE_TEST_PSA_ACCESS_APP_READ_ONLY_MEM_SID (0x0000F082U) +#define IPC_SERVICE_TEST_PSA_ACCESS_APP_READ_ONLY_MEM_VERSION (1U) +#define IPC_SERVICE_TEST_APP_ACCESS_PSA_MEM_SID (0x0000F083U) +#define IPC_SERVICE_TEST_APP_ACCESS_PSA_MEM_VERSION (1U) +#define IPC_SERVICE_TEST_CLIENT_PROGRAMMER_ERROR_SID (0x0000F084U) +#define IPC_SERVICE_TEST_CLIENT_PROGRAMMER_ERROR_VERSION (1U) + +/******** TFM_SP_IPC_CLIENT_TEST ********/ +#define IPC_CLIENT_TEST_BASIC_SID (0x0000F060U) +#define IPC_CLIENT_TEST_BASIC_VERSION (1U) +#define IPC_CLIENT_TEST_PSA_ACCESS_APP_MEM_SID (0x0000F061U) +#define IPC_CLIENT_TEST_PSA_ACCESS_APP_MEM_VERSION (1U) +#define IPC_CLIENT_TEST_PSA_ACCESS_APP_READ_ONLY_MEM_SID (0x0000F062U) +#define IPC_CLIENT_TEST_PSA_ACCESS_APP_READ_ONLY_MEM_VERSION (1U) +#define IPC_CLIENT_TEST_APP_ACCESS_PSA_MEM_SID (0x0000F063U) +#define IPC_CLIENT_TEST_APP_ACCESS_PSA_MEM_VERSION (1U) +#define IPC_CLIENT_TEST_MEM_CHECK_SID (0x0000F064U) +#define IPC_CLIENT_TEST_MEM_CHECK_VERSION (1U) + +/******** TFM_IRQ_TEST_1 ********/ +#define SPM_CORE_IRQ_TEST_1_PREPARE_TEST_SCENARIO_SID (0x0000F0A0U) +#define SPM_CORE_IRQ_TEST_1_PREPARE_TEST_SCENARIO_VERSION (1U) +#define SPM_CORE_IRQ_TEST_1_EXECUTE_TEST_SCENARIO_SID (0x0000F0A1U) +#define SPM_CORE_IRQ_TEST_1_EXECUTE_TEST_SCENARIO_VERSION (1U) + +/******** TFM_SP_SST_TEST ********/ +#define TFM_SST_TEST_PREPARE_SID (0x0000F0C0U) +#define TFM_SST_TEST_PREPARE_VERSION (1U) + +/******** TFM_SP_SECURE_CLIENT_2 ********/ +#define TFM_SECURE_CLIENT_2_SID (0x0000F0E0U) +#define TFM_SECURE_CLIENT_2_VERSION (1U) + +/******** TFM_SP_MULTI_CORE_TEST ********/ +#define MULTI_CORE_MULTI_CLIENT_CALL_TEST_0_SID (0x0000F100U) +#define MULTI_CORE_MULTI_CLIENT_CALL_TEST_0_VERSION (1U) +#define MULTI_CORE_MULTI_CLIENT_CALL_TEST_1_SID (0x0000F101U) +#define MULTI_CORE_MULTI_CLIENT_CALL_TEST_1_VERSION (1U) + +#ifdef __cplusplus +} +#endif + +#endif /* __PSA_MANIFEST_SID_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_api.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_api.h new file mode 100644 index 0000000..09abc39 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_api.h @@ -0,0 +1,142 @@ +/* + * Copyright (c) 2017-2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __TFM_API_H__ +#define __TFM_API_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +#include +#include "psa/client.h" + +#define TFM_INVALID_CLIENT_ID 0 + +/** + * \brief Checks if the provided client ID is a secure client ID. + * + * \param[in] client_id Client ID to check. + * + * \retval 1 Client ID is secure. + * \retval 0 Client ID is non-secure. + */ +#define TFM_CLIENT_ID_IS_S(client_id) ((client_id)>0) + +/** + * \brief Checks if the provided client ID is a non-secure client ID. + * + * \param[in] client_id Client ID to check. + * + * \retval 1 Client ID is non-secure. + * \retval 0 Client ID is secure. + */ +#define TFM_CLIENT_ID_IS_NS(client_id) ((client_id)<0) + +/* The mask used for timeout values */ +#define PSA_TIMEOUT_MASK PSA_BLOCK + +/* FixMe: sort out DEBUG compile option and limit return value options + * on external interfaces */ +enum tfm_status_e +{ + TFM_SUCCESS = 0, + TFM_PARTITION_BUSY, + TFM_ERROR_SECURE_DOMAIN_LOCKED, + TFM_ERROR_INVALID_PARAMETER, + TFM_ERROR_PARTITION_NON_REENTRANT, + TFM_ERROR_NS_THREAD_MODE_CALL, + TFM_ERROR_NOT_INITIALIZED, + TFM_ERROR_NO_ACTIVE_PARTITION, + TFM_ERROR_INVALID_EXC_MODE, + TFM_SECURE_LOCK_FAILED, + TFM_SECURE_UNLOCK_FAILED, + TFM_ERROR_GENERIC = 0x1F, +}; + +/* + * Structure to package type, in_len and out_len, it is mainly used for + * psa_call. + */ +struct tfm_control_parameter_t { + int32_t type; + size_t in_len; + size_t out_len; +}; + +/********************* Secure function declarations ***************************/ + +/** + * \brief Assign client ID to the current TZ context. + * + * \param[in] ns_client_id The client ID to be assigned to the current + * context. + * \retval TFM_SUCCESS The client ID assigned successfully. + * \retval error code The client ID assignment failed, an error code + * returned according to \ref tfm_status_e. + * \note This function have to be called from handler mode. + */ +enum tfm_status_e tfm_register_client_id (int32_t ns_client_id); + +/** + * \brief Retrieve the version of the PSA Framework API that is implemented. + * + * \return The version of the PSA Framework. + */ +uint32_t tfm_psa_framework_version_veneer(void); + +/** + * \brief Return version of secure function provided by secure binary. + * + * \param[in] sid ID of secure service. + * + * \return Version number of secure function. + */ +uint32_t tfm_psa_version_veneer(uint32_t sid); + +/** + * \brief Connect to secure function. + * + * \param[in] sid ID of secure service. + * \param[in] version Version of SF requested by client. + * + * \return Returns handle to connection. + */ +psa_handle_t tfm_psa_connect_veneer(uint32_t sid, uint32_t version); + +/** + * \brief Call a secure function referenced by a connection handle. + * + * \param[in] handle Handle to connection. + * \param[in] ctrl_param Parameter structure, includes reuqest type, + * in_num and out_num. + * \param[in] in_vec Array of input \ref psa_invec structures. + * \param[in/out] out_vec Array of output \ref psa_outvec structures. + * + * \return Returns \ref psa_status_t status code. + */ +psa_status_t tfm_psa_call_veneer(psa_handle_t handle, + const struct tfm_control_parameter_t *ctrl_param, + const psa_invec *in_vec, + psa_outvec *out_vec); + +/** + * \brief Close connection to secure function referenced by a connection handle. + * + * \param[in] handle Handle to connection + * + * \return void + */ +void tfm_psa_close_veneer(psa_handle_t handle); + +/***************** End Secure function declarations ***************************/ + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_API_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_crypto_defs.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_crypto_defs.h new file mode 100644 index 0000000..53c03ce --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_crypto_defs.h @@ -0,0 +1,164 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __TFM_CRYPTO_DEFS_H__ +#define __TFM_CRYPTO_DEFS_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +#include +#include +#include "tfm_api.h" +#include "psa/crypto.h" + +/** + * \brief This type is used to overcome a limitation in the number of maximum + * IOVECs that can be used especially in psa_aead_encrypt and + * psa_aead_decrypt. To be removed in case the AEAD APIs number of + * parameters passed gets restructured + */ +#define TFM_CRYPTO_MAX_NONCE_LENGTH (16u) +struct tfm_crypto_aead_pack_input { + uint8_t nonce[TFM_CRYPTO_MAX_NONCE_LENGTH]; + uint32_t nonce_length; +}; + +/** + * \brief Structure used to pack non-pointer types in a call + * + */ +struct tfm_crypto_pack_iovec { + uint32_t sfn_id; /*!< Secure function ID used to dispatch the + * request + */ + uint16_t step; /*!< Key derivation step */ + psa_key_handle_t key_handle; /*!< Key handle */ + psa_algorithm_t alg; /*!< Algorithm */ + uint32_t op_handle; /*!< Frontend context handle associated to a + * multipart operation + */ + size_t capacity; /*!< Key derivation capacity */ + + struct tfm_crypto_aead_pack_input aead_in; /*!< FixMe: Temporarily used for + * AEAD until the API is + * restructured + */ +}; + +/** + * \brief Define a progressive numerical value for each SID which can be used + * when dispatching the requests to the service + */ +enum { + TFM_CRYPTO_GET_KEY_ATTRIBUTES_SID = (0u), + TFM_CRYPTO_RESET_KEY_ATTRIBUTES_SID, + TFM_CRYPTO_OPEN_KEY_SID, + TFM_CRYPTO_CLOSE_KEY_SID, + TFM_CRYPTO_IMPORT_KEY_SID, + TFM_CRYPTO_DESTROY_KEY_SID, + TFM_CRYPTO_EXPORT_KEY_SID, + TFM_CRYPTO_EXPORT_PUBLIC_KEY_SID, + TFM_CRYPTO_COPY_KEY_SID, + TFM_CRYPTO_HASH_COMPUTE_SID, + TFM_CRYPTO_HASH_COMPARE_SID, + TFM_CRYPTO_HASH_SETUP_SID, + TFM_CRYPTO_HASH_UPDATE_SID, + TFM_CRYPTO_HASH_FINISH_SID, + TFM_CRYPTO_HASH_VERIFY_SID, + TFM_CRYPTO_HASH_ABORT_SID, + TFM_CRYPTO_HASH_CLONE_SID, + TFM_CRYPTO_MAC_COMPUTE_SID, + TFM_CRYPTO_MAC_VERIFY_SID, + TFM_CRYPTO_MAC_SIGN_SETUP_SID, + TFM_CRYPTO_MAC_VERIFY_SETUP_SID, + TFM_CRYPTO_MAC_UPDATE_SID, + TFM_CRYPTO_MAC_SIGN_FINISH_SID, + TFM_CRYPTO_MAC_VERIFY_FINISH_SID, + TFM_CRYPTO_MAC_ABORT_SID, + TFM_CRYPTO_CIPHER_ENCRYPT_SID, + TFM_CRYPTO_CIPHER_DECRYPT_SID, + TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID, + TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID, + TFM_CRYPTO_CIPHER_GENERATE_IV_SID, + TFM_CRYPTO_CIPHER_SET_IV_SID, + TFM_CRYPTO_CIPHER_UPDATE_SID, + TFM_CRYPTO_CIPHER_FINISH_SID, + TFM_CRYPTO_CIPHER_ABORT_SID, + TFM_CRYPTO_AEAD_ENCRYPT_SID, + TFM_CRYPTO_AEAD_DECRYPT_SID, + TFM_CRYPTO_AEAD_ENCRYPT_SETUP_SID, + TFM_CRYPTO_AEAD_DECRYPT_SETUP_SID, + TFM_CRYPTO_AEAD_GENERATE_NONCE_SID, + TFM_CRYPTO_AEAD_SET_NONCE_SID, + TFM_CRYPTO_AEAD_SET_LENGTHS_SID, + TFM_CRYPTO_AEAD_UPDATE_AD_SID, + TFM_CRYPTO_AEAD_UPDATE_SID, + TFM_CRYPTO_AEAD_FINISH_SID, + TFM_CRYPTO_AEAD_VERIFY_SID, + TFM_CRYPTO_AEAD_ABORT_SID, + TFM_CRYPTO_SIGN_HASH_SID, + TFM_CRYPTO_VERIFY_HASH_SID, + TFM_CRYPTO_ASYMMETRIC_ENCRYPT_SID, + TFM_CRYPTO_ASYMMETRIC_DECRYPT_SID, + TFM_CRYPTO_KEY_DERIVATION_SETUP_SID, + TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY_SID, + TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY_SID, + TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES_SID, + TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY_SID, + TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT_SID, + TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_SID, + TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY_SID, + TFM_CRYPTO_KEY_DERIVATION_ABORT_SID, + TFM_CRYPTO_RAW_KEY_AGREEMENT_SID, + TFM_CRYPTO_GENERATE_RANDOM_SID, + TFM_CRYPTO_GENERATE_KEY_SID, + TFM_CRYPTO_SET_KEY_DOMAIN_PARAMETERS_SID, + TFM_CRYPTO_GET_KEY_DOMAIN_PARAMETERS_SID, + TFM_CRYPTO_SID_MAX, +}; + +/** + * \brief Define an invalid value for an SID + * + */ +#define TFM_CRYPTO_SID_INVALID (~0x0u) + +/** + * \brief This value is used to mark an handle as invalid. + * + */ +#define TFM_CRYPTO_INVALID_HANDLE (0x0u) + +/** + * \brief The persistent key identifier that refers to the hardware unique key. + * + */ +#define TFM_CRYPTO_KEY_ID_HUK (0xFFFF815Bu) + +/** + * \brief The algorithm identifier that refers to key derivation from the + * hardware unique key. + * + */ +#define TFM_CRYPTO_ALG_HUK_DERIVATION ((psa_algorithm_t)0xB0000F00) + +/** + * \brief Define miscellaneous literal constants that are used in the service + * + */ +enum { + TFM_CRYPTO_NOT_IN_USE = 0, + TFM_CRYPTO_IN_USE = 1 +}; + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_CRYPTO_DEFS_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_mailbox.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_mailbox.h new file mode 100644 index 0000000..3d128f4 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_mailbox.h @@ -0,0 +1,180 @@ +/* + * Copyright (c) 2019-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/* + * This is header file of common mailbox objects shared by NSPE and SPE. + * Please refer to tfm_ns_mailbox.h for the definitions only used in NSPE + * mailbox library. + * Please refer to tfm_spe_mailbox.h for the SPE specific definitions and APIs. + */ + +#ifndef __TFM_MAILBOX_H__ +#define __TFM_MAILBOX_H__ + +#include +#include +#include +#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL +#include "device_cfg.h" +#endif +#include "psa/client.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * If multiple outstanding NS PSA Client calls is enabled, multi-core platform + * should define the number of mailbox queue slots NUM_MAILBOX_QUEUE_SLOT in + * platform device_cfg.h. + * Otherwise, NUM_MAILBOX_QUEUE_SLOT is defined as 1. + */ +#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL +#ifndef NUM_MAILBOX_QUEUE_SLOT +#error "Error: Platform doesn't define NUM_MAILBOX_QUEUE_SLOT for mailbox queue" +#endif + +#if (NUM_MAILBOX_QUEUE_SLOT < 2) +#error "Error: Invalid NUM_MAILBOX_QUEUE_SLOT. The value should be more than 1" +#endif + +/* + * The number of slots should be no more than the number of bits in + * mailbox_queue_status_t. + * Here the value is hardcoded. A better way is to define a sizeof() to + * calculate the bits in mailbox_queue_status_t and dump it with pragma message. + */ +#if (NUM_MAILBOX_QUEUE_SLOT > 32) +#error "Error: Invalid NUM_MAILBOX_QUEUE_SLOT. The value should be no more than 32" +#endif +#else /* TFM_MULTI_CORE_MULTI_CLIENT_CALL */ +/* Force the number of mailbox queue slots as 1. */ +#undef NUM_MAILBOX_QUEUE_SLOT +#define NUM_MAILBOX_QUEUE_SLOT (1) +#endif /* TFM_MULTI_CORE_MULTI_CLIENT_CALL */ + +/* PSA client call type value */ +#define MAILBOX_PSA_FRAMEWORK_VERSION (0x1) +#define MAILBOX_PSA_VERSION (0x2) +#define MAILBOX_PSA_CONNECT (0x3) +#define MAILBOX_PSA_CALL (0x4) +#define MAILBOX_PSA_CLOSE (0x5) + +/* Return code of mailbox APIs */ +#define MAILBOX_SUCCESS (0) +#define MAILBOX_QUEUE_FULL (INT32_MIN + 1) +#define MAILBOX_INVAL_PARAMS (INT32_MIN + 2) +#define MAILBOX_NO_PERMS (INT32_MIN + 3) +#define MAILBOX_NO_PEND_EVENT (INT32_MIN + 4) +#define MAILBOX_CHAN_BUSY (INT32_MIN + 5) +#define MAILBOX_CALLBACK_REG_ERROR (INT32_MIN + 6) +#define MAILBOX_INIT_ERROR (INT32_MIN + 7) + +/* + * This structure holds the parameters used in a PSA client call. + */ +struct psa_client_params_t { + union { + struct { + uint32_t sid; + } psa_version_params; + + struct { + uint32_t sid; + uint32_t version; + } psa_connect_params; + + struct { + psa_handle_t handle; + int32_t type; + const psa_invec *in_vec; + size_t in_len; + psa_outvec *out_vec; + size_t out_len; + } psa_call_params; + + struct { + psa_handle_t handle; + } psa_close_params; + }; +}; + +/* Mailbox message passed from NSPE to SPE to deliver a PSA client call */ +struct mailbox_msg_t { + uint32_t call_type; /* PSA client call type */ + struct psa_client_params_t params; /* Contain parameters used in PSA + * client call + */ + + int32_t client_id; /* Optional client ID of the + * non-secure caller. + * It is required to identify the + * non-secure task when NSPE OS + * enforces non-secure task isolation + */ +}; + +/* A handle to a mailbox message in use */ +typedef int32_t mailbox_msg_handle_t; + +#define MAILBOX_MSG_NULL_HANDLE ((mailbox_msg_handle_t)0) + +/* + * Mailbox reply structure in non-secure memory + * to hold the PSA client call return result from SPE + */ +struct mailbox_reply_t { + int32_t return_val; +}; + +/* A single slot structure in NSPE mailbox queue */ +struct ns_mailbox_slot_t { + struct mailbox_msg_t msg; + struct mailbox_reply_t reply; + const void *owner; /* Handle of the owner task of this + * slot + */ + bool is_woken; /* Indicate that owner task has been + * or should be woken up, after the + * replied is received. + */ +}; + +typedef uint32_t mailbox_queue_status_t; + +/* NSPE mailbox queue */ +struct ns_mailbox_queue_t { + mailbox_queue_status_t empty_slots; /* Bitmask of empty slots */ + mailbox_queue_status_t pend_slots; /* Bitmask of slots pending + * for SPE handling + */ + mailbox_queue_status_t replied_slots; /* Bitmask of active slots + * containing PSA client call + * return result + */ + + struct ns_mailbox_slot_t queue[NUM_MAILBOX_QUEUE_SLOT]; + +#ifdef TFM_MULTI_CORE_TEST + uint32_t nr_tx; /* The total number of + * submission of NS PSA Client + * calls from NS task via + * mailbox. + */ + uint32_t nr_used_slots; /* The total number of used + * mailbox queue slots each time + * NS thread requests a mailbox + * queue slot. + */ +#endif +}; + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_MAILBOX_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_multi_core_api.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_multi_core_api.h new file mode 100644 index 0000000..7999fa4 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_multi_core_api.h @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __TFM_MULTI_CORE_API__ +#define __TFM_MULTI_CORE_API__ + +#ifdef __cplusplus +extern "C" { +#endif + +#include + +/** + * \brief Called on the non-secure CPU. + * Flags that the non-secure side has completed its initialization. + * Waits, if necessary, for the secure CPU to flag that it has completed + * its initialization. + * + * \return Return 0 if succeeds. + * \return Otherwise, return specific error code. + */ +int32_t tfm_ns_wait_for_s_cpu_ready(void); + +/** + * \brief Synchronisation with secure CPU, platform-specific implementation. + * Flags that the non-secure side has completed its initialization. + * Waits, if necessary, for the secure CPU to flag that it has completed + * its initialization. + * + * \retval Return 0 if succeeds. + * \retval Otherwise, return specific error code. + */ +int32_t tfm_platform_ns_wait_for_s_cpu_ready(void); + +/** + * \brief Acquire the multi-core lock for synchronizing PSA client call(s) + * The actual implementation depends on the use scenario. + * + * \return \ref TFM_SUCCESS on success + * \return \ref TFM_ERROR_GENERIC on error + */ +uint32_t tfm_ns_multi_core_lock_acquire(void); + +/** + * \brief Release the multi-core lock for synchronizing PSA client call(s) + * The actual implementation depends on the use scenario. + * + * \return \ref TFM_SUCCESS on success + * \return \ref TFM_ERROR_GENERIC on error + */ +uint32_t tfm_ns_multi_core_lock_release(void); + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_MULTI_CORE_API__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_ns_interface.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_ns_interface.h new file mode 100644 index 0000000..21857be --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_ns_interface.h @@ -0,0 +1,54 @@ +/* + * Copyright (c) 2017-2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +#ifndef __TFM_NS_INTERFACE_H__ +#define __TFM_NS_INTERFACE_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +#include +#include "tfm_api.h" + +typedef int32_t (*veneer_fn) (uint32_t arg0, uint32_t arg1, + uint32_t arg2, uint32_t arg3); + +/** + * \brief NS interface, veneer function dispatcher + * + * \details This function implements the dispatching mechanism for the + * desired veneer function, to be called with the parameters + * described from arg0 to arg3. + * + * \param[in] fn Function pointer to the veneer function desired + * \param[in] arg0 Argument 0 + * \param[in] arg1 Argument 1 + * \param[in] arg2 Argument 2 + * \param[in] arg3 Argument 3 + * + * \return Returns the same return value of the requested veneer function + */ +int32_t tfm_ns_interface_dispatch(veneer_fn fn, + uint32_t arg0, uint32_t arg1, + uint32_t arg2, uint32_t arg3); + +/** + * \brief NS interface, Initialise the NS interface + * + * \details This function needs to be called from the NS world to + * properly initialise the NS interface towards TF-M. This + * function will initialise all the objects required for + * runtime dispatching of TF-M requests to services + * + * \return A value according to \ref enum tfm_status_e + */ +enum tfm_status_e tfm_ns_interface_init(void); +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_NS_INTERFACE_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_ns_mailbox.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_ns_mailbox.h new file mode 100644 index 0000000..ba902aa --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_ns_mailbox.h @@ -0,0 +1,236 @@ +/* + * Copyright (c) 2019-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/* Data types and API definitions in NSPE mailbox library */ + +#ifndef __TFM_NS_MAILBOX_H__ +#define __TFM_NS_MAILBOX_H__ + +#include +#include +#include "tfm_mailbox.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#ifdef TFM_MULTI_CORE_TEST +/** + * \brief The structure to hold the statistics result of NSPE mailbox + */ +struct ns_mailbox_stats_res_t { + uint8_t avg_nr_slots; /* The value before the decimal point + * in the average number of NSPE + * mailbox slots in use. + */ + uint8_t avg_nr_slots_tenths; /* The first digit value after the + * decimal point in the average + * number of NSPE mailbox slots in use. + */ +}; +#endif + +/** + * \brief Prepare and send PSA client request to SPE via mailbox. + * + * \param[in] call_type PSA client call type + * \param[in] params Parmaters used for PSA client call + * \param[in] client_id Optional client ID of non-secure caller. + * It is required to identify the non-secure caller + * when NSPE OS enforces non-secure task isolation. + * + * \retval >= 0 The handle to the mailbox message assigned. + * \retval < 0 Operation failed with an error code. + */ +mailbox_msg_handle_t tfm_ns_mailbox_tx_client_req(uint32_t call_type, + const struct psa_client_params_t *params, + int32_t client_id); + +/** + * \brief Fetch PSA client return result. + * + * \param[in] handle The handle to the mailbox message + * \param[out] reply The address to be written with return result. + * + * \retval MAILBOX_SUCCESS Successfully get PSA client call return result. + * \retval Other return code Operation failed with an error code. + */ +int32_t tfm_ns_mailbox_rx_client_reply(mailbox_msg_handle_t handle, + int32_t *reply); + +/** + * \brief Check whether a specific mailbox message has been replied. + * + * \param[in] handle The handle to the mailbox message + * + * \retval true The PSA client call return value is replied. + * \retval false The PSA client call return value is not + * replied yet. + */ +bool tfm_ns_mailbox_is_msg_replied(mailbox_msg_handle_t handle); + +/** + * \brief NSPE mailbox initialization + * + * \param[in] queue The base address of NSPE mailbox queue to be + * initialized. + * + * \retval MAILBOX_SUCCESS Operation succeeded. + * \retval Other return code Operation failed with an error code. + */ +int32_t tfm_ns_mailbox_init(struct ns_mailbox_queue_t *queue); + +#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL +/** + * \brief Get the handle of the current non-secure task executing mailbox + * functionalities + * + * \note This function should be implemented according to platform, NS OS + * and actual use scenario. + * This function can be ignored or return NULL if sleep/wake-up mechanism + * is not required in PSA Client API implementation. + * + * \return Return the handle of task. + */ +const void *tfm_ns_mailbox_get_task_handle(void); +#else +static inline const void *tfm_ns_mailbox_get_task_handle(void) +{ + return NULL; +} +#endif + +/** + * \brief Fetch the handle to the first replied mailbox message in the NSPE + * mailbox queue. + * This function is intended to be called inside platform specific + * notification IRQ handler. + * + * \note The replied status of the fetched mailbox message will be cleaned after + * the message is fetched. When this function is called again, it fetches + * the next replied mailbox message from the NSPE mailbox queue. + * + * \return Return the handle to the first replied mailbox message in the + * queue. + * Return \ref MAILBOX_MSG_NULL_HANDLE if no mailbox message is replied. + */ +mailbox_msg_handle_t tfm_ns_mailbox_fetch_reply_msg_isr(void); + +/** + * \brief Return the handle of owner task of a mailbox message according to the + * \ref mailbox_msg_handle_t + * + * \param[in] handle The handle of mailbox message. + * + * \return Return the handle value of the owner task. + */ +const void *tfm_ns_mailbox_get_msg_owner(mailbox_msg_handle_t handle); + +#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL +/** + * \brief Wait for the reply returned from SPE to the mailbox message specified + * by handle + * + * \param[in] handle The handle of mailbox message. + * + * \retval MAILBOX_SUCCESS Return from waiting successfully. + * \retval Other return code Failed to wait with an error code. + */ +int32_t tfm_ns_mailbox_wait_reply(mailbox_msg_handle_t handle); +#endif + +/** + * \brief Platform specific NSPE mailbox initialization. + * Invoked by \ref tfm_ns_mailbox_init(). + * + * \param[in] queue The base address of NSPE mailbox queue to be + * initialized. + * + * \retval MAILBOX_SUCCESS Operation succeeded. + * \retval Other return code Operation failed with an error code. + */ +int32_t tfm_ns_mailbox_hal_init(struct ns_mailbox_queue_t *queue); + +/** + * \brief Notify SPE to deal with the PSA client call sent via mailbox + * + * \note The implementation depends on platform specific hardware and use case. + * + * \retval MAILBOX_SUCCESS Operation succeeded. + * \retval Other return code Operation failed with an error code. + */ +int32_t tfm_ns_mailbox_hal_notify_peer(void); + +/** + * \brief Enter critical section of NSPE mailbox. + * + * \note The implementation depends on platform specific hardware and use case. + */ +void tfm_ns_mailbox_hal_enter_critical(void); + +/** + * \brief Exit critical section of NSPE mailbox. + * + * \note The implementation depends on platform specific hardware and use case. + */ +void tfm_ns_mailbox_hal_exit_critical(void); + +/** + * \brief Enter critical section of NSPE mailbox in IRQ handler. + * + * \note The implementation depends on platform specific hardware and use case. + */ +void tfm_ns_mailbox_hal_enter_critical_isr(void); + +/** + * \brief Enter critical section of NSPE mailbox in IRQ handler + * + * \note The implementation depends on platform specific hardware and use case. + */ +void tfm_ns_mailbox_hal_exit_critical_isr(void); + +#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL +/** + * \brief Performs platform and NS OS specific waiting mechanism to wait for + * the reply of the specified mailbox message to be returned from SPE. + * + * \note This function is implemented by platform and NS OS specific waiting + * mechanism accroding to use scenario. + * + * \param[in] handle The handle of mailbox message. + */ +void tfm_ns_mailbox_hal_wait_reply(mailbox_msg_handle_t handle); +#endif + +#ifdef TFM_MULTI_CORE_TEST +/** + * \brief Initialize the statistics module in TF-M NSPE mailbox. + * + * \note This function is only available when multi-core tests are enabled. + */ +void tfm_ns_mailbox_tx_stats_init(void); + +/** + * \brief Calculate the average number of used NS mailbox queue slots each time + * NS task requires a queue slot to submit mailbox message, which is + * recorded in NS mailbox statisitics module. + * + * \note This function is only available when multi-core tests are enabled. + * + * \param[in] stats_res The buffer to be written with + * \ref ns_mailbox_stats_res_t. + * + * \return Return the calculation result. + */ +void tfm_ns_mailbox_stats_avg_slot(struct ns_mailbox_stats_res_t *stats_res); +#endif + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_NS_MAILBOX_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_ns_svc.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_ns_svc.h new file mode 100644 index 0000000..def0c2f --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_ns_svc.h @@ -0,0 +1,68 @@ +/* + * Copyright (c) 2017-2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include +#include "cmsis_compiler.h" + +#ifndef __TFM_NS_SVC_H__ +#define __TFM_NS_SVC_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Include all the SVC handler headers + */ +#include "tfm_nspm_svc_handler.h" + +/** + * \brief Macro to encode an svc instruction + * + */ +#define SVC(code) __ASM volatile("svc %0" : : "I" (code)) + +/** + * \def LIST_SVC_NSPM + * + * \brief This is an X macro which lists + * the SVC interface exposed by TF-M + * for the NS OS. + * + */ +#define LIST_SVC_NSPM \ + X(SVC_TFM_NSPM_REGISTER_CLIENT_ID, tfm_nspm_svc_register_client_id) \ + +/** + * \brief Numbers associated to each SVC available + * + * \details Start from 1 as 0 is reserved by RTX + */ +enum tfm_svc_num { + SVC_INVALID = 0, + +#define X(SVC_ENUM, SVC_HANDLER) SVC_ENUM, + + /* SVC API for Services */ +#ifdef TFM_NS_CLIENT_IDENTIFICATION + LIST_SVC_NSPM +#endif + +#undef X + + /* add all the new entries above this line */ + SVC_TFM_MAX, +}; + +/* number of user SVC functions */ +#define USER_SVC_COUNT ((uint32_t)SVC_TFM_MAX - 1) + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_NS_SVC_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_platform_api.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_platform_api.h new file mode 100644 index 0000000..8c9b0db --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_platform_api.h @@ -0,0 +1,98 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __TFM_PLATFORM_API__ +#define __TFM_PLATFORM_API__ + +#include +#include +#include +#include "tfm_api.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief TFM secure partition platform API version + */ +#define TFM_PLATFORM_API_VERSION_MAJOR (0) +#define TFM_PLATFORM_API_VERSION_MINOR (3) + +#define TFM_PLATFORM_API_ID_NV_READ (1010) +#define TFM_PLATFORM_API_ID_NV_INCREMENT (1011) + +/*! + * \enum tfm_platform_err_t + * + * \brief Platform service error types + * + */ +enum tfm_platform_err_t { + TFM_PLATFORM_ERR_SUCCESS = 0, + TFM_PLATFORM_ERR_SYSTEM_ERROR, + TFM_PLATFORM_ERR_INVALID_PARAM, + TFM_PLATFORM_ERR_NOT_SUPPORTED, + + /* Following entry is only to ensure the error code of int size */ + TFM_PLATFORM_ERR_FORCE_INT_SIZE = INT_MAX +}; + +typedef int32_t tfm_platform_ioctl_req_t; + +/*! + * \brief Resets the system. + * + * \return Returns values as specified by the \ref tfm_platform_err_t + */ +enum tfm_platform_err_t tfm_platform_system_reset(void); + +/*! + * \brief Performs a platform-specific service + * + * \param[in] request Request identifier (valid values vary + * based on the platform) + * \param[in] input Input buffer to the requested service (or NULL) + * \param[in,out] output Output buffer to the requested service (or NULL) + * + * \return Returns values as specified by the \ref tfm_platform_err_t + */ +enum tfm_platform_err_t tfm_platform_ioctl(tfm_platform_ioctl_req_t request, + psa_invec *input, + psa_outvec *output); + +/*! + * \brief Increments the given non-volatile (NV) counter by one + * + * \param[in] counter_id NV counter ID. + * + * \return TFM_PLATFORM_ERR_SUCCESS if the value is read correctly. Otherwise, + * it returns TFM_PLATFORM_ERR_SYSTEM_ERROR. + */ +enum tfm_platform_err_t +tfm_platform_nv_counter_increment(uint32_t counter_id); + +/*! + * \brief Reads the given non-volatile (NV) counter + * + * \param[in] counter_id NV counter ID. + * \param[in] size Size of the buffer to store NV counter value + * in bytes. + * \param[out] val Pointer to store the current NV counter value. + * + * \return TFM_PLATFORM_ERR_SUCCESS if the value is read correctly. Otherwise, + * it returns TFM_PLATFORM_ERR_SYSTEM_ERROR. + */ +enum tfm_platform_err_t +tfm_platform_nv_counter_read(uint32_t counter_id, + uint32_t size, uint8_t *val); + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_PLATFORM_API__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_veneers.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_veneers.h new file mode 100644 index 0000000..d2d9207 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/include/tfm_veneers.h @@ -0,0 +1,180 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/*********** WARNING: This is an auto-generated file. Do not edit! ***********/ + +#ifndef __TFM_VENEERS_H__ +#define __TFM_VENEERS_H__ + +#include "tfm_api.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#ifdef TFM_PARTITION_SECURE_STORAGE +/******** TFM_SP_STORAGE ********/ +psa_status_t tfm_tfm_sst_set_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_sst_get_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_sst_get_info_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_sst_remove_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_sst_get_support_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_SECURE_STORAGE */ + +#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE +/******** TFM_SP_ITS ********/ +psa_status_t tfm_tfm_its_set_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_its_get_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_its_get_info_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_its_remove_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_INTERNAL_TRUSTED_STORAGE */ + +#ifdef TFM_PARTITION_AUDIT_LOG +/******** TFM_SP_AUDIT_LOG ********/ +psa_status_t tfm_audit_core_retrieve_record_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_audit_core_add_record_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_audit_core_get_info_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_audit_core_get_record_info_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_audit_core_delete_record_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_AUDIT_LOG */ + +#ifdef TFM_PARTITION_CRYPTO +/******** TFM_SP_CRYPTO ********/ +psa_status_t tfm_tfm_crypto_get_key_attributes_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_open_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_close_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_reset_key_attributes_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_import_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_destroy_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_export_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_export_public_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_copy_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_hash_compute_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_hash_compare_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_hash_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_hash_update_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_hash_finish_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_hash_verify_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_hash_abort_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_hash_clone_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_mac_compute_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_mac_verify_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_mac_sign_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_mac_verify_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_mac_update_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_mac_sign_finish_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_mac_verify_finish_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_mac_abort_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_cipher_encrypt_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_cipher_decrypt_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_cipher_encrypt_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_cipher_decrypt_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_cipher_generate_iv_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_cipher_set_iv_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_cipher_update_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_cipher_finish_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_cipher_abort_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_encrypt_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_decrypt_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_encrypt_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_decrypt_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_generate_nonce_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_set_nonce_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_set_lengths_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_update_ad_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_update_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_finish_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_verify_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_abort_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_sign_hash_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_verify_hash_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_asymmetric_encrypt_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_asymmetric_decrypt_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_key_derivation_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_key_derivation_get_capacity_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_key_derivation_set_capacity_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_key_derivation_input_bytes_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_key_derivation_input_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_key_derivation_key_agreement_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_key_derivation_output_bytes_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_key_derivation_output_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_key_derivation_abort_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_raw_key_agreement_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_generate_random_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_generate_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_CRYPTO */ + +#ifdef TFM_PARTITION_PLATFORM +/******** TFM_SP_PLATFORM ********/ +psa_status_t tfm_platform_sp_system_reset_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_platform_sp_ioctl_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_platform_sp_nv_counter_read_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_platform_sp_nv_counter_increment_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_PLATFORM */ + +#ifdef TFM_PARTITION_INITIAL_ATTESTATION +/******** TFM_SP_INITIAL_ATTESTATION ********/ +psa_status_t tfm_initial_attest_get_token_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_initial_attest_get_token_size_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_initial_attest_get_public_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_INITIAL_ATTESTATION */ + +#ifdef TFM_PARTITION_TEST_CORE +/******** TFM_SP_CORE_TEST ********/ +psa_status_t tfm_spm_core_test_sfn_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_spm_core_test_sfn_init_success_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_spm_core_test_sfn_direct_recursion_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_TEST_CORE */ + +#ifdef TFM_PARTITION_TEST_CORE +/******** TFM_SP_CORE_TEST_2 ********/ +psa_status_t tfm_spm_core_test_2_slave_service_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_spm_core_test_2_sfn_invert_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_spm_core_test_2_check_caller_client_id_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_spm_core_test_2_get_every_second_byte_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_spm_core_test_2_prepare_test_scenario_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_spm_core_test_2_execute_test_scenario_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_TEST_CORE */ + +#ifdef TFM_PARTITION_TEST_SECURE_SERVICES +/******** TFM_SP_SECURE_TEST_PARTITION ********/ +psa_status_t tfm_tfm_secure_client_service_sfn_run_tests_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_TEST_SECURE_SERVICES */ + +#ifdef TFM_PARTITION_TEST_CORE_IPC +/******** TFM_SP_IPC_SERVICE_TEST ********/ +#endif /* TFM_PARTITION_TEST_CORE_IPC */ + +#ifdef TFM_PARTITION_TEST_CORE_IPC +/******** TFM_SP_IPC_CLIENT_TEST ********/ +#endif /* TFM_PARTITION_TEST_CORE_IPC */ + +#ifdef TFM_ENABLE_IRQ_TEST +/******** TFM_IRQ_TEST_1 ********/ +psa_status_t tfm_spm_irq_test_1_prepare_test_scenario_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_spm_irq_test_1_execute_test_scenario_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_ENABLE_IRQ_TEST */ + +#ifdef TFM_PARTITION_TEST_SST +/******** TFM_SP_SST_TEST ********/ +psa_status_t tfm_tfm_sst_test_prepare_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_TEST_SST */ + +#ifdef TFM_PARTITION_TEST_SECURE_SERVICES +/******** TFM_SP_SECURE_CLIENT_2 ********/ +psa_status_t tfm_tfm_secure_client_2_call_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_TEST_SECURE_SERVICES */ + +#ifdef TFM_MULTI_CORE_TEST +/******** TFM_SP_MULTI_CORE_TEST ********/ +#endif /* TFM_MULTI_CORE_TEST */ + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_VENEERS_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/src/tfm_crypto_ipc_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/src/tfm_crypto_ipc_api.c new file mode 100644 index 0000000..70b3a0d --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/src/tfm_crypto_ipc_api.c @@ -0,0 +1,1875 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include "tfm_crypto_defs.h" +#include "psa/crypto.h" +#include "tfm_ns_interface.h" +#include "psa_manifest/sid.h" +#include "psa/client.h" + +#define ARRAY_SIZE(arr) (sizeof(arr)/sizeof(arr[0])) + +#define PSA_CONNECT(service) \ + psa_handle_t ipc_handle; \ + ipc_handle = psa_connect(service##_SID, service##_VERSION); \ + if (!PSA_HANDLE_IS_VALID(ipc_handle)) { \ + return PSA_ERROR_GENERIC_ERROR; \ + } \ + +#define PSA_CLOSE() psa_close(ipc_handle) + +#define API_DISPATCH(sfn_name, sfn_id) \ + psa_call(ipc_handle, PSA_IPC_CALL, \ + in_vec, ARRAY_SIZE(in_vec), \ + out_vec, ARRAY_SIZE(out_vec)) + +#define API_DISPATCH_NO_OUTVEC(sfn_name, sfn_id) \ + psa_call(ipc_handle, PSA_IPC_CALL, \ + in_vec, ARRAY_SIZE(in_vec), \ + (psa_outvec *)NULL, 0) + +psa_status_t psa_crypto_init(void) +{ + /* Service init is performed during TFM boot up, + * so application level initialisation is empty + */ + return PSA_SUCCESS; +} + +psa_status_t psa_open_key(psa_key_id_t id, + psa_key_handle_t *handle) +{ +#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + const struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_OPEN_KEY_SID, + }; + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = &id, .len = sizeof(psa_key_id_t)}, + }; + psa_outvec out_vec[] = { + {.base = handle, .len = sizeof(psa_key_handle_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_open_key, + TFM_CRYPTO_OPEN_KEY); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ +} + +psa_status_t psa_close_key(psa_key_handle_t handle) +{ +#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + const struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_CLOSE_KEY_SID, + .key_handle = handle, + }; + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH_NO_OUTVEC(tfm_crypto_close_key, + TFM_CRYPTO_CLOSE_KEY);; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ +} + +psa_status_t psa_import_key(const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + psa_key_handle_t *handle) +{ +#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_IMPORT_KEY_SID, + }; + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = attributes, .len = sizeof(psa_key_attributes_t)}, + {.base = data, .len = data_length} + }; + psa_outvec out_vec[] = { + {.base = handle, .len = sizeof(psa_key_handle_t)} + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_import_key, + TFM_CRYPTO_IMPORT_KEY); + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ +} + +psa_status_t psa_destroy_key(psa_key_handle_t handle) +{ +#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_DESTROY_KEY_SID, + .key_handle = handle, + }; + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH_NO_OUTVEC(tfm_crypto_destroy_key, + TFM_CRYPTO_DESTROY_KEY); + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ +} + +psa_status_t psa_get_key_attributes(psa_key_handle_t handle, + psa_key_attributes_t *attributes) +{ +#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_GET_KEY_ATTRIBUTES_SID, + .key_handle = handle, + }; + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = attributes, .len = sizeof(psa_key_attributes_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_get_key_attributes, + TFM_CRYPTO_GET_KEY_ATTRIBUTES); + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ +} + +void psa_reset_key_attributes(psa_key_attributes_t *attributes) +{ +#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED + return; +#else + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_RESET_KEY_ATTRIBUTES_SID, + }; + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = attributes, .len = sizeof(psa_key_attributes_t)}, + }; + + psa_handle_t ipc_handle; + ipc_handle = psa_connect(TFM_CRYPTO_SID, TFM_CRYPTO_VERSION); + if (!PSA_HANDLE_IS_VALID(ipc_handle)) { + return; + } + + (void)API_DISPATCH(tfm_crypto_reset_key_attributes, + TFM_CRYPTO_RESET_KEY_ATTRIBUTES); + PSA_CLOSE(); + + return; +#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ +} + +psa_status_t psa_export_key(psa_key_handle_t handle, + uint8_t *data, + size_t data_size, + size_t *data_length) +{ +#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_EXPORT_KEY_SID, + .key_handle = handle, + }; + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = data, .len = data_size} + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_export_key, + TFM_CRYPTO_EXPORT_KEY); + + *data_length = out_vec[0].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ +} + +psa_status_t psa_export_public_key(psa_key_handle_t handle, + uint8_t *data, + size_t data_size, + size_t *data_length) +{ +#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_EXPORT_PUBLIC_KEY_SID, + .key_handle = handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = data, .len = data_size} + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_export_public_key, + TFM_CRYPTO_EXPORT_PUBLIC_KEY); + + *data_length = out_vec[0].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ +} + +psa_status_t psa_copy_key(psa_key_handle_t source_handle, + const psa_key_attributes_t *attributes, + psa_key_handle_t *target_handle) +{ +#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_COPY_KEY_SID, + .key_handle = source_handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = attributes, .len = sizeof(psa_key_attributes_t)}, + + }; + + psa_outvec out_vec[] = { + {.base = target_handle, .len = sizeof(psa_key_handle_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_copy_key, + TFM_CRYPTO_COPY_KEY); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ +} + +psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, + unsigned char *iv, + size_t iv_size, + size_t *iv_length) +{ +#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_CIPHER_GENERATE_IV_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + {.base = iv, .len = iv_size}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_cipher_generate_iv, + TFM_CRYPTO_CIPHER_GENERATE_IV); + + *iv_length = out_vec[1].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ +} + +psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, + const unsigned char *iv, + size_t iv_length) +{ +#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_CIPHER_SET_IV_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = iv, .len = iv_length}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_cipher_set_iv, + TFM_CRYPTO_CIPHER_SET_IV); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ +} + +psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg) +{ +#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID, + .key_handle = handle, + .alg = alg, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_cipher_encrypt_setup, + TFM_CRYPTO_CIPHER_ENCRYPT_SETUP); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ +} + +psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg) +{ +#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID, + .key_handle = handle, + .alg = alg, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_cipher_decrypt_setup, + TFM_CRYPTO_CIPHER_DECRYPT_SETUP); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ +} + +psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, + const uint8_t *input, + size_t input_length, + unsigned char *output, + size_t output_size, + size_t *output_length) +{ +#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_CIPHER_UPDATE_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = input, .len = input_length}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + {.base = output, .len = output_size} + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_cipher_update, + TFM_CRYPTO_CIPHER_UPDATE); + + *output_length = out_vec[1].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ +} + +psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation) +{ +#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_CIPHER_ABORT_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_cipher_abort, + TFM_CRYPTO_CIPHER_ABORT); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ +} + +psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ +#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_CIPHER_FINISH_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + {.base = output, .len = output_size}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_cipher_finish, + TFM_CRYPTO_CIPHER_FINISH); + + *output_length = out_vec[1].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ +} + +psa_status_t psa_hash_setup(psa_hash_operation_t *operation, + psa_algorithm_t alg) +{ +#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_HASH_SETUP_SID, + .alg = alg, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_hash_setup, + TFM_CRYPTO_HASH_SETUP); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */ +} + +psa_status_t psa_hash_update(psa_hash_operation_t *operation, + const uint8_t *input, + size_t input_length) +{ +#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_HASH_UPDATE_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = input, .len = input_length}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_hash_update, + TFM_CRYPTO_HASH_UPDATE); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */ +} + +psa_status_t psa_hash_finish(psa_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length) +{ +#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_HASH_FINISH_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + {.base = hash, .len = hash_size}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_hash_finish, + TFM_CRYPTO_HASH_FINISH); + + *hash_length = out_vec[1].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */ +} + +psa_status_t psa_hash_verify(psa_hash_operation_t *operation, + const uint8_t *hash, + size_t hash_length) +{ +#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_HASH_VERIFY_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = hash, .len = hash_length}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_hash_verify, + TFM_CRYPTO_HASH_VERIFY); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */ +} + +psa_status_t psa_hash_abort(psa_hash_operation_t *operation) +{ +#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_HASH_ABORT_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_hash_abort, + TFM_CRYPTO_HASH_ABORT); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */ +} + +psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, + psa_hash_operation_t *target_operation) +{ +#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_HASH_CLONE_SID, + .op_handle = source_operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = target_operation, .len = sizeof(psa_hash_operation_t)}, + }; + + if (target_operation && (target_operation->handle != 0)) { + return PSA_ERROR_BAD_STATE; + } + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_hash_clone, + TFM_CRYPTO_HASH_CLONE); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */ +} + +psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg) +{ +#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_MAC_SIGN_SETUP_SID, + .key_handle = handle, + .alg = alg, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_mac_sign_setup, + TFM_CRYPTO_MAC_SIGN_SETUP); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */ +} + +psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg) +{ +#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_MAC_VERIFY_SETUP_SID, + .key_handle = handle, + .alg = alg, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_mac_verify_setup, + TFM_CRYPTO_MAC_VERIFY_SETUP); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */ +} + +psa_status_t psa_mac_update(psa_mac_operation_t *operation, + const uint8_t *input, + size_t input_length) +{ +#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_MAC_UPDATE_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = input, .len = input_length}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_mac_update, + TFM_CRYPTO_MAC_UPDATE); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */ +} + +psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, + uint8_t *mac, + size_t mac_size, + size_t *mac_length) +{ +#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_MAC_SIGN_FINISH_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + {.base = mac, .len = mac_size}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_mac_sign_finish, + TFM_CRYPTO_MAC_SIGN_FINISH); + + *mac_length = out_vec[1].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */ +} + +psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, + const uint8_t *mac, + size_t mac_length) +{ +#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_MAC_VERIFY_FINISH_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = mac, .len = mac_length}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_mac_verify_finish, + TFM_CRYPTO_MAC_VERIFY_FINISH); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */ +} + +psa_status_t psa_mac_abort(psa_mac_operation_t *operation) +{ +#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_MAC_ABORT_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_mac_abort, + TFM_CRYPTO_MAC_ABORT); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */ +} + +psa_status_t psa_aead_encrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *plaintext, + size_t plaintext_length, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length) +{ +#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_AEAD_ENCRYPT_SID, + .key_handle = handle, + .alg = alg, + .aead_in = {.nonce = {0}, .nonce_length = nonce_length} + }; + + /* Sanitize the optional input */ + if ((additional_data == NULL) && (additional_data_length != 0)) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + size_t idx = 0; + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = plaintext, .len = plaintext_length}, + {.base = additional_data, .len = additional_data_length}, + }; + psa_outvec out_vec[] = { + {.base = ciphertext, .len = ciphertext_size}, + }; + + if (nonce_length > TFM_CRYPTO_MAX_NONCE_LENGTH) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + if (nonce != NULL) { + for (idx = 0; idx < nonce_length; idx++) { + iov.aead_in.nonce[idx] = nonce[idx]; + } + } + + PSA_CONNECT(TFM_CRYPTO); + + size_t in_len = ARRAY_SIZE(in_vec); + if (additional_data == NULL) { + in_len--; + } + status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len, + out_vec, ARRAY_SIZE(out_vec)); + + *ciphertext_length = out_vec[0].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */ +} + +psa_status_t psa_aead_decrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *ciphertext, + size_t ciphertext_length, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length) +{ +#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_AEAD_DECRYPT_SID, + .key_handle = handle, + .alg = alg, + .aead_in = {.nonce = {0}, .nonce_length = nonce_length} + }; + + /* Sanitize the optional input */ + if ((additional_data == NULL) && (additional_data_length != 0)) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + size_t idx = 0; + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = ciphertext, .len = ciphertext_length}, + {.base = additional_data, .len = additional_data_length}, + }; + psa_outvec out_vec[] = { + {.base = plaintext, .len = plaintext_size}, + }; + + if (nonce_length > TFM_CRYPTO_MAX_NONCE_LENGTH) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + if (nonce != NULL) { + for (idx = 0; idx < nonce_length; idx++) { + iov.aead_in.nonce[idx] = nonce[idx]; + } + } + + PSA_CONNECT(TFM_CRYPTO); + + size_t in_len = ARRAY_SIZE(in_vec); + if (additional_data == NULL) { + in_len--; + } + status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len, + out_vec, ARRAY_SIZE(out_vec)); + + *plaintext_length = out_vec[0].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */ +} + +psa_status_t psa_asymmetric_sign(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length) +{ + return psa_sign_hash(handle, alg, hash, hash_length, signature, signature_size, signature_length); +} + +psa_status_t psa_sign_hash(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length) +{ +#ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_SIGN_HASH_SID, + .key_handle = handle, + .alg = alg, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = hash, .len = hash_length}, + }; + psa_outvec out_vec[] = { + {.base = signature, .len = signature_size}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_sign_hash, + TFM_CRYPTO_SIGN_HASH); + + *signature_length = out_vec[0].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */ +} + +psa_status_t psa_asymmetric_verify(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length) +{ + return psa_verify_hash(handle, alg, hash, hash_length, signature, signature_length); +} + +psa_status_t psa_verify_hash(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length) +{ +#ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_VERIFY_HASH_SID, + .key_handle = handle, + .alg = alg + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = hash, .len = hash_length}, + {.base = signature, .len = signature_length} + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH_NO_OUTVEC(tfm_crypto_verify_hash, + TFM_CRYPTO_VERIFY_HASH); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */ +} + +psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ +#ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_ASYMMETRIC_ENCRYPT_SID, + .key_handle = handle, + .alg = alg + }; + + /* Sanitize the optional input */ + if ((salt == NULL) && (salt_length != 0)) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = input, .len = input_length}, + {.base = salt, .len = salt_length} + }; + + psa_outvec out_vec[] = { + {.base = output, .len = output_size}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + size_t in_len = ARRAY_SIZE(in_vec); + if (salt == NULL) { + in_len--; + } + status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len, + out_vec, ARRAY_SIZE(out_vec)); + + *output_length = out_vec[0].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */ +} + +psa_status_t psa_asymmetric_decrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ +#ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_ASYMMETRIC_DECRYPT_SID, + .key_handle = handle, + .alg = alg + }; + + /* Sanitize the optional input */ + if ((salt == NULL) && (salt_length != 0)) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = input, .len = input_length}, + {.base = salt, .len = salt_length} + }; + + psa_outvec out_vec[] = { + {.base = output, .len = output_size}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + size_t in_len = ARRAY_SIZE(in_vec); + if (salt == NULL) { + in_len--; + } + status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len, + out_vec, ARRAY_SIZE(out_vec)); + + *output_length = out_vec[0].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */ +} + +psa_status_t psa_key_derivation_get_capacity( + const psa_key_derivation_operation_t *operation, + size_t *capacity) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + + psa_outvec out_vec[] = { + {.base = capacity, .len = sizeof(size_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_key_derivation_get_capacity, + TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_key_derivation_output_bytes( + psa_key_derivation_operation_t *operation, + uint8_t *output, + size_t output_length) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + + psa_outvec out_vec[] = { + {.base = output, .len = output_length}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_key_derivation_output_bytes, + TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_key_derivation_input_key( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + psa_key_handle_t handle) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY_SID, + .key_handle = handle, + .step = step, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH_NO_OUTVEC(tfm_crypto_key_derivation_input_key, + TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_key_derivation_abort( + psa_key_derivation_operation_t *operation) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_KEY_DERIVATION_ABORT_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_key_derivation_abort, + TFM_CRYPTO_KEY_DERIVATION_ABORT); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_key_derivation_key_agreement( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + psa_key_handle_t private_key, + const uint8_t *peer_key, + size_t peer_key_length) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT_SID, + .key_handle = private_key, + .step = step, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = peer_key, .len = peer_key_length}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH_NO_OUTVEC(tfm_crypto_key_derivation_key_agreement, + TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_generate_random(uint8_t *output, + size_t output_size) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_GENERATE_RANDOM_SID, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + + psa_outvec out_vec[] = { + {.base = output, .len = output_size}, + }; + + if (output_size == 0) { + return PSA_SUCCESS; + } + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_generate_random, + TFM_CRYPTO_GENERATE_RANDOM); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, + psa_key_handle_t *handle) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_GENERATE_KEY_SID, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = attributes, .len = sizeof(psa_key_attributes_t)}, + }; + + psa_outvec out_vec[] = { + {.base = handle, .len = sizeof(psa_key_handle_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_generate_key, + TFM_CRYPTO_GENERATE_KEY); + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, + psa_key_type_t type, + const uint8_t *data, + size_t data_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_get_key_domain_parameters( + const psa_key_attributes_t *attributes, + uint8_t *data, + size_t data_size, + size_t *data_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_hash_compare(psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *hash, + const size_t hash_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, + const uint8_t *input, + size_t input_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_aead_finish(psa_aead_operation_t *operation, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length, + uint8_t *tag, + size_t tag_size, + size_t *tag_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_aead_verify(psa_aead_operation_t *operation, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length, + const uint8_t *tag, + size_t tag_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_aead_abort(psa_aead_operation_t *operation) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_mac_compute(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *mac, + size_t mac_size, + size_t *mac_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_mac_verify(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *mac, + const size_t mac_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_cipher_decrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, + psa_key_handle_t private_key, + const uint8_t *peer_key, + size_t peer_key_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_RAW_KEY_AGREEMENT_SID, + .alg = alg, + .key_handle = private_key + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = peer_key, .len = peer_key_length}, + }; + + psa_outvec out_vec[] = { + {.base = output, .len = output_size}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_raw_key_agreement, + TFM_CRYPTO_RAW_KEY_AGREEMENT); + + *output_length = out_vec[0].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation, + psa_algorithm_t alg) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_KEY_DERIVATION_SETUP_SID, + .alg = alg, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_key_derivation_setup, + TFM_CRYPTO_KEY_DERIVATION_SETUP); + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_key_derivation_set_capacity( + psa_key_derivation_operation_t *operation, + size_t capacity) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY_SID, + .capacity = capacity, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH_NO_OUTVEC(tfm_crypto_key_derivation_set_capacity, + TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY); + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_key_derivation_input_bytes( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES_SID, + .step = step, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = data, .len = data_length}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH_NO_OUTVEC(tfm_crypto_key_derivation_input_bytes, + TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES); + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_key_derivation_output_key( + const psa_key_attributes_t *attributes, + psa_key_derivation_operation_t *operation, + psa_key_handle_t *handle) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = attributes, .len = sizeof(psa_key_attributes_t)}, + }; + + psa_outvec out_vec[] = { + {.base = handle, .len = sizeof(psa_key_handle_t)} + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_key_derivation_output_key, + TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY); + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_hash_compute(psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *hash, + size_t hash_size, + size_t *hash_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, + uint8_t *nonce, + size_t nonce_size, + size_t *nonce_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, + const uint8_t *nonce, + size_t nonce_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, + size_t ad_length, + size_t plaintext_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_aead_update(psa_aead_operation_t *operation, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/src/tfm_initial_attestation_ipc_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/src/tfm_initial_attestation_ipc_api.c new file mode 100644 index 0000000..78f9dec --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/src/tfm_initial_attestation_ipc_api.c @@ -0,0 +1,105 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include "psa/initial_attestation.h" +#include "tfm_ns_interface.h" +#include "psa/client.h" +#include "psa/crypto_types.h" +#include "psa_manifest/sid.h" + +#define IOVEC_LEN(x) (sizeof(x)/sizeof(x[0])) + +psa_status_t +psa_initial_attest_get_token(const uint8_t *auth_challenge, + size_t challenge_size, + uint8_t *token_buf, + size_t token_buf_size, + size_t *token_size) +{ + psa_handle_t handle = PSA_NULL_HANDLE; + psa_status_t status; + + psa_invec in_vec[] = { + {auth_challenge, challenge_size} + }; + psa_outvec out_vec[] = { + {token_buf, token_buf_size} + }; + + handle = psa_connect(TFM_ATTEST_GET_TOKEN_SID, + TFM_ATTEST_GET_TOKEN_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_HANDLE_TO_ERROR(handle); + } + + status = psa_call(handle, PSA_IPC_CALL, + in_vec, IOVEC_LEN(in_vec), + out_vec, IOVEC_LEN(out_vec)); + psa_close(handle); + + if (status == PSA_SUCCESS) { + *token_size = out_vec[0].len; + } + + return status; +} + +psa_status_t +psa_initial_attest_get_token_size(size_t challenge_size, + size_t *token_size) +{ + psa_handle_t handle = PSA_NULL_HANDLE; + psa_status_t status; + psa_invec in_vec[] = { + {&challenge_size, sizeof(challenge_size)} + }; + psa_outvec out_vec[] = { + {token_size, sizeof(size_t)} + }; + + handle = psa_connect(TFM_ATTEST_GET_TOKEN_SIZE_SID, + TFM_ATTEST_GET_TOKEN_SIZE_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_HANDLE_TO_ERROR(handle); + } + + status = psa_call(handle, PSA_IPC_CALL, + in_vec, IOVEC_LEN(in_vec), + out_vec, IOVEC_LEN(out_vec)); + psa_close(handle); + + return status; +} + +psa_status_t +tfm_initial_attest_get_public_key(uint8_t *public_key, + size_t public_key_buf_size, + size_t *public_key_len, + psa_ecc_curve_t *elliptic_curve_type) +{ + psa_handle_t handle = PSA_NULL_HANDLE; + psa_status_t status; + + psa_outvec out_vec[] = { + {.base = public_key, .len = public_key_buf_size}, + {.base = elliptic_curve_type, .len = sizeof(*elliptic_curve_type)}, + {.base = public_key_len, .len = sizeof(*public_key_len)} + }; + + handle = psa_connect(TFM_ATTEST_GET_PUBLIC_KEY_SID, + TFM_ATTEST_GET_PUBLIC_KEY_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_HANDLE_TO_ERROR(handle); + } + + status = psa_call(handle, PSA_IPC_CALL, + NULL, 0, + out_vec, IOVEC_LEN(out_vec)); + psa_close(handle); + + return status; +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/src/tfm_its_ipc_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/src/tfm_its_ipc_api.c new file mode 100644 index 0000000..9326f7b --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/src/tfm_its_ipc_api.c @@ -0,0 +1,137 @@ +/* + * Copyright (c) 2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include "psa/internal_trusted_storage.h" +#include "tfm_api.h" + +#include "psa/client.h" +#include "psa_manifest/sid.h" + +#define IOVEC_LEN(x) (sizeof(x)/sizeof(x[0])) + +psa_status_t psa_its_set(psa_storage_uid_t uid, + size_t data_length, + const void *p_data, + psa_storage_create_flags_t create_flags) +{ + psa_status_t status; + psa_handle_t handle; + + psa_invec in_vec[] = { + { .base = &uid, .len = sizeof(uid) }, + { .base = p_data, .len = data_length }, + { .base = &create_flags, .len = sizeof(create_flags) } + }; + + handle = psa_connect(TFM_ITS_SET_SID, TFM_ITS_SET_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_ERROR_GENERIC_ERROR; + } + + status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), NULL, 0); + + psa_close(handle); + + if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + return status; +} + +psa_status_t psa_its_get(psa_storage_uid_t uid, + size_t data_offset, + size_t data_size, + void *p_data, + size_t *p_data_length) +{ + psa_status_t status; + psa_handle_t handle; + + psa_invec in_vec[] = { + { .base = &uid, .len = sizeof(uid) }, + { .base = &data_offset, .len = sizeof(data_offset) } + }; + + psa_outvec out_vec[] = { + { .base = p_data, .len = data_size } + }; + + if (p_data_length == NULL) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + handle = psa_connect(TFM_ITS_GET_SID, TFM_ITS_GET_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_ERROR_GENERIC_ERROR; + } + + status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec, + IOVEC_LEN(out_vec)); + + psa_close(handle); + + if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + *p_data_length = out_vec[0].len; + + return status; +} + +psa_status_t psa_its_get_info(psa_storage_uid_t uid, + struct psa_storage_info_t *p_info) +{ + psa_status_t status; + psa_handle_t handle; + + psa_invec in_vec[] = { + { .base = &uid, .len = sizeof(uid) } + }; + + psa_outvec out_vec[] = { + { .base = p_info, .len = sizeof(*p_info) } + }; + + handle = psa_connect(TFM_ITS_GET_INFO_SID, TFM_ITS_GET_INFO_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_ERROR_GENERIC_ERROR; + } + + status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec, + IOVEC_LEN(out_vec)); + + psa_close(handle); + + if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + return status; +} + +psa_status_t psa_its_remove(psa_storage_uid_t uid) +{ + psa_status_t status; + psa_handle_t handle; + + psa_invec in_vec[] = { + { .base = &uid, .len = sizeof(uid) } + }; + + handle = psa_connect(TFM_ITS_REMOVE_SID, TFM_ITS_REMOVE_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_ERROR_GENERIC_ERROR; + } + + status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), NULL, 0); + + psa_close(handle); + + return status; +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/src/tfm_platform_ipc_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/src/tfm_platform_ipc_api.c new file mode 100644 index 0000000..0c1edf4 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/src/tfm_platform_ipc_api.c @@ -0,0 +1,78 @@ +/* + * Copyright (c) 2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include +#include "tfm_platform_api.h" +#include "psa_manifest/sid.h" + +enum tfm_platform_err_t tfm_platform_system_reset(void) +{ + psa_status_t status = PSA_ERROR_CONNECTION_REFUSED; + psa_handle_t handle = PSA_NULL_HANDLE; + + handle = psa_connect(TFM_SP_PLATFORM_SYSTEM_RESET_SID, + TFM_SP_PLATFORM_SYSTEM_RESET_VERSION); + if (handle <= 0) { + return TFM_PLATFORM_ERR_SYSTEM_ERROR; + } + + status = psa_call(handle, PSA_IPC_CALL, + NULL, 0, NULL, 0); + psa_close(handle); + + if (status < PSA_SUCCESS) { + return TFM_PLATFORM_ERR_SYSTEM_ERROR; + } else { + return (enum tfm_platform_err_t) status; + } + +} + +enum tfm_platform_err_t +tfm_platform_ioctl(tfm_platform_ioctl_req_t request, + psa_invec *input, psa_outvec *output) +{ + tfm_platform_ioctl_req_t req = request; + struct psa_invec in_vec[2] = { {0} }; + size_t inlen, outlen; + psa_status_t status = PSA_ERROR_CONNECTION_REFUSED; + psa_handle_t handle = PSA_NULL_HANDLE; + + in_vec[0].base = &req; + in_vec[0].len = sizeof(req); + if (input != NULL) { + in_vec[1].base = input->base; + in_vec[1].len = input->len; + inlen = 2; + } else { + inlen = 1; + } + + if (output != NULL) { + outlen = 1; + } else { + outlen = 0; + } + + handle = psa_connect(TFM_SP_PLATFORM_IOCTL_SID, + TFM_SP_PLATFORM_IOCTL_VERSION); + if (handle <= 0) { + return TFM_PLATFORM_ERR_SYSTEM_ERROR; + } + + status = psa_call(handle, PSA_IPC_CALL, + in_vec, inlen, + output, outlen); + psa_close(handle); + + if (status < PSA_SUCCESS) { + return TFM_PLATFORM_ERR_SYSTEM_ERROR; + } else { + return (enum tfm_platform_err_t) status; + } +} + diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/src/tfm_sst_ipc_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/src/tfm_sst_ipc_api.c new file mode 100644 index 0000000..4130428 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_0/src/tfm_sst_ipc_api.c @@ -0,0 +1,183 @@ +/* + * Copyright (c) 2017-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include "psa/protected_storage.h" + +#include "tfm_ns_interface.h" +#include "psa_manifest/sid.h" + +#define IOVEC_LEN(x) (uint32_t)(sizeof(x)/sizeof(x[0])) + +psa_status_t psa_ps_set(psa_storage_uid_t uid, + size_t data_length, + const void *p_data, + psa_storage_create_flags_t create_flags) +{ + psa_status_t status; + psa_handle_t handle; + + psa_invec in_vec[] = { + { .base = &uid, .len = sizeof(uid) }, + { .base = p_data, .len = data_length }, + { .base = &create_flags, .len = sizeof(create_flags) } + }; + + handle = psa_connect(TFM_SST_SET_SID, TFM_SST_SET_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_ERROR_GENERIC_ERROR; + } + + status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), + NULL, 0); + + psa_close(handle); + + /* A parameter with a buffer pointer pointer that has data length longer + * than maximum permitted is treated as a secure violation. + * TF-M framework rejects the request with TFM_ERROR_INVALID_PARAMETER. + */ + if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + return status; +} + +psa_status_t psa_ps_get(psa_storage_uid_t uid, + size_t data_offset, + size_t data_size, + void *p_data, + size_t *p_data_length) +{ + psa_status_t status; + psa_handle_t handle; + + psa_invec in_vec[] = { + { .base = &uid, .len = sizeof(uid) }, + { .base = &data_offset, .len = sizeof(data_offset) } + }; + + psa_outvec out_vec[] = { + { .base = p_data, .len = data_size } + }; + + if (p_data_length == NULL) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + handle = psa_connect(TFM_SST_GET_SID, TFM_SST_GET_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_ERROR_GENERIC_ERROR; + } + + status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec, + IOVEC_LEN(out_vec)); + + psa_close(handle); + + *p_data_length = out_vec[0].len; + + return status; +} + +psa_status_t psa_ps_get_info(psa_storage_uid_t uid, + struct psa_storage_info_t *p_info) +{ + psa_status_t status; + psa_handle_t handle; + + psa_invec in_vec[] = { + { .base = &uid, .len = sizeof(uid) } + }; + + psa_outvec out_vec[] = { + { .base = p_info, .len = sizeof(*p_info) } + }; + + handle = psa_connect(TFM_SST_GET_INFO_SID, TFM_SST_GET_INFO_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_ERROR_GENERIC_ERROR; + } + + status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec, + IOVEC_LEN(out_vec)); + + psa_close(handle); + + return status; +} + +psa_status_t psa_ps_remove(psa_storage_uid_t uid) +{ + psa_status_t status; + psa_handle_t handle; + + psa_invec in_vec[] = { + { .base = &uid, .len = sizeof(uid) } + }; + + + handle = psa_connect(TFM_SST_REMOVE_SID, TFM_SST_REMOVE_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_ERROR_GENERIC_ERROR; + } + + status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), + NULL, 0); + + psa_close(handle); + + return status; +} + +psa_status_t psa_ps_create(psa_storage_uid_t uid, size_t size, + psa_storage_create_flags_t create_flags) +{ + (void)uid; + (void)size; + (void)create_flags; + + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t psa_ps_set_extended(psa_storage_uid_t uid, size_t data_offset, + size_t data_length, const void *p_data) +{ + (void)uid; + (void)data_offset; + (void)data_length; + (void)p_data; + + return PSA_ERROR_NOT_SUPPORTED; +} + +uint32_t psa_ps_get_support(void) +{ + /* Initialise support_flags to a sensible default, to avoid returning an + * uninitialised value in case the secure function fails. + */ + uint32_t support_flags = 0; + psa_handle_t handle; + + psa_outvec out_vec[] = { + { .base = &support_flags, .len = sizeof(support_flags) } + }; + + /* The PSA API does not return an error, so any error from TF-M is + * ignored. + */ + handle = psa_connect(TFM_SST_GET_SUPPORT_SID, TFM_SST_GET_SUPPORT_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return support_flags; + } + + (void)psa_call(handle, PSA_IPC_CALL, NULL, 0, out_vec, IOVEC_LEN(out_vec)); + + psa_close(handle); + + return support_flags; +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_DUALCPU/src/platform_multicore.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_DUALCPU/src/platform_multicore.c new file mode 100644 index 0000000..e860ae0 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_DUALCPU/src/platform_multicore.c @@ -0,0 +1,131 @@ +/* + * Copyright (c) 2019 Arm Limited. All rights reserved. + * Copyright (c) 2019 Cypress Semiconductor Corporation. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include "cmsis_compiler.h" + +#include "platform_multicore.h" +#include "tfm_multi_core_api.h" +#include "tfm_ns_mailbox.h" + +#include "cy_ipc_drv.h" +#include "cy_sysint.h" +#if CY_SYSTEM_CPU_CM0P +#include "spe_ipc_config.h" +#else +#include "ns_ipc_config.h" +#endif + +int platform_mailbox_fetch_msg_ptr(void **msg_ptr) +{ + cy_en_ipcdrv_status_t status; + + if (!msg_ptr) { + return PLATFORM_MAILBOX_INVAL_PARAMS; + } + + status = Cy_IPC_Drv_ReadMsgPtr(Cy_IPC_Drv_GetIpcBaseAddress(IPC_RX_CHAN), + msg_ptr); + if (status != CY_IPC_DRV_SUCCESS) { + return PLATFORM_MAILBOX_RX_ERROR; + } + + Cy_IPC_Drv_ReleaseNotify(Cy_IPC_Drv_GetIpcBaseAddress(IPC_RX_CHAN), + IPC_RX_RELEASE_MASK); + return PLATFORM_MAILBOX_SUCCESS; +} + +int platform_mailbox_fetch_msg_data(uint32_t *data_ptr) +{ + cy_en_ipcdrv_status_t status; + + if (!data_ptr) { + return PLATFORM_MAILBOX_INVAL_PARAMS; + } + + status = Cy_IPC_Drv_ReadMsgWord(Cy_IPC_Drv_GetIpcBaseAddress(IPC_RX_CHAN), + data_ptr); + if (status != CY_IPC_DRV_SUCCESS) { + return PLATFORM_MAILBOX_RX_ERROR; + } + + Cy_IPC_Drv_ReleaseNotify(Cy_IPC_Drv_GetIpcBaseAddress(IPC_RX_CHAN), + IPC_RX_RELEASE_MASK); + return PLATFORM_MAILBOX_SUCCESS; +} + +int platform_mailbox_send_msg_ptr(const void *msg_ptr) +{ + cy_en_ipcdrv_status_t status; + + if (!msg_ptr) + return PLATFORM_MAILBOX_INVAL_PARAMS; + + status = Cy_IPC_Drv_SendMsgPtr(Cy_IPC_Drv_GetIpcBaseAddress(IPC_TX_CHAN), + IPC_TX_NOTIFY_MASK, msg_ptr); + if (status != CY_IPC_DRV_SUCCESS) { + return PLATFORM_MAILBOX_TX_ERROR; + } + + return PLATFORM_MAILBOX_SUCCESS; +} + +int platform_mailbox_send_msg_data(uint32_t data) +{ + cy_en_ipcdrv_status_t status; + + status = Cy_IPC_Drv_SendMsgWord(Cy_IPC_Drv_GetIpcBaseAddress(IPC_TX_CHAN), + IPC_TX_NOTIFY_MASK, data); + if (status != CY_IPC_DRV_SUCCESS) { + return PLATFORM_MAILBOX_TX_ERROR; + } + + return PLATFORM_MAILBOX_SUCCESS; +} + +void platform_mailbox_wait_for_notify(void) +{ + uint32_t status; + + while (1) { + status = Cy_IPC_Drv_GetInterruptStatusMasked( + Cy_IPC_Drv_GetIntrBaseAddr(IPC_RX_INTR_STRUCT)); + status >>= CY_IPC_NOTIFY_SHIFT; + if (status & IPC_RX_INT_MASK) { + break; + } + } + + Cy_IPC_Drv_ClearInterrupt(Cy_IPC_Drv_GetIntrBaseAddr(IPC_RX_INTR_STRUCT), + 0, IPC_RX_INT_MASK); +} + +int platform_ns_ipc_init(void) +{ + Cy_IPC_Drv_SetInterruptMask(Cy_IPC_Drv_GetIntrBaseAddr(IPC_RX_INTR_STRUCT), + 0, IPC_RX_INT_MASK); + return PLATFORM_MAILBOX_SUCCESS; +} + +int32_t tfm_platform_ns_wait_for_s_cpu_ready(void) +{ + uint32_t data = 0; + + if (platform_ns_ipc_init() != PLATFORM_MAILBOX_SUCCESS) { + return PLATFORM_MAILBOX_INVAL_PARAMS; + } + while(data != IPC_SYNC_MAGIC) + { + platform_mailbox_wait_for_notify(); + platform_mailbox_fetch_msg_data(&data); + } + + if (platform_mailbox_send_msg_data(~IPC_SYNC_MAGIC) != + PLATFORM_MAILBOX_SUCCESS) { + return PLATFORM_MAILBOX_RX_ERROR; + } + return PLATFORM_MAILBOX_SUCCESS; +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_DUALCPU/src/platform_ns_mailbox.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_DUALCPU/src/platform_ns_mailbox.c new file mode 100644 index 0000000..af08ac1 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_DUALCPU/src/platform_ns_mailbox.c @@ -0,0 +1,309 @@ +/* + * Copyright (c) 2019-2020, Arm Limited. All rights reserved. + * Copyright (c) 2019, Cypress Semiconductor Corporation. All rights reserved + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* -------------------------------------- Includes ----------------------------------- */ +#include +#include + +#include "cmsis_compiler.h" + +#include "cy_ipc_drv.h" +#include "cy_sysint.h" +#include "cy_ipc_sema.h" + +#include "ns_ipc_config.h" +#include "tfm_ns_mailbox.h" +#include "platform_multicore.h" +#include "cmsis_os2.h" + +static uint8_t saved_irq_state = 1; + +/* -------------------------------------- HAL API ------------------------------------ */ + +static void mailbox_ipc_init(void) +{ + Cy_IPC_Drv_SetInterruptMask(Cy_IPC_Drv_GetIntrBaseAddr(IPC_RX_INTR_STRUCT), + 0, IPC_RX_INT_MASK); +} + +static void mailbox_ipc_config(void) +{ + NVIC_SetPriority(PSA_CLIENT_REPLY_NVIC_IRQn, PSA_CLIENT_REPLY_IRQ_PRIORITY); + + NVIC_EnableIRQ(PSA_CLIENT_REPLY_NVIC_IRQn); +} + +int32_t tfm_ns_mailbox_hal_notify_peer(void) +{ + cy_en_ipcdrv_status_t status; + + status = Cy_IPC_Drv_SendMsgWord(Cy_IPC_Drv_GetIpcBaseAddress(IPC_TX_CHAN), + IPC_TX_NOTIFY_MASK, + PSA_CLIENT_CALL_REQ_MAGIC); + + if (status == CY_IPC_DRV_SUCCESS) { + return MAILBOX_SUCCESS; + } else { + return MAILBOX_CHAN_BUSY; + } +} + +static int32_t mailbox_sema_init(void) +{ + /* semaphore data */ + static uint32_t tfm_sema __attribute__((section("TFM_SHARED_DATA"))); + + if (Cy_IPC_Sema_Init(PLATFORM_MAILBOX_IPC_CHAN_SEMA, + sizeof(tfm_sema) * CHAR_BIT, + &tfm_sema) != CY_IPC_SEMA_SUCCESS) { + return PLATFORM_MAILBOX_INIT_ERROR; + } + return PLATFORM_MAILBOX_SUCCESS; +} + +int32_t tfm_ns_mailbox_hal_init(struct ns_mailbox_queue_t *queue) +{ + uint32_t stage; + + if (!queue) { + return MAILBOX_INVAL_PARAMS; + } + + /* Init semaphores used for critical sections */ + if (mailbox_sema_init() != PLATFORM_MAILBOX_SUCCESS) + return MAILBOX_INIT_ERROR; + + /* + * FIXME + * Further verification of mailbox queue address may be required according + * to diverse NSPE implementations. + */ + + mailbox_ipc_init(); + + /* + * Wait until SPE mailbox library is ready to receive NSPE mailbox queue + * address. + */ + while (1) { + platform_mailbox_wait_for_notify(); + + platform_mailbox_fetch_msg_data(&stage); + if (stage == NS_MAILBOX_INIT_ENABLE) { + break; + } + } + + /* Send out the address */ + platform_mailbox_send_msg_ptr(queue); + + /* Wait until SPE mailbox service is ready */ + while (1) { + platform_mailbox_wait_for_notify(); + + platform_mailbox_fetch_msg_data(&stage); + if (stage == S_MAILBOX_READY) { + break; + } + } + + mailbox_ipc_config(); + + return MAILBOX_SUCCESS; +} + +const void *tfm_ns_mailbox_get_task_handle(void) +{ +#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL + return osThreadGetId(); +#else + return NULL; +#endif +} + +void tfm_ns_mailbox_hal_wait_reply(mailbox_msg_handle_t handle) +{ + osThreadFlagsWait(handle, osFlagsWaitAll, osWaitForever); +} + +static cy_en_ipcsema_status_t mailbox_raw_spin_lock(uint32_t ipc_channel, + uint32_t sema_num) +{ + uint32_t semaIndex; + uint32_t semaMask; + cy_stc_ipc_sema_t *semaStruct; + cy_en_ipcdrv_status_t acqStatus; + cy_en_ipcsema_status_t ret = CY_IPC_SEMA_BAD_PARAM; + bool is_lock = false; + IPC_STRUCT_Type *semaIpcStruct; + + /* Get IPC register structure */ + semaIpcStruct = Cy_IPC_Drv_GetIpcBaseAddress(ipc_channel); + /* Get pointer to structure */ + semaStruct = (cy_stc_ipc_sema_t *)Cy_IPC_Drv_ReadDataValue(semaIpcStruct); + + if (sema_num < semaStruct->maxSema) { + semaIndex = sema_num / CY_IPC_SEMA_PER_WORD; + semaMask = (uint32_t)(1ul << (sema_num - \ + (semaIndex * CY_IPC_SEMA_PER_WORD))); + + while (!is_lock) { + /* Check to make sure the IPC channel is released + If so, check if specific channel can be locked. */ + do { + acqStatus = Cy_IPC_Drv_LockAcquire(semaIpcStruct); + } while (acqStatus != CY_IPC_DRV_SUCCESS); + + if ((semaStruct->arrayPtr[semaIndex] & semaMask) == 0ul) { + semaStruct->arrayPtr[semaIndex] |= semaMask; + is_lock = true; + } + + /* Release, but do not trigger a release event */ + (void)Cy_IPC_Drv_LockRelease(semaIpcStruct, + CY_IPC_NO_NOTIFICATION); + + if (!is_lock) { + /* + * The secure core is occupying this lock. Insert a small delay + * to give the secure core a chance to acquire the IPC channel + * and release the lock. + * Otherwise, the secure core may not be able to release the + * lock if non-secure core has higher CPU frequency. It will + * generate a deadlock. + * This delay won't harm performance too much since non-secure + * core has to busy wait here anyway. + * Alternatively, non-secure core can wait for release + * notification event from secure core. However, it is more + * complex and requires more code and more modifications. + */ + volatile uint32_t count = 1000; + while(count > 0) { + count--; + } + Cy_IPC_Sema_Status(sema_num); + } + } + + ret = CY_IPC_SEMA_SUCCESS; + } + + return ret; +} + +static cy_en_ipcsema_status_t mailbox_raw_spin_unlock(uint32_t ipc_channel, + uint32_t sema_num) +{ + uint32_t semaIndex; + uint32_t semaMask; + cy_stc_ipc_sema_t *semaStruct; + cy_en_ipcdrv_status_t acqStatus; + cy_en_ipcsema_status_t ret = CY_IPC_SEMA_BAD_PARAM; + bool is_unlock = false; + IPC_STRUCT_Type *semaIpcStruct; + + /* Get IPC register structure */ + semaIpcStruct = Cy_IPC_Drv_GetIpcBaseAddress(ipc_channel); + /* Get pointer to structure */ + semaStruct = (cy_stc_ipc_sema_t *)Cy_IPC_Drv_ReadDataValue(semaIpcStruct); + + if (sema_num < semaStruct->maxSema) { + semaIndex = sema_num / CY_IPC_SEMA_PER_WORD; + semaMask = (uint32_t)(1ul << (sema_num - \ + (semaIndex * CY_IPC_SEMA_PER_WORD))); + + while (!is_unlock) { + /* Check to make sure the IPC channel is released + If so, check if specific channel can be locked. */ + do { + acqStatus = Cy_IPC_Drv_LockAcquire(semaIpcStruct); + } while (acqStatus != CY_IPC_DRV_SUCCESS); + + if ((semaStruct->arrayPtr[semaIndex] & semaMask) != 0ul) { + semaStruct->arrayPtr[semaIndex] &= ~semaMask; + is_unlock = true; + } + + /* Release, but do not trigger a release event */ + (void)Cy_IPC_Drv_LockRelease(semaIpcStruct, + CY_IPC_NO_NOTIFICATION); + } + + ret = CY_IPC_SEMA_SUCCESS; + } + + return ret; +} + +void tfm_ns_mailbox_hal_enter_critical(void) +{ + saved_irq_state = Cy_SysLib_EnterCriticalSection(); + + mailbox_raw_spin_lock(CY_IPC_CHAN_SEMA, MAILBOX_SEMAPHORE_NUM); +} + +void tfm_ns_mailbox_hal_exit_critical(void) +{ + mailbox_raw_spin_unlock(CY_IPC_CHAN_SEMA, MAILBOX_SEMAPHORE_NUM); + + Cy_SysLib_ExitCriticalSection(saved_irq_state); +} + +void tfm_ns_mailbox_hal_enter_critical_isr(void) +{ + mailbox_raw_spin_lock(CY_IPC_CHAN_SEMA, MAILBOX_SEMAPHORE_NUM); +} + +void tfm_ns_mailbox_hal_exit_critical_isr(void) +{ + mailbox_raw_spin_unlock(CY_IPC_CHAN_SEMA, MAILBOX_SEMAPHORE_NUM); +} + +static bool mailbox_clear_intr(void) +{ + uint32_t status; + + status = Cy_IPC_Drv_GetInterruptStatusMasked( + Cy_IPC_Drv_GetIntrBaseAddr(IPC_RX_INTR_STRUCT)); + status >>= CY_IPC_NOTIFY_SHIFT; + if ((status & IPC_RX_INT_MASK) == 0) { + return false; + } + + Cy_IPC_Drv_ClearInterrupt(Cy_IPC_Drv_GetIntrBaseAddr(IPC_RX_INTR_STRUCT), + 0, IPC_RX_INT_MASK); + return true; +} + +void cpuss_interrupts_ipc_5_IRQHandler(void) +{ + uint32_t magic; + mailbox_msg_handle_t handle; + osThreadId_t task_handle; + + if (!mailbox_clear_intr()) + return; + + platform_mailbox_fetch_msg_data(&magic); + if (magic == PSA_CLIENT_CALL_REPLY_MAGIC) { + /* Handle all the pending replies */ + while (1) { + handle = tfm_ns_mailbox_fetch_reply_msg_isr(); + if (handle == MAILBOX_MSG_NULL_HANDLE) { + break; + } + + task_handle = (osThreadId_t)tfm_ns_mailbox_get_msg_owner(handle); + if (task_handle) { + /* According to the description of CMSIS-RTOS v2 Thread Flags, + * osThreadFlagsSet() can be called inside Interrupt Service + * Routine. */ + osThreadFlagsSet(task_handle, handle); + } + } + } +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_DUALCPU/src/tfm_mbed_boot.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_DUALCPU/src/tfm_mbed_boot.c new file mode 100644 index 0000000..c8d595f --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_DUALCPU/src/tfm_mbed_boot.c @@ -0,0 +1,67 @@ +/* mbed Microcontroller Library + * Copyright (c) 2020 ARM Limited + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "mbed_error.h" +#include "tfm_multi_core_api.h" +#include "tfm_ns_mailbox.h" +#include "platform_multicore.h" +#include "tfm_ns_interface.h" + +static struct ns_mailbox_queue_t ns_mailbox_queue; + +void mbed_tfm_init(void) +{ + /* + * In case the of dual CPU, we need to initialize IPC, mailbox + * and NS interface after the RTOS has started to enable + * communication from Secure and Non-Secure cores. + */ + int32_t ret; + + ret = tfm_ns_wait_for_s_cpu_ready(); + /* + * Normally would expect "TFM_SUCCESS" returned here by TF-M, as this + * isn't a mailbox function. There may be some platforms other than PSoC6, + * which doesn't require tfm_ns_wait_for_s_cpu_ready() implementation. + * "PLATFORM_MAILBOX_SUCCESS" is a low-level error code and should be + * replaced by "TFM_SUCCESS". + * As the function definition has been imported from the TF-M, therefore + * a issue has been raised - https://developer.trustedfirmware.org/T660 + */ + if (ret != PLATFORM_MAILBOX_SUCCESS) { + /* Avoid undefined behavior after multi-core sync-up failed */ + MBED_ERROR(MBED_MAKE_ERROR(MBED_MODULE_PLATFORM, + MBED_ERROR_CODE_INITIALIZATION_FAILED), + "Failed to sync-up multi-core"); + } + + ret = tfm_ns_mailbox_init(&ns_mailbox_queue); + if (ret != MAILBOX_SUCCESS) { + /* Avoid undefined behavior after NS mailbox initialization failed */ + MBED_ERROR(MBED_MAKE_ERROR(MBED_MODULE_PLATFORM, + MBED_ERROR_CODE_INITIALIZATION_FAILED), + "Failed to initialize NS mailbox"); + } + + ret = tfm_ns_interface_init(); + if (ret != TFM_SUCCESS) { + /* Avoid undefined behavior after NS interface initialization failed */ + MBED_ERROR(MBED_MAKE_ERROR(MBED_MODULE_PLATFORM, + MBED_ERROR_CODE_INITIALIZATION_FAILED), + "Failed to initialize NS interface"); + } +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_DUALCPU/src/tfm_multi_core_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_DUALCPU/src/tfm_multi_core_api.c new file mode 100644 index 0000000..b58738f --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_DUALCPU/src/tfm_multi_core_api.c @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include "tfm_api.h" +#include "tfm_mailbox.h" +#include "tfm_multi_core_api.h" +#include "cmsis_os2.h" + +#define MAX_SEMAPHORE_COUNT NUM_MAILBOX_QUEUE_SLOT + +static osSemaphoreId_t ns_lock_handle = NULL; + +__attribute__((weak)) +enum tfm_status_e tfm_ns_interface_init(void) +{ + osSemaphoreAttr_t sema_attrib = {0}; + + ns_lock_handle = osSemaphoreNew(MAX_SEMAPHORE_COUNT, + MAX_SEMAPHORE_COUNT, + &sema_attrib); + if (!ns_lock_handle) { + return TFM_ERROR_GENERIC; + } + + return TFM_SUCCESS; +} + +int32_t tfm_ns_wait_for_s_cpu_ready(void) +{ + return tfm_platform_ns_wait_for_s_cpu_ready(); +} + +uint32_t tfm_ns_multi_core_lock_acquire(void) +{ + return osSemaphoreAcquire(ns_lock_handle, osWaitForever); +} + +uint32_t tfm_ns_multi_core_lock_release(void) +{ + return osSemaphoreRelease(ns_lock_handle); +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_DUALCPU/src/tfm_multi_core_psa_ns_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_DUALCPU/src/tfm_multi_core_psa_ns_api.c new file mode 100644 index 0000000..3af3af8 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_DUALCPU/src/tfm_multi_core_psa_ns_api.c @@ -0,0 +1,224 @@ +/* + * Copyright (c) 2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include +#include + +#include "psa/client.h" +#include "psa/error.h" +#include "tfm_api.h" +#include "tfm_multi_core_api.h" +#include "tfm_ns_mailbox.h" + +/* + * TODO + * Currently, force all the non-secure client to share the same ID. + * + * It requires a more clear mechanism to synchronize the non-secure client + * ID with SPE in dual core scenario. + * In current design, the value is transferred to SPE via mailbox message. + * A dedicated routine to receive the non-secure client information in + * TF-M core/SPM in dual core scenario should be added besides current + * implementation for single Armv8-M. + * The non-secure client identification is shared with SPE in + * single Armv8-M scenario via CMSIS TrustZone context management API, + * which may not work in dual core scenario. + */ +#define NON_SECURE_CLIENT_ID (1) + +/* + * TODO + * Require a formal definition of errors related to mailbox in PSA client call. + */ +#define PSA_INTER_CORE_COMM_ERR (INT32_MIN + 0xFF) + +static void mailbox_wait_reply(mailbox_msg_handle_t handle) +{ + /* + * If the system can support multiple outstanding NS PSA Client calls, call + * tfm_ns_mailbox_wait_reply() to sleep and wait for reply. The NS side + * should implement tfm_ns_mailbox_hal_wait_reply() and wake-up mechanism. + * Otherwise, by default, call tfm_ns_mailbox_is_msg_replied() to simply + * poll the reply status of the mailbox message of current thread. + */ +#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL + tfm_ns_mailbox_wait_reply(handle); +#else + while (!tfm_ns_mailbox_is_msg_replied(handle)) { + } +#endif +} + +/**** API functions ****/ + +uint32_t psa_framework_version(void) +{ + struct psa_client_params_t params; + mailbox_msg_handle_t handle; + uint32_t version; + int32_t ret; + + if (tfm_ns_multi_core_lock_acquire() != TFM_SUCCESS) { + return PSA_VERSION_NONE; + } + + handle = tfm_ns_mailbox_tx_client_req(MAILBOX_PSA_FRAMEWORK_VERSION, + ¶ms, NON_SECURE_CLIENT_ID); + if (handle < 0) { + tfm_ns_multi_core_lock_release(); + return PSA_VERSION_NONE; + } + + mailbox_wait_reply(handle); + + ret = tfm_ns_mailbox_rx_client_reply(handle, (int32_t *)&version); + if (ret != MAILBOX_SUCCESS) { + version = PSA_VERSION_NONE; + } + + if (tfm_ns_multi_core_lock_release() != TFM_SUCCESS) { + return PSA_VERSION_NONE; + } + + return version; +} + +uint32_t psa_version(uint32_t sid) +{ + struct psa_client_params_t params; + mailbox_msg_handle_t handle; + uint32_t version; + int32_t ret; + + params.psa_version_params.sid = sid; + + if (tfm_ns_multi_core_lock_acquire() != TFM_SUCCESS) { + return PSA_VERSION_NONE; + } + + handle = tfm_ns_mailbox_tx_client_req(MAILBOX_PSA_VERSION, ¶ms, + NON_SECURE_CLIENT_ID); + if (handle < 0) { + tfm_ns_multi_core_lock_release(); + return PSA_VERSION_NONE; + } + + mailbox_wait_reply(handle); + + ret = tfm_ns_mailbox_rx_client_reply(handle, (int32_t *)&version); + if (ret != MAILBOX_SUCCESS) { + version = PSA_VERSION_NONE; + } + + if (tfm_ns_multi_core_lock_release() != TFM_SUCCESS) { + return PSA_VERSION_NONE; + } + + return version; +} + +psa_handle_t psa_connect(uint32_t sid, uint32_t version) +{ + struct psa_client_params_t params; + mailbox_msg_handle_t handle; + psa_handle_t psa_handle; + int32_t ret; + + params.psa_connect_params.sid = sid; + params.psa_connect_params.version = version; + + if (tfm_ns_multi_core_lock_acquire() != TFM_SUCCESS) { + return PSA_NULL_HANDLE; + } + + handle = tfm_ns_mailbox_tx_client_req(MAILBOX_PSA_CONNECT, ¶ms, + NON_SECURE_CLIENT_ID); + if (handle < 0) { + tfm_ns_multi_core_lock_release(); + return PSA_NULL_HANDLE; + } + + mailbox_wait_reply(handle); + + ret = tfm_ns_mailbox_rx_client_reply(handle, (int32_t *)&psa_handle); + if (ret != MAILBOX_SUCCESS) { + psa_handle = PSA_NULL_HANDLE; + } + + if (tfm_ns_multi_core_lock_release() != TFM_SUCCESS) { + return PSA_NULL_HANDLE; + } + + return psa_handle; +} + +psa_status_t psa_call(psa_handle_t handle, int32_t type, + const psa_invec *in_vec, size_t in_len, + psa_outvec *out_vec, size_t out_len) +{ + struct psa_client_params_t params; + mailbox_msg_handle_t msg_handle; + int32_t ret; + psa_status_t status; + + params.psa_call_params.handle = handle; + params.psa_call_params.type = type; + params.psa_call_params.in_vec = in_vec; + params.psa_call_params.in_len = in_len; + params.psa_call_params.out_vec = out_vec; + params.psa_call_params.out_len = out_len; + + if (tfm_ns_multi_core_lock_acquire() != TFM_SUCCESS) { + return PSA_ERROR_GENERIC_ERROR; + } + + msg_handle = tfm_ns_mailbox_tx_client_req(MAILBOX_PSA_CALL, ¶ms, + NON_SECURE_CLIENT_ID); + if (msg_handle < 0) { + tfm_ns_multi_core_lock_release(); + return PSA_INTER_CORE_COMM_ERR; + } + + mailbox_wait_reply(msg_handle); + + ret = tfm_ns_mailbox_rx_client_reply(msg_handle, (int32_t *)&status); + if (ret != MAILBOX_SUCCESS) { + status = PSA_INTER_CORE_COMM_ERR; + } + + if (tfm_ns_multi_core_lock_release() != TFM_SUCCESS) { + return PSA_ERROR_GENERIC_ERROR; + } + + return status; +} + +void psa_close(psa_handle_t handle) +{ + struct psa_client_params_t params; + mailbox_msg_handle_t msg_handle; + int32_t reply; + + params.psa_close_params.handle = handle; + + if (tfm_ns_multi_core_lock_acquire() != TFM_SUCCESS) { + return; + } + + msg_handle = tfm_ns_mailbox_tx_client_req(MAILBOX_PSA_CLOSE, ¶ms, + NON_SECURE_CLIENT_ID); + if (msg_handle < 0) { + tfm_ns_multi_core_lock_release(); + return; + } + + mailbox_wait_reply(msg_handle); + + (void)tfm_ns_mailbox_rx_client_reply(msg_handle, &reply); + + tfm_ns_multi_core_lock_release(); +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_DUALCPU/src/tfm_ns_mailbox.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_DUALCPU/src/tfm_ns_mailbox.c new file mode 100644 index 0000000..f7326f0 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_DUALCPU/src/tfm_ns_mailbox.c @@ -0,0 +1,425 @@ +/* + * Copyright (c) 2019-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include +#include "tfm_ns_mailbox.h" + +/* The pointer to NSPE mailbox queue */ +static struct ns_mailbox_queue_t *mailbox_queue_ptr = NULL; + +static inline void clear_queue_slot_empty(uint8_t idx) +{ + if (idx < NUM_MAILBOX_QUEUE_SLOT) { + mailbox_queue_ptr->empty_slots &= ~(1 << idx); + } +} + +static inline void set_queue_slot_empty(uint8_t idx) +{ + if (idx < NUM_MAILBOX_QUEUE_SLOT) { + mailbox_queue_ptr->empty_slots |= (1 << idx); + } +} + +static inline void set_queue_slot_pend(uint8_t idx) +{ + if (idx < NUM_MAILBOX_QUEUE_SLOT) { + mailbox_queue_ptr->pend_slots |= (1 << idx); + } +} + +static inline int32_t get_mailbox_msg_handle(uint8_t idx, + mailbox_msg_handle_t *handle) +{ + if ((idx >= NUM_MAILBOX_QUEUE_SLOT) || !handle) { + return MAILBOX_INVAL_PARAMS; + } + + *handle = (mailbox_msg_handle_t)(idx + 1); + + return MAILBOX_SUCCESS; +} + +static inline int32_t get_mailbox_msg_idx(mailbox_msg_handle_t handle, + uint8_t *idx) +{ + if ((handle == MAILBOX_MSG_NULL_HANDLE) || !idx) { + return MAILBOX_INVAL_PARAMS; + } + + *idx = (uint8_t)(handle - 1); + + return MAILBOX_SUCCESS; +} + +static inline void clear_queue_slot_replied(uint8_t idx) +{ + if (idx < NUM_MAILBOX_QUEUE_SLOT) { + mailbox_queue_ptr->replied_slots &= ~(1 << idx); + } +} + +static inline void set_queue_slot_woken(uint8_t idx) +{ + if (idx < NUM_MAILBOX_QUEUE_SLOT) { + mailbox_queue_ptr->queue[idx].is_woken = true; + } +} + +static inline bool is_queue_slot_woken(uint8_t idx) +{ + if (idx < NUM_MAILBOX_QUEUE_SLOT) { + return mailbox_queue_ptr->queue[idx].is_woken; + } + + return false; +} + +static inline void clear_queue_slot_woken(uint8_t idx) +{ + if (idx < NUM_MAILBOX_QUEUE_SLOT) { + mailbox_queue_ptr->queue[idx].is_woken = false; + } +} + +static uint8_t acquire_empty_slot(const struct ns_mailbox_queue_t *queue) +{ + uint8_t idx; + mailbox_queue_status_t status; + + tfm_ns_mailbox_hal_enter_critical(); + status = queue->empty_slots; + + if (!status) { + /* No empty slot */ + tfm_ns_mailbox_hal_exit_critical(); + return NUM_MAILBOX_QUEUE_SLOT; + } + + for (idx = 0; idx < NUM_MAILBOX_QUEUE_SLOT; idx++) { + if (status & (1 << idx)) { + break; + } + } + + clear_queue_slot_empty(idx); + + tfm_ns_mailbox_hal_exit_critical(); + + return idx; +} + +static void set_msg_owner(uint8_t idx, const void *owner) +{ + if (idx < NUM_MAILBOX_QUEUE_SLOT) { + mailbox_queue_ptr->queue[idx].owner = owner; + } +} + +#ifdef TFM_MULTI_CORE_TEST +void tfm_ns_mailbox_tx_stats_init(void) +{ + if (!mailbox_queue_ptr) { + return; + } + + tfm_ns_mailbox_hal_enter_critical(); + + mailbox_queue_ptr->nr_tx = 0; + mailbox_queue_ptr->nr_used_slots = 0; + + tfm_ns_mailbox_hal_exit_critical(); +} + +static void mailbox_tx_stats_update(struct ns_mailbox_queue_t *ns_queue) +{ + mailbox_queue_status_t empty_status; + uint8_t idx, nr_empty = 0; + + if (!ns_queue) { + return; + } + + tfm_ns_mailbox_hal_enter_critical(); + + ns_queue->nr_tx++; + + /* Count the number of used slots when this tx arrives */ + empty_status = ns_queue->empty_slots; + tfm_ns_mailbox_hal_exit_critical(); + + if (empty_status) { + for (idx = 0; idx < NUM_MAILBOX_QUEUE_SLOT; idx++) { + if (empty_status & (0x1UL << idx)) { + nr_empty++; + } + } + } + + tfm_ns_mailbox_hal_enter_critical(); + ns_queue->nr_used_slots += (NUM_MAILBOX_QUEUE_SLOT - nr_empty); + tfm_ns_mailbox_hal_exit_critical(); +} + +void tfm_ns_mailbox_stats_avg_slot(struct ns_mailbox_stats_res_t *stats_res) +{ + uint32_t nr_used_slots, nr_tx; + + if (!mailbox_queue_ptr || !stats_res) { + return; + } + + tfm_ns_mailbox_hal_enter_critical(); + nr_used_slots = mailbox_queue_ptr->nr_used_slots; + nr_tx = mailbox_queue_ptr->nr_tx; + tfm_ns_mailbox_hal_exit_critical(); + + stats_res->avg_nr_slots = nr_used_slots / nr_tx; + nr_used_slots %= nr_tx; + stats_res->avg_nr_slots_tenths = nr_used_slots * 10 / nr_tx; +} +#endif + +mailbox_msg_handle_t tfm_ns_mailbox_tx_client_req(uint32_t call_type, + const struct psa_client_params_t *params, + int32_t client_id) +{ + uint8_t idx; + struct mailbox_msg_t *msg_ptr; + mailbox_msg_handle_t handle; + const void *task_handle; + + if (!mailbox_queue_ptr) { + return MAILBOX_MSG_NULL_HANDLE; + } + + if (!params) { + return MAILBOX_MSG_NULL_HANDLE; + } + + idx = acquire_empty_slot(mailbox_queue_ptr); + if (idx >= NUM_MAILBOX_QUEUE_SLOT) { + return MAILBOX_QUEUE_FULL; + } + +#ifdef TFM_MULTI_CORE_TEST + mailbox_tx_stats_update(mailbox_queue_ptr); +#endif + + /* Fill the mailbox message */ + msg_ptr = &mailbox_queue_ptr->queue[idx].msg; + + msg_ptr->call_type = call_type; + memcpy(&msg_ptr->params, params, sizeof(msg_ptr->params)); + msg_ptr->client_id = client_id; + + /* + * Fetch the current task handle. The task will be woken up according the + * handle value set in the owner field. + */ + task_handle = tfm_ns_mailbox_get_task_handle(); + set_msg_owner(idx, task_handle); + + get_mailbox_msg_handle(idx, &handle); + + tfm_ns_mailbox_hal_enter_critical(); + set_queue_slot_pend(idx); + tfm_ns_mailbox_hal_exit_critical(); + + tfm_ns_mailbox_hal_notify_peer(); + + return handle; +} + +int32_t tfm_ns_mailbox_rx_client_reply(mailbox_msg_handle_t handle, + int32_t *reply) +{ + uint8_t idx; + int32_t ret; + + if (!mailbox_queue_ptr) { + return MAILBOX_INVAL_PARAMS; + } + + if ((handle == MAILBOX_MSG_NULL_HANDLE) || (!reply)) { + return MAILBOX_INVAL_PARAMS; + } + + ret = get_mailbox_msg_idx(handle, &idx); + if (ret != MAILBOX_SUCCESS) { + return ret; + } + + *reply = mailbox_queue_ptr->queue[idx].reply.return_val; + + /* Clear up the owner field */ + set_msg_owner(idx, NULL); + + tfm_ns_mailbox_hal_enter_critical(); + clear_queue_slot_replied(idx); + clear_queue_slot_woken(idx); + /* + * Make sure that the empty flag is set after all the other status flags are + * re-initialized. + */ + set_queue_slot_empty(idx); + tfm_ns_mailbox_hal_exit_critical(); + + return MAILBOX_SUCCESS; +} + +bool tfm_ns_mailbox_is_msg_replied(mailbox_msg_handle_t handle) +{ + uint8_t idx; + int32_t ret; + mailbox_queue_status_t status; + + if (!mailbox_queue_ptr) { + return false; + } + + if (handle == MAILBOX_MSG_NULL_HANDLE) { + return false; + } + + ret = get_mailbox_msg_idx(handle, &idx); + if (ret != MAILBOX_SUCCESS) { + return false; + } + + tfm_ns_mailbox_hal_enter_critical(); + status = mailbox_queue_ptr->replied_slots; + tfm_ns_mailbox_hal_exit_critical(); + + if (status & (1 << idx)) { + return true; + } + + return false; +} + +mailbox_msg_handle_t tfm_ns_mailbox_fetch_reply_msg_isr(void) +{ + uint8_t idx; + mailbox_msg_handle_t handle; + mailbox_queue_status_t replied_status; + + if (!mailbox_queue_ptr) { + return MAILBOX_MSG_NULL_HANDLE; + } + + tfm_ns_mailbox_hal_enter_critical_isr(); + replied_status = mailbox_queue_ptr->replied_slots; + tfm_ns_mailbox_hal_exit_critical_isr(); + + if (!replied_status) { + return MAILBOX_MSG_NULL_HANDLE; + } + + for (idx = 0; idx < NUM_MAILBOX_QUEUE_SLOT; idx++) { + /* Find the first replied message in queue */ + if (replied_status & (0x1UL << idx)) { + tfm_ns_mailbox_hal_enter_critical_isr(); + clear_queue_slot_replied(idx); + set_queue_slot_woken(idx); + tfm_ns_mailbox_hal_exit_critical_isr(); + + if (get_mailbox_msg_handle(idx, &handle) == MAILBOX_SUCCESS) { + return handle; + } + } + } + + return MAILBOX_MSG_NULL_HANDLE; +} + +const void *tfm_ns_mailbox_get_msg_owner(mailbox_msg_handle_t handle) +{ + uint8_t idx; + + if (get_mailbox_msg_idx(handle, &idx) != MAILBOX_SUCCESS) { + return NULL; + } + + if (idx < NUM_MAILBOX_QUEUE_SLOT) { + return mailbox_queue_ptr->queue[idx].owner; + } + + return NULL; +} + +int32_t tfm_ns_mailbox_init(struct ns_mailbox_queue_t *queue) +{ + int32_t ret; + + if (!queue) { + return MAILBOX_INVAL_PARAMS; + } + + /* + * Further verification of mailbox queue address may be required according + * to non-secure memory assignment. + */ + + memset(queue, 0, sizeof(*queue)); + + /* Initialize empty bitmask */ + queue->empty_slots = + (mailbox_queue_status_t)((1UL << (NUM_MAILBOX_QUEUE_SLOT - 1)) - 1); + queue->empty_slots += + (mailbox_queue_status_t)(1UL << (NUM_MAILBOX_QUEUE_SLOT - 1)); + + mailbox_queue_ptr = queue; + + /* Platform specific initialization. */ + ret = tfm_ns_mailbox_hal_init(queue); + +#ifdef TFM_MULTI_CORE_TEST + tfm_ns_mailbox_tx_stats_init(); +#endif + + return ret; +} + +#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL +int32_t tfm_ns_mailbox_wait_reply(mailbox_msg_handle_t handle) +{ + uint8_t idx; + int32_t ret; + + if (!mailbox_queue_ptr) { + return MAILBOX_INVAL_PARAMS; + } + + if (handle == MAILBOX_MSG_NULL_HANDLE) { + return MAILBOX_INVAL_PARAMS; + } + + ret = get_mailbox_msg_idx(handle, &idx); + if (ret != MAILBOX_SUCCESS) { + return ret; + } + + while (1) { + tfm_ns_mailbox_hal_wait_reply(handle); + + /* + * Woken up from sleep + * Check the completed flag to make sure that the current thread is + * woken up by reply event, rather than other events. + */ + tfm_ns_mailbox_hal_enter_critical(); + if (is_queue_slot_woken(idx)) { + tfm_ns_mailbox_hal_exit_critical(); + break; + } + tfm_ns_mailbox_hal_exit_critical(); + } + + return MAILBOX_SUCCESS; +} +#endif diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_V8M/src/cmsis_nvic_virtual.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_V8M/src/cmsis_nvic_virtual.c new file mode 100644 index 0000000..bee8597 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_V8M/src/cmsis_nvic_virtual.c @@ -0,0 +1,25 @@ +/* + * Copyright (c) 2019-2020 Arm Limited + * + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cmsis_nvic_virtual.h" +#include "tfm_platform_api.h" + +void NVIC_SystemReset(void) +{ + tfm_platform_system_reset(); +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_V8M/src/tfm_mbed_boot.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_V8M/src/tfm_mbed_boot.c new file mode 100644 index 0000000..87bcbbb --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_V8M/src/tfm_mbed_boot.c @@ -0,0 +1,37 @@ +/* mbed Microcontroller Library + * Copyright (c) 2020 ARM Limited + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "mbed_error.h" +#include "tfm_ns_interface.h" + +void mbed_tfm_init(void) +{ + /* + * In case of V8-M, we need to initialize NS interface + * after the RTOS has started to enable + * communication from Secure and Non-Secure cores. + */ + int32_t ret; + + ret = tfm_ns_interface_init(); + if (ret != TFM_SUCCESS) { + /* Avoid undefined behavior after NS interface initialization failed */ + MBED_ERROR(MBED_MAKE_ERROR(MBED_MODULE_PLATFORM, + MBED_ERROR_CODE_INITIALIZATION_FAILED), + "Failed to initialize NS interface"); + } +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_V8M/src/tfm_ns_interface.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_V8M/src/tfm_ns_interface.c new file mode 100644 index 0000000..9759145 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_V8M/src/tfm_ns_interface.c @@ -0,0 +1,64 @@ +/* + * Copyright (c) 2017-2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +#include +#include + +#include "tfm_api.h" +#include "tfm_ns_interface.h" +#include "cmsis_os2.h" + +/** + * \brief the ns_lock ID + */ +static osMutexId_t ns_lock_handle = NULL; + +__attribute__((weak)) +int32_t tfm_ns_interface_dispatch(veneer_fn fn, + uint32_t arg0, uint32_t arg1, + uint32_t arg2, uint32_t arg3) +{ + int32_t result; + osStatus_t status; + + /* TFM request protected by NS lock */ + status = osMutexAcquire(ns_lock_handle, osWaitForever); + if (status != osOK) { + return (int32_t)TFM_ERROR_GENERIC; + } + + result = fn(arg0, arg1, arg2, arg3); + + status = osMutexRelease(ns_lock_handle); + if (status != osOK) { + return (int32_t)TFM_ERROR_GENERIC; + } + + return result; +} + +__attribute__((weak)) +enum tfm_status_e tfm_ns_interface_init(void) +{ + const osMutexAttr_t attr = { + .name = NULL, + .attr_bits = osMutexPrioInherit, /* Priority inheritance is recommended + * to enable if it is supported. + * For recursive mutex and the ability + * of auto release when owner being + * terminated is not required. + */ + .cb_mem = NULL, + .cb_size = 0U + }; + + ns_lock_handle = osMutexNew(&attr); + if (!ns_lock_handle) { + return TFM_ERROR_GENERIC; + } + + return TFM_SUCCESS; +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_V8M/src/tfm_psa_ns_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_V8M/src/tfm_psa_ns_api.c new file mode 100644 index 0000000..9a677a2 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/TARGET_TFM_V8M/src/tfm_psa_ns_api.c @@ -0,0 +1,79 @@ +/* + * Copyright (c) 2018-2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include "psa/client.h" +#include "tfm_ns_interface.h" +#include "tfm_api.h" + +/**** API functions ****/ + +uint32_t psa_framework_version(void) +{ + return tfm_ns_interface_dispatch( + (veneer_fn)tfm_psa_framework_version_veneer, + 0, + 0, + 0, + 0); +} + +uint32_t psa_version(uint32_t sid) +{ + return tfm_ns_interface_dispatch( + (veneer_fn)tfm_psa_version_veneer, + sid, + 0, + 0, + 0); +} + +psa_handle_t psa_connect(uint32_t sid, uint32_t version) +{ + return tfm_ns_interface_dispatch( + (veneer_fn)tfm_psa_connect_veneer, + sid, + version, + 0, + 0); +} + +psa_status_t psa_call(psa_handle_t handle, int32_t type, + const psa_invec *in_vec, + size_t in_len, + psa_outvec *out_vec, + size_t out_len) +{ + /* FixMe: sanity check can be added to offload some NS thread checks from + * TFM secure API + */ + + /* Due to v8M restrictions, TF-M NS API needs to add another layer of + * serialization in order for NS to pass arguments to S + */ + const struct tfm_control_parameter_t ctrl_param = { + .type = type, + .in_len = in_len, + .out_len = out_len, + }; + + return tfm_ns_interface_dispatch( + (veneer_fn)tfm_psa_call_veneer, + (uint32_t)handle, + (uint32_t)&ctrl_param, + (uint32_t)in_vec, + (uint32_t)out_vec); +} + +void psa_close(psa_handle_t handle) +{ + (void)tfm_ns_interface_dispatch( + (veneer_fn)tfm_psa_close_veneer, + (uint32_t)handle, + 0, + 0, + 0); +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/VERSION.txt b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/VERSION.txt new file mode 100644 index 0000000..54d3b42 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/VERSION.txt @@ -0,0 +1 @@ +a630d86e91a8 diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/cmsis_nvic_virtual.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/cmsis_nvic_virtual.h new file mode 100644 index 0000000..a1a8b61 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/cmsis_nvic_virtual.h @@ -0,0 +1,52 @@ +/* + * Copyright (c) 2019 Arm Limited + * + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cmsis.h" + +#ifndef NVIC_VIRTUAL_H +#define NVIC_VIRTUAL_H + +#ifdef __cplusplus +extern "C" { +#endif + +/* NVIC functions */ +#define NVIC_SetPriorityGrouping __NVIC_SetPriorityGrouping +#define NVIC_GetPriorityGrouping __NVIC_GetPriorityGrouping +#define NVIC_EnableIRQ __NVIC_EnableIRQ +#define NVIC_GetEnableIRQ __NVIC_GetEnableIRQ +#define NVIC_DisableIRQ __NVIC_DisableIRQ +#define NVIC_GetPendingIRQ __NVIC_GetPendingIRQ +#define NVIC_SetPendingIRQ __NVIC_SetPendingIRQ +#define NVIC_ClearPendingIRQ __NVIC_ClearPendingIRQ +#define NVIC_GetActive __NVIC_GetActive +#define NVIC_SetPriority __NVIC_SetPriority +#define NVIC_GetPriority __NVIC_GetPriority + +/** + * \brief Overriding the default CMSIS system reset implementation by calling + * secure TFM service. + * + */ +void NVIC_SystemReset(void); + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/ns_ipc_config.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/ns_ipc_config.h new file mode 100644 index 0000000..e1cd7b7 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/ns_ipc_config.h @@ -0,0 +1,22 @@ +/* + * Copyright (c) 2019 Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef _IPC_CONFIG_H_ +#define _IPC_CONFIG_H_ + +#include "platform_multicore.h" + +#define IPC_RX_CHAN IPC_PSA_CLIENT_REPLY_CHAN +#define IPC_RX_INTR_STRUCT IPC_PSA_CLIENT_REPLY_INTR_STRUCT +#define IPC_RX_INT_MASK IPC_PSA_CLIENT_REPLY_INTR_MASK + +#define IPC_TX_CHAN IPC_PSA_CLIENT_CALL_CHAN +#define IPC_TX_NOTIFY_MASK IPC_PSA_CLIENT_CALL_NOTIFY_MASK + +#define PSA_CLIENT_REPLY_NVIC_IRQn IPC_PSA_CLIENT_REPLY_IPC_INTR +#define PSA_CLIENT_REPLY_IRQ_PRIORITY 3 + +#endif diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/platform_multicore.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/platform_multicore.h new file mode 100644 index 0000000..f90fb1e --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/platform_multicore.h @@ -0,0 +1,102 @@ +/* + * Copyright (c) 2019, Arm Limited. All rights reserved. + * Copyright (c) 2019, Cypress Semiconductor Corporation. All rights reserved + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef _TFM_PLATFORM_MULTICORE_ +#define _TFM_PLATFORM_MULTICORE_ + +#include +#include "cy_device_headers.h" + +#define IPC_PSA_CLIENT_CALL_CHAN (8) +#define IPC_PSA_CLIENT_CALL_INTR_STRUCT (6) +#define IPC_PSA_CLIENT_CALL_INTR_MASK (1 << IPC_PSA_CLIENT_CALL_CHAN) +#define IPC_PSA_CLIENT_CALL_NOTIFY_MASK (1 << IPC_PSA_CLIENT_CALL_INTR_STRUCT) +#define IPC_PSA_CLIENT_CALL_IPC_INTR cpuss_interrupts_ipc_6_IRQn + +#define IPC_PSA_CLIENT_REPLY_CHAN (9) +#define IPC_PSA_CLIENT_REPLY_INTR_STRUCT (5) +#define IPC_PSA_CLIENT_REPLY_INTR_MASK (1 << IPC_PSA_CLIENT_REPLY_CHAN) +#define IPC_PSA_CLIENT_REPLY_NOTIFY_MASK (1 << IPC_PSA_CLIENT_REPLY_INTR_STRUCT) +#define IPC_PSA_CLIENT_REPLY_IPC_INTR cpuss_interrupts_ipc_5_IRQn + +#define IPC_RX_RELEASE_MASK (0) + +#define CY_IPC_NOTIFY_SHIFT (16) + +#define PSA_CLIENT_CALL_REQ_MAGIC (0xA5CF50C6) +#define PSA_CLIENT_CALL_REPLY_MAGIC (0xC605FC5A) + +#define NS_MAILBOX_INIT_ENABLE (0xAE) +#define S_MAILBOX_READY (0xC3) + +#define PLATFORM_MAILBOX_SUCCESS (0x0) +#define PLATFORM_MAILBOX_INVAL_PARAMS (INT32_MIN + 1) +#define PLATFORM_MAILBOX_TX_ERROR (INT32_MIN + 2) +#define PLATFORM_MAILBOX_RX_ERROR (INT32_MIN + 3) +#define PLATFORM_MAILBOX_INIT_ERROR (INT32_MIN + 4) + +/* Inter-Processor Communication (IPC) data channel for the Semaphores */ +#define PLATFORM_MAILBOX_IPC_CHAN_SEMA CY_IPC_CHAN_SEMA +#define MAILBOX_SEMAPHORE_NUM (16) + +#define IPC_SYNC_MAGIC 0x7DADE011 + +/** + * \brief Fetch a pointer from mailbox message + * + * \param[out] msg_ptr The address to write the pointer value to. + * + * \retval 0 The operation succeeds. + * \retval else The operation fails. + */ +int platform_mailbox_fetch_msg_ptr(void **msg_ptr); + +/** + * \brief Fetch a data value from mailbox message + * + * \param[out] data_ptr The address to write the pointer value to. + * + * \retval 0 The operation succeeds. + * \retval else The operation fails. + */ +int platform_mailbox_fetch_msg_data(uint32_t *data_ptr); + +/** + * \brief Send a pointer via mailbox message + * + * \param[in] msg_ptr The pointer value to be sent. + * + * \retval 0 The operation succeeds. + * \retval else The operation fails. + */ +int platform_mailbox_send_msg_ptr(const void *msg_ptr); + +/** + * \brief Send a data value via mailbox message + * + * \param[in] data The data value to be sent + * + * \retval 0 The operation succeeds. + * \retval else The operation fails. + */ +int platform_mailbox_send_msg_data(uint32_t data); + +/** + * \brief Wait for a mailbox notify event. + */ +void platform_mailbox_wait_for_notify(void); + +/** + * \brief IPC initialization + * + * \retval 0 The operation succeeds. + * \retval else The operation fails. + */ +int platform_ns_ipc_init(void); + +#endif diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/client.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/client.h new file mode 100644 index 0000000..4115f93 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/client.h @@ -0,0 +1,175 @@ +/* + * Copyright (c) 2018-2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __PSA_CLIENT_H__ +#define __PSA_CLIENT_H__ + +#include +#include + +#include "psa/error.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/*********************** PSA Client Macros and Types *************************/ + +/** + * The version of the PSA Framework API that is being used to build the calling + * firmware. + */ +#define PSA_FRAMEWORK_VERSION (0x0100u) + +/** + * Return value from psa_version() if the requested RoT Service is not present + * in the system. + */ +#define PSA_VERSION_NONE (0u) + +/** + * The zero-value null handle can be assigned to variables used in clients and + * RoT Services, indicating that there is no current connection or message. + */ +#define PSA_NULL_HANDLE ((psa_handle_t)0) + +/** + * Tests whether a handle value returned by psa_connect() is valid. + */ +#define PSA_HANDLE_IS_VALID(handle) ((psa_handle_t)(handle) > 0) + +/** + * Converts the handle value returned from a failed call psa_connect() into + * an error code. + */ +#define PSA_HANDLE_TO_ERROR(handle) ((psa_status_t)(handle)) + +/** + * Maximum number of input and output vectors for a request to psa_call(). + */ +#define PSA_MAX_IOVEC (4u) + +/** + * An IPC message type that indicates a generic client request. + */ +#define PSA_IPC_CALL (0) + +typedef int32_t psa_handle_t; + +/** + * A read-only input memory region provided to an RoT Service. + */ +typedef struct psa_invec { + const void *base; /*!< the start address of the memory buffer */ + size_t len; /*!< the size in bytes */ +} psa_invec; + +/** + * A writable output memory region provided to an RoT Service. + */ +typedef struct psa_outvec { + void *base; /*!< the start address of the memory buffer */ + size_t len; /*!< the size in bytes */ +} psa_outvec; + +/*************************** PSA Client API **********************************/ + +/** + * \brief Retrieve the version of the PSA Framework API that is implemented. + * + * \return version The version of the PSA Framework implementation + * that is providing the runtime services to the + * caller. The major and minor version are encoded + * as follows: + * \arg version[15:8] -- major version number. + * \arg version[7:0] -- minor version number. + */ +uint32_t psa_framework_version(void); + +/** + * \brief Retrieve the version of an RoT Service or indicate that it is not + * present on this system. + * + * \param[in] sid ID of the RoT Service to query. + * + * \retval PSA_VERSION_NONE The RoT Service is not implemented, or the + * caller is not permitted to access the service. + * \retval > 0 The version of the implemented RoT Service. + */ +uint32_t psa_version(uint32_t sid); + +/** + * \brief Connect to an RoT Service by its SID. + * + * \param[in] sid ID of the RoT Service to connect to. + * \param[in] version Requested version of the RoT Service. + * + * \retval > 0 A handle for the connection. + * \retval PSA_ERROR_CONNECTION_REFUSED The SPM or RoT Service has refused the + * connection. + * \retval PSA_ERROR_CONNECTION_BUSY The SPM or RoT Service cannot make the + * connection at the moment. + * \retval "PROGRAMMER ERROR" The call is a PROGRAMMER ERROR if one or more + * of the following are true: + * \arg The RoT Service ID is not present. + * \arg The RoT Service version is not supported. + * \arg The caller is not allowed to access the RoT + * service. + */ +psa_handle_t psa_connect(uint32_t sid, uint32_t version); + +/** + * \brief Call an RoT Service on an established connection. + * + * \param[in] handle A handle to an established connection. + * \param[in] type The reuqest type. + * Must be zero( \ref PSA_IPC_CALL) or positive. + * \param[in] in_vec Array of input \ref psa_invec structures. + * \param[in] in_len Number of input \ref psa_invec structures. + * \param[in/out] out_vec Array of output \ref psa_outvec structures. + * \param[in] out_len Number of output \ref psa_outvec structures. + * + * \retval >=0 RoT Service-specific status value. + * \retval <0 RoT Service-specific error code. + * \retval PSA_ERROR_PROGRAMMER_ERROR The connection has been terminated by the + * RoT Service. The call is a PROGRAMMER ERROR if + * one or more of the following are true: + * \arg An invalid handle was passed. + * \arg The connection is already handling a request. + * \arg type < 0. + * \arg An invalid memory reference was provided. + * \arg in_len + out_len > PSA_MAX_IOVEC. + * \arg The message is unrecognized by the RoT + * Service or incorrectly formatted. + */ +psa_status_t psa_call(psa_handle_t handle, int32_t type, + const psa_invec *in_vec, + size_t in_len, + psa_outvec *out_vec, + size_t out_len); + +/** + * \brief Close a connection to an RoT Service. + * + * \param[in] handle A handle to an established connection, or the + * null handle. + * + * \retval void Success. + * \retval "PROGRAMMER ERROR" The call is a PROGRAMMER ERROR if one or more + * of the following are true: + * \arg An invalid handle was provided that is not + * the null handle. + * \arg The connection is currently handling a + * request. + */ +void psa_close(psa_handle_t handle); + +#ifdef __cplusplus +} +#endif + +#endif /* __PSA_CLIENT_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto.h new file mode 100644 index 0000000..1459195 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto.h @@ -0,0 +1,3774 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +/** + * \file psa/crypto.h + * \brief Platform Security Architecture cryptography module + */ + +#ifndef PSA_CRYPTO_H +#define PSA_CRYPTO_H + +#include + +#ifdef __DOXYGEN_ONLY__ +/* This __DOXYGEN_ONLY__ block contains mock definitions for things that + * must be defined in the crypto_platform.h header. These mock definitions + * are present in this file as a convenience to generate pretty-printed + * documentation that includes those definitions. */ + +/** \defgroup platform Implementation-specific definitions + * @{ + */ + +/** \brief Key handle. + * + * This type represents open handles to keys. It must be an unsigned integral + * type. The choice of type is implementation-dependent. + * + * 0 is not a valid key handle. How other handle values are assigned is + * implementation-dependent. + */ +typedef _unsigned_integral_type_ psa_key_handle_t; + +/**@}*/ +#endif /* __DOXYGEN_ONLY__ */ + +#ifdef __cplusplus +extern "C" { +#endif + +/* The file "crypto_types.h" declares types that encode errors, + * algorithms, key types, policies, etc. */ +#include "psa/crypto_types.h" + +/** \defgroup version API version + * @{ + */ + +/** + * The major version of this implementation of the PSA Crypto API + */ +#define PSA_CRYPTO_API_VERSION_MAJOR 1 + +/** + * The minor version of this implementation of the PSA Crypto API + */ +#define PSA_CRYPTO_API_VERSION_MINOR 0 + +/**@}*/ + +/* The file "crypto_values.h" declares macros to build and analyze values + * of integral types defined in "crypto_types.h". */ +#include "psa/crypto_values.h" + +/** \defgroup initialization Library initialization + * @{ + */ + +/** + * \brief Library initialization. + * + * Applications must call this function before calling any other + * function in this module. + * + * Applications may call this function more than once. Once a call + * succeeds, subsequent calls are guaranteed to succeed. + * + * If the application calls other functions before calling psa_crypto_init(), + * the behavior is undefined. Implementations are encouraged to either perform + * the operation as if the library had been initialized or to return + * #PSA_ERROR_BAD_STATE or some other applicable error. In particular, + * implementations should not return a success status if the lack of + * initialization may have security implications, for example due to improper + * seeding of the random number generator. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + */ +psa_status_t psa_crypto_init(void); + +/**@}*/ + +/** \addtogroup attributes + * @{ + */ + +/** \def PSA_KEY_ATTRIBUTES_INIT + * + * This macro returns a suitable initializer for a key attribute structure + * of type #psa_key_attributes_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_KEY_ATTRIBUTES_INIT {0} +#endif + +/** Return an initial value for a key attributes structure. + */ +static psa_key_attributes_t psa_key_attributes_init(void); + +/** Declare a key as persistent and set its key identifier. + * + * If the attribute structure currently declares the key as volatile (which + * is the default content of an attribute structure), this function sets + * the lifetime attribute to #PSA_KEY_LIFETIME_PERSISTENT. + * + * This function does not access storage, it merely stores the given + * value in the structure. + * The persistent key will be written to storage when the attribute + * structure is passed to a key creation function such as + * psa_import_key(), psa_generate_key(), + * psa_key_derivation_output_key() or psa_copy_key(). + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] attributes The attribute structure to write to. + * \param id The persistent identifier for the key. + */ +static void psa_set_key_id(psa_key_attributes_t *attributes, + psa_key_id_t id); + +/** Set the location of a persistent key. + * + * To make a key persistent, you must give it a persistent key identifier + * with psa_set_key_id(). By default, a key that has a persistent identifier + * is stored in the default storage area identifier by + * #PSA_KEY_LIFETIME_PERSISTENT. Call this function to choose a storage + * area, or to explicitly declare the key as volatile. + * + * This function does not access storage, it merely stores the given + * value in the structure. + * The persistent key will be written to storage when the attribute + * structure is passed to a key creation function such as + * psa_import_key(), psa_generate_key(), + * psa_key_derivation_output_key() or psa_copy_key(). + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] attributes The attribute structure to write to. + * \param lifetime The lifetime for the key. + * If this is #PSA_KEY_LIFETIME_VOLATILE, the + * key will be volatile, and the key identifier + * attribute is reset to 0. + */ +static void psa_set_key_lifetime(psa_key_attributes_t *attributes, + psa_key_lifetime_t lifetime); + +/** Retrieve the key identifier from key attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] attributes The key attribute structure to query. + * + * \return The persistent identifier stored in the attribute structure. + * This value is unspecified if the attribute structure declares + * the key as volatile. + */ +static psa_key_id_t psa_get_key_id(const psa_key_attributes_t *attributes); + +/** Retrieve the lifetime from key attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] attributes The key attribute structure to query. + * + * \return The lifetime value stored in the attribute structure. + */ +static psa_key_lifetime_t psa_get_key_lifetime( + const psa_key_attributes_t *attributes); + +/** Declare usage flags for a key. + * + * Usage flags are part of a key's usage policy. They encode what + * kind of operations are permitted on the key. For more details, + * refer to the documentation of the type #psa_key_usage_t. + * + * This function overwrites any usage flags + * previously set in \p attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] attributes The attribute structure to write to. + * \param usage_flags The usage flags to write. + */ +static void psa_set_key_usage_flags(psa_key_attributes_t *attributes, + psa_key_usage_t usage_flags); + +/** Retrieve the usage flags from key attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] attributes The key attribute structure to query. + * + * \return The usage flags stored in the attribute structure. + */ +static psa_key_usage_t psa_get_key_usage_flags( + const psa_key_attributes_t *attributes); + +/** Declare the permitted algorithm policy for a key. + * + * The permitted algorithm policy of a key encodes which algorithm or + * algorithms are permitted to be used with this key. The following + * algorithm policies are supported: + * - 0 does not allow any cryptographic operation with the key. The key + * may be used for non-cryptographic actions such as exporting (if + * permitted by the usage flags). + * - An algorithm value permits this particular algorithm. + * - An algorithm wildcard built from #PSA_ALG_ANY_HASH allows the specified + * signature scheme with any hash algorithm. + * + * This function overwrites any algorithm policy + * previously set in \p attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] attributes The attribute structure to write to. + * \param alg The permitted algorithm policy to write. + */ +static void psa_set_key_algorithm(psa_key_attributes_t *attributes, + psa_algorithm_t alg); + + +/** Retrieve the algorithm policy from key attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] attributes The key attribute structure to query. + * + * \return The algorithm stored in the attribute structure. + */ +static psa_algorithm_t psa_get_key_algorithm( + const psa_key_attributes_t *attributes); + +/** Declare the type of a key. + * + * This function overwrites any key type + * previously set in \p attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] attributes The attribute structure to write to. + * \param type The key type to write. + * If this is 0, the key type in \p attributes + * becomes unspecified. + */ +static void psa_set_key_type(psa_key_attributes_t *attributes, + psa_key_type_t type); + + +/** Declare the size of a key. + * + * This function overwrites any key size previously set in \p attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] attributes The attribute structure to write to. + * \param bits The key size in bits. + * If this is 0, the key size in \p attributes + * becomes unspecified. Keys of size 0 are + * not supported. + */ +static void psa_set_key_bits(psa_key_attributes_t *attributes, + size_t bits); + +/** Retrieve the key type from key attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] attributes The key attribute structure to query. + * + * \return The key type stored in the attribute structure. + */ +static psa_key_type_t psa_get_key_type(const psa_key_attributes_t *attributes); + +/** Retrieve the key size from key attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] attributes The key attribute structure to query. + * + * \return The key size stored in the attribute structure, in bits. + */ +static size_t psa_get_key_bits(const psa_key_attributes_t *attributes); + +/** Retrieve the attributes of a key. + * + * This function first resets the attribute structure as with + * psa_reset_key_attributes(). It then copies the attributes of + * the given key into the given attribute structure. + * + * \note This function may allocate memory or other resources. + * Once you have called this function on an attribute structure, + * you must call psa_reset_key_attributes() to free these resources. + * + * \param[in] handle Handle to the key to query. + * \param[in,out] attributes On success, the attributes of the key. + * On failure, equivalent to a + * freshly-initialized structure. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_get_key_attributes(psa_key_handle_t handle, + psa_key_attributes_t *attributes); + +/** Reset a key attribute structure to a freshly initialized state. + * + * You must initialize the attribute structure as described in the + * documentation of the type #psa_key_attributes_t before calling this + * function. Once the structure has been initialized, you may call this + * function at any time. + * + * This function frees any auxiliary resources that the structure + * may contain. + * + * \param[in,out] attributes The attribute structure to reset. + */ +void psa_reset_key_attributes(psa_key_attributes_t *attributes); + +/**@}*/ + +/** \defgroup key_management Key management + * @{ + */ + +/** Open a handle to an existing persistent key. + * + * Open a handle to a persistent key. A key is persistent if it was created + * with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE. A persistent key + * always has a nonzero key identifier, set with psa_set_key_id() when + * creating the key. Implementations may provide additional pre-provisioned + * keys that can be opened with psa_open_key(). Such keys have a key identifier + * in the vendor range, as documented in the description of #psa_key_id_t. + * + * The application must eventually close the handle with psa_close_key() or + * psa_destroy_key() to release associated resources. If the application dies + * without calling one of these functions, the implementation should perform + * the equivalent of a call to psa_close_key(). + * + * Some implementations permit an application to open the same key multiple + * times. If this is successful, each call to psa_open_key() will return a + * different key handle. + * + * \note Applications that rely on opening a key multiple times will not be + * portable to implementations that only permit a single key handle to be + * opened. See also :ref:\`key-handles\`. + * + * \param id The persistent identifier of the key. + * \param[out] handle On success, a handle to the key. + * + * \retval #PSA_SUCCESS + * Success. The application can now use the value of `*handle` + * to access the key. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * The implementation does not have sufficient resources to open the + * key. This can be due to reaching an implementation limit on the + * number of open keys, the number of open key handles, or available + * memory. + * \retval #PSA_ERROR_DOES_NOT_EXIST + * There is no persistent key with key identifier \p id. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p id is not a valid persistent key identifier. + * \retval #PSA_ERROR_NOT_PERMITTED + * The specified key exists, but the application does not have the + * permission to access it. Note that this specification does not + * define any way to create such a key, but it may be possible + * through implementation-specific means. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_open_key(psa_key_id_t id, + psa_key_handle_t *handle); + + +/** Close a key handle. + * + * If the handle designates a volatile key, this will destroy the key material + * and free all associated resources, just like psa_destroy_key(). + * + * If this is the last open handle to a persistent key, then closing the handle + * will free all resources associated with the key in volatile memory. The key + * data in persistent storage is not affected and can be opened again later + * with a call to psa_open_key(). + * + * Closing the key handle makes the handle invalid, and the key handle + * must not be used again by the application. + * + * \note If the key handle was used to set up an active + * :ref:\`multipart operation \`, then closing the + * key handle can cause the multipart operation to fail. Applications should + * maintain the key handle until after the multipart operation has finished. + * + * \param handle The key handle to close. + * If this is \c 0, do nothing and return \c PSA_SUCCESS. + * + * \retval #PSA_SUCCESS + * \p handle was a valid handle or \c 0. It is now closed. + * \retval #PSA_ERROR_INVALID_HANDLE + * \p handle is not a valid handle nor \c 0. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_close_key(psa_key_handle_t handle); + +/** Make a copy of a key. + * + * Copy key material from one location to another. + * + * This function is primarily useful to copy a key from one location + * to another, since it populates a key using the material from + * another key which may have a different lifetime. + * + * This function may be used to share a key with a different party, + * subject to implementation-defined restrictions on key sharing. + * + * The policy on the source key must have the usage flag + * #PSA_KEY_USAGE_COPY set. + * This flag is sufficient to permit the copy if the key has the lifetime + * #PSA_KEY_LIFETIME_VOLATILE or #PSA_KEY_LIFETIME_PERSISTENT. + * Some secure elements do not provide a way to copy a key without + * making it extractable from the secure element. If a key is located + * in such a secure element, then the key must have both usage flags + * #PSA_KEY_USAGE_COPY and #PSA_KEY_USAGE_EXPORT in order to make + * a copy of the key outside the secure element. + * + * The resulting key may only be used in a way that conforms to + * both the policy of the original key and the policy specified in + * the \p attributes parameter: + * - The usage flags on the resulting key are the bitwise-and of the + * usage flags on the source policy and the usage flags in \p attributes. + * - If both allow the same algorithm or wildcard-based + * algorithm policy, the resulting key has the same algorithm policy. + * - If either of the policies allows an algorithm and the other policy + * allows a wildcard-based algorithm policy that includes this algorithm, + * the resulting key allows the same algorithm. + * - If the policies do not allow any algorithm in common, this function + * fails with the status #PSA_ERROR_INVALID_ARGUMENT. + * + * The effect of this function on implementation-defined attributes is + * implementation-defined. + * + * \param source_handle The key to copy. It must be a valid key handle. + * \param[in] attributes The attributes for the new key. + * They are used as follows: + * - The key type and size may be 0. If either is + * nonzero, it must match the corresponding + * attribute of the source key. + * - The key location (the lifetime and, for + * persistent keys, the key identifier) is + * used directly. + * - The policy constraints (usage flags and + * algorithm policy) are combined from + * the source key and \p attributes so that + * both sets of restrictions apply, as + * described in the documentation of this function. + * \param[out] target_handle On success, a handle to the newly created key. + * \c 0 on failure. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \p source_handle is invalid. + * \retval #PSA_ERROR_ALREADY_EXISTS + * This is an attempt to create a persistent key, and there is + * already a persistent key with the given identifier. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The lifetime or identifier in \p attributes are invalid. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The policy constraints on the source and specified in + * \p attributes are incompatible. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p attributes specifies a key type or key size + * which does not match the attributes of the source key. + * \retval #PSA_ERROR_NOT_PERMITTED + * The source key does not have the #PSA_KEY_USAGE_COPY usage flag. + * \retval #PSA_ERROR_NOT_PERMITTED + * The source key is not exportable and its lifetime does not + * allow copying it to the target's lifetime. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_copy_key(psa_key_handle_t source_handle, + const psa_key_attributes_t *attributes, + psa_key_handle_t *target_handle); + + +/** + * \brief Destroy a key. + * + * This function destroys a key from both volatile + * memory and, if applicable, non-volatile storage. Implementations shall + * make a best effort to ensure that that the key material cannot be recovered. + * + * This function also erases any metadata such as policies and frees + * resources associated with the key. To free all resources associated with + * the key, all handles to the key must be closed or destroyed. + * + * Destroying the key makes the handle invalid, and the key handle + * must not be used again by the application. Using other open handles to the + * destroyed key in a cryptographic operation will result in an error. + * + * If a key is currently in use in a multipart operation, then destroying the + * key will cause the multipart operation to fail. + * + * \param handle Handle to the key to erase. + * If this is \c 0, do nothing and return \c PSA_SUCCESS. + * + * \retval #PSA_SUCCESS + * \p handle was a valid handle and the key material that it + * referred to has been erased. + * Alternatively, \p handle is \c 0. + * \retval #PSA_ERROR_NOT_PERMITTED + * The key cannot be erased because it is + * read-only, either due to a policy or due to physical restrictions. + * \retval #PSA_ERROR_INVALID_HANDLE + * \p handle is not a valid handle nor \c 0. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * There was an failure in communication with the cryptoprocessor. + * The key material may still be present in the cryptoprocessor. + * \retval #PSA_ERROR_STORAGE_FAILURE + * The storage is corrupted. Implementations shall make a best effort + * to erase key material even in this stage, however applications + * should be aware that it may be impossible to guarantee that the + * key material is not recoverable in such cases. + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * An unexpected condition which is not a storage corruption or + * a communication failure occurred. The cryptoprocessor may have + * been compromised. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_destroy_key(psa_key_handle_t handle); + +/**@}*/ + +/** \defgroup import_export Key import and export + * @{ + */ + +/** + * \brief Import a key in binary format. + * + * This function supports any output from psa_export_key(). Refer to the + * documentation of psa_export_public_key() for the format of public keys + * and to the documentation of psa_export_key() for the format for + * other key types. + * + * The key data determines the key size. The attributes may optionally + * specify a key size; in this case it must match the size determined + * from the key data. A key size of 0 in \p attributes indicates that + * the key size is solely determined by the key data. + * + * Implementations must reject an attempt to import a key of size 0. + * + * This specification supports a single format for each key type. + * Implementations may support other formats as long as the standard + * format is supported. Implementations that support other formats + * should ensure that the formats are clearly unambiguous so as to + * minimize the risk that an invalid input is accidentally interpreted + * according to a different format. + * + * \param[in] attributes The attributes for the new key. + * The key size is always determined from the + * \p data buffer. + * If the key size in \p attributes is nonzero, + * it must be equal to the size from \p data. + * \param[out] handle On success, a handle to the newly created key. + * \c 0 on failure. + * \param[in] data Buffer containing the key data. The content of this + * buffer is interpreted according to the type declared + * in \p attributes. + * All implementations must support at least the format + * described in the documentation + * of psa_export_key() or psa_export_public_key() for + * the chosen type. Implementations may allow other + * formats, but should be conservative: implementations + * should err on the side of rejecting content if it + * may be erroneous (e.g. wrong type or truncated data). + * \param data_length Size of the \p data buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * If the key is persistent, the key material and the key's metadata + * have been saved to persistent storage. + * \retval #PSA_ERROR_ALREADY_EXISTS + * This is an attempt to create a persistent key, and there is + * already a persistent key with the given identifier. + * \retval #PSA_ERROR_NOT_SUPPORTED + * The key type or key size is not supported, either by the + * implementation in general or in this particular persistent location. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The key attributes, as a whole, are invalid. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The key data is not correctly formatted. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The size in \p attributes is nonzero and does not match the size + * of the key data. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_import_key(const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + psa_key_handle_t *handle); + + + +/** + * \brief Export a key in binary format. + * + * The output of this function can be passed to psa_import_key() to + * create an equivalent object. + * + * If the implementation of psa_import_key() supports other formats + * beyond the format specified here, the output from psa_export_key() + * must use the representation specified here, not the original + * representation. + * + * For standard key types, the output format is as follows: + * + * - For symmetric keys (including MAC keys), the format is the + * raw bytes of the key. + * - For DES, the key data consists of 8 bytes. The parity bits must be + * correct. + * - For Triple-DES, the format is the concatenation of the + * two or three DES keys. + * - For RSA key pairs (#PSA_KEY_TYPE_RSA_KEY_PAIR), the format + * is the non-encrypted DER encoding of the representation defined by + * PKCS\#1 (RFC 8017) as `RSAPrivateKey`, version 0. + * ``` + * RSAPrivateKey ::= SEQUENCE { + * version INTEGER, -- must be 0 + * modulus INTEGER, -- n + * publicExponent INTEGER, -- e + * privateExponent INTEGER, -- d + * prime1 INTEGER, -- p + * prime2 INTEGER, -- q + * exponent1 INTEGER, -- d mod (p-1) + * exponent2 INTEGER, -- d mod (q-1) + * coefficient INTEGER, -- (inverse of q) mod p + * } + * ``` + * - For elliptic curve key pairs (key types for which + * #PSA_KEY_TYPE_IS_ECC_KEY_PAIR is true), the format is + * a representation of the private value as a `ceiling(m/8)`-byte string + * where `m` is the bit size associated with the curve, i.e. the bit size + * of the order of the curve's coordinate field. This byte string is + * in little-endian order for Montgomery curves (curve types + * `PSA_ECC_CURVE_CURVEXXX`), and in big-endian order for Weierstrass + * curves (curve types `PSA_ECC_CURVE_SECTXXX`, `PSA_ECC_CURVE_SECPXXX` + * and `PSA_ECC_CURVE_BRAINPOOL_PXXX`). + * This is the content of the `privateKey` field of the `ECPrivateKey` + * format defined by RFC 5915. + * - For Diffie-Hellman key exchange key pairs (key types for which + * #PSA_KEY_TYPE_IS_DH_KEY_PAIR is true), the + * format is the representation of the private key `x` as a big-endian byte + * string. The length of the byte string is the private key size in bytes + * (leading zeroes are not stripped). + * - For public keys (key types for which #PSA_KEY_TYPE_IS_PUBLIC_KEY is + * true), the format is the same as for psa_export_public_key(). + * + * The policy on the key must have the usage flag #PSA_KEY_USAGE_EXPORT set. + * + * \param handle Handle to the key to export. + * \param[out] data Buffer where the key data is to be written. + * \param data_size Size of the \p data buffer in bytes. + * \param[out] data_length On success, the number of bytes + * that make up the key data. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * The key does not have the #PSA_KEY_USAGE_EXPORT flag. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p data buffer is too small. You can determine a + * sufficient buffer size by calling + * #PSA_KEY_EXPORT_MAX_SIZE(\c type, \c bits) + * where \c type is the key type + * and \c bits is the key size in bits. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_export_key(psa_key_handle_t handle, + uint8_t *data, + size_t data_size, + size_t *data_length); + +/** + * \brief Export a public key or the public part of a key pair in binary format. + * + * The output of this function can be passed to psa_import_key() to + * create an object that is equivalent to the public key. + * + * This specification supports a single format for each key type. + * Implementations may support other formats as long as the standard + * format is supported. Implementations that support other formats + * should ensure that the formats are clearly unambiguous so as to + * minimize the risk that an invalid input is accidentally interpreted + * according to a different format. + * + * For standard key types, the output format is as follows: + * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the DER encoding of + * the representation defined by RFC 3279 §2.3.1 as `RSAPublicKey`. + * ``` + * RSAPublicKey ::= SEQUENCE { + * modulus INTEGER, -- n + * publicExponent INTEGER } -- e + * ``` + * - For elliptic curve public keys (key types for which + * #PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY is true), the format is the uncompressed + * representation defined by SEC1 §2.3.3 as the content of an ECPoint. + * Let `m` be the bit size associated with the curve, i.e. the bit size of + * `q` for a curve over `F_q`. The representation consists of: + * - The byte 0x04; + * - `x_P` as a `ceiling(m/8)`-byte string, big-endian; + * - `y_P` as a `ceiling(m/8)`-byte string, big-endian. + * - For Diffie-Hellman key exchange public keys (key types for which + * #PSA_KEY_TYPE_IS_DH_PUBLIC_KEY is true), + * the format is the representation of the public key `y = g^x mod p` as a + * big-endian byte string. The length of the byte string is the length of the + * base prime `p` in bytes. + * + * Exporting a public key object or the public part of a key pair is + * always permitted, regardless of the key's usage flags. + * + * \param handle Handle to the key to export. + * \param[out] data Buffer where the key data is to be written. + * \param data_size Size of the \p data buffer in bytes. + * \param[out] data_length On success, the number of bytes + * that make up the key data. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The key is neither a public key nor a key pair. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p data buffer is too small. You can determine a + * sufficient buffer size by calling + * #PSA_KEY_EXPORT_MAX_SIZE(#PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(\c type), \c bits) + * where \c type is the key type + * and \c bits is the key size in bits. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_export_public_key(psa_key_handle_t handle, + uint8_t *data, + size_t data_size, + size_t *data_length); + + + +/**@}*/ + +/** \defgroup hash Message digests + * @{ + */ + +/** Calculate the hash (digest) of a message. + * + * \note To verify the hash of a message against an + * expected value, use psa_hash_compare() instead. + * + * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_HASH(\p alg) is true). + * \param[in] input Buffer containing the message to hash. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] hash Buffer where the hash is to be written. + * \param hash_size Size of the \p hash buffer in bytes. + * \param[out] hash_length On success, the number of bytes + * that make up the hash value. This is always + * #PSA_HASH_SIZE(\p alg). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a hash algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p hash_size is too small + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_hash_compute(psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *hash, + size_t hash_size, + size_t *hash_length); + +/** Calculate the hash (digest) of a message and compare it with a + * reference value. + * + * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_HASH(\p alg) is true). + * \param[in] input Buffer containing the message to hash. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] hash Buffer containing the expected hash value. + * \param hash_length Size of the \p hash buffer in bytes. + * + * \retval #PSA_SUCCESS + * The expected hash is identical to the actual hash of the input. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The hash of the message was calculated successfully, but it + * differs from the expected hash. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a hash algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p input_length or \p hash_length do not match the hash size for \p alg + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_hash_compare(psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *hash, + const size_t hash_length); + +/** The type of the state data structure for multipart hash operations. + * + * Before calling any function on a hash operation object, the application must + * initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_hash_operation_t operation; + * memset(&operation, 0, sizeof(operation)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_hash_operation_t operation = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_HASH_OPERATION_INIT, + * for example: + * \code + * psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; + * \endcode + * - Assign the result of the function psa_hash_operation_init() + * to the structure, for example: + * \code + * psa_hash_operation_t operation; + * operation = psa_hash_operation_init(); + * \endcode + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. */ +typedef struct psa_hash_operation_s psa_hash_operation_t; + +/** \def PSA_HASH_OPERATION_INIT + * + * This macro returns a suitable initializer for a hash operation object + * of type #psa_hash_operation_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_HASH_OPERATION_INIT {0} +#endif + +/** Return an initial value for a hash operation object. + */ +static psa_hash_operation_t psa_hash_operation_init(void); + +/** Set up a multipart hash operation. + * + * The sequence of operations to calculate a hash (message digest) + * is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_hash_operation_t, e.g. #PSA_HASH_OPERATION_INIT. + * -# Call psa_hash_setup() to specify the algorithm. + * -# Call psa_hash_update() zero, one or more times, passing a fragment + * of the message each time. The hash that is calculated is the hash + * of the concatenation of these messages in order. + * -# To calculate the hash, call psa_hash_finish(). + * To compare the hash with an expected value, call psa_hash_verify(). + * + * If an error occurs at any step after a call to psa_hash_setup(), the + * operation will need to be reset by a call to psa_hash_abort(). The + * application may call psa_hash_abort() at any time after the operation + * has been initialized. + * + * After a successful call to psa_hash_setup(), the application must + * eventually terminate the operation. The following events terminate an + * operation: + * - A successful call to psa_hash_finish() or psa_hash_verify(). + * - A call to psa_hash_abort(). + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_hash_operation_t and not yet in use. + * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_HASH(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not a supported hash algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p alg is not a hash algorithm. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_hash_setup(psa_hash_operation_t *operation, + psa_algorithm_t alg); + +/** Add a message fragment to a multipart hash operation. + * + * The application must call psa_hash_setup() before calling this function. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_hash_abort(). + * + * \param[in,out] operation Active hash operation. + * \param[in] input Buffer containing the message fragment to hash. + * \param input_length Size of the \p input buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it muct be active). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_hash_update(psa_hash_operation_t *operation, + const uint8_t *input, + size_t input_length); + +/** Finish the calculation of the hash of a message. + * + * The application must call psa_hash_setup() before calling this function. + * This function calculates the hash of the message formed by concatenating + * the inputs passed to preceding calls to psa_hash_update(). + * + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_hash_abort(). + * + * \warning Applications should not call this function if they expect + * a specific value for the hash. Call psa_hash_verify() instead. + * Beware that comparing integrity or authenticity data such as + * hash values with a function such as \c memcmp is risky + * because the time taken by the comparison may leak information + * about the hashed data which could allow an attacker to guess + * a valid hash and thereby bypass security controls. + * + * \param[in,out] operation Active hash operation. + * \param[out] hash Buffer where the hash is to be written. + * \param hash_size Size of the \p hash buffer in bytes. + * \param[out] hash_length On success, the number of bytes + * that make up the hash value. This is always + * #PSA_HASH_SIZE(\c alg) where \c alg is the + * hash algorithm that is calculated. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p hash buffer is too small. You can determine a + * sufficient buffer size by calling #PSA_HASH_SIZE(\c alg) + * where \c alg is the hash algorithm that is calculated. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_hash_finish(psa_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length); + +/** Finish the calculation of the hash of a message and compare it with + * an expected value. + * + * The application must call psa_hash_setup() before calling this function. + * This function calculates the hash of the message formed by concatenating + * the inputs passed to preceding calls to psa_hash_update(). It then + * compares the calculated hash with the expected hash passed as a + * parameter to this function. + * + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_hash_abort(). + * + * \note Implementations shall make the best effort to ensure that the + * comparison between the actual hash and the expected hash is performed + * in constant time. + * + * \param[in,out] operation Active hash operation. + * \param[in] hash Buffer containing the expected hash value. + * \param hash_length Size of the \p hash buffer in bytes. + * + * \retval #PSA_SUCCESS + * The expected hash is identical to the actual hash of the message. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The hash of the message was calculated successfully, but it + * differs from the expected hash. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_hash_verify(psa_hash_operation_t *operation, + const uint8_t *hash, + size_t hash_length); + +/** Abort a hash operation. + * + * Aborting an operation frees all associated resources except for the + * \p operation structure itself. Once aborted, the operation object + * can be reused for another operation by calling + * psa_hash_setup() again. + * + * You may call this function any time after the operation object has + * been initialized by one of the methods described in #psa_hash_operation_t. + * + * In particular, calling psa_hash_abort() after the operation has been + * terminated by a call to psa_hash_abort(), psa_hash_finish() or + * psa_hash_verify() is safe and has no effect. + * + * \param[in,out] operation Initialized hash operation. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_hash_abort(psa_hash_operation_t *operation); + +/** Clone a hash operation. + * + * This function copies the state of an ongoing hash operation to + * a new operation object. In other words, this function is equivalent + * to calling psa_hash_setup() on \p target_operation with the same + * algorithm that \p source_operation was set up for, then + * psa_hash_update() on \p target_operation with the same input that + * that was passed to \p source_operation. After this function returns, the + * two objects are independent, i.e. subsequent calls involving one of + * the objects do not affect the other object. + * + * \param[in] source_operation The active hash operation to clone. + * \param[in,out] target_operation The operation object to set up. + * It must be initialized but not active. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_BAD_STATE + * The \p source_operation state is not valid (it must be active). + * \retval #PSA_ERROR_BAD_STATE + * The \p target_operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, + psa_hash_operation_t *target_operation); + +/**@}*/ + +/** \defgroup MAC Message authentication codes + * @{ + */ + +/** Calculate the MAC (message authentication code) of a message. + * + * \note To verify the MAC of a message against an + * expected value, use psa_mac_verify() instead. + * Beware that comparing integrity or authenticity data such as + * MAC values with a function such as \c memcmp is risky + * because the time taken by the comparison may leak information + * about the MAC value which could allow an attacker to guess + * a valid MAC and thereby bypass security controls. + * + * \param handle Handle to the key to use for the operation. + * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_MAC(\p alg) is true). + * \param[in] input Buffer containing the input message. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] mac Buffer where the MAC value is to be written. + * \param mac_size Size of the \p mac buffer in bytes. + * \param[out] mac_length On success, the number of bytes + * that make up the MAC value. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a MAC algorithm. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p mac_size is too small + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * The key could not be retrieved from storage. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_mac_compute(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *mac, + size_t mac_size, + size_t *mac_length); + +/** Calculate the MAC of a message and compare it with a reference value. + * + * \param handle Handle to the key to use for the operation. + * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_MAC(\p alg) is true). + * \param[in] input Buffer containing the input message. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] mac Buffer containing the expected MAC value. + * \param mac_length Size of the \p mac buffer in bytes. + * + * \retval #PSA_SUCCESS + * The expected MAC is identical to the actual MAC of the input. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The MAC of the message was calculated successfully, but it + * differs from the expected value. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a MAC algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * The key could not be retrieved from storage. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_mac_verify(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *mac, + const size_t mac_length); + +/** The type of the state data structure for multipart MAC operations. + * + * Before calling any function on a MAC operation object, the application must + * initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_mac_operation_t operation; + * memset(&operation, 0, sizeof(operation)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_mac_operation_t operation = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_MAC_OPERATION_INIT, + * for example: + * \code + * psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; + * \endcode + * - Assign the result of the function psa_mac_operation_init() + * to the structure, for example: + * \code + * psa_mac_operation_t operation; + * operation = psa_mac_operation_init(); + * \endcode + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. */ +typedef struct psa_mac_operation_s psa_mac_operation_t; + +/** \def PSA_MAC_OPERATION_INIT + * + * This macro returns a suitable initializer for a MAC operation object of type + * #psa_mac_operation_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_MAC_OPERATION_INIT {0} +#endif + +/** Return an initial value for a MAC operation object. + */ +static psa_mac_operation_t psa_mac_operation_init(void); + +/** Set up a multipart MAC calculation operation. + * + * This function sets up the calculation of the MAC + * (message authentication code) of a byte string. + * To verify the MAC of a message against an + * expected value, use psa_mac_verify_setup() instead. + * + * The sequence of operations to calculate a MAC is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_mac_operation_t, e.g. #PSA_MAC_OPERATION_INIT. + * -# Call psa_mac_sign_setup() to specify the algorithm and key. + * -# Call psa_mac_update() zero, one or more times, passing a fragment + * of the message each time. The MAC that is calculated is the MAC + * of the concatenation of these messages in order. + * -# At the end of the message, call psa_mac_sign_finish() to finish + * calculating the MAC value and retrieve it. + * + * If an error occurs at any step after a call to psa_mac_sign_setup(), the + * operation will need to be reset by a call to psa_mac_abort(). The + * application may call psa_mac_abort() at any time after the operation + * has been initialized. + * + * After a successful call to psa_mac_sign_setup(), the application must + * eventually terminate the operation through one of the following methods: + * - A successful call to psa_mac_sign_finish(). + * - A call to psa_mac_abort(). + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_mac_operation_t and not yet in use. + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_MAC(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a MAC algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * The key could not be retrieved from storage. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg); + +/** Set up a multipart MAC verification operation. + * + * This function sets up the verification of the MAC + * (message authentication code) of a byte string against an expected value. + * + * The sequence of operations to verify a MAC is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_mac_operation_t, e.g. #PSA_MAC_OPERATION_INIT. + * -# Call psa_mac_verify_setup() to specify the algorithm and key. + * -# Call psa_mac_update() zero, one or more times, passing a fragment + * of the message each time. The MAC that is calculated is the MAC + * of the concatenation of these messages in order. + * -# At the end of the message, call psa_mac_verify_finish() to finish + * calculating the actual MAC of the message and verify it against + * the expected value. + * + * If an error occurs at any step after a call to psa_mac_verify_setup(), the + * operation will need to be reset by a call to psa_mac_abort(). The + * application may call psa_mac_abort() at any time after the operation + * has been initialized. + * + * After a successful call to psa_mac_verify_setup(), the application must + * eventually terminate the operation through one of the following methods: + * - A successful call to psa_mac_verify_finish(). + * - A call to psa_mac_abort(). + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_mac_operation_t and not yet in use. + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_MAC(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c key is not compatible with \c alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \c alg is not supported or is not a MAC algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * The key could not be retrieved from storage + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg); + +/** Add a message fragment to a multipart MAC operation. + * + * The application must call psa_mac_sign_setup() or psa_mac_verify_setup() + * before calling this function. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_mac_abort(). + * + * \param[in,out] operation Active MAC operation. + * \param[in] input Buffer containing the message fragment to add to + * the MAC calculation. + * \param input_length Size of the \p input buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_mac_update(psa_mac_operation_t *operation, + const uint8_t *input, + size_t input_length); + +/** Finish the calculation of the MAC of a message. + * + * The application must call psa_mac_sign_setup() before calling this function. + * This function calculates the MAC of the message formed by concatenating + * the inputs passed to preceding calls to psa_mac_update(). + * + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_mac_abort(). + * + * \warning Applications should not call this function if they expect + * a specific value for the MAC. Call psa_mac_verify_finish() instead. + * Beware that comparing integrity or authenticity data such as + * MAC values with a function such as \c memcmp is risky + * because the time taken by the comparison may leak information + * about the MAC value which could allow an attacker to guess + * a valid MAC and thereby bypass security controls. + * + * \param[in,out] operation Active MAC operation. + * \param[out] mac Buffer where the MAC value is to be written. + * \param mac_size Size of the \p mac buffer in bytes. + * \param[out] mac_length On success, the number of bytes + * that make up the MAC value. This is always + * #PSA_MAC_FINAL_SIZE(\c key_type, \c key_bits, \c alg) + * where \c key_type and \c key_bits are the type and + * bit-size respectively of the key and \c alg is the + * MAC algorithm that is calculated. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be an active mac sign + * operation). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p mac buffer is too small. You can determine a + * sufficient buffer size by calling PSA_MAC_FINAL_SIZE(). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, + uint8_t *mac, + size_t mac_size, + size_t *mac_length); + +/** Finish the calculation of the MAC of a message and compare it with + * an expected value. + * + * The application must call psa_mac_verify_setup() before calling this function. + * This function calculates the MAC of the message formed by concatenating + * the inputs passed to preceding calls to psa_mac_update(). It then + * compares the calculated MAC with the expected MAC passed as a + * parameter to this function. + * + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_mac_abort(). + * + * \note Implementations shall make the best effort to ensure that the + * comparison between the actual MAC and the expected MAC is performed + * in constant time. + * + * \param[in,out] operation Active MAC operation. + * \param[in] mac Buffer containing the expected MAC value. + * \param mac_length Size of the \p mac buffer in bytes. + * + * \retval #PSA_SUCCESS + * The expected MAC is identical to the actual MAC of the message. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The MAC of the message was calculated successfully, but it + * differs from the expected MAC. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be an active mac verify + * operation). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, + const uint8_t *mac, + size_t mac_length); + +/** Abort a MAC operation. + * + * Aborting an operation frees all associated resources except for the + * \p operation structure itself. Once aborted, the operation object + * can be reused for another operation by calling + * psa_mac_sign_setup() or psa_mac_verify_setup() again. + * + * You may call this function any time after the operation object has + * been initialized by one of the methods described in #psa_mac_operation_t. + * + * In particular, calling psa_mac_abort() after the operation has been + * terminated by a call to psa_mac_abort(), psa_mac_sign_finish() or + * psa_mac_verify_finish() is safe and has no effect. + * + * \param[in,out] operation Initialized MAC operation. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_mac_abort(psa_mac_operation_t *operation); + +/**@}*/ + +/** \defgroup cipher Symmetric ciphers + * @{ + */ + +/** Encrypt a message using a symmetric cipher. + * + * This function encrypts a message with a random IV (initialization + * vector). Use the multipart operation interface with a + * #psa_cipher_operation_t object to provide other forms of IV. + * + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The cipher algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_CIPHER(\p alg) is true). + * \param[in] input Buffer containing the message to encrypt. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] output Buffer where the output is to be written. + * The output contains the IV followed by + * the ciphertext proper. + * \param output_size Size of the \p output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a cipher algorithm. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/** Decrypt a message using a symmetric cipher. + * + * This function decrypts a message encrypted with a symmetric cipher. + * + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The cipher algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_CIPHER(\p alg) is true). + * \param[in] input Buffer containing the message to decrypt. + * This consists of the IV followed by the + * ciphertext proper. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] output Buffer where the plaintext is to be written. + * \param output_size Size of the \p output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a cipher algorithm. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_cipher_decrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/** The type of the state data structure for multipart cipher operations. + * + * Before calling any function on a cipher operation object, the application + * must initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_cipher_operation_t operation; + * memset(&operation, 0, sizeof(operation)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_cipher_operation_t operation = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_CIPHER_OPERATION_INIT, + * for example: + * \code + * psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; + * \endcode + * - Assign the result of the function psa_cipher_operation_init() + * to the structure, for example: + * \code + * psa_cipher_operation_t operation; + * operation = psa_cipher_operation_init(); + * \endcode + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. */ +typedef struct psa_cipher_operation_s psa_cipher_operation_t; + +/** \def PSA_CIPHER_OPERATION_INIT + * + * This macro returns a suitable initializer for a cipher operation object of + * type #psa_cipher_operation_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_CIPHER_OPERATION_INIT {0} +#endif + +/** Return an initial value for a cipher operation object. + */ +static psa_cipher_operation_t psa_cipher_operation_init(void); + +/** Set the key for a multipart symmetric encryption operation. + * + * The sequence of operations to encrypt a message with a symmetric cipher + * is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_cipher_operation_t, e.g. + * #PSA_CIPHER_OPERATION_INIT. + * -# Call psa_cipher_encrypt_setup() to specify the algorithm and key. + * -# Call either psa_cipher_generate_iv() or psa_cipher_set_iv() to + * generate or set the IV (initialization vector). You should use + * psa_cipher_generate_iv() unless the protocol you are implementing + * requires a specific IV value. + * -# Call psa_cipher_update() zero, one or more times, passing a fragment + * of the message each time. + * -# Call psa_cipher_finish(). + * + * If an error occurs at any step after a call to psa_cipher_encrypt_setup(), + * the operation will need to be reset by a call to psa_cipher_abort(). The + * application may call psa_cipher_abort() at any time after the operation + * has been initialized. + * + * After a successful call to psa_cipher_encrypt_setup(), the application must + * eventually terminate the operation. The following events terminate an + * operation: + * - A successful call to psa_cipher_finish(). + * - A call to psa_cipher_abort(). + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_cipher_operation_t and not yet in use. + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The cipher algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_CIPHER(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a cipher algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg); + +/** Set the key for a multipart symmetric decryption operation. + * + * The sequence of operations to decrypt a message with a symmetric cipher + * is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_cipher_operation_t, e.g. + * #PSA_CIPHER_OPERATION_INIT. + * -# Call psa_cipher_decrypt_setup() to specify the algorithm and key. + * -# Call psa_cipher_set_iv() with the IV (initialization vector) for the + * decryption. If the IV is prepended to the ciphertext, you can call + * psa_cipher_update() on a buffer containing the IV followed by the + * beginning of the message. + * -# Call psa_cipher_update() zero, one or more times, passing a fragment + * of the message each time. + * -# Call psa_cipher_finish(). + * + * If an error occurs at any step after a call to psa_cipher_decrypt_setup(), + * the operation will need to be reset by a call to psa_cipher_abort(). The + * application may call psa_cipher_abort() at any time after the operation + * has been initialized. + * + * After a successful call to psa_cipher_decrypt_setup(), the application must + * eventually terminate the operation. The following events terminate an + * operation: + * - A successful call to psa_cipher_finish(). + * - A call to psa_cipher_abort(). + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_cipher_operation_t and not yet in use. + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The cipher algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_CIPHER(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a cipher algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg); + +/** Generate an IV for a symmetric encryption operation. + * + * This function generates a random IV (initialization vector), nonce + * or initial counter value for the encryption operation as appropriate + * for the chosen algorithm, key type and key size. + * + * The application must call psa_cipher_encrypt_setup() before + * calling this function. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_cipher_abort(). + * + * \param[in,out] operation Active cipher operation. + * \param[out] iv Buffer where the generated IV is to be written. + * \param iv_size Size of the \p iv buffer in bytes. + * \param[out] iv_length On success, the number of bytes of the + * generated IV. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, with no IV set). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p iv buffer is too small. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, + uint8_t *iv, + size_t iv_size, + size_t *iv_length); + +/** Set the IV for a symmetric encryption or decryption operation. + * + * This function sets the IV (initialization vector), nonce + * or initial counter value for the encryption or decryption operation. + * + * The application must call psa_cipher_encrypt_setup() before + * calling this function. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_cipher_abort(). + * + * \note When encrypting, applications should use psa_cipher_generate_iv() + * instead of this function, unless implementing a protocol that requires + * a non-random IV. + * + * \param[in,out] operation Active cipher operation. + * \param[in] iv Buffer containing the IV to use. + * \param iv_length Size of the IV in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be an active cipher + * encrypt operation, with no IV set). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The size of \p iv is not acceptable for the chosen algorithm, + * or the chosen algorithm does not use an IV. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, + const uint8_t *iv, + size_t iv_length); + +/** Encrypt or decrypt a message fragment in an active cipher operation. + * + * Before calling this function, you must: + * 1. Call either psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup(). + * The choice of setup function determines whether this function + * encrypts or decrypts its input. + * 2. If the algorithm requires an IV, call psa_cipher_generate_iv() + * (recommended when encrypting) or psa_cipher_set_iv(). + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_cipher_abort(). + * + * \param[in,out] operation Active cipher operation. + * \param[in] input Buffer containing the message fragment to + * encrypt or decrypt. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] output Buffer where the output is to be written. + * \param output_size Size of the \p output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the returned output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, with an IV set + * if required for the algorithm). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/** Finish encrypting or decrypting a message in a cipher operation. + * + * The application must call psa_cipher_encrypt_setup() or + * psa_cipher_decrypt_setup() before calling this function. The choice + * of setup function determines whether this function encrypts or + * decrypts its input. + * + * This function finishes the encryption or decryption of the message + * formed by concatenating the inputs passed to preceding calls to + * psa_cipher_update(). + * + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_cipher_abort(). + * + * \param[in,out] operation Active cipher operation. + * \param[out] output Buffer where the output is to be written. + * \param output_size Size of the \p output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the returned output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total input size passed to this operation is not valid for + * this particular algorithm. For example, the algorithm is a based + * on block cipher and requires a whole number of blocks, but the + * total input size is not a multiple of the block size. + * \retval #PSA_ERROR_INVALID_PADDING + * This is a decryption operation for an algorithm that includes + * padding, and the ciphertext does not contain valid padding. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, with an IV set + * if required for the algorithm). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/** Abort a cipher operation. + * + * Aborting an operation frees all associated resources except for the + * \p operation structure itself. Once aborted, the operation object + * can be reused for another operation by calling + * psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup() again. + * + * You may call this function any time after the operation object has + * been initialized as described in #psa_cipher_operation_t. + * + * In particular, calling psa_cipher_abort() after the operation has been + * terminated by a call to psa_cipher_abort() or psa_cipher_finish() + * is safe and has no effect. + * + * \param[in,out] operation Initialized cipher operation. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); + +/**@}*/ + +/** \defgroup aead Authenticated encryption with associated data (AEAD) + * @{ + */ + +/** Process an authenticated encryption operation. + * + * \param handle Handle to the key to use for the operation. + * \param alg The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * \param[in] nonce Nonce or IV to use. + * \param nonce_length Size of the \p nonce buffer in bytes. + * \param[in] additional_data Additional data that will be authenticated + * but not encrypted. + * \param additional_data_length Size of \p additional_data in bytes. + * \param[in] plaintext Data that will be authenticated and + * encrypted. + * \param plaintext_length Size of \p plaintext in bytes. + * \param[out] ciphertext Output buffer for the authenticated and + * encrypted data. The additional data is not + * part of this output. For algorithms where the + * encrypted data and the authentication tag + * are defined as separate outputs, the + * authentication tag is appended to the + * encrypted data. + * \param ciphertext_size Size of the \p ciphertext buffer in bytes. + * This must be at least + * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg, + * \p plaintext_length). + * \param[out] ciphertext_length On success, the size of the output + * in the \p ciphertext buffer. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not an AEAD algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p ciphertext_size is too small + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_encrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *plaintext, + size_t plaintext_length, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length); + +/** Process an authenticated decryption operation. + * + * \param handle Handle to the key to use for the operation. + * \param alg The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * \param[in] nonce Nonce or IV to use. + * \param nonce_length Size of the \p nonce buffer in bytes. + * \param[in] additional_data Additional data that has been authenticated + * but not encrypted. + * \param additional_data_length Size of \p additional_data in bytes. + * \param[in] ciphertext Data that has been authenticated and + * encrypted. For algorithms where the + * encrypted data and the authentication tag + * are defined as separate inputs, the buffer + * must contain the encrypted data followed + * by the authentication tag. + * \param ciphertext_length Size of \p ciphertext in bytes. + * \param[out] plaintext Output buffer for the decrypted data. + * \param plaintext_size Size of the \p plaintext buffer in bytes. + * This must be at least + * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg, + * \p ciphertext_length). + * \param[out] plaintext_length On success, the size of the output + * in the \p plaintext buffer. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The ciphertext is not authentic. + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not an AEAD algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p plaintext_size or \p nonce_length is too small + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_decrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *ciphertext, + size_t ciphertext_length, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length); + +/** The type of the state data structure for multipart AEAD operations. + * + * Before calling any function on an AEAD operation object, the application + * must initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_aead_operation_t operation; + * memset(&operation, 0, sizeof(operation)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_aead_operation_t operation = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_AEAD_OPERATION_INIT, + * for example: + * \code + * psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT; + * \endcode + * - Assign the result of the function psa_aead_operation_init() + * to the structure, for example: + * \code + * psa_aead_operation_t operation; + * operation = psa_aead_operation_init(); + * \endcode + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. */ +typedef struct psa_aead_operation_s psa_aead_operation_t; + +/** \def PSA_AEAD_OPERATION_INIT + * + * This macro returns a suitable initializer for an AEAD operation object of + * type #psa_aead_operation_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_AEAD_OPERATION_INIT {0} +#endif + +/** Return an initial value for an AEAD operation object. + */ +static psa_aead_operation_t psa_aead_operation_init(void); + +/** Set the key for a multipart authenticated encryption operation. + * + * The sequence of operations to encrypt a message with authentication + * is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_aead_operation_t, e.g. + * #PSA_AEAD_OPERATION_INIT. + * -# Call psa_aead_encrypt_setup() to specify the algorithm and key. + * -# If needed, call psa_aead_set_lengths() to specify the length of the + * inputs to the subsequent calls to psa_aead_update_ad() and + * psa_aead_update(). See the documentation of psa_aead_set_lengths() + * for details. + * -# Call either psa_aead_generate_nonce() or psa_aead_set_nonce() to + * generate or set the nonce. You should use + * psa_aead_generate_nonce() unless the protocol you are implementing + * requires a specific nonce value. + * -# Call psa_aead_update_ad() zero, one or more times, passing a fragment + * of the non-encrypted additional authenticated data each time. + * -# Call psa_aead_update() zero, one or more times, passing a fragment + * of the message to encrypt each time. + * -# Call psa_aead_finish(). + * + * If an error occurs at any step after a call to psa_aead_encrypt_setup(), + * the operation will need to be reset by a call to psa_aead_abort(). The + * application may call psa_aead_abort() at any time after the operation + * has been initialized. + * + * After a successful call to psa_aead_encrypt_setup(), the application must + * eventually terminate the operation. The following events terminate an + * operation: + * - A successful call to psa_aead_finish(). + * - A call to psa_aead_abort(). + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_aead_operation_t and not yet in use. + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not an AEAD algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg); + +/** Set the key for a multipart authenticated decryption operation. + * + * The sequence of operations to decrypt a message with authentication + * is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_aead_operation_t, e.g. + * #PSA_AEAD_OPERATION_INIT. + * -# Call psa_aead_decrypt_setup() to specify the algorithm and key. + * -# If needed, call psa_aead_set_lengths() to specify the length of the + * inputs to the subsequent calls to psa_aead_update_ad() and + * psa_aead_update(). See the documentation of psa_aead_set_lengths() + * for details. + * -# Call psa_aead_set_nonce() with the nonce for the decryption. + * -# Call psa_aead_update_ad() zero, one or more times, passing a fragment + * of the non-encrypted additional authenticated data each time. + * -# Call psa_aead_update() zero, one or more times, passing a fragment + * of the ciphertext to decrypt each time. + * -# Call psa_aead_verify(). + * + * If an error occurs at any step after a call to psa_aead_decrypt_setup(), + * the operation will need to be reset by a call to psa_aead_abort(). The + * application may call psa_aead_abort() at any time after the operation + * has been initialized. + * + * After a successful call to psa_aead_decrypt_setup(), the application must + * eventually terminate the operation. The following events terminate an + * operation: + * - A successful call to psa_aead_verify(). + * - A call to psa_aead_abort(). + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_aead_operation_t and not yet in use. + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p handle is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not an AEAD algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg); + +/** Generate a random nonce for an authenticated encryption operation. + * + * This function generates a random nonce for the authenticated encryption + * operation with an appropriate size for the chosen algorithm, key type + * and key size. + * + * The application must call psa_aead_encrypt_setup() before + * calling this function. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). + * + * \param[in,out] operation Active AEAD operation. + * \param[out] nonce Buffer where the generated nonce is to be + * written. + * \param nonce_size Size of the \p nonce buffer in bytes. + * \param[out] nonce_length On success, the number of bytes of the + * generated nonce. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be an active aead encrypt + operation, with no nonce set). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p nonce buffer is too small. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, + uint8_t *nonce, + size_t nonce_size, + size_t *nonce_length); + +/** Set the nonce for an authenticated encryption or decryption operation. + * + * This function sets the nonce for the authenticated + * encryption or decryption operation. + * + * The application must call psa_aead_encrypt_setup() or + * psa_aead_decrypt_setup() before calling this function. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). + * + * \note When encrypting, applications should use psa_aead_generate_nonce() + * instead of this function, unless implementing a protocol that requires + * a non-random IV. + * + * \param[in,out] operation Active AEAD operation. + * \param[in] nonce Buffer containing the nonce to use. + * \param nonce_length Size of the nonce in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, with no nonce + * set). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The size of \p nonce is not acceptable for the chosen algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, + const uint8_t *nonce, + size_t nonce_length); + +/** Declare the lengths of the message and additional data for AEAD. + * + * The application must call this function before calling + * psa_aead_update_ad() or psa_aead_update() if the algorithm for + * the operation requires it. If the algorithm does not require it, + * calling this function is optional, but if this function is called + * then the implementation must enforce the lengths. + * + * You may call this function before or after setting the nonce with + * psa_aead_set_nonce() or psa_aead_generate_nonce(). + * + * - For #PSA_ALG_CCM, calling this function is required. + * - For the other AEAD algorithms defined in this specification, calling + * this function is not required. + * - For vendor-defined algorithm, refer to the vendor documentation. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). + * + * \param[in,out] operation Active AEAD operation. + * \param ad_length Size of the non-encrypted additional + * authenticated data in bytes. + * \param plaintext_length Size of the plaintext to encrypt in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, and + * psa_aead_update_ad() and psa_aead_update() must not have been + * called yet). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * At least one of the lengths is not acceptable for the chosen + * algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, + size_t ad_length, + size_t plaintext_length); + +/** Pass additional data to an active AEAD operation. + * + * Additional data is authenticated, but not encrypted. + * + * You may call this function multiple times to pass successive fragments + * of the additional data. You may not call this function after passing + * data to encrypt or decrypt with psa_aead_update(). + * + * Before calling this function, you must: + * 1. Call either psa_aead_encrypt_setup() or psa_aead_decrypt_setup(). + * 2. Set the nonce with psa_aead_generate_nonce() or psa_aead_set_nonce(). + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). + * + * \warning When decrypting, until psa_aead_verify() has returned #PSA_SUCCESS, + * there is no guarantee that the input is valid. Therefore, until + * you have called psa_aead_verify() and it has returned #PSA_SUCCESS, + * treat the input as untrusted and prepare to undo any action that + * depends on the input if psa_aead_verify() returns an error status. + * + * \param[in,out] operation Active AEAD operation. + * \param[in] input Buffer containing the fragment of + * additional data. + * \param input_length Size of the \p input buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, have a nonce + * set, have lengths set if required by the algorithm, and + * psa_aead_update() must not have been called yet). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total input length overflows the additional data length that + * was previously specified with psa_aead_set_lengths(). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, + const uint8_t *input, + size_t input_length); + +/** Encrypt or decrypt a message fragment in an active AEAD operation. + * + * Before calling this function, you must: + * 1. Call either psa_aead_encrypt_setup() or psa_aead_decrypt_setup(). + * The choice of setup function determines whether this function + * encrypts or decrypts its input. + * 2. Set the nonce with psa_aead_generate_nonce() or psa_aead_set_nonce(). + * 3. Call psa_aead_update_ad() to pass all the additional data. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). + * + * \warning When decrypting, until psa_aead_verify() has returned #PSA_SUCCESS, + * there is no guarantee that the input is valid. Therefore, until + * you have called psa_aead_verify() and it has returned #PSA_SUCCESS: + * - Do not use the output in any way other than storing it in a + * confidential location. If you take any action that depends + * on the tentative decrypted data, this action will need to be + * undone if the input turns out not to be valid. Furthermore, + * if an adversary can observe that this action took place + * (for example through timing), they may be able to use this + * fact as an oracle to decrypt any message encrypted with the + * same key. + * - In particular, do not copy the output anywhere but to a + * memory or storage space that you have exclusive access to. + * + * This function does not require the input to be aligned to any + * particular block boundary. If the implementation can only process + * a whole block at a time, it must consume all the input provided, but + * it may delay the end of the corresponding output until a subsequent + * call to psa_aead_update(), psa_aead_finish() or psa_aead_verify() + * provides sufficient input. The amount of data that can be delayed + * in this way is bounded by #PSA_AEAD_UPDATE_OUTPUT_SIZE. + * + * \param[in,out] operation Active AEAD operation. + * \param[in] input Buffer containing the message fragment to + * encrypt or decrypt. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] output Buffer where the output is to be written. + * \param output_size Size of the \p output buffer in bytes. + * This must be at least + * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c alg, + * \p input_length) where \c alg is the + * algorithm that is being calculated. + * \param[out] output_length On success, the number of bytes + * that make up the returned output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, have a nonce + * set, and have lengths set if required by the algorithm). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. + * You can determine a sufficient buffer size by calling + * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c alg, \p input_length) + * where \c alg is the algorithm that is being calculated. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total length of input to psa_aead_update_ad() so far is + * less than the additional data length that was previously + * specified with psa_aead_set_lengths(). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total input length overflows the plaintext length that + * was previously specified with psa_aead_set_lengths(). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_update(psa_aead_operation_t *operation, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/** Finish encrypting a message in an AEAD operation. + * + * The operation must have been set up with psa_aead_encrypt_setup(). + * + * This function finishes the authentication of the additional data + * formed by concatenating the inputs passed to preceding calls to + * psa_aead_update_ad() with the plaintext formed by concatenating the + * inputs passed to preceding calls to psa_aead_update(). + * + * This function has two output buffers: + * - \p ciphertext contains trailing ciphertext that was buffered from + * preceding calls to psa_aead_update(). + * - \p tag contains the authentication tag. Its length is always + * #PSA_AEAD_TAG_LENGTH(\c alg) where \c alg is the AEAD algorithm + * that the operation performs. + * + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). + * + * \param[in,out] operation Active AEAD operation. + * \param[out] ciphertext Buffer where the last part of the ciphertext + * is to be written. + * \param ciphertext_size Size of the \p ciphertext buffer in bytes. + * This must be at least + * #PSA_AEAD_FINISH_OUTPUT_SIZE(\c alg) where + * \c alg is the algorithm that is being + * calculated. + * \param[out] ciphertext_length On success, the number of bytes of + * returned ciphertext. + * \param[out] tag Buffer where the authentication tag is + * to be written. + * \param tag_size Size of the \p tag buffer in bytes. + * This must be at least + * #PSA_AEAD_TAG_LENGTH(\c alg) where \c alg is + * the algorithm that is being calculated. + * \param[out] tag_length On success, the number of bytes + * that make up the returned tag. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be an active encryption + * operation with a nonce set). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p ciphertext or \p tag buffer is too small. + * You can determine a sufficient buffer size for \p ciphertext by + * calling #PSA_AEAD_FINISH_OUTPUT_SIZE(\c alg) + * where \c alg is the algorithm that is being calculated. + * You can determine a sufficient buffer size for \p tag by + * calling #PSA_AEAD_TAG_LENGTH(\c alg). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total length of input to psa_aead_update_ad() so far is + * less than the additional data length that was previously + * specified with psa_aead_set_lengths(). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total length of input to psa_aead_update() so far is + * less than the plaintext length that was previously + * specified with psa_aead_set_lengths(). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_finish(psa_aead_operation_t *operation, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length, + uint8_t *tag, + size_t tag_size, + size_t *tag_length); + +/** Finish authenticating and decrypting a message in an AEAD operation. + * + * The operation must have been set up with psa_aead_decrypt_setup(). + * + * This function finishes the authenticated decryption of the message + * components: + * + * - The additional data consisting of the concatenation of the inputs + * passed to preceding calls to psa_aead_update_ad(). + * - The ciphertext consisting of the concatenation of the inputs passed to + * preceding calls to psa_aead_update(). + * - The tag passed to this function call. + * + * If the authentication tag is correct, this function outputs any remaining + * plaintext and reports success. If the authentication tag is not correct, + * this function returns #PSA_ERROR_INVALID_SIGNATURE. + * + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). + * + * \note Implementations shall make the best effort to ensure that the + * comparison between the actual tag and the expected tag is performed + * in constant time. + * + * \param[in,out] operation Active AEAD operation. + * \param[out] plaintext Buffer where the last part of the plaintext + * is to be written. This is the remaining data + * from previous calls to psa_aead_update() + * that could not be processed until the end + * of the input. + * \param plaintext_size Size of the \p plaintext buffer in bytes. + * This must be at least + * #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c alg) where + * \c alg is the algorithm that is being + * calculated. + * \param[out] plaintext_length On success, the number of bytes of + * returned plaintext. + * \param[in] tag Buffer containing the authentication tag. + * \param tag_length Size of the \p tag buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The calculations were successful, but the authentication tag is + * not correct. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be an active decryption + * operation with a nonce set). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p plaintext buffer is too small. + * You can determine a sufficient buffer size for \p plaintext by + * calling #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c alg) + * where \c alg is the algorithm that is being calculated. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total length of input to psa_aead_update_ad() so far is + * less than the additional data length that was previously + * specified with psa_aead_set_lengths(). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total length of input to psa_aead_update() so far is + * less than the plaintext length that was previously + * specified with psa_aead_set_lengths(). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_verify(psa_aead_operation_t *operation, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length, + const uint8_t *tag, + size_t tag_length); + +/** Abort an AEAD operation. + * + * Aborting an operation frees all associated resources except for the + * \p operation structure itself. Once aborted, the operation object + * can be reused for another operation by calling + * psa_aead_encrypt_setup() or psa_aead_decrypt_setup() again. + * + * You may call this function any time after the operation object has + * been initialized as described in #psa_aead_operation_t. + * + * In particular, calling psa_aead_abort() after the operation has been + * terminated by a call to psa_aead_abort(), psa_aead_finish() or + * psa_aead_verify() is safe and has no effect. + * + * \param[in,out] operation Initialized AEAD operation. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_abort(psa_aead_operation_t *operation); + +/**@}*/ + +/** \defgroup asymmetric Asymmetric cryptography + * @{ + */ + +/** + * \brief Sign a hash or short message with a private key. + * + * Note that to perform a hash-and-sign signature algorithm, you must + * first calculate the hash by calling psa_hash_setup(), psa_hash_update() + * and psa_hash_finish(). Then pass the resulting hash as the \p hash + * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) + * to determine the hash algorithm to use. + * + * \param handle Handle to the key to use for the operation. + * It must be an asymmetric key pair. + * \param alg A signature algorithm that is compatible with + * the type of \p handle. + * \param[in] hash The hash or message to sign. + * \param hash_length Size of the \p hash buffer in bytes. + * \param[out] signature Buffer where the signature is to be written. + * \param signature_size Size of the \p signature buffer in bytes. + * \param[out] signature_length On success, the number of bytes + * that make up the returned signature value. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p signature buffer is too small. You can + * determine a sufficient buffer size by calling + * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) + * where \c key_type and \c key_bits are the type and bit-size + * respectively of \p handle. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_sign_hash(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length); + +/** + * \brief Verify the signature a hash or short message using a public key. + * + * Note that to perform a hash-and-sign signature algorithm, you must + * first calculate the hash by calling psa_hash_setup(), psa_hash_update() + * and psa_hash_finish(). Then pass the resulting hash as the \p hash + * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) + * to determine the hash algorithm to use. + * + * \param handle Handle to the key to use for the operation. + * It must be a public key or an asymmetric key pair. + * \param alg A signature algorithm that is compatible with + * the type of \p handle. + * \param[in] hash The hash or message whose signature is to be + * verified. + * \param hash_length Size of the \p hash buffer in bytes. + * \param[in] signature Buffer containing the signature to verify. + * \param signature_length Size of the \p signature buffer in bytes. + * + * \retval #PSA_SUCCESS + * The signature is valid. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The calculation was perfomed successfully, but the passed + * signature is not a valid signature. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_verify_hash(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length); + +/** + * \brief Encrypt a short message with a public key. + * + * \param handle Handle to the key to use for the operation. + * It must be a public key or an asymmetric + * key pair. + * \param alg An asymmetric encryption algorithm that is + * compatible with the type of \p handle. + * \param[in] input The message to encrypt. + * \param input_length Size of the \p input buffer in bytes. + * \param[in] salt A salt or label, if supported by the + * encryption algorithm. + * If the algorithm does not support a + * salt, pass \c NULL. + * If the algorithm supports an optional + * salt and you do not want to pass a salt, + * pass \c NULL. + * + * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is + * supported. + * \param salt_length Size of the \p salt buffer in bytes. + * If \p salt is \c NULL, pass 0. + * \param[out] output Buffer where the encrypted message is to + * be written. + * \param output_size Size of the \p output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the returned output. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. You can + * determine a sufficient buffer size by calling + * #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) + * where \c key_type and \c key_bits are the type and bit-size + * respectively of \p handle. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/** + * \brief Decrypt a short message with a private key. + * + * \param handle Handle to the key to use for the operation. + * It must be an asymmetric key pair. + * \param alg An asymmetric encryption algorithm that is + * compatible with the type of \p handle. + * \param[in] input The message to decrypt. + * \param input_length Size of the \p input buffer in bytes. + * \param[in] salt A salt or label, if supported by the + * encryption algorithm. + * If the algorithm does not support a + * salt, pass \c NULL. + * If the algorithm supports an optional + * salt and you do not want to pass a salt, + * pass \c NULL. + * + * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is + * supported. + * \param salt_length Size of the \p salt buffer in bytes. + * If \p salt is \c NULL, pass 0. + * \param[out] output Buffer where the decrypted message is to + * be written. + * \param output_size Size of the \c output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the returned output. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. You can + * determine a sufficient buffer size by calling + * #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) + * where \c key_type and \c key_bits are the type and bit-size + * respectively of \p handle. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_INVALID_PADDING + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_asymmetric_decrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/**@}*/ + +/** \defgroup key_derivation Key derivation and pseudorandom generation + * @{ + */ + +/** The type of the state data structure for key derivation operations. + * + * Before calling any function on a key derivation operation object, the + * application must initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_key_derivation_operation_t operation; + * memset(&operation, 0, sizeof(operation)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_key_derivation_operation_t operation = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_KEY_DERIVATION_OPERATION_INIT, + * for example: + * \code + * psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; + * \endcode + * - Assign the result of the function psa_key_derivation_operation_init() + * to the structure, for example: + * \code + * psa_key_derivation_operation_t operation; + * operation = psa_key_derivation_operation_init(); + * \endcode + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. + */ +typedef struct psa_key_derivation_s psa_key_derivation_operation_t; + +/** \def PSA_KEY_DERIVATION_OPERATION_INIT + * + * This macro returns a suitable initializer for a key derivation operation + * object of type #psa_key_derivation_operation_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_KEY_DERIVATION_OPERATION_INIT {0} +#endif + +/** Return an initial value for a key derivation operation object. + */ +static psa_key_derivation_operation_t psa_key_derivation_operation_init(void); + +/** Set up a key derivation operation. + * + * A key derivation algorithm takes some inputs and uses them to generate + * a byte stream in a deterministic way. + * This byte stream can be used to produce keys and other + * cryptographic material. + * + * To derive a key: + * -# Start with an initialized object of type #psa_key_derivation_operation_t. + * -# Call psa_key_derivation_setup() to select the algorithm. + * -# Provide the inputs for the key derivation by calling + * psa_key_derivation_input_bytes() or psa_key_derivation_input_key() + * as appropriate. Which inputs are needed, in what order, and whether + * they may be keys and if so of what type depends on the algorithm. + * -# Optionally set the operation's maximum capacity with + * psa_key_derivation_set_capacity(). You may do this before, in the middle + * of or after providing inputs. For some algorithms, this step is mandatory + * because the output depends on the maximum capacity. + * -# To derive a key, call psa_key_derivation_output_key(). + * To derive a byte string for a different purpose, call + * psa_key_derivation_output_bytes(). + * Successive calls to these functions use successive output bytes + * calculated by the key derivation algorithm. + * -# Clean up the key derivation operation object with + * psa_key_derivation_abort(). + * + * If this function returns an error, the key derivation operation object is + * not changed. + * + * If an error occurs at any step after a call to psa_key_derivation_setup(), + * the operation will need to be reset by a call to psa_key_derivation_abort(). + * + * Implementations must reject an attempt to derive a key of size 0. + * + * \param[in,out] operation The key derivation operation object + * to set up. It must + * have been initialized but not set up yet. + * \param alg The key derivation algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_KEY_DERIVATION(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c alg is not a key derivation algorithm. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \c alg is not supported or is not a key derivation algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_setup( + psa_key_derivation_operation_t *operation, + psa_algorithm_t alg); + +/** Retrieve the current capacity of a key derivation operation. + * + * The capacity of a key derivation is the maximum number of bytes that it can + * return. When you get *N* bytes of output from a key derivation operation, + * this reduces its capacity by *N*. + * + * \param[in] operation The operation to query. + * \param[out] capacity On success, the capacity of the operation. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active). + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_get_capacity( + const psa_key_derivation_operation_t *operation, + size_t *capacity); + +/** Set the maximum capacity of a key derivation operation. + * + * The capacity of a key derivation operation is the maximum number of bytes + * that the key derivation operation can return from this point onwards. + * + * \param[in,out] operation The key derivation operation object to modify. + * \param capacity The new capacity of the operation. + * It must be less or equal to the operation's + * current capacity. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p capacity is larger than the operation's current capacity. + * In this case, the operation object remains valid and its capacity + * remains unchanged. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active). + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_set_capacity( + psa_key_derivation_operation_t *operation, + size_t capacity); + +/** Use the maximum possible capacity for a key derivation operation. + * + * Use this value as the capacity argument when setting up a key derivation + * to indicate that the operation should have the maximum possible capacity. + * The value of the maximum possible capacity depends on the key derivation + * algorithm. + */ +#define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ((size_t)(-1)) + +/** Provide an input for key derivation or key agreement. + * + * Which inputs are required and in what order depends on the algorithm. + * Refer to the documentation of each key derivation or key agreement + * algorithm for information. + * + * This function passes direct inputs, which is usually correct for + * non-secret inputs. To pass a secret input, which should be in a key + * object, call psa_key_derivation_input_key() instead of this function. + * Refer to the documentation of individual step types + * (`PSA_KEY_DERIVATION_INPUT_xxx` values of type ::psa_key_derivation_step_t) + * for more information. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_key_derivation_abort(). + * + * \param[in,out] operation The key derivation operation object to use. + * It must have been set up with + * psa_key_derivation_setup() and must not + * have produced any output yet. + * \param step Which step the input data is for. + * \param[in] data Input data to use. + * \param data_length Size of the \p data buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step is not compatible with the operation's algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step does not allow direct inputs. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid for this input \p step. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_input_bytes( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length); + +/** Provide an input for key derivation in the form of a key. + * + * Which inputs are required and in what order depends on the algorithm. + * Refer to the documentation of each key derivation or key agreement + * algorithm for information. + * + * This function obtains input from a key object, which is usually correct for + * secret inputs or for non-secret personalization strings kept in the key + * store. To pass a non-secret parameter which is not in the key store, + * call psa_key_derivation_input_bytes() instead of this function. + * Refer to the documentation of individual step types + * (`PSA_KEY_DERIVATION_INPUT_xxx` values of type ::psa_key_derivation_step_t) + * for more information. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_key_derivation_abort(). + * + * \param[in,out] operation The key derivation operation object to use. + * It must have been set up with + * psa_key_derivation_setup() and must not + * have produced any output yet. + * \param step Which step the input data is for. + * \param handle Handle to the key. It must have an + * appropriate type for \p step and must + * allow the usage #PSA_KEY_USAGE_DERIVE. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step is not compatible with the operation's algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step does not allow key inputs of the given type + * or does not allow key inputs at all. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid for this input \p step. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_input_key( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + psa_key_handle_t handle); + +/** Perform a key agreement and use the shared secret as input to a key + * derivation. + * + * A key agreement algorithm takes two inputs: a private key \p private_key + * a public key \p peer_key. + * The result of this function is passed as input to a key derivation. + * The output of this key derivation can be extracted by reading from the + * resulting operation to produce keys and other cryptographic material. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_key_derivation_abort(). + * + * \param[in,out] operation The key derivation operation object to use. + * It must have been set up with + * psa_key_derivation_setup() with a + * key agreement and derivation algorithm + * \c alg (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_KEY_AGREEMENT(\c alg) is true + * and #PSA_ALG_IS_RAW_KEY_AGREEMENT(\c alg) + * is false). + * The operation must be ready for an + * input of the type given by \p step. + * \param step Which step the input data is for. + * \param private_key Handle to the private key to use. + * \param[in] peer_key Public key of the peer. The peer key must be in the + * same format that psa_import_key() accepts for the + * public key type corresponding to the type of + * private_key. That is, this function performs the + * equivalent of + * #psa_import_key(..., + * `peer_key`, `peer_key_length`) where + * with key attributes indicating the public key + * type corresponding to the type of `private_key`. + * For example, for EC keys, this means that peer_key + * is interpreted as a point on the curve that the + * private key is on. The standard formats for public + * keys are documented in the documentation of + * psa_export_public_key(). + * \param peer_key_length Size of \p peer_key in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid for this key agreement \p step. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c private_key is not compatible with \c alg, + * or \p peer_key is not valid for \c alg or not compatible with + * \c private_key. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \c alg is not supported or is not a key derivation algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step does not allow an input resulting from a key agreement. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_key_agreement( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + psa_key_handle_t private_key, + const uint8_t *peer_key, + size_t peer_key_length); + +/** Read some data from a key derivation operation. + * + * This function calculates output bytes from a key derivation algorithm and + * return those bytes. + * If you view the key derivation's output as a stream of bytes, this + * function destructively reads the requested number of bytes from the + * stream. + * The operation's capacity decreases by the number of bytes read. + * + * If this function returns an error status other than + * #PSA_ERROR_INSUFFICIENT_DATA, the operation enters an error + * state and must be aborted by calling psa_key_derivation_abort(). + * + * \param[in,out] operation The key derivation operation object to read from. + * \param[out] output Buffer where the output will be written. + * \param output_length Number of bytes to output. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INSUFFICIENT_DATA + * The operation's capacity was less than + * \p output_length bytes. Note that in this case, + * no output is written to the output buffer. + * The operation's capacity is set to 0, thus + * subsequent calls to this function will not + * succeed, even with a smaller output buffer. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active and completed + * all required input steps). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_output_bytes( + psa_key_derivation_operation_t *operation, + uint8_t *output, + size_t output_length); + +/** Derive a key from an ongoing key derivation operation. + * + * This function calculates output bytes from a key derivation algorithm + * and uses those bytes to generate a key deterministically. + * The key's location, usage policy, type and size are taken from + * \p attributes. + * + * If you view the key derivation's output as a stream of bytes, this + * function destructively reads as many bytes as required from the + * stream. + * The operation's capacity decreases by the number of bytes read. + * + * If this function returns an error status other than + * #PSA_ERROR_INSUFFICIENT_DATA, the operation enters an error + * state and must be aborted by calling psa_key_derivation_abort(). + * + * How much output is produced and consumed from the operation, and how + * the key is derived, depends on the key type: + * + * - For key types for which the key is an arbitrary sequence of bytes + * of a given size, this function is functionally equivalent to + * calling #psa_key_derivation_output_bytes + * and passing the resulting output to #psa_import_key. + * However, this function has a security benefit: + * if the implementation provides an isolation boundary then + * the key material is not exposed outside the isolation boundary. + * As a consequence, for these key types, this function always consumes + * exactly (\p bits / 8) bytes from the operation. + * The following key types defined in this specification follow this scheme: + * + * - #PSA_KEY_TYPE_AES; + * - #PSA_KEY_TYPE_ARC4; + * - #PSA_KEY_TYPE_CAMELLIA; + * - #PSA_KEY_TYPE_DERIVE; + * - #PSA_KEY_TYPE_HMAC. + * + * - For ECC keys on a Montgomery elliptic curve + * (#PSA_KEY_TYPE_ECC_KEY_PAIR(\c curve) where \c curve designates a + * Montgomery curve), this function always draws a byte string whose + * length is determined by the curve, and sets the mandatory bits + * accordingly. That is: + * + * - #PSA_ECC_CURVE_CURVE25519: draw a 32-byte string + * and process it as specified in RFC 7748 §5. + * - #PSA_ECC_CURVE_CURVE448: draw a 56-byte string + * and process it as specified in RFC 7748 §5. + * + * - For key types for which the key is represented by a single sequence of + * \p bits bits with constraints as to which bit sequences are acceptable, + * this function draws a byte string of length (\p bits / 8) bytes rounded + * up to the nearest whole number of bytes. If the resulting byte string + * is acceptable, it becomes the key, otherwise the drawn bytes are discarded. + * This process is repeated until an acceptable byte string is drawn. + * The byte string drawn from the operation is interpreted as specified + * for the output produced by psa_export_key(). + * The following key types defined in this specification follow this scheme: + * + * - #PSA_KEY_TYPE_DES. + * Force-set the parity bits, but discard forbidden weak keys. + * For 2-key and 3-key triple-DES, the three keys are generated + * successively (for example, for 3-key triple-DES, + * if the first 8 bytes specify a weak key and the next 8 bytes do not, + * discard the first 8 bytes, use the next 8 bytes as the first key, + * and continue reading output from the operation to derive the other + * two keys). + * - Finite-field Diffie-Hellman keys (#PSA_KEY_TYPE_DH_KEY_PAIR(\c group) + * where \c group designates any Diffie-Hellman group) and + * ECC keys on a Weierstrass elliptic curve + * (#PSA_KEY_TYPE_ECC_KEY_PAIR(\c curve) where \c curve designates a + * Weierstrass curve). + * For these key types, interpret the byte string as integer + * in big-endian order. Discard it if it is not in the range + * [0, *N* - 2] where *N* is the boundary of the private key domain + * (the prime *p* for Diffie-Hellman, the subprime *q* for DSA, + * or the order of the curve's base point for ECC). + * Add 1 to the resulting integer and use this as the private key *x*. + * This method allows compliance to NIST standards, specifically + * the methods titled "key-pair generation by testing candidates" + * in NIST SP 800-56A §5.6.1.1.4 for Diffie-Hellman, + * in FIPS 186-4 §B.1.2 for DSA, and + * in NIST SP 800-56A §5.6.1.2.2 or + * FIPS 186-4 §B.4.2 for elliptic curve keys. + * + * - For other key types, including #PSA_KEY_TYPE_RSA_KEY_PAIR, + * the way in which the operation output is consumed is + * implementation-defined. + * + * In all cases, the data that is read is discarded from the operation. + * The operation's capacity is decreased by the number of bytes read. + * + * For algorithms that take an input step #PSA_KEY_DERIVATION_INPUT_SECRET, + * the input to that step must be provided with psa_key_derivation_input_key(). + * Future versions of this specification may include additional restrictions + * on the derived key based on the attributes and strength of the secret key. + * + * \param[in] attributes The attributes for the new key. + * \param[in,out] operation The key derivation operation object to read from. + * \param[out] handle On success, a handle to the newly created key. + * \c 0 on failure. + * + * \retval #PSA_SUCCESS + * Success. + * If the key is persistent, the key material and the key's metadata + * have been saved to persistent storage. + * \retval #PSA_ERROR_ALREADY_EXISTS + * This is an attempt to create a persistent key, and there is + * already a persistent key with the given identifier. + * \retval #PSA_ERROR_INSUFFICIENT_DATA + * There was not enough data to create the desired key. + * Note that in this case, no output is written to the output buffer. + * The operation's capacity is set to 0, thus subsequent calls to + * this function will not succeed, even with a smaller output buffer. + * \retval #PSA_ERROR_NOT_SUPPORTED + * The key type or key size is not supported, either by the + * implementation in general or in this particular location. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The provided key attributes are not valid for the operation. + * \retval #PSA_ERROR_NOT_PERMITTED + * The #PSA_KEY_DERIVATION_INPUT_SECRET input was not provided through + * a key. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active and completed + * all required input steps). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_output_key( + const psa_key_attributes_t *attributes, + psa_key_derivation_operation_t *operation, + psa_key_handle_t *handle); + +/** Abort a key derivation operation. + * + * Aborting an operation frees all associated resources except for the \c + * operation structure itself. Once aborted, the operation object can be reused + * for another operation by calling psa_key_derivation_setup() again. + * + * This function may be called at any time after the operation + * object has been initialized as described in #psa_key_derivation_operation_t. + * + * In particular, it is valid to call psa_key_derivation_abort() twice, or to + * call psa_key_derivation_abort() on an operation that has not been set up. + * + * \param[in,out] operation The operation to abort. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_abort( + psa_key_derivation_operation_t *operation); + +/** Perform a key agreement and return the raw shared secret. + * + * \warning The raw result of a key agreement algorithm such as finite-field + * Diffie-Hellman or elliptic curve Diffie-Hellman has biases and should + * not be used directly as key material. It should instead be passed as + * input to a key derivation algorithm. To chain a key agreement with + * a key derivation, use psa_key_derivation_key_agreement() and other + * functions from the key derivation interface. + * + * \param alg The key agreement algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_RAW_KEY_AGREEMENT(\p alg) + * is true). + * \param private_key Handle to the private key to use. + * \param[in] peer_key Public key of the peer. It must be + * in the same format that psa_import_key() + * accepts. The standard formats for public + * keys are documented in the documentation + * of psa_export_public_key(). + * \param peer_key_length Size of \p peer_key in bytes. + * \param[out] output Buffer where the decrypted message is to + * be written. + * \param output_size Size of the \c output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the returned output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p alg is not a key agreement algorithm + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p private_key is not compatible with \p alg, + * or \p peer_key is not valid for \p alg or not compatible with + * \p private_key. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p output_size is too small + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not a supported key agreement algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, + psa_key_handle_t private_key, + const uint8_t *peer_key, + size_t peer_key_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/**@}*/ + +/** \defgroup random Random generation + * @{ + */ + +/** + * \brief Generate random bytes. + * + * \warning This function **can** fail! Callers MUST check the return status + * and MUST NOT use the content of the output buffer if the return + * status is not #PSA_SUCCESS. + * + * \note To generate a key, use psa_generate_key() instead. + * + * \param[out] output Output buffer for the generated data. + * \param output_size Number of bytes to generate and output. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_generate_random(uint8_t *output, + size_t output_size); + +/** + * \brief Generate a key or key pair. + * + * The key is generated randomly. + * Its location, usage policy, type and size are taken from \p attributes. + * + * Implementations must reject an attempt to generate a key of size 0. + * + * The following type-specific considerations apply: + * - For RSA keys (#PSA_KEY_TYPE_RSA_KEY_PAIR), + * the public exponent is 65537. + * The modulus is a product of two probabilistic primes + * between 2^{n-1} and 2^n where n is the bit size specified in the + * attributes. + * + * \param[in] attributes The attributes for the new key. + * \param[out] handle On success, a handle to the newly created key. + * \c 0 on failure. + * + * \retval #PSA_SUCCESS + * Success. + * If the key is persistent, the key material and the key's metadata + * have been saved to persistent storage. + * \retval #PSA_ERROR_ALREADY_EXISTS + * This is an attempt to create a persistent key, and there is + * already a persistent key with the given identifier. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, + psa_key_handle_t *handle); + +/**@}*/ + +#ifdef __cplusplus +} +#endif + +/* The file "crypto_sizes.h" contains definitions for size calculation + * macros whose definitions are implementation-specific. */ +#include "psa/crypto_sizes.h" + +/* The file "crypto_client_struct.h" contains definitions for structures + * whose definitions differ in the client view and the PSA server + * implementation in TF-M. */ +#include "psa/crypto_client_struct.h" + + +/* The file "crypto_struct.h" contains definitions for + * implementation-specific structs that are declared above. */ +#include "psa/crypto_struct.h" + +/* The file "crypto_extra.h" contains vendor-specific definitions. This + * can include vendor-defined algorithms, extra functions, etc. */ +#include "psa/crypto_extra.h" + +#endif /* PSA_CRYPTO_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_client_struct.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_client_struct.h new file mode 100644 index 0000000..1d919b0 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_client_struct.h @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +/** + * \file psa/crypto_client_struct.h + * + * \brief PSA cryptography client key attribute definitions + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + * + * This file contains the definitions of some data structures with + * PSA crypto client specific definitions. This is for implementations + * with isolation between the Client applications and the Crypto + * Server module, it is expected that the front-end and the back-end + * would have different versions of the data structure. + */ +#ifndef PSA_CRYPTO_CLIENT_STRUCT_H +#define PSA_CRYPTO_CLIENT_STRUCT_H + +#ifdef __cplusplus +extern "C" { +#endif + +/* This is the client view of the `key_attributes` structure. Only + * fields which need to be set by the PSA crypto client are present. + * The PSA crypto service will maintain a different version of the + * data structure internally. */ +struct psa_client_key_attributes_s +{ + uint32_t type; + uint32_t lifetime; + uint32_t id; + uint32_t alg; + uint32_t alg2; + uint32_t usage; + uint16_t bits; +}; + +#define PSA_CLIENT_KEY_ATTRIBUTES_INIT {0, 0, 0, 0, 0, 0, 0} + +#ifdef __cplusplus +} +#endif + +#endif /* PSA_CRYPTO_CLIENT_STRUCT_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_compat.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_compat.h new file mode 100644 index 0000000..518008b --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_compat.h @@ -0,0 +1,111 @@ +/** + * \file psa/crypto_compat.h + * + * \brief PSA cryptography module: Backward compatibility aliases + * + * This header declares alternative names for macro and functions. + * New application code should not use these names. + * These names may be removed in a future version of Mbed Crypto. + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + */ +/* + * Copyright (C) 2019-2020, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef PSA_CRYPTO_COMPAT_H +#define PSA_CRYPTO_COMPAT_H + +#ifdef __cplusplus +extern "C" { +#endif + +#if !defined(MBEDTLS_DEPRECATED_REMOVED) + +/* + * Mechanism for declaring deprecated values + */ +#if defined(MBEDTLS_DEPRECATED_WARNING) && !defined(MBEDTLS_PSA_DEPRECATED) +#define MBEDTLS_PSA_DEPRECATED __attribute__((deprecated)) +#else +#define MBEDTLS_PSA_DEPRECATED +#endif + +typedef MBEDTLS_PSA_DEPRECATED size_t mbedtls_deprecated_size_t; +typedef MBEDTLS_PSA_DEPRECATED psa_status_t mbedtls_deprecated_psa_status_t; +typedef MBEDTLS_PSA_DEPRECATED psa_key_usage_t mbedtls_deprecated_psa_key_usage_t; + +#define MBEDTLS_DEPRECATED_CONSTANT( type, value ) \ + ( (mbedtls_deprecated_##type) ( value ) ) + +/* + * Deprecated PSA Crypto error code definitions (PSA Crypto API <= 1.0 beta2) + */ +#define PSA_ERROR_UNKNOWN_ERROR \ + MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_GENERIC_ERROR ) +#define PSA_ERROR_OCCUPIED_SLOT \ + MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_ALREADY_EXISTS ) +#define PSA_ERROR_EMPTY_SLOT \ + MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_DOES_NOT_EXIST ) +#define PSA_ERROR_INSUFFICIENT_CAPACITY \ + MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_INSUFFICIENT_DATA ) +#define PSA_ERROR_TAMPERING_DETECTED \ + MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_CORRUPTION_DETECTED ) + +/* + * Deprecated PSA Crypto numerical encodings (PSA Crypto API <= 1.0 beta3) + */ +#define PSA_KEY_USAGE_SIGN \ + MBEDTLS_DEPRECATED_CONSTANT( psa_key_usage_t, PSA_KEY_USAGE_SIGN_HASH ) +#define PSA_KEY_USAGE_VERIFY \ + MBEDTLS_DEPRECATED_CONSTANT( psa_key_usage_t, PSA_KEY_USAGE_VERIFY_HASH ) + +/* + * Deprecated PSA Crypto size calculation macros (PSA Crypto API <= 1.0 beta3) + */ +#define PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE \ + MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_SIGNATURE_MAX_SIZE ) +#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ) \ + MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ) ) + +/* + * Deprecated PSA Crypto function names (PSA Crypto API <= 1.0 beta3) + */ +MBEDTLS_PSA_DEPRECATED psa_status_t psa_asymmetric_sign( psa_key_handle_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length ); + +MBEDTLS_PSA_DEPRECATED psa_status_t psa_asymmetric_verify( psa_key_handle_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length ); + +#endif /* MBEDTLS_DEPRECATED_REMOVED */ + +#ifdef __cplusplus +} +#endif + +#endif /* PSA_CRYPTO_COMPAT_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_extra.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_extra.h new file mode 100644 index 0000000..d658b76 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_extra.h @@ -0,0 +1,102 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +/** + * \file psa/crypto_extra.h + * + * \brief PSA cryptography module: vendor extensions + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + * + * This file is reserved for vendor-specific definitions. + */ + +#ifndef PSA_CRYPTO_EXTRA_H +#define PSA_CRYPTO_EXTRA_H + +#include "psa/crypto_compat.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** \addtogroup crypto_types + * @{ + */ + +/** DSA public key. + * + * The import and export format is the + * representation of the public key `y = g^x mod p` as a big-endian byte + * string. The length of the byte string is the length of the base prime `p` + * in bytes. + */ +#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x60020000) + +/** DSA key pair (private and public key). + * + * The import and export format is the + * representation of the private key `x` as a big-endian byte string. The + * length of the byte string is the private key size in bytes (leading zeroes + * are not stripped). + * + * Determinstic DSA key derivation with psa_generate_derived_key follows + * FIPS 186-4 §B.1.2: interpret the byte string as integer + * in big-endian order. Discard it if it is not in the range + * [0, *N* - 2] where *N* is the boundary of the private key domain + * (the prime *p* for Diffie-Hellman, the subprime *q* for DSA, + * or the order of the curve's base point for ECC). + * Add 1 to the resulting integer and use this as the private key *x*. + * + */ +#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x70020000) + +/**@}*/ + +/** \brief Declare the enrollment algorithm for a key. + * + * An operation on a key may indifferently use the algorithm set with + * psa_set_key_algorithm() or with this function. + * + * \param[out] attributes The attribute structure to write to. + * \param alg2 A second algorithm that the key may be used + * for, in addition to the algorithm set with + * psa_set_key_algorithm(). + * + * \warning Setting an enrollment algorithm is not recommended, because + * using the same key with different algorithms can allow some + * attacks based on arithmetic relations between different + * computations made with the same key, or can escalate harmless + * side channels into exploitable ones. Use this function only + * if it is necessary to support a protocol for which it has been + * verified that the usage of the key with multiple algorithms + * is safe. + */ +static inline void psa_set_key_enrollment_algorithm( + psa_key_attributes_t *attributes, + psa_algorithm_t alg2) +{ + attributes->alg2 = alg2; +} + +/** Retrieve the enrollment algorithm policy from key attributes. + * + * \param[in] attributes The key attribute structure to query. + * + * \return The enrollment algorithm stored in the attribute structure. + */ +static inline psa_algorithm_t psa_get_key_enrollment_algorithm( + const psa_key_attributes_t *attributes) +{ + return attributes->alg2; +} + +#ifdef __cplusplus +} +#endif + +#endif /* PSA_CRYPTO_EXTRA_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_platform.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_platform.h new file mode 100644 index 0000000..c3120e4 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_platform.h @@ -0,0 +1,51 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +/** + * \file psa/crypto_platform.h + * + * \brief PSA cryptography module: Mbed TLS platform definitions + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + * + * This file contains platform-dependent type definitions. + * + * In implementations with isolation between the application and the + * cryptography module, implementers should take care to ensure that + * the definitions that are exposed to applications match what the + * module implements. + */ + +#ifndef PSA_CRYPTO_PLATFORM_H +#define PSA_CRYPTO_PLATFORM_H + +/* PSA requires several types which C99 provides in stdint.h. */ +#include + +/* Integral type representing a key handle. */ +typedef uint16_t psa_key_handle_t; + +/* This implementation distinguishes *application key identifiers*, which + * are the key identifiers specified by the application, from + * *key file identifiers*, which are the key identifiers that the library + * sees internally. The two types can be different if there is a remote + * call layer between the application and the library which supports + * multiple client applications that do not have access to each others' + * keys. The point of having different types is that the key file + * identifier may encode not only the key identifier specified by the + * application, but also the the identity of the application. + * + * Note that this is an internal concept of the library and the remote + * call layer. The application itself never sees anything other than + * #psa_app_key_id_t with its standard definition. + */ + +/* The application key identifier is always what the application sees as + * #psa_key_id_t. */ +typedef uint32_t psa_app_key_id_t; + +#endif /* PSA_CRYPTO_PLATFORM_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_sizes.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_sizes.h new file mode 100644 index 0000000..4f67501 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_sizes.h @@ -0,0 +1,650 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +/** + * \file psa/crypto_sizes.h + * + * \brief PSA cryptography module: Mbed TLS buffer size macros + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + * + * This file contains the definitions of macros that are useful to + * compute buffer sizes. The signatures and semantics of these macros + * are standardized, but the definitions are not, because they depend on + * the available algorithms and, in some cases, on permitted tolerances + * on buffer sizes. + * + * In implementations with isolation between the application and the + * cryptography module, implementers should take care to ensure that + * the definitions that are exposed to applications match what the + * module implements. + * + * Macros that compute sizes whose values do not depend on the + * implementation are in crypto.h. + */ + +#ifndef PSA_CRYPTO_SIZES_H +#define PSA_CRYPTO_SIZES_H + +#define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8) +#define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8) + +#define PSA_ROUND_UP_TO_MULTIPLE(block_size, length) \ + (((length) + (block_size) - 1) / (block_size) * (block_size)) + +/** The size of the output of psa_hash_finish(), in bytes. + * + * This is also the hash size that psa_hash_verify() expects. + * + * \param alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p alg) is true), or an HMAC algorithm + * (#PSA_ALG_HMAC(\c hash_alg) where \c hash_alg is a + * hash algorithm). + * + * \return The hash size for the specified hash algorithm. + * If the hash algorithm is not recognized, return 0. + * An implementation may return either 0 or the correct size + * for a hash algorithm that it recognizes, but does not support. + */ +#define PSA_HASH_SIZE(alg) \ + ( \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 16 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \ + 0) + +/** \def PSA_HASH_MAX_SIZE + * + * Maximum size of a hash. + * + * This macro must expand to a compile-time constant integer. This value + * should be the maximum size of a hash supported by the implementation, + * in bytes, and must be no smaller than this maximum. + */ +/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-226, + * 136 bytes for HMAC-SHA3-256, 104 bytes for SHA3-384, 72 bytes for + * HMAC-SHA3-512. */ +#define PSA_HASH_MAX_SIZE 64 +#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128 + +/** \def PSA_MAC_MAX_SIZE + * + * Maximum size of a MAC. + * + * This macro must expand to a compile-time constant integer. This value + * should be the maximum size of a MAC supported by the implementation, + * in bytes, and must be no smaller than this maximum. + */ +/* All non-HMAC MACs have a maximum size that's smaller than the + * minimum possible value of PSA_HASH_MAX_SIZE in this implementation. */ +/* Note that the encoding of truncated MAC algorithms limits this value + * to 64 bytes. + */ +#define PSA_MAC_MAX_SIZE PSA_HASH_MAX_SIZE + +/** The tag size for an AEAD algorithm, in bytes. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \return The tag size for the specified algorithm. + * If the AEAD algorithm does not have an identified + * tag that can be distinguished from the rest of + * the ciphertext, return 0. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. + */ +#define PSA_AEAD_TAG_LENGTH(alg) \ + (PSA_ALG_IS_AEAD(alg) ? \ + (((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET) : \ + 0) + +/* The maximum size of an RSA key on this implementation, in bits. + * This is a vendor-specific macro. + * + * Mbed TLS does not set a hard limit on the size of RSA keys: any key + * whose parameters fit in a bignum is accepted. However large keys can + * induce a large memory usage and long computation times. Unlike other + * auxiliary macros in this file and in crypto.h, which reflect how the + * library is configured, this macro defines how the library is + * configured. This implementation refuses to import or generate an + * RSA key whose size is larger than the value defined here. + * + * Note that an implementation may set different size limits for different + * operations, and does not need to accept all key sizes up to the limit. */ +#define PSA_VENDOR_RSA_MAX_KEY_BITS 4096 + +/* The maximum size of an ECC key on this implementation, in bits. + * This is a vendor-specific macro. */ +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 521 + +/** Bit size associated with an elliptic curve. + * + * \param curve An elliptic curve (value of type #psa_ecc_curve_t). + * + * \return The size associated with \p curve, in bits. + * This may be 0 if the implementation does not support + * the specified curve. + */ +#define PSA_ECC_CURVE_BITS(curve) \ + ((curve) == PSA_ECC_CURVE_SECT163K1 ? 163 : \ + (curve) == PSA_ECC_CURVE_SECT163R1 ? 163 : \ + (curve) == PSA_ECC_CURVE_SECT163R2 ? 163 : \ + (curve) == PSA_ECC_CURVE_SECT193R1 ? 193 : \ + (curve) == PSA_ECC_CURVE_SECT193R2 ? 193 : \ + (curve) == PSA_ECC_CURVE_SECT233K1 ? 233 : \ + (curve) == PSA_ECC_CURVE_SECT233R1 ? 233 : \ + (curve) == PSA_ECC_CURVE_SECT239K1 ? 239 : \ + (curve) == PSA_ECC_CURVE_SECT283K1 ? 283 : \ + (curve) == PSA_ECC_CURVE_SECT283R1 ? 283 : \ + (curve) == PSA_ECC_CURVE_SECT409K1 ? 409 : \ + (curve) == PSA_ECC_CURVE_SECT409R1 ? 409 : \ + (curve) == PSA_ECC_CURVE_SECT571K1 ? 571 : \ + (curve) == PSA_ECC_CURVE_SECT571R1 ? 571 : \ + (curve) == PSA_ECC_CURVE_SECP160K1 ? 160 : \ + (curve) == PSA_ECC_CURVE_SECP160R1 ? 160 : \ + (curve) == PSA_ECC_CURVE_SECP160R2 ? 160 : \ + (curve) == PSA_ECC_CURVE_SECP192K1 ? 192 : \ + (curve) == PSA_ECC_CURVE_SECP192R1 ? 192 : \ + (curve) == PSA_ECC_CURVE_SECP224K1 ? 224 : \ + (curve) == PSA_ECC_CURVE_SECP224R1 ? 224 : \ + (curve) == PSA_ECC_CURVE_SECP256K1 ? 256 : \ + (curve) == PSA_ECC_CURVE_SECP256R1 ? 256 : \ + (curve) == PSA_ECC_CURVE_SECP384R1 ? 384 : \ + (curve) == PSA_ECC_CURVE_SECP521R1 ? 521 : \ + (curve) == PSA_ECC_CURVE_BRAINPOOL_P256R1 ? 256 : \ + (curve) == PSA_ECC_CURVE_BRAINPOOL_P384R1 ? 384 : \ + (curve) == PSA_ECC_CURVE_BRAINPOOL_P512R1 ? 512 : \ + (curve) == PSA_ECC_CURVE_CURVE25519 ? 255 : \ + (curve) == PSA_ECC_CURVE_CURVE448 ? 448 : \ + 0) + +/** \def PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN + * + * This macro returns the maximum length of the PSK supported + * by the TLS-1.2 PSK-to-MS key derivation. + * + * Quoting RFC 4279, Sect 5.3: + * TLS implementations supporting these ciphersuites MUST support + * arbitrary PSK identities up to 128 octets in length, and arbitrary + * PSKs up to 64 octets in length. Supporting longer identities and + * keys is RECOMMENDED. + * + * Therefore, no implementation should define a value smaller than 64 + * for #PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN. + */ +#define PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN 128 + +/** The maximum size of a block cipher supported by the implementation. */ +#define PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE 16 + +/** The size of the output of psa_mac_sign_finish(), in bytes. + * + * This is also the MAC size that psa_mac_verify_finish() expects. + * + * \param key_type The type of the MAC key. + * \param key_bits The size of the MAC key in bits. + * \param alg A MAC algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_MAC(\p alg) is true). + * + * \return The MAC size for the specified algorithm with + * the specified key parameters. + * \return 0 if the MAC algorithm is not recognized. + * \return Either 0 or the correct size for a MAC algorithm that + * the implementation recognizes, but does not support. + * \return Unspecified if the key parameters are not consistent + * with the algorithm. + */ +#define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \ + ((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) : \ + PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_GET_HASH(alg)) : \ + PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \ + ((void)(key_type), (void)(key_bits), 0)) + +/** The maximum size of the output of psa_aead_encrypt(), in bytes. + * + * If the size of the ciphertext buffer is at least this large, it is + * guaranteed that psa_aead_encrypt() will not fail due to an + * insufficient buffer size. Depending on the algorithm, the actual size of + * the ciphertext may be smaller. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * \param plaintext_length Size of the plaintext in bytes. + * + * \return The AEAD ciphertext size for the specified + * algorithm. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. + */ +#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) \ + (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \ + (plaintext_length) + PSA_AEAD_TAG_LENGTH(alg) : \ + 0) + +/** The maximum size of the output of psa_aead_decrypt(), in bytes. + * + * If the size of the plaintext buffer is at least this large, it is + * guaranteed that psa_aead_decrypt() will not fail due to an + * insufficient buffer size. Depending on the algorithm, the actual size of + * the plaintext may be smaller. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * \param ciphertext_length Size of the plaintext in bytes. + * + * \return The AEAD ciphertext size for the specified + * algorithm. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. + */ +#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \ + (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \ + (ciphertext_length) - PSA_AEAD_TAG_LENGTH(alg) : \ + 0) + +/** A sufficient output buffer size for psa_aead_update(). + * + * If the size of the output buffer is at least this large, it is + * guaranteed that psa_aead_update() will not fail due to an + * insufficient buffer size. The actual size of the output may be smaller + * in any given call. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * \param input_length Size of the input in bytes. + * + * \return A sufficient output buffer size for the specified + * algorithm. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. + */ +/* For all the AEAD modes defined in this specification, it is possible + * to emit output without delay. However, hardware may not always be + * capable of this. So for modes based on a block cipher, allow the + * implementation to delay the output until it has a full block. */ +#define PSA_AEAD_UPDATE_OUTPUT_SIZE(alg, input_length) \ + (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_ROUND_UP_TO_MULTIPLE(PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE, (input_length)) : \ + (input_length)) + +/** A sufficient ciphertext buffer size for psa_aead_finish(). + * + * If the size of the ciphertext buffer is at least this large, it is + * guaranteed that psa_aead_finish() will not fail due to an + * insufficient ciphertext buffer size. The actual size of the output may + * be smaller in any given call. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \return A sufficient ciphertext buffer size for the + * specified algorithm. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. + */ +#define PSA_AEAD_FINISH_OUTPUT_SIZE(alg) \ + (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE : \ + 0) + +/** A sufficient plaintext buffer size for psa_aead_verify(). + * + * If the size of the plaintext buffer is at least this large, it is + * guaranteed that psa_aead_verify() will not fail due to an + * insufficient plaintext buffer size. The actual size of the output may + * be smaller in any given call. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \return A sufficient plaintext buffer size for the + * specified algorithm. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. + */ +#define PSA_AEAD_VERIFY_OUTPUT_SIZE(alg) \ + (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE : \ + 0) + +#define PSA_RSA_MINIMUM_PADDING_SIZE(alg) \ + (PSA_ALG_IS_RSA_OAEP(alg) ? \ + 2 * PSA_HASH_SIZE(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 : \ + 11 /*PKCS#1v1.5*/) + +/** + * \brief ECDSA signature size for a given curve bit size + * + * \param curve_bits Curve size in bits. + * \return Signature size in bytes. + * + * \note This macro returns a compile-time constant if its argument is one. + */ +#define PSA_ECDSA_SIGNATURE_SIZE(curve_bits) \ + (PSA_BITS_TO_BYTES(curve_bits) * 2) + +/** Sufficient signature buffer size for psa_sign_hash(). + * + * This macro returns a sufficient buffer size for a signature using a key + * of the specified type and size, with the specified algorithm. + * Note that the actual size of the signature may be smaller + * (some algorithms produce a variable-size signature). + * + * \warning This function may call its arguments multiple times or + * zero times, so you should not pass arguments that contain + * side effects. + * + * \param key_type An asymmetric key type (this may indifferently be a + * key pair type or a public key type). + * \param key_bits The size of the key in bits. + * \param alg The signature algorithm. + * + * \return If the parameters are valid and supported, return + * a buffer size in bytes that guarantees that + * psa_sign_hash() will not fail with + * #PSA_ERROR_BUFFER_TOO_SMALL. + * If the parameters are a valid combination that is not supported + * by the implementation, this macro shall return either a + * sensible size or 0. + * If the parameters are not valid, the + * return value is unspecified. + */ +#define PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \ + (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ + PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \ + ((void)alg, 0)) + +#define PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE \ + PSA_ECDSA_SIGNATURE_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) + +/** \def PSA_SIGNATURE_MAX_SIZE + * + * Maximum size of an asymmetric signature. + * + * This macro must expand to a compile-time constant integer. This value + * should be the maximum size of a signature supported by the implementation, + * in bytes, and must be no smaller than this maximum. + */ +#define PSA_SIGNATURE_MAX_SIZE \ + (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) > PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE ? \ + PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) : \ + PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE) + +/** Sufficient output buffer size for psa_asymmetric_encrypt(). + * + * This macro returns a sufficient buffer size for a ciphertext produced using + * a key of the specified type and size, with the specified algorithm. + * Note that the actual size of the ciphertext may be smaller, depending + * on the algorithm. + * + * \warning This function may call its arguments multiple times or + * zero times, so you should not pass arguments that contain + * side effects. + * + * \param key_type An asymmetric key type (this may indifferently be a + * key pair type or a public key type). + * \param key_bits The size of the key in bits. + * \param alg The signature algorithm. + * + * \return If the parameters are valid and supported, return + * a buffer size in bytes that guarantees that + * psa_asymmetric_encrypt() will not fail with + * #PSA_ERROR_BUFFER_TOO_SMALL. + * If the parameters are a valid combination that is not supported + * by the implementation, this macro shall return either a + * sensible size or 0. + * If the parameters are not valid, the + * return value is unspecified. + */ +#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ + (PSA_KEY_TYPE_IS_RSA(key_type) ? \ + ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ + 0) + +/** Sufficient output buffer size for psa_asymmetric_decrypt(). + * + * This macro returns a sufficient buffer size for a ciphertext produced using + * a key of the specified type and size, with the specified algorithm. + * Note that the actual size of the ciphertext may be smaller, depending + * on the algorithm. + * + * \warning This function may call its arguments multiple times or + * zero times, so you should not pass arguments that contain + * side effects. + * + * \param key_type An asymmetric key type (this may indifferently be a + * key pair type or a public key type). + * \param key_bits The size of the key in bits. + * \param alg The signature algorithm. + * + * \return If the parameters are valid and supported, return + * a buffer size in bytes that guarantees that + * psa_asymmetric_decrypt() will not fail with + * #PSA_ERROR_BUFFER_TOO_SMALL. + * If the parameters are a valid combination that is not supported + * by the implementation, this macro shall return either a + * sensible size or 0. + * If the parameters are not valid, the + * return value is unspecified. + */ +#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ + (PSA_KEY_TYPE_IS_RSA(key_type) ? \ + PSA_BITS_TO_BYTES(key_bits) - PSA_RSA_MINIMUM_PADDING_SIZE(alg) : \ + 0) + +/* Maximum size of the ASN.1 encoding of an INTEGER with the specified + * number of bits. + * + * This definition assumes that bits <= 2^19 - 9 so that the length field + * is at most 3 bytes. The length of the encoding is the length of the + * bit string padded to a whole number of bytes plus: + * - 1 type byte; + * - 1 to 3 length bytes; + * - 0 to 1 bytes of leading 0 due to the sign bit. + */ +#define PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(bits) \ + ((bits) / 8 + 5) + +/* Maximum size of the export encoding of an RSA public key. + * Assumes that the public exponent is less than 2^32. + * + * RSAPublicKey ::= SEQUENCE { + * modulus INTEGER, -- n + * publicExponent INTEGER } -- e + * + * - 4 bytes of SEQUENCE overhead; + * - n : INTEGER; + * - 7 bytes for the public exponent. + */ +#define PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) \ + (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) + 11) + +/* Maximum size of the export encoding of an RSA key pair. + * Assumes thatthe public exponent is less than 2^32 and that the size + * difference between the two primes is at most 1 bit. + * + * RSAPrivateKey ::= SEQUENCE { + * version Version, -- 0 + * modulus INTEGER, -- N-bit + * publicExponent INTEGER, -- 32-bit + * privateExponent INTEGER, -- N-bit + * prime1 INTEGER, -- N/2-bit + * prime2 INTEGER, -- N/2-bit + * exponent1 INTEGER, -- N/2-bit + * exponent2 INTEGER, -- N/2-bit + * coefficient INTEGER, -- N/2-bit + * } + * + * - 4 bytes of SEQUENCE overhead; + * - 3 bytes of version; + * - 7 half-size INTEGERs plus 2 full-size INTEGERs, + * overapproximated as 9 half-size INTEGERS; + * - 7 bytes for the public exponent. + */ +#define PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits) \ + (9 * PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE((key_bits) / 2 + 1) + 14) + +/* Maximum size of the export encoding of a DSA public key. + * + * SubjectPublicKeyInfo ::= SEQUENCE { + * algorithm AlgorithmIdentifier, + * subjectPublicKey BIT STRING } -- contains DSAPublicKey + * AlgorithmIdentifier ::= SEQUENCE { + * algorithm OBJECT IDENTIFIER, + * parameters Dss-Parms } -- SEQUENCE of 3 INTEGERs + * DSAPublicKey ::= INTEGER -- public key, Y + * + * - 3 * 4 bytes of SEQUENCE overhead; + * - 1 + 1 + 7 bytes of algorithm (DSA OID); + * - 4 bytes of BIT STRING overhead; + * - 3 full-size INTEGERs (p, g, y); + * - 1 + 1 + 32 bytes for 1 sub-size INTEGER (q <= 256 bits). + */ +#define PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) \ + (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3 + 59) + +/* Maximum size of the export encoding of a DSA key pair. + * + * DSAPrivateKey ::= SEQUENCE { + * version Version, -- 0 + * prime INTEGER, -- p + * subprime INTEGER, -- q + * generator INTEGER, -- g + * public INTEGER, -- y + * private INTEGER, -- x + * } + * + * - 4 bytes of SEQUENCE overhead; + * - 3 bytes of version; + * - 3 full-size INTEGERs (p, g, y); + * - 2 * (1 + 1 + 32) bytes for 2 sub-size INTEGERs (q, x <= 256 bits). + */ +#define PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits) \ + (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3 + 75) + +/* Maximum size of the export encoding of an ECC public key. + * + * The representation of an ECC public key is: + * - The byte 0x04; + * - `x_P` as a `ceiling(m/8)`-byte string, big-endian; + * - `y_P` as a `ceiling(m/8)`-byte string, big-endian; + * - where m is the bit size associated with the curve. + * + * - 1 byte + 2 * point size. + */ +#define PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) \ + (2 * PSA_BITS_TO_BYTES(key_bits) + 1) + +/* Maximum size of the export encoding of an ECC key pair. + * + * An ECC key pair is represented by the secret value. + */ +#define PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) \ + (PSA_BITS_TO_BYTES(key_bits)) + +/** Sufficient output buffer size for psa_export_key() or psa_export_public_key(). + * + * This macro returns a compile-time constant if its arguments are + * compile-time constants. + * + * \warning This function may call its arguments multiple times or + * zero times, so you should not pass arguments that contain + * side effects. + * + * The following code illustrates how to allocate enough memory to export + * a key by querying the key type and size at runtime. + * \code{c} + * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + * psa_status_t status; + * status = psa_get_key_attributes(key, &attributes); + * if (status != PSA_SUCCESS) handle_error(...); + * psa_key_type_t key_type = psa_get_key_type(&attributes); + * size_t key_bits = psa_get_key_bits(&attributes); + * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits); + * psa_reset_key_attributes(&attributes); + * uint8_t *buffer = malloc(buffer_size); + * if (buffer == NULL) handle_error(...); + * size_t buffer_length; + * status = psa_export_key(key, buffer, buffer_size, &buffer_length); + * if (status != PSA_SUCCESS) handle_error(...); + * \endcode + * + * For psa_export_public_key(), calculate the buffer size from the + * public key type. You can use the macro #PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR + * to convert a key pair type to the corresponding public key type. + * \code{c} + * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + * psa_status_t status; + * status = psa_get_key_attributes(key, &attributes); + * if (status != PSA_SUCCESS) handle_error(...); + * psa_key_type_t key_type = psa_get_key_type(&attributes); + * psa_key_type_t public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(key_type); + * size_t key_bits = psa_get_key_bits(&attributes); + * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(public_key_type, key_bits); + * psa_reset_key_attributes(&attributes); + * uint8_t *buffer = malloc(buffer_size); + * if (buffer == NULL) handle_error(...); + * size_t buffer_length; + * status = psa_export_public_key(key, buffer, buffer_size, &buffer_length); + * if (status != PSA_SUCCESS) handle_error(...); + * \endcode + * + * \param key_type A supported key type. + * \param key_bits The size of the key in bits. + * + * \return If the parameters are valid and supported, return + * a buffer size in bytes that guarantees that + * psa_sign_hash() will not fail with + * #PSA_ERROR_BUFFER_TOO_SMALL. + * If the parameters are a valid combination that is not supported + * by the implementation, this macro shall return either a + * sensible size or 0. + * If the parameters are not valid, the + * return value is unspecified. + */ +#define PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits) \ + (PSA_KEY_TYPE_IS_UNSTRUCTURED(key_type) ? PSA_BITS_TO_BYTES(key_bits) : \ + (key_type) == PSA_KEY_TYPE_RSA_KEY_PAIR ? PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits) : \ + (key_type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY ? PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \ + (key_type) == PSA_KEY_TYPE_DSA_KEY_PAIR ? PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits) : \ + (key_type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY ? PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \ + PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type) ? PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) : \ + PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \ + 0) + +#endif /* PSA_CRYPTO_SIZES_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_struct.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_struct.h new file mode 100644 index 0000000..ac08987 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_struct.h @@ -0,0 +1,213 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +/** + * \file psa/crypto_struct.h + * + * \brief PSA cryptography module: structured type implementations + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + * + * This file contains the definitions of some data structures with + * implementation-specific definitions. + * + * In implementations with isolation between the application and the + * cryptography module, it is expected that the front-end and the back-end + * would have different versions of this file. + */ + +#ifndef PSA_CRYPTO_STRUCT_H +#define PSA_CRYPTO_STRUCT_H + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * Note that the below structures are different from the decalrations in + * mbed-crypto. This is because TF-M maintains 'front-end' and 'back-end' + * versions of this header. In the front-end version, exported to NS + * clients in interface/include/psa, a crypto operation is defined as an + * opaque handle to a context in the Crypto service. The back-end + * version, directly included from the mbed-crypto repo by the Crypto + * service, contains the full definition of the operation structs. + * + * One of the functions of the Crypto service is to allocate the back-end + * operation contexts in its own partition memory (in crypto_alloc.c), + * and then do the mapping between front-end operation handles passed by + * NS clients and the corresponding back-end operation contexts. The + * advantage of doing it this way is that internal mbed-crypto state is never + * exposed to the NS client. + */ + +struct psa_hash_operation_s +{ + uint32_t handle; +}; + +#define PSA_HASH_OPERATION_INIT {0} +static inline struct psa_hash_operation_s psa_hash_operation_init( void ) +{ + const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT; + return( v ); +} + +struct psa_mac_operation_s +{ + uint32_t handle; +}; + +#define PSA_MAC_OPERATION_INIT {0} +static inline struct psa_mac_operation_s psa_mac_operation_init( void ) +{ + const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT; + return( v ); +} + +struct psa_cipher_operation_s +{ + uint32_t handle; +}; + +#define PSA_CIPHER_OPERATION_INIT {0} +static inline struct psa_cipher_operation_s psa_cipher_operation_init( void ) +{ + const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT; + return( v ); +} + +struct psa_aead_operation_s +{ + uint32_t handle; +}; + +#define PSA_AEAD_OPERATION_INIT {0} +static inline struct psa_aead_operation_s psa_aead_operation_init( void ) +{ + const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT; + return( v ); +} + +struct psa_key_derivation_s +{ + uint32_t handle; +}; + +#define PSA_KEY_DERIVATION_OPERATION_INIT {0} +static inline struct psa_key_derivation_s psa_key_derivation_operation_init( void ) +{ + const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT; + return( v ); +} + +/* The type used internally for key sizes. + * Public interfaces use size_t, but internally we use a smaller type. */ +typedef uint16_t psa_key_bits_t; +/* The maximum value of the type used to represent bit-sizes. + * This is used to mark an invalid key size. */ +#define PSA_KEY_BITS_TOO_LARGE ( (psa_key_bits_t) ( -1 ) ) +/* The maximum size of a key in bits. + * Currently defined as the maximum that can be represented, rounded down + * to a whole number of bytes. + * This is an uncast value so that it can be used in preprocessor + * conditionals. */ +#define PSA_MAX_KEY_BITS 0xfff8 + +#define PSA_KEY_ATTRIBUTES_INIT PSA_CLIENT_KEY_ATTRIBUTES_INIT + +static inline struct psa_client_key_attributes_s psa_key_attributes_init( void ) +{ + const struct psa_client_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT; + return( v ); +} + +static inline void psa_set_key_id(psa_key_attributes_t *attributes, + psa_key_id_t id) +{ + attributes->id = id; + if( attributes->lifetime == PSA_KEY_LIFETIME_VOLATILE ) + attributes->lifetime = PSA_KEY_LIFETIME_PERSISTENT; +} + +static inline psa_key_id_t psa_get_key_id( + const psa_key_attributes_t *attributes) +{ + return( attributes->id ); +} + +static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, + psa_key_lifetime_t lifetime) +{ + attributes->lifetime = lifetime; + if( lifetime == PSA_KEY_LIFETIME_VOLATILE ) + { + attributes->id = 0; + } +} + +static inline psa_key_lifetime_t psa_get_key_lifetime( + const psa_key_attributes_t *attributes) +{ + return( attributes->lifetime ); +} + +static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes, + psa_key_usage_t usage_flags) +{ + attributes->usage = usage_flags; +} + +static inline psa_key_usage_t psa_get_key_usage_flags( + const psa_key_attributes_t *attributes) +{ + return( attributes->usage ); +} + +static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes, + psa_algorithm_t alg) +{ + attributes->alg = alg; +} + +static inline psa_algorithm_t psa_get_key_algorithm( + const psa_key_attributes_t *attributes) +{ + return( attributes->alg ); +} + +static inline void psa_set_key_type(psa_key_attributes_t *attributes, + psa_key_type_t type) +{ + attributes->type = type; +} + +static inline psa_key_type_t psa_get_key_type( + const psa_key_attributes_t *attributes) +{ + return( attributes->type ); +} + +static inline void psa_set_key_bits(psa_key_attributes_t *attributes, + size_t bits) +{ + if( bits > PSA_MAX_KEY_BITS ) + attributes->bits = PSA_KEY_BITS_TOO_LARGE; + else + attributes->bits = bits; +} + +static inline size_t psa_get_key_bits( + const psa_key_attributes_t *attributes) +{ + return( attributes->bits ); +} + +#ifdef __cplusplus +} +#endif + +#endif /* PSA_CRYPTO_STRUCT_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_types.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_types.h new file mode 100644 index 0000000..6ac95a8 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_types.h @@ -0,0 +1,317 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +/** + * \file psa/crypto_types.h + * + * \brief PSA cryptography module: type aliases. + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. Drivers must include the appropriate driver + * header file. + * + * This file contains portable definitions of integral types for properties + * of cryptographic keys, designations of cryptographic algorithms, and + * error codes returned by the library. + * + * This header file does not declare any function. + */ + +#ifndef PSA_CRYPTO_TYPES_H +#define PSA_CRYPTO_TYPES_H + +#include + +/** \defgroup error Error codes + * @{ + */ + +/** + * \brief Function return status. + * + * This is either #PSA_SUCCESS (which is zero), indicating success, + * or a small negative value indicating that an error occurred. Errors are + * encoded as one of the \c PSA_ERROR_xxx values defined here. */ +/* If #PSA_SUCCESS is already defined, it means that #psa_status_t + * is also defined in an external header, so prevent its multiple + * definition. + */ +#ifndef PSA_SUCCESS +typedef int32_t psa_status_t; +#endif + +/**@}*/ + +/** \defgroup crypto_types Key and algorithm types + * @{ + */ + +/* Integral type representing a key handle. */ +typedef uint16_t psa_key_handle_t; + + +/** \brief Encoding of a key type. + */ +typedef uint32_t psa_key_type_t; + +/** The type of PSA elliptic curve identifiers. + * + * The curve identifier is required to create an ECC key using the + * PSA_KEY_TYPE_ECC_KEY_PAIR() or PSA_KEY_TYPE_ECC_PUBLIC_KEY() + * macros. + * + * The encoding of curve identifiers is taken from the + * TLS Supported Groups Registry (formerly known as the + * TLS EC Named Curve Registry) + * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 + * + * This specification defines identifiers for some of the curves in the IANA + * registry. Implementations that support other curves that are in the IANA + * registry should use the IANA value and a implementation-specific identifier. + * Implemenations that support non-IANA curves should use one of the following + * approaches for allocating a key type: + * + * 1. Select a ::psa_ecc_curve_t value in the range #PSA_ECC_CURVE_VENDOR_MIN to + * #PSA_ECC_CURVE_VENDOR_MAX, which is a subset of the IANA private use + * range. + * 2. Use a ::psa_key_type_t value that is vendor-defined. + * + * The first option is recommended. + */ +typedef uint16_t psa_ecc_curve_t; + +/** The type of PSA Diffie-Hellman group identifiers. + * + * The group identifier is required to create an Diffie-Hellman key using the + * PSA_KEY_TYPE_DH_KEY_PAIR() or PSA_KEY_TYPE_DH_PUBLIC_KEY() + * macros. + * + * The encoding of group identifiers is taken from the + * TLS Supported Groups Registry (formerly known as the + * TLS EC Named Curve Registry) + * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 + * + * This specification defines identifiers for some of the groups in the IANA + * registry. Implementations that support other groups that are in the IANA + * registry should use the IANA value and a implementation-specific identifier. + * Implemenations that support non-IANA groups should use one of the following + * approaches for allocating a key type: + * + * 1. Select a ::psa_dh_group_t value in the range #PSA_DH_GROUP_VENDOR_MIN to + * #PSA_DH_GROUP_VENDOR_MAX, which is a subset of the IANA private use + * range. + * 2. Select a ::psa_dh_group_t value from the named groups allocated for + * GREASE in the IETF draft specification. The GREASE specification and + * values are listed below. + * 3. Use a ::psa_key_type_t value that is vendor-defined. + * + * Option 1 or 2 are recommended. + * + * The current draft of the GREASE specification is + * https://datatracker.ietf.org/doc/draft-ietf-tls-grease + * + * The following GREASE values are allocated for named groups: + * \code + * 0x0A0A + * 0x1A1A + * 0x2A2A + * 0x3A3A + * 0x4A4A + * 0x5A5A + * 0x6A6A + * 0x7A7A + * 0x8A8A + * 0x9A9A + * 0xAAAA + * 0xBABA + * 0xCACA + * 0xDADA + * 0xEAEA + * 0xFAFA + * \endcode + */ +typedef uint16_t psa_dh_group_t; + +/** \brief Encoding of a cryptographic algorithm. + * + * For algorithms that can be applied to multiple key types, this type + * does not encode the key type. For example, for symmetric ciphers + * based on a block cipher, #psa_algorithm_t encodes the block cipher + * mode and the padding mode while the block cipher itself is encoded + * via #psa_key_type_t. + */ +typedef uint32_t psa_algorithm_t; + +/**@}*/ + +/** \defgroup key_lifetimes Key lifetimes + * @{ + */ + +/** Encoding of key lifetimes. + * + * The lifetime of a key indicates where it is stored and what system actions + * may create and destroy it. + * + * Keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE are automatically + * destroyed when the application terminates or on a power reset. + * + * Keys with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE are said + * to be _persistent_. + * Persistent keys are preserved if the application or the system restarts. + * Persistent keys have a key identifier of type #psa_key_id_t. + * The application can call psa_open_key() to open a persistent key that + * it created previously. + */ +typedef uint32_t psa_key_lifetime_t; + +/** Encoding of identifiers of persistent keys. + * + * - Applications may freely choose key identifiers in the range + * #PSA_KEY_ID_USER_MIN to #PSA_KEY_ID_USER_MAX. + * - Implementations may define additional key identifiers in the range + * #PSA_KEY_ID_VENDOR_MIN to #PSA_KEY_ID_VENDOR_MAX. + * - 0 is reserved as an invalid key identifier. + * - Key identifiers outside these ranges are reserved for future use. + */ +typedef uint32_t psa_key_id_t; +#define PSA_KEY_ID_INIT 0 + +/**@}*/ + +/** \defgroup policy Key policies + * @{ + */ + +/** \brief Encoding of permitted usage on a key. */ +typedef uint32_t psa_key_usage_t; + +/**@}*/ + +/** \defgroup attributes Key attributes + * @{ + */ + +/** The type of a structure containing key attributes. + * + * This is an opaque structure that can represent the metadata of a key + * object. Metadata that can be stored in attributes includes: + * - The location of the key in storage, indicated by its key identifier + * and its lifetime. + * - The key's policy, comprising usage flags and a specification of + * the permitted algorithm(s). + * - Information about the key itself: the key type and its size. + * - Implementations may define additional attributes. + * + * The actual key material is not considered an attribute of a key. + * Key attributes do not contain information that is generally considered + * highly confidential. + * + * An attribute structure can be a simple data structure where each function + * `psa_set_key_xxx` sets a field and the corresponding function + * `psa_get_key_xxx` retrieves the value of the corresponding field. + * However, implementations may report values that are equivalent to the + * original one, but have a different encoding. For example, an + * implementation may use a more compact representation for types where + * many bit-patterns are invalid or not supported, and store all values + * that it does not support as a special marker value. In such an + * implementation, after setting an invalid value, the corresponding + * get function returns an invalid value which may not be the one that + * was originally stored. + * + * An attribute structure may contain references to auxiliary resources, + * for example pointers to allocated memory or indirect references to + * pre-calculated values. In order to free such resources, the application + * must call psa_reset_key_attributes(). As an exception, calling + * psa_reset_key_attributes() on an attribute structure is optional if + * the structure has only been modified by the following functions + * since it was initialized or last reset with psa_reset_key_attributes(): + * - psa_set_key_id() + * - psa_set_key_lifetime() + * - psa_set_key_type() + * - psa_set_key_bits() + * - psa_set_key_usage_flags() + * - psa_set_key_algorithm() + * + * Before calling any function on a key attribute structure, the application + * must initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_key_attributes_t attributes; + * memset(&attributes, 0, sizeof(attributes)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_key_attributes_t attributes = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_KEY_ATTRIBUTES_INIT, + * for example: + * \code + * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + * \endcode + * - Assign the result of the function psa_key_attributes_init() + * to the structure, for example: + * \code + * psa_key_attributes_t attributes; + * attributes = psa_key_attributes_init(); + * \endcode + * + * A freshly initialized attribute structure contains the following + * values: + * + * - lifetime: #PSA_KEY_LIFETIME_VOLATILE. + * - key identifier: 0 (which is not a valid key identifier). + * - type: \c 0 (meaning that the type is unspecified). + * - key size: \c 0 (meaning that the size is unspecified). + * - usage flags: \c 0 (which allows no usage except exporting a public key). + * - algorithm: \c 0 (which allows no cryptographic usage, but allows + * exporting). + * + * A typical sequence to create a key is as follows: + * -# Create and initialize an attribute structure. + * -# If the key is persistent, call psa_set_key_id(). + * Also call psa_set_key_lifetime() to place the key in a non-default + * location. + * -# Set the key policy with psa_set_key_usage_flags() and + * psa_set_key_algorithm(). + * -# Set the key type with psa_set_key_type(). + * Skip this step if copying an existing key with psa_copy_key(). + * -# When generating a random key with psa_generate_key() or deriving a key + * with psa_key_derivation_output_key(), set the desired key size with + * psa_set_key_bits(). + * -# Call a key creation function: psa_import_key(), psa_generate_key(), + * psa_key_derivation_output_key() or psa_copy_key(). This function reads + * the attribute structure, creates a key with these attributes, and + * outputs a handle to the newly created key. + * -# The attribute structure is now no longer necessary. + * You may call psa_reset_key_attributes(), although this is optional + * with the workflow presented here because the attributes currently + * defined in this specification do not require any additional resources + * beyond the structure itself. + * + * A typical sequence to query a key's attributes is as follows: + * -# Call psa_get_key_attributes(). + * -# Call `psa_get_key_xxx` functions to retrieve the attribute(s) that + * you are interested in. + * -# Call psa_reset_key_attributes() to free any resources that may be + * used by the attribute structure. + * + * Once a key has been created, it is impossible to change its attributes. + */ +typedef struct psa_client_key_attributes_s psa_key_attributes_t; + +/**@}*/ + +/** \defgroup derivation Key derivation + * @{ + */ + +/** \brief Encoding of the step of a key derivation. */ +typedef uint16_t psa_key_derivation_step_t; + +/**@}*/ + +#endif /* PSA_CRYPTO_TYPES_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_values.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_values.h new file mode 100644 index 0000000..e21ef27 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/crypto_values.h @@ -0,0 +1,1701 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +/** + * \file psa/crypto_values.h + * + * \brief PSA cryptography module: macros to build and analyze integer values. + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. Drivers must include the appropriate driver + * header file. + * + * This file contains portable definitions of macros to build and analyze + * values of integral types that encode properties of cryptographic keys, + * designations of cryptographic algorithms, and error codes returned by + * the library. + * + * This header file only defines preprocessor macros. + */ + +#ifndef PSA_CRYPTO_VALUES_H +#define PSA_CRYPTO_VALUES_H + +/** \defgroup error Error codes + * @{ + */ + +/* PSA error codes */ + +/** The action was completed successfully. */ +#ifndef PSA_SUCCESS +#define PSA_SUCCESS ((psa_status_t)0) +#endif + +/** An error occurred that does not correspond to any defined + * failure cause. + * + * Implementations may use this error code if none of the other standard + * error codes are applicable. */ +#define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132) + +/** The requested operation or a parameter is not supported + * by this implementation. + * + * Implementations should return this error code when an enumeration + * parameter such as a key type, algorithm, etc. is not recognized. + * If a combination of parameters is recognized and identified as + * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */ +#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134) + +/** The requested action is denied by a policy. + * + * Implementations should return this error code when the parameters + * are recognized as valid and supported, and a policy explicitly + * denies the requested operation. + * + * If a subset of the parameters of a function call identify a + * forbidden operation, and another subset of the parameters are + * not valid or not supported, it is unspecified whether the function + * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or + * #PSA_ERROR_INVALID_ARGUMENT. */ +#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133) + +/** An output buffer is too small. + * + * Applications can call the \c PSA_xxx_SIZE macro listed in the function + * description to determine a sufficient buffer size. + * + * Implementations should preferably return this error code only + * in cases when performing the operation with a larger output + * buffer would succeed. However implementations may return this + * error if a function has invalid or unsupported parameters in addition + * to the parameters that determine the necessary output buffer size. */ +#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138) + +/** Asking for an item that already exists + * + * Implementations should return this error, when attempting + * to write an item (like a key) that already exists. */ +#define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139) + +/** Asking for an item that doesn't exist + * + * Implementations should return this error, if a requested item (like + * a key) does not exist. */ +#define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140) + +/** The requested action cannot be performed in the current state. + * + * Multipart operations return this error when one of the + * functions is called out of sequence. Refer to the function + * descriptions for permitted sequencing of functions. + * + * Implementations shall not return this error code to indicate + * that a key either exists or not, + * but shall instead return #PSA_ERROR_ALREADY_EXISTS or #PSA_ERROR_DOES_NOT_EXIST + * as applicable. + * + * Implementations shall not return this error code to indicate that a + * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE + * instead. */ +#define PSA_ERROR_BAD_STATE ((psa_status_t)-137) + +/** The parameters passed to the function are invalid. + * + * Implementations may return this error any time a parameter or + * combination of parameters are recognized as invalid. + * + * Implementations shall not return this error code to indicate that a + * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE + * instead. + */ +#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135) + +/** There is not enough runtime memory. + * + * If the action is carried out across multiple security realms, this + * error can refer to available memory in any of the security realms. */ +#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141) + +/** There is not enough persistent storage. + * + * Functions that modify the key storage return this error code if + * there is insufficient storage space on the host media. In addition, + * many functions that do not otherwise access storage may return this + * error code if the implementation requires a mandatory log entry for + * the requested action and the log storage space is full. */ +#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142) + +/** There was a communication failure inside the implementation. + * + * This can indicate a communication failure between the application + * and an external cryptoprocessor or between the cryptoprocessor and + * an external volatile or persistent memory. A communication failure + * may be transient or permanent depending on the cause. + * + * \warning If a function returns this error, it is undetermined + * whether the requested action has completed or not. Implementations + * should return #PSA_SUCCESS on successful completion whenever + * possible, however functions may return #PSA_ERROR_COMMUNICATION_FAILURE + * if the requested action was completed successfully in an external + * cryptoprocessor but there was a breakdown of communication before + * the cryptoprocessor could report the status to the application. + */ +#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145) + +/** There was a storage failure that may have led to data loss. + * + * This error indicates that some persistent storage is corrupted. + * It should not be used for a corruption of volatile memory + * (use #PSA_ERROR_CORRUPTION_DETECTED), for a communication error + * between the cryptoprocessor and its external storage (use + * #PSA_ERROR_COMMUNICATION_FAILURE), or when the storage is + * in a valid state but is full (use #PSA_ERROR_INSUFFICIENT_STORAGE). + * + * Note that a storage failure does not indicate that any data that was + * previously read is invalid. However this previously read data may no + * longer be readable from storage. + * + * When a storage failure occurs, it is no longer possible to ensure + * the global integrity of the keystore. Depending on the global + * integrity guarantees offered by the implementation, access to other + * data may or may not fail even if the data is still readable but + * its integrity cannot be guaranteed. + * + * Implementations should only use this error code to report a + * permanent storage corruption. However application writers should + * keep in mind that transient errors while reading the storage may be + * reported using this error code. */ +#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146) + +/** A hardware failure was detected. + * + * A hardware failure may be transient or permanent depending on the + * cause. */ +#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147) + +/** A tampering attempt was detected. + * + * If an application receives this error code, there is no guarantee + * that previously accessed or computed data was correct and remains + * confidential. Applications should not perform any security function + * and should enter a safe failure state. + * + * Implementations may return this error code if they detect an invalid + * state that cannot happen during normal operation and that indicates + * that the implementation's security guarantees no longer hold. Depending + * on the implementation architecture and on its security and safety goals, + * the implementation may forcibly terminate the application. + * + * This error code is intended as a last resort when a security breach + * is detected and it is unsure whether the keystore data is still + * protected. Implementations shall only return this error code + * to report an alarm from a tampering detector, to indicate that + * the confidentiality of stored data can no longer be guaranteed, + * or to indicate that the integrity of previously returned data is now + * considered compromised. Implementations shall not use this error code + * to indicate a hardware failure that merely makes it impossible to + * perform the requested operation (use #PSA_ERROR_COMMUNICATION_FAILURE, + * #PSA_ERROR_STORAGE_FAILURE, #PSA_ERROR_HARDWARE_FAILURE, + * #PSA_ERROR_INSUFFICIENT_ENTROPY or other applicable error code + * instead). + * + * This error indicates an attack against the application. Implementations + * shall not return this error code as a consequence of the behavior of + * the application itself. */ +#define PSA_ERROR_CORRUPTION_DETECTED ((psa_status_t)-151) + +/** There is not enough entropy to generate random data needed + * for the requested action. + * + * This error indicates a failure of a hardware random generator. + * Application writers should note that this error can be returned not + * only by functions whose purpose is to generate random data, such + * as key, IV or nonce generation, but also by functions that execute + * an algorithm with a randomized result, as well as functions that + * use randomization of intermediate computations as a countermeasure + * to certain attacks. + * + * Implementations should avoid returning this error after psa_crypto_init() + * has succeeded. Implementations should generate sufficient + * entropy during initialization and subsequently use a cryptographically + * secure pseudorandom generator (PRNG). However implementations may return + * this error at any time if a policy requires the PRNG to be reseeded + * during normal operation. */ +#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)-148) + +/** The signature, MAC or hash is incorrect. + * + * Verification functions return this error if the verification + * calculations completed successfully, and the value to be verified + * was determined to be incorrect. + * + * If the value to verify has an invalid size, implementations may return + * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */ +#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) + +/** The decrypted padding is incorrect. + * + * \warning In some protocols, when decrypting data, it is essential that + * the behavior of the application does not depend on whether the padding + * is correct, down to precise timing. Applications should prefer + * protocols that use authenticated encryption rather than plain + * encryption. If the application must perform a decryption of + * unauthenticated data, the application writer should take care not + * to reveal whether the padding is invalid. + * + * Implementations should strive to make valid and invalid padding + * as close as possible to indistinguishable to an external observer. + * In particular, the timing of a decryption operation should not + * depend on the validity of the padding. */ +#define PSA_ERROR_INVALID_PADDING ((psa_status_t)-150) + +/** Return this error when there's insufficient data when attempting + * to read from a resource. */ +#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143) + +/** The key handle is not valid. See also :ref:\`key-handles\`. + */ +#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136) + +/**@}*/ + +/** \defgroup crypto_types Key and algorithm types + * @{ + */ + +/** An invalid key type value. + * + * Zero is not the encoding of any key type. + */ +#define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x00000000) + +/** Vendor-defined key type flag. + * + * Key types defined by this standard will never have the + * #PSA_KEY_TYPE_VENDOR_FLAG bit set. Vendors who define additional key types + * must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should + * respect the bitwise structure used by standard encodings whenever practical. + */ +#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000) + +#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x70000000) +#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x40000000) +#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x50000000) +#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x60000000) +#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x70000000) + +#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x10000000) + +/** Whether a key type is vendor-defined. + * + * See also #PSA_KEY_TYPE_VENDOR_FLAG. + */ +#define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \ + (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0) + +/** Whether a key type is an unstructured array of bytes. + * + * This encompasses both symmetric keys and non-key data. + */ +#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \ + PSA_KEY_TYPE_CATEGORY_SYMMETRIC) + +/** Whether a key type is asymmetric: either a key pair or a public key. */ +#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK \ + & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \ + PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) +/** Whether a key type is the public part of a key pair. */ +#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) +/** Whether a key type is a key pair containing a private part and a public + * part. */ +#define PSA_KEY_TYPE_IS_KEY_PAIR(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR) +/** The key pair type corresponding to a public key type. + * + * You may also pass a key pair type as \p type, it will be left unchanged. + * + * \param type A public key type or key pair type. + * + * \return The corresponding key pair type. + * If \p type is not a public key or a key pair, + * the return value is undefined. + */ +#define PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type) \ + ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) +/** The public key type corresponding to a key pair type. + * + * You may also pass a key pair type as \p type, it will be left unchanged. + * + * \param type A public key type or key pair type. + * + * \return The corresponding public key type. + * If \p type is not a public key or a key pair, + * the return value is undefined. + */ +#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) \ + ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) + +/** Raw data. + * + * A "key" of this type cannot be used for any cryptographic operation. + * Applications may use this type to store arbitrary data in the keystore. */ +#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x50000001) + +/** HMAC key. + * + * The key policy determines which underlying hash algorithm the key can be + * used for. + * + * HMAC keys should generally have the same size as the underlying hash. + * This size can be calculated with #PSA_HASH_SIZE(\c alg) where + * \c alg is the HMAC algorithm or the underlying hash algorithm. */ +#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x51000000) + +/** A secret for key derivation. + * + * The key policy determines which key derivation algorithm the key + * can be used for. + */ +#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x52000000) + +/** Key for a cipher, AEAD or MAC algorithm based on the AES block cipher. + * + * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or + * 32 bytes (AES-256). + */ +#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x40000001) + +/** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES). + * + * The size of the key can be 8 bytes (single DES), 16 bytes (2-key 3DES) or + * 24 bytes (3-key 3DES). + * + * Note that single DES and 2-key 3DES are weak and strongly + * deprecated and should only be used to decrypt legacy data. 3-key 3DES + * is weak and deprecated and should only be used in legacy protocols. + */ +#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x40000002) + +/** Key for a cipher, AEAD or MAC algorithm based on the + * Camellia block cipher. */ +#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x40000003) + +/** Key for the RC4 stream cipher. + * + * Note that RC4 is weak and deprecated and should only be used in + * legacy protocols. */ +#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x40000004) + +/** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm. + * + * ChaCha20 and the ChaCha20_Poly1305 construction are defined in RFC 7539. + * + * Implementations must support 12-byte nonces, may support 8-byte nonces, + * and should reject other sizes. + */ +#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x40000005) + +/** RSA public key. */ +#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000) +/** RSA key pair (private and public key). */ +#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x70010000) +/** Whether a key type is an RSA key (pair or public-only). */ +#define PSA_KEY_TYPE_IS_RSA(type) \ + (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) + +#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000) +#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x70030000) +#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) +/** Elliptic curve key pair. + * + * \param curve A value of type ::psa_ecc_curve_t that identifies the + * ECC curve to be used. + */ +#define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) \ + (PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve)) +/** Elliptic curve public key. + * + * \param curve A value of type ::psa_ecc_curve_t that identifies the + * ECC curve to be used. + */ +#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \ + (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve)) + +/** Whether a key type is an elliptic curve key (pair or public-only). */ +#define PSA_KEY_TYPE_IS_ECC(type) \ + ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \ + ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) +/** Whether a key type is an elliptic curve key pair. */ +#define PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type) \ + (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ + PSA_KEY_TYPE_ECC_KEY_PAIR_BASE) +/** Whether a key type is an elliptic curve public key. */ +#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \ + (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ + PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) + +/** Extract the curve from an elliptic curve key type. */ +#define PSA_KEY_TYPE_GET_CURVE(type) \ + ((psa_ecc_curve_t) (PSA_KEY_TYPE_IS_ECC(type) ? \ + ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \ + 0)) + +/* The encoding of curve identifiers is currently aligned with the + * TLS Supported Groups Registry (formerly known as the + * TLS EC Named Curve Registry) + * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 + * The values are defined by RFC 8422 and RFC 7027. */ +#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x0001) +#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x0002) +#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x0003) +#define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t) 0x0004) +#define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t) 0x0005) +#define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t) 0x0006) +#define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t) 0x0007) +#define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t) 0x0008) +#define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t) 0x0009) +#define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t) 0x000a) +#define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t) 0x000b) +#define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t) 0x000c) +#define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t) 0x000d) +#define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t) 0x000e) +#define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x000f) +#define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t) 0x0010) +#define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t) 0x0011) +#define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x0012) +#define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t) 0x0013) +#define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x0014) +#define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t) 0x0015) +#define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t) 0x0016) +#define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t) 0x0017) +#define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t) 0x0018) +#define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t) 0x0019) +#define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x001a) +#define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x001b) +#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c) +/** Curve25519. + * + * This is the curve defined in Bernstein et al., + * _Curve25519: new Diffie-Hellman speed records_, LNCS 3958, 2006. + * The algorithm #PSA_ALG_ECDH performs X25519 when used with this curve. + */ +#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d) +/** Curve448 + * + * This is the curve defined in Hamburg, + * _Ed448-Goldilocks, a new elliptic curve_, NIST ECC Workshop, 2015. + * The algorithm #PSA_ALG_ECDH performs X448 when used with this curve. + */ +#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e) + +/** Minimum value for a vendor-defined ECC curve identifier + * + * The range for vendor-defined curve identifiers is a subset of the IANA + * registry private use range, `0xfe00` - `0xfeff`. + */ +#define PSA_ECC_CURVE_VENDOR_MIN ((psa_ecc_curve_t) 0xfe00) +/** Maximum value for a vendor-defined ECC curve identifier + * + * The range for vendor-defined curve identifiers is a subset of the IANA + * registry private use range, `0xfe00` - `0xfeff`. + */ +#define PSA_ECC_CURVE_VENDOR_MAX ((psa_ecc_curve_t) 0xfe7f) + +#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x60040000) +#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x70040000) +#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x0000ffff) +/** Diffie-Hellman key pair. + * + * \param group A value of type ::psa_dh_group_t that identifies the + * Diffie-Hellman group to be used. + */ +#define PSA_KEY_TYPE_DH_KEY_PAIR(group) \ + (PSA_KEY_TYPE_DH_KEY_PAIR_BASE | (group)) +/** Diffie-Hellman public key. + * + * \param group A value of type ::psa_dh_group_t that identifies the + * Diffie-Hellman group to be used. + */ +#define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \ + (PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE | (group)) + +/** Whether a key type is a Diffie-Hellman key (pair or public-only). */ +#define PSA_KEY_TYPE_IS_DH(type) \ + ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \ + ~PSA_KEY_TYPE_DH_GROUP_MASK) == PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE) +/** Whether a key type is a Diffie-Hellman key pair. */ +#define PSA_KEY_TYPE_IS_DH_KEY_PAIR(type) \ + (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \ + PSA_KEY_TYPE_DH_KEY_PAIR_BASE) +/** Whether a key type is a Diffie-Hellman public key. */ +#define PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) \ + (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \ + PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE) + +/** Extract the group from a Diffie-Hellman key type. */ +#define PSA_KEY_TYPE_GET_GROUP(type) \ + ((psa_dh_group_t) (PSA_KEY_TYPE_IS_DH(type) ? \ + ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \ + 0)) + +/* The encoding of group identifiers is currently aligned with the + * TLS Supported Groups Registry (formerly known as the + * TLS EC Named Curve Registry) + * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 + * The values are defined by RFC 7919. */ +#define PSA_DH_GROUP_FFDHE2048 ((psa_dh_group_t) 0x0100) +#define PSA_DH_GROUP_FFDHE3072 ((psa_dh_group_t) 0x0101) +#define PSA_DH_GROUP_FFDHE4096 ((psa_dh_group_t) 0x0102) +#define PSA_DH_GROUP_FFDHE6144 ((psa_dh_group_t) 0x0103) +#define PSA_DH_GROUP_FFDHE8192 ((psa_dh_group_t) 0x0104) + +/** Minimum value for a vendor-defined Diffie Hellman group identifier + * + * The range for vendor-defined group identifiers is a subset of the IANA + * registry private use range, `0x01fc` - `0x01ff`. + */ +#define PSA_DH_GROUP_VENDOR_MIN ((psa_dh_group_t) 0x01fc) +/** Maximum value for a vendor-defined Diffie Hellman group identifier + * + * The range for vendor-defined group identifiers is a subset of the IANA + * registry private use range, `0x01fc` - `0x01ff`. + */ +#define PSA_DH_GROUP_VENDOR_MAX ((psa_dh_group_t) 0x01fd) + +/** The block size of a block cipher. + * + * \param type A cipher key type (value of type #psa_key_type_t). + * + * \return The block size for a block cipher, or 1 for a stream cipher. + * The return value is undefined if \p type is not a supported + * cipher key type. + * + * \note It is possible to build stream cipher algorithms on top of a block + * cipher, for example CTR mode (#PSA_ALG_CTR). + * This macro only takes the key type into account, so it cannot be + * used to determine the size of the data that #psa_cipher_update() + * might buffer for future processing in general. + * + * \note This macro returns a compile-time constant if its argument is one. + * + * \warning This macro may evaluate its argument multiple times. + */ +#define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \ + ( \ + (type) == PSA_KEY_TYPE_AES ? 16 : \ + (type) == PSA_KEY_TYPE_DES ? 8 : \ + (type) == PSA_KEY_TYPE_CAMELLIA ? 16 : \ + (type) == PSA_KEY_TYPE_ARC4 ? 1 : \ + (type) == PSA_KEY_TYPE_CHACHA20 ? 1 : \ + 0) + +/** Vendor-defined algorithm flag. + * + * Algorithms defined by this standard will never have the #PSA_ALG_VENDOR_FLAG + * bit set. Vendors who define additional algorithms must use an encoding with + * the #PSA_ALG_VENDOR_FLAG bit set and should respect the bitwise structure + * used by standard encodings whenever practical. + */ +#define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000) + +#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000) +#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000) +#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x02000000) +#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000) +#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x06000000) +#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x10000000) +#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000) +#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x20000000) +#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x30000000) + +/** Whether an algorithm is vendor-defined. + * + * See also #PSA_ALG_VENDOR_FLAG. + */ +#define PSA_ALG_IS_VENDOR_DEFINED(alg) \ + (((alg) & PSA_ALG_VENDOR_FLAG) != 0) + +/** Whether the specified algorithm is a hash algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a hash algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_HASH(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH) + +/** Whether the specified algorithm is a MAC algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a MAC algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_MAC(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC) + +/** Whether the specified algorithm is a symmetric cipher algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a symmetric cipher algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_CIPHER(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER) + +/** Whether the specified algorithm is an authenticated encryption + * with associated data (AEAD) algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is an AEAD algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_AEAD(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD) + +/** Whether the specified algorithm is a public-key signature algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a public-key signature algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_SIGN(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN) + +/** Whether the specified algorithm is a public-key encryption algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a public-key encryption algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION) + +/** Whether the specified algorithm is a key agreement algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a key agreement algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_KEY_AGREEMENT(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT) + +/** Whether the specified algorithm is a key derivation algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a key derivation algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_KEY_DERIVATION(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION) + +#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) +/** MD2 */ +#define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001) +/** MD4 */ +#define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002) +/** MD5 */ +#define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003) +/** PSA_ALG_RIPEMD160 */ +#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004) +/** SHA1 */ +#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005) +/** SHA2-224 */ +#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008) +/** SHA2-256 */ +#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009) +/** SHA2-384 */ +#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a) +/** SHA2-512 */ +#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b) +/** SHA2-512/224 */ +#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c) +/** SHA2-512/256 */ +#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d) +/** SHA3-224 */ +#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010) +/** SHA3-256 */ +#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011) +/** SHA3-384 */ +#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012) +/** SHA3-512 */ +#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013) + +/** In a hash-and-sign algorithm policy, allow any hash algorithm. + * + * This value may be used to form the algorithm usage field of a policy + * for a signature algorithm that is parametrized by a hash. The key + * may then be used to perform operations using the same signature + * algorithm parametrized with any supported hash. + * + * That is, suppose that `PSA_xxx_SIGNATURE` is one of the following macros: + * - #PSA_ALG_RSA_PKCS1V15_SIGN, #PSA_ALG_RSA_PSS, + * - #PSA_ALG_ECDSA, #PSA_ALG_DETERMINISTIC_ECDSA. + * Then you may create and use a key as follows: + * - Set the key usage field using #PSA_ALG_ANY_HASH, for example: + * ``` + * psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); // or VERIFY + * psa_set_key_algorithm(&attributes, PSA_xxx_SIGNATURE(PSA_ALG_ANY_HASH)); + * ``` + * - Import or generate key material. + * - Call psa_sign_hash() or psa_verify_hash(), passing + * an algorithm built from `PSA_xxx_SIGNATURE` and a specific hash. Each + * call to sign or verify a message may use a different hash. + * ``` + * psa_sign_hash(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_256), ...); + * psa_sign_hash(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_512), ...); + * psa_sign_hash(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA3_256), ...); + * ``` + * + * This value may not be used to build other algorithms that are + * parametrized over a hash. For any valid use of this macro to build + * an algorithm \c alg, #PSA_ALG_IS_HASH_AND_SIGN(\c alg) is true. + * + * This value may not be used to build an algorithm specification to + * perform an operation. It is only valid to build policies. + */ +#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x010000ff) + +#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) +#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000) +/** Macro to build an HMAC algorithm. + * + * For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * + * \return The corresponding HMAC algorithm. + * \return Unspecified if \p hash_alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_HMAC(hash_alg) \ + (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) + +#define PSA_ALG_HMAC_GET_HASH(hmac_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK)) + +/** Whether the specified algorithm is an HMAC algorithm. + * + * HMAC is a family of MAC algorithms that are based on a hash function. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is an HMAC algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_HMAC(alg) \ + (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ + PSA_ALG_HMAC_BASE) + +/* In the encoding of a MAC algorithm, the bits corresponding to + * PSA_ALG_MAC_TRUNCATION_MASK encode the length to which the MAC is + * truncated. As an exception, the value 0 means the untruncated algorithm, + * whatever its length is. The length is encoded in 6 bits, so it can + * reach up to 63; the largest MAC is 64 bytes so its trivial truncation + * to full length is correctly encoded as 0 and any non-trivial truncation + * is correctly encoded as a value between 1 and 63. */ +#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x00003f00) +#define PSA_MAC_TRUNCATION_OFFSET 8 + +/** Macro to build a truncated MAC algorithm. + * + * A truncated MAC algorithm is identical to the corresponding MAC + * algorithm except that the MAC value for the truncated algorithm + * consists of only the first \p mac_length bytes of the MAC value + * for the untruncated algorithm. + * + * \note This macro may allow constructing algorithm identifiers that + * are not valid, either because the specified length is larger + * than the untruncated MAC or because the specified length is + * smaller than permitted by the implementation. + * + * \note It is implementation-defined whether a truncated MAC that + * is truncated to the same length as the MAC of the untruncated + * algorithm is considered identical to the untruncated algorithm + * for policy comparison purposes. + * + * \param mac_alg A MAC algorithm identifier (value of type + * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) + * is true). This may be a truncated or untruncated + * MAC algorithm. + * \param mac_length Desired length of the truncated MAC in bytes. + * This must be at most the full length of the MAC + * and must be at least an implementation-specified + * minimum. The implementation-specified minimum + * shall not be zero. + * + * \return The corresponding MAC algorithm with the specified + * length. + * \return Unspecified if \p alg is not a supported + * MAC algorithm or if \p mac_length is too small or + * too large for the specified MAC algorithm. + */ +#define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \ + (((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) | \ + ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK)) + +/** Macro to build the base MAC algorithm corresponding to a truncated + * MAC algorithm. + * + * \param mac_alg A MAC algorithm identifier (value of type + * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) + * is true). This may be a truncated or untruncated + * MAC algorithm. + * + * \return The corresponding base MAC algorithm. + * \return Unspecified if \p alg is not a supported + * MAC algorithm. + */ +#define PSA_ALG_FULL_LENGTH_MAC(mac_alg) \ + ((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) + +/** Length to which a MAC algorithm is truncated. + * + * \param mac_alg A MAC algorithm identifier (value of type + * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) + * is true). + * + * \return Length of the truncated MAC in bytes. + * \return 0 if \p alg is a non-truncated MAC algorithm. + * \return Unspecified if \p alg is not a supported + * MAC algorithm. + */ +#define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \ + (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET) + +#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000) +/** The CBC-MAC construction over a block cipher + * + * \warning CBC-MAC is insecure in many cases. + * A more secure mode, such as #PSA_ALG_CMAC, is recommended. + */ +#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001) +/** The CMAC construction over a block cipher */ +#define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002) + +/** Whether the specified algorithm is a MAC algorithm based on a block cipher. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a MAC algorithm based on a block cipher, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \ + (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ + PSA_ALG_CIPHER_MAC_BASE) + +#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000) +#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) + +/** Whether the specified algorithm is a stream cipher. + * + * A stream cipher is a symmetric cipher that encrypts or decrypts messages + * by applying a bitwise-xor with a stream of bytes that is generated + * from a key. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a stream cipher algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier or if it is not a symmetric cipher algorithm. + */ +#define PSA_ALG_IS_STREAM_CIPHER(alg) \ + (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \ + (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG)) + +/** The ARC4 stream cipher algorithm. + */ +#define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800001) + +/** The ChaCha20 stream cipher. + * + * ChaCha20 is defined in RFC 7539. + * + * The nonce size for psa_cipher_set_iv() or psa_cipher_generate_iv() + * must be 12. + * + * The initial block counter is always 0. + * + */ +#define PSA_ALG_CHACHA20 ((psa_algorithm_t)0x04800005) + +/** The CTR stream cipher mode. + * + * CTR is a stream cipher which is built from a block cipher. + * The underlying block cipher is determined by the key type. + * For example, to use AES-128-CTR, use this algorithm with + * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes). + */ +#define PSA_ALG_CTR ((psa_algorithm_t)0x04c00001) + +/** The CFB stream cipher mode. + * + * The underlying block cipher is determined by the key type. + */ +#define PSA_ALG_CFB ((psa_algorithm_t)0x04c00002) + +/** The OFB stream cipher mode. + * + * The underlying block cipher is determined by the key type. + */ +#define PSA_ALG_OFB ((psa_algorithm_t)0x04c00003) + +/** The XTS cipher mode. + * + * XTS is a cipher mode which is built from a block cipher. It requires at + * least one full block of input, but beyond this minimum the input + * does not need to be a whole number of blocks. + */ +#define PSA_ALG_XTS ((psa_algorithm_t)0x044000ff) + +/** The CBC block cipher chaining mode, with no padding. + * + * The underlying block cipher is determined by the key type. + * + * This symmetric cipher mode can only be used with messages whose lengths + * are whole number of blocks for the chosen block cipher. + */ +#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04600100) + +/** The CBC block cipher chaining mode with PKCS#7 padding. + * + * The underlying block cipher is determined by the key type. + * + * This is the padding method defined by PKCS#7 (RFC 2315) §10.3. + */ +#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04600101) + +#define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) + +/** Whether the specified algorithm is an AEAD mode on a block cipher. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is an AEAD algorithm which is an AEAD mode based on + * a block cipher, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) \ + (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) == \ + (PSA_ALG_CATEGORY_AEAD | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) + +/** The CCM authenticated encryption algorithm. + * + * The underlying block cipher is determined by the key type. + */ +#define PSA_ALG_CCM ((psa_algorithm_t)0x06401001) + +/** The GCM authenticated encryption algorithm. + * + * The underlying block cipher is determined by the key type. + */ +#define PSA_ALG_GCM ((psa_algorithm_t)0x06401002) + +/** The Chacha20-Poly1305 AEAD algorithm. + * + * The ChaCha20_Poly1305 construction is defined in RFC 7539. + * + * Implementations must support 12-byte nonces, may support 8-byte nonces, + * and should reject other sizes. + * + * Implementations must support 16-byte tags and should reject other sizes. + */ +#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x06001005) + +/* In the encoding of a AEAD algorithm, the bits corresponding to + * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag. + * The constants for default lengths follow this encoding. + */ +#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x00003f00) +#define PSA_AEAD_TAG_LENGTH_OFFSET 8 + +/** Macro to build a shortened AEAD algorithm. + * + * A shortened AEAD algorithm is similar to the corresponding AEAD + * algorithm, but has an authentication tag that consists of fewer bytes. + * Depending on the algorithm, the tag length may affect the calculation + * of the ciphertext. + * + * \param aead_alg An AEAD algorithm identifier (value of type + * #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p alg) + * is true). + * \param tag_length Desired length of the authentication tag in bytes. + * + * \return The corresponding AEAD algorithm with the specified + * length. + * \return Unspecified if \p alg is not a supported + * AEAD algorithm or if \p tag_length is not valid + * for the specified AEAD algorithm. + */ +#define PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, tag_length) \ + (((aead_alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) | \ + ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \ + PSA_ALG_AEAD_TAG_LENGTH_MASK)) + +/** Calculate the corresponding AEAD algorithm with the default tag length. + * + * \param aead_alg An AEAD algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \return The corresponding AEAD algorithm with the default + * tag length for that algorithm. + */ +#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(aead_alg) \ + ( \ + PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_CCM) \ + PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_GCM) \ + PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_CHACHA20_POLY1305) \ + 0) +#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, ref) \ + PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, 0) == \ + PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ? \ + ref : + +#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x10020000) +/** RSA PKCS#1 v1.5 signature with hashing. + * + * This is the signature scheme defined by RFC 8017 + * (PKCS#1: RSA Cryptography Specifications) under the name + * RSASSA-PKCS1-v1_5. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. + * + * \return The corresponding RSA PKCS#1 v1.5 signature algorithm. + * \return Unspecified if \p hash_alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \ + (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +/** Raw PKCS#1 v1.5 signature. + * + * The input to this algorithm is the DigestInfo structure used by + * RFC 8017 (PKCS#1: RSA Cryptography Specifications), §9.2 + * steps 3–6. + */ +#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE +#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE) + +#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x10030000) +/** RSA PSS signature with hashing. + * + * This is the signature scheme defined by RFC 8017 + * (PKCS#1: RSA Cryptography Specifications) under the name + * RSASSA-PSS, with the message generation function MGF1, and with + * a salt length equal to the length of the hash. The specified + * hash algorithm is used to hash the input message, to create the + * salted hash, and for the mask generation. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. + * + * \return The corresponding RSA PSS signature algorithm. + * \return Unspecified if \p hash_alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_RSA_PSS(hash_alg) \ + (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_RSA_PSS(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE) + +#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000) +/** ECDSA signature with hashing. + * + * This is the ECDSA signature scheme defined by ANSI X9.62, + * with a random per-message secret number (*k*). + * + * The representation of the signature as a byte string consists of + * the concatentation of the signature values *r* and *s*. Each of + * *r* and *s* is encoded as an *N*-octet string, where *N* is the length + * of the base point of the curve in octets. Each value is represented + * in big-endian order (most significant octet first). + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. + * + * \return The corresponding ECDSA signature algorithm. + * \return Unspecified if \p hash_alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_ECDSA(hash_alg) \ + (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +/** ECDSA signature without hashing. + * + * This is the same signature scheme as #PSA_ALG_ECDSA(), but + * without specifying a hash algorithm. This algorithm may only be + * used to sign or verify a sequence of bytes that should be an + * already-calculated hash. Note that the input is padded with + * zeros on the left or truncated on the left as required to fit + * the curve size. + */ +#define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE +#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x10070000) +/** Deterministic ECDSA signature with hashing. + * + * This is the deterministic ECDSA signature scheme defined by RFC 6979. + * + * The representation of a signature is the same as with #PSA_ALG_ECDSA(). + * + * Note that when this algorithm is used for verification, signatures + * made with randomized ECDSA (#PSA_ALG_ECDSA(\p hash_alg)) with the + * same private key are accepted. In other words, + * #PSA_ALG_DETERMINISTIC_ECDSA(\p hash_alg) differs from + * #PSA_ALG_ECDSA(\p hash_alg) only for signature, not for verification. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. + * + * \return The corresponding deterministic ECDSA signature + * algorithm. + * \return Unspecified if \p hash_alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \ + (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000) +#define PSA_ALG_IS_ECDSA(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \ + PSA_ALG_ECDSA_BASE) +#define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \ + (((alg) & PSA_ALG_ECDSA_DETERMINISTIC_FLAG) != 0) +#define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \ + (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) +#define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \ + (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) + +/** Whether the specified algorithm is a hash-and-sign algorithm. + * + * Hash-and-sign algorithms are public-key signature algorithms structured + * in two parts: first the calculation of a hash in a way that does not + * depend on the key, then the calculation of a signature from the + * hash value and the key. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a hash-and-sign algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_HASH_AND_SIGN(alg) \ + (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ + PSA_ALG_IS_ECDSA(alg)) + +/** Get the hash used by a hash-and-sign signature algorithm. + * + * A hash-and-sign algorithm is a signature algorithm which is + * composed of two phases: first a hashing phase which does not use + * the key and produces a hash of the input message, then a signing + * phase which only uses the hash and the key and not the message + * itself. + * + * \param alg A signature algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_SIGN(\p alg) is true). + * + * \return The underlying hash algorithm if \p alg is a hash-and-sign + * algorithm. + * \return 0 if \p alg is a signature algorithm that does not + * follow the hash-and-sign structure. + * \return Unspecified if \p alg is not a signature algorithm or + * if it is not supported by the implementation. + */ +#define PSA_ALG_SIGN_GET_HASH(alg) \ + (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \ + ((alg) & PSA_ALG_HASH_MASK) == 0 ? /*"raw" algorithm*/ 0 : \ + ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ + 0) + +/** RSA PKCS#1 v1.5 encryption. + */ +#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000) + +#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x12030000) +/** RSA OAEP encryption. + * + * This is the encryption scheme defined by RFC 8017 + * (PKCS#1: RSA Cryptography Specifications) under the name + * RSAES-OAEP, with the message generation function MGF1. + * + * \param hash_alg The hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true) to use + * for MGF1. + * + * \return The corresponding RSA OAEP signature algorithm. + * \return Unspecified if \p hash_alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_RSA_OAEP(hash_alg) \ + (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_RSA_OAEP(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE) +#define PSA_ALG_RSA_OAEP_GET_HASH(alg) \ + (PSA_ALG_IS_RSA_OAEP(alg) ? \ + ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ + 0) + +#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x20000100) +/** Macro to build an HKDF algorithm. + * + * For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256. + * + * This key derivation algorithm uses the following inputs: + * - #PSA_KEY_DERIVATION_INPUT_SALT is the salt used in the "extract" step. + * It is optional; if omitted, the derivation uses an empty salt. + * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key used in the "extract" step. + * - #PSA_KEY_DERIVATION_INPUT_INFO is the info string used in the "expand" step. + * You must pass #PSA_KEY_DERIVATION_INPUT_SALT before #PSA_KEY_DERIVATION_INPUT_SECRET. + * You may pass #PSA_KEY_DERIVATION_INPUT_INFO at any time after steup and before + * starting to generate output. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * + * \return The corresponding HKDF algorithm. + * \return Unspecified if \p hash_alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_HKDF(hash_alg) \ + (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +/** Whether the specified algorithm is an HKDF algorithm. + * + * HKDF is a family of key derivation algorithms that are based on a hash + * function and the HMAC construction. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is an HKDF algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * key derivation algorithm identifier. + */ +#define PSA_ALG_IS_HKDF(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE) +#define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) + +#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x20000200) +/** Macro to build a TLS-1.2 PRF algorithm. + * + * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule, + * specified in Section 5 of RFC 5246. It is based on HMAC and can be + * used with either SHA-256 or SHA-384. + * + * This key derivation algorithm uses the following inputs, which must be + * passed in the order given here: + * - #PSA_KEY_DERIVATION_INPUT_SEED is the seed. + * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key. + * - #PSA_KEY_DERIVATION_INPUT_LABEL is the label. + * + * For the application to TLS-1.2 key expansion, the seed is the + * concatenation of ServerHello.Random + ClientHello.Random, + * and the label is "key expansion". + * + * For example, `PSA_ALG_TLS12_PRF(PSA_ALG_SHA256)` represents the + * TLS 1.2 PRF using HMAC-SHA-256. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * + * \return The corresponding TLS-1.2 PRF algorithm. + * \return Unspecified if \p hash_alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_TLS12_PRF(hash_alg) \ + (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) + +/** Whether the specified algorithm is a TLS-1.2 PRF algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a TLS-1.2 PRF algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * key derivation algorithm identifier. + */ +#define PSA_ALG_IS_TLS12_PRF(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE) +#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) + +#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x20000300) +/** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm. + * + * In a pure-PSK handshake in TLS 1.2, the master secret is derived + * from the PreSharedKey (PSK) through the application of padding + * (RFC 4279, Section 2) and the TLS-1.2 PRF (RFC 5246, Section 5). + * The latter is based on HMAC and can be used with either SHA-256 + * or SHA-384. + * + * This key derivation algorithm uses the following inputs, which must be + * passed in the order given here: + * - #PSA_KEY_DERIVATION_INPUT_SEED is the seed. + * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key. + * - #PSA_KEY_DERIVATION_INPUT_LABEL is the label. + * + * For the application to TLS-1.2, the seed (which is + * forwarded to the TLS-1.2 PRF) is the concatenation of the + * ClientHello.Random + ServerHello.Random, + * and the label is "master secret" or "extended master secret". + * + * For example, `PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA256)` represents the + * TLS-1.2 PSK to MasterSecret derivation PRF using HMAC-SHA-256. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * + * \return The corresponding TLS-1.2 PSK to MS algorithm. + * \return Unspecified if \p hash_alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \ + (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) + +/** Whether the specified algorithm is a TLS-1.2 PSK to MS algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a TLS-1.2 PSK to MS algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * key derivation algorithm identifier. + */ +#define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE) +#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) + +#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x0803ffff) +#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0x10fc0000) + +/** Macro to build a combined algorithm that chains a key agreement with + * a key derivation. + * + * \param ka_alg A key agreement algorithm (\c PSA_ALG_XXX value such + * that #PSA_ALG_IS_KEY_AGREEMENT(\p ka_alg) is true). + * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such + * that #PSA_ALG_IS_KEY_DERIVATION(\p kdf_alg) is true). + * + * \return The corresponding key agreement and derivation + * algorithm. + * \return Unspecified if \p ka_alg is not a supported + * key agreement algorithm or \p kdf_alg is not a + * supported key derivation algorithm. + */ +#define PSA_ALG_KEY_AGREEMENT(ka_alg, kdf_alg) \ + ((ka_alg) | (kdf_alg)) + +#define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \ + (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION) + +#define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \ + (((alg) & PSA_ALG_KEY_AGREEMENT_MASK) | PSA_ALG_CATEGORY_KEY_AGREEMENT) + +/** Whether the specified algorithm is a raw key agreement algorithm. + * + * A raw key agreement algorithm is one that does not specify + * a key derivation function. + * Usually, raw key agreement algorithms are constructed directly with + * a \c PSA_ALG_xxx macro while non-raw key agreement algorithms are + * constructed with PSA_ALG_KEY_AGREEMENT(). + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a raw key agreement algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_RAW_KEY_AGREEMENT(alg) \ + (PSA_ALG_IS_KEY_AGREEMENT(alg) && \ + PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) == PSA_ALG_CATEGORY_KEY_DERIVATION) + +#define PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT(alg) \ + ((PSA_ALG_IS_KEY_DERIVATION(alg) || PSA_ALG_IS_KEY_AGREEMENT(alg))) + +/** The finite-field Diffie-Hellman (DH) key agreement algorithm. + * + * The shared secret produced by key agreement is + * `g^{ab}` in big-endian format. + * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p` + * in bits. + */ +#define PSA_ALG_FFDH ((psa_algorithm_t)0x30100000) + +/** Whether the specified algorithm is a finite field Diffie-Hellman algorithm. + * + * This includes the raw finite field Diffie-Hellman algorithm as well as + * finite-field Diffie-Hellman followed by any supporter key derivation + * algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a finite field Diffie-Hellman algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * key agreement algorithm identifier. + */ +#define PSA_ALG_IS_FFDH(alg) \ + (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH) + +/** The elliptic curve Diffie-Hellman (ECDH) key agreement algorithm. + * + * The shared secret produced by key agreement is the x-coordinate of + * the shared secret point. It is always `ceiling(m / 8)` bytes long where + * `m` is the bit size associated with the curve, i.e. the bit size of the + * order of the curve's coordinate field. When `m` is not a multiple of 8, + * the byte containing the most significant bit of the shared secret + * is padded with zero bits. The byte order is either little-endian + * or big-endian depending on the curve type. + * + * - For Montgomery curves (curve types `PSA_ECC_CURVE_CURVEXXX`), + * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` + * in little-endian byte order. + * The bit size is 448 for Curve448 and 255 for Curve25519. + * - For Weierstrass curves over prime fields (curve types + * `PSA_ECC_CURVE_SECPXXX` and `PSA_ECC_CURVE_BRAINPOOL_PXXX`), + * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` + * in big-endian byte order. + * The bit size is `m = ceiling(log_2(p))` for the field `F_p`. + * - For Weierstrass curves over binary fields (curve types + * `PSA_ECC_CURVE_SECTXXX`), + * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` + * in big-endian byte order. + * The bit size is `m` for the field `F_{2^m}`. + */ +#define PSA_ALG_ECDH ((psa_algorithm_t)0x30200000) + +/** Whether the specified algorithm is an elliptic curve Diffie-Hellman + * algorithm. + * + * This includes the raw elliptic curve Diffie-Hellman algorithm as well as + * elliptic curve Diffie-Hellman followed by any supporter key derivation + * algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is an elliptic curve Diffie-Hellman algorithm, + * 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * key agreement algorithm identifier. + */ +#define PSA_ALG_IS_ECDH(alg) \ + (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH) + +/** Whether the specified algorithm encoding is a wildcard. + * + * Wildcard values may only be used to set the usage algorithm field in + * a policy, not to perform an operation. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a wildcard algorithm encoding. + * \return 0 if \c alg is a non-wildcard algorithm encoding (suitable for + * an operation). + * \return This macro may return either 0 or 1 if \c alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_WILDCARD(alg) \ + (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \ + PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \ + (alg) == PSA_ALG_ANY_HASH) + +/**@}*/ + +/** \defgroup key_lifetimes Key lifetimes + * @{ + */ + +/** A volatile key only exists as long as the handle to it is not closed. + * The key material is guaranteed to be erased on a power reset. + */ +#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) + +/** The default storage area for persistent keys. + * + * A persistent key remains in storage until it is explicitly destroyed or + * until the corresponding storage area is wiped. This specification does + * not define any mechanism to wipe a storage area, but implementations may + * provide their own mechanism (for example to perform a factory reset, + * to prepare for device refurbishment, or to uninstall an application). + * + * This lifetime value is the default storage area for the calling + * application. Implementations may offer other storage areas designated + * by other lifetime values as implementation-specific extensions. + */ +#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) + +/** The minimum value for a key identifier chosen by the application. + */ +#define PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000001) +/** The maximum value for a key identifier chosen by the application. + */ +#define PSA_KEY_ID_USER_MAX ((psa_key_id_t)0x3fffffff) +/** The minimum value for a key identifier chosen by the implementation. + */ +#define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t)0x40000000) +/** The maximum value for a key identifier chosen by the implementation. + */ +#define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t)0x7fffffff) + +/**@}*/ + +/** \defgroup policy Key policies + * @{ + */ + +/** Whether the key may be exported. + * + * A public key or the public part of a key pair may always be exported + * regardless of the value of this permission flag. + * + * If a key does not have export permission, implementations shall not + * allow the key to be exported in plain form from the cryptoprocessor, + * whether through psa_export_key() or through a proprietary interface. + * The key may however be exportable in a wrapped form, i.e. in a form + * where it is encrypted by another key. + */ +#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001) + +/** Whether the key may be copied. + * + * This flag allows the use of psa_copy_key() to make a copy of the key + * with the same policy or a more restrictive policy. + * + * For lifetimes for which the key is located in a secure element which + * enforce the non-exportability of keys, copying a key outside the secure + * element also requires the usage flag #PSA_KEY_USAGE_EXPORT. + * Copying the key inside the secure element is permitted with just + * #PSA_KEY_USAGE_COPY if the secure element supports it. + * For keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE or + * #PSA_KEY_LIFETIME_PERSISTENT, the usage flag #PSA_KEY_USAGE_COPY + * is sufficient to permit the copy. + */ +#define PSA_KEY_USAGE_COPY ((psa_key_usage_t)0x00000002) + +/** Whether the key may be used to encrypt a message. + * + * This flag allows the key to be used for a symmetric encryption operation, + * for an AEAD encryption-and-authentication operation, + * or for an asymmetric encryption operation, + * if otherwise permitted by the key's type and policy. + * + * For a key pair, this concerns the public key. + */ +#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100) + +/** Whether the key may be used to decrypt a message. + * + * This flag allows the key to be used for a symmetric decryption operation, + * for an AEAD decryption-and-verification operation, + * or for an asymmetric decryption operation, + * if otherwise permitted by the key's type and policy. + * + * For a key pair, this concerns the private key. + */ +#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200) + +/** Whether the key may be used to sign a message. + * + * This flag allows the key to be used for a MAC calculation operation + * or for an asymmetric signature operation, + * if otherwise permitted by the key's type and policy. + * + * For a key pair, this concerns the private key. + */ +#define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t)0x00000400) + +/** Whether the key may be used to verify a message signature. + * + * This flag allows the key to be used for a MAC verification operation + * or for an asymmetric signature verification operation, + * if otherwise permitted by by the key's type and policy. + * + * For a key pair, this concerns the public key. + */ +#define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t)0x00000800) + +/** Whether the key may be used to derive other keys. + */ +#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00001000) + +/**@}*/ + +/** \defgroup derivation Key derivation + * @{ + */ + +/** A secret input for key derivation. + * + * This should be a key of type #PSA_KEY_TYPE_DERIVE + * (passed to psa_key_derivation_input_key()) + * or the shared secret resulting from a key agreement + * (obtained via psa_key_derivation_key_agreement()). + * + * The secret can also be a direct input (passed to + * key_derivation_input_bytes()). In this case, the derivation operation + * may not be used to derive keys: the operation will only allow + * psa_key_derivation_output_bytes(), not psa_key_derivation_output_key(). + */ +#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101) + +/** A label for key derivation. + * + * This should be a direct input. + * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. + */ +#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201) + +/** A salt for key derivation. + * + * This should be a direct input. + * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. + */ +#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202) + +/** An information string for key derivation. + * + * This should be a direct input. + * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. + */ +#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203) + +/** A seed for key derivation. + * + * This should be a direct input. + * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. + */ +#define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t)0x0204) + +/**@}*/ + +#endif /* PSA_CRYPTO_VALUES_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/error.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/error.h new file mode 100644 index 0000000..439dba4 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/error.h @@ -0,0 +1,57 @@ +/* + * Copyright (c) 2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/** + * \file psa/error.h + * \brief Standard error codes for the SPM and RoT Services + */ + +#ifndef __PSA_ERROR_H__ +#define __PSA_ERROR_H__ + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/* If #PSA_SUCCESS is already defined, it means that #psa_status_t + * is also defined in an external header, so prevent its multiple + * definition. + */ +#ifndef PSA_SUCCESS +typedef int32_t psa_status_t; +#endif + +#define PSA_SUCCESS ((psa_status_t)0) + +#define PSA_ERROR_PROGRAMMER_ERROR ((psa_status_t)-129) +#define PSA_ERROR_CONNECTION_REFUSED ((psa_status_t)-130) +#define PSA_ERROR_CONNECTION_BUSY ((psa_status_t)-131) +#define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132) +#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133) +#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134) +#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135) +#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136) +#define PSA_ERROR_BAD_STATE ((psa_status_t)-137) +#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138) +#define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139) +#define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140) +#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141) +#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142) +#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143) +#define PSA_ERROR_SERVICE_FAILURE ((psa_status_t)-144) +#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145) +#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146) +#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147) +#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) + +#ifdef __cplusplus +} +#endif + +#endif /* __PSA_ERROR_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/initial_attestation.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/initial_attestation.h new file mode 100644 index 0000000..c125a4d --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/initial_attestation.h @@ -0,0 +1,228 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/***************************************************************************/ +/* DRAFT UNDER REVIEW */ +/* These APIs are still evolving and are meant as a prototype for review.*/ +/* The APIs will change depending on feedback and will be firmed up */ +/* to a stable set of APIs once all the feedback has been considered. */ +/***************************************************************************/ + +#ifndef __PSA_INITIAL_ATTESTATION_H__ +#define __PSA_INITIAL_ATTESTATION_H__ + +#include +#include +#include +#include "psa/crypto.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief PSA INITIAL ATTESTATION API version + * + * Initial attestation API version is: 1.0.0 + */ +#define PSA_INITIAL_ATTEST_API_VERSION_MAJOR (1) +#define PSA_INITIAL_ATTEST_API_VERSION_MINOR (0) + +/** + * The allowed size of input challenge in bytes: 32, 48, 64 + * Challenge can be a nonce from server + * or the hash of some combined data : nonce + attested data by caller. + */ +#define PSA_INITIAL_ATTEST_CHALLENGE_SIZE_32 (32u) +#define PSA_INITIAL_ATTEST_CHALLENGE_SIZE_48 (48u) +#define PSA_INITIAL_ATTEST_CHALLENGE_SIZE_64 (64u) + +/** + * The maximum size of an attestation token that can be generated by the + * attestation service. Used to configure buffers for services that verify the + * produced tokens. + */ +#define PSA_INITIAL_ATTEST_MAX_TOKEN_SIZE (0x400) + +/** + * The list of fixed claims in the initial attestation token is still evolving, + * you can expect slight changes in the future. + * + * The initial attestation token is planned to be aligned with future version of + * Entity Attestation Token format: + * https://tools.ietf.org/html/draft-mandyam-eat-01 + * + * Current list of claims: + * - Challenge: Input object from caller. Can be a single nonce from server + * or hash of nonce and attested data. It is intended to provide + * freshness to reports and the caller has responsibility to + * arrange this. Allowed length: 32, 48, 64 bytes. The claim is + * modeled to be eventually represented by the EAT standard + * claim nonce. Until such a time as that standard exists, + * the claim will be represented by a custom claim. Value + * is encoded as byte string. + * + * - Instance ID: It represents the unique identifier of the instance. In the + * PSA definition it is a hash of the public attestation key + * of the instance. The claim is modeled to be eventually + * represented by the EAT standard claim UEID of type GUID. + * Until such a time as that standard exists, the claim will be + * represented by a custom claim Value is encoded as byte + * string. + * + * - Verification service indicator: Optional, recommended claim. It is used by + * a Relying Party to locate a validation service for the token. + * The value is a text string that can be used to locate the + * service or a URL specifying the address of the service. The + * claim is modeled to be eventually represented by the EAT + * standard claim origination. Until such a time as that + * standard exists, the claim will be represented by a custom + * claim. Value is encoded as text string. + * + * - Profile definition: Optional, recommended claim. It contains the name of + * a document that describes the 'profile' of the token, being + * a full description of the claims, their usage, verification + * and token signing. The document name may include versioning. + * Custom claim with a value encoded as text string. + * + * - Implementation ID: It represents the original implementation signer of the + * attestation key and identifies the contract between the + * report and verification. A verification service will use this + * claim to locate the details of the verification process. + * Custom claim with a value encoded as byte string. + * + * - Security lifecycle: It represents the current lifecycle state of the + * instance. Custom claim with a value encoded as integer that + * is divided to convey a major state and a minor state. The + * PSA state and implementation state are encoded as follows: + * - version[15:8] - PSA lifecycle state - major + * - version[7:0] - IMPLEMENTATION DEFINED state - minor + * Possible PSA lifecycle states: + * - Unknown (0x1000u), + * - PSA_RoT_Provisioning (0x2000u), + * - Secured (0x3000u), + * - Non_PSA_RoT_Debug(0x4000u), + * - Recoverable_PSA_RoT_Debug (0x5000u), + * - Decommissioned (0x6000u) + * + * - Client ID: The partition ID of that secure partition or non-secure + * thread who called the initial attestation API. Custom claim + * with a value encoded as a *signed* integer. Negative number + * represents non-secure caller, positive numbers represents + * secure callers, zero is invalid. + * + * - HW version: Optional claim. Globally unique number in EAN-13 format + * identifying the GDSII that went to fabrication, HW and ROM. + * It can be used to reference the security level of the PSA-ROT + * via a certification website. Custom claim with a value is + * encoded as text string. + + * - Boot seed: It represents a random value created at system boot time that + * will allow differentiation of reports from different system + * sessions. The size is 32 bytes. Custom claim with a value is + * encoded as byte string. + * + * - Software components: Recommended claim. It represents the software state + * of the system. The value of the claim is an array of CBOR map + * entries, with one entry per software component within the + * device. Each map contains multiple claims that describe + * evidence about the details of the software component. + * + * - Measurement type: Optional claim. It represents the role of the + * software component. Value is encoded as short(!) text + * string. + * + * - Measurement value: It represents a hash of the invariant software + * component in memory at start-up time. The value must be a + * cryptographic hash of 256 bits or stronger.Value is + * encoded as byte string. + * + * - Version: Optional claim. It represents the issued software version. + * Value is encoded as text string. + * + * - Signer ID: It represents the hash of a signing authority public key. + * Value is encoded as byte string. + * + * - Measurement description: Optional claim. It represents the way in which + * the measurement value of the software component is + * computed. Value is encoded as text string containing an + * abbreviated description (name) of the measurement method. + * + * - No software measurements: In the event that the implementation does not + * contain any software measurements then the software + * components claim above can be omitted but instead + * it is mandatory to include this claim to indicate this is a + * deliberate state. Custom claim a value is encoded as unsigned + * integer set to 1. + */ + +/** + * \brief Get initial attestation token + * + * \param[in] auth_challenge Pointer to buffer where challenge input is + * stored. Nonce and / or hash of attested data. + * Must be always + * \ref PSA_INITIAL_ATTEST_TOKEN_SIZE bytes + * long. + * \param[in] challenge_size Size of challenge object in bytes. + * \param[out] token_buf Pointer to the buffer where attestation token + * will be stored. + * \param[in] token_buf_size Size of allocated buffer for token, in bytes. + * \param[out] token_size Size of the token that has been returned, in + * bytes. + * + * \return Returns error code as specified in \ref psa_status_t + */ +psa_status_t +psa_initial_attest_get_token(const uint8_t *auth_challenge, + size_t challenge_size, + uint8_t *token_buf, + size_t token_buf_size, + size_t *token_size); + +/** + * \brief Get the exact size of initial attestation token in bytes. + * + * It just returns with the size of the IAT token. It can be used if the caller + * dynamically allocates memory for the token buffer. + * + * \param[in] challenge_size Size of challenge object in bytes. This must be + * a supported challenge size (as above). + * \param[out] token_size Size of the token in bytes, which is created by + * initial attestation service. + * + * \return Returns error code as specified in \ref psa_status_t + */ +psa_status_t +psa_initial_attest_get_token_size(size_t challenge_size, + size_t *token_size); + +/** + * \brief Get the initial attestation public key. + * + * \param[out] public_key Pointer to the buffer where the public key + * will be stored. + * \param[in] key_buf_size Size of allocated buffer for key, in bytes. + * \param[out] public_key_len Size of public key in bytes. + * \param[out] public_key_curve Type of the elliptic curve which the key + * belongs to. + * + * \note Currently only the ECDSA P-256 over SHA-256 algorithm is supported. + * + * \return Returns error code as specified in \ref psa_status_t + */ +psa_status_t +tfm_initial_attest_get_public_key(uint8_t *public_key, + size_t public_key_buf_size, + size_t *public_key_len, + psa_ecc_curve_t *elliptic_curve_type); + +#ifdef __cplusplus +} +#endif + +#endif /* __PSA_INITIAL_ATTESTATION_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/internal_trusted_storage.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/internal_trusted_storage.h new file mode 100644 index 0000000..3920bc9 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/internal_trusted_storage.h @@ -0,0 +1,164 @@ +/* + * Copyright (c) 2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/** This file describes the PSA Internal Trusted Storage API +*/ + +#ifndef PSA_INTERNAL_TRUSTED_STORAGE_H +#define PSA_INTERNAL_TRUSTED_STORAGE_H + +#include +#include + +#include "psa/error.h" +#include "psa/storage_common.h" + +#ifdef __cplusplus +extern "C" { +#endif +#define PSA_ITS_API_VERSION_MAJOR 1 /**< The major version number of the + * PSA ITS API + */ +#define PSA_ITS_API_VERSION_MINOR 0 /**< The minor version number of the + * PSA ITS API + */ +// This version of the header file is associated with 1.0 final release. + +/** + * \brief Create a new, or modify an existing, uid/value pair + * + * Stores data in the internal storage. + * + * \param[in] uid The identifier for the data + * \param[in] data_length The size in bytes of the data in `p_data` + * \param[in] p_data A buffer containing the data + * \param[in] create_flags The flags that the data will be stored with + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the + * provided `uid` value was already + * created with + * PSA_STORAGE_FLAG_WRITE_ONCE + * \retval PSA_ERROR_NOT_SUPPORTED The operation failed because one or + * more of the flags provided in + * `create_flags` is not supported or is + * not valid + * \retval PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there + * was insufficient space on the + * storage medium + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the + * physical storage has failed (Fatal + * error) + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one + * of the provided pointers(`p_data`) + * is invalid, for example is `NULL` or + * references memory the caller cannot + * access + */ +psa_status_t psa_its_set(psa_storage_uid_t uid, + size_t data_length, + const void *p_data, + psa_storage_create_flags_t create_flags); + +/** + * \brief Retrieve data associated with a provided UID + * + * Retrieves up to `data_size` bytes of the data associated with `uid`, starting + * at `data_offset` bytes from the beginning of the data. Upon successful + * completion, the data will be placed in the `p_data` buffer, which must be at + * least `data_size` bytes in size. The length of the data returned will be in + * `p_data_length`. If `data_size` is 0, the contents of `p_data_length` will + * be set to zero. + * + * \param[in] uid The uid value + * \param[in] data_offset The starting offset of the data requested + * \param[in] data_size The amount of data requested + * \param[out] p_data On success, the buffer where the data will + * be placed + * \param[out] p_data_length On success, this will contain size of the data + * placed in `p_data` + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the + * provided `uid` value was not found in + * the storage + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the + * physical storage has failed (Fatal + * error) + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the + * provided arguments (`p_data`, + * `p_data_length`) is invalid, for example + * is `NULL` or references memory the + * caller cannot access. In addition, this + * can also happen if `data_offset` is + * larger than the size of the data + * associated with `uid` + */ +psa_status_t psa_its_get(psa_storage_uid_t uid, + size_t data_offset, + size_t data_size, + void *p_data, + size_t *p_data_length); + +/** + * \brief Retrieve the metadata about the provided uid + * + * Retrieves the metadata stored for a given `uid` as a `psa_storage_info_t` + * structure. + * + * \param[in] uid The `uid` value + * \param[out] p_info A pointer to the `psa_storage_info_t` struct that will + * be populated with the metadata + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided + * uid value was not found in the storage + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical + * storage has failed (Fatal error) + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the + * provided pointers(`p_info`) + * is invalid, for example is `NULL` or + * references memory the caller cannot + * access + */ +psa_status_t psa_its_get_info(psa_storage_uid_t uid, + struct psa_storage_info_t *p_info); + +/** + * \brief Remove the provided uid and its associated data from the storage + * + * Deletes the data from internal storage. + * + * \param[in] uid The `uid` value + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more + * of the given arguments were invalid (null + * pointer, wrong flags and so on) + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided + * uid value was not found in the storage + * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided + * uid value was created with + * PSA_STORAGE_FLAG_WRITE_ONCE + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical + * storage has failed (Fatal error) + */ +psa_status_t psa_its_remove(psa_storage_uid_t uid); + +#ifdef __cplusplus +} +#endif + +#endif // PSA_INTERNAL_TRUSTED_STORAGE_H diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/protected_storage.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/protected_storage.h new file mode 100644 index 0000000..e76205c --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/protected_storage.h @@ -0,0 +1,282 @@ +/* + * Copyright (c) 2019-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/* This file describes the PSA Protected Storage API */ + +#ifndef PSA_PROTECTED_STORAGE_H +#define PSA_PROTECTED_STORAGE_H + +#include +#include + +#include "psa/error.h" +#include "psa/storage_common.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief PSA_PS_API_VERSION version + * + * Major and minor PSA_PS_API_VERSION numbers + */ +#define PSA_PS_API_VERSION_MAJOR 1 +#define PSA_PS_API_VERSION_MINOR 0 + +// This version of the header file is associated with 1.0 final release + +/** + * \brief Create a new, or modify an existing, uid/value pair + * + * Stores data in the protected storage. + * + * \param[in] uid The identifier for the data + * \param[in] data_length The size in bytes of the data in `p_data` + * \param[in] p_data A buffer containing the data + * \param[in] create_flags The flags that the data will be stored with + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the + * provided `uid` value was already + * created with + * PSA_STORAGE_FLAG_WRITE_ONCE + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one + * of the provided pointers(`p_data`) + * is invalid, for example is `NULL` or + * references memory the caller cannot + * access + * \retval PSA_ERROR_NOT_SUPPORTED The operation failed because one or + * more of the flags provided in + * `create_flags` is not supported or is + * not valid + * \retval PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there + * was insufficient space on the + * storage medium + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the + * physical storage has failed (Fatal + * error) + * \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an + * unspecified internal failure + */ +psa_status_t psa_ps_set(psa_storage_uid_t uid, + size_t data_length, + const void *p_data, + psa_storage_create_flags_t create_flags); + +/** + * \brief Retrieve data associated with a provided uid + * + * Retrieves up to `data_size` bytes of the data associated with `uid`, starting + * at `data_offset` bytes from the beginning of the data. Upon successful + * completion, the data will be placed in the `p_data` buffer, which must be at + * least `data_size` bytes in size. The length of the data returned will be in + * `p_data_length`. If `data_size` is 0, the contents of `p_data_length` will + * be set to zero. + * + * \param[in] uid The uid value + * \param[in] data_offset The starting offset of the data requested + * \param[in] data_size The amount of data requested + * \param[out] p_data On success, the buffer where the data will + * be placed + * \param[out] p_data_length On success, this will contain size of the data + * placed in `p_data` + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the + * provided arguments (`p_data`, + * `p_data_length`) is invalid, for example + * is `NULL` or references memory the + * caller cannot access. In addition, this + * can also happen if `data_offset` is + * larger than the size of the data + * associated with `uid` + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the + * provided `uid` value was not found in + * the storage + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the + * physical storage has failed (Fatal + * error) + * \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an + * unspecified internal failure + * \retval PSA_ERROR_DATA_CORRUPT The operation failed because the data + * associated with the UID was corrupt + * \retval PSA_ERROR_INVALID_SIGNATURE The operation failed because the data + * associated with the UID failed + * authentication + */ +psa_status_t psa_ps_get(psa_storage_uid_t uid, + size_t data_offset, + size_t data_size, + void *p_data, + size_t *p_data_length); + +/** + * \brief Retrieve the metadata about the provided uid + * + * Retrieves the metadata stored for a given `uid` + * + * \param[in] uid The `uid` value + * \param[out] p_info A pointer to the `psa_storage_info_t` struct that will + * be populated with the metadata + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the + * provided pointers(`p_info`) + * is invalid, for example is `NULL` or + * references memory the caller cannot + * access + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided + * uid value was not found in the storage + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical + * storage has failed (Fatal error) + * \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an + * unspecified internal failure + * \retval PSA_ERROR_DATA_CORRUPT The operation failed because the data + * associated with the UID was corrupt + */ +psa_status_t psa_ps_get_info(psa_storage_uid_t uid, + struct psa_storage_info_t *p_info); + +/** + * \brief Remove the provided uid and its associated data from the storage + * + * Removes previously stored data and any associated metadata, + * including rollback protection data. + * + * \param[in] uid The `uid` value + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more + * of the given arguments were invalid (null + * pointer, wrong flags and so on) + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided + * uid value was not found in the storage + * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided + * uid value was created with + * PSA_STORAGE_FLAG_WRITE_ONCE + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical + * storage has failed (Fatal error) + * \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an + * unspecified internal failure + */ +psa_status_t psa_ps_remove(psa_storage_uid_t uid); + +/** + * \brief Reserves storage for the specified uid + * + * Upon success, the capacity of the storage will be capacity, and the size + * will be 0. It is only necessary to call this function for assets that will + * be written with the psa_ps_set_extended function. If only the psa_ps_set + * function is needed, calls to this function are redundant. + * + * \param[in] uid The `uid` value + * \param[in] capacity The capacity to be allocated in bytes + * \param[in] create_flags Flags indicating properties of storage + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the + * physical storage has failed + * (Fatal error) + * \retval PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because the + * capacity is bigger than the current + * available space + * \retval PSA_ERROR_NOT_SUPPORTED The operation failed because the + * function is not implemented or one + * or more create_flags are not + * supported. + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because uid was + * 0 or create_flags specified flags + * that are not defined in the API. + * \retval PSA_ERROR_GENERIC_ERROR The operation failed due to an + * unspecified error + * \retval PSA_ERROR_ALREADY_EXISTS Storage for the specified uid + * already exists + */ +psa_status_t psa_ps_create(psa_storage_uid_t uid, + size_t capacity, + psa_storage_create_flags_t create_flags); + +/** + * \brief Sets partial data into an asset + * + * Before calling this function, the storage must have been reserved with a call + * to psa_ps_create. It can also be used to overwrite data in an asset that was + * created with a call to psa_ps_set. Calling this function with data_length = 0 + * is permitted, which will make no change to the stored data.This function can + * overwrite existing data and/or extend it up to the capacity for the uid + * specified in psa_ps_create, but cannot create gaps. + * + * That is, it has preconditions: + * - data_offset <= size + * - data_offset + data_length <= capacity + * and postconditions: + * - size = max(size, data_offset + data_length) + * - capacity unchanged. + * + * \param[in] uid The `uid` value + * \param[in] data_offset Offset within the asset to start the write + * \param[in] data_length The size in bytes of the data in p_data to write + * \param[in] p_data Pointer to a buffer which contains the data to write + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The asset exists, the input parameters + * are correct and the data is correctly + * written in the physical storage. + * \retval PSA_ERROR_STORAGE_FAILURE The data was not written correctly in + * the physical storage + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more + * of the preconditions listed above + * regarding data_offset, size, or + * data_length was violated. + * \retval PSA_ERROR_DOES_NOT_EXIST The specified uid was not found + * \retval PSA_ERROR_NOT_SUPPORTED The implementation of the API does not + * support this function + * \retval PSA_ERROR_GENERIC_ERROR The operation failed due to an + * unspecified error + * \retval PSA_ERROR_DATA_CORRUPT The operation failed because the + * existing data has been corrupted. + * \retval PSA_ERROR_INVALID_SIGNATURE The operation failed because the + * existing data failed authentication + * (MAC check failed). + * \retval PSA_ERROR_NOT_PERMITTED The operation failed because it was + * attempted on an asset which was written + * with the flag + * PSA_STORAGE_FLAG_WRITE_ONCE + */ +psa_status_t psa_ps_set_extended(psa_storage_uid_t uid, + size_t data_offset, + size_t data_length, + const void *p_data); + +/** + * \brief Lists optional features. + * + * \return A bitmask with flags set for all of + * the optional features supported by the + * implementation.Currently defined flags + * are limited to + * PSA_STORAGE_SUPPORT_SET_EXTENDED + */ +uint32_t psa_ps_get_support(void); + +#ifdef __cplusplus +} +#endif + +#endif /* PSA_PROTECTED_STORAGE_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/storage_common.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/storage_common.h new file mode 100644 index 0000000..3f901c5 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa/storage_common.h @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/* This file includes common definitions for PSA storage +*/ + +#ifndef PSA_STORAGE_COMMON_H +#define PSA_STORAGE_COMMON_H + +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +typedef uint32_t psa_storage_create_flags_t; + +typedef uint64_t psa_storage_uid_t; + +/* Flags */ + +#define PSA_STORAGE_FLAG_NONE 0u +#define PSA_STORAGE_FLAG_WRITE_ONCE (1u << 0) +#define PSA_STORAGE_FLAG_NO_CONFIDENTIALITY (1u << 1) +#define PSA_STORAGE_FLAG_NO_REPLAY_PROTECTION (1u << 2) + +/* A container for metadata associated with a specific uid */ + +struct psa_storage_info_t { + size_t capacity; + size_t size; + psa_storage_create_flags_t flags; +}; + +#define PSA_STORAGE_SUPPORT_SET_EXTENDED (1u << 0) + +#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) +#define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152) + +#ifdef __cplusplus +} +#endif + +#endif // PSA_STORAGE_COMMON_H diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa_manifest/sid.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa_manifest/sid.h new file mode 100644 index 0000000..f9bdf7c --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/psa_manifest/sid.h @@ -0,0 +1,147 @@ +/* + * Copyright (c) 2019-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/*********** WARNING: This is an auto-generated file. Do not edit! ***********/ + +#ifndef __PSA_MANIFEST_SID_H__ +#define __PSA_MANIFEST_SID_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +/******** TFM_SP_PS ********/ +#define TFM_PS_SET_SID (0x00000060U) +#define TFM_PS_SET_VERSION (1U) +#define TFM_PS_GET_SID (0x00000061U) +#define TFM_PS_GET_VERSION (1U) +#define TFM_PS_GET_INFO_SID (0x00000062U) +#define TFM_PS_GET_INFO_VERSION (1U) +#define TFM_PS_REMOVE_SID (0x00000063U) +#define TFM_PS_REMOVE_VERSION (1U) +#define TFM_PS_GET_SUPPORT_SID (0x00000064U) +#define TFM_PS_GET_SUPPORT_VERSION (1U) + +/******** TFM_SP_ITS ********/ +#define TFM_ITS_SET_SID (0x00000070U) +#define TFM_ITS_SET_VERSION (1U) +#define TFM_ITS_GET_SID (0x00000071U) +#define TFM_ITS_GET_VERSION (1U) +#define TFM_ITS_GET_INFO_SID (0x00000072U) +#define TFM_ITS_GET_INFO_VERSION (1U) +#define TFM_ITS_REMOVE_SID (0x00000073U) +#define TFM_ITS_REMOVE_VERSION (1U) + +/******** TFM_SP_CRYPTO ********/ +#define TFM_CRYPTO_SID (0x00000080U) +#define TFM_CRYPTO_VERSION (1U) + +/******** TFM_SP_PLATFORM ********/ +#define TFM_SP_PLATFORM_SYSTEM_RESET_SID (0x00000040U) +#define TFM_SP_PLATFORM_SYSTEM_RESET_VERSION (1U) +#define TFM_SP_PLATFORM_IOCTL_SID (0x00000041U) +#define TFM_SP_PLATFORM_IOCTL_VERSION (1U) +#define TFM_SP_PLATFORM_NV_COUNTER_SID (0x00000042U) +#define TFM_SP_PLATFORM_NV_COUNTER_VERSION (1U) + +/******** TFM_SP_INITIAL_ATTESTATION ********/ +#define TFM_ATTEST_GET_TOKEN_SID (0x00000020U) +#define TFM_ATTEST_GET_TOKEN_VERSION (1U) +#define TFM_ATTEST_GET_TOKEN_SIZE_SID (0x00000021U) +#define TFM_ATTEST_GET_TOKEN_SIZE_VERSION (1U) +#define TFM_ATTEST_GET_PUBLIC_KEY_SID (0x00000022U) +#define TFM_ATTEST_GET_PUBLIC_KEY_VERSION (1U) + +/******** TFM_SP_CORE_TEST ********/ +#define SPM_CORE_TEST_INIT_SUCCESS_SID (0x0000F020U) +#define SPM_CORE_TEST_INIT_SUCCESS_VERSION (1U) +#define SPM_CORE_TEST_DIRECT_RECURSION_SID (0x0000F021U) +#define SPM_CORE_TEST_DIRECT_RECURSION_VERSION (1U) +#define SPM_CORE_TEST_SS_TO_SS_SID (0x0000F024U) +#define SPM_CORE_TEST_SS_TO_SS_VERSION (1U) +#define SPM_CORE_TEST_SS_TO_SS_BUFFER_SID (0x0000F025U) +#define SPM_CORE_TEST_SS_TO_SS_BUFFER_VERSION (1U) +#define SPM_CORE_TEST_OUTVEC_WRITE_SID (0x0000F026U) +#define SPM_CORE_TEST_OUTVEC_WRITE_VERSION (1U) +#define SPM_CORE_TEST_PERIPHERAL_ACCESS_SID (0x0000F027U) +#define SPM_CORE_TEST_PERIPHERAL_ACCESS_VERSION (1U) +#define SPM_CORE_TEST_GET_CALLER_CLIENT_ID_SID (0x0000F028U) +#define SPM_CORE_TEST_GET_CALLER_CLIENT_ID_VERSION (1U) +#define SPM_CORE_TEST_SPM_REQUEST_SID (0x0000F029U) +#define SPM_CORE_TEST_SPM_REQUEST_VERSION (1U) +#define SPM_CORE_TEST_BLOCK_SID (0x0000F02AU) +#define SPM_CORE_TEST_BLOCK_VERSION (1U) +#define SPM_CORE_TEST_NS_THREAD_SID (0x0000F02BU) +#define SPM_CORE_TEST_NS_THREAD_VERSION (1U) + +/******** TFM_SP_CORE_TEST_2 ********/ +#define SPM_CORE_TEST_2_SLAVE_SERVICE_SID (0x0000F040U) +#define SPM_CORE_TEST_2_SLAVE_SERVICE_VERSION (1U) +#define SPM_CORE_TEST_2_CHECK_CALLER_CLIENT_ID_SID (0x0000F041U) +#define SPM_CORE_TEST_2_CHECK_CALLER_CLIENT_ID_VERSION (1U) +#define SPM_CORE_TEST_2_GET_EVERY_SECOND_BYTE_SID (0x0000F042U) +#define SPM_CORE_TEST_2_GET_EVERY_SECOND_BYTE_VERSION (1U) +#define SPM_CORE_TEST_2_INVERT_SID (0x0000F043U) +#define SPM_CORE_TEST_2_INVERT_VERSION (1U) +#define SPM_CORE_TEST_2_PREPARE_TEST_SCENARIO_SID (0x0000F044U) +#define SPM_CORE_TEST_2_PREPARE_TEST_SCENARIO_VERSION (1U) +#define SPM_CORE_TEST_2_EXECUTE_TEST_SCENARIO_SID (0x0000F045U) +#define SPM_CORE_TEST_2_EXECUTE_TEST_SCENARIO_VERSION (1U) + +/******** TFM_SP_SECURE_TEST_PARTITION ********/ +#define TFM_SECURE_CLIENT_SFN_RUN_TESTS_SID (0x0000F000U) +#define TFM_SECURE_CLIENT_SFN_RUN_TESTS_VERSION (1U) + +/******** TFM_SP_IPC_SERVICE_TEST ********/ +#define IPC_SERVICE_TEST_BASIC_SID (0x0000F080U) +#define IPC_SERVICE_TEST_BASIC_VERSION (1U) +#define IPC_SERVICE_TEST_PSA_ACCESS_APP_MEM_SID (0x0000F081U) +#define IPC_SERVICE_TEST_PSA_ACCESS_APP_MEM_VERSION (1U) +#define IPC_SERVICE_TEST_PSA_ACCESS_APP_READ_ONLY_MEM_SID (0x0000F082U) +#define IPC_SERVICE_TEST_PSA_ACCESS_APP_READ_ONLY_MEM_VERSION (1U) +#define IPC_SERVICE_TEST_APP_ACCESS_PSA_MEM_SID (0x0000F083U) +#define IPC_SERVICE_TEST_APP_ACCESS_PSA_MEM_VERSION (1U) +#define IPC_SERVICE_TEST_CLIENT_PROGRAMMER_ERROR_SID (0x0000F084U) +#define IPC_SERVICE_TEST_CLIENT_PROGRAMMER_ERROR_VERSION (1U) + +/******** TFM_SP_IPC_CLIENT_TEST ********/ +#define IPC_CLIENT_TEST_BASIC_SID (0x0000F060U) +#define IPC_CLIENT_TEST_BASIC_VERSION (1U) +#define IPC_CLIENT_TEST_PSA_ACCESS_APP_MEM_SID (0x0000F061U) +#define IPC_CLIENT_TEST_PSA_ACCESS_APP_MEM_VERSION (1U) +#define IPC_CLIENT_TEST_PSA_ACCESS_APP_READ_ONLY_MEM_SID (0x0000F062U) +#define IPC_CLIENT_TEST_PSA_ACCESS_APP_READ_ONLY_MEM_VERSION (1U) +#define IPC_CLIENT_TEST_APP_ACCESS_PSA_MEM_SID (0x0000F063U) +#define IPC_CLIENT_TEST_APP_ACCESS_PSA_MEM_VERSION (1U) +#define IPC_CLIENT_TEST_MEM_CHECK_SID (0x0000F064U) +#define IPC_CLIENT_TEST_MEM_CHECK_VERSION (1U) + +/******** TFM_IRQ_TEST_1 ********/ +#define SPM_CORE_IRQ_TEST_1_PREPARE_TEST_SCENARIO_SID (0x0000F0A0U) +#define SPM_CORE_IRQ_TEST_1_PREPARE_TEST_SCENARIO_VERSION (1U) +#define SPM_CORE_IRQ_TEST_1_EXECUTE_TEST_SCENARIO_SID (0x0000F0A1U) +#define SPM_CORE_IRQ_TEST_1_EXECUTE_TEST_SCENARIO_VERSION (1U) + +/******** TFM_SP_PS_TEST ********/ +#define TFM_PS_TEST_PREPARE_SID (0x0000F0C0U) +#define TFM_PS_TEST_PREPARE_VERSION (1U) + +/******** TFM_SP_SECURE_CLIENT_2 ********/ +#define TFM_SECURE_CLIENT_2_SID (0x0000F0E0U) +#define TFM_SECURE_CLIENT_2_VERSION (1U) + +/******** TFM_SP_MULTI_CORE_TEST ********/ +#define MULTI_CORE_MULTI_CLIENT_CALL_TEST_0_SID (0x0000F100U) +#define MULTI_CORE_MULTI_CLIENT_CALL_TEST_0_VERSION (1U) +#define MULTI_CORE_MULTI_CLIENT_CALL_TEST_1_SID (0x0000F101U) +#define MULTI_CORE_MULTI_CLIENT_CALL_TEST_1_VERSION (1U) + +#ifdef __cplusplus +} +#endif + +#endif /* __PSA_MANIFEST_SID_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_api.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_api.h new file mode 100644 index 0000000..09abc39 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_api.h @@ -0,0 +1,142 @@ +/* + * Copyright (c) 2017-2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __TFM_API_H__ +#define __TFM_API_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +#include +#include "psa/client.h" + +#define TFM_INVALID_CLIENT_ID 0 + +/** + * \brief Checks if the provided client ID is a secure client ID. + * + * \param[in] client_id Client ID to check. + * + * \retval 1 Client ID is secure. + * \retval 0 Client ID is non-secure. + */ +#define TFM_CLIENT_ID_IS_S(client_id) ((client_id)>0) + +/** + * \brief Checks if the provided client ID is a non-secure client ID. + * + * \param[in] client_id Client ID to check. + * + * \retval 1 Client ID is non-secure. + * \retval 0 Client ID is secure. + */ +#define TFM_CLIENT_ID_IS_NS(client_id) ((client_id)<0) + +/* The mask used for timeout values */ +#define PSA_TIMEOUT_MASK PSA_BLOCK + +/* FixMe: sort out DEBUG compile option and limit return value options + * on external interfaces */ +enum tfm_status_e +{ + TFM_SUCCESS = 0, + TFM_PARTITION_BUSY, + TFM_ERROR_SECURE_DOMAIN_LOCKED, + TFM_ERROR_INVALID_PARAMETER, + TFM_ERROR_PARTITION_NON_REENTRANT, + TFM_ERROR_NS_THREAD_MODE_CALL, + TFM_ERROR_NOT_INITIALIZED, + TFM_ERROR_NO_ACTIVE_PARTITION, + TFM_ERROR_INVALID_EXC_MODE, + TFM_SECURE_LOCK_FAILED, + TFM_SECURE_UNLOCK_FAILED, + TFM_ERROR_GENERIC = 0x1F, +}; + +/* + * Structure to package type, in_len and out_len, it is mainly used for + * psa_call. + */ +struct tfm_control_parameter_t { + int32_t type; + size_t in_len; + size_t out_len; +}; + +/********************* Secure function declarations ***************************/ + +/** + * \brief Assign client ID to the current TZ context. + * + * \param[in] ns_client_id The client ID to be assigned to the current + * context. + * \retval TFM_SUCCESS The client ID assigned successfully. + * \retval error code The client ID assignment failed, an error code + * returned according to \ref tfm_status_e. + * \note This function have to be called from handler mode. + */ +enum tfm_status_e tfm_register_client_id (int32_t ns_client_id); + +/** + * \brief Retrieve the version of the PSA Framework API that is implemented. + * + * \return The version of the PSA Framework. + */ +uint32_t tfm_psa_framework_version_veneer(void); + +/** + * \brief Return version of secure function provided by secure binary. + * + * \param[in] sid ID of secure service. + * + * \return Version number of secure function. + */ +uint32_t tfm_psa_version_veneer(uint32_t sid); + +/** + * \brief Connect to secure function. + * + * \param[in] sid ID of secure service. + * \param[in] version Version of SF requested by client. + * + * \return Returns handle to connection. + */ +psa_handle_t tfm_psa_connect_veneer(uint32_t sid, uint32_t version); + +/** + * \brief Call a secure function referenced by a connection handle. + * + * \param[in] handle Handle to connection. + * \param[in] ctrl_param Parameter structure, includes reuqest type, + * in_num and out_num. + * \param[in] in_vec Array of input \ref psa_invec structures. + * \param[in/out] out_vec Array of output \ref psa_outvec structures. + * + * \return Returns \ref psa_status_t status code. + */ +psa_status_t tfm_psa_call_veneer(psa_handle_t handle, + const struct tfm_control_parameter_t *ctrl_param, + const psa_invec *in_vec, + psa_outvec *out_vec); + +/** + * \brief Close connection to secure function referenced by a connection handle. + * + * \param[in] handle Handle to connection + * + * \return void + */ +void tfm_psa_close_veneer(psa_handle_t handle); + +/***************** End Secure function declarations ***************************/ + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_API_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_crypto_defs.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_crypto_defs.h new file mode 100644 index 0000000..dd45e3b --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_crypto_defs.h @@ -0,0 +1,165 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __TFM_CRYPTO_DEFS_H__ +#define __TFM_CRYPTO_DEFS_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +#include +#include +#include "tfm_api.h" +#include "psa/crypto.h" + +/** + * \brief This type is used to overcome a limitation in the number of maximum + * IOVECs that can be used especially in psa_aead_encrypt and + * psa_aead_decrypt. To be removed in case the AEAD APIs number of + * parameters passed gets restructured + */ +#define TFM_CRYPTO_MAX_NONCE_LENGTH (16u) +struct tfm_crypto_aead_pack_input { + uint8_t nonce[TFM_CRYPTO_MAX_NONCE_LENGTH]; + uint32_t nonce_length; +}; + +/** + * \brief Structure used to pack non-pointer types in a call + * + */ +struct tfm_crypto_pack_iovec { + uint32_t sfn_id; /*!< Secure function ID used to dispatch the + * request + */ + uint16_t step; /*!< Key derivation step */ + psa_key_handle_t key_handle; /*!< Key handle */ + psa_algorithm_t alg; /*!< Algorithm */ + psa_algorithm_t alg2; /*!< Enrollment Algorithm */ + uint32_t op_handle; /*!< Frontend context handle associated to a + * multipart operation + */ + size_t capacity; /*!< Key derivation capacity */ + + struct tfm_crypto_aead_pack_input aead_in; /*!< FixMe: Temporarily used for + * AEAD until the API is + * restructured + */ +}; + +/** + * \brief Define a progressive numerical value for each SID which can be used + * when dispatching the requests to the service + */ +enum { + TFM_CRYPTO_GET_KEY_ATTRIBUTES_SID = (0u), + TFM_CRYPTO_RESET_KEY_ATTRIBUTES_SID, + TFM_CRYPTO_OPEN_KEY_SID, + TFM_CRYPTO_CLOSE_KEY_SID, + TFM_CRYPTO_IMPORT_KEY_SID, + TFM_CRYPTO_DESTROY_KEY_SID, + TFM_CRYPTO_EXPORT_KEY_SID, + TFM_CRYPTO_EXPORT_PUBLIC_KEY_SID, + TFM_CRYPTO_COPY_KEY_SID, + TFM_CRYPTO_HASH_COMPUTE_SID, + TFM_CRYPTO_HASH_COMPARE_SID, + TFM_CRYPTO_HASH_SETUP_SID, + TFM_CRYPTO_HASH_UPDATE_SID, + TFM_CRYPTO_HASH_FINISH_SID, + TFM_CRYPTO_HASH_VERIFY_SID, + TFM_CRYPTO_HASH_ABORT_SID, + TFM_CRYPTO_HASH_CLONE_SID, + TFM_CRYPTO_MAC_COMPUTE_SID, + TFM_CRYPTO_MAC_VERIFY_SID, + TFM_CRYPTO_MAC_SIGN_SETUP_SID, + TFM_CRYPTO_MAC_VERIFY_SETUP_SID, + TFM_CRYPTO_MAC_UPDATE_SID, + TFM_CRYPTO_MAC_SIGN_FINISH_SID, + TFM_CRYPTO_MAC_VERIFY_FINISH_SID, + TFM_CRYPTO_MAC_ABORT_SID, + TFM_CRYPTO_CIPHER_ENCRYPT_SID, + TFM_CRYPTO_CIPHER_DECRYPT_SID, + TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID, + TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID, + TFM_CRYPTO_CIPHER_GENERATE_IV_SID, + TFM_CRYPTO_CIPHER_SET_IV_SID, + TFM_CRYPTO_CIPHER_UPDATE_SID, + TFM_CRYPTO_CIPHER_FINISH_SID, + TFM_CRYPTO_CIPHER_ABORT_SID, + TFM_CRYPTO_AEAD_ENCRYPT_SID, + TFM_CRYPTO_AEAD_DECRYPT_SID, + TFM_CRYPTO_AEAD_ENCRYPT_SETUP_SID, + TFM_CRYPTO_AEAD_DECRYPT_SETUP_SID, + TFM_CRYPTO_AEAD_GENERATE_NONCE_SID, + TFM_CRYPTO_AEAD_SET_NONCE_SID, + TFM_CRYPTO_AEAD_SET_LENGTHS_SID, + TFM_CRYPTO_AEAD_UPDATE_AD_SID, + TFM_CRYPTO_AEAD_UPDATE_SID, + TFM_CRYPTO_AEAD_FINISH_SID, + TFM_CRYPTO_AEAD_VERIFY_SID, + TFM_CRYPTO_AEAD_ABORT_SID, + TFM_CRYPTO_SIGN_HASH_SID, + TFM_CRYPTO_VERIFY_HASH_SID, + TFM_CRYPTO_ASYMMETRIC_ENCRYPT_SID, + TFM_CRYPTO_ASYMMETRIC_DECRYPT_SID, + TFM_CRYPTO_KEY_DERIVATION_SETUP_SID, + TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY_SID, + TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY_SID, + TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES_SID, + TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY_SID, + TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT_SID, + TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_SID, + TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY_SID, + TFM_CRYPTO_KEY_DERIVATION_ABORT_SID, + TFM_CRYPTO_RAW_KEY_AGREEMENT_SID, + TFM_CRYPTO_GENERATE_RANDOM_SID, + TFM_CRYPTO_GENERATE_KEY_SID, + TFM_CRYPTO_SET_KEY_DOMAIN_PARAMETERS_SID, + TFM_CRYPTO_GET_KEY_DOMAIN_PARAMETERS_SID, + TFM_CRYPTO_SID_MAX, +}; + +/** + * \brief Define an invalid value for an SID + * + */ +#define TFM_CRYPTO_SID_INVALID (~0x0u) + +/** + * \brief This value is used to mark an handle as invalid. + * + */ +#define TFM_CRYPTO_INVALID_HANDLE (0x0u) + +/** + * \brief The persistent key identifier that refers to the hardware unique key. + * + */ +#define TFM_CRYPTO_KEY_ID_HUK (0xFFFF815Bu) + +/** + * \brief The algorithm identifier that refers to key derivation from the + * hardware unique key. + * + */ +#define TFM_CRYPTO_ALG_HUK_DERIVATION ((psa_algorithm_t)0xB0000F00) + +/** + * \brief Define miscellaneous literal constants that are used in the service + * + */ +enum { + TFM_CRYPTO_NOT_IN_USE = 0, + TFM_CRYPTO_IN_USE = 1 +}; + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_CRYPTO_DEFS_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_mailbox.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_mailbox.h new file mode 100644 index 0000000..3d128f4 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_mailbox.h @@ -0,0 +1,180 @@ +/* + * Copyright (c) 2019-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/* + * This is header file of common mailbox objects shared by NSPE and SPE. + * Please refer to tfm_ns_mailbox.h for the definitions only used in NSPE + * mailbox library. + * Please refer to tfm_spe_mailbox.h for the SPE specific definitions and APIs. + */ + +#ifndef __TFM_MAILBOX_H__ +#define __TFM_MAILBOX_H__ + +#include +#include +#include +#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL +#include "device_cfg.h" +#endif +#include "psa/client.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * If multiple outstanding NS PSA Client calls is enabled, multi-core platform + * should define the number of mailbox queue slots NUM_MAILBOX_QUEUE_SLOT in + * platform device_cfg.h. + * Otherwise, NUM_MAILBOX_QUEUE_SLOT is defined as 1. + */ +#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL +#ifndef NUM_MAILBOX_QUEUE_SLOT +#error "Error: Platform doesn't define NUM_MAILBOX_QUEUE_SLOT for mailbox queue" +#endif + +#if (NUM_MAILBOX_QUEUE_SLOT < 2) +#error "Error: Invalid NUM_MAILBOX_QUEUE_SLOT. The value should be more than 1" +#endif + +/* + * The number of slots should be no more than the number of bits in + * mailbox_queue_status_t. + * Here the value is hardcoded. A better way is to define a sizeof() to + * calculate the bits in mailbox_queue_status_t and dump it with pragma message. + */ +#if (NUM_MAILBOX_QUEUE_SLOT > 32) +#error "Error: Invalid NUM_MAILBOX_QUEUE_SLOT. The value should be no more than 32" +#endif +#else /* TFM_MULTI_CORE_MULTI_CLIENT_CALL */ +/* Force the number of mailbox queue slots as 1. */ +#undef NUM_MAILBOX_QUEUE_SLOT +#define NUM_MAILBOX_QUEUE_SLOT (1) +#endif /* TFM_MULTI_CORE_MULTI_CLIENT_CALL */ + +/* PSA client call type value */ +#define MAILBOX_PSA_FRAMEWORK_VERSION (0x1) +#define MAILBOX_PSA_VERSION (0x2) +#define MAILBOX_PSA_CONNECT (0x3) +#define MAILBOX_PSA_CALL (0x4) +#define MAILBOX_PSA_CLOSE (0x5) + +/* Return code of mailbox APIs */ +#define MAILBOX_SUCCESS (0) +#define MAILBOX_QUEUE_FULL (INT32_MIN + 1) +#define MAILBOX_INVAL_PARAMS (INT32_MIN + 2) +#define MAILBOX_NO_PERMS (INT32_MIN + 3) +#define MAILBOX_NO_PEND_EVENT (INT32_MIN + 4) +#define MAILBOX_CHAN_BUSY (INT32_MIN + 5) +#define MAILBOX_CALLBACK_REG_ERROR (INT32_MIN + 6) +#define MAILBOX_INIT_ERROR (INT32_MIN + 7) + +/* + * This structure holds the parameters used in a PSA client call. + */ +struct psa_client_params_t { + union { + struct { + uint32_t sid; + } psa_version_params; + + struct { + uint32_t sid; + uint32_t version; + } psa_connect_params; + + struct { + psa_handle_t handle; + int32_t type; + const psa_invec *in_vec; + size_t in_len; + psa_outvec *out_vec; + size_t out_len; + } psa_call_params; + + struct { + psa_handle_t handle; + } psa_close_params; + }; +}; + +/* Mailbox message passed from NSPE to SPE to deliver a PSA client call */ +struct mailbox_msg_t { + uint32_t call_type; /* PSA client call type */ + struct psa_client_params_t params; /* Contain parameters used in PSA + * client call + */ + + int32_t client_id; /* Optional client ID of the + * non-secure caller. + * It is required to identify the + * non-secure task when NSPE OS + * enforces non-secure task isolation + */ +}; + +/* A handle to a mailbox message in use */ +typedef int32_t mailbox_msg_handle_t; + +#define MAILBOX_MSG_NULL_HANDLE ((mailbox_msg_handle_t)0) + +/* + * Mailbox reply structure in non-secure memory + * to hold the PSA client call return result from SPE + */ +struct mailbox_reply_t { + int32_t return_val; +}; + +/* A single slot structure in NSPE mailbox queue */ +struct ns_mailbox_slot_t { + struct mailbox_msg_t msg; + struct mailbox_reply_t reply; + const void *owner; /* Handle of the owner task of this + * slot + */ + bool is_woken; /* Indicate that owner task has been + * or should be woken up, after the + * replied is received. + */ +}; + +typedef uint32_t mailbox_queue_status_t; + +/* NSPE mailbox queue */ +struct ns_mailbox_queue_t { + mailbox_queue_status_t empty_slots; /* Bitmask of empty slots */ + mailbox_queue_status_t pend_slots; /* Bitmask of slots pending + * for SPE handling + */ + mailbox_queue_status_t replied_slots; /* Bitmask of active slots + * containing PSA client call + * return result + */ + + struct ns_mailbox_slot_t queue[NUM_MAILBOX_QUEUE_SLOT]; + +#ifdef TFM_MULTI_CORE_TEST + uint32_t nr_tx; /* The total number of + * submission of NS PSA Client + * calls from NS task via + * mailbox. + */ + uint32_t nr_used_slots; /* The total number of used + * mailbox queue slots each time + * NS thread requests a mailbox + * queue slot. + */ +#endif +}; + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_MAILBOX_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_multi_core_api.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_multi_core_api.h new file mode 100644 index 0000000..7999fa4 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_multi_core_api.h @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __TFM_MULTI_CORE_API__ +#define __TFM_MULTI_CORE_API__ + +#ifdef __cplusplus +extern "C" { +#endif + +#include + +/** + * \brief Called on the non-secure CPU. + * Flags that the non-secure side has completed its initialization. + * Waits, if necessary, for the secure CPU to flag that it has completed + * its initialization. + * + * \return Return 0 if succeeds. + * \return Otherwise, return specific error code. + */ +int32_t tfm_ns_wait_for_s_cpu_ready(void); + +/** + * \brief Synchronisation with secure CPU, platform-specific implementation. + * Flags that the non-secure side has completed its initialization. + * Waits, if necessary, for the secure CPU to flag that it has completed + * its initialization. + * + * \retval Return 0 if succeeds. + * \retval Otherwise, return specific error code. + */ +int32_t tfm_platform_ns_wait_for_s_cpu_ready(void); + +/** + * \brief Acquire the multi-core lock for synchronizing PSA client call(s) + * The actual implementation depends on the use scenario. + * + * \return \ref TFM_SUCCESS on success + * \return \ref TFM_ERROR_GENERIC on error + */ +uint32_t tfm_ns_multi_core_lock_acquire(void); + +/** + * \brief Release the multi-core lock for synchronizing PSA client call(s) + * The actual implementation depends on the use scenario. + * + * \return \ref TFM_SUCCESS on success + * \return \ref TFM_ERROR_GENERIC on error + */ +uint32_t tfm_ns_multi_core_lock_release(void); + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_MULTI_CORE_API__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_ns_interface.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_ns_interface.h new file mode 100644 index 0000000..21857be --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_ns_interface.h @@ -0,0 +1,54 @@ +/* + * Copyright (c) 2017-2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +#ifndef __TFM_NS_INTERFACE_H__ +#define __TFM_NS_INTERFACE_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +#include +#include "tfm_api.h" + +typedef int32_t (*veneer_fn) (uint32_t arg0, uint32_t arg1, + uint32_t arg2, uint32_t arg3); + +/** + * \brief NS interface, veneer function dispatcher + * + * \details This function implements the dispatching mechanism for the + * desired veneer function, to be called with the parameters + * described from arg0 to arg3. + * + * \param[in] fn Function pointer to the veneer function desired + * \param[in] arg0 Argument 0 + * \param[in] arg1 Argument 1 + * \param[in] arg2 Argument 2 + * \param[in] arg3 Argument 3 + * + * \return Returns the same return value of the requested veneer function + */ +int32_t tfm_ns_interface_dispatch(veneer_fn fn, + uint32_t arg0, uint32_t arg1, + uint32_t arg2, uint32_t arg3); + +/** + * \brief NS interface, Initialise the NS interface + * + * \details This function needs to be called from the NS world to + * properly initialise the NS interface towards TF-M. This + * function will initialise all the objects required for + * runtime dispatching of TF-M requests to services + * + * \return A value according to \ref enum tfm_status_e + */ +enum tfm_status_e tfm_ns_interface_init(void); +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_NS_INTERFACE_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_ns_mailbox.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_ns_mailbox.h new file mode 100644 index 0000000..2fcb1b6 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_ns_mailbox.h @@ -0,0 +1,229 @@ +/* + * Copyright (c) 2019-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/* Data types and API definitions in NSPE mailbox library */ + +#ifndef __TFM_NS_MAILBOX_H__ +#define __TFM_NS_MAILBOX_H__ + +#include +#include +#include "tfm_mailbox.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#ifdef TFM_MULTI_CORE_TEST +/** + * \brief The structure to hold the statistics result of NSPE mailbox + */ +struct ns_mailbox_stats_res_t { + uint8_t avg_nr_slots; /* The value before the decimal point + * in the average number of NSPE + * mailbox slots in use. + */ + uint8_t avg_nr_slots_tenths; /* The first digit value after the + * decimal point in the average + * number of NSPE mailbox slots in use. + */ +}; +#endif + +/** + * \brief Prepare and send PSA client request to SPE via mailbox. + * + * \param[in] call_type PSA client call type + * \param[in] params Parmaters used for PSA client call + * \param[in] client_id Optional client ID of non-secure caller. + * It is required to identify the non-secure caller + * when NSPE OS enforces non-secure task isolation. + * + * \retval >= 0 The handle to the mailbox message assigned. + * \retval < 0 Operation failed with an error code. + */ +mailbox_msg_handle_t tfm_ns_mailbox_tx_client_req(uint32_t call_type, + const struct psa_client_params_t *params, + int32_t client_id); + +/** + * \brief Fetch PSA client return result. + * + * \param[in] handle The handle to the mailbox message + * \param[out] reply The address to be written with return result. + * + * \retval MAILBOX_SUCCESS Successfully get PSA client call return result. + * \retval Other return code Operation failed with an error code. + */ +int32_t tfm_ns_mailbox_rx_client_reply(mailbox_msg_handle_t handle, + int32_t *reply); + +/** + * \brief Check whether a specific mailbox message has been replied. + * + * \param[in] handle The handle to the mailbox message + * + * \retval true The PSA client call return value is replied. + * \retval false The PSA client call return value is not + * replied yet. + */ +bool tfm_ns_mailbox_is_msg_replied(mailbox_msg_handle_t handle); + +/** + * \brief NSPE mailbox initialization + * + * \param[in] queue The base address of NSPE mailbox queue to be + * initialized. + * + * \retval MAILBOX_SUCCESS Operation succeeded. + * \retval Other return code Operation failed with an error code. + */ +int32_t tfm_ns_mailbox_init(struct ns_mailbox_queue_t *queue); + +/** + * \brief Get the handle of the current non-secure task executing mailbox + * functionalities + * + * \note This function should be implemented according to platform, NS OS + * and actual use scenario. + * This function can be ignored or return NULL if sleep/wake-up mechanism + * is not required in PSA Client API implementation. + * + * \return Return the handle of task. + */ +const void *tfm_ns_mailbox_get_task_handle(void); + +/** + * \brief Fetch the handle to the first replied mailbox message in the NSPE + * mailbox queue. + * This function is intended to be called inside platform specific + * notification IRQ handler. + * + * \note The replied status of the fetched mailbox message will be cleaned after + * the message is fetched. When this function is called again, it fetches + * the next replied mailbox message from the NSPE mailbox queue. + * + * \return Return the handle to the first replied mailbox message in the + * queue. + * Return \ref MAILBOX_MSG_NULL_HANDLE if no mailbox message is replied. + */ +mailbox_msg_handle_t tfm_ns_mailbox_fetch_reply_msg_isr(void); + +/** + * \brief Return the handle of owner task of a mailbox message according to the + * \ref mailbox_msg_handle_t + * + * \param[in] handle The handle of mailbox message. + * + * \return Return the handle value of the owner task. + */ +const void *tfm_ns_mailbox_get_msg_owner(mailbox_msg_handle_t handle); + +#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL +/** + * \brief Wait for the reply returned from SPE to the mailbox message specified + * by handle + * + * \param[in] handle The handle of mailbox message. + * + * \retval MAILBOX_SUCCESS Return from waiting successfully. + * \retval Other return code Failed to wait with an error code. + */ +int32_t tfm_ns_mailbox_wait_reply(mailbox_msg_handle_t handle); +#endif + +/** + * \brief Platform specific NSPE mailbox initialization. + * Invoked by \ref tfm_ns_mailbox_init(). + * + * \param[in] queue The base address of NSPE mailbox queue to be + * initialized. + * + * \retval MAILBOX_SUCCESS Operation succeeded. + * \retval Other return code Operation failed with an error code. + */ +int32_t tfm_ns_mailbox_hal_init(struct ns_mailbox_queue_t *queue); + +/** + * \brief Notify SPE to deal with the PSA client call sent via mailbox + * + * \note The implementation depends on platform specific hardware and use case. + * + * \retval MAILBOX_SUCCESS Operation succeeded. + * \retval Other return code Operation failed with an error code. + */ +int32_t tfm_ns_mailbox_hal_notify_peer(void); + +/** + * \brief Enter critical section of NSPE mailbox. + * + * \note The implementation depends on platform specific hardware and use case. + */ +void tfm_ns_mailbox_hal_enter_critical(void); + +/** + * \brief Exit critical section of NSPE mailbox. + * + * \note The implementation depends on platform specific hardware and use case. + */ +void tfm_ns_mailbox_hal_exit_critical(void); + +/** + * \brief Enter critical section of NSPE mailbox in IRQ handler. + * + * \note The implementation depends on platform specific hardware and use case. + */ +void tfm_ns_mailbox_hal_enter_critical_isr(void); + +/** + * \brief Enter critical section of NSPE mailbox in IRQ handler + * + * \note The implementation depends on platform specific hardware and use case. + */ +void tfm_ns_mailbox_hal_exit_critical_isr(void); + +#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL +/** + * \brief Performs platform and NS OS specific waiting mechanism to wait for + * the reply of the specified mailbox message to be returned from SPE. + * + * \note This function is implemented by platform and NS OS specific waiting + * mechanism accroding to use scenario. + * + * \param[in] handle The handle of mailbox message. + */ +void tfm_ns_mailbox_hal_wait_reply(mailbox_msg_handle_t handle); +#endif + +#ifdef TFM_MULTI_CORE_TEST +/** + * \brief Initialize the statistics module in TF-M NSPE mailbox. + * + * \note This function is only available when multi-core tests are enabled. + */ +void tfm_ns_mailbox_tx_stats_init(void); + +/** + * \brief Calculate the average number of used NS mailbox queue slots each time + * NS task requires a queue slot to submit mailbox message, which is + * recorded in NS mailbox statisitics module. + * + * \note This function is only available when multi-core tests are enabled. + * + * \param[in] stats_res The buffer to be written with + * \ref ns_mailbox_stats_res_t. + * + * \return Return the calculation result. + */ +void tfm_ns_mailbox_stats_avg_slot(struct ns_mailbox_stats_res_t *stats_res); +#endif + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_NS_MAILBOX_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_ns_svc.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_ns_svc.h new file mode 100644 index 0000000..def0c2f --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_ns_svc.h @@ -0,0 +1,68 @@ +/* + * Copyright (c) 2017-2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include +#include "cmsis_compiler.h" + +#ifndef __TFM_NS_SVC_H__ +#define __TFM_NS_SVC_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Include all the SVC handler headers + */ +#include "tfm_nspm_svc_handler.h" + +/** + * \brief Macro to encode an svc instruction + * + */ +#define SVC(code) __ASM volatile("svc %0" : : "I" (code)) + +/** + * \def LIST_SVC_NSPM + * + * \brief This is an X macro which lists + * the SVC interface exposed by TF-M + * for the NS OS. + * + */ +#define LIST_SVC_NSPM \ + X(SVC_TFM_NSPM_REGISTER_CLIENT_ID, tfm_nspm_svc_register_client_id) \ + +/** + * \brief Numbers associated to each SVC available + * + * \details Start from 1 as 0 is reserved by RTX + */ +enum tfm_svc_num { + SVC_INVALID = 0, + +#define X(SVC_ENUM, SVC_HANDLER) SVC_ENUM, + + /* SVC API for Services */ +#ifdef TFM_NS_CLIENT_IDENTIFICATION + LIST_SVC_NSPM +#endif + +#undef X + + /* add all the new entries above this line */ + SVC_TFM_MAX, +}; + +/* number of user SVC functions */ +#define USER_SVC_COUNT ((uint32_t)SVC_TFM_MAX - 1) + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_NS_SVC_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_platform_api.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_platform_api.h new file mode 100644 index 0000000..8c9b0db --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_platform_api.h @@ -0,0 +1,98 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __TFM_PLATFORM_API__ +#define __TFM_PLATFORM_API__ + +#include +#include +#include +#include "tfm_api.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief TFM secure partition platform API version + */ +#define TFM_PLATFORM_API_VERSION_MAJOR (0) +#define TFM_PLATFORM_API_VERSION_MINOR (3) + +#define TFM_PLATFORM_API_ID_NV_READ (1010) +#define TFM_PLATFORM_API_ID_NV_INCREMENT (1011) + +/*! + * \enum tfm_platform_err_t + * + * \brief Platform service error types + * + */ +enum tfm_platform_err_t { + TFM_PLATFORM_ERR_SUCCESS = 0, + TFM_PLATFORM_ERR_SYSTEM_ERROR, + TFM_PLATFORM_ERR_INVALID_PARAM, + TFM_PLATFORM_ERR_NOT_SUPPORTED, + + /* Following entry is only to ensure the error code of int size */ + TFM_PLATFORM_ERR_FORCE_INT_SIZE = INT_MAX +}; + +typedef int32_t tfm_platform_ioctl_req_t; + +/*! + * \brief Resets the system. + * + * \return Returns values as specified by the \ref tfm_platform_err_t + */ +enum tfm_platform_err_t tfm_platform_system_reset(void); + +/*! + * \brief Performs a platform-specific service + * + * \param[in] request Request identifier (valid values vary + * based on the platform) + * \param[in] input Input buffer to the requested service (or NULL) + * \param[in,out] output Output buffer to the requested service (or NULL) + * + * \return Returns values as specified by the \ref tfm_platform_err_t + */ +enum tfm_platform_err_t tfm_platform_ioctl(tfm_platform_ioctl_req_t request, + psa_invec *input, + psa_outvec *output); + +/*! + * \brief Increments the given non-volatile (NV) counter by one + * + * \param[in] counter_id NV counter ID. + * + * \return TFM_PLATFORM_ERR_SUCCESS if the value is read correctly. Otherwise, + * it returns TFM_PLATFORM_ERR_SYSTEM_ERROR. + */ +enum tfm_platform_err_t +tfm_platform_nv_counter_increment(uint32_t counter_id); + +/*! + * \brief Reads the given non-volatile (NV) counter + * + * \param[in] counter_id NV counter ID. + * \param[in] size Size of the buffer to store NV counter value + * in bytes. + * \param[out] val Pointer to store the current NV counter value. + * + * \return TFM_PLATFORM_ERR_SUCCESS if the value is read correctly. Otherwise, + * it returns TFM_PLATFORM_ERR_SYSTEM_ERROR. + */ +enum tfm_platform_err_t +tfm_platform_nv_counter_read(uint32_t counter_id, + uint32_t size, uint8_t *val); + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_PLATFORM_API__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_veneers.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_veneers.h new file mode 100644 index 0000000..c66006a --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/include/tfm_veneers.h @@ -0,0 +1,180 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/*********** WARNING: This is an auto-generated file. Do not edit! ***********/ + +#ifndef __TFM_VENEERS_H__ +#define __TFM_VENEERS_H__ + +#include "tfm_api.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#ifdef TFM_PARTITION_PROTECTED_STORAGE +/******** TFM_SP_PS ********/ +psa_status_t tfm_tfm_ps_set_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_ps_get_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_ps_get_info_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_ps_remove_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_ps_get_support_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_PROTECTED_STORAGE */ + +#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE +/******** TFM_SP_ITS ********/ +psa_status_t tfm_tfm_its_set_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_its_get_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_its_get_info_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_its_remove_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_INTERNAL_TRUSTED_STORAGE */ + +#ifdef TFM_PARTITION_AUDIT_LOG +/******** TFM_SP_AUDIT_LOG ********/ +psa_status_t tfm_audit_core_retrieve_record_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_audit_core_add_record_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_audit_core_get_info_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_audit_core_get_record_info_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_audit_core_delete_record_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_AUDIT_LOG */ + +#ifdef TFM_PARTITION_CRYPTO +/******** TFM_SP_CRYPTO ********/ +psa_status_t tfm_tfm_crypto_get_key_attributes_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_open_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_close_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_reset_key_attributes_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_import_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_destroy_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_export_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_export_public_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_copy_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_hash_compute_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_hash_compare_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_hash_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_hash_update_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_hash_finish_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_hash_verify_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_hash_abort_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_hash_clone_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_mac_compute_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_mac_verify_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_mac_sign_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_mac_verify_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_mac_update_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_mac_sign_finish_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_mac_verify_finish_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_mac_abort_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_cipher_encrypt_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_cipher_decrypt_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_cipher_encrypt_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_cipher_decrypt_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_cipher_generate_iv_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_cipher_set_iv_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_cipher_update_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_cipher_finish_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_cipher_abort_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_encrypt_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_decrypt_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_encrypt_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_decrypt_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_generate_nonce_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_set_nonce_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_set_lengths_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_update_ad_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_update_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_finish_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_verify_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_aead_abort_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_sign_hash_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_verify_hash_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_asymmetric_encrypt_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_asymmetric_decrypt_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_key_derivation_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_key_derivation_get_capacity_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_key_derivation_set_capacity_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_key_derivation_input_bytes_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_key_derivation_input_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_key_derivation_key_agreement_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_key_derivation_output_bytes_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_key_derivation_output_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_key_derivation_abort_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_raw_key_agreement_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_generate_random_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_tfm_crypto_generate_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_CRYPTO */ + +#ifdef TFM_PARTITION_PLATFORM +/******** TFM_SP_PLATFORM ********/ +psa_status_t tfm_platform_sp_system_reset_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_platform_sp_ioctl_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_platform_sp_nv_counter_read_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_platform_sp_nv_counter_increment_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_PLATFORM */ + +#ifdef TFM_PARTITION_INITIAL_ATTESTATION +/******** TFM_SP_INITIAL_ATTESTATION ********/ +psa_status_t tfm_initial_attest_get_token_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_initial_attest_get_token_size_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_initial_attest_get_public_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_INITIAL_ATTESTATION */ + +#ifdef TFM_PARTITION_TEST_CORE +/******** TFM_SP_CORE_TEST ********/ +psa_status_t tfm_spm_core_test_sfn_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_spm_core_test_sfn_init_success_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_spm_core_test_sfn_direct_recursion_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_TEST_CORE */ + +#ifdef TFM_PARTITION_TEST_CORE +/******** TFM_SP_CORE_TEST_2 ********/ +psa_status_t tfm_spm_core_test_2_slave_service_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_spm_core_test_2_sfn_invert_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_spm_core_test_2_check_caller_client_id_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_spm_core_test_2_get_every_second_byte_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_spm_core_test_2_prepare_test_scenario_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_spm_core_test_2_execute_test_scenario_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_TEST_CORE */ + +#ifdef TFM_PARTITION_TEST_SECURE_SERVICES +/******** TFM_SP_SECURE_TEST_PARTITION ********/ +psa_status_t tfm_tfm_secure_client_service_sfn_run_tests_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_TEST_SECURE_SERVICES */ + +#ifdef TFM_PARTITION_TEST_CORE_IPC +/******** TFM_SP_IPC_SERVICE_TEST ********/ +#endif /* TFM_PARTITION_TEST_CORE_IPC */ + +#ifdef TFM_PARTITION_TEST_CORE_IPC +/******** TFM_SP_IPC_CLIENT_TEST ********/ +#endif /* TFM_PARTITION_TEST_CORE_IPC */ + +#ifdef TFM_ENABLE_IRQ_TEST +/******** TFM_IRQ_TEST_1 ********/ +psa_status_t tfm_spm_irq_test_1_prepare_test_scenario_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +psa_status_t tfm_spm_irq_test_1_execute_test_scenario_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_ENABLE_IRQ_TEST */ + +#ifdef TFM_PARTITION_TEST_PS +/******** TFM_SP_PS_TEST ********/ +psa_status_t tfm_tfm_ps_test_prepare_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_TEST_PS */ + +#ifdef TFM_PARTITION_TEST_SECURE_SERVICES +/******** TFM_SP_SECURE_CLIENT_2 ********/ +psa_status_t tfm_tfm_secure_client_2_call_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); +#endif /* TFM_PARTITION_TEST_SECURE_SERVICES */ + +#ifdef TFM_MULTI_CORE_TEST +/******** TFM_SP_MULTI_CORE_TEST ********/ +#endif /* TFM_MULTI_CORE_TEST */ + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_VENEERS_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/src/tfm_crypto_ipc_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/src/tfm_crypto_ipc_api.c new file mode 100644 index 0000000..70b3a0d --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/src/tfm_crypto_ipc_api.c @@ -0,0 +1,1875 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include "tfm_crypto_defs.h" +#include "psa/crypto.h" +#include "tfm_ns_interface.h" +#include "psa_manifest/sid.h" +#include "psa/client.h" + +#define ARRAY_SIZE(arr) (sizeof(arr)/sizeof(arr[0])) + +#define PSA_CONNECT(service) \ + psa_handle_t ipc_handle; \ + ipc_handle = psa_connect(service##_SID, service##_VERSION); \ + if (!PSA_HANDLE_IS_VALID(ipc_handle)) { \ + return PSA_ERROR_GENERIC_ERROR; \ + } \ + +#define PSA_CLOSE() psa_close(ipc_handle) + +#define API_DISPATCH(sfn_name, sfn_id) \ + psa_call(ipc_handle, PSA_IPC_CALL, \ + in_vec, ARRAY_SIZE(in_vec), \ + out_vec, ARRAY_SIZE(out_vec)) + +#define API_DISPATCH_NO_OUTVEC(sfn_name, sfn_id) \ + psa_call(ipc_handle, PSA_IPC_CALL, \ + in_vec, ARRAY_SIZE(in_vec), \ + (psa_outvec *)NULL, 0) + +psa_status_t psa_crypto_init(void) +{ + /* Service init is performed during TFM boot up, + * so application level initialisation is empty + */ + return PSA_SUCCESS; +} + +psa_status_t psa_open_key(psa_key_id_t id, + psa_key_handle_t *handle) +{ +#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + const struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_OPEN_KEY_SID, + }; + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = &id, .len = sizeof(psa_key_id_t)}, + }; + psa_outvec out_vec[] = { + {.base = handle, .len = sizeof(psa_key_handle_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_open_key, + TFM_CRYPTO_OPEN_KEY); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ +} + +psa_status_t psa_close_key(psa_key_handle_t handle) +{ +#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + const struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_CLOSE_KEY_SID, + .key_handle = handle, + }; + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH_NO_OUTVEC(tfm_crypto_close_key, + TFM_CRYPTO_CLOSE_KEY);; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ +} + +psa_status_t psa_import_key(const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + psa_key_handle_t *handle) +{ +#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_IMPORT_KEY_SID, + }; + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = attributes, .len = sizeof(psa_key_attributes_t)}, + {.base = data, .len = data_length} + }; + psa_outvec out_vec[] = { + {.base = handle, .len = sizeof(psa_key_handle_t)} + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_import_key, + TFM_CRYPTO_IMPORT_KEY); + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ +} + +psa_status_t psa_destroy_key(psa_key_handle_t handle) +{ +#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_DESTROY_KEY_SID, + .key_handle = handle, + }; + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH_NO_OUTVEC(tfm_crypto_destroy_key, + TFM_CRYPTO_DESTROY_KEY); + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ +} + +psa_status_t psa_get_key_attributes(psa_key_handle_t handle, + psa_key_attributes_t *attributes) +{ +#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_GET_KEY_ATTRIBUTES_SID, + .key_handle = handle, + }; + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = attributes, .len = sizeof(psa_key_attributes_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_get_key_attributes, + TFM_CRYPTO_GET_KEY_ATTRIBUTES); + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ +} + +void psa_reset_key_attributes(psa_key_attributes_t *attributes) +{ +#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED + return; +#else + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_RESET_KEY_ATTRIBUTES_SID, + }; + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = attributes, .len = sizeof(psa_key_attributes_t)}, + }; + + psa_handle_t ipc_handle; + ipc_handle = psa_connect(TFM_CRYPTO_SID, TFM_CRYPTO_VERSION); + if (!PSA_HANDLE_IS_VALID(ipc_handle)) { + return; + } + + (void)API_DISPATCH(tfm_crypto_reset_key_attributes, + TFM_CRYPTO_RESET_KEY_ATTRIBUTES); + PSA_CLOSE(); + + return; +#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ +} + +psa_status_t psa_export_key(psa_key_handle_t handle, + uint8_t *data, + size_t data_size, + size_t *data_length) +{ +#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_EXPORT_KEY_SID, + .key_handle = handle, + }; + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = data, .len = data_size} + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_export_key, + TFM_CRYPTO_EXPORT_KEY); + + *data_length = out_vec[0].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ +} + +psa_status_t psa_export_public_key(psa_key_handle_t handle, + uint8_t *data, + size_t data_size, + size_t *data_length) +{ +#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_EXPORT_PUBLIC_KEY_SID, + .key_handle = handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = data, .len = data_size} + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_export_public_key, + TFM_CRYPTO_EXPORT_PUBLIC_KEY); + + *data_length = out_vec[0].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ +} + +psa_status_t psa_copy_key(psa_key_handle_t source_handle, + const psa_key_attributes_t *attributes, + psa_key_handle_t *target_handle) +{ +#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_COPY_KEY_SID, + .key_handle = source_handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = attributes, .len = sizeof(psa_key_attributes_t)}, + + }; + + psa_outvec out_vec[] = { + {.base = target_handle, .len = sizeof(psa_key_handle_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_copy_key, + TFM_CRYPTO_COPY_KEY); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ +} + +psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, + unsigned char *iv, + size_t iv_size, + size_t *iv_length) +{ +#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_CIPHER_GENERATE_IV_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + {.base = iv, .len = iv_size}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_cipher_generate_iv, + TFM_CRYPTO_CIPHER_GENERATE_IV); + + *iv_length = out_vec[1].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ +} + +psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, + const unsigned char *iv, + size_t iv_length) +{ +#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_CIPHER_SET_IV_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = iv, .len = iv_length}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_cipher_set_iv, + TFM_CRYPTO_CIPHER_SET_IV); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ +} + +psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg) +{ +#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID, + .key_handle = handle, + .alg = alg, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_cipher_encrypt_setup, + TFM_CRYPTO_CIPHER_ENCRYPT_SETUP); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ +} + +psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg) +{ +#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID, + .key_handle = handle, + .alg = alg, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_cipher_decrypt_setup, + TFM_CRYPTO_CIPHER_DECRYPT_SETUP); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ +} + +psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, + const uint8_t *input, + size_t input_length, + unsigned char *output, + size_t output_size, + size_t *output_length) +{ +#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_CIPHER_UPDATE_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = input, .len = input_length}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + {.base = output, .len = output_size} + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_cipher_update, + TFM_CRYPTO_CIPHER_UPDATE); + + *output_length = out_vec[1].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ +} + +psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation) +{ +#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_CIPHER_ABORT_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_cipher_abort, + TFM_CRYPTO_CIPHER_ABORT); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ +} + +psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ +#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_CIPHER_FINISH_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + {.base = output, .len = output_size}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_cipher_finish, + TFM_CRYPTO_CIPHER_FINISH); + + *output_length = out_vec[1].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ +} + +psa_status_t psa_hash_setup(psa_hash_operation_t *operation, + psa_algorithm_t alg) +{ +#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_HASH_SETUP_SID, + .alg = alg, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_hash_setup, + TFM_CRYPTO_HASH_SETUP); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */ +} + +psa_status_t psa_hash_update(psa_hash_operation_t *operation, + const uint8_t *input, + size_t input_length) +{ +#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_HASH_UPDATE_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = input, .len = input_length}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_hash_update, + TFM_CRYPTO_HASH_UPDATE); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */ +} + +psa_status_t psa_hash_finish(psa_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length) +{ +#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_HASH_FINISH_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + {.base = hash, .len = hash_size}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_hash_finish, + TFM_CRYPTO_HASH_FINISH); + + *hash_length = out_vec[1].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */ +} + +psa_status_t psa_hash_verify(psa_hash_operation_t *operation, + const uint8_t *hash, + size_t hash_length) +{ +#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_HASH_VERIFY_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = hash, .len = hash_length}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_hash_verify, + TFM_CRYPTO_HASH_VERIFY); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */ +} + +psa_status_t psa_hash_abort(psa_hash_operation_t *operation) +{ +#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_HASH_ABORT_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_hash_abort, + TFM_CRYPTO_HASH_ABORT); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */ +} + +psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, + psa_hash_operation_t *target_operation) +{ +#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_HASH_CLONE_SID, + .op_handle = source_operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = target_operation, .len = sizeof(psa_hash_operation_t)}, + }; + + if (target_operation && (target_operation->handle != 0)) { + return PSA_ERROR_BAD_STATE; + } + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_hash_clone, + TFM_CRYPTO_HASH_CLONE); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */ +} + +psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg) +{ +#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_MAC_SIGN_SETUP_SID, + .key_handle = handle, + .alg = alg, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_mac_sign_setup, + TFM_CRYPTO_MAC_SIGN_SETUP); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */ +} + +psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg) +{ +#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_MAC_VERIFY_SETUP_SID, + .key_handle = handle, + .alg = alg, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_mac_verify_setup, + TFM_CRYPTO_MAC_VERIFY_SETUP); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */ +} + +psa_status_t psa_mac_update(psa_mac_operation_t *operation, + const uint8_t *input, + size_t input_length) +{ +#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_MAC_UPDATE_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = input, .len = input_length}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_mac_update, + TFM_CRYPTO_MAC_UPDATE); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */ +} + +psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, + uint8_t *mac, + size_t mac_size, + size_t *mac_length) +{ +#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_MAC_SIGN_FINISH_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + {.base = mac, .len = mac_size}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_mac_sign_finish, + TFM_CRYPTO_MAC_SIGN_FINISH); + + *mac_length = out_vec[1].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */ +} + +psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, + const uint8_t *mac, + size_t mac_length) +{ +#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_MAC_VERIFY_FINISH_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = mac, .len = mac_length}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_mac_verify_finish, + TFM_CRYPTO_MAC_VERIFY_FINISH); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */ +} + +psa_status_t psa_mac_abort(psa_mac_operation_t *operation) +{ +#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_MAC_ABORT_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_mac_abort, + TFM_CRYPTO_MAC_ABORT); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */ +} + +psa_status_t psa_aead_encrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *plaintext, + size_t plaintext_length, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length) +{ +#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_AEAD_ENCRYPT_SID, + .key_handle = handle, + .alg = alg, + .aead_in = {.nonce = {0}, .nonce_length = nonce_length} + }; + + /* Sanitize the optional input */ + if ((additional_data == NULL) && (additional_data_length != 0)) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + size_t idx = 0; + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = plaintext, .len = plaintext_length}, + {.base = additional_data, .len = additional_data_length}, + }; + psa_outvec out_vec[] = { + {.base = ciphertext, .len = ciphertext_size}, + }; + + if (nonce_length > TFM_CRYPTO_MAX_NONCE_LENGTH) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + if (nonce != NULL) { + for (idx = 0; idx < nonce_length; idx++) { + iov.aead_in.nonce[idx] = nonce[idx]; + } + } + + PSA_CONNECT(TFM_CRYPTO); + + size_t in_len = ARRAY_SIZE(in_vec); + if (additional_data == NULL) { + in_len--; + } + status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len, + out_vec, ARRAY_SIZE(out_vec)); + + *ciphertext_length = out_vec[0].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */ +} + +psa_status_t psa_aead_decrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *ciphertext, + size_t ciphertext_length, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length) +{ +#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_AEAD_DECRYPT_SID, + .key_handle = handle, + .alg = alg, + .aead_in = {.nonce = {0}, .nonce_length = nonce_length} + }; + + /* Sanitize the optional input */ + if ((additional_data == NULL) && (additional_data_length != 0)) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + size_t idx = 0; + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = ciphertext, .len = ciphertext_length}, + {.base = additional_data, .len = additional_data_length}, + }; + psa_outvec out_vec[] = { + {.base = plaintext, .len = plaintext_size}, + }; + + if (nonce_length > TFM_CRYPTO_MAX_NONCE_LENGTH) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + if (nonce != NULL) { + for (idx = 0; idx < nonce_length; idx++) { + iov.aead_in.nonce[idx] = nonce[idx]; + } + } + + PSA_CONNECT(TFM_CRYPTO); + + size_t in_len = ARRAY_SIZE(in_vec); + if (additional_data == NULL) { + in_len--; + } + status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len, + out_vec, ARRAY_SIZE(out_vec)); + + *plaintext_length = out_vec[0].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */ +} + +psa_status_t psa_asymmetric_sign(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length) +{ + return psa_sign_hash(handle, alg, hash, hash_length, signature, signature_size, signature_length); +} + +psa_status_t psa_sign_hash(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length) +{ +#ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_SIGN_HASH_SID, + .key_handle = handle, + .alg = alg, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = hash, .len = hash_length}, + }; + psa_outvec out_vec[] = { + {.base = signature, .len = signature_size}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_sign_hash, + TFM_CRYPTO_SIGN_HASH); + + *signature_length = out_vec[0].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */ +} + +psa_status_t psa_asymmetric_verify(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length) +{ + return psa_verify_hash(handle, alg, hash, hash_length, signature, signature_length); +} + +psa_status_t psa_verify_hash(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length) +{ +#ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_VERIFY_HASH_SID, + .key_handle = handle, + .alg = alg + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = hash, .len = hash_length}, + {.base = signature, .len = signature_length} + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH_NO_OUTVEC(tfm_crypto_verify_hash, + TFM_CRYPTO_VERIFY_HASH); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */ +} + +psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ +#ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_ASYMMETRIC_ENCRYPT_SID, + .key_handle = handle, + .alg = alg + }; + + /* Sanitize the optional input */ + if ((salt == NULL) && (salt_length != 0)) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = input, .len = input_length}, + {.base = salt, .len = salt_length} + }; + + psa_outvec out_vec[] = { + {.base = output, .len = output_size}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + size_t in_len = ARRAY_SIZE(in_vec); + if (salt == NULL) { + in_len--; + } + status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len, + out_vec, ARRAY_SIZE(out_vec)); + + *output_length = out_vec[0].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */ +} + +psa_status_t psa_asymmetric_decrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ +#ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_ASYMMETRIC_DECRYPT_SID, + .key_handle = handle, + .alg = alg + }; + + /* Sanitize the optional input */ + if ((salt == NULL) && (salt_length != 0)) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = input, .len = input_length}, + {.base = salt, .len = salt_length} + }; + + psa_outvec out_vec[] = { + {.base = output, .len = output_size}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + size_t in_len = ARRAY_SIZE(in_vec); + if (salt == NULL) { + in_len--; + } + status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len, + out_vec, ARRAY_SIZE(out_vec)); + + *output_length = out_vec[0].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */ +} + +psa_status_t psa_key_derivation_get_capacity( + const psa_key_derivation_operation_t *operation, + size_t *capacity) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + + psa_outvec out_vec[] = { + {.base = capacity, .len = sizeof(size_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_key_derivation_get_capacity, + TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_key_derivation_output_bytes( + psa_key_derivation_operation_t *operation, + uint8_t *output, + size_t output_length) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + + psa_outvec out_vec[] = { + {.base = output, .len = output_length}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_key_derivation_output_bytes, + TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_key_derivation_input_key( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + psa_key_handle_t handle) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY_SID, + .key_handle = handle, + .step = step, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH_NO_OUTVEC(tfm_crypto_key_derivation_input_key, + TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_key_derivation_abort( + psa_key_derivation_operation_t *operation) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_KEY_DERIVATION_ABORT_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_key_derivation_abort, + TFM_CRYPTO_KEY_DERIVATION_ABORT); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_key_derivation_key_agreement( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + psa_key_handle_t private_key, + const uint8_t *peer_key, + size_t peer_key_length) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT_SID, + .key_handle = private_key, + .step = step, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = peer_key, .len = peer_key_length}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH_NO_OUTVEC(tfm_crypto_key_derivation_key_agreement, + TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_generate_random(uint8_t *output, + size_t output_size) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_GENERATE_RANDOM_SID, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + + psa_outvec out_vec[] = { + {.base = output, .len = output_size}, + }; + + if (output_size == 0) { + return PSA_SUCCESS; + } + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_generate_random, + TFM_CRYPTO_GENERATE_RANDOM); + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, + psa_key_handle_t *handle) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_GENERATE_KEY_SID, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = attributes, .len = sizeof(psa_key_attributes_t)}, + }; + + psa_outvec out_vec[] = { + {.base = handle, .len = sizeof(psa_key_handle_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_generate_key, + TFM_CRYPTO_GENERATE_KEY); + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, + psa_key_type_t type, + const uint8_t *data, + size_t data_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_get_key_domain_parameters( + const psa_key_attributes_t *attributes, + uint8_t *data, + size_t data_size, + size_t *data_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_hash_compare(psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *hash, + const size_t hash_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, + const uint8_t *input, + size_t input_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_aead_finish(psa_aead_operation_t *operation, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length, + uint8_t *tag, + size_t tag_size, + size_t *tag_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_aead_verify(psa_aead_operation_t *operation, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length, + const uint8_t *tag, + size_t tag_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_aead_abort(psa_aead_operation_t *operation) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_mac_compute(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *mac, + size_t mac_size, + size_t *mac_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_mac_verify(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *mac, + const size_t mac_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_cipher_decrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, + psa_key_handle_t private_key, + const uint8_t *peer_key, + size_t peer_key_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_RAW_KEY_AGREEMENT_SID, + .alg = alg, + .key_handle = private_key + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = peer_key, .len = peer_key_length}, + }; + + psa_outvec out_vec[] = { + {.base = output, .len = output_size}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_raw_key_agreement, + TFM_CRYPTO_RAW_KEY_AGREEMENT); + + *output_length = out_vec[0].len; + + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation, + psa_algorithm_t alg) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_KEY_DERIVATION_SETUP_SID, + .alg = alg, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + psa_outvec out_vec[] = { + {.base = &(operation->handle), .len = sizeof(uint32_t)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_key_derivation_setup, + TFM_CRYPTO_KEY_DERIVATION_SETUP); + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_key_derivation_set_capacity( + psa_key_derivation_operation_t *operation, + size_t capacity) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY_SID, + .capacity = capacity, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH_NO_OUTVEC(tfm_crypto_key_derivation_set_capacity, + TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY); + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_key_derivation_input_bytes( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES_SID, + .step = step, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = data, .len = data_length}, + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH_NO_OUTVEC(tfm_crypto_key_derivation_input_bytes, + TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES); + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_key_derivation_output_key( + const psa_key_attributes_t *attributes, + psa_key_derivation_operation_t *operation, + psa_key_handle_t *handle) +{ +#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED + return PSA_ERROR_NOT_SUPPORTED; +#else + psa_status_t status; + struct tfm_crypto_pack_iovec iov = { + .sfn_id = TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY_SID, + .op_handle = operation->handle, + }; + + psa_invec in_vec[] = { + {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, + {.base = attributes, .len = sizeof(psa_key_attributes_t)}, + }; + + psa_outvec out_vec[] = { + {.base = handle, .len = sizeof(psa_key_handle_t)} + }; + + PSA_CONNECT(TFM_CRYPTO); + + status = API_DISPATCH(tfm_crypto_key_derivation_output_key, + TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY); + PSA_CLOSE(); + + return status; +#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ +} + +psa_status_t psa_hash_compute(psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *hash, + size_t hash_size, + size_t *hash_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, + uint8_t *nonce, + size_t nonce_size, + size_t *nonce_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, + const uint8_t *nonce, + size_t nonce_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, + size_t ad_length, + size_t plaintext_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} + +psa_status_t psa_aead_update(psa_aead_operation_t *operation, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + psa_status_t status; + + status = PSA_ERROR_NOT_SUPPORTED; + + return status; +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/src/tfm_initial_attestation_ipc_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/src/tfm_initial_attestation_ipc_api.c new file mode 100644 index 0000000..78f9dec --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/src/tfm_initial_attestation_ipc_api.c @@ -0,0 +1,105 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include "psa/initial_attestation.h" +#include "tfm_ns_interface.h" +#include "psa/client.h" +#include "psa/crypto_types.h" +#include "psa_manifest/sid.h" + +#define IOVEC_LEN(x) (sizeof(x)/sizeof(x[0])) + +psa_status_t +psa_initial_attest_get_token(const uint8_t *auth_challenge, + size_t challenge_size, + uint8_t *token_buf, + size_t token_buf_size, + size_t *token_size) +{ + psa_handle_t handle = PSA_NULL_HANDLE; + psa_status_t status; + + psa_invec in_vec[] = { + {auth_challenge, challenge_size} + }; + psa_outvec out_vec[] = { + {token_buf, token_buf_size} + }; + + handle = psa_connect(TFM_ATTEST_GET_TOKEN_SID, + TFM_ATTEST_GET_TOKEN_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_HANDLE_TO_ERROR(handle); + } + + status = psa_call(handle, PSA_IPC_CALL, + in_vec, IOVEC_LEN(in_vec), + out_vec, IOVEC_LEN(out_vec)); + psa_close(handle); + + if (status == PSA_SUCCESS) { + *token_size = out_vec[0].len; + } + + return status; +} + +psa_status_t +psa_initial_attest_get_token_size(size_t challenge_size, + size_t *token_size) +{ + psa_handle_t handle = PSA_NULL_HANDLE; + psa_status_t status; + psa_invec in_vec[] = { + {&challenge_size, sizeof(challenge_size)} + }; + psa_outvec out_vec[] = { + {token_size, sizeof(size_t)} + }; + + handle = psa_connect(TFM_ATTEST_GET_TOKEN_SIZE_SID, + TFM_ATTEST_GET_TOKEN_SIZE_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_HANDLE_TO_ERROR(handle); + } + + status = psa_call(handle, PSA_IPC_CALL, + in_vec, IOVEC_LEN(in_vec), + out_vec, IOVEC_LEN(out_vec)); + psa_close(handle); + + return status; +} + +psa_status_t +tfm_initial_attest_get_public_key(uint8_t *public_key, + size_t public_key_buf_size, + size_t *public_key_len, + psa_ecc_curve_t *elliptic_curve_type) +{ + psa_handle_t handle = PSA_NULL_HANDLE; + psa_status_t status; + + psa_outvec out_vec[] = { + {.base = public_key, .len = public_key_buf_size}, + {.base = elliptic_curve_type, .len = sizeof(*elliptic_curve_type)}, + {.base = public_key_len, .len = sizeof(*public_key_len)} + }; + + handle = psa_connect(TFM_ATTEST_GET_PUBLIC_KEY_SID, + TFM_ATTEST_GET_PUBLIC_KEY_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_HANDLE_TO_ERROR(handle); + } + + status = psa_call(handle, PSA_IPC_CALL, + NULL, 0, + out_vec, IOVEC_LEN(out_vec)); + psa_close(handle); + + return status; +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/src/tfm_its_ipc_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/src/tfm_its_ipc_api.c new file mode 100644 index 0000000..9326f7b --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/src/tfm_its_ipc_api.c @@ -0,0 +1,137 @@ +/* + * Copyright (c) 2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include "psa/internal_trusted_storage.h" +#include "tfm_api.h" + +#include "psa/client.h" +#include "psa_manifest/sid.h" + +#define IOVEC_LEN(x) (sizeof(x)/sizeof(x[0])) + +psa_status_t psa_its_set(psa_storage_uid_t uid, + size_t data_length, + const void *p_data, + psa_storage_create_flags_t create_flags) +{ + psa_status_t status; + psa_handle_t handle; + + psa_invec in_vec[] = { + { .base = &uid, .len = sizeof(uid) }, + { .base = p_data, .len = data_length }, + { .base = &create_flags, .len = sizeof(create_flags) } + }; + + handle = psa_connect(TFM_ITS_SET_SID, TFM_ITS_SET_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_ERROR_GENERIC_ERROR; + } + + status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), NULL, 0); + + psa_close(handle); + + if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + return status; +} + +psa_status_t psa_its_get(psa_storage_uid_t uid, + size_t data_offset, + size_t data_size, + void *p_data, + size_t *p_data_length) +{ + psa_status_t status; + psa_handle_t handle; + + psa_invec in_vec[] = { + { .base = &uid, .len = sizeof(uid) }, + { .base = &data_offset, .len = sizeof(data_offset) } + }; + + psa_outvec out_vec[] = { + { .base = p_data, .len = data_size } + }; + + if (p_data_length == NULL) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + handle = psa_connect(TFM_ITS_GET_SID, TFM_ITS_GET_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_ERROR_GENERIC_ERROR; + } + + status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec, + IOVEC_LEN(out_vec)); + + psa_close(handle); + + if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + *p_data_length = out_vec[0].len; + + return status; +} + +psa_status_t psa_its_get_info(psa_storage_uid_t uid, + struct psa_storage_info_t *p_info) +{ + psa_status_t status; + psa_handle_t handle; + + psa_invec in_vec[] = { + { .base = &uid, .len = sizeof(uid) } + }; + + psa_outvec out_vec[] = { + { .base = p_info, .len = sizeof(*p_info) } + }; + + handle = psa_connect(TFM_ITS_GET_INFO_SID, TFM_ITS_GET_INFO_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_ERROR_GENERIC_ERROR; + } + + status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec, + IOVEC_LEN(out_vec)); + + psa_close(handle); + + if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + return status; +} + +psa_status_t psa_its_remove(psa_storage_uid_t uid) +{ + psa_status_t status; + psa_handle_t handle; + + psa_invec in_vec[] = { + { .base = &uid, .len = sizeof(uid) } + }; + + handle = psa_connect(TFM_ITS_REMOVE_SID, TFM_ITS_REMOVE_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_ERROR_GENERIC_ERROR; + } + + status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), NULL, 0); + + psa_close(handle); + + return status; +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/src/tfm_platform_ipc_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/src/tfm_platform_ipc_api.c new file mode 100644 index 0000000..0c1edf4 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/src/tfm_platform_ipc_api.c @@ -0,0 +1,78 @@ +/* + * Copyright (c) 2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include +#include "tfm_platform_api.h" +#include "psa_manifest/sid.h" + +enum tfm_platform_err_t tfm_platform_system_reset(void) +{ + psa_status_t status = PSA_ERROR_CONNECTION_REFUSED; + psa_handle_t handle = PSA_NULL_HANDLE; + + handle = psa_connect(TFM_SP_PLATFORM_SYSTEM_RESET_SID, + TFM_SP_PLATFORM_SYSTEM_RESET_VERSION); + if (handle <= 0) { + return TFM_PLATFORM_ERR_SYSTEM_ERROR; + } + + status = psa_call(handle, PSA_IPC_CALL, + NULL, 0, NULL, 0); + psa_close(handle); + + if (status < PSA_SUCCESS) { + return TFM_PLATFORM_ERR_SYSTEM_ERROR; + } else { + return (enum tfm_platform_err_t) status; + } + +} + +enum tfm_platform_err_t +tfm_platform_ioctl(tfm_platform_ioctl_req_t request, + psa_invec *input, psa_outvec *output) +{ + tfm_platform_ioctl_req_t req = request; + struct psa_invec in_vec[2] = { {0} }; + size_t inlen, outlen; + psa_status_t status = PSA_ERROR_CONNECTION_REFUSED; + psa_handle_t handle = PSA_NULL_HANDLE; + + in_vec[0].base = &req; + in_vec[0].len = sizeof(req); + if (input != NULL) { + in_vec[1].base = input->base; + in_vec[1].len = input->len; + inlen = 2; + } else { + inlen = 1; + } + + if (output != NULL) { + outlen = 1; + } else { + outlen = 0; + } + + handle = psa_connect(TFM_SP_PLATFORM_IOCTL_SID, + TFM_SP_PLATFORM_IOCTL_VERSION); + if (handle <= 0) { + return TFM_PLATFORM_ERR_SYSTEM_ERROR; + } + + status = psa_call(handle, PSA_IPC_CALL, + in_vec, inlen, + output, outlen); + psa_close(handle); + + if (status < PSA_SUCCESS) { + return TFM_PLATFORM_ERR_SYSTEM_ERROR; + } else { + return (enum tfm_platform_err_t) status; + } +} + diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/src/tfm_ps_ipc_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/src/tfm_ps_ipc_api.c new file mode 100644 index 0000000..7cc3a63 --- /dev/null +++ b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_1/src/tfm_ps_ipc_api.c @@ -0,0 +1,183 @@ +/* + * Copyright (c) 2017-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include "psa/protected_storage.h" + +#include "tfm_ns_interface.h" +#include "psa_manifest/sid.h" + +#define IOVEC_LEN(x) (uint32_t)(sizeof(x)/sizeof(x[0])) + +psa_status_t psa_ps_set(psa_storage_uid_t uid, + size_t data_length, + const void *p_data, + psa_storage_create_flags_t create_flags) +{ + psa_status_t status; + psa_handle_t handle; + + psa_invec in_vec[] = { + { .base = &uid, .len = sizeof(uid) }, + { .base = p_data, .len = data_length }, + { .base = &create_flags, .len = sizeof(create_flags) } + }; + + handle = psa_connect(TFM_PS_SET_SID, TFM_PS_SET_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_ERROR_GENERIC_ERROR; + } + + status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), + NULL, 0); + + psa_close(handle); + + /* A parameter with a buffer pointer pointer that has data length longer + * than maximum permitted is treated as a secure violation. + * TF-M framework rejects the request with TFM_ERROR_INVALID_PARAMETER. + */ + if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + return status; +} + +psa_status_t psa_ps_get(psa_storage_uid_t uid, + size_t data_offset, + size_t data_size, + void *p_data, + size_t *p_data_length) +{ + psa_status_t status; + psa_handle_t handle; + + psa_invec in_vec[] = { + { .base = &uid, .len = sizeof(uid) }, + { .base = &data_offset, .len = sizeof(data_offset) } + }; + + psa_outvec out_vec[] = { + { .base = p_data, .len = data_size } + }; + + if (p_data_length == NULL) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + handle = psa_connect(TFM_PS_GET_SID, TFM_PS_GET_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_ERROR_GENERIC_ERROR; + } + + status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec, + IOVEC_LEN(out_vec)); + + psa_close(handle); + + *p_data_length = out_vec[0].len; + + return status; +} + +psa_status_t psa_ps_get_info(psa_storage_uid_t uid, + struct psa_storage_info_t *p_info) +{ + psa_status_t status; + psa_handle_t handle; + + psa_invec in_vec[] = { + { .base = &uid, .len = sizeof(uid) } + }; + + psa_outvec out_vec[] = { + { .base = p_info, .len = sizeof(*p_info) } + }; + + handle = psa_connect(TFM_PS_GET_INFO_SID, TFM_PS_GET_INFO_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_ERROR_GENERIC_ERROR; + } + + status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec, + IOVEC_LEN(out_vec)); + + psa_close(handle); + + return status; +} + +psa_status_t psa_ps_remove(psa_storage_uid_t uid) +{ + psa_status_t status; + psa_handle_t handle; + + psa_invec in_vec[] = { + { .base = &uid, .len = sizeof(uid) } + }; + + + handle = psa_connect(TFM_PS_REMOVE_SID, TFM_PS_REMOVE_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return PSA_ERROR_GENERIC_ERROR; + } + + status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), + NULL, 0); + + psa_close(handle); + + return status; +} + +psa_status_t psa_ps_create(psa_storage_uid_t uid, size_t size, + psa_storage_create_flags_t create_flags) +{ + (void)uid; + (void)size; + (void)create_flags; + + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t psa_ps_set_extended(psa_storage_uid_t uid, size_t data_offset, + size_t data_length, const void *p_data) +{ + (void)uid; + (void)data_offset; + (void)data_length; + (void)p_data; + + return PSA_ERROR_NOT_SUPPORTED; +} + +uint32_t psa_ps_get_support(void) +{ + /* Initialise support_flags to a sensible default, to avoid returning an + * uninitialised value in case the secure function fails. + */ + uint32_t support_flags = 0; + psa_handle_t handle; + + psa_outvec out_vec[] = { + { .base = &support_flags, .len = sizeof(support_flags) } + }; + + /* The PSA API does not return an error, so any error from TF-M is + * ignored. + */ + handle = psa_connect(TFM_PS_GET_SUPPORT_SID, TFM_PS_GET_SUPPORT_VERSION); + if (!PSA_HANDLE_IS_VALID(handle)) { + return support_flags; + } + + (void)psa_call(handle, PSA_IPC_CALL, NULL, 0, out_vec, IOVEC_LEN(out_vec)); + + psa_close(handle); + + return support_flags; +} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V8M/src/cmsis_nvic_virtual.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V8M/src/cmsis_nvic_virtual.c deleted file mode 100644 index bee8597..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V8M/src/cmsis_nvic_virtual.c +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Copyright (c) 2019-2020 Arm Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "cmsis_nvic_virtual.h" -#include "tfm_platform_api.h" - -void NVIC_SystemReset(void) -{ - tfm_platform_system_reset(); -} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V8M/src/tfm_mbed_boot.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V8M/src/tfm_mbed_boot.c deleted file mode 100644 index 87bcbbb..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V8M/src/tfm_mbed_boot.c +++ /dev/null @@ -1,37 +0,0 @@ -/* mbed Microcontroller Library - * Copyright (c) 2020 ARM Limited - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "mbed_error.h" -#include "tfm_ns_interface.h" - -void mbed_tfm_init(void) -{ - /* - * In case of V8-M, we need to initialize NS interface - * after the RTOS has started to enable - * communication from Secure and Non-Secure cores. - */ - int32_t ret; - - ret = tfm_ns_interface_init(); - if (ret != TFM_SUCCESS) { - /* Avoid undefined behavior after NS interface initialization failed */ - MBED_ERROR(MBED_MAKE_ERROR(MBED_MODULE_PLATFORM, - MBED_ERROR_CODE_INITIALIZATION_FAILED), - "Failed to initialize NS interface"); - } -} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V8M/src/tfm_ns_interface.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V8M/src/tfm_ns_interface.c deleted file mode 100644 index 9759145..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V8M/src/tfm_ns_interface.c +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Copyright (c) 2017-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#include -#include - -#include "tfm_api.h" -#include "tfm_ns_interface.h" -#include "cmsis_os2.h" - -/** - * \brief the ns_lock ID - */ -static osMutexId_t ns_lock_handle = NULL; - -__attribute__((weak)) -int32_t tfm_ns_interface_dispatch(veneer_fn fn, - uint32_t arg0, uint32_t arg1, - uint32_t arg2, uint32_t arg3) -{ - int32_t result; - osStatus_t status; - - /* TFM request protected by NS lock */ - status = osMutexAcquire(ns_lock_handle, osWaitForever); - if (status != osOK) { - return (int32_t)TFM_ERROR_GENERIC; - } - - result = fn(arg0, arg1, arg2, arg3); - - status = osMutexRelease(ns_lock_handle); - if (status != osOK) { - return (int32_t)TFM_ERROR_GENERIC; - } - - return result; -} - -__attribute__((weak)) -enum tfm_status_e tfm_ns_interface_init(void) -{ - const osMutexAttr_t attr = { - .name = NULL, - .attr_bits = osMutexPrioInherit, /* Priority inheritance is recommended - * to enable if it is supported. - * For recursive mutex and the ability - * of auto release when owner being - * terminated is not required. - */ - .cb_mem = NULL, - .cb_size = 0U - }; - - ns_lock_handle = osMutexNew(&attr); - if (!ns_lock_handle) { - return TFM_ERROR_GENERIC; - } - - return TFM_SUCCESS; -} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V8M/src/tfm_psa_ns_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V8M/src/tfm_psa_ns_api.c deleted file mode 100644 index 9a677a2..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V8M/src/tfm_psa_ns_api.c +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include "psa/client.h" -#include "tfm_ns_interface.h" -#include "tfm_api.h" - -/**** API functions ****/ - -uint32_t psa_framework_version(void) -{ - return tfm_ns_interface_dispatch( - (veneer_fn)tfm_psa_framework_version_veneer, - 0, - 0, - 0, - 0); -} - -uint32_t psa_version(uint32_t sid) -{ - return tfm_ns_interface_dispatch( - (veneer_fn)tfm_psa_version_veneer, - sid, - 0, - 0, - 0); -} - -psa_handle_t psa_connect(uint32_t sid, uint32_t version) -{ - return tfm_ns_interface_dispatch( - (veneer_fn)tfm_psa_connect_veneer, - sid, - version, - 0, - 0); -} - -psa_status_t psa_call(psa_handle_t handle, int32_t type, - const psa_invec *in_vec, - size_t in_len, - psa_outvec *out_vec, - size_t out_len) -{ - /* FixMe: sanity check can be added to offload some NS thread checks from - * TFM secure API - */ - - /* Due to v8M restrictions, TF-M NS API needs to add another layer of - * serialization in order for NS to pass arguments to S - */ - const struct tfm_control_parameter_t ctrl_param = { - .type = type, - .in_len = in_len, - .out_len = out_len, - }; - - return tfm_ns_interface_dispatch( - (veneer_fn)tfm_psa_call_veneer, - (uint32_t)handle, - (uint32_t)&ctrl_param, - (uint32_t)in_vec, - (uint32_t)out_vec); -} - -void psa_close(psa_handle_t handle) -{ - (void)tfm_ns_interface_dispatch( - (veneer_fn)tfm_psa_close_veneer, - (uint32_t)handle, - 0, - 0, - 0); -} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/VERSION.txt b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/VERSION.txt deleted file mode 100644 index 54d3b42..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/VERSION.txt +++ /dev/null @@ -1 +0,0 @@ -a630d86e91a8 diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/cmsis_nvic_virtual.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/cmsis_nvic_virtual.h deleted file mode 100644 index a1a8b61..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/cmsis_nvic_virtual.h +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 2019 Arm Limited - * - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "cmsis.h" - -#ifndef NVIC_VIRTUAL_H -#define NVIC_VIRTUAL_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* NVIC functions */ -#define NVIC_SetPriorityGrouping __NVIC_SetPriorityGrouping -#define NVIC_GetPriorityGrouping __NVIC_GetPriorityGrouping -#define NVIC_EnableIRQ __NVIC_EnableIRQ -#define NVIC_GetEnableIRQ __NVIC_GetEnableIRQ -#define NVIC_DisableIRQ __NVIC_DisableIRQ -#define NVIC_GetPendingIRQ __NVIC_GetPendingIRQ -#define NVIC_SetPendingIRQ __NVIC_SetPendingIRQ -#define NVIC_ClearPendingIRQ __NVIC_ClearPendingIRQ -#define NVIC_GetActive __NVIC_GetActive -#define NVIC_SetPriority __NVIC_SetPriority -#define NVIC_GetPriority __NVIC_GetPriority - -/** - * \brief Overriding the default CMSIS system reset implementation by calling - * secure TFM service. - * - */ -void NVIC_SystemReset(void); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/ns_ipc_config.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/ns_ipc_config.h deleted file mode 100644 index e1cd7b7..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/ns_ipc_config.h +++ /dev/null @@ -1,22 +0,0 @@ -/* - * Copyright (c) 2019 Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef _IPC_CONFIG_H_ -#define _IPC_CONFIG_H_ - -#include "platform_multicore.h" - -#define IPC_RX_CHAN IPC_PSA_CLIENT_REPLY_CHAN -#define IPC_RX_INTR_STRUCT IPC_PSA_CLIENT_REPLY_INTR_STRUCT -#define IPC_RX_INT_MASK IPC_PSA_CLIENT_REPLY_INTR_MASK - -#define IPC_TX_CHAN IPC_PSA_CLIENT_CALL_CHAN -#define IPC_TX_NOTIFY_MASK IPC_PSA_CLIENT_CALL_NOTIFY_MASK - -#define PSA_CLIENT_REPLY_NVIC_IRQn IPC_PSA_CLIENT_REPLY_IPC_INTR -#define PSA_CLIENT_REPLY_IRQ_PRIORITY 3 - -#endif diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/platform_multicore.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/platform_multicore.h deleted file mode 100644 index f90fb1e..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/platform_multicore.h +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright (c) 2019, Arm Limited. All rights reserved. - * Copyright (c) 2019, Cypress Semiconductor Corporation. All rights reserved - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef _TFM_PLATFORM_MULTICORE_ -#define _TFM_PLATFORM_MULTICORE_ - -#include -#include "cy_device_headers.h" - -#define IPC_PSA_CLIENT_CALL_CHAN (8) -#define IPC_PSA_CLIENT_CALL_INTR_STRUCT (6) -#define IPC_PSA_CLIENT_CALL_INTR_MASK (1 << IPC_PSA_CLIENT_CALL_CHAN) -#define IPC_PSA_CLIENT_CALL_NOTIFY_MASK (1 << IPC_PSA_CLIENT_CALL_INTR_STRUCT) -#define IPC_PSA_CLIENT_CALL_IPC_INTR cpuss_interrupts_ipc_6_IRQn - -#define IPC_PSA_CLIENT_REPLY_CHAN (9) -#define IPC_PSA_CLIENT_REPLY_INTR_STRUCT (5) -#define IPC_PSA_CLIENT_REPLY_INTR_MASK (1 << IPC_PSA_CLIENT_REPLY_CHAN) -#define IPC_PSA_CLIENT_REPLY_NOTIFY_MASK (1 << IPC_PSA_CLIENT_REPLY_INTR_STRUCT) -#define IPC_PSA_CLIENT_REPLY_IPC_INTR cpuss_interrupts_ipc_5_IRQn - -#define IPC_RX_RELEASE_MASK (0) - -#define CY_IPC_NOTIFY_SHIFT (16) - -#define PSA_CLIENT_CALL_REQ_MAGIC (0xA5CF50C6) -#define PSA_CLIENT_CALL_REPLY_MAGIC (0xC605FC5A) - -#define NS_MAILBOX_INIT_ENABLE (0xAE) -#define S_MAILBOX_READY (0xC3) - -#define PLATFORM_MAILBOX_SUCCESS (0x0) -#define PLATFORM_MAILBOX_INVAL_PARAMS (INT32_MIN + 1) -#define PLATFORM_MAILBOX_TX_ERROR (INT32_MIN + 2) -#define PLATFORM_MAILBOX_RX_ERROR (INT32_MIN + 3) -#define PLATFORM_MAILBOX_INIT_ERROR (INT32_MIN + 4) - -/* Inter-Processor Communication (IPC) data channel for the Semaphores */ -#define PLATFORM_MAILBOX_IPC_CHAN_SEMA CY_IPC_CHAN_SEMA -#define MAILBOX_SEMAPHORE_NUM (16) - -#define IPC_SYNC_MAGIC 0x7DADE011 - -/** - * \brief Fetch a pointer from mailbox message - * - * \param[out] msg_ptr The address to write the pointer value to. - * - * \retval 0 The operation succeeds. - * \retval else The operation fails. - */ -int platform_mailbox_fetch_msg_ptr(void **msg_ptr); - -/** - * \brief Fetch a data value from mailbox message - * - * \param[out] data_ptr The address to write the pointer value to. - * - * \retval 0 The operation succeeds. - * \retval else The operation fails. - */ -int platform_mailbox_fetch_msg_data(uint32_t *data_ptr); - -/** - * \brief Send a pointer via mailbox message - * - * \param[in] msg_ptr The pointer value to be sent. - * - * \retval 0 The operation succeeds. - * \retval else The operation fails. - */ -int platform_mailbox_send_msg_ptr(const void *msg_ptr); - -/** - * \brief Send a data value via mailbox message - * - * \param[in] data The data value to be sent - * - * \retval 0 The operation succeeds. - * \retval else The operation fails. - */ -int platform_mailbox_send_msg_data(uint32_t data); - -/** - * \brief Wait for a mailbox notify event. - */ -void platform_mailbox_wait_for_notify(void); - -/** - * \brief IPC initialization - * - * \retval 0 The operation succeeds. - * \retval else The operation fails. - */ -int platform_ns_ipc_init(void); - -#endif diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/client.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/client.h deleted file mode 100644 index 4115f93..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/client.h +++ /dev/null @@ -1,175 +0,0 @@ -/* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __PSA_CLIENT_H__ -#define __PSA_CLIENT_H__ - -#include -#include - -#include "psa/error.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/*********************** PSA Client Macros and Types *************************/ - -/** - * The version of the PSA Framework API that is being used to build the calling - * firmware. - */ -#define PSA_FRAMEWORK_VERSION (0x0100u) - -/** - * Return value from psa_version() if the requested RoT Service is not present - * in the system. - */ -#define PSA_VERSION_NONE (0u) - -/** - * The zero-value null handle can be assigned to variables used in clients and - * RoT Services, indicating that there is no current connection or message. - */ -#define PSA_NULL_HANDLE ((psa_handle_t)0) - -/** - * Tests whether a handle value returned by psa_connect() is valid. - */ -#define PSA_HANDLE_IS_VALID(handle) ((psa_handle_t)(handle) > 0) - -/** - * Converts the handle value returned from a failed call psa_connect() into - * an error code. - */ -#define PSA_HANDLE_TO_ERROR(handle) ((psa_status_t)(handle)) - -/** - * Maximum number of input and output vectors for a request to psa_call(). - */ -#define PSA_MAX_IOVEC (4u) - -/** - * An IPC message type that indicates a generic client request. - */ -#define PSA_IPC_CALL (0) - -typedef int32_t psa_handle_t; - -/** - * A read-only input memory region provided to an RoT Service. - */ -typedef struct psa_invec { - const void *base; /*!< the start address of the memory buffer */ - size_t len; /*!< the size in bytes */ -} psa_invec; - -/** - * A writable output memory region provided to an RoT Service. - */ -typedef struct psa_outvec { - void *base; /*!< the start address of the memory buffer */ - size_t len; /*!< the size in bytes */ -} psa_outvec; - -/*************************** PSA Client API **********************************/ - -/** - * \brief Retrieve the version of the PSA Framework API that is implemented. - * - * \return version The version of the PSA Framework implementation - * that is providing the runtime services to the - * caller. The major and minor version are encoded - * as follows: - * \arg version[15:8] -- major version number. - * \arg version[7:0] -- minor version number. - */ -uint32_t psa_framework_version(void); - -/** - * \brief Retrieve the version of an RoT Service or indicate that it is not - * present on this system. - * - * \param[in] sid ID of the RoT Service to query. - * - * \retval PSA_VERSION_NONE The RoT Service is not implemented, or the - * caller is not permitted to access the service. - * \retval > 0 The version of the implemented RoT Service. - */ -uint32_t psa_version(uint32_t sid); - -/** - * \brief Connect to an RoT Service by its SID. - * - * \param[in] sid ID of the RoT Service to connect to. - * \param[in] version Requested version of the RoT Service. - * - * \retval > 0 A handle for the connection. - * \retval PSA_ERROR_CONNECTION_REFUSED The SPM or RoT Service has refused the - * connection. - * \retval PSA_ERROR_CONNECTION_BUSY The SPM or RoT Service cannot make the - * connection at the moment. - * \retval "PROGRAMMER ERROR" The call is a PROGRAMMER ERROR if one or more - * of the following are true: - * \arg The RoT Service ID is not present. - * \arg The RoT Service version is not supported. - * \arg The caller is not allowed to access the RoT - * service. - */ -psa_handle_t psa_connect(uint32_t sid, uint32_t version); - -/** - * \brief Call an RoT Service on an established connection. - * - * \param[in] handle A handle to an established connection. - * \param[in] type The reuqest type. - * Must be zero( \ref PSA_IPC_CALL) or positive. - * \param[in] in_vec Array of input \ref psa_invec structures. - * \param[in] in_len Number of input \ref psa_invec structures. - * \param[in/out] out_vec Array of output \ref psa_outvec structures. - * \param[in] out_len Number of output \ref psa_outvec structures. - * - * \retval >=0 RoT Service-specific status value. - * \retval <0 RoT Service-specific error code. - * \retval PSA_ERROR_PROGRAMMER_ERROR The connection has been terminated by the - * RoT Service. The call is a PROGRAMMER ERROR if - * one or more of the following are true: - * \arg An invalid handle was passed. - * \arg The connection is already handling a request. - * \arg type < 0. - * \arg An invalid memory reference was provided. - * \arg in_len + out_len > PSA_MAX_IOVEC. - * \arg The message is unrecognized by the RoT - * Service or incorrectly formatted. - */ -psa_status_t psa_call(psa_handle_t handle, int32_t type, - const psa_invec *in_vec, - size_t in_len, - psa_outvec *out_vec, - size_t out_len); - -/** - * \brief Close a connection to an RoT Service. - * - * \param[in] handle A handle to an established connection, or the - * null handle. - * - * \retval void Success. - * \retval "PROGRAMMER ERROR" The call is a PROGRAMMER ERROR if one or more - * of the following are true: - * \arg An invalid handle was provided that is not - * the null handle. - * \arg The connection is currently handling a - * request. - */ -void psa_close(psa_handle_t handle); - -#ifdef __cplusplus -} -#endif - -#endif /* __PSA_CLIENT_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto.h deleted file mode 100644 index 1459195..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto.h +++ /dev/null @@ -1,3774 +0,0 @@ -/* - * Copyright (c) 2018-2020, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -/** - * \file psa/crypto.h - * \brief Platform Security Architecture cryptography module - */ - -#ifndef PSA_CRYPTO_H -#define PSA_CRYPTO_H - -#include - -#ifdef __DOXYGEN_ONLY__ -/* This __DOXYGEN_ONLY__ block contains mock definitions for things that - * must be defined in the crypto_platform.h header. These mock definitions - * are present in this file as a convenience to generate pretty-printed - * documentation that includes those definitions. */ - -/** \defgroup platform Implementation-specific definitions - * @{ - */ - -/** \brief Key handle. - * - * This type represents open handles to keys. It must be an unsigned integral - * type. The choice of type is implementation-dependent. - * - * 0 is not a valid key handle. How other handle values are assigned is - * implementation-dependent. - */ -typedef _unsigned_integral_type_ psa_key_handle_t; - -/**@}*/ -#endif /* __DOXYGEN_ONLY__ */ - -#ifdef __cplusplus -extern "C" { -#endif - -/* The file "crypto_types.h" declares types that encode errors, - * algorithms, key types, policies, etc. */ -#include "psa/crypto_types.h" - -/** \defgroup version API version - * @{ - */ - -/** - * The major version of this implementation of the PSA Crypto API - */ -#define PSA_CRYPTO_API_VERSION_MAJOR 1 - -/** - * The minor version of this implementation of the PSA Crypto API - */ -#define PSA_CRYPTO_API_VERSION_MINOR 0 - -/**@}*/ - -/* The file "crypto_values.h" declares macros to build and analyze values - * of integral types defined in "crypto_types.h". */ -#include "psa/crypto_values.h" - -/** \defgroup initialization Library initialization - * @{ - */ - -/** - * \brief Library initialization. - * - * Applications must call this function before calling any other - * function in this module. - * - * Applications may call this function more than once. Once a call - * succeeds, subsequent calls are guaranteed to succeed. - * - * If the application calls other functions before calling psa_crypto_init(), - * the behavior is undefined. Implementations are encouraged to either perform - * the operation as if the library had been initialized or to return - * #PSA_ERROR_BAD_STATE or some other applicable error. In particular, - * implementations should not return a success status if the lack of - * initialization may have security implications, for example due to improper - * seeding of the random number generator. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY - */ -psa_status_t psa_crypto_init(void); - -/**@}*/ - -/** \addtogroup attributes - * @{ - */ - -/** \def PSA_KEY_ATTRIBUTES_INIT - * - * This macro returns a suitable initializer for a key attribute structure - * of type #psa_key_attributes_t. - */ -#ifdef __DOXYGEN_ONLY__ -/* This is an example definition for documentation purposes. - * Implementations should define a suitable value in `crypto_struct.h`. - */ -#define PSA_KEY_ATTRIBUTES_INIT {0} -#endif - -/** Return an initial value for a key attributes structure. - */ -static psa_key_attributes_t psa_key_attributes_init(void); - -/** Declare a key as persistent and set its key identifier. - * - * If the attribute structure currently declares the key as volatile (which - * is the default content of an attribute structure), this function sets - * the lifetime attribute to #PSA_KEY_LIFETIME_PERSISTENT. - * - * This function does not access storage, it merely stores the given - * value in the structure. - * The persistent key will be written to storage when the attribute - * structure is passed to a key creation function such as - * psa_import_key(), psa_generate_key(), - * psa_key_derivation_output_key() or psa_copy_key(). - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate each of its arguments exactly once. - * - * \param[out] attributes The attribute structure to write to. - * \param id The persistent identifier for the key. - */ -static void psa_set_key_id(psa_key_attributes_t *attributes, - psa_key_id_t id); - -/** Set the location of a persistent key. - * - * To make a key persistent, you must give it a persistent key identifier - * with psa_set_key_id(). By default, a key that has a persistent identifier - * is stored in the default storage area identifier by - * #PSA_KEY_LIFETIME_PERSISTENT. Call this function to choose a storage - * area, or to explicitly declare the key as volatile. - * - * This function does not access storage, it merely stores the given - * value in the structure. - * The persistent key will be written to storage when the attribute - * structure is passed to a key creation function such as - * psa_import_key(), psa_generate_key(), - * psa_key_derivation_output_key() or psa_copy_key(). - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate each of its arguments exactly once. - * - * \param[out] attributes The attribute structure to write to. - * \param lifetime The lifetime for the key. - * If this is #PSA_KEY_LIFETIME_VOLATILE, the - * key will be volatile, and the key identifier - * attribute is reset to 0. - */ -static void psa_set_key_lifetime(psa_key_attributes_t *attributes, - psa_key_lifetime_t lifetime); - -/** Retrieve the key identifier from key attributes. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate its argument exactly once. - * - * \param[in] attributes The key attribute structure to query. - * - * \return The persistent identifier stored in the attribute structure. - * This value is unspecified if the attribute structure declares - * the key as volatile. - */ -static psa_key_id_t psa_get_key_id(const psa_key_attributes_t *attributes); - -/** Retrieve the lifetime from key attributes. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate its argument exactly once. - * - * \param[in] attributes The key attribute structure to query. - * - * \return The lifetime value stored in the attribute structure. - */ -static psa_key_lifetime_t psa_get_key_lifetime( - const psa_key_attributes_t *attributes); - -/** Declare usage flags for a key. - * - * Usage flags are part of a key's usage policy. They encode what - * kind of operations are permitted on the key. For more details, - * refer to the documentation of the type #psa_key_usage_t. - * - * This function overwrites any usage flags - * previously set in \p attributes. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate each of its arguments exactly once. - * - * \param[out] attributes The attribute structure to write to. - * \param usage_flags The usage flags to write. - */ -static void psa_set_key_usage_flags(psa_key_attributes_t *attributes, - psa_key_usage_t usage_flags); - -/** Retrieve the usage flags from key attributes. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate its argument exactly once. - * - * \param[in] attributes The key attribute structure to query. - * - * \return The usage flags stored in the attribute structure. - */ -static psa_key_usage_t psa_get_key_usage_flags( - const psa_key_attributes_t *attributes); - -/** Declare the permitted algorithm policy for a key. - * - * The permitted algorithm policy of a key encodes which algorithm or - * algorithms are permitted to be used with this key. The following - * algorithm policies are supported: - * - 0 does not allow any cryptographic operation with the key. The key - * may be used for non-cryptographic actions such as exporting (if - * permitted by the usage flags). - * - An algorithm value permits this particular algorithm. - * - An algorithm wildcard built from #PSA_ALG_ANY_HASH allows the specified - * signature scheme with any hash algorithm. - * - * This function overwrites any algorithm policy - * previously set in \p attributes. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate each of its arguments exactly once. - * - * \param[out] attributes The attribute structure to write to. - * \param alg The permitted algorithm policy to write. - */ -static void psa_set_key_algorithm(psa_key_attributes_t *attributes, - psa_algorithm_t alg); - - -/** Retrieve the algorithm policy from key attributes. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate its argument exactly once. - * - * \param[in] attributes The key attribute structure to query. - * - * \return The algorithm stored in the attribute structure. - */ -static psa_algorithm_t psa_get_key_algorithm( - const psa_key_attributes_t *attributes); - -/** Declare the type of a key. - * - * This function overwrites any key type - * previously set in \p attributes. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate each of its arguments exactly once. - * - * \param[out] attributes The attribute structure to write to. - * \param type The key type to write. - * If this is 0, the key type in \p attributes - * becomes unspecified. - */ -static void psa_set_key_type(psa_key_attributes_t *attributes, - psa_key_type_t type); - - -/** Declare the size of a key. - * - * This function overwrites any key size previously set in \p attributes. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate each of its arguments exactly once. - * - * \param[out] attributes The attribute structure to write to. - * \param bits The key size in bits. - * If this is 0, the key size in \p attributes - * becomes unspecified. Keys of size 0 are - * not supported. - */ -static void psa_set_key_bits(psa_key_attributes_t *attributes, - size_t bits); - -/** Retrieve the key type from key attributes. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate its argument exactly once. - * - * \param[in] attributes The key attribute structure to query. - * - * \return The key type stored in the attribute structure. - */ -static psa_key_type_t psa_get_key_type(const psa_key_attributes_t *attributes); - -/** Retrieve the key size from key attributes. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate its argument exactly once. - * - * \param[in] attributes The key attribute structure to query. - * - * \return The key size stored in the attribute structure, in bits. - */ -static size_t psa_get_key_bits(const psa_key_attributes_t *attributes); - -/** Retrieve the attributes of a key. - * - * This function first resets the attribute structure as with - * psa_reset_key_attributes(). It then copies the attributes of - * the given key into the given attribute structure. - * - * \note This function may allocate memory or other resources. - * Once you have called this function on an attribute structure, - * you must call psa_reset_key_attributes() to free these resources. - * - * \param[in] handle Handle to the key to query. - * \param[in,out] attributes On success, the attributes of the key. - * On failure, equivalent to a - * freshly-initialized structure. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_get_key_attributes(psa_key_handle_t handle, - psa_key_attributes_t *attributes); - -/** Reset a key attribute structure to a freshly initialized state. - * - * You must initialize the attribute structure as described in the - * documentation of the type #psa_key_attributes_t before calling this - * function. Once the structure has been initialized, you may call this - * function at any time. - * - * This function frees any auxiliary resources that the structure - * may contain. - * - * \param[in,out] attributes The attribute structure to reset. - */ -void psa_reset_key_attributes(psa_key_attributes_t *attributes); - -/**@}*/ - -/** \defgroup key_management Key management - * @{ - */ - -/** Open a handle to an existing persistent key. - * - * Open a handle to a persistent key. A key is persistent if it was created - * with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE. A persistent key - * always has a nonzero key identifier, set with psa_set_key_id() when - * creating the key. Implementations may provide additional pre-provisioned - * keys that can be opened with psa_open_key(). Such keys have a key identifier - * in the vendor range, as documented in the description of #psa_key_id_t. - * - * The application must eventually close the handle with psa_close_key() or - * psa_destroy_key() to release associated resources. If the application dies - * without calling one of these functions, the implementation should perform - * the equivalent of a call to psa_close_key(). - * - * Some implementations permit an application to open the same key multiple - * times. If this is successful, each call to psa_open_key() will return a - * different key handle. - * - * \note Applications that rely on opening a key multiple times will not be - * portable to implementations that only permit a single key handle to be - * opened. See also :ref:\`key-handles\`. - * - * \param id The persistent identifier of the key. - * \param[out] handle On success, a handle to the key. - * - * \retval #PSA_SUCCESS - * Success. The application can now use the value of `*handle` - * to access the key. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * The implementation does not have sufficient resources to open the - * key. This can be due to reaching an implementation limit on the - * number of open keys, the number of open key handles, or available - * memory. - * \retval #PSA_ERROR_DOES_NOT_EXIST - * There is no persistent key with key identifier \p id. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p id is not a valid persistent key identifier. - * \retval #PSA_ERROR_NOT_PERMITTED - * The specified key exists, but the application does not have the - * permission to access it. Note that this specification does not - * define any way to create such a key, but it may be possible - * through implementation-specific means. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_open_key(psa_key_id_t id, - psa_key_handle_t *handle); - - -/** Close a key handle. - * - * If the handle designates a volatile key, this will destroy the key material - * and free all associated resources, just like psa_destroy_key(). - * - * If this is the last open handle to a persistent key, then closing the handle - * will free all resources associated with the key in volatile memory. The key - * data in persistent storage is not affected and can be opened again later - * with a call to psa_open_key(). - * - * Closing the key handle makes the handle invalid, and the key handle - * must not be used again by the application. - * - * \note If the key handle was used to set up an active - * :ref:\`multipart operation \`, then closing the - * key handle can cause the multipart operation to fail. Applications should - * maintain the key handle until after the multipart operation has finished. - * - * \param handle The key handle to close. - * If this is \c 0, do nothing and return \c PSA_SUCCESS. - * - * \retval #PSA_SUCCESS - * \p handle was a valid handle or \c 0. It is now closed. - * \retval #PSA_ERROR_INVALID_HANDLE - * \p handle is not a valid handle nor \c 0. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_close_key(psa_key_handle_t handle); - -/** Make a copy of a key. - * - * Copy key material from one location to another. - * - * This function is primarily useful to copy a key from one location - * to another, since it populates a key using the material from - * another key which may have a different lifetime. - * - * This function may be used to share a key with a different party, - * subject to implementation-defined restrictions on key sharing. - * - * The policy on the source key must have the usage flag - * #PSA_KEY_USAGE_COPY set. - * This flag is sufficient to permit the copy if the key has the lifetime - * #PSA_KEY_LIFETIME_VOLATILE or #PSA_KEY_LIFETIME_PERSISTENT. - * Some secure elements do not provide a way to copy a key without - * making it extractable from the secure element. If a key is located - * in such a secure element, then the key must have both usage flags - * #PSA_KEY_USAGE_COPY and #PSA_KEY_USAGE_EXPORT in order to make - * a copy of the key outside the secure element. - * - * The resulting key may only be used in a way that conforms to - * both the policy of the original key and the policy specified in - * the \p attributes parameter: - * - The usage flags on the resulting key are the bitwise-and of the - * usage flags on the source policy and the usage flags in \p attributes. - * - If both allow the same algorithm or wildcard-based - * algorithm policy, the resulting key has the same algorithm policy. - * - If either of the policies allows an algorithm and the other policy - * allows a wildcard-based algorithm policy that includes this algorithm, - * the resulting key allows the same algorithm. - * - If the policies do not allow any algorithm in common, this function - * fails with the status #PSA_ERROR_INVALID_ARGUMENT. - * - * The effect of this function on implementation-defined attributes is - * implementation-defined. - * - * \param source_handle The key to copy. It must be a valid key handle. - * \param[in] attributes The attributes for the new key. - * They are used as follows: - * - The key type and size may be 0. If either is - * nonzero, it must match the corresponding - * attribute of the source key. - * - The key location (the lifetime and, for - * persistent keys, the key identifier) is - * used directly. - * - The policy constraints (usage flags and - * algorithm policy) are combined from - * the source key and \p attributes so that - * both sets of restrictions apply, as - * described in the documentation of this function. - * \param[out] target_handle On success, a handle to the newly created key. - * \c 0 on failure. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \p source_handle is invalid. - * \retval #PSA_ERROR_ALREADY_EXISTS - * This is an attempt to create a persistent key, and there is - * already a persistent key with the given identifier. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The lifetime or identifier in \p attributes are invalid. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The policy constraints on the source and specified in - * \p attributes are incompatible. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p attributes specifies a key type or key size - * which does not match the attributes of the source key. - * \retval #PSA_ERROR_NOT_PERMITTED - * The source key does not have the #PSA_KEY_USAGE_COPY usage flag. - * \retval #PSA_ERROR_NOT_PERMITTED - * The source key is not exportable and its lifetime does not - * allow copying it to the target's lifetime. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_copy_key(psa_key_handle_t source_handle, - const psa_key_attributes_t *attributes, - psa_key_handle_t *target_handle); - - -/** - * \brief Destroy a key. - * - * This function destroys a key from both volatile - * memory and, if applicable, non-volatile storage. Implementations shall - * make a best effort to ensure that that the key material cannot be recovered. - * - * This function also erases any metadata such as policies and frees - * resources associated with the key. To free all resources associated with - * the key, all handles to the key must be closed or destroyed. - * - * Destroying the key makes the handle invalid, and the key handle - * must not be used again by the application. Using other open handles to the - * destroyed key in a cryptographic operation will result in an error. - * - * If a key is currently in use in a multipart operation, then destroying the - * key will cause the multipart operation to fail. - * - * \param handle Handle to the key to erase. - * If this is \c 0, do nothing and return \c PSA_SUCCESS. - * - * \retval #PSA_SUCCESS - * \p handle was a valid handle and the key material that it - * referred to has been erased. - * Alternatively, \p handle is \c 0. - * \retval #PSA_ERROR_NOT_PERMITTED - * The key cannot be erased because it is - * read-only, either due to a policy or due to physical restrictions. - * \retval #PSA_ERROR_INVALID_HANDLE - * \p handle is not a valid handle nor \c 0. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * There was an failure in communication with the cryptoprocessor. - * The key material may still be present in the cryptoprocessor. - * \retval #PSA_ERROR_STORAGE_FAILURE - * The storage is corrupted. Implementations shall make a best effort - * to erase key material even in this stage, however applications - * should be aware that it may be impossible to guarantee that the - * key material is not recoverable in such cases. - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * An unexpected condition which is not a storage corruption or - * a communication failure occurred. The cryptoprocessor may have - * been compromised. - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_destroy_key(psa_key_handle_t handle); - -/**@}*/ - -/** \defgroup import_export Key import and export - * @{ - */ - -/** - * \brief Import a key in binary format. - * - * This function supports any output from psa_export_key(). Refer to the - * documentation of psa_export_public_key() for the format of public keys - * and to the documentation of psa_export_key() for the format for - * other key types. - * - * The key data determines the key size. The attributes may optionally - * specify a key size; in this case it must match the size determined - * from the key data. A key size of 0 in \p attributes indicates that - * the key size is solely determined by the key data. - * - * Implementations must reject an attempt to import a key of size 0. - * - * This specification supports a single format for each key type. - * Implementations may support other formats as long as the standard - * format is supported. Implementations that support other formats - * should ensure that the formats are clearly unambiguous so as to - * minimize the risk that an invalid input is accidentally interpreted - * according to a different format. - * - * \param[in] attributes The attributes for the new key. - * The key size is always determined from the - * \p data buffer. - * If the key size in \p attributes is nonzero, - * it must be equal to the size from \p data. - * \param[out] handle On success, a handle to the newly created key. - * \c 0 on failure. - * \param[in] data Buffer containing the key data. The content of this - * buffer is interpreted according to the type declared - * in \p attributes. - * All implementations must support at least the format - * described in the documentation - * of psa_export_key() or psa_export_public_key() for - * the chosen type. Implementations may allow other - * formats, but should be conservative: implementations - * should err on the side of rejecting content if it - * may be erroneous (e.g. wrong type or truncated data). - * \param data_length Size of the \p data buffer in bytes. - * - * \retval #PSA_SUCCESS - * Success. - * If the key is persistent, the key material and the key's metadata - * have been saved to persistent storage. - * \retval #PSA_ERROR_ALREADY_EXISTS - * This is an attempt to create a persistent key, and there is - * already a persistent key with the given identifier. - * \retval #PSA_ERROR_NOT_SUPPORTED - * The key type or key size is not supported, either by the - * implementation in general or in this particular persistent location. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The key attributes, as a whole, are invalid. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The key data is not correctly formatted. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The size in \p attributes is nonzero and does not match the size - * of the key data. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_import_key(const psa_key_attributes_t *attributes, - const uint8_t *data, - size_t data_length, - psa_key_handle_t *handle); - - - -/** - * \brief Export a key in binary format. - * - * The output of this function can be passed to psa_import_key() to - * create an equivalent object. - * - * If the implementation of psa_import_key() supports other formats - * beyond the format specified here, the output from psa_export_key() - * must use the representation specified here, not the original - * representation. - * - * For standard key types, the output format is as follows: - * - * - For symmetric keys (including MAC keys), the format is the - * raw bytes of the key. - * - For DES, the key data consists of 8 bytes. The parity bits must be - * correct. - * - For Triple-DES, the format is the concatenation of the - * two or three DES keys. - * - For RSA key pairs (#PSA_KEY_TYPE_RSA_KEY_PAIR), the format - * is the non-encrypted DER encoding of the representation defined by - * PKCS\#1 (RFC 8017) as `RSAPrivateKey`, version 0. - * ``` - * RSAPrivateKey ::= SEQUENCE { - * version INTEGER, -- must be 0 - * modulus INTEGER, -- n - * publicExponent INTEGER, -- e - * privateExponent INTEGER, -- d - * prime1 INTEGER, -- p - * prime2 INTEGER, -- q - * exponent1 INTEGER, -- d mod (p-1) - * exponent2 INTEGER, -- d mod (q-1) - * coefficient INTEGER, -- (inverse of q) mod p - * } - * ``` - * - For elliptic curve key pairs (key types for which - * #PSA_KEY_TYPE_IS_ECC_KEY_PAIR is true), the format is - * a representation of the private value as a `ceiling(m/8)`-byte string - * where `m` is the bit size associated with the curve, i.e. the bit size - * of the order of the curve's coordinate field. This byte string is - * in little-endian order for Montgomery curves (curve types - * `PSA_ECC_CURVE_CURVEXXX`), and in big-endian order for Weierstrass - * curves (curve types `PSA_ECC_CURVE_SECTXXX`, `PSA_ECC_CURVE_SECPXXX` - * and `PSA_ECC_CURVE_BRAINPOOL_PXXX`). - * This is the content of the `privateKey` field of the `ECPrivateKey` - * format defined by RFC 5915. - * - For Diffie-Hellman key exchange key pairs (key types for which - * #PSA_KEY_TYPE_IS_DH_KEY_PAIR is true), the - * format is the representation of the private key `x` as a big-endian byte - * string. The length of the byte string is the private key size in bytes - * (leading zeroes are not stripped). - * - For public keys (key types for which #PSA_KEY_TYPE_IS_PUBLIC_KEY is - * true), the format is the same as for psa_export_public_key(). - * - * The policy on the key must have the usage flag #PSA_KEY_USAGE_EXPORT set. - * - * \param handle Handle to the key to export. - * \param[out] data Buffer where the key data is to be written. - * \param data_size Size of the \p data buffer in bytes. - * \param[out] data_length On success, the number of bytes - * that make up the key data. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * The key does not have the #PSA_KEY_USAGE_EXPORT flag. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p data buffer is too small. You can determine a - * sufficient buffer size by calling - * #PSA_KEY_EXPORT_MAX_SIZE(\c type, \c bits) - * where \c type is the key type - * and \c bits is the key size in bits. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_export_key(psa_key_handle_t handle, - uint8_t *data, - size_t data_size, - size_t *data_length); - -/** - * \brief Export a public key or the public part of a key pair in binary format. - * - * The output of this function can be passed to psa_import_key() to - * create an object that is equivalent to the public key. - * - * This specification supports a single format for each key type. - * Implementations may support other formats as long as the standard - * format is supported. Implementations that support other formats - * should ensure that the formats are clearly unambiguous so as to - * minimize the risk that an invalid input is accidentally interpreted - * according to a different format. - * - * For standard key types, the output format is as follows: - * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the DER encoding of - * the representation defined by RFC 3279 §2.3.1 as `RSAPublicKey`. - * ``` - * RSAPublicKey ::= SEQUENCE { - * modulus INTEGER, -- n - * publicExponent INTEGER } -- e - * ``` - * - For elliptic curve public keys (key types for which - * #PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY is true), the format is the uncompressed - * representation defined by SEC1 §2.3.3 as the content of an ECPoint. - * Let `m` be the bit size associated with the curve, i.e. the bit size of - * `q` for a curve over `F_q`. The representation consists of: - * - The byte 0x04; - * - `x_P` as a `ceiling(m/8)`-byte string, big-endian; - * - `y_P` as a `ceiling(m/8)`-byte string, big-endian. - * - For Diffie-Hellman key exchange public keys (key types for which - * #PSA_KEY_TYPE_IS_DH_PUBLIC_KEY is true), - * the format is the representation of the public key `y = g^x mod p` as a - * big-endian byte string. The length of the byte string is the length of the - * base prime `p` in bytes. - * - * Exporting a public key object or the public part of a key pair is - * always permitted, regardless of the key's usage flags. - * - * \param handle Handle to the key to export. - * \param[out] data Buffer where the key data is to be written. - * \param data_size Size of the \p data buffer in bytes. - * \param[out] data_length On success, the number of bytes - * that make up the key data. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The key is neither a public key nor a key pair. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p data buffer is too small. You can determine a - * sufficient buffer size by calling - * #PSA_KEY_EXPORT_MAX_SIZE(#PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(\c type), \c bits) - * where \c type is the key type - * and \c bits is the key size in bits. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_export_public_key(psa_key_handle_t handle, - uint8_t *data, - size_t data_size, - size_t *data_length); - - - -/**@}*/ - -/** \defgroup hash Message digests - * @{ - */ - -/** Calculate the hash (digest) of a message. - * - * \note To verify the hash of a message against an - * expected value, use psa_hash_compare() instead. - * - * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_HASH(\p alg) is true). - * \param[in] input Buffer containing the message to hash. - * \param input_length Size of the \p input buffer in bytes. - * \param[out] hash Buffer where the hash is to be written. - * \param hash_size Size of the \p hash buffer in bytes. - * \param[out] hash_length On success, the number of bytes - * that make up the hash value. This is always - * #PSA_HASH_SIZE(\p alg). - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p alg is not supported or is not a hash algorithm. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * \p hash_size is too small - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_hash_compute(psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *hash, - size_t hash_size, - size_t *hash_length); - -/** Calculate the hash (digest) of a message and compare it with a - * reference value. - * - * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_HASH(\p alg) is true). - * \param[in] input Buffer containing the message to hash. - * \param input_length Size of the \p input buffer in bytes. - * \param[out] hash Buffer containing the expected hash value. - * \param hash_length Size of the \p hash buffer in bytes. - * - * \retval #PSA_SUCCESS - * The expected hash is identical to the actual hash of the input. - * \retval #PSA_ERROR_INVALID_SIGNATURE - * The hash of the message was calculated successfully, but it - * differs from the expected hash. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p alg is not supported or is not a hash algorithm. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p input_length or \p hash_length do not match the hash size for \p alg - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_hash_compare(psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *hash, - const size_t hash_length); - -/** The type of the state data structure for multipart hash operations. - * - * Before calling any function on a hash operation object, the application must - * initialize it by any of the following means: - * - Set the structure to all-bits-zero, for example: - * \code - * psa_hash_operation_t operation; - * memset(&operation, 0, sizeof(operation)); - * \endcode - * - Initialize the structure to logical zero values, for example: - * \code - * psa_hash_operation_t operation = {0}; - * \endcode - * - Initialize the structure to the initializer #PSA_HASH_OPERATION_INIT, - * for example: - * \code - * psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; - * \endcode - * - Assign the result of the function psa_hash_operation_init() - * to the structure, for example: - * \code - * psa_hash_operation_t operation; - * operation = psa_hash_operation_init(); - * \endcode - * - * This is an implementation-defined \c struct. Applications should not - * make any assumptions about the content of this structure except - * as directed by the documentation of a specific implementation. */ -typedef struct psa_hash_operation_s psa_hash_operation_t; - -/** \def PSA_HASH_OPERATION_INIT - * - * This macro returns a suitable initializer for a hash operation object - * of type #psa_hash_operation_t. - */ -#ifdef __DOXYGEN_ONLY__ -/* This is an example definition for documentation purposes. - * Implementations should define a suitable value in `crypto_struct.h`. - */ -#define PSA_HASH_OPERATION_INIT {0} -#endif - -/** Return an initial value for a hash operation object. - */ -static psa_hash_operation_t psa_hash_operation_init(void); - -/** Set up a multipart hash operation. - * - * The sequence of operations to calculate a hash (message digest) - * is as follows: - * -# Allocate an operation object which will be passed to all the functions - * listed here. - * -# Initialize the operation object with one of the methods described in the - * documentation for #psa_hash_operation_t, e.g. #PSA_HASH_OPERATION_INIT. - * -# Call psa_hash_setup() to specify the algorithm. - * -# Call psa_hash_update() zero, one or more times, passing a fragment - * of the message each time. The hash that is calculated is the hash - * of the concatenation of these messages in order. - * -# To calculate the hash, call psa_hash_finish(). - * To compare the hash with an expected value, call psa_hash_verify(). - * - * If an error occurs at any step after a call to psa_hash_setup(), the - * operation will need to be reset by a call to psa_hash_abort(). The - * application may call psa_hash_abort() at any time after the operation - * has been initialized. - * - * After a successful call to psa_hash_setup(), the application must - * eventually terminate the operation. The following events terminate an - * operation: - * - A successful call to psa_hash_finish() or psa_hash_verify(). - * - A call to psa_hash_abort(). - * - * \param[in,out] operation The operation object to set up. It must have - * been initialized as per the documentation for - * #psa_hash_operation_t and not yet in use. - * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_HASH(\p alg) is true). - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p alg is not a supported hash algorithm. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p alg is not a hash algorithm. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_hash_setup(psa_hash_operation_t *operation, - psa_algorithm_t alg); - -/** Add a message fragment to a multipart hash operation. - * - * The application must call psa_hash_setup() before calling this function. - * - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_hash_abort(). - * - * \param[in,out] operation Active hash operation. - * \param[in] input Buffer containing the message fragment to hash. - * \param input_length Size of the \p input buffer in bytes. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it muct be active). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_hash_update(psa_hash_operation_t *operation, - const uint8_t *input, - size_t input_length); - -/** Finish the calculation of the hash of a message. - * - * The application must call psa_hash_setup() before calling this function. - * This function calculates the hash of the message formed by concatenating - * the inputs passed to preceding calls to psa_hash_update(). - * - * When this function returns successfuly, the operation becomes inactive. - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_hash_abort(). - * - * \warning Applications should not call this function if they expect - * a specific value for the hash. Call psa_hash_verify() instead. - * Beware that comparing integrity or authenticity data such as - * hash values with a function such as \c memcmp is risky - * because the time taken by the comparison may leak information - * about the hashed data which could allow an attacker to guess - * a valid hash and thereby bypass security controls. - * - * \param[in,out] operation Active hash operation. - * \param[out] hash Buffer where the hash is to be written. - * \param hash_size Size of the \p hash buffer in bytes. - * \param[out] hash_length On success, the number of bytes - * that make up the hash value. This is always - * #PSA_HASH_SIZE(\c alg) where \c alg is the - * hash algorithm that is calculated. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active). - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p hash buffer is too small. You can determine a - * sufficient buffer size by calling #PSA_HASH_SIZE(\c alg) - * where \c alg is the hash algorithm that is calculated. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_hash_finish(psa_hash_operation_t *operation, - uint8_t *hash, - size_t hash_size, - size_t *hash_length); - -/** Finish the calculation of the hash of a message and compare it with - * an expected value. - * - * The application must call psa_hash_setup() before calling this function. - * This function calculates the hash of the message formed by concatenating - * the inputs passed to preceding calls to psa_hash_update(). It then - * compares the calculated hash with the expected hash passed as a - * parameter to this function. - * - * When this function returns successfuly, the operation becomes inactive. - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_hash_abort(). - * - * \note Implementations shall make the best effort to ensure that the - * comparison between the actual hash and the expected hash is performed - * in constant time. - * - * \param[in,out] operation Active hash operation. - * \param[in] hash Buffer containing the expected hash value. - * \param hash_length Size of the \p hash buffer in bytes. - * - * \retval #PSA_SUCCESS - * The expected hash is identical to the actual hash of the message. - * \retval #PSA_ERROR_INVALID_SIGNATURE - * The hash of the message was calculated successfully, but it - * differs from the expected hash. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_hash_verify(psa_hash_operation_t *operation, - const uint8_t *hash, - size_t hash_length); - -/** Abort a hash operation. - * - * Aborting an operation frees all associated resources except for the - * \p operation structure itself. Once aborted, the operation object - * can be reused for another operation by calling - * psa_hash_setup() again. - * - * You may call this function any time after the operation object has - * been initialized by one of the methods described in #psa_hash_operation_t. - * - * In particular, calling psa_hash_abort() after the operation has been - * terminated by a call to psa_hash_abort(), psa_hash_finish() or - * psa_hash_verify() is safe and has no effect. - * - * \param[in,out] operation Initialized hash operation. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_hash_abort(psa_hash_operation_t *operation); - -/** Clone a hash operation. - * - * This function copies the state of an ongoing hash operation to - * a new operation object. In other words, this function is equivalent - * to calling psa_hash_setup() on \p target_operation with the same - * algorithm that \p source_operation was set up for, then - * psa_hash_update() on \p target_operation with the same input that - * that was passed to \p source_operation. After this function returns, the - * two objects are independent, i.e. subsequent calls involving one of - * the objects do not affect the other object. - * - * \param[in] source_operation The active hash operation to clone. - * \param[in,out] target_operation The operation object to set up. - * It must be initialized but not active. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_BAD_STATE - * The \p source_operation state is not valid (it must be active). - * \retval #PSA_ERROR_BAD_STATE - * The \p target_operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, - psa_hash_operation_t *target_operation); - -/**@}*/ - -/** \defgroup MAC Message authentication codes - * @{ - */ - -/** Calculate the MAC (message authentication code) of a message. - * - * \note To verify the MAC of a message against an - * expected value, use psa_mac_verify() instead. - * Beware that comparing integrity or authenticity data such as - * MAC values with a function such as \c memcmp is risky - * because the time taken by the comparison may leak information - * about the MAC value which could allow an attacker to guess - * a valid MAC and thereby bypass security controls. - * - * \param handle Handle to the key to use for the operation. - * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_MAC(\p alg) is true). - * \param[in] input Buffer containing the input message. - * \param input_length Size of the \p input buffer in bytes. - * \param[out] mac Buffer where the MAC value is to be written. - * \param mac_size Size of the \p mac buffer in bytes. - * \param[out] mac_length On success, the number of bytes - * that make up the MAC value. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p alg is not supported or is not a MAC algorithm. - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * \p mac_size is too small - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * The key could not be retrieved from storage. - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_mac_compute(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length); - -/** Calculate the MAC of a message and compare it with a reference value. - * - * \param handle Handle to the key to use for the operation. - * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_MAC(\p alg) is true). - * \param[in] input Buffer containing the input message. - * \param input_length Size of the \p input buffer in bytes. - * \param[out] mac Buffer containing the expected MAC value. - * \param mac_length Size of the \p mac buffer in bytes. - * - * \retval #PSA_SUCCESS - * The expected MAC is identical to the actual MAC of the input. - * \retval #PSA_ERROR_INVALID_SIGNATURE - * The MAC of the message was calculated successfully, but it - * differs from the expected value. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p alg is not supported or is not a MAC algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * The key could not be retrieved from storage. - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_mac_verify(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *mac, - const size_t mac_length); - -/** The type of the state data structure for multipart MAC operations. - * - * Before calling any function on a MAC operation object, the application must - * initialize it by any of the following means: - * - Set the structure to all-bits-zero, for example: - * \code - * psa_mac_operation_t operation; - * memset(&operation, 0, sizeof(operation)); - * \endcode - * - Initialize the structure to logical zero values, for example: - * \code - * psa_mac_operation_t operation = {0}; - * \endcode - * - Initialize the structure to the initializer #PSA_MAC_OPERATION_INIT, - * for example: - * \code - * psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; - * \endcode - * - Assign the result of the function psa_mac_operation_init() - * to the structure, for example: - * \code - * psa_mac_operation_t operation; - * operation = psa_mac_operation_init(); - * \endcode - * - * This is an implementation-defined \c struct. Applications should not - * make any assumptions about the content of this structure except - * as directed by the documentation of a specific implementation. */ -typedef struct psa_mac_operation_s psa_mac_operation_t; - -/** \def PSA_MAC_OPERATION_INIT - * - * This macro returns a suitable initializer for a MAC operation object of type - * #psa_mac_operation_t. - */ -#ifdef __DOXYGEN_ONLY__ -/* This is an example definition for documentation purposes. - * Implementations should define a suitable value in `crypto_struct.h`. - */ -#define PSA_MAC_OPERATION_INIT {0} -#endif - -/** Return an initial value for a MAC operation object. - */ -static psa_mac_operation_t psa_mac_operation_init(void); - -/** Set up a multipart MAC calculation operation. - * - * This function sets up the calculation of the MAC - * (message authentication code) of a byte string. - * To verify the MAC of a message against an - * expected value, use psa_mac_verify_setup() instead. - * - * The sequence of operations to calculate a MAC is as follows: - * -# Allocate an operation object which will be passed to all the functions - * listed here. - * -# Initialize the operation object with one of the methods described in the - * documentation for #psa_mac_operation_t, e.g. #PSA_MAC_OPERATION_INIT. - * -# Call psa_mac_sign_setup() to specify the algorithm and key. - * -# Call psa_mac_update() zero, one or more times, passing a fragment - * of the message each time. The MAC that is calculated is the MAC - * of the concatenation of these messages in order. - * -# At the end of the message, call psa_mac_sign_finish() to finish - * calculating the MAC value and retrieve it. - * - * If an error occurs at any step after a call to psa_mac_sign_setup(), the - * operation will need to be reset by a call to psa_mac_abort(). The - * application may call psa_mac_abort() at any time after the operation - * has been initialized. - * - * After a successful call to psa_mac_sign_setup(), the application must - * eventually terminate the operation through one of the following methods: - * - A successful call to psa_mac_sign_finish(). - * - A call to psa_mac_abort(). - * - * \param[in,out] operation The operation object to set up. It must have - * been initialized as per the documentation for - * #psa_mac_operation_t and not yet in use. - * \param handle Handle to the key to use for the operation. - * It must remain valid until the operation - * terminates. - * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_MAC(\p alg) is true). - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p alg is not supported or is not a MAC algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * The key could not be retrieved from storage. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, - psa_key_handle_t handle, - psa_algorithm_t alg); - -/** Set up a multipart MAC verification operation. - * - * This function sets up the verification of the MAC - * (message authentication code) of a byte string against an expected value. - * - * The sequence of operations to verify a MAC is as follows: - * -# Allocate an operation object which will be passed to all the functions - * listed here. - * -# Initialize the operation object with one of the methods described in the - * documentation for #psa_mac_operation_t, e.g. #PSA_MAC_OPERATION_INIT. - * -# Call psa_mac_verify_setup() to specify the algorithm and key. - * -# Call psa_mac_update() zero, one or more times, passing a fragment - * of the message each time. The MAC that is calculated is the MAC - * of the concatenation of these messages in order. - * -# At the end of the message, call psa_mac_verify_finish() to finish - * calculating the actual MAC of the message and verify it against - * the expected value. - * - * If an error occurs at any step after a call to psa_mac_verify_setup(), the - * operation will need to be reset by a call to psa_mac_abort(). The - * application may call psa_mac_abort() at any time after the operation - * has been initialized. - * - * After a successful call to psa_mac_verify_setup(), the application must - * eventually terminate the operation through one of the following methods: - * - A successful call to psa_mac_verify_finish(). - * - A call to psa_mac_abort(). - * - * \param[in,out] operation The operation object to set up. It must have - * been initialized as per the documentation for - * #psa_mac_operation_t and not yet in use. - * \param handle Handle to the key to use for the operation. - * It must remain valid until the operation - * terminates. - * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_MAC(\p alg) is true). - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c key is not compatible with \c alg. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \c alg is not supported or is not a MAC algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * The key could not be retrieved from storage - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, - psa_key_handle_t handle, - psa_algorithm_t alg); - -/** Add a message fragment to a multipart MAC operation. - * - * The application must call psa_mac_sign_setup() or psa_mac_verify_setup() - * before calling this function. - * - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_mac_abort(). - * - * \param[in,out] operation Active MAC operation. - * \param[in] input Buffer containing the message fragment to add to - * the MAC calculation. - * \param input_length Size of the \p input buffer in bytes. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_mac_update(psa_mac_operation_t *operation, - const uint8_t *input, - size_t input_length); - -/** Finish the calculation of the MAC of a message. - * - * The application must call psa_mac_sign_setup() before calling this function. - * This function calculates the MAC of the message formed by concatenating - * the inputs passed to preceding calls to psa_mac_update(). - * - * When this function returns successfuly, the operation becomes inactive. - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_mac_abort(). - * - * \warning Applications should not call this function if they expect - * a specific value for the MAC. Call psa_mac_verify_finish() instead. - * Beware that comparing integrity or authenticity data such as - * MAC values with a function such as \c memcmp is risky - * because the time taken by the comparison may leak information - * about the MAC value which could allow an attacker to guess - * a valid MAC and thereby bypass security controls. - * - * \param[in,out] operation Active MAC operation. - * \param[out] mac Buffer where the MAC value is to be written. - * \param mac_size Size of the \p mac buffer in bytes. - * \param[out] mac_length On success, the number of bytes - * that make up the MAC value. This is always - * #PSA_MAC_FINAL_SIZE(\c key_type, \c key_bits, \c alg) - * where \c key_type and \c key_bits are the type and - * bit-size respectively of the key and \c alg is the - * MAC algorithm that is calculated. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be an active mac sign - * operation). - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p mac buffer is too small. You can determine a - * sufficient buffer size by calling PSA_MAC_FINAL_SIZE(). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length); - -/** Finish the calculation of the MAC of a message and compare it with - * an expected value. - * - * The application must call psa_mac_verify_setup() before calling this function. - * This function calculates the MAC of the message formed by concatenating - * the inputs passed to preceding calls to psa_mac_update(). It then - * compares the calculated MAC with the expected MAC passed as a - * parameter to this function. - * - * When this function returns successfuly, the operation becomes inactive. - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_mac_abort(). - * - * \note Implementations shall make the best effort to ensure that the - * comparison between the actual MAC and the expected MAC is performed - * in constant time. - * - * \param[in,out] operation Active MAC operation. - * \param[in] mac Buffer containing the expected MAC value. - * \param mac_length Size of the \p mac buffer in bytes. - * - * \retval #PSA_SUCCESS - * The expected MAC is identical to the actual MAC of the message. - * \retval #PSA_ERROR_INVALID_SIGNATURE - * The MAC of the message was calculated successfully, but it - * differs from the expected MAC. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be an active mac verify - * operation). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, - const uint8_t *mac, - size_t mac_length); - -/** Abort a MAC operation. - * - * Aborting an operation frees all associated resources except for the - * \p operation structure itself. Once aborted, the operation object - * can be reused for another operation by calling - * psa_mac_sign_setup() or psa_mac_verify_setup() again. - * - * You may call this function any time after the operation object has - * been initialized by one of the methods described in #psa_mac_operation_t. - * - * In particular, calling psa_mac_abort() after the operation has been - * terminated by a call to psa_mac_abort(), psa_mac_sign_finish() or - * psa_mac_verify_finish() is safe and has no effect. - * - * \param[in,out] operation Initialized MAC operation. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_mac_abort(psa_mac_operation_t *operation); - -/**@}*/ - -/** \defgroup cipher Symmetric ciphers - * @{ - */ - -/** Encrypt a message using a symmetric cipher. - * - * This function encrypts a message with a random IV (initialization - * vector). Use the multipart operation interface with a - * #psa_cipher_operation_t object to provide other forms of IV. - * - * \param handle Handle to the key to use for the operation. - * It must remain valid until the operation - * terminates. - * \param alg The cipher algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_CIPHER(\p alg) is true). - * \param[in] input Buffer containing the message to encrypt. - * \param input_length Size of the \p input buffer in bytes. - * \param[out] output Buffer where the output is to be written. - * The output contains the IV followed by - * the ciphertext proper. - * \param output_size Size of the \p output buffer in bytes. - * \param[out] output_length On success, the number of bytes - * that make up the output. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p alg is not supported or is not a cipher algorithm. - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length); - -/** Decrypt a message using a symmetric cipher. - * - * This function decrypts a message encrypted with a symmetric cipher. - * - * \param handle Handle to the key to use for the operation. - * It must remain valid until the operation - * terminates. - * \param alg The cipher algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_CIPHER(\p alg) is true). - * \param[in] input Buffer containing the message to decrypt. - * This consists of the IV followed by the - * ciphertext proper. - * \param input_length Size of the \p input buffer in bytes. - * \param[out] output Buffer where the plaintext is to be written. - * \param output_size Size of the \p output buffer in bytes. - * \param[out] output_length On success, the number of bytes - * that make up the output. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p alg is not supported or is not a cipher algorithm. - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_cipher_decrypt(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length); - -/** The type of the state data structure for multipart cipher operations. - * - * Before calling any function on a cipher operation object, the application - * must initialize it by any of the following means: - * - Set the structure to all-bits-zero, for example: - * \code - * psa_cipher_operation_t operation; - * memset(&operation, 0, sizeof(operation)); - * \endcode - * - Initialize the structure to logical zero values, for example: - * \code - * psa_cipher_operation_t operation = {0}; - * \endcode - * - Initialize the structure to the initializer #PSA_CIPHER_OPERATION_INIT, - * for example: - * \code - * psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - * \endcode - * - Assign the result of the function psa_cipher_operation_init() - * to the structure, for example: - * \code - * psa_cipher_operation_t operation; - * operation = psa_cipher_operation_init(); - * \endcode - * - * This is an implementation-defined \c struct. Applications should not - * make any assumptions about the content of this structure except - * as directed by the documentation of a specific implementation. */ -typedef struct psa_cipher_operation_s psa_cipher_operation_t; - -/** \def PSA_CIPHER_OPERATION_INIT - * - * This macro returns a suitable initializer for a cipher operation object of - * type #psa_cipher_operation_t. - */ -#ifdef __DOXYGEN_ONLY__ -/* This is an example definition for documentation purposes. - * Implementations should define a suitable value in `crypto_struct.h`. - */ -#define PSA_CIPHER_OPERATION_INIT {0} -#endif - -/** Return an initial value for a cipher operation object. - */ -static psa_cipher_operation_t psa_cipher_operation_init(void); - -/** Set the key for a multipart symmetric encryption operation. - * - * The sequence of operations to encrypt a message with a symmetric cipher - * is as follows: - * -# Allocate an operation object which will be passed to all the functions - * listed here. - * -# Initialize the operation object with one of the methods described in the - * documentation for #psa_cipher_operation_t, e.g. - * #PSA_CIPHER_OPERATION_INIT. - * -# Call psa_cipher_encrypt_setup() to specify the algorithm and key. - * -# Call either psa_cipher_generate_iv() or psa_cipher_set_iv() to - * generate or set the IV (initialization vector). You should use - * psa_cipher_generate_iv() unless the protocol you are implementing - * requires a specific IV value. - * -# Call psa_cipher_update() zero, one or more times, passing a fragment - * of the message each time. - * -# Call psa_cipher_finish(). - * - * If an error occurs at any step after a call to psa_cipher_encrypt_setup(), - * the operation will need to be reset by a call to psa_cipher_abort(). The - * application may call psa_cipher_abort() at any time after the operation - * has been initialized. - * - * After a successful call to psa_cipher_encrypt_setup(), the application must - * eventually terminate the operation. The following events terminate an - * operation: - * - A successful call to psa_cipher_finish(). - * - A call to psa_cipher_abort(). - * - * \param[in,out] operation The operation object to set up. It must have - * been initialized as per the documentation for - * #psa_cipher_operation_t and not yet in use. - * \param handle Handle to the key to use for the operation. - * It must remain valid until the operation - * terminates. - * \param alg The cipher algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_CIPHER(\p alg) is true). - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p alg is not supported or is not a cipher algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, - psa_key_handle_t handle, - psa_algorithm_t alg); - -/** Set the key for a multipart symmetric decryption operation. - * - * The sequence of operations to decrypt a message with a symmetric cipher - * is as follows: - * -# Allocate an operation object which will be passed to all the functions - * listed here. - * -# Initialize the operation object with one of the methods described in the - * documentation for #psa_cipher_operation_t, e.g. - * #PSA_CIPHER_OPERATION_INIT. - * -# Call psa_cipher_decrypt_setup() to specify the algorithm and key. - * -# Call psa_cipher_set_iv() with the IV (initialization vector) for the - * decryption. If the IV is prepended to the ciphertext, you can call - * psa_cipher_update() on a buffer containing the IV followed by the - * beginning of the message. - * -# Call psa_cipher_update() zero, one or more times, passing a fragment - * of the message each time. - * -# Call psa_cipher_finish(). - * - * If an error occurs at any step after a call to psa_cipher_decrypt_setup(), - * the operation will need to be reset by a call to psa_cipher_abort(). The - * application may call psa_cipher_abort() at any time after the operation - * has been initialized. - * - * After a successful call to psa_cipher_decrypt_setup(), the application must - * eventually terminate the operation. The following events terminate an - * operation: - * - A successful call to psa_cipher_finish(). - * - A call to psa_cipher_abort(). - * - * \param[in,out] operation The operation object to set up. It must have - * been initialized as per the documentation for - * #psa_cipher_operation_t and not yet in use. - * \param handle Handle to the key to use for the operation. - * It must remain valid until the operation - * terminates. - * \param alg The cipher algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_CIPHER(\p alg) is true). - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p alg is not supported or is not a cipher algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, - psa_key_handle_t handle, - psa_algorithm_t alg); - -/** Generate an IV for a symmetric encryption operation. - * - * This function generates a random IV (initialization vector), nonce - * or initial counter value for the encryption operation as appropriate - * for the chosen algorithm, key type and key size. - * - * The application must call psa_cipher_encrypt_setup() before - * calling this function. - * - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_cipher_abort(). - * - * \param[in,out] operation Active cipher operation. - * \param[out] iv Buffer where the generated IV is to be written. - * \param iv_size Size of the \p iv buffer in bytes. - * \param[out] iv_length On success, the number of bytes of the - * generated IV. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, with no IV set). - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p iv buffer is too small. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, - uint8_t *iv, - size_t iv_size, - size_t *iv_length); - -/** Set the IV for a symmetric encryption or decryption operation. - * - * This function sets the IV (initialization vector), nonce - * or initial counter value for the encryption or decryption operation. - * - * The application must call psa_cipher_encrypt_setup() before - * calling this function. - * - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_cipher_abort(). - * - * \note When encrypting, applications should use psa_cipher_generate_iv() - * instead of this function, unless implementing a protocol that requires - * a non-random IV. - * - * \param[in,out] operation Active cipher operation. - * \param[in] iv Buffer containing the IV to use. - * \param iv_length Size of the IV in bytes. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be an active cipher - * encrypt operation, with no IV set). - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The size of \p iv is not acceptable for the chosen algorithm, - * or the chosen algorithm does not use an IV. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, - const uint8_t *iv, - size_t iv_length); - -/** Encrypt or decrypt a message fragment in an active cipher operation. - * - * Before calling this function, you must: - * 1. Call either psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup(). - * The choice of setup function determines whether this function - * encrypts or decrypts its input. - * 2. If the algorithm requires an IV, call psa_cipher_generate_iv() - * (recommended when encrypting) or psa_cipher_set_iv(). - * - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_cipher_abort(). - * - * \param[in,out] operation Active cipher operation. - * \param[in] input Buffer containing the message fragment to - * encrypt or decrypt. - * \param input_length Size of the \p input buffer in bytes. - * \param[out] output Buffer where the output is to be written. - * \param output_size Size of the \p output buffer in bytes. - * \param[out] output_length On success, the number of bytes - * that make up the returned output. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, with an IV set - * if required for the algorithm). - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p output buffer is too small. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length); - -/** Finish encrypting or decrypting a message in a cipher operation. - * - * The application must call psa_cipher_encrypt_setup() or - * psa_cipher_decrypt_setup() before calling this function. The choice - * of setup function determines whether this function encrypts or - * decrypts its input. - * - * This function finishes the encryption or decryption of the message - * formed by concatenating the inputs passed to preceding calls to - * psa_cipher_update(). - * - * When this function returns successfuly, the operation becomes inactive. - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_cipher_abort(). - * - * \param[in,out] operation Active cipher operation. - * \param[out] output Buffer where the output is to be written. - * \param output_size Size of the \p output buffer in bytes. - * \param[out] output_length On success, the number of bytes - * that make up the returned output. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The total input size passed to this operation is not valid for - * this particular algorithm. For example, the algorithm is a based - * on block cipher and requires a whole number of blocks, but the - * total input size is not a multiple of the block size. - * \retval #PSA_ERROR_INVALID_PADDING - * This is a decryption operation for an algorithm that includes - * padding, and the ciphertext does not contain valid padding. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, with an IV set - * if required for the algorithm). - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p output buffer is too small. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, - uint8_t *output, - size_t output_size, - size_t *output_length); - -/** Abort a cipher operation. - * - * Aborting an operation frees all associated resources except for the - * \p operation structure itself. Once aborted, the operation object - * can be reused for another operation by calling - * psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup() again. - * - * You may call this function any time after the operation object has - * been initialized as described in #psa_cipher_operation_t. - * - * In particular, calling psa_cipher_abort() after the operation has been - * terminated by a call to psa_cipher_abort() or psa_cipher_finish() - * is safe and has no effect. - * - * \param[in,out] operation Initialized cipher operation. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); - -/**@}*/ - -/** \defgroup aead Authenticated encryption with associated data (AEAD) - * @{ - */ - -/** Process an authenticated encryption operation. - * - * \param handle Handle to the key to use for the operation. - * \param alg The AEAD algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * \param[in] nonce Nonce or IV to use. - * \param nonce_length Size of the \p nonce buffer in bytes. - * \param[in] additional_data Additional data that will be authenticated - * but not encrypted. - * \param additional_data_length Size of \p additional_data in bytes. - * \param[in] plaintext Data that will be authenticated and - * encrypted. - * \param plaintext_length Size of \p plaintext in bytes. - * \param[out] ciphertext Output buffer for the authenticated and - * encrypted data. The additional data is not - * part of this output. For algorithms where the - * encrypted data and the authentication tag - * are defined as separate outputs, the - * authentication tag is appended to the - * encrypted data. - * \param ciphertext_size Size of the \p ciphertext buffer in bytes. - * This must be at least - * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg, - * \p plaintext_length). - * \param[out] ciphertext_length On success, the size of the output - * in the \p ciphertext buffer. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p alg is not supported or is not an AEAD algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * \p ciphertext_size is too small - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_aead_encrypt(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *nonce, - size_t nonce_length, - const uint8_t *additional_data, - size_t additional_data_length, - const uint8_t *plaintext, - size_t plaintext_length, - uint8_t *ciphertext, - size_t ciphertext_size, - size_t *ciphertext_length); - -/** Process an authenticated decryption operation. - * - * \param handle Handle to the key to use for the operation. - * \param alg The AEAD algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * \param[in] nonce Nonce or IV to use. - * \param nonce_length Size of the \p nonce buffer in bytes. - * \param[in] additional_data Additional data that has been authenticated - * but not encrypted. - * \param additional_data_length Size of \p additional_data in bytes. - * \param[in] ciphertext Data that has been authenticated and - * encrypted. For algorithms where the - * encrypted data and the authentication tag - * are defined as separate inputs, the buffer - * must contain the encrypted data followed - * by the authentication tag. - * \param ciphertext_length Size of \p ciphertext in bytes. - * \param[out] plaintext Output buffer for the decrypted data. - * \param plaintext_size Size of the \p plaintext buffer in bytes. - * This must be at least - * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg, - * \p ciphertext_length). - * \param[out] plaintext_length On success, the size of the output - * in the \p plaintext buffer. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_INVALID_SIGNATURE - * The ciphertext is not authentic. - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p alg is not supported or is not an AEAD algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * \p plaintext_size or \p nonce_length is too small - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_aead_decrypt(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *nonce, - size_t nonce_length, - const uint8_t *additional_data, - size_t additional_data_length, - const uint8_t *ciphertext, - size_t ciphertext_length, - uint8_t *plaintext, - size_t plaintext_size, - size_t *plaintext_length); - -/** The type of the state data structure for multipart AEAD operations. - * - * Before calling any function on an AEAD operation object, the application - * must initialize it by any of the following means: - * - Set the structure to all-bits-zero, for example: - * \code - * psa_aead_operation_t operation; - * memset(&operation, 0, sizeof(operation)); - * \endcode - * - Initialize the structure to logical zero values, for example: - * \code - * psa_aead_operation_t operation = {0}; - * \endcode - * - Initialize the structure to the initializer #PSA_AEAD_OPERATION_INIT, - * for example: - * \code - * psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT; - * \endcode - * - Assign the result of the function psa_aead_operation_init() - * to the structure, for example: - * \code - * psa_aead_operation_t operation; - * operation = psa_aead_operation_init(); - * \endcode - * - * This is an implementation-defined \c struct. Applications should not - * make any assumptions about the content of this structure except - * as directed by the documentation of a specific implementation. */ -typedef struct psa_aead_operation_s psa_aead_operation_t; - -/** \def PSA_AEAD_OPERATION_INIT - * - * This macro returns a suitable initializer for an AEAD operation object of - * type #psa_aead_operation_t. - */ -#ifdef __DOXYGEN_ONLY__ -/* This is an example definition for documentation purposes. - * Implementations should define a suitable value in `crypto_struct.h`. - */ -#define PSA_AEAD_OPERATION_INIT {0} -#endif - -/** Return an initial value for an AEAD operation object. - */ -static psa_aead_operation_t psa_aead_operation_init(void); - -/** Set the key for a multipart authenticated encryption operation. - * - * The sequence of operations to encrypt a message with authentication - * is as follows: - * -# Allocate an operation object which will be passed to all the functions - * listed here. - * -# Initialize the operation object with one of the methods described in the - * documentation for #psa_aead_operation_t, e.g. - * #PSA_AEAD_OPERATION_INIT. - * -# Call psa_aead_encrypt_setup() to specify the algorithm and key. - * -# If needed, call psa_aead_set_lengths() to specify the length of the - * inputs to the subsequent calls to psa_aead_update_ad() and - * psa_aead_update(). See the documentation of psa_aead_set_lengths() - * for details. - * -# Call either psa_aead_generate_nonce() or psa_aead_set_nonce() to - * generate or set the nonce. You should use - * psa_aead_generate_nonce() unless the protocol you are implementing - * requires a specific nonce value. - * -# Call psa_aead_update_ad() zero, one or more times, passing a fragment - * of the non-encrypted additional authenticated data each time. - * -# Call psa_aead_update() zero, one or more times, passing a fragment - * of the message to encrypt each time. - * -# Call psa_aead_finish(). - * - * If an error occurs at any step after a call to psa_aead_encrypt_setup(), - * the operation will need to be reset by a call to psa_aead_abort(). The - * application may call psa_aead_abort() at any time after the operation - * has been initialized. - * - * After a successful call to psa_aead_encrypt_setup(), the application must - * eventually terminate the operation. The following events terminate an - * operation: - * - A successful call to psa_aead_finish(). - * - A call to psa_aead_abort(). - * - * \param[in,out] operation The operation object to set up. It must have - * been initialized as per the documentation for - * #psa_aead_operation_t and not yet in use. - * \param handle Handle to the key to use for the operation. - * It must remain valid until the operation - * terminates. - * \param alg The AEAD algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p alg is not supported or is not an AEAD algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, - psa_key_handle_t handle, - psa_algorithm_t alg); - -/** Set the key for a multipart authenticated decryption operation. - * - * The sequence of operations to decrypt a message with authentication - * is as follows: - * -# Allocate an operation object which will be passed to all the functions - * listed here. - * -# Initialize the operation object with one of the methods described in the - * documentation for #psa_aead_operation_t, e.g. - * #PSA_AEAD_OPERATION_INIT. - * -# Call psa_aead_decrypt_setup() to specify the algorithm and key. - * -# If needed, call psa_aead_set_lengths() to specify the length of the - * inputs to the subsequent calls to psa_aead_update_ad() and - * psa_aead_update(). See the documentation of psa_aead_set_lengths() - * for details. - * -# Call psa_aead_set_nonce() with the nonce for the decryption. - * -# Call psa_aead_update_ad() zero, one or more times, passing a fragment - * of the non-encrypted additional authenticated data each time. - * -# Call psa_aead_update() zero, one or more times, passing a fragment - * of the ciphertext to decrypt each time. - * -# Call psa_aead_verify(). - * - * If an error occurs at any step after a call to psa_aead_decrypt_setup(), - * the operation will need to be reset by a call to psa_aead_abort(). The - * application may call psa_aead_abort() at any time after the operation - * has been initialized. - * - * After a successful call to psa_aead_decrypt_setup(), the application must - * eventually terminate the operation. The following events terminate an - * operation: - * - A successful call to psa_aead_verify(). - * - A call to psa_aead_abort(). - * - * \param[in,out] operation The operation object to set up. It must have - * been initialized as per the documentation for - * #psa_aead_operation_t and not yet in use. - * \param handle Handle to the key to use for the operation. - * It must remain valid until the operation - * terminates. - * \param alg The AEAD algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p alg is not supported or is not an AEAD algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, - psa_key_handle_t handle, - psa_algorithm_t alg); - -/** Generate a random nonce for an authenticated encryption operation. - * - * This function generates a random nonce for the authenticated encryption - * operation with an appropriate size for the chosen algorithm, key type - * and key size. - * - * The application must call psa_aead_encrypt_setup() before - * calling this function. - * - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_aead_abort(). - * - * \param[in,out] operation Active AEAD operation. - * \param[out] nonce Buffer where the generated nonce is to be - * written. - * \param nonce_size Size of the \p nonce buffer in bytes. - * \param[out] nonce_length On success, the number of bytes of the - * generated nonce. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be an active aead encrypt - operation, with no nonce set). - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p nonce buffer is too small. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, - uint8_t *nonce, - size_t nonce_size, - size_t *nonce_length); - -/** Set the nonce for an authenticated encryption or decryption operation. - * - * This function sets the nonce for the authenticated - * encryption or decryption operation. - * - * The application must call psa_aead_encrypt_setup() or - * psa_aead_decrypt_setup() before calling this function. - * - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_aead_abort(). - * - * \note When encrypting, applications should use psa_aead_generate_nonce() - * instead of this function, unless implementing a protocol that requires - * a non-random IV. - * - * \param[in,out] operation Active AEAD operation. - * \param[in] nonce Buffer containing the nonce to use. - * \param nonce_length Size of the nonce in bytes. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, with no nonce - * set). - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The size of \p nonce is not acceptable for the chosen algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, - const uint8_t *nonce, - size_t nonce_length); - -/** Declare the lengths of the message and additional data for AEAD. - * - * The application must call this function before calling - * psa_aead_update_ad() or psa_aead_update() if the algorithm for - * the operation requires it. If the algorithm does not require it, - * calling this function is optional, but if this function is called - * then the implementation must enforce the lengths. - * - * You may call this function before or after setting the nonce with - * psa_aead_set_nonce() or psa_aead_generate_nonce(). - * - * - For #PSA_ALG_CCM, calling this function is required. - * - For the other AEAD algorithms defined in this specification, calling - * this function is not required. - * - For vendor-defined algorithm, refer to the vendor documentation. - * - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_aead_abort(). - * - * \param[in,out] operation Active AEAD operation. - * \param ad_length Size of the non-encrypted additional - * authenticated data in bytes. - * \param plaintext_length Size of the plaintext to encrypt in bytes. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, and - * psa_aead_update_ad() and psa_aead_update() must not have been - * called yet). - * \retval #PSA_ERROR_INVALID_ARGUMENT - * At least one of the lengths is not acceptable for the chosen - * algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, - size_t ad_length, - size_t plaintext_length); - -/** Pass additional data to an active AEAD operation. - * - * Additional data is authenticated, but not encrypted. - * - * You may call this function multiple times to pass successive fragments - * of the additional data. You may not call this function after passing - * data to encrypt or decrypt with psa_aead_update(). - * - * Before calling this function, you must: - * 1. Call either psa_aead_encrypt_setup() or psa_aead_decrypt_setup(). - * 2. Set the nonce with psa_aead_generate_nonce() or psa_aead_set_nonce(). - * - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_aead_abort(). - * - * \warning When decrypting, until psa_aead_verify() has returned #PSA_SUCCESS, - * there is no guarantee that the input is valid. Therefore, until - * you have called psa_aead_verify() and it has returned #PSA_SUCCESS, - * treat the input as untrusted and prepare to undo any action that - * depends on the input if psa_aead_verify() returns an error status. - * - * \param[in,out] operation Active AEAD operation. - * \param[in] input Buffer containing the fragment of - * additional data. - * \param input_length Size of the \p input buffer in bytes. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, have a nonce - * set, have lengths set if required by the algorithm, and - * psa_aead_update() must not have been called yet). - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The total input length overflows the additional data length that - * was previously specified with psa_aead_set_lengths(). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, - const uint8_t *input, - size_t input_length); - -/** Encrypt or decrypt a message fragment in an active AEAD operation. - * - * Before calling this function, you must: - * 1. Call either psa_aead_encrypt_setup() or psa_aead_decrypt_setup(). - * The choice of setup function determines whether this function - * encrypts or decrypts its input. - * 2. Set the nonce with psa_aead_generate_nonce() or psa_aead_set_nonce(). - * 3. Call psa_aead_update_ad() to pass all the additional data. - * - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_aead_abort(). - * - * \warning When decrypting, until psa_aead_verify() has returned #PSA_SUCCESS, - * there is no guarantee that the input is valid. Therefore, until - * you have called psa_aead_verify() and it has returned #PSA_SUCCESS: - * - Do not use the output in any way other than storing it in a - * confidential location. If you take any action that depends - * on the tentative decrypted data, this action will need to be - * undone if the input turns out not to be valid. Furthermore, - * if an adversary can observe that this action took place - * (for example through timing), they may be able to use this - * fact as an oracle to decrypt any message encrypted with the - * same key. - * - In particular, do not copy the output anywhere but to a - * memory or storage space that you have exclusive access to. - * - * This function does not require the input to be aligned to any - * particular block boundary. If the implementation can only process - * a whole block at a time, it must consume all the input provided, but - * it may delay the end of the corresponding output until a subsequent - * call to psa_aead_update(), psa_aead_finish() or psa_aead_verify() - * provides sufficient input. The amount of data that can be delayed - * in this way is bounded by #PSA_AEAD_UPDATE_OUTPUT_SIZE. - * - * \param[in,out] operation Active AEAD operation. - * \param[in] input Buffer containing the message fragment to - * encrypt or decrypt. - * \param input_length Size of the \p input buffer in bytes. - * \param[out] output Buffer where the output is to be written. - * \param output_size Size of the \p output buffer in bytes. - * This must be at least - * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c alg, - * \p input_length) where \c alg is the - * algorithm that is being calculated. - * \param[out] output_length On success, the number of bytes - * that make up the returned output. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, have a nonce - * set, and have lengths set if required by the algorithm). - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p output buffer is too small. - * You can determine a sufficient buffer size by calling - * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c alg, \p input_length) - * where \c alg is the algorithm that is being calculated. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The total length of input to psa_aead_update_ad() so far is - * less than the additional data length that was previously - * specified with psa_aead_set_lengths(). - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The total input length overflows the plaintext length that - * was previously specified with psa_aead_set_lengths(). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_aead_update(psa_aead_operation_t *operation, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length); - -/** Finish encrypting a message in an AEAD operation. - * - * The operation must have been set up with psa_aead_encrypt_setup(). - * - * This function finishes the authentication of the additional data - * formed by concatenating the inputs passed to preceding calls to - * psa_aead_update_ad() with the plaintext formed by concatenating the - * inputs passed to preceding calls to psa_aead_update(). - * - * This function has two output buffers: - * - \p ciphertext contains trailing ciphertext that was buffered from - * preceding calls to psa_aead_update(). - * - \p tag contains the authentication tag. Its length is always - * #PSA_AEAD_TAG_LENGTH(\c alg) where \c alg is the AEAD algorithm - * that the operation performs. - * - * When this function returns successfuly, the operation becomes inactive. - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_aead_abort(). - * - * \param[in,out] operation Active AEAD operation. - * \param[out] ciphertext Buffer where the last part of the ciphertext - * is to be written. - * \param ciphertext_size Size of the \p ciphertext buffer in bytes. - * This must be at least - * #PSA_AEAD_FINISH_OUTPUT_SIZE(\c alg) where - * \c alg is the algorithm that is being - * calculated. - * \param[out] ciphertext_length On success, the number of bytes of - * returned ciphertext. - * \param[out] tag Buffer where the authentication tag is - * to be written. - * \param tag_size Size of the \p tag buffer in bytes. - * This must be at least - * #PSA_AEAD_TAG_LENGTH(\c alg) where \c alg is - * the algorithm that is being calculated. - * \param[out] tag_length On success, the number of bytes - * that make up the returned tag. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be an active encryption - * operation with a nonce set). - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p ciphertext or \p tag buffer is too small. - * You can determine a sufficient buffer size for \p ciphertext by - * calling #PSA_AEAD_FINISH_OUTPUT_SIZE(\c alg) - * where \c alg is the algorithm that is being calculated. - * You can determine a sufficient buffer size for \p tag by - * calling #PSA_AEAD_TAG_LENGTH(\c alg). - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The total length of input to psa_aead_update_ad() so far is - * less than the additional data length that was previously - * specified with psa_aead_set_lengths(). - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The total length of input to psa_aead_update() so far is - * less than the plaintext length that was previously - * specified with psa_aead_set_lengths(). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_aead_finish(psa_aead_operation_t *operation, - uint8_t *ciphertext, - size_t ciphertext_size, - size_t *ciphertext_length, - uint8_t *tag, - size_t tag_size, - size_t *tag_length); - -/** Finish authenticating and decrypting a message in an AEAD operation. - * - * The operation must have been set up with psa_aead_decrypt_setup(). - * - * This function finishes the authenticated decryption of the message - * components: - * - * - The additional data consisting of the concatenation of the inputs - * passed to preceding calls to psa_aead_update_ad(). - * - The ciphertext consisting of the concatenation of the inputs passed to - * preceding calls to psa_aead_update(). - * - The tag passed to this function call. - * - * If the authentication tag is correct, this function outputs any remaining - * plaintext and reports success. If the authentication tag is not correct, - * this function returns #PSA_ERROR_INVALID_SIGNATURE. - * - * When this function returns successfuly, the operation becomes inactive. - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_aead_abort(). - * - * \note Implementations shall make the best effort to ensure that the - * comparison between the actual tag and the expected tag is performed - * in constant time. - * - * \param[in,out] operation Active AEAD operation. - * \param[out] plaintext Buffer where the last part of the plaintext - * is to be written. This is the remaining data - * from previous calls to psa_aead_update() - * that could not be processed until the end - * of the input. - * \param plaintext_size Size of the \p plaintext buffer in bytes. - * This must be at least - * #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c alg) where - * \c alg is the algorithm that is being - * calculated. - * \param[out] plaintext_length On success, the number of bytes of - * returned plaintext. - * \param[in] tag Buffer containing the authentication tag. - * \param tag_length Size of the \p tag buffer in bytes. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_SIGNATURE - * The calculations were successful, but the authentication tag is - * not correct. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be an active decryption - * operation with a nonce set). - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p plaintext buffer is too small. - * You can determine a sufficient buffer size for \p plaintext by - * calling #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c alg) - * where \c alg is the algorithm that is being calculated. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The total length of input to psa_aead_update_ad() so far is - * less than the additional data length that was previously - * specified with psa_aead_set_lengths(). - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The total length of input to psa_aead_update() so far is - * less than the plaintext length that was previously - * specified with psa_aead_set_lengths(). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_aead_verify(psa_aead_operation_t *operation, - uint8_t *plaintext, - size_t plaintext_size, - size_t *plaintext_length, - const uint8_t *tag, - size_t tag_length); - -/** Abort an AEAD operation. - * - * Aborting an operation frees all associated resources except for the - * \p operation structure itself. Once aborted, the operation object - * can be reused for another operation by calling - * psa_aead_encrypt_setup() or psa_aead_decrypt_setup() again. - * - * You may call this function any time after the operation object has - * been initialized as described in #psa_aead_operation_t. - * - * In particular, calling psa_aead_abort() after the operation has been - * terminated by a call to psa_aead_abort(), psa_aead_finish() or - * psa_aead_verify() is safe and has no effect. - * - * \param[in,out] operation Initialized AEAD operation. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_aead_abort(psa_aead_operation_t *operation); - -/**@}*/ - -/** \defgroup asymmetric Asymmetric cryptography - * @{ - */ - -/** - * \brief Sign a hash or short message with a private key. - * - * Note that to perform a hash-and-sign signature algorithm, you must - * first calculate the hash by calling psa_hash_setup(), psa_hash_update() - * and psa_hash_finish(). Then pass the resulting hash as the \p hash - * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) - * to determine the hash algorithm to use. - * - * \param handle Handle to the key to use for the operation. - * It must be an asymmetric key pair. - * \param alg A signature algorithm that is compatible with - * the type of \p handle. - * \param[in] hash The hash or message to sign. - * \param hash_length Size of the \p hash buffer in bytes. - * \param[out] signature Buffer where the signature is to be written. - * \param signature_size Size of the \p signature buffer in bytes. - * \param[out] signature_length On success, the number of bytes - * that make up the returned signature value. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p signature buffer is too small. You can - * determine a sufficient buffer size by calling - * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) - * where \c key_type and \c key_bits are the type and bit-size - * respectively of \p handle. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_sign_hash(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - uint8_t *signature, - size_t signature_size, - size_t *signature_length); - -/** - * \brief Verify the signature a hash or short message using a public key. - * - * Note that to perform a hash-and-sign signature algorithm, you must - * first calculate the hash by calling psa_hash_setup(), psa_hash_update() - * and psa_hash_finish(). Then pass the resulting hash as the \p hash - * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) - * to determine the hash algorithm to use. - * - * \param handle Handle to the key to use for the operation. - * It must be a public key or an asymmetric key pair. - * \param alg A signature algorithm that is compatible with - * the type of \p handle. - * \param[in] hash The hash or message whose signature is to be - * verified. - * \param hash_length Size of the \p hash buffer in bytes. - * \param[in] signature Buffer containing the signature to verify. - * \param signature_length Size of the \p signature buffer in bytes. - * - * \retval #PSA_SUCCESS - * The signature is valid. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_SIGNATURE - * The calculation was perfomed successfully, but the passed - * signature is not a valid signature. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_verify_hash(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - const uint8_t *signature, - size_t signature_length); - -/** - * \brief Encrypt a short message with a public key. - * - * \param handle Handle to the key to use for the operation. - * It must be a public key or an asymmetric - * key pair. - * \param alg An asymmetric encryption algorithm that is - * compatible with the type of \p handle. - * \param[in] input The message to encrypt. - * \param input_length Size of the \p input buffer in bytes. - * \param[in] salt A salt or label, if supported by the - * encryption algorithm. - * If the algorithm does not support a - * salt, pass \c NULL. - * If the algorithm supports an optional - * salt and you do not want to pass a salt, - * pass \c NULL. - * - * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is - * supported. - * \param salt_length Size of the \p salt buffer in bytes. - * If \p salt is \c NULL, pass 0. - * \param[out] output Buffer where the encrypted message is to - * be written. - * \param output_size Size of the \p output buffer in bytes. - * \param[out] output_length On success, the number of bytes - * that make up the returned output. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p output buffer is too small. You can - * determine a sufficient buffer size by calling - * #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) - * where \c key_type and \c key_bits are the type and bit-size - * respectively of \p handle. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *salt, - size_t salt_length, - uint8_t *output, - size_t output_size, - size_t *output_length); - -/** - * \brief Decrypt a short message with a private key. - * - * \param handle Handle to the key to use for the operation. - * It must be an asymmetric key pair. - * \param alg An asymmetric encryption algorithm that is - * compatible with the type of \p handle. - * \param[in] input The message to decrypt. - * \param input_length Size of the \p input buffer in bytes. - * \param[in] salt A salt or label, if supported by the - * encryption algorithm. - * If the algorithm does not support a - * salt, pass \c NULL. - * If the algorithm supports an optional - * salt and you do not want to pass a salt, - * pass \c NULL. - * - * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is - * supported. - * \param salt_length Size of the \p salt buffer in bytes. - * If \p salt is \c NULL, pass 0. - * \param[out] output Buffer where the decrypted message is to - * be written. - * \param output_size Size of the \c output buffer in bytes. - * \param[out] output_length On success, the number of bytes - * that make up the returned output. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p output buffer is too small. You can - * determine a sufficient buffer size by calling - * #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) - * where \c key_type and \c key_bits are the type and bit-size - * respectively of \p handle. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval #PSA_ERROR_INVALID_PADDING - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_asymmetric_decrypt(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *salt, - size_t salt_length, - uint8_t *output, - size_t output_size, - size_t *output_length); - -/**@}*/ - -/** \defgroup key_derivation Key derivation and pseudorandom generation - * @{ - */ - -/** The type of the state data structure for key derivation operations. - * - * Before calling any function on a key derivation operation object, the - * application must initialize it by any of the following means: - * - Set the structure to all-bits-zero, for example: - * \code - * psa_key_derivation_operation_t operation; - * memset(&operation, 0, sizeof(operation)); - * \endcode - * - Initialize the structure to logical zero values, for example: - * \code - * psa_key_derivation_operation_t operation = {0}; - * \endcode - * - Initialize the structure to the initializer #PSA_KEY_DERIVATION_OPERATION_INIT, - * for example: - * \code - * psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - * \endcode - * - Assign the result of the function psa_key_derivation_operation_init() - * to the structure, for example: - * \code - * psa_key_derivation_operation_t operation; - * operation = psa_key_derivation_operation_init(); - * \endcode - * - * This is an implementation-defined \c struct. Applications should not - * make any assumptions about the content of this structure except - * as directed by the documentation of a specific implementation. - */ -typedef struct psa_key_derivation_s psa_key_derivation_operation_t; - -/** \def PSA_KEY_DERIVATION_OPERATION_INIT - * - * This macro returns a suitable initializer for a key derivation operation - * object of type #psa_key_derivation_operation_t. - */ -#ifdef __DOXYGEN_ONLY__ -/* This is an example definition for documentation purposes. - * Implementations should define a suitable value in `crypto_struct.h`. - */ -#define PSA_KEY_DERIVATION_OPERATION_INIT {0} -#endif - -/** Return an initial value for a key derivation operation object. - */ -static psa_key_derivation_operation_t psa_key_derivation_operation_init(void); - -/** Set up a key derivation operation. - * - * A key derivation algorithm takes some inputs and uses them to generate - * a byte stream in a deterministic way. - * This byte stream can be used to produce keys and other - * cryptographic material. - * - * To derive a key: - * -# Start with an initialized object of type #psa_key_derivation_operation_t. - * -# Call psa_key_derivation_setup() to select the algorithm. - * -# Provide the inputs for the key derivation by calling - * psa_key_derivation_input_bytes() or psa_key_derivation_input_key() - * as appropriate. Which inputs are needed, in what order, and whether - * they may be keys and if so of what type depends on the algorithm. - * -# Optionally set the operation's maximum capacity with - * psa_key_derivation_set_capacity(). You may do this before, in the middle - * of or after providing inputs. For some algorithms, this step is mandatory - * because the output depends on the maximum capacity. - * -# To derive a key, call psa_key_derivation_output_key(). - * To derive a byte string for a different purpose, call - * psa_key_derivation_output_bytes(). - * Successive calls to these functions use successive output bytes - * calculated by the key derivation algorithm. - * -# Clean up the key derivation operation object with - * psa_key_derivation_abort(). - * - * If this function returns an error, the key derivation operation object is - * not changed. - * - * If an error occurs at any step after a call to psa_key_derivation_setup(), - * the operation will need to be reset by a call to psa_key_derivation_abort(). - * - * Implementations must reject an attempt to derive a key of size 0. - * - * \param[in,out] operation The key derivation operation object - * to set up. It must - * have been initialized but not set up yet. - * \param alg The key derivation algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_KEY_DERIVATION(\p alg) is true). - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c alg is not a key derivation algorithm. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \c alg is not supported or is not a key derivation algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_key_derivation_setup( - psa_key_derivation_operation_t *operation, - psa_algorithm_t alg); - -/** Retrieve the current capacity of a key derivation operation. - * - * The capacity of a key derivation is the maximum number of bytes that it can - * return. When you get *N* bytes of output from a key derivation operation, - * this reduces its capacity by *N*. - * - * \param[in] operation The operation to query. - * \param[out] capacity On success, the capacity of the operation. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active). - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_key_derivation_get_capacity( - const psa_key_derivation_operation_t *operation, - size_t *capacity); - -/** Set the maximum capacity of a key derivation operation. - * - * The capacity of a key derivation operation is the maximum number of bytes - * that the key derivation operation can return from this point onwards. - * - * \param[in,out] operation The key derivation operation object to modify. - * \param capacity The new capacity of the operation. - * It must be less or equal to the operation's - * current capacity. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p capacity is larger than the operation's current capacity. - * In this case, the operation object remains valid and its capacity - * remains unchanged. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active). - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_key_derivation_set_capacity( - psa_key_derivation_operation_t *operation, - size_t capacity); - -/** Use the maximum possible capacity for a key derivation operation. - * - * Use this value as the capacity argument when setting up a key derivation - * to indicate that the operation should have the maximum possible capacity. - * The value of the maximum possible capacity depends on the key derivation - * algorithm. - */ -#define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ((size_t)(-1)) - -/** Provide an input for key derivation or key agreement. - * - * Which inputs are required and in what order depends on the algorithm. - * Refer to the documentation of each key derivation or key agreement - * algorithm for information. - * - * This function passes direct inputs, which is usually correct for - * non-secret inputs. To pass a secret input, which should be in a key - * object, call psa_key_derivation_input_key() instead of this function. - * Refer to the documentation of individual step types - * (`PSA_KEY_DERIVATION_INPUT_xxx` values of type ::psa_key_derivation_step_t) - * for more information. - * - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_key_derivation_abort(). - * - * \param[in,out] operation The key derivation operation object to use. - * It must have been set up with - * psa_key_derivation_setup() and must not - * have produced any output yet. - * \param step Which step the input data is for. - * \param[in] data Input data to use. - * \param data_length Size of the \p data buffer in bytes. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c step is not compatible with the operation's algorithm. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c step does not allow direct inputs. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid for this input \p step. - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_key_derivation_input_bytes( - psa_key_derivation_operation_t *operation, - psa_key_derivation_step_t step, - const uint8_t *data, - size_t data_length); - -/** Provide an input for key derivation in the form of a key. - * - * Which inputs are required and in what order depends on the algorithm. - * Refer to the documentation of each key derivation or key agreement - * algorithm for information. - * - * This function obtains input from a key object, which is usually correct for - * secret inputs or for non-secret personalization strings kept in the key - * store. To pass a non-secret parameter which is not in the key store, - * call psa_key_derivation_input_bytes() instead of this function. - * Refer to the documentation of individual step types - * (`PSA_KEY_DERIVATION_INPUT_xxx` values of type ::psa_key_derivation_step_t) - * for more information. - * - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_key_derivation_abort(). - * - * \param[in,out] operation The key derivation operation object to use. - * It must have been set up with - * psa_key_derivation_setup() and must not - * have produced any output yet. - * \param step Which step the input data is for. - * \param handle Handle to the key. It must have an - * appropriate type for \p step and must - * allow the usage #PSA_KEY_USAGE_DERIVE. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c step is not compatible with the operation's algorithm. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c step does not allow key inputs of the given type - * or does not allow key inputs at all. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid for this input \p step. - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_key_derivation_input_key( - psa_key_derivation_operation_t *operation, - psa_key_derivation_step_t step, - psa_key_handle_t handle); - -/** Perform a key agreement and use the shared secret as input to a key - * derivation. - * - * A key agreement algorithm takes two inputs: a private key \p private_key - * a public key \p peer_key. - * The result of this function is passed as input to a key derivation. - * The output of this key derivation can be extracted by reading from the - * resulting operation to produce keys and other cryptographic material. - * - * If this function returns an error status, the operation enters an error - * state and must be aborted by calling psa_key_derivation_abort(). - * - * \param[in,out] operation The key derivation operation object to use. - * It must have been set up with - * psa_key_derivation_setup() with a - * key agreement and derivation algorithm - * \c alg (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_KEY_AGREEMENT(\c alg) is true - * and #PSA_ALG_IS_RAW_KEY_AGREEMENT(\c alg) - * is false). - * The operation must be ready for an - * input of the type given by \p step. - * \param step Which step the input data is for. - * \param private_key Handle to the private key to use. - * \param[in] peer_key Public key of the peer. The peer key must be in the - * same format that psa_import_key() accepts for the - * public key type corresponding to the type of - * private_key. That is, this function performs the - * equivalent of - * #psa_import_key(..., - * `peer_key`, `peer_key_length`) where - * with key attributes indicating the public key - * type corresponding to the type of `private_key`. - * For example, for EC keys, this means that peer_key - * is interpreted as a point on the curve that the - * private key is on. The standard formats for public - * keys are documented in the documentation of - * psa_export_public_key(). - * \param peer_key_length Size of \p peer_key in bytes. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid for this key agreement \p step. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c private_key is not compatible with \c alg, - * or \p peer_key is not valid for \c alg or not compatible with - * \c private_key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \c alg is not supported or is not a key derivation algorithm. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c step does not allow an input resulting from a key agreement. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_key_derivation_key_agreement( - psa_key_derivation_operation_t *operation, - psa_key_derivation_step_t step, - psa_key_handle_t private_key, - const uint8_t *peer_key, - size_t peer_key_length); - -/** Read some data from a key derivation operation. - * - * This function calculates output bytes from a key derivation algorithm and - * return those bytes. - * If you view the key derivation's output as a stream of bytes, this - * function destructively reads the requested number of bytes from the - * stream. - * The operation's capacity decreases by the number of bytes read. - * - * If this function returns an error status other than - * #PSA_ERROR_INSUFFICIENT_DATA, the operation enters an error - * state and must be aborted by calling psa_key_derivation_abort(). - * - * \param[in,out] operation The key derivation operation object to read from. - * \param[out] output Buffer where the output will be written. - * \param output_length Number of bytes to output. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INSUFFICIENT_DATA - * The operation's capacity was less than - * \p output_length bytes. Note that in this case, - * no output is written to the output buffer. - * The operation's capacity is set to 0, thus - * subsequent calls to this function will not - * succeed, even with a smaller output buffer. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active and completed - * all required input steps). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_key_derivation_output_bytes( - psa_key_derivation_operation_t *operation, - uint8_t *output, - size_t output_length); - -/** Derive a key from an ongoing key derivation operation. - * - * This function calculates output bytes from a key derivation algorithm - * and uses those bytes to generate a key deterministically. - * The key's location, usage policy, type and size are taken from - * \p attributes. - * - * If you view the key derivation's output as a stream of bytes, this - * function destructively reads as many bytes as required from the - * stream. - * The operation's capacity decreases by the number of bytes read. - * - * If this function returns an error status other than - * #PSA_ERROR_INSUFFICIENT_DATA, the operation enters an error - * state and must be aborted by calling psa_key_derivation_abort(). - * - * How much output is produced and consumed from the operation, and how - * the key is derived, depends on the key type: - * - * - For key types for which the key is an arbitrary sequence of bytes - * of a given size, this function is functionally equivalent to - * calling #psa_key_derivation_output_bytes - * and passing the resulting output to #psa_import_key. - * However, this function has a security benefit: - * if the implementation provides an isolation boundary then - * the key material is not exposed outside the isolation boundary. - * As a consequence, for these key types, this function always consumes - * exactly (\p bits / 8) bytes from the operation. - * The following key types defined in this specification follow this scheme: - * - * - #PSA_KEY_TYPE_AES; - * - #PSA_KEY_TYPE_ARC4; - * - #PSA_KEY_TYPE_CAMELLIA; - * - #PSA_KEY_TYPE_DERIVE; - * - #PSA_KEY_TYPE_HMAC. - * - * - For ECC keys on a Montgomery elliptic curve - * (#PSA_KEY_TYPE_ECC_KEY_PAIR(\c curve) where \c curve designates a - * Montgomery curve), this function always draws a byte string whose - * length is determined by the curve, and sets the mandatory bits - * accordingly. That is: - * - * - #PSA_ECC_CURVE_CURVE25519: draw a 32-byte string - * and process it as specified in RFC 7748 §5. - * - #PSA_ECC_CURVE_CURVE448: draw a 56-byte string - * and process it as specified in RFC 7748 §5. - * - * - For key types for which the key is represented by a single sequence of - * \p bits bits with constraints as to which bit sequences are acceptable, - * this function draws a byte string of length (\p bits / 8) bytes rounded - * up to the nearest whole number of bytes. If the resulting byte string - * is acceptable, it becomes the key, otherwise the drawn bytes are discarded. - * This process is repeated until an acceptable byte string is drawn. - * The byte string drawn from the operation is interpreted as specified - * for the output produced by psa_export_key(). - * The following key types defined in this specification follow this scheme: - * - * - #PSA_KEY_TYPE_DES. - * Force-set the parity bits, but discard forbidden weak keys. - * For 2-key and 3-key triple-DES, the three keys are generated - * successively (for example, for 3-key triple-DES, - * if the first 8 bytes specify a weak key and the next 8 bytes do not, - * discard the first 8 bytes, use the next 8 bytes as the first key, - * and continue reading output from the operation to derive the other - * two keys). - * - Finite-field Diffie-Hellman keys (#PSA_KEY_TYPE_DH_KEY_PAIR(\c group) - * where \c group designates any Diffie-Hellman group) and - * ECC keys on a Weierstrass elliptic curve - * (#PSA_KEY_TYPE_ECC_KEY_PAIR(\c curve) where \c curve designates a - * Weierstrass curve). - * For these key types, interpret the byte string as integer - * in big-endian order. Discard it if it is not in the range - * [0, *N* - 2] where *N* is the boundary of the private key domain - * (the prime *p* for Diffie-Hellman, the subprime *q* for DSA, - * or the order of the curve's base point for ECC). - * Add 1 to the resulting integer and use this as the private key *x*. - * This method allows compliance to NIST standards, specifically - * the methods titled "key-pair generation by testing candidates" - * in NIST SP 800-56A §5.6.1.1.4 for Diffie-Hellman, - * in FIPS 186-4 §B.1.2 for DSA, and - * in NIST SP 800-56A §5.6.1.2.2 or - * FIPS 186-4 §B.4.2 for elliptic curve keys. - * - * - For other key types, including #PSA_KEY_TYPE_RSA_KEY_PAIR, - * the way in which the operation output is consumed is - * implementation-defined. - * - * In all cases, the data that is read is discarded from the operation. - * The operation's capacity is decreased by the number of bytes read. - * - * For algorithms that take an input step #PSA_KEY_DERIVATION_INPUT_SECRET, - * the input to that step must be provided with psa_key_derivation_input_key(). - * Future versions of this specification may include additional restrictions - * on the derived key based on the attributes and strength of the secret key. - * - * \param[in] attributes The attributes for the new key. - * \param[in,out] operation The key derivation operation object to read from. - * \param[out] handle On success, a handle to the newly created key. - * \c 0 on failure. - * - * \retval #PSA_SUCCESS - * Success. - * If the key is persistent, the key material and the key's metadata - * have been saved to persistent storage. - * \retval #PSA_ERROR_ALREADY_EXISTS - * This is an attempt to create a persistent key, and there is - * already a persistent key with the given identifier. - * \retval #PSA_ERROR_INSUFFICIENT_DATA - * There was not enough data to create the desired key. - * Note that in this case, no output is written to the output buffer. - * The operation's capacity is set to 0, thus subsequent calls to - * this function will not succeed, even with a smaller output buffer. - * \retval #PSA_ERROR_NOT_SUPPORTED - * The key type or key size is not supported, either by the - * implementation in general or in this particular location. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The provided key attributes are not valid for the operation. - * \retval #PSA_ERROR_NOT_PERMITTED - * The #PSA_KEY_DERIVATION_INPUT_SECRET input was not provided through - * a key. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active and completed - * all required input steps). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_key_derivation_output_key( - const psa_key_attributes_t *attributes, - psa_key_derivation_operation_t *operation, - psa_key_handle_t *handle); - -/** Abort a key derivation operation. - * - * Aborting an operation frees all associated resources except for the \c - * operation structure itself. Once aborted, the operation object can be reused - * for another operation by calling psa_key_derivation_setup() again. - * - * This function may be called at any time after the operation - * object has been initialized as described in #psa_key_derivation_operation_t. - * - * In particular, it is valid to call psa_key_derivation_abort() twice, or to - * call psa_key_derivation_abort() on an operation that has not been set up. - * - * \param[in,out] operation The operation to abort. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_key_derivation_abort( - psa_key_derivation_operation_t *operation); - -/** Perform a key agreement and return the raw shared secret. - * - * \warning The raw result of a key agreement algorithm such as finite-field - * Diffie-Hellman or elliptic curve Diffie-Hellman has biases and should - * not be used directly as key material. It should instead be passed as - * input to a key derivation algorithm. To chain a key agreement with - * a key derivation, use psa_key_derivation_key_agreement() and other - * functions from the key derivation interface. - * - * \param alg The key agreement algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_RAW_KEY_AGREEMENT(\p alg) - * is true). - * \param private_key Handle to the private key to use. - * \param[in] peer_key Public key of the peer. It must be - * in the same format that psa_import_key() - * accepts. The standard formats for public - * keys are documented in the documentation - * of psa_export_public_key(). - * \param peer_key_length Size of \p peer_key in bytes. - * \param[out] output Buffer where the decrypted message is to - * be written. - * \param output_size Size of the \c output buffer in bytes. - * \param[out] output_length On success, the number of bytes - * that make up the returned output. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p alg is not a key agreement algorithm - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p private_key is not compatible with \p alg, - * or \p peer_key is not valid for \p alg or not compatible with - * \p private_key. - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * \p output_size is too small - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p alg is not a supported key agreement algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, - psa_key_handle_t private_key, - const uint8_t *peer_key, - size_t peer_key_length, - uint8_t *output, - size_t output_size, - size_t *output_length); - -/**@}*/ - -/** \defgroup random Random generation - * @{ - */ - -/** - * \brief Generate random bytes. - * - * \warning This function **can** fail! Callers MUST check the return status - * and MUST NOT use the content of the output buffer if the return - * status is not #PSA_SUCCESS. - * - * \note To generate a key, use psa_generate_key() instead. - * - * \param[out] output Output buffer for the generated data. - * \param output_size Number of bytes to generate and output. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_generate_random(uint8_t *output, - size_t output_size); - -/** - * \brief Generate a key or key pair. - * - * The key is generated randomly. - * Its location, usage policy, type and size are taken from \p attributes. - * - * Implementations must reject an attempt to generate a key of size 0. - * - * The following type-specific considerations apply: - * - For RSA keys (#PSA_KEY_TYPE_RSA_KEY_PAIR), - * the public exponent is 65537. - * The modulus is a product of two probabilistic primes - * between 2^{n-1} and 2^n where n is the bit size specified in the - * attributes. - * - * \param[in] attributes The attributes for the new key. - * \param[out] handle On success, a handle to the newly created key. - * \c 0 on failure. - * - * \retval #PSA_SUCCESS - * Success. - * If the key is persistent, the key material and the key's metadata - * have been saved to persistent storage. - * \retval #PSA_ERROR_ALREADY_EXISTS - * This is an attempt to create a persistent key, and there is - * already a persistent key with the given identifier. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, - psa_key_handle_t *handle); - -/**@}*/ - -#ifdef __cplusplus -} -#endif - -/* The file "crypto_sizes.h" contains definitions for size calculation - * macros whose definitions are implementation-specific. */ -#include "psa/crypto_sizes.h" - -/* The file "crypto_client_struct.h" contains definitions for structures - * whose definitions differ in the client view and the PSA server - * implementation in TF-M. */ -#include "psa/crypto_client_struct.h" - - -/* The file "crypto_struct.h" contains definitions for - * implementation-specific structs that are declared above. */ -#include "psa/crypto_struct.h" - -/* The file "crypto_extra.h" contains vendor-specific definitions. This - * can include vendor-defined algorithms, extra functions, etc. */ -#include "psa/crypto_extra.h" - -#endif /* PSA_CRYPTO_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_client_struct.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_client_struct.h deleted file mode 100644 index 1d919b0..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_client_struct.h +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 2020, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -/** - * \file psa/crypto_client_struct.h - * - * \brief PSA cryptography client key attribute definitions - * - * \note This file may not be included directly. Applications must - * include psa/crypto.h. - * - * This file contains the definitions of some data structures with - * PSA crypto client specific definitions. This is for implementations - * with isolation between the Client applications and the Crypto - * Server module, it is expected that the front-end and the back-end - * would have different versions of the data structure. - */ -#ifndef PSA_CRYPTO_CLIENT_STRUCT_H -#define PSA_CRYPTO_CLIENT_STRUCT_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* This is the client view of the `key_attributes` structure. Only - * fields which need to be set by the PSA crypto client are present. - * The PSA crypto service will maintain a different version of the - * data structure internally. */ -struct psa_client_key_attributes_s -{ - uint32_t type; - uint32_t lifetime; - uint32_t id; - uint32_t alg; - uint32_t alg2; - uint32_t usage; - uint16_t bits; -}; - -#define PSA_CLIENT_KEY_ATTRIBUTES_INIT {0, 0, 0, 0, 0, 0, 0} - -#ifdef __cplusplus -} -#endif - -#endif /* PSA_CRYPTO_CLIENT_STRUCT_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_compat.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_compat.h deleted file mode 100644 index 518008b..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_compat.h +++ /dev/null @@ -1,111 +0,0 @@ -/** - * \file psa/crypto_compat.h - * - * \brief PSA cryptography module: Backward compatibility aliases - * - * This header declares alternative names for macro and functions. - * New application code should not use these names. - * These names may be removed in a future version of Mbed Crypto. - * - * \note This file may not be included directly. Applications must - * include psa/crypto.h. - */ -/* - * Copyright (C) 2019-2020, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#ifndef PSA_CRYPTO_COMPAT_H -#define PSA_CRYPTO_COMPAT_H - -#ifdef __cplusplus -extern "C" { -#endif - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) - -/* - * Mechanism for declaring deprecated values - */ -#if defined(MBEDTLS_DEPRECATED_WARNING) && !defined(MBEDTLS_PSA_DEPRECATED) -#define MBEDTLS_PSA_DEPRECATED __attribute__((deprecated)) -#else -#define MBEDTLS_PSA_DEPRECATED -#endif - -typedef MBEDTLS_PSA_DEPRECATED size_t mbedtls_deprecated_size_t; -typedef MBEDTLS_PSA_DEPRECATED psa_status_t mbedtls_deprecated_psa_status_t; -typedef MBEDTLS_PSA_DEPRECATED psa_key_usage_t mbedtls_deprecated_psa_key_usage_t; - -#define MBEDTLS_DEPRECATED_CONSTANT( type, value ) \ - ( (mbedtls_deprecated_##type) ( value ) ) - -/* - * Deprecated PSA Crypto error code definitions (PSA Crypto API <= 1.0 beta2) - */ -#define PSA_ERROR_UNKNOWN_ERROR \ - MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_GENERIC_ERROR ) -#define PSA_ERROR_OCCUPIED_SLOT \ - MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_ALREADY_EXISTS ) -#define PSA_ERROR_EMPTY_SLOT \ - MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_DOES_NOT_EXIST ) -#define PSA_ERROR_INSUFFICIENT_CAPACITY \ - MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_INSUFFICIENT_DATA ) -#define PSA_ERROR_TAMPERING_DETECTED \ - MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_CORRUPTION_DETECTED ) - -/* - * Deprecated PSA Crypto numerical encodings (PSA Crypto API <= 1.0 beta3) - */ -#define PSA_KEY_USAGE_SIGN \ - MBEDTLS_DEPRECATED_CONSTANT( psa_key_usage_t, PSA_KEY_USAGE_SIGN_HASH ) -#define PSA_KEY_USAGE_VERIFY \ - MBEDTLS_DEPRECATED_CONSTANT( psa_key_usage_t, PSA_KEY_USAGE_VERIFY_HASH ) - -/* - * Deprecated PSA Crypto size calculation macros (PSA Crypto API <= 1.0 beta3) - */ -#define PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_SIGNATURE_MAX_SIZE ) -#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ) ) - -/* - * Deprecated PSA Crypto function names (PSA Crypto API <= 1.0 beta3) - */ -MBEDTLS_PSA_DEPRECATED psa_status_t psa_asymmetric_sign( psa_key_handle_t key, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - uint8_t *signature, - size_t signature_size, - size_t *signature_length ); - -MBEDTLS_PSA_DEPRECATED psa_status_t psa_asymmetric_verify( psa_key_handle_t key, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - const uint8_t *signature, - size_t signature_length ); - -#endif /* MBEDTLS_DEPRECATED_REMOVED */ - -#ifdef __cplusplus -} -#endif - -#endif /* PSA_CRYPTO_COMPAT_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_extra.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_extra.h deleted file mode 100644 index d658b76..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_extra.h +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright (c) 2018-2020, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -/** - * \file psa/crypto_extra.h - * - * \brief PSA cryptography module: vendor extensions - * - * \note This file may not be included directly. Applications must - * include psa/crypto.h. - * - * This file is reserved for vendor-specific definitions. - */ - -#ifndef PSA_CRYPTO_EXTRA_H -#define PSA_CRYPTO_EXTRA_H - -#include "psa/crypto_compat.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/** \addtogroup crypto_types - * @{ - */ - -/** DSA public key. - * - * The import and export format is the - * representation of the public key `y = g^x mod p` as a big-endian byte - * string. The length of the byte string is the length of the base prime `p` - * in bytes. - */ -#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x60020000) - -/** DSA key pair (private and public key). - * - * The import and export format is the - * representation of the private key `x` as a big-endian byte string. The - * length of the byte string is the private key size in bytes (leading zeroes - * are not stripped). - * - * Determinstic DSA key derivation with psa_generate_derived_key follows - * FIPS 186-4 §B.1.2: interpret the byte string as integer - * in big-endian order. Discard it if it is not in the range - * [0, *N* - 2] where *N* is the boundary of the private key domain - * (the prime *p* for Diffie-Hellman, the subprime *q* for DSA, - * or the order of the curve's base point for ECC). - * Add 1 to the resulting integer and use this as the private key *x*. - * - */ -#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x70020000) - -/**@}*/ - -/** \brief Declare the enrollment algorithm for a key. - * - * An operation on a key may indifferently use the algorithm set with - * psa_set_key_algorithm() or with this function. - * - * \param[out] attributes The attribute structure to write to. - * \param alg2 A second algorithm that the key may be used - * for, in addition to the algorithm set with - * psa_set_key_algorithm(). - * - * \warning Setting an enrollment algorithm is not recommended, because - * using the same key with different algorithms can allow some - * attacks based on arithmetic relations between different - * computations made with the same key, or can escalate harmless - * side channels into exploitable ones. Use this function only - * if it is necessary to support a protocol for which it has been - * verified that the usage of the key with multiple algorithms - * is safe. - */ -static inline void psa_set_key_enrollment_algorithm( - psa_key_attributes_t *attributes, - psa_algorithm_t alg2) -{ - attributes->alg2 = alg2; -} - -/** Retrieve the enrollment algorithm policy from key attributes. - * - * \param[in] attributes The key attribute structure to query. - * - * \return The enrollment algorithm stored in the attribute structure. - */ -static inline psa_algorithm_t psa_get_key_enrollment_algorithm( - const psa_key_attributes_t *attributes) -{ - return attributes->alg2; -} - -#ifdef __cplusplus -} -#endif - -#endif /* PSA_CRYPTO_EXTRA_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_platform.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_platform.h deleted file mode 100644 index c3120e4..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_platform.h +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright (c) 2018-2020, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -/** - * \file psa/crypto_platform.h - * - * \brief PSA cryptography module: Mbed TLS platform definitions - * - * \note This file may not be included directly. Applications must - * include psa/crypto.h. - * - * This file contains platform-dependent type definitions. - * - * In implementations with isolation between the application and the - * cryptography module, implementers should take care to ensure that - * the definitions that are exposed to applications match what the - * module implements. - */ - -#ifndef PSA_CRYPTO_PLATFORM_H -#define PSA_CRYPTO_PLATFORM_H - -/* PSA requires several types which C99 provides in stdint.h. */ -#include - -/* Integral type representing a key handle. */ -typedef uint16_t psa_key_handle_t; - -/* This implementation distinguishes *application key identifiers*, which - * are the key identifiers specified by the application, from - * *key file identifiers*, which are the key identifiers that the library - * sees internally. The two types can be different if there is a remote - * call layer between the application and the library which supports - * multiple client applications that do not have access to each others' - * keys. The point of having different types is that the key file - * identifier may encode not only the key identifier specified by the - * application, but also the the identity of the application. - * - * Note that this is an internal concept of the library and the remote - * call layer. The application itself never sees anything other than - * #psa_app_key_id_t with its standard definition. - */ - -/* The application key identifier is always what the application sees as - * #psa_key_id_t. */ -typedef uint32_t psa_app_key_id_t; - -#endif /* PSA_CRYPTO_PLATFORM_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_sizes.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_sizes.h deleted file mode 100644 index 4f67501..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_sizes.h +++ /dev/null @@ -1,650 +0,0 @@ -/* - * Copyright (c) 2018-2020, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -/** - * \file psa/crypto_sizes.h - * - * \brief PSA cryptography module: Mbed TLS buffer size macros - * - * \note This file may not be included directly. Applications must - * include psa/crypto.h. - * - * This file contains the definitions of macros that are useful to - * compute buffer sizes. The signatures and semantics of these macros - * are standardized, but the definitions are not, because they depend on - * the available algorithms and, in some cases, on permitted tolerances - * on buffer sizes. - * - * In implementations with isolation between the application and the - * cryptography module, implementers should take care to ensure that - * the definitions that are exposed to applications match what the - * module implements. - * - * Macros that compute sizes whose values do not depend on the - * implementation are in crypto.h. - */ - -#ifndef PSA_CRYPTO_SIZES_H -#define PSA_CRYPTO_SIZES_H - -#define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8) -#define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8) - -#define PSA_ROUND_UP_TO_MULTIPLE(block_size, length) \ - (((length) + (block_size) - 1) / (block_size) * (block_size)) - -/** The size of the output of psa_hash_finish(), in bytes. - * - * This is also the hash size that psa_hash_verify() expects. - * - * \param alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p alg) is true), or an HMAC algorithm - * (#PSA_ALG_HMAC(\c hash_alg) where \c hash_alg is a - * hash algorithm). - * - * \return The hash size for the specified hash algorithm. - * If the hash algorithm is not recognized, return 0. - * An implementation may return either 0 or the correct size - * for a hash algorithm that it recognizes, but does not support. - */ -#define PSA_HASH_SIZE(alg) \ - ( \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 16 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \ - 0) - -/** \def PSA_HASH_MAX_SIZE - * - * Maximum size of a hash. - * - * This macro must expand to a compile-time constant integer. This value - * should be the maximum size of a hash supported by the implementation, - * in bytes, and must be no smaller than this maximum. - */ -/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-226, - * 136 bytes for HMAC-SHA3-256, 104 bytes for SHA3-384, 72 bytes for - * HMAC-SHA3-512. */ -#define PSA_HASH_MAX_SIZE 64 -#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128 - -/** \def PSA_MAC_MAX_SIZE - * - * Maximum size of a MAC. - * - * This macro must expand to a compile-time constant integer. This value - * should be the maximum size of a MAC supported by the implementation, - * in bytes, and must be no smaller than this maximum. - */ -/* All non-HMAC MACs have a maximum size that's smaller than the - * minimum possible value of PSA_HASH_MAX_SIZE in this implementation. */ -/* Note that the encoding of truncated MAC algorithms limits this value - * to 64 bytes. - */ -#define PSA_MAC_MAX_SIZE PSA_HASH_MAX_SIZE - -/** The tag size for an AEAD algorithm, in bytes. - * - * \param alg An AEAD algorithm - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * - * \return The tag size for the specified algorithm. - * If the AEAD algorithm does not have an identified - * tag that can be distinguished from the rest of - * the ciphertext, return 0. - * If the AEAD algorithm is not recognized, return 0. - * An implementation may return either 0 or a - * correct size for an AEAD algorithm that it - * recognizes, but does not support. - */ -#define PSA_AEAD_TAG_LENGTH(alg) \ - (PSA_ALG_IS_AEAD(alg) ? \ - (((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET) : \ - 0) - -/* The maximum size of an RSA key on this implementation, in bits. - * This is a vendor-specific macro. - * - * Mbed TLS does not set a hard limit on the size of RSA keys: any key - * whose parameters fit in a bignum is accepted. However large keys can - * induce a large memory usage and long computation times. Unlike other - * auxiliary macros in this file and in crypto.h, which reflect how the - * library is configured, this macro defines how the library is - * configured. This implementation refuses to import or generate an - * RSA key whose size is larger than the value defined here. - * - * Note that an implementation may set different size limits for different - * operations, and does not need to accept all key sizes up to the limit. */ -#define PSA_VENDOR_RSA_MAX_KEY_BITS 4096 - -/* The maximum size of an ECC key on this implementation, in bits. - * This is a vendor-specific macro. */ -#define PSA_VENDOR_ECC_MAX_CURVE_BITS 521 - -/** Bit size associated with an elliptic curve. - * - * \param curve An elliptic curve (value of type #psa_ecc_curve_t). - * - * \return The size associated with \p curve, in bits. - * This may be 0 if the implementation does not support - * the specified curve. - */ -#define PSA_ECC_CURVE_BITS(curve) \ - ((curve) == PSA_ECC_CURVE_SECT163K1 ? 163 : \ - (curve) == PSA_ECC_CURVE_SECT163R1 ? 163 : \ - (curve) == PSA_ECC_CURVE_SECT163R2 ? 163 : \ - (curve) == PSA_ECC_CURVE_SECT193R1 ? 193 : \ - (curve) == PSA_ECC_CURVE_SECT193R2 ? 193 : \ - (curve) == PSA_ECC_CURVE_SECT233K1 ? 233 : \ - (curve) == PSA_ECC_CURVE_SECT233R1 ? 233 : \ - (curve) == PSA_ECC_CURVE_SECT239K1 ? 239 : \ - (curve) == PSA_ECC_CURVE_SECT283K1 ? 283 : \ - (curve) == PSA_ECC_CURVE_SECT283R1 ? 283 : \ - (curve) == PSA_ECC_CURVE_SECT409K1 ? 409 : \ - (curve) == PSA_ECC_CURVE_SECT409R1 ? 409 : \ - (curve) == PSA_ECC_CURVE_SECT571K1 ? 571 : \ - (curve) == PSA_ECC_CURVE_SECT571R1 ? 571 : \ - (curve) == PSA_ECC_CURVE_SECP160K1 ? 160 : \ - (curve) == PSA_ECC_CURVE_SECP160R1 ? 160 : \ - (curve) == PSA_ECC_CURVE_SECP160R2 ? 160 : \ - (curve) == PSA_ECC_CURVE_SECP192K1 ? 192 : \ - (curve) == PSA_ECC_CURVE_SECP192R1 ? 192 : \ - (curve) == PSA_ECC_CURVE_SECP224K1 ? 224 : \ - (curve) == PSA_ECC_CURVE_SECP224R1 ? 224 : \ - (curve) == PSA_ECC_CURVE_SECP256K1 ? 256 : \ - (curve) == PSA_ECC_CURVE_SECP256R1 ? 256 : \ - (curve) == PSA_ECC_CURVE_SECP384R1 ? 384 : \ - (curve) == PSA_ECC_CURVE_SECP521R1 ? 521 : \ - (curve) == PSA_ECC_CURVE_BRAINPOOL_P256R1 ? 256 : \ - (curve) == PSA_ECC_CURVE_BRAINPOOL_P384R1 ? 384 : \ - (curve) == PSA_ECC_CURVE_BRAINPOOL_P512R1 ? 512 : \ - (curve) == PSA_ECC_CURVE_CURVE25519 ? 255 : \ - (curve) == PSA_ECC_CURVE_CURVE448 ? 448 : \ - 0) - -/** \def PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN - * - * This macro returns the maximum length of the PSK supported - * by the TLS-1.2 PSK-to-MS key derivation. - * - * Quoting RFC 4279, Sect 5.3: - * TLS implementations supporting these ciphersuites MUST support - * arbitrary PSK identities up to 128 octets in length, and arbitrary - * PSKs up to 64 octets in length. Supporting longer identities and - * keys is RECOMMENDED. - * - * Therefore, no implementation should define a value smaller than 64 - * for #PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN. - */ -#define PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN 128 - -/** The maximum size of a block cipher supported by the implementation. */ -#define PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE 16 - -/** The size of the output of psa_mac_sign_finish(), in bytes. - * - * This is also the MAC size that psa_mac_verify_finish() expects. - * - * \param key_type The type of the MAC key. - * \param key_bits The size of the MAC key in bits. - * \param alg A MAC algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_MAC(\p alg) is true). - * - * \return The MAC size for the specified algorithm with - * the specified key parameters. - * \return 0 if the MAC algorithm is not recognized. - * \return Either 0 or the correct size for a MAC algorithm that - * the implementation recognizes, but does not support. - * \return Unspecified if the key parameters are not consistent - * with the algorithm. - */ -#define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \ - ((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) : \ - PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_GET_HASH(alg)) : \ - PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \ - ((void)(key_type), (void)(key_bits), 0)) - -/** The maximum size of the output of psa_aead_encrypt(), in bytes. - * - * If the size of the ciphertext buffer is at least this large, it is - * guaranteed that psa_aead_encrypt() will not fail due to an - * insufficient buffer size. Depending on the algorithm, the actual size of - * the ciphertext may be smaller. - * - * \param alg An AEAD algorithm - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * \param plaintext_length Size of the plaintext in bytes. - * - * \return The AEAD ciphertext size for the specified - * algorithm. - * If the AEAD algorithm is not recognized, return 0. - * An implementation may return either 0 or a - * correct size for an AEAD algorithm that it - * recognizes, but does not support. - */ -#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) \ - (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \ - (plaintext_length) + PSA_AEAD_TAG_LENGTH(alg) : \ - 0) - -/** The maximum size of the output of psa_aead_decrypt(), in bytes. - * - * If the size of the plaintext buffer is at least this large, it is - * guaranteed that psa_aead_decrypt() will not fail due to an - * insufficient buffer size. Depending on the algorithm, the actual size of - * the plaintext may be smaller. - * - * \param alg An AEAD algorithm - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * \param ciphertext_length Size of the plaintext in bytes. - * - * \return The AEAD ciphertext size for the specified - * algorithm. - * If the AEAD algorithm is not recognized, return 0. - * An implementation may return either 0 or a - * correct size for an AEAD algorithm that it - * recognizes, but does not support. - */ -#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \ - (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \ - (ciphertext_length) - PSA_AEAD_TAG_LENGTH(alg) : \ - 0) - -/** A sufficient output buffer size for psa_aead_update(). - * - * If the size of the output buffer is at least this large, it is - * guaranteed that psa_aead_update() will not fail due to an - * insufficient buffer size. The actual size of the output may be smaller - * in any given call. - * - * \param alg An AEAD algorithm - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * \param input_length Size of the input in bytes. - * - * \return A sufficient output buffer size for the specified - * algorithm. - * If the AEAD algorithm is not recognized, return 0. - * An implementation may return either 0 or a - * correct size for an AEAD algorithm that it - * recognizes, but does not support. - */ -/* For all the AEAD modes defined in this specification, it is possible - * to emit output without delay. However, hardware may not always be - * capable of this. So for modes based on a block cipher, allow the - * implementation to delay the output until it has a full block. */ -#define PSA_AEAD_UPDATE_OUTPUT_SIZE(alg, input_length) \ - (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_ROUND_UP_TO_MULTIPLE(PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE, (input_length)) : \ - (input_length)) - -/** A sufficient ciphertext buffer size for psa_aead_finish(). - * - * If the size of the ciphertext buffer is at least this large, it is - * guaranteed that psa_aead_finish() will not fail due to an - * insufficient ciphertext buffer size. The actual size of the output may - * be smaller in any given call. - * - * \param alg An AEAD algorithm - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * - * \return A sufficient ciphertext buffer size for the - * specified algorithm. - * If the AEAD algorithm is not recognized, return 0. - * An implementation may return either 0 or a - * correct size for an AEAD algorithm that it - * recognizes, but does not support. - */ -#define PSA_AEAD_FINISH_OUTPUT_SIZE(alg) \ - (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE : \ - 0) - -/** A sufficient plaintext buffer size for psa_aead_verify(). - * - * If the size of the plaintext buffer is at least this large, it is - * guaranteed that psa_aead_verify() will not fail due to an - * insufficient plaintext buffer size. The actual size of the output may - * be smaller in any given call. - * - * \param alg An AEAD algorithm - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * - * \return A sufficient plaintext buffer size for the - * specified algorithm. - * If the AEAD algorithm is not recognized, return 0. - * An implementation may return either 0 or a - * correct size for an AEAD algorithm that it - * recognizes, but does not support. - */ -#define PSA_AEAD_VERIFY_OUTPUT_SIZE(alg) \ - (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE : \ - 0) - -#define PSA_RSA_MINIMUM_PADDING_SIZE(alg) \ - (PSA_ALG_IS_RSA_OAEP(alg) ? \ - 2 * PSA_HASH_SIZE(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 : \ - 11 /*PKCS#1v1.5*/) - -/** - * \brief ECDSA signature size for a given curve bit size - * - * \param curve_bits Curve size in bits. - * \return Signature size in bytes. - * - * \note This macro returns a compile-time constant if its argument is one. - */ -#define PSA_ECDSA_SIGNATURE_SIZE(curve_bits) \ - (PSA_BITS_TO_BYTES(curve_bits) * 2) - -/** Sufficient signature buffer size for psa_sign_hash(). - * - * This macro returns a sufficient buffer size for a signature using a key - * of the specified type and size, with the specified algorithm. - * Note that the actual size of the signature may be smaller - * (some algorithms produce a variable-size signature). - * - * \warning This function may call its arguments multiple times or - * zero times, so you should not pass arguments that contain - * side effects. - * - * \param key_type An asymmetric key type (this may indifferently be a - * key pair type or a public key type). - * \param key_bits The size of the key in bits. - * \param alg The signature algorithm. - * - * \return If the parameters are valid and supported, return - * a buffer size in bytes that guarantees that - * psa_sign_hash() will not fail with - * #PSA_ERROR_BUFFER_TOO_SMALL. - * If the parameters are a valid combination that is not supported - * by the implementation, this macro shall return either a - * sensible size or 0. - * If the parameters are not valid, the - * return value is unspecified. - */ -#define PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \ - (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ - PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \ - ((void)alg, 0)) - -#define PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE \ - PSA_ECDSA_SIGNATURE_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) - -/** \def PSA_SIGNATURE_MAX_SIZE - * - * Maximum size of an asymmetric signature. - * - * This macro must expand to a compile-time constant integer. This value - * should be the maximum size of a signature supported by the implementation, - * in bytes, and must be no smaller than this maximum. - */ -#define PSA_SIGNATURE_MAX_SIZE \ - (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) > PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE ? \ - PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) : \ - PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE) - -/** Sufficient output buffer size for psa_asymmetric_encrypt(). - * - * This macro returns a sufficient buffer size for a ciphertext produced using - * a key of the specified type and size, with the specified algorithm. - * Note that the actual size of the ciphertext may be smaller, depending - * on the algorithm. - * - * \warning This function may call its arguments multiple times or - * zero times, so you should not pass arguments that contain - * side effects. - * - * \param key_type An asymmetric key type (this may indifferently be a - * key pair type or a public key type). - * \param key_bits The size of the key in bits. - * \param alg The signature algorithm. - * - * \return If the parameters are valid and supported, return - * a buffer size in bytes that guarantees that - * psa_asymmetric_encrypt() will not fail with - * #PSA_ERROR_BUFFER_TOO_SMALL. - * If the parameters are a valid combination that is not supported - * by the implementation, this macro shall return either a - * sensible size or 0. - * If the parameters are not valid, the - * return value is unspecified. - */ -#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ - (PSA_KEY_TYPE_IS_RSA(key_type) ? \ - ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ - 0) - -/** Sufficient output buffer size for psa_asymmetric_decrypt(). - * - * This macro returns a sufficient buffer size for a ciphertext produced using - * a key of the specified type and size, with the specified algorithm. - * Note that the actual size of the ciphertext may be smaller, depending - * on the algorithm. - * - * \warning This function may call its arguments multiple times or - * zero times, so you should not pass arguments that contain - * side effects. - * - * \param key_type An asymmetric key type (this may indifferently be a - * key pair type or a public key type). - * \param key_bits The size of the key in bits. - * \param alg The signature algorithm. - * - * \return If the parameters are valid and supported, return - * a buffer size in bytes that guarantees that - * psa_asymmetric_decrypt() will not fail with - * #PSA_ERROR_BUFFER_TOO_SMALL. - * If the parameters are a valid combination that is not supported - * by the implementation, this macro shall return either a - * sensible size or 0. - * If the parameters are not valid, the - * return value is unspecified. - */ -#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ - (PSA_KEY_TYPE_IS_RSA(key_type) ? \ - PSA_BITS_TO_BYTES(key_bits) - PSA_RSA_MINIMUM_PADDING_SIZE(alg) : \ - 0) - -/* Maximum size of the ASN.1 encoding of an INTEGER with the specified - * number of bits. - * - * This definition assumes that bits <= 2^19 - 9 so that the length field - * is at most 3 bytes. The length of the encoding is the length of the - * bit string padded to a whole number of bytes plus: - * - 1 type byte; - * - 1 to 3 length bytes; - * - 0 to 1 bytes of leading 0 due to the sign bit. - */ -#define PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(bits) \ - ((bits) / 8 + 5) - -/* Maximum size of the export encoding of an RSA public key. - * Assumes that the public exponent is less than 2^32. - * - * RSAPublicKey ::= SEQUENCE { - * modulus INTEGER, -- n - * publicExponent INTEGER } -- e - * - * - 4 bytes of SEQUENCE overhead; - * - n : INTEGER; - * - 7 bytes for the public exponent. - */ -#define PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) \ - (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) + 11) - -/* Maximum size of the export encoding of an RSA key pair. - * Assumes thatthe public exponent is less than 2^32 and that the size - * difference between the two primes is at most 1 bit. - * - * RSAPrivateKey ::= SEQUENCE { - * version Version, -- 0 - * modulus INTEGER, -- N-bit - * publicExponent INTEGER, -- 32-bit - * privateExponent INTEGER, -- N-bit - * prime1 INTEGER, -- N/2-bit - * prime2 INTEGER, -- N/2-bit - * exponent1 INTEGER, -- N/2-bit - * exponent2 INTEGER, -- N/2-bit - * coefficient INTEGER, -- N/2-bit - * } - * - * - 4 bytes of SEQUENCE overhead; - * - 3 bytes of version; - * - 7 half-size INTEGERs plus 2 full-size INTEGERs, - * overapproximated as 9 half-size INTEGERS; - * - 7 bytes for the public exponent. - */ -#define PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits) \ - (9 * PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE((key_bits) / 2 + 1) + 14) - -/* Maximum size of the export encoding of a DSA public key. - * - * SubjectPublicKeyInfo ::= SEQUENCE { - * algorithm AlgorithmIdentifier, - * subjectPublicKey BIT STRING } -- contains DSAPublicKey - * AlgorithmIdentifier ::= SEQUENCE { - * algorithm OBJECT IDENTIFIER, - * parameters Dss-Parms } -- SEQUENCE of 3 INTEGERs - * DSAPublicKey ::= INTEGER -- public key, Y - * - * - 3 * 4 bytes of SEQUENCE overhead; - * - 1 + 1 + 7 bytes of algorithm (DSA OID); - * - 4 bytes of BIT STRING overhead; - * - 3 full-size INTEGERs (p, g, y); - * - 1 + 1 + 32 bytes for 1 sub-size INTEGER (q <= 256 bits). - */ -#define PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) \ - (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3 + 59) - -/* Maximum size of the export encoding of a DSA key pair. - * - * DSAPrivateKey ::= SEQUENCE { - * version Version, -- 0 - * prime INTEGER, -- p - * subprime INTEGER, -- q - * generator INTEGER, -- g - * public INTEGER, -- y - * private INTEGER, -- x - * } - * - * - 4 bytes of SEQUENCE overhead; - * - 3 bytes of version; - * - 3 full-size INTEGERs (p, g, y); - * - 2 * (1 + 1 + 32) bytes for 2 sub-size INTEGERs (q, x <= 256 bits). - */ -#define PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits) \ - (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3 + 75) - -/* Maximum size of the export encoding of an ECC public key. - * - * The representation of an ECC public key is: - * - The byte 0x04; - * - `x_P` as a `ceiling(m/8)`-byte string, big-endian; - * - `y_P` as a `ceiling(m/8)`-byte string, big-endian; - * - where m is the bit size associated with the curve. - * - * - 1 byte + 2 * point size. - */ -#define PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) \ - (2 * PSA_BITS_TO_BYTES(key_bits) + 1) - -/* Maximum size of the export encoding of an ECC key pair. - * - * An ECC key pair is represented by the secret value. - */ -#define PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) \ - (PSA_BITS_TO_BYTES(key_bits)) - -/** Sufficient output buffer size for psa_export_key() or psa_export_public_key(). - * - * This macro returns a compile-time constant if its arguments are - * compile-time constants. - * - * \warning This function may call its arguments multiple times or - * zero times, so you should not pass arguments that contain - * side effects. - * - * The following code illustrates how to allocate enough memory to export - * a key by querying the key type and size at runtime. - * \code{c} - * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - * psa_status_t status; - * status = psa_get_key_attributes(key, &attributes); - * if (status != PSA_SUCCESS) handle_error(...); - * psa_key_type_t key_type = psa_get_key_type(&attributes); - * size_t key_bits = psa_get_key_bits(&attributes); - * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits); - * psa_reset_key_attributes(&attributes); - * uint8_t *buffer = malloc(buffer_size); - * if (buffer == NULL) handle_error(...); - * size_t buffer_length; - * status = psa_export_key(key, buffer, buffer_size, &buffer_length); - * if (status != PSA_SUCCESS) handle_error(...); - * \endcode - * - * For psa_export_public_key(), calculate the buffer size from the - * public key type. You can use the macro #PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR - * to convert a key pair type to the corresponding public key type. - * \code{c} - * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - * psa_status_t status; - * status = psa_get_key_attributes(key, &attributes); - * if (status != PSA_SUCCESS) handle_error(...); - * psa_key_type_t key_type = psa_get_key_type(&attributes); - * psa_key_type_t public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(key_type); - * size_t key_bits = psa_get_key_bits(&attributes); - * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(public_key_type, key_bits); - * psa_reset_key_attributes(&attributes); - * uint8_t *buffer = malloc(buffer_size); - * if (buffer == NULL) handle_error(...); - * size_t buffer_length; - * status = psa_export_public_key(key, buffer, buffer_size, &buffer_length); - * if (status != PSA_SUCCESS) handle_error(...); - * \endcode - * - * \param key_type A supported key type. - * \param key_bits The size of the key in bits. - * - * \return If the parameters are valid and supported, return - * a buffer size in bytes that guarantees that - * psa_sign_hash() will not fail with - * #PSA_ERROR_BUFFER_TOO_SMALL. - * If the parameters are a valid combination that is not supported - * by the implementation, this macro shall return either a - * sensible size or 0. - * If the parameters are not valid, the - * return value is unspecified. - */ -#define PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits) \ - (PSA_KEY_TYPE_IS_UNSTRUCTURED(key_type) ? PSA_BITS_TO_BYTES(key_bits) : \ - (key_type) == PSA_KEY_TYPE_RSA_KEY_PAIR ? PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits) : \ - (key_type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY ? PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \ - (key_type) == PSA_KEY_TYPE_DSA_KEY_PAIR ? PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits) : \ - (key_type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY ? PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \ - PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type) ? PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) : \ - PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \ - 0) - -#endif /* PSA_CRYPTO_SIZES_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_struct.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_struct.h deleted file mode 100644 index ac08987..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_struct.h +++ /dev/null @@ -1,213 +0,0 @@ -/* - * Copyright (c) 2018-2020, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -/** - * \file psa/crypto_struct.h - * - * \brief PSA cryptography module: structured type implementations - * - * \note This file may not be included directly. Applications must - * include psa/crypto.h. - * - * This file contains the definitions of some data structures with - * implementation-specific definitions. - * - * In implementations with isolation between the application and the - * cryptography module, it is expected that the front-end and the back-end - * would have different versions of this file. - */ - -#ifndef PSA_CRYPTO_STRUCT_H -#define PSA_CRYPTO_STRUCT_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * Note that the below structures are different from the decalrations in - * mbed-crypto. This is because TF-M maintains 'front-end' and 'back-end' - * versions of this header. In the front-end version, exported to NS - * clients in interface/include/psa, a crypto operation is defined as an - * opaque handle to a context in the Crypto service. The back-end - * version, directly included from the mbed-crypto repo by the Crypto - * service, contains the full definition of the operation structs. - * - * One of the functions of the Crypto service is to allocate the back-end - * operation contexts in its own partition memory (in crypto_alloc.c), - * and then do the mapping between front-end operation handles passed by - * NS clients and the corresponding back-end operation contexts. The - * advantage of doing it this way is that internal mbed-crypto state is never - * exposed to the NS client. - */ - -struct psa_hash_operation_s -{ - uint32_t handle; -}; - -#define PSA_HASH_OPERATION_INIT {0} -static inline struct psa_hash_operation_s psa_hash_operation_init( void ) -{ - const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT; - return( v ); -} - -struct psa_mac_operation_s -{ - uint32_t handle; -}; - -#define PSA_MAC_OPERATION_INIT {0} -static inline struct psa_mac_operation_s psa_mac_operation_init( void ) -{ - const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT; - return( v ); -} - -struct psa_cipher_operation_s -{ - uint32_t handle; -}; - -#define PSA_CIPHER_OPERATION_INIT {0} -static inline struct psa_cipher_operation_s psa_cipher_operation_init( void ) -{ - const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT; - return( v ); -} - -struct psa_aead_operation_s -{ - uint32_t handle; -}; - -#define PSA_AEAD_OPERATION_INIT {0} -static inline struct psa_aead_operation_s psa_aead_operation_init( void ) -{ - const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT; - return( v ); -} - -struct psa_key_derivation_s -{ - uint32_t handle; -}; - -#define PSA_KEY_DERIVATION_OPERATION_INIT {0} -static inline struct psa_key_derivation_s psa_key_derivation_operation_init( void ) -{ - const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT; - return( v ); -} - -/* The type used internally for key sizes. - * Public interfaces use size_t, but internally we use a smaller type. */ -typedef uint16_t psa_key_bits_t; -/* The maximum value of the type used to represent bit-sizes. - * This is used to mark an invalid key size. */ -#define PSA_KEY_BITS_TOO_LARGE ( (psa_key_bits_t) ( -1 ) ) -/* The maximum size of a key in bits. - * Currently defined as the maximum that can be represented, rounded down - * to a whole number of bytes. - * This is an uncast value so that it can be used in preprocessor - * conditionals. */ -#define PSA_MAX_KEY_BITS 0xfff8 - -#define PSA_KEY_ATTRIBUTES_INIT PSA_CLIENT_KEY_ATTRIBUTES_INIT - -static inline struct psa_client_key_attributes_s psa_key_attributes_init( void ) -{ - const struct psa_client_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT; - return( v ); -} - -static inline void psa_set_key_id(psa_key_attributes_t *attributes, - psa_key_id_t id) -{ - attributes->id = id; - if( attributes->lifetime == PSA_KEY_LIFETIME_VOLATILE ) - attributes->lifetime = PSA_KEY_LIFETIME_PERSISTENT; -} - -static inline psa_key_id_t psa_get_key_id( - const psa_key_attributes_t *attributes) -{ - return( attributes->id ); -} - -static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, - psa_key_lifetime_t lifetime) -{ - attributes->lifetime = lifetime; - if( lifetime == PSA_KEY_LIFETIME_VOLATILE ) - { - attributes->id = 0; - } -} - -static inline psa_key_lifetime_t psa_get_key_lifetime( - const psa_key_attributes_t *attributes) -{ - return( attributes->lifetime ); -} - -static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes, - psa_key_usage_t usage_flags) -{ - attributes->usage = usage_flags; -} - -static inline psa_key_usage_t psa_get_key_usage_flags( - const psa_key_attributes_t *attributes) -{ - return( attributes->usage ); -} - -static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes, - psa_algorithm_t alg) -{ - attributes->alg = alg; -} - -static inline psa_algorithm_t psa_get_key_algorithm( - const psa_key_attributes_t *attributes) -{ - return( attributes->alg ); -} - -static inline void psa_set_key_type(psa_key_attributes_t *attributes, - psa_key_type_t type) -{ - attributes->type = type; -} - -static inline psa_key_type_t psa_get_key_type( - const psa_key_attributes_t *attributes) -{ - return( attributes->type ); -} - -static inline void psa_set_key_bits(psa_key_attributes_t *attributes, - size_t bits) -{ - if( bits > PSA_MAX_KEY_BITS ) - attributes->bits = PSA_KEY_BITS_TOO_LARGE; - else - attributes->bits = bits; -} - -static inline size_t psa_get_key_bits( - const psa_key_attributes_t *attributes) -{ - return( attributes->bits ); -} - -#ifdef __cplusplus -} -#endif - -#endif /* PSA_CRYPTO_STRUCT_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_types.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_types.h deleted file mode 100644 index 6ac95a8..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_types.h +++ /dev/null @@ -1,317 +0,0 @@ -/* - * Copyright (c) 2018-2020, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -/** - * \file psa/crypto_types.h - * - * \brief PSA cryptography module: type aliases. - * - * \note This file may not be included directly. Applications must - * include psa/crypto.h. Drivers must include the appropriate driver - * header file. - * - * This file contains portable definitions of integral types for properties - * of cryptographic keys, designations of cryptographic algorithms, and - * error codes returned by the library. - * - * This header file does not declare any function. - */ - -#ifndef PSA_CRYPTO_TYPES_H -#define PSA_CRYPTO_TYPES_H - -#include - -/** \defgroup error Error codes - * @{ - */ - -/** - * \brief Function return status. - * - * This is either #PSA_SUCCESS (which is zero), indicating success, - * or a small negative value indicating that an error occurred. Errors are - * encoded as one of the \c PSA_ERROR_xxx values defined here. */ -/* If #PSA_SUCCESS is already defined, it means that #psa_status_t - * is also defined in an external header, so prevent its multiple - * definition. - */ -#ifndef PSA_SUCCESS -typedef int32_t psa_status_t; -#endif - -/**@}*/ - -/** \defgroup crypto_types Key and algorithm types - * @{ - */ - -/* Integral type representing a key handle. */ -typedef uint16_t psa_key_handle_t; - - -/** \brief Encoding of a key type. - */ -typedef uint32_t psa_key_type_t; - -/** The type of PSA elliptic curve identifiers. - * - * The curve identifier is required to create an ECC key using the - * PSA_KEY_TYPE_ECC_KEY_PAIR() or PSA_KEY_TYPE_ECC_PUBLIC_KEY() - * macros. - * - * The encoding of curve identifiers is taken from the - * TLS Supported Groups Registry (formerly known as the - * TLS EC Named Curve Registry) - * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 - * - * This specification defines identifiers for some of the curves in the IANA - * registry. Implementations that support other curves that are in the IANA - * registry should use the IANA value and a implementation-specific identifier. - * Implemenations that support non-IANA curves should use one of the following - * approaches for allocating a key type: - * - * 1. Select a ::psa_ecc_curve_t value in the range #PSA_ECC_CURVE_VENDOR_MIN to - * #PSA_ECC_CURVE_VENDOR_MAX, which is a subset of the IANA private use - * range. - * 2. Use a ::psa_key_type_t value that is vendor-defined. - * - * The first option is recommended. - */ -typedef uint16_t psa_ecc_curve_t; - -/** The type of PSA Diffie-Hellman group identifiers. - * - * The group identifier is required to create an Diffie-Hellman key using the - * PSA_KEY_TYPE_DH_KEY_PAIR() or PSA_KEY_TYPE_DH_PUBLIC_KEY() - * macros. - * - * The encoding of group identifiers is taken from the - * TLS Supported Groups Registry (formerly known as the - * TLS EC Named Curve Registry) - * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 - * - * This specification defines identifiers for some of the groups in the IANA - * registry. Implementations that support other groups that are in the IANA - * registry should use the IANA value and a implementation-specific identifier. - * Implemenations that support non-IANA groups should use one of the following - * approaches for allocating a key type: - * - * 1. Select a ::psa_dh_group_t value in the range #PSA_DH_GROUP_VENDOR_MIN to - * #PSA_DH_GROUP_VENDOR_MAX, which is a subset of the IANA private use - * range. - * 2. Select a ::psa_dh_group_t value from the named groups allocated for - * GREASE in the IETF draft specification. The GREASE specification and - * values are listed below. - * 3. Use a ::psa_key_type_t value that is vendor-defined. - * - * Option 1 or 2 are recommended. - * - * The current draft of the GREASE specification is - * https://datatracker.ietf.org/doc/draft-ietf-tls-grease - * - * The following GREASE values are allocated for named groups: - * \code - * 0x0A0A - * 0x1A1A - * 0x2A2A - * 0x3A3A - * 0x4A4A - * 0x5A5A - * 0x6A6A - * 0x7A7A - * 0x8A8A - * 0x9A9A - * 0xAAAA - * 0xBABA - * 0xCACA - * 0xDADA - * 0xEAEA - * 0xFAFA - * \endcode - */ -typedef uint16_t psa_dh_group_t; - -/** \brief Encoding of a cryptographic algorithm. - * - * For algorithms that can be applied to multiple key types, this type - * does not encode the key type. For example, for symmetric ciphers - * based on a block cipher, #psa_algorithm_t encodes the block cipher - * mode and the padding mode while the block cipher itself is encoded - * via #psa_key_type_t. - */ -typedef uint32_t psa_algorithm_t; - -/**@}*/ - -/** \defgroup key_lifetimes Key lifetimes - * @{ - */ - -/** Encoding of key lifetimes. - * - * The lifetime of a key indicates where it is stored and what system actions - * may create and destroy it. - * - * Keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE are automatically - * destroyed when the application terminates or on a power reset. - * - * Keys with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE are said - * to be _persistent_. - * Persistent keys are preserved if the application or the system restarts. - * Persistent keys have a key identifier of type #psa_key_id_t. - * The application can call psa_open_key() to open a persistent key that - * it created previously. - */ -typedef uint32_t psa_key_lifetime_t; - -/** Encoding of identifiers of persistent keys. - * - * - Applications may freely choose key identifiers in the range - * #PSA_KEY_ID_USER_MIN to #PSA_KEY_ID_USER_MAX. - * - Implementations may define additional key identifiers in the range - * #PSA_KEY_ID_VENDOR_MIN to #PSA_KEY_ID_VENDOR_MAX. - * - 0 is reserved as an invalid key identifier. - * - Key identifiers outside these ranges are reserved for future use. - */ -typedef uint32_t psa_key_id_t; -#define PSA_KEY_ID_INIT 0 - -/**@}*/ - -/** \defgroup policy Key policies - * @{ - */ - -/** \brief Encoding of permitted usage on a key. */ -typedef uint32_t psa_key_usage_t; - -/**@}*/ - -/** \defgroup attributes Key attributes - * @{ - */ - -/** The type of a structure containing key attributes. - * - * This is an opaque structure that can represent the metadata of a key - * object. Metadata that can be stored in attributes includes: - * - The location of the key in storage, indicated by its key identifier - * and its lifetime. - * - The key's policy, comprising usage flags and a specification of - * the permitted algorithm(s). - * - Information about the key itself: the key type and its size. - * - Implementations may define additional attributes. - * - * The actual key material is not considered an attribute of a key. - * Key attributes do not contain information that is generally considered - * highly confidential. - * - * An attribute structure can be a simple data structure where each function - * `psa_set_key_xxx` sets a field and the corresponding function - * `psa_get_key_xxx` retrieves the value of the corresponding field. - * However, implementations may report values that are equivalent to the - * original one, but have a different encoding. For example, an - * implementation may use a more compact representation for types where - * many bit-patterns are invalid or not supported, and store all values - * that it does not support as a special marker value. In such an - * implementation, after setting an invalid value, the corresponding - * get function returns an invalid value which may not be the one that - * was originally stored. - * - * An attribute structure may contain references to auxiliary resources, - * for example pointers to allocated memory or indirect references to - * pre-calculated values. In order to free such resources, the application - * must call psa_reset_key_attributes(). As an exception, calling - * psa_reset_key_attributes() on an attribute structure is optional if - * the structure has only been modified by the following functions - * since it was initialized or last reset with psa_reset_key_attributes(): - * - psa_set_key_id() - * - psa_set_key_lifetime() - * - psa_set_key_type() - * - psa_set_key_bits() - * - psa_set_key_usage_flags() - * - psa_set_key_algorithm() - * - * Before calling any function on a key attribute structure, the application - * must initialize it by any of the following means: - * - Set the structure to all-bits-zero, for example: - * \code - * psa_key_attributes_t attributes; - * memset(&attributes, 0, sizeof(attributes)); - * \endcode - * - Initialize the structure to logical zero values, for example: - * \code - * psa_key_attributes_t attributes = {0}; - * \endcode - * - Initialize the structure to the initializer #PSA_KEY_ATTRIBUTES_INIT, - * for example: - * \code - * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - * \endcode - * - Assign the result of the function psa_key_attributes_init() - * to the structure, for example: - * \code - * psa_key_attributes_t attributes; - * attributes = psa_key_attributes_init(); - * \endcode - * - * A freshly initialized attribute structure contains the following - * values: - * - * - lifetime: #PSA_KEY_LIFETIME_VOLATILE. - * - key identifier: 0 (which is not a valid key identifier). - * - type: \c 0 (meaning that the type is unspecified). - * - key size: \c 0 (meaning that the size is unspecified). - * - usage flags: \c 0 (which allows no usage except exporting a public key). - * - algorithm: \c 0 (which allows no cryptographic usage, but allows - * exporting). - * - * A typical sequence to create a key is as follows: - * -# Create and initialize an attribute structure. - * -# If the key is persistent, call psa_set_key_id(). - * Also call psa_set_key_lifetime() to place the key in a non-default - * location. - * -# Set the key policy with psa_set_key_usage_flags() and - * psa_set_key_algorithm(). - * -# Set the key type with psa_set_key_type(). - * Skip this step if copying an existing key with psa_copy_key(). - * -# When generating a random key with psa_generate_key() or deriving a key - * with psa_key_derivation_output_key(), set the desired key size with - * psa_set_key_bits(). - * -# Call a key creation function: psa_import_key(), psa_generate_key(), - * psa_key_derivation_output_key() or psa_copy_key(). This function reads - * the attribute structure, creates a key with these attributes, and - * outputs a handle to the newly created key. - * -# The attribute structure is now no longer necessary. - * You may call psa_reset_key_attributes(), although this is optional - * with the workflow presented here because the attributes currently - * defined in this specification do not require any additional resources - * beyond the structure itself. - * - * A typical sequence to query a key's attributes is as follows: - * -# Call psa_get_key_attributes(). - * -# Call `psa_get_key_xxx` functions to retrieve the attribute(s) that - * you are interested in. - * -# Call psa_reset_key_attributes() to free any resources that may be - * used by the attribute structure. - * - * Once a key has been created, it is impossible to change its attributes. - */ -typedef struct psa_client_key_attributes_s psa_key_attributes_t; - -/**@}*/ - -/** \defgroup derivation Key derivation - * @{ - */ - -/** \brief Encoding of the step of a key derivation. */ -typedef uint16_t psa_key_derivation_step_t; - -/**@}*/ - -#endif /* PSA_CRYPTO_TYPES_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_values.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_values.h deleted file mode 100644 index e21ef27..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/crypto_values.h +++ /dev/null @@ -1,1701 +0,0 @@ -/* - * Copyright (c) 2018-2020, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -/** - * \file psa/crypto_values.h - * - * \brief PSA cryptography module: macros to build and analyze integer values. - * - * \note This file may not be included directly. Applications must - * include psa/crypto.h. Drivers must include the appropriate driver - * header file. - * - * This file contains portable definitions of macros to build and analyze - * values of integral types that encode properties of cryptographic keys, - * designations of cryptographic algorithms, and error codes returned by - * the library. - * - * This header file only defines preprocessor macros. - */ - -#ifndef PSA_CRYPTO_VALUES_H -#define PSA_CRYPTO_VALUES_H - -/** \defgroup error Error codes - * @{ - */ - -/* PSA error codes */ - -/** The action was completed successfully. */ -#ifndef PSA_SUCCESS -#define PSA_SUCCESS ((psa_status_t)0) -#endif - -/** An error occurred that does not correspond to any defined - * failure cause. - * - * Implementations may use this error code if none of the other standard - * error codes are applicable. */ -#define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132) - -/** The requested operation or a parameter is not supported - * by this implementation. - * - * Implementations should return this error code when an enumeration - * parameter such as a key type, algorithm, etc. is not recognized. - * If a combination of parameters is recognized and identified as - * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */ -#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134) - -/** The requested action is denied by a policy. - * - * Implementations should return this error code when the parameters - * are recognized as valid and supported, and a policy explicitly - * denies the requested operation. - * - * If a subset of the parameters of a function call identify a - * forbidden operation, and another subset of the parameters are - * not valid or not supported, it is unspecified whether the function - * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or - * #PSA_ERROR_INVALID_ARGUMENT. */ -#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133) - -/** An output buffer is too small. - * - * Applications can call the \c PSA_xxx_SIZE macro listed in the function - * description to determine a sufficient buffer size. - * - * Implementations should preferably return this error code only - * in cases when performing the operation with a larger output - * buffer would succeed. However implementations may return this - * error if a function has invalid or unsupported parameters in addition - * to the parameters that determine the necessary output buffer size. */ -#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138) - -/** Asking for an item that already exists - * - * Implementations should return this error, when attempting - * to write an item (like a key) that already exists. */ -#define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139) - -/** Asking for an item that doesn't exist - * - * Implementations should return this error, if a requested item (like - * a key) does not exist. */ -#define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140) - -/** The requested action cannot be performed in the current state. - * - * Multipart operations return this error when one of the - * functions is called out of sequence. Refer to the function - * descriptions for permitted sequencing of functions. - * - * Implementations shall not return this error code to indicate - * that a key either exists or not, - * but shall instead return #PSA_ERROR_ALREADY_EXISTS or #PSA_ERROR_DOES_NOT_EXIST - * as applicable. - * - * Implementations shall not return this error code to indicate that a - * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE - * instead. */ -#define PSA_ERROR_BAD_STATE ((psa_status_t)-137) - -/** The parameters passed to the function are invalid. - * - * Implementations may return this error any time a parameter or - * combination of parameters are recognized as invalid. - * - * Implementations shall not return this error code to indicate that a - * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE - * instead. - */ -#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135) - -/** There is not enough runtime memory. - * - * If the action is carried out across multiple security realms, this - * error can refer to available memory in any of the security realms. */ -#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141) - -/** There is not enough persistent storage. - * - * Functions that modify the key storage return this error code if - * there is insufficient storage space on the host media. In addition, - * many functions that do not otherwise access storage may return this - * error code if the implementation requires a mandatory log entry for - * the requested action and the log storage space is full. */ -#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142) - -/** There was a communication failure inside the implementation. - * - * This can indicate a communication failure between the application - * and an external cryptoprocessor or between the cryptoprocessor and - * an external volatile or persistent memory. A communication failure - * may be transient or permanent depending on the cause. - * - * \warning If a function returns this error, it is undetermined - * whether the requested action has completed or not. Implementations - * should return #PSA_SUCCESS on successful completion whenever - * possible, however functions may return #PSA_ERROR_COMMUNICATION_FAILURE - * if the requested action was completed successfully in an external - * cryptoprocessor but there was a breakdown of communication before - * the cryptoprocessor could report the status to the application. - */ -#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145) - -/** There was a storage failure that may have led to data loss. - * - * This error indicates that some persistent storage is corrupted. - * It should not be used for a corruption of volatile memory - * (use #PSA_ERROR_CORRUPTION_DETECTED), for a communication error - * between the cryptoprocessor and its external storage (use - * #PSA_ERROR_COMMUNICATION_FAILURE), or when the storage is - * in a valid state but is full (use #PSA_ERROR_INSUFFICIENT_STORAGE). - * - * Note that a storage failure does not indicate that any data that was - * previously read is invalid. However this previously read data may no - * longer be readable from storage. - * - * When a storage failure occurs, it is no longer possible to ensure - * the global integrity of the keystore. Depending on the global - * integrity guarantees offered by the implementation, access to other - * data may or may not fail even if the data is still readable but - * its integrity cannot be guaranteed. - * - * Implementations should only use this error code to report a - * permanent storage corruption. However application writers should - * keep in mind that transient errors while reading the storage may be - * reported using this error code. */ -#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146) - -/** A hardware failure was detected. - * - * A hardware failure may be transient or permanent depending on the - * cause. */ -#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147) - -/** A tampering attempt was detected. - * - * If an application receives this error code, there is no guarantee - * that previously accessed or computed data was correct and remains - * confidential. Applications should not perform any security function - * and should enter a safe failure state. - * - * Implementations may return this error code if they detect an invalid - * state that cannot happen during normal operation and that indicates - * that the implementation's security guarantees no longer hold. Depending - * on the implementation architecture and on its security and safety goals, - * the implementation may forcibly terminate the application. - * - * This error code is intended as a last resort when a security breach - * is detected and it is unsure whether the keystore data is still - * protected. Implementations shall only return this error code - * to report an alarm from a tampering detector, to indicate that - * the confidentiality of stored data can no longer be guaranteed, - * or to indicate that the integrity of previously returned data is now - * considered compromised. Implementations shall not use this error code - * to indicate a hardware failure that merely makes it impossible to - * perform the requested operation (use #PSA_ERROR_COMMUNICATION_FAILURE, - * #PSA_ERROR_STORAGE_FAILURE, #PSA_ERROR_HARDWARE_FAILURE, - * #PSA_ERROR_INSUFFICIENT_ENTROPY or other applicable error code - * instead). - * - * This error indicates an attack against the application. Implementations - * shall not return this error code as a consequence of the behavior of - * the application itself. */ -#define PSA_ERROR_CORRUPTION_DETECTED ((psa_status_t)-151) - -/** There is not enough entropy to generate random data needed - * for the requested action. - * - * This error indicates a failure of a hardware random generator. - * Application writers should note that this error can be returned not - * only by functions whose purpose is to generate random data, such - * as key, IV or nonce generation, but also by functions that execute - * an algorithm with a randomized result, as well as functions that - * use randomization of intermediate computations as a countermeasure - * to certain attacks. - * - * Implementations should avoid returning this error after psa_crypto_init() - * has succeeded. Implementations should generate sufficient - * entropy during initialization and subsequently use a cryptographically - * secure pseudorandom generator (PRNG). However implementations may return - * this error at any time if a policy requires the PRNG to be reseeded - * during normal operation. */ -#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)-148) - -/** The signature, MAC or hash is incorrect. - * - * Verification functions return this error if the verification - * calculations completed successfully, and the value to be verified - * was determined to be incorrect. - * - * If the value to verify has an invalid size, implementations may return - * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */ -#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) - -/** The decrypted padding is incorrect. - * - * \warning In some protocols, when decrypting data, it is essential that - * the behavior of the application does not depend on whether the padding - * is correct, down to precise timing. Applications should prefer - * protocols that use authenticated encryption rather than plain - * encryption. If the application must perform a decryption of - * unauthenticated data, the application writer should take care not - * to reveal whether the padding is invalid. - * - * Implementations should strive to make valid and invalid padding - * as close as possible to indistinguishable to an external observer. - * In particular, the timing of a decryption operation should not - * depend on the validity of the padding. */ -#define PSA_ERROR_INVALID_PADDING ((psa_status_t)-150) - -/** Return this error when there's insufficient data when attempting - * to read from a resource. */ -#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143) - -/** The key handle is not valid. See also :ref:\`key-handles\`. - */ -#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136) - -/**@}*/ - -/** \defgroup crypto_types Key and algorithm types - * @{ - */ - -/** An invalid key type value. - * - * Zero is not the encoding of any key type. - */ -#define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x00000000) - -/** Vendor-defined key type flag. - * - * Key types defined by this standard will never have the - * #PSA_KEY_TYPE_VENDOR_FLAG bit set. Vendors who define additional key types - * must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should - * respect the bitwise structure used by standard encodings whenever practical. - */ -#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000) - -#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x70000000) -#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x40000000) -#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x50000000) -#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x60000000) -#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x70000000) - -#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x10000000) - -/** Whether a key type is vendor-defined. - * - * See also #PSA_KEY_TYPE_VENDOR_FLAG. - */ -#define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \ - (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0) - -/** Whether a key type is an unstructured array of bytes. - * - * This encompasses both symmetric keys and non-key data. - */ -#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \ - (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \ - PSA_KEY_TYPE_CATEGORY_SYMMETRIC) - -/** Whether a key type is asymmetric: either a key pair or a public key. */ -#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \ - (((type) & PSA_KEY_TYPE_CATEGORY_MASK \ - & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \ - PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) -/** Whether a key type is the public part of a key pair. */ -#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \ - (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) -/** Whether a key type is a key pair containing a private part and a public - * part. */ -#define PSA_KEY_TYPE_IS_KEY_PAIR(type) \ - (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR) -/** The key pair type corresponding to a public key type. - * - * You may also pass a key pair type as \p type, it will be left unchanged. - * - * \param type A public key type or key pair type. - * - * \return The corresponding key pair type. - * If \p type is not a public key or a key pair, - * the return value is undefined. - */ -#define PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type) \ - ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) -/** The public key type corresponding to a key pair type. - * - * You may also pass a key pair type as \p type, it will be left unchanged. - * - * \param type A public key type or key pair type. - * - * \return The corresponding public key type. - * If \p type is not a public key or a key pair, - * the return value is undefined. - */ -#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) \ - ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) - -/** Raw data. - * - * A "key" of this type cannot be used for any cryptographic operation. - * Applications may use this type to store arbitrary data in the keystore. */ -#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x50000001) - -/** HMAC key. - * - * The key policy determines which underlying hash algorithm the key can be - * used for. - * - * HMAC keys should generally have the same size as the underlying hash. - * This size can be calculated with #PSA_HASH_SIZE(\c alg) where - * \c alg is the HMAC algorithm or the underlying hash algorithm. */ -#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x51000000) - -/** A secret for key derivation. - * - * The key policy determines which key derivation algorithm the key - * can be used for. - */ -#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x52000000) - -/** Key for a cipher, AEAD or MAC algorithm based on the AES block cipher. - * - * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or - * 32 bytes (AES-256). - */ -#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x40000001) - -/** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES). - * - * The size of the key can be 8 bytes (single DES), 16 bytes (2-key 3DES) or - * 24 bytes (3-key 3DES). - * - * Note that single DES and 2-key 3DES are weak and strongly - * deprecated and should only be used to decrypt legacy data. 3-key 3DES - * is weak and deprecated and should only be used in legacy protocols. - */ -#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x40000002) - -/** Key for a cipher, AEAD or MAC algorithm based on the - * Camellia block cipher. */ -#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x40000003) - -/** Key for the RC4 stream cipher. - * - * Note that RC4 is weak and deprecated and should only be used in - * legacy protocols. */ -#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x40000004) - -/** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm. - * - * ChaCha20 and the ChaCha20_Poly1305 construction are defined in RFC 7539. - * - * Implementations must support 12-byte nonces, may support 8-byte nonces, - * and should reject other sizes. - */ -#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x40000005) - -/** RSA public key. */ -#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000) -/** RSA key pair (private and public key). */ -#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x70010000) -/** Whether a key type is an RSA key (pair or public-only). */ -#define PSA_KEY_TYPE_IS_RSA(type) \ - (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) - -#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000) -#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x70030000) -#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) -/** Elliptic curve key pair. - * - * \param curve A value of type ::psa_ecc_curve_t that identifies the - * ECC curve to be used. - */ -#define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) \ - (PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve)) -/** Elliptic curve public key. - * - * \param curve A value of type ::psa_ecc_curve_t that identifies the - * ECC curve to be used. - */ -#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \ - (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve)) - -/** Whether a key type is an elliptic curve key (pair or public-only). */ -#define PSA_KEY_TYPE_IS_ECC(type) \ - ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \ - ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) -/** Whether a key type is an elliptic curve key pair. */ -#define PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type) \ - (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ - PSA_KEY_TYPE_ECC_KEY_PAIR_BASE) -/** Whether a key type is an elliptic curve public key. */ -#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \ - (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ - PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) - -/** Extract the curve from an elliptic curve key type. */ -#define PSA_KEY_TYPE_GET_CURVE(type) \ - ((psa_ecc_curve_t) (PSA_KEY_TYPE_IS_ECC(type) ? \ - ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \ - 0)) - -/* The encoding of curve identifiers is currently aligned with the - * TLS Supported Groups Registry (formerly known as the - * TLS EC Named Curve Registry) - * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 - * The values are defined by RFC 8422 and RFC 7027. */ -#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x0001) -#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x0002) -#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x0003) -#define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t) 0x0004) -#define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t) 0x0005) -#define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t) 0x0006) -#define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t) 0x0007) -#define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t) 0x0008) -#define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t) 0x0009) -#define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t) 0x000a) -#define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t) 0x000b) -#define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t) 0x000c) -#define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t) 0x000d) -#define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t) 0x000e) -#define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x000f) -#define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t) 0x0010) -#define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t) 0x0011) -#define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x0012) -#define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t) 0x0013) -#define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x0014) -#define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t) 0x0015) -#define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t) 0x0016) -#define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t) 0x0017) -#define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t) 0x0018) -#define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t) 0x0019) -#define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x001a) -#define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x001b) -#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c) -/** Curve25519. - * - * This is the curve defined in Bernstein et al., - * _Curve25519: new Diffie-Hellman speed records_, LNCS 3958, 2006. - * The algorithm #PSA_ALG_ECDH performs X25519 when used with this curve. - */ -#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d) -/** Curve448 - * - * This is the curve defined in Hamburg, - * _Ed448-Goldilocks, a new elliptic curve_, NIST ECC Workshop, 2015. - * The algorithm #PSA_ALG_ECDH performs X448 when used with this curve. - */ -#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e) - -/** Minimum value for a vendor-defined ECC curve identifier - * - * The range for vendor-defined curve identifiers is a subset of the IANA - * registry private use range, `0xfe00` - `0xfeff`. - */ -#define PSA_ECC_CURVE_VENDOR_MIN ((psa_ecc_curve_t) 0xfe00) -/** Maximum value for a vendor-defined ECC curve identifier - * - * The range for vendor-defined curve identifiers is a subset of the IANA - * registry private use range, `0xfe00` - `0xfeff`. - */ -#define PSA_ECC_CURVE_VENDOR_MAX ((psa_ecc_curve_t) 0xfe7f) - -#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x60040000) -#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x70040000) -#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x0000ffff) -/** Diffie-Hellman key pair. - * - * \param group A value of type ::psa_dh_group_t that identifies the - * Diffie-Hellman group to be used. - */ -#define PSA_KEY_TYPE_DH_KEY_PAIR(group) \ - (PSA_KEY_TYPE_DH_KEY_PAIR_BASE | (group)) -/** Diffie-Hellman public key. - * - * \param group A value of type ::psa_dh_group_t that identifies the - * Diffie-Hellman group to be used. - */ -#define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \ - (PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE | (group)) - -/** Whether a key type is a Diffie-Hellman key (pair or public-only). */ -#define PSA_KEY_TYPE_IS_DH(type) \ - ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \ - ~PSA_KEY_TYPE_DH_GROUP_MASK) == PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE) -/** Whether a key type is a Diffie-Hellman key pair. */ -#define PSA_KEY_TYPE_IS_DH_KEY_PAIR(type) \ - (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \ - PSA_KEY_TYPE_DH_KEY_PAIR_BASE) -/** Whether a key type is a Diffie-Hellman public key. */ -#define PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) \ - (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \ - PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE) - -/** Extract the group from a Diffie-Hellman key type. */ -#define PSA_KEY_TYPE_GET_GROUP(type) \ - ((psa_dh_group_t) (PSA_KEY_TYPE_IS_DH(type) ? \ - ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \ - 0)) - -/* The encoding of group identifiers is currently aligned with the - * TLS Supported Groups Registry (formerly known as the - * TLS EC Named Curve Registry) - * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 - * The values are defined by RFC 7919. */ -#define PSA_DH_GROUP_FFDHE2048 ((psa_dh_group_t) 0x0100) -#define PSA_DH_GROUP_FFDHE3072 ((psa_dh_group_t) 0x0101) -#define PSA_DH_GROUP_FFDHE4096 ((psa_dh_group_t) 0x0102) -#define PSA_DH_GROUP_FFDHE6144 ((psa_dh_group_t) 0x0103) -#define PSA_DH_GROUP_FFDHE8192 ((psa_dh_group_t) 0x0104) - -/** Minimum value for a vendor-defined Diffie Hellman group identifier - * - * The range for vendor-defined group identifiers is a subset of the IANA - * registry private use range, `0x01fc` - `0x01ff`. - */ -#define PSA_DH_GROUP_VENDOR_MIN ((psa_dh_group_t) 0x01fc) -/** Maximum value for a vendor-defined Diffie Hellman group identifier - * - * The range for vendor-defined group identifiers is a subset of the IANA - * registry private use range, `0x01fc` - `0x01ff`. - */ -#define PSA_DH_GROUP_VENDOR_MAX ((psa_dh_group_t) 0x01fd) - -/** The block size of a block cipher. - * - * \param type A cipher key type (value of type #psa_key_type_t). - * - * \return The block size for a block cipher, or 1 for a stream cipher. - * The return value is undefined if \p type is not a supported - * cipher key type. - * - * \note It is possible to build stream cipher algorithms on top of a block - * cipher, for example CTR mode (#PSA_ALG_CTR). - * This macro only takes the key type into account, so it cannot be - * used to determine the size of the data that #psa_cipher_update() - * might buffer for future processing in general. - * - * \note This macro returns a compile-time constant if its argument is one. - * - * \warning This macro may evaluate its argument multiple times. - */ -#define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \ - ( \ - (type) == PSA_KEY_TYPE_AES ? 16 : \ - (type) == PSA_KEY_TYPE_DES ? 8 : \ - (type) == PSA_KEY_TYPE_CAMELLIA ? 16 : \ - (type) == PSA_KEY_TYPE_ARC4 ? 1 : \ - (type) == PSA_KEY_TYPE_CHACHA20 ? 1 : \ - 0) - -/** Vendor-defined algorithm flag. - * - * Algorithms defined by this standard will never have the #PSA_ALG_VENDOR_FLAG - * bit set. Vendors who define additional algorithms must use an encoding with - * the #PSA_ALG_VENDOR_FLAG bit set and should respect the bitwise structure - * used by standard encodings whenever practical. - */ -#define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000) - -#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000) -#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000) -#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x02000000) -#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000) -#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x06000000) -#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x10000000) -#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000) -#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x20000000) -#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x30000000) - -/** Whether an algorithm is vendor-defined. - * - * See also #PSA_ALG_VENDOR_FLAG. - */ -#define PSA_ALG_IS_VENDOR_DEFINED(alg) \ - (((alg) & PSA_ALG_VENDOR_FLAG) != 0) - -/** Whether the specified algorithm is a hash algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a hash algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_HASH(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH) - -/** Whether the specified algorithm is a MAC algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a MAC algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_MAC(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC) - -/** Whether the specified algorithm is a symmetric cipher algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a symmetric cipher algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_CIPHER(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER) - -/** Whether the specified algorithm is an authenticated encryption - * with associated data (AEAD) algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is an AEAD algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_AEAD(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD) - -/** Whether the specified algorithm is a public-key signature algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a public-key signature algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_SIGN(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN) - -/** Whether the specified algorithm is a public-key encryption algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a public-key encryption algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION) - -/** Whether the specified algorithm is a key agreement algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a key agreement algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_KEY_AGREEMENT(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT) - -/** Whether the specified algorithm is a key derivation algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a key derivation algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_KEY_DERIVATION(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION) - -#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) -/** MD2 */ -#define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001) -/** MD4 */ -#define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002) -/** MD5 */ -#define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003) -/** PSA_ALG_RIPEMD160 */ -#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004) -/** SHA1 */ -#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005) -/** SHA2-224 */ -#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008) -/** SHA2-256 */ -#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009) -/** SHA2-384 */ -#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a) -/** SHA2-512 */ -#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b) -/** SHA2-512/224 */ -#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c) -/** SHA2-512/256 */ -#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d) -/** SHA3-224 */ -#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010) -/** SHA3-256 */ -#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011) -/** SHA3-384 */ -#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012) -/** SHA3-512 */ -#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013) - -/** In a hash-and-sign algorithm policy, allow any hash algorithm. - * - * This value may be used to form the algorithm usage field of a policy - * for a signature algorithm that is parametrized by a hash. The key - * may then be used to perform operations using the same signature - * algorithm parametrized with any supported hash. - * - * That is, suppose that `PSA_xxx_SIGNATURE` is one of the following macros: - * - #PSA_ALG_RSA_PKCS1V15_SIGN, #PSA_ALG_RSA_PSS, - * - #PSA_ALG_ECDSA, #PSA_ALG_DETERMINISTIC_ECDSA. - * Then you may create and use a key as follows: - * - Set the key usage field using #PSA_ALG_ANY_HASH, for example: - * ``` - * psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); // or VERIFY - * psa_set_key_algorithm(&attributes, PSA_xxx_SIGNATURE(PSA_ALG_ANY_HASH)); - * ``` - * - Import or generate key material. - * - Call psa_sign_hash() or psa_verify_hash(), passing - * an algorithm built from `PSA_xxx_SIGNATURE` and a specific hash. Each - * call to sign or verify a message may use a different hash. - * ``` - * psa_sign_hash(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_256), ...); - * psa_sign_hash(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_512), ...); - * psa_sign_hash(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA3_256), ...); - * ``` - * - * This value may not be used to build other algorithms that are - * parametrized over a hash. For any valid use of this macro to build - * an algorithm \c alg, #PSA_ALG_IS_HASH_AND_SIGN(\c alg) is true. - * - * This value may not be used to build an algorithm specification to - * perform an operation. It is only valid to build policies. - */ -#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x010000ff) - -#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) -#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000) -/** Macro to build an HMAC algorithm. - * - * For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256. - * - * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true). - * - * \return The corresponding HMAC algorithm. - * \return Unspecified if \p hash_alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_HMAC(hash_alg) \ - (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) - -#define PSA_ALG_HMAC_GET_HASH(hmac_alg) \ - (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK)) - -/** Whether the specified algorithm is an HMAC algorithm. - * - * HMAC is a family of MAC algorithms that are based on a hash function. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is an HMAC algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_HMAC(alg) \ - (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ - PSA_ALG_HMAC_BASE) - -/* In the encoding of a MAC algorithm, the bits corresponding to - * PSA_ALG_MAC_TRUNCATION_MASK encode the length to which the MAC is - * truncated. As an exception, the value 0 means the untruncated algorithm, - * whatever its length is. The length is encoded in 6 bits, so it can - * reach up to 63; the largest MAC is 64 bytes so its trivial truncation - * to full length is correctly encoded as 0 and any non-trivial truncation - * is correctly encoded as a value between 1 and 63. */ -#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x00003f00) -#define PSA_MAC_TRUNCATION_OFFSET 8 - -/** Macro to build a truncated MAC algorithm. - * - * A truncated MAC algorithm is identical to the corresponding MAC - * algorithm except that the MAC value for the truncated algorithm - * consists of only the first \p mac_length bytes of the MAC value - * for the untruncated algorithm. - * - * \note This macro may allow constructing algorithm identifiers that - * are not valid, either because the specified length is larger - * than the untruncated MAC or because the specified length is - * smaller than permitted by the implementation. - * - * \note It is implementation-defined whether a truncated MAC that - * is truncated to the same length as the MAC of the untruncated - * algorithm is considered identical to the untruncated algorithm - * for policy comparison purposes. - * - * \param mac_alg A MAC algorithm identifier (value of type - * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) - * is true). This may be a truncated or untruncated - * MAC algorithm. - * \param mac_length Desired length of the truncated MAC in bytes. - * This must be at most the full length of the MAC - * and must be at least an implementation-specified - * minimum. The implementation-specified minimum - * shall not be zero. - * - * \return The corresponding MAC algorithm with the specified - * length. - * \return Unspecified if \p alg is not a supported - * MAC algorithm or if \p mac_length is too small or - * too large for the specified MAC algorithm. - */ -#define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \ - (((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) | \ - ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK)) - -/** Macro to build the base MAC algorithm corresponding to a truncated - * MAC algorithm. - * - * \param mac_alg A MAC algorithm identifier (value of type - * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) - * is true). This may be a truncated or untruncated - * MAC algorithm. - * - * \return The corresponding base MAC algorithm. - * \return Unspecified if \p alg is not a supported - * MAC algorithm. - */ -#define PSA_ALG_FULL_LENGTH_MAC(mac_alg) \ - ((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) - -/** Length to which a MAC algorithm is truncated. - * - * \param mac_alg A MAC algorithm identifier (value of type - * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) - * is true). - * - * \return Length of the truncated MAC in bytes. - * \return 0 if \p alg is a non-truncated MAC algorithm. - * \return Unspecified if \p alg is not a supported - * MAC algorithm. - */ -#define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \ - (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET) - -#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000) -/** The CBC-MAC construction over a block cipher - * - * \warning CBC-MAC is insecure in many cases. - * A more secure mode, such as #PSA_ALG_CMAC, is recommended. - */ -#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001) -/** The CMAC construction over a block cipher */ -#define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002) - -/** Whether the specified algorithm is a MAC algorithm based on a block cipher. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a MAC algorithm based on a block cipher, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \ - (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ - PSA_ALG_CIPHER_MAC_BASE) - -#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000) -#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) - -/** Whether the specified algorithm is a stream cipher. - * - * A stream cipher is a symmetric cipher that encrypts or decrypts messages - * by applying a bitwise-xor with a stream of bytes that is generated - * from a key. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a stream cipher algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier or if it is not a symmetric cipher algorithm. - */ -#define PSA_ALG_IS_STREAM_CIPHER(alg) \ - (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \ - (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG)) - -/** The ARC4 stream cipher algorithm. - */ -#define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800001) - -/** The ChaCha20 stream cipher. - * - * ChaCha20 is defined in RFC 7539. - * - * The nonce size for psa_cipher_set_iv() or psa_cipher_generate_iv() - * must be 12. - * - * The initial block counter is always 0. - * - */ -#define PSA_ALG_CHACHA20 ((psa_algorithm_t)0x04800005) - -/** The CTR stream cipher mode. - * - * CTR is a stream cipher which is built from a block cipher. - * The underlying block cipher is determined by the key type. - * For example, to use AES-128-CTR, use this algorithm with - * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes). - */ -#define PSA_ALG_CTR ((psa_algorithm_t)0x04c00001) - -/** The CFB stream cipher mode. - * - * The underlying block cipher is determined by the key type. - */ -#define PSA_ALG_CFB ((psa_algorithm_t)0x04c00002) - -/** The OFB stream cipher mode. - * - * The underlying block cipher is determined by the key type. - */ -#define PSA_ALG_OFB ((psa_algorithm_t)0x04c00003) - -/** The XTS cipher mode. - * - * XTS is a cipher mode which is built from a block cipher. It requires at - * least one full block of input, but beyond this minimum the input - * does not need to be a whole number of blocks. - */ -#define PSA_ALG_XTS ((psa_algorithm_t)0x044000ff) - -/** The CBC block cipher chaining mode, with no padding. - * - * The underlying block cipher is determined by the key type. - * - * This symmetric cipher mode can only be used with messages whose lengths - * are whole number of blocks for the chosen block cipher. - */ -#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04600100) - -/** The CBC block cipher chaining mode with PKCS#7 padding. - * - * The underlying block cipher is determined by the key type. - * - * This is the padding method defined by PKCS#7 (RFC 2315) §10.3. - */ -#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04600101) - -#define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) - -/** Whether the specified algorithm is an AEAD mode on a block cipher. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is an AEAD algorithm which is an AEAD mode based on - * a block cipher, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) \ - (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) == \ - (PSA_ALG_CATEGORY_AEAD | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) - -/** The CCM authenticated encryption algorithm. - * - * The underlying block cipher is determined by the key type. - */ -#define PSA_ALG_CCM ((psa_algorithm_t)0x06401001) - -/** The GCM authenticated encryption algorithm. - * - * The underlying block cipher is determined by the key type. - */ -#define PSA_ALG_GCM ((psa_algorithm_t)0x06401002) - -/** The Chacha20-Poly1305 AEAD algorithm. - * - * The ChaCha20_Poly1305 construction is defined in RFC 7539. - * - * Implementations must support 12-byte nonces, may support 8-byte nonces, - * and should reject other sizes. - * - * Implementations must support 16-byte tags and should reject other sizes. - */ -#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x06001005) - -/* In the encoding of a AEAD algorithm, the bits corresponding to - * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag. - * The constants for default lengths follow this encoding. - */ -#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x00003f00) -#define PSA_AEAD_TAG_LENGTH_OFFSET 8 - -/** Macro to build a shortened AEAD algorithm. - * - * A shortened AEAD algorithm is similar to the corresponding AEAD - * algorithm, but has an authentication tag that consists of fewer bytes. - * Depending on the algorithm, the tag length may affect the calculation - * of the ciphertext. - * - * \param aead_alg An AEAD algorithm identifier (value of type - * #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p alg) - * is true). - * \param tag_length Desired length of the authentication tag in bytes. - * - * \return The corresponding AEAD algorithm with the specified - * length. - * \return Unspecified if \p alg is not a supported - * AEAD algorithm or if \p tag_length is not valid - * for the specified AEAD algorithm. - */ -#define PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, tag_length) \ - (((aead_alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) | \ - ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \ - PSA_ALG_AEAD_TAG_LENGTH_MASK)) - -/** Calculate the corresponding AEAD algorithm with the default tag length. - * - * \param aead_alg An AEAD algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * - * \return The corresponding AEAD algorithm with the default - * tag length for that algorithm. - */ -#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(aead_alg) \ - ( \ - PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_CCM) \ - PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_GCM) \ - PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_CHACHA20_POLY1305) \ - 0) -#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, ref) \ - PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, 0) == \ - PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ? \ - ref : - -#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x10020000) -/** RSA PKCS#1 v1.5 signature with hashing. - * - * This is the signature scheme defined by RFC 8017 - * (PKCS#1: RSA Cryptography Specifications) under the name - * RSASSA-PKCS1-v1_5. - * - * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true). - * This includes #PSA_ALG_ANY_HASH - * when specifying the algorithm in a usage policy. - * - * \return The corresponding RSA PKCS#1 v1.5 signature algorithm. - * \return Unspecified if \p hash_alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \ - (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -/** Raw PKCS#1 v1.5 signature. - * - * The input to this algorithm is the DigestInfo structure used by - * RFC 8017 (PKCS#1: RSA Cryptography Specifications), §9.2 - * steps 3–6. - */ -#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE -#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE) - -#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x10030000) -/** RSA PSS signature with hashing. - * - * This is the signature scheme defined by RFC 8017 - * (PKCS#1: RSA Cryptography Specifications) under the name - * RSASSA-PSS, with the message generation function MGF1, and with - * a salt length equal to the length of the hash. The specified - * hash algorithm is used to hash the input message, to create the - * salted hash, and for the mask generation. - * - * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true). - * This includes #PSA_ALG_ANY_HASH - * when specifying the algorithm in a usage policy. - * - * \return The corresponding RSA PSS signature algorithm. - * \return Unspecified if \p hash_alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_RSA_PSS(hash_alg) \ - (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_IS_RSA_PSS(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE) - -#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000) -/** ECDSA signature with hashing. - * - * This is the ECDSA signature scheme defined by ANSI X9.62, - * with a random per-message secret number (*k*). - * - * The representation of the signature as a byte string consists of - * the concatentation of the signature values *r* and *s*. Each of - * *r* and *s* is encoded as an *N*-octet string, where *N* is the length - * of the base point of the curve in octets. Each value is represented - * in big-endian order (most significant octet first). - * - * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true). - * This includes #PSA_ALG_ANY_HASH - * when specifying the algorithm in a usage policy. - * - * \return The corresponding ECDSA signature algorithm. - * \return Unspecified if \p hash_alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_ECDSA(hash_alg) \ - (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -/** ECDSA signature without hashing. - * - * This is the same signature scheme as #PSA_ALG_ECDSA(), but - * without specifying a hash algorithm. This algorithm may only be - * used to sign or verify a sequence of bytes that should be an - * already-calculated hash. Note that the input is padded with - * zeros on the left or truncated on the left as required to fit - * the curve size. - */ -#define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE -#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x10070000) -/** Deterministic ECDSA signature with hashing. - * - * This is the deterministic ECDSA signature scheme defined by RFC 6979. - * - * The representation of a signature is the same as with #PSA_ALG_ECDSA(). - * - * Note that when this algorithm is used for verification, signatures - * made with randomized ECDSA (#PSA_ALG_ECDSA(\p hash_alg)) with the - * same private key are accepted. In other words, - * #PSA_ALG_DETERMINISTIC_ECDSA(\p hash_alg) differs from - * #PSA_ALG_ECDSA(\p hash_alg) only for signature, not for verification. - * - * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true). - * This includes #PSA_ALG_ANY_HASH - * when specifying the algorithm in a usage policy. - * - * \return The corresponding deterministic ECDSA signature - * algorithm. - * \return Unspecified if \p hash_alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \ - (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000) -#define PSA_ALG_IS_ECDSA(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \ - PSA_ALG_ECDSA_BASE) -#define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \ - (((alg) & PSA_ALG_ECDSA_DETERMINISTIC_FLAG) != 0) -#define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \ - (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) -#define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \ - (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) - -/** Whether the specified algorithm is a hash-and-sign algorithm. - * - * Hash-and-sign algorithms are public-key signature algorithms structured - * in two parts: first the calculation of a hash in a way that does not - * depend on the key, then the calculation of a signature from the - * hash value and the key. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a hash-and-sign algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_HASH_AND_SIGN(alg) \ - (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ - PSA_ALG_IS_ECDSA(alg)) - -/** Get the hash used by a hash-and-sign signature algorithm. - * - * A hash-and-sign algorithm is a signature algorithm which is - * composed of two phases: first a hashing phase which does not use - * the key and produces a hash of the input message, then a signing - * phase which only uses the hash and the key and not the message - * itself. - * - * \param alg A signature algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_SIGN(\p alg) is true). - * - * \return The underlying hash algorithm if \p alg is a hash-and-sign - * algorithm. - * \return 0 if \p alg is a signature algorithm that does not - * follow the hash-and-sign structure. - * \return Unspecified if \p alg is not a signature algorithm or - * if it is not supported by the implementation. - */ -#define PSA_ALG_SIGN_GET_HASH(alg) \ - (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \ - ((alg) & PSA_ALG_HASH_MASK) == 0 ? /*"raw" algorithm*/ 0 : \ - ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ - 0) - -/** RSA PKCS#1 v1.5 encryption. - */ -#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000) - -#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x12030000) -/** RSA OAEP encryption. - * - * This is the encryption scheme defined by RFC 8017 - * (PKCS#1: RSA Cryptography Specifications) under the name - * RSAES-OAEP, with the message generation function MGF1. - * - * \param hash_alg The hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true) to use - * for MGF1. - * - * \return The corresponding RSA OAEP signature algorithm. - * \return Unspecified if \p hash_alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_RSA_OAEP(hash_alg) \ - (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_IS_RSA_OAEP(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE) -#define PSA_ALG_RSA_OAEP_GET_HASH(alg) \ - (PSA_ALG_IS_RSA_OAEP(alg) ? \ - ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ - 0) - -#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x20000100) -/** Macro to build an HKDF algorithm. - * - * For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256. - * - * This key derivation algorithm uses the following inputs: - * - #PSA_KEY_DERIVATION_INPUT_SALT is the salt used in the "extract" step. - * It is optional; if omitted, the derivation uses an empty salt. - * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key used in the "extract" step. - * - #PSA_KEY_DERIVATION_INPUT_INFO is the info string used in the "expand" step. - * You must pass #PSA_KEY_DERIVATION_INPUT_SALT before #PSA_KEY_DERIVATION_INPUT_SECRET. - * You may pass #PSA_KEY_DERIVATION_INPUT_INFO at any time after steup and before - * starting to generate output. - * - * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true). - * - * \return The corresponding HKDF algorithm. - * \return Unspecified if \p hash_alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_HKDF(hash_alg) \ - (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -/** Whether the specified algorithm is an HKDF algorithm. - * - * HKDF is a family of key derivation algorithms that are based on a hash - * function and the HMAC construction. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \c alg is an HKDF algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported - * key derivation algorithm identifier. - */ -#define PSA_ALG_IS_HKDF(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE) -#define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \ - (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) - -#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x20000200) -/** Macro to build a TLS-1.2 PRF algorithm. - * - * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule, - * specified in Section 5 of RFC 5246. It is based on HMAC and can be - * used with either SHA-256 or SHA-384. - * - * This key derivation algorithm uses the following inputs, which must be - * passed in the order given here: - * - #PSA_KEY_DERIVATION_INPUT_SEED is the seed. - * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key. - * - #PSA_KEY_DERIVATION_INPUT_LABEL is the label. - * - * For the application to TLS-1.2 key expansion, the seed is the - * concatenation of ServerHello.Random + ClientHello.Random, - * and the label is "key expansion". - * - * For example, `PSA_ALG_TLS12_PRF(PSA_ALG_SHA256)` represents the - * TLS 1.2 PRF using HMAC-SHA-256. - * - * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true). - * - * \return The corresponding TLS-1.2 PRF algorithm. - * \return Unspecified if \p hash_alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_TLS12_PRF(hash_alg) \ - (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) - -/** Whether the specified algorithm is a TLS-1.2 PRF algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \c alg is a TLS-1.2 PRF algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported - * key derivation algorithm identifier. - */ -#define PSA_ALG_IS_TLS12_PRF(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE) -#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \ - (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) - -#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x20000300) -/** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm. - * - * In a pure-PSK handshake in TLS 1.2, the master secret is derived - * from the PreSharedKey (PSK) through the application of padding - * (RFC 4279, Section 2) and the TLS-1.2 PRF (RFC 5246, Section 5). - * The latter is based on HMAC and can be used with either SHA-256 - * or SHA-384. - * - * This key derivation algorithm uses the following inputs, which must be - * passed in the order given here: - * - #PSA_KEY_DERIVATION_INPUT_SEED is the seed. - * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key. - * - #PSA_KEY_DERIVATION_INPUT_LABEL is the label. - * - * For the application to TLS-1.2, the seed (which is - * forwarded to the TLS-1.2 PRF) is the concatenation of the - * ClientHello.Random + ServerHello.Random, - * and the label is "master secret" or "extended master secret". - * - * For example, `PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA256)` represents the - * TLS-1.2 PSK to MasterSecret derivation PRF using HMAC-SHA-256. - * - * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true). - * - * \return The corresponding TLS-1.2 PSK to MS algorithm. - * \return Unspecified if \p hash_alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \ - (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) - -/** Whether the specified algorithm is a TLS-1.2 PSK to MS algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \c alg is a TLS-1.2 PSK to MS algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported - * key derivation algorithm identifier. - */ -#define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE) -#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \ - (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) - -#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x0803ffff) -#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0x10fc0000) - -/** Macro to build a combined algorithm that chains a key agreement with - * a key derivation. - * - * \param ka_alg A key agreement algorithm (\c PSA_ALG_XXX value such - * that #PSA_ALG_IS_KEY_AGREEMENT(\p ka_alg) is true). - * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such - * that #PSA_ALG_IS_KEY_DERIVATION(\p kdf_alg) is true). - * - * \return The corresponding key agreement and derivation - * algorithm. - * \return Unspecified if \p ka_alg is not a supported - * key agreement algorithm or \p kdf_alg is not a - * supported key derivation algorithm. - */ -#define PSA_ALG_KEY_AGREEMENT(ka_alg, kdf_alg) \ - ((ka_alg) | (kdf_alg)) - -#define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \ - (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION) - -#define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \ - (((alg) & PSA_ALG_KEY_AGREEMENT_MASK) | PSA_ALG_CATEGORY_KEY_AGREEMENT) - -/** Whether the specified algorithm is a raw key agreement algorithm. - * - * A raw key agreement algorithm is one that does not specify - * a key derivation function. - * Usually, raw key agreement algorithms are constructed directly with - * a \c PSA_ALG_xxx macro while non-raw key agreement algorithms are - * constructed with PSA_ALG_KEY_AGREEMENT(). - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a raw key agreement algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_RAW_KEY_AGREEMENT(alg) \ - (PSA_ALG_IS_KEY_AGREEMENT(alg) && \ - PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) == PSA_ALG_CATEGORY_KEY_DERIVATION) - -#define PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT(alg) \ - ((PSA_ALG_IS_KEY_DERIVATION(alg) || PSA_ALG_IS_KEY_AGREEMENT(alg))) - -/** The finite-field Diffie-Hellman (DH) key agreement algorithm. - * - * The shared secret produced by key agreement is - * `g^{ab}` in big-endian format. - * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p` - * in bits. - */ -#define PSA_ALG_FFDH ((psa_algorithm_t)0x30100000) - -/** Whether the specified algorithm is a finite field Diffie-Hellman algorithm. - * - * This includes the raw finite field Diffie-Hellman algorithm as well as - * finite-field Diffie-Hellman followed by any supporter key derivation - * algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \c alg is a finite field Diffie-Hellman algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported - * key agreement algorithm identifier. - */ -#define PSA_ALG_IS_FFDH(alg) \ - (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH) - -/** The elliptic curve Diffie-Hellman (ECDH) key agreement algorithm. - * - * The shared secret produced by key agreement is the x-coordinate of - * the shared secret point. It is always `ceiling(m / 8)` bytes long where - * `m` is the bit size associated with the curve, i.e. the bit size of the - * order of the curve's coordinate field. When `m` is not a multiple of 8, - * the byte containing the most significant bit of the shared secret - * is padded with zero bits. The byte order is either little-endian - * or big-endian depending on the curve type. - * - * - For Montgomery curves (curve types `PSA_ECC_CURVE_CURVEXXX`), - * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` - * in little-endian byte order. - * The bit size is 448 for Curve448 and 255 for Curve25519. - * - For Weierstrass curves over prime fields (curve types - * `PSA_ECC_CURVE_SECPXXX` and `PSA_ECC_CURVE_BRAINPOOL_PXXX`), - * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` - * in big-endian byte order. - * The bit size is `m = ceiling(log_2(p))` for the field `F_p`. - * - For Weierstrass curves over binary fields (curve types - * `PSA_ECC_CURVE_SECTXXX`), - * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` - * in big-endian byte order. - * The bit size is `m` for the field `F_{2^m}`. - */ -#define PSA_ALG_ECDH ((psa_algorithm_t)0x30200000) - -/** Whether the specified algorithm is an elliptic curve Diffie-Hellman - * algorithm. - * - * This includes the raw elliptic curve Diffie-Hellman algorithm as well as - * elliptic curve Diffie-Hellman followed by any supporter key derivation - * algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \c alg is an elliptic curve Diffie-Hellman algorithm, - * 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported - * key agreement algorithm identifier. - */ -#define PSA_ALG_IS_ECDH(alg) \ - (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH) - -/** Whether the specified algorithm encoding is a wildcard. - * - * Wildcard values may only be used to set the usage algorithm field in - * a policy, not to perform an operation. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \c alg is a wildcard algorithm encoding. - * \return 0 if \c alg is a non-wildcard algorithm encoding (suitable for - * an operation). - * \return This macro may return either 0 or 1 if \c alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_WILDCARD(alg) \ - (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \ - PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \ - (alg) == PSA_ALG_ANY_HASH) - -/**@}*/ - -/** \defgroup key_lifetimes Key lifetimes - * @{ - */ - -/** A volatile key only exists as long as the handle to it is not closed. - * The key material is guaranteed to be erased on a power reset. - */ -#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) - -/** The default storage area for persistent keys. - * - * A persistent key remains in storage until it is explicitly destroyed or - * until the corresponding storage area is wiped. This specification does - * not define any mechanism to wipe a storage area, but implementations may - * provide their own mechanism (for example to perform a factory reset, - * to prepare for device refurbishment, or to uninstall an application). - * - * This lifetime value is the default storage area for the calling - * application. Implementations may offer other storage areas designated - * by other lifetime values as implementation-specific extensions. - */ -#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) - -/** The minimum value for a key identifier chosen by the application. - */ -#define PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000001) -/** The maximum value for a key identifier chosen by the application. - */ -#define PSA_KEY_ID_USER_MAX ((psa_key_id_t)0x3fffffff) -/** The minimum value for a key identifier chosen by the implementation. - */ -#define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t)0x40000000) -/** The maximum value for a key identifier chosen by the implementation. - */ -#define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t)0x7fffffff) - -/**@}*/ - -/** \defgroup policy Key policies - * @{ - */ - -/** Whether the key may be exported. - * - * A public key or the public part of a key pair may always be exported - * regardless of the value of this permission flag. - * - * If a key does not have export permission, implementations shall not - * allow the key to be exported in plain form from the cryptoprocessor, - * whether through psa_export_key() or through a proprietary interface. - * The key may however be exportable in a wrapped form, i.e. in a form - * where it is encrypted by another key. - */ -#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001) - -/** Whether the key may be copied. - * - * This flag allows the use of psa_copy_key() to make a copy of the key - * with the same policy or a more restrictive policy. - * - * For lifetimes for which the key is located in a secure element which - * enforce the non-exportability of keys, copying a key outside the secure - * element also requires the usage flag #PSA_KEY_USAGE_EXPORT. - * Copying the key inside the secure element is permitted with just - * #PSA_KEY_USAGE_COPY if the secure element supports it. - * For keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE or - * #PSA_KEY_LIFETIME_PERSISTENT, the usage flag #PSA_KEY_USAGE_COPY - * is sufficient to permit the copy. - */ -#define PSA_KEY_USAGE_COPY ((psa_key_usage_t)0x00000002) - -/** Whether the key may be used to encrypt a message. - * - * This flag allows the key to be used for a symmetric encryption operation, - * for an AEAD encryption-and-authentication operation, - * or for an asymmetric encryption operation, - * if otherwise permitted by the key's type and policy. - * - * For a key pair, this concerns the public key. - */ -#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100) - -/** Whether the key may be used to decrypt a message. - * - * This flag allows the key to be used for a symmetric decryption operation, - * for an AEAD decryption-and-verification operation, - * or for an asymmetric decryption operation, - * if otherwise permitted by the key's type and policy. - * - * For a key pair, this concerns the private key. - */ -#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200) - -/** Whether the key may be used to sign a message. - * - * This flag allows the key to be used for a MAC calculation operation - * or for an asymmetric signature operation, - * if otherwise permitted by the key's type and policy. - * - * For a key pair, this concerns the private key. - */ -#define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t)0x00000400) - -/** Whether the key may be used to verify a message signature. - * - * This flag allows the key to be used for a MAC verification operation - * or for an asymmetric signature verification operation, - * if otherwise permitted by by the key's type and policy. - * - * For a key pair, this concerns the public key. - */ -#define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t)0x00000800) - -/** Whether the key may be used to derive other keys. - */ -#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00001000) - -/**@}*/ - -/** \defgroup derivation Key derivation - * @{ - */ - -/** A secret input for key derivation. - * - * This should be a key of type #PSA_KEY_TYPE_DERIVE - * (passed to psa_key_derivation_input_key()) - * or the shared secret resulting from a key agreement - * (obtained via psa_key_derivation_key_agreement()). - * - * The secret can also be a direct input (passed to - * key_derivation_input_bytes()). In this case, the derivation operation - * may not be used to derive keys: the operation will only allow - * psa_key_derivation_output_bytes(), not psa_key_derivation_output_key(). - */ -#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101) - -/** A label for key derivation. - * - * This should be a direct input. - * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. - */ -#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201) - -/** A salt for key derivation. - * - * This should be a direct input. - * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. - */ -#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202) - -/** An information string for key derivation. - * - * This should be a direct input. - * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. - */ -#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203) - -/** A seed for key derivation. - * - * This should be a direct input. - * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. - */ -#define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t)0x0204) - -/**@}*/ - -#endif /* PSA_CRYPTO_VALUES_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/error.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/error.h deleted file mode 100644 index 439dba4..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/error.h +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -/** - * \file psa/error.h - * \brief Standard error codes for the SPM and RoT Services - */ - -#ifndef __PSA_ERROR_H__ -#define __PSA_ERROR_H__ - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* If #PSA_SUCCESS is already defined, it means that #psa_status_t - * is also defined in an external header, so prevent its multiple - * definition. - */ -#ifndef PSA_SUCCESS -typedef int32_t psa_status_t; -#endif - -#define PSA_SUCCESS ((psa_status_t)0) - -#define PSA_ERROR_PROGRAMMER_ERROR ((psa_status_t)-129) -#define PSA_ERROR_CONNECTION_REFUSED ((psa_status_t)-130) -#define PSA_ERROR_CONNECTION_BUSY ((psa_status_t)-131) -#define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132) -#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133) -#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134) -#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135) -#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136) -#define PSA_ERROR_BAD_STATE ((psa_status_t)-137) -#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138) -#define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139) -#define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140) -#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141) -#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142) -#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143) -#define PSA_ERROR_SERVICE_FAILURE ((psa_status_t)-144) -#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145) -#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146) -#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147) -#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) - -#ifdef __cplusplus -} -#endif - -#endif /* __PSA_ERROR_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/initial_attestation.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/initial_attestation.h deleted file mode 100644 index c125a4d..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/initial_attestation.h +++ /dev/null @@ -1,228 +0,0 @@ -/* - * Copyright (c) 2018-2020, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -/***************************************************************************/ -/* DRAFT UNDER REVIEW */ -/* These APIs are still evolving and are meant as a prototype for review.*/ -/* The APIs will change depending on feedback and will be firmed up */ -/* to a stable set of APIs once all the feedback has been considered. */ -/***************************************************************************/ - -#ifndef __PSA_INITIAL_ATTESTATION_H__ -#define __PSA_INITIAL_ATTESTATION_H__ - -#include -#include -#include -#include "psa/crypto.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief PSA INITIAL ATTESTATION API version - * - * Initial attestation API version is: 1.0.0 - */ -#define PSA_INITIAL_ATTEST_API_VERSION_MAJOR (1) -#define PSA_INITIAL_ATTEST_API_VERSION_MINOR (0) - -/** - * The allowed size of input challenge in bytes: 32, 48, 64 - * Challenge can be a nonce from server - * or the hash of some combined data : nonce + attested data by caller. - */ -#define PSA_INITIAL_ATTEST_CHALLENGE_SIZE_32 (32u) -#define PSA_INITIAL_ATTEST_CHALLENGE_SIZE_48 (48u) -#define PSA_INITIAL_ATTEST_CHALLENGE_SIZE_64 (64u) - -/** - * The maximum size of an attestation token that can be generated by the - * attestation service. Used to configure buffers for services that verify the - * produced tokens. - */ -#define PSA_INITIAL_ATTEST_MAX_TOKEN_SIZE (0x400) - -/** - * The list of fixed claims in the initial attestation token is still evolving, - * you can expect slight changes in the future. - * - * The initial attestation token is planned to be aligned with future version of - * Entity Attestation Token format: - * https://tools.ietf.org/html/draft-mandyam-eat-01 - * - * Current list of claims: - * - Challenge: Input object from caller. Can be a single nonce from server - * or hash of nonce and attested data. It is intended to provide - * freshness to reports and the caller has responsibility to - * arrange this. Allowed length: 32, 48, 64 bytes. The claim is - * modeled to be eventually represented by the EAT standard - * claim nonce. Until such a time as that standard exists, - * the claim will be represented by a custom claim. Value - * is encoded as byte string. - * - * - Instance ID: It represents the unique identifier of the instance. In the - * PSA definition it is a hash of the public attestation key - * of the instance. The claim is modeled to be eventually - * represented by the EAT standard claim UEID of type GUID. - * Until such a time as that standard exists, the claim will be - * represented by a custom claim Value is encoded as byte - * string. - * - * - Verification service indicator: Optional, recommended claim. It is used by - * a Relying Party to locate a validation service for the token. - * The value is a text string that can be used to locate the - * service or a URL specifying the address of the service. The - * claim is modeled to be eventually represented by the EAT - * standard claim origination. Until such a time as that - * standard exists, the claim will be represented by a custom - * claim. Value is encoded as text string. - * - * - Profile definition: Optional, recommended claim. It contains the name of - * a document that describes the 'profile' of the token, being - * a full description of the claims, their usage, verification - * and token signing. The document name may include versioning. - * Custom claim with a value encoded as text string. - * - * - Implementation ID: It represents the original implementation signer of the - * attestation key and identifies the contract between the - * report and verification. A verification service will use this - * claim to locate the details of the verification process. - * Custom claim with a value encoded as byte string. - * - * - Security lifecycle: It represents the current lifecycle state of the - * instance. Custom claim with a value encoded as integer that - * is divided to convey a major state and a minor state. The - * PSA state and implementation state are encoded as follows: - * - version[15:8] - PSA lifecycle state - major - * - version[7:0] - IMPLEMENTATION DEFINED state - minor - * Possible PSA lifecycle states: - * - Unknown (0x1000u), - * - PSA_RoT_Provisioning (0x2000u), - * - Secured (0x3000u), - * - Non_PSA_RoT_Debug(0x4000u), - * - Recoverable_PSA_RoT_Debug (0x5000u), - * - Decommissioned (0x6000u) - * - * - Client ID: The partition ID of that secure partition or non-secure - * thread who called the initial attestation API. Custom claim - * with a value encoded as a *signed* integer. Negative number - * represents non-secure caller, positive numbers represents - * secure callers, zero is invalid. - * - * - HW version: Optional claim. Globally unique number in EAN-13 format - * identifying the GDSII that went to fabrication, HW and ROM. - * It can be used to reference the security level of the PSA-ROT - * via a certification website. Custom claim with a value is - * encoded as text string. - - * - Boot seed: It represents a random value created at system boot time that - * will allow differentiation of reports from different system - * sessions. The size is 32 bytes. Custom claim with a value is - * encoded as byte string. - * - * - Software components: Recommended claim. It represents the software state - * of the system. The value of the claim is an array of CBOR map - * entries, with one entry per software component within the - * device. Each map contains multiple claims that describe - * evidence about the details of the software component. - * - * - Measurement type: Optional claim. It represents the role of the - * software component. Value is encoded as short(!) text - * string. - * - * - Measurement value: It represents a hash of the invariant software - * component in memory at start-up time. The value must be a - * cryptographic hash of 256 bits or stronger.Value is - * encoded as byte string. - * - * - Version: Optional claim. It represents the issued software version. - * Value is encoded as text string. - * - * - Signer ID: It represents the hash of a signing authority public key. - * Value is encoded as byte string. - * - * - Measurement description: Optional claim. It represents the way in which - * the measurement value of the software component is - * computed. Value is encoded as text string containing an - * abbreviated description (name) of the measurement method. - * - * - No software measurements: In the event that the implementation does not - * contain any software measurements then the software - * components claim above can be omitted but instead - * it is mandatory to include this claim to indicate this is a - * deliberate state. Custom claim a value is encoded as unsigned - * integer set to 1. - */ - -/** - * \brief Get initial attestation token - * - * \param[in] auth_challenge Pointer to buffer where challenge input is - * stored. Nonce and / or hash of attested data. - * Must be always - * \ref PSA_INITIAL_ATTEST_TOKEN_SIZE bytes - * long. - * \param[in] challenge_size Size of challenge object in bytes. - * \param[out] token_buf Pointer to the buffer where attestation token - * will be stored. - * \param[in] token_buf_size Size of allocated buffer for token, in bytes. - * \param[out] token_size Size of the token that has been returned, in - * bytes. - * - * \return Returns error code as specified in \ref psa_status_t - */ -psa_status_t -psa_initial_attest_get_token(const uint8_t *auth_challenge, - size_t challenge_size, - uint8_t *token_buf, - size_t token_buf_size, - size_t *token_size); - -/** - * \brief Get the exact size of initial attestation token in bytes. - * - * It just returns with the size of the IAT token. It can be used if the caller - * dynamically allocates memory for the token buffer. - * - * \param[in] challenge_size Size of challenge object in bytes. This must be - * a supported challenge size (as above). - * \param[out] token_size Size of the token in bytes, which is created by - * initial attestation service. - * - * \return Returns error code as specified in \ref psa_status_t - */ -psa_status_t -psa_initial_attest_get_token_size(size_t challenge_size, - size_t *token_size); - -/** - * \brief Get the initial attestation public key. - * - * \param[out] public_key Pointer to the buffer where the public key - * will be stored. - * \param[in] key_buf_size Size of allocated buffer for key, in bytes. - * \param[out] public_key_len Size of public key in bytes. - * \param[out] public_key_curve Type of the elliptic curve which the key - * belongs to. - * - * \note Currently only the ECDSA P-256 over SHA-256 algorithm is supported. - * - * \return Returns error code as specified in \ref psa_status_t - */ -psa_status_t -tfm_initial_attest_get_public_key(uint8_t *public_key, - size_t public_key_buf_size, - size_t *public_key_len, - psa_ecc_curve_t *elliptic_curve_type); - -#ifdef __cplusplus -} -#endif - -#endif /* __PSA_INITIAL_ATTESTATION_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/internal_trusted_storage.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/internal_trusted_storage.h deleted file mode 100644 index 3920bc9..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/internal_trusted_storage.h +++ /dev/null @@ -1,164 +0,0 @@ -/* - * Copyright (c) 2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -/** This file describes the PSA Internal Trusted Storage API -*/ - -#ifndef PSA_INTERNAL_TRUSTED_STORAGE_H -#define PSA_INTERNAL_TRUSTED_STORAGE_H - -#include -#include - -#include "psa/error.h" -#include "psa/storage_common.h" - -#ifdef __cplusplus -extern "C" { -#endif -#define PSA_ITS_API_VERSION_MAJOR 1 /**< The major version number of the - * PSA ITS API - */ -#define PSA_ITS_API_VERSION_MINOR 0 /**< The minor version number of the - * PSA ITS API - */ -// This version of the header file is associated with 1.0 final release. - -/** - * \brief Create a new, or modify an existing, uid/value pair - * - * Stores data in the internal storage. - * - * \param[in] uid The identifier for the data - * \param[in] data_length The size in bytes of the data in `p_data` - * \param[in] p_data A buffer containing the data - * \param[in] create_flags The flags that the data will be stored with - * - * \return A status indicating the success/failure of the operation - * - * \retval PSA_SUCCESS The operation completed successfully - * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the - * provided `uid` value was already - * created with - * PSA_STORAGE_FLAG_WRITE_ONCE - * \retval PSA_ERROR_NOT_SUPPORTED The operation failed because one or - * more of the flags provided in - * `create_flags` is not supported or is - * not valid - * \retval PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there - * was insufficient space on the - * storage medium - * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the - * physical storage has failed (Fatal - * error) - * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one - * of the provided pointers(`p_data`) - * is invalid, for example is `NULL` or - * references memory the caller cannot - * access - */ -psa_status_t psa_its_set(psa_storage_uid_t uid, - size_t data_length, - const void *p_data, - psa_storage_create_flags_t create_flags); - -/** - * \brief Retrieve data associated with a provided UID - * - * Retrieves up to `data_size` bytes of the data associated with `uid`, starting - * at `data_offset` bytes from the beginning of the data. Upon successful - * completion, the data will be placed in the `p_data` buffer, which must be at - * least `data_size` bytes in size. The length of the data returned will be in - * `p_data_length`. If `data_size` is 0, the contents of `p_data_length` will - * be set to zero. - * - * \param[in] uid The uid value - * \param[in] data_offset The starting offset of the data requested - * \param[in] data_size The amount of data requested - * \param[out] p_data On success, the buffer where the data will - * be placed - * \param[out] p_data_length On success, this will contain size of the data - * placed in `p_data` - * - * \return A status indicating the success/failure of the operation - * - * \retval PSA_SUCCESS The operation completed successfully - * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the - * provided `uid` value was not found in - * the storage - * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the - * physical storage has failed (Fatal - * error) - * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the - * provided arguments (`p_data`, - * `p_data_length`) is invalid, for example - * is `NULL` or references memory the - * caller cannot access. In addition, this - * can also happen if `data_offset` is - * larger than the size of the data - * associated with `uid` - */ -psa_status_t psa_its_get(psa_storage_uid_t uid, - size_t data_offset, - size_t data_size, - void *p_data, - size_t *p_data_length); - -/** - * \brief Retrieve the metadata about the provided uid - * - * Retrieves the metadata stored for a given `uid` as a `psa_storage_info_t` - * structure. - * - * \param[in] uid The `uid` value - * \param[out] p_info A pointer to the `psa_storage_info_t` struct that will - * be populated with the metadata - * - * \return A status indicating the success/failure of the operation - * - * \retval PSA_SUCCESS The operation completed successfully - * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided - * uid value was not found in the storage - * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical - * storage has failed (Fatal error) - * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the - * provided pointers(`p_info`) - * is invalid, for example is `NULL` or - * references memory the caller cannot - * access - */ -psa_status_t psa_its_get_info(psa_storage_uid_t uid, - struct psa_storage_info_t *p_info); - -/** - * \brief Remove the provided uid and its associated data from the storage - * - * Deletes the data from internal storage. - * - * \param[in] uid The `uid` value - * - * \return A status indicating the success/failure of the operation - * - * \retval PSA_SUCCESS The operation completed successfully - * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more - * of the given arguments were invalid (null - * pointer, wrong flags and so on) - * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided - * uid value was not found in the storage - * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided - * uid value was created with - * PSA_STORAGE_FLAG_WRITE_ONCE - * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical - * storage has failed (Fatal error) - */ -psa_status_t psa_its_remove(psa_storage_uid_t uid); - -#ifdef __cplusplus -} -#endif - -#endif // PSA_INTERNAL_TRUSTED_STORAGE_H diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/protected_storage.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/protected_storage.h deleted file mode 100644 index e76205c..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/protected_storage.h +++ /dev/null @@ -1,282 +0,0 @@ -/* - * Copyright (c) 2019-2020, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -/* This file describes the PSA Protected Storage API */ - -#ifndef PSA_PROTECTED_STORAGE_H -#define PSA_PROTECTED_STORAGE_H - -#include -#include - -#include "psa/error.h" -#include "psa/storage_common.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief PSA_PS_API_VERSION version - * - * Major and minor PSA_PS_API_VERSION numbers - */ -#define PSA_PS_API_VERSION_MAJOR 1 -#define PSA_PS_API_VERSION_MINOR 0 - -// This version of the header file is associated with 1.0 final release - -/** - * \brief Create a new, or modify an existing, uid/value pair - * - * Stores data in the protected storage. - * - * \param[in] uid The identifier for the data - * \param[in] data_length The size in bytes of the data in `p_data` - * \param[in] p_data A buffer containing the data - * \param[in] create_flags The flags that the data will be stored with - * - * \return A status indicating the success/failure of the operation - * - * \retval PSA_SUCCESS The operation completed successfully - * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the - * provided `uid` value was already - * created with - * PSA_STORAGE_FLAG_WRITE_ONCE - * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one - * of the provided pointers(`p_data`) - * is invalid, for example is `NULL` or - * references memory the caller cannot - * access - * \retval PSA_ERROR_NOT_SUPPORTED The operation failed because one or - * more of the flags provided in - * `create_flags` is not supported or is - * not valid - * \retval PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there - * was insufficient space on the - * storage medium - * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the - * physical storage has failed (Fatal - * error) - * \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an - * unspecified internal failure - */ -psa_status_t psa_ps_set(psa_storage_uid_t uid, - size_t data_length, - const void *p_data, - psa_storage_create_flags_t create_flags); - -/** - * \brief Retrieve data associated with a provided uid - * - * Retrieves up to `data_size` bytes of the data associated with `uid`, starting - * at `data_offset` bytes from the beginning of the data. Upon successful - * completion, the data will be placed in the `p_data` buffer, which must be at - * least `data_size` bytes in size. The length of the data returned will be in - * `p_data_length`. If `data_size` is 0, the contents of `p_data_length` will - * be set to zero. - * - * \param[in] uid The uid value - * \param[in] data_offset The starting offset of the data requested - * \param[in] data_size The amount of data requested - * \param[out] p_data On success, the buffer where the data will - * be placed - * \param[out] p_data_length On success, this will contain size of the data - * placed in `p_data` - * - * \return A status indicating the success/failure of the operation - * - * \retval PSA_SUCCESS The operation completed successfully - * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the - * provided arguments (`p_data`, - * `p_data_length`) is invalid, for example - * is `NULL` or references memory the - * caller cannot access. In addition, this - * can also happen if `data_offset` is - * larger than the size of the data - * associated with `uid` - * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the - * provided `uid` value was not found in - * the storage - * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the - * physical storage has failed (Fatal - * error) - * \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an - * unspecified internal failure - * \retval PSA_ERROR_DATA_CORRUPT The operation failed because the data - * associated with the UID was corrupt - * \retval PSA_ERROR_INVALID_SIGNATURE The operation failed because the data - * associated with the UID failed - * authentication - */ -psa_status_t psa_ps_get(psa_storage_uid_t uid, - size_t data_offset, - size_t data_size, - void *p_data, - size_t *p_data_length); - -/** - * \brief Retrieve the metadata about the provided uid - * - * Retrieves the metadata stored for a given `uid` - * - * \param[in] uid The `uid` value - * \param[out] p_info A pointer to the `psa_storage_info_t` struct that will - * be populated with the metadata - * - * \return A status indicating the success/failure of the operation - * - * \retval PSA_SUCCESS The operation completed successfully - * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the - * provided pointers(`p_info`) - * is invalid, for example is `NULL` or - * references memory the caller cannot - * access - * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided - * uid value was not found in the storage - * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical - * storage has failed (Fatal error) - * \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an - * unspecified internal failure - * \retval PSA_ERROR_DATA_CORRUPT The operation failed because the data - * associated with the UID was corrupt - */ -psa_status_t psa_ps_get_info(psa_storage_uid_t uid, - struct psa_storage_info_t *p_info); - -/** - * \brief Remove the provided uid and its associated data from the storage - * - * Removes previously stored data and any associated metadata, - * including rollback protection data. - * - * \param[in] uid The `uid` value - * - * \return A status indicating the success/failure of the operation - * - * \retval PSA_SUCCESS The operation completed successfully - * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more - * of the given arguments were invalid (null - * pointer, wrong flags and so on) - * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided - * uid value was not found in the storage - * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided - * uid value was created with - * PSA_STORAGE_FLAG_WRITE_ONCE - * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical - * storage has failed (Fatal error) - * \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an - * unspecified internal failure - */ -psa_status_t psa_ps_remove(psa_storage_uid_t uid); - -/** - * \brief Reserves storage for the specified uid - * - * Upon success, the capacity of the storage will be capacity, and the size - * will be 0. It is only necessary to call this function for assets that will - * be written with the psa_ps_set_extended function. If only the psa_ps_set - * function is needed, calls to this function are redundant. - * - * \param[in] uid The `uid` value - * \param[in] capacity The capacity to be allocated in bytes - * \param[in] create_flags Flags indicating properties of storage - * - * \return A status indicating the success/failure of the operation - * - * \retval PSA_SUCCESS The operation completed successfully - * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the - * physical storage has failed - * (Fatal error) - * \retval PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because the - * capacity is bigger than the current - * available space - * \retval PSA_ERROR_NOT_SUPPORTED The operation failed because the - * function is not implemented or one - * or more create_flags are not - * supported. - * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because uid was - * 0 or create_flags specified flags - * that are not defined in the API. - * \retval PSA_ERROR_GENERIC_ERROR The operation failed due to an - * unspecified error - * \retval PSA_ERROR_ALREADY_EXISTS Storage for the specified uid - * already exists - */ -psa_status_t psa_ps_create(psa_storage_uid_t uid, - size_t capacity, - psa_storage_create_flags_t create_flags); - -/** - * \brief Sets partial data into an asset - * - * Before calling this function, the storage must have been reserved with a call - * to psa_ps_create. It can also be used to overwrite data in an asset that was - * created with a call to psa_ps_set. Calling this function with data_length = 0 - * is permitted, which will make no change to the stored data.This function can - * overwrite existing data and/or extend it up to the capacity for the uid - * specified in psa_ps_create, but cannot create gaps. - * - * That is, it has preconditions: - * - data_offset <= size - * - data_offset + data_length <= capacity - * and postconditions: - * - size = max(size, data_offset + data_length) - * - capacity unchanged. - * - * \param[in] uid The `uid` value - * \param[in] data_offset Offset within the asset to start the write - * \param[in] data_length The size in bytes of the data in p_data to write - * \param[in] p_data Pointer to a buffer which contains the data to write - * - * \return A status indicating the success/failure of the operation - * - * \retval PSA_SUCCESS The asset exists, the input parameters - * are correct and the data is correctly - * written in the physical storage. - * \retval PSA_ERROR_STORAGE_FAILURE The data was not written correctly in - * the physical storage - * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more - * of the preconditions listed above - * regarding data_offset, size, or - * data_length was violated. - * \retval PSA_ERROR_DOES_NOT_EXIST The specified uid was not found - * \retval PSA_ERROR_NOT_SUPPORTED The implementation of the API does not - * support this function - * \retval PSA_ERROR_GENERIC_ERROR The operation failed due to an - * unspecified error - * \retval PSA_ERROR_DATA_CORRUPT The operation failed because the - * existing data has been corrupted. - * \retval PSA_ERROR_INVALID_SIGNATURE The operation failed because the - * existing data failed authentication - * (MAC check failed). - * \retval PSA_ERROR_NOT_PERMITTED The operation failed because it was - * attempted on an asset which was written - * with the flag - * PSA_STORAGE_FLAG_WRITE_ONCE - */ -psa_status_t psa_ps_set_extended(psa_storage_uid_t uid, - size_t data_offset, - size_t data_length, - const void *p_data); - -/** - * \brief Lists optional features. - * - * \return A bitmask with flags set for all of - * the optional features supported by the - * implementation.Currently defined flags - * are limited to - * PSA_STORAGE_SUPPORT_SET_EXTENDED - */ -uint32_t psa_ps_get_support(void); - -#ifdef __cplusplus -} -#endif - -#endif /* PSA_PROTECTED_STORAGE_H */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/storage_common.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/storage_common.h deleted file mode 100644 index 3f901c5..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa/storage_common.h +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -/* This file includes common definitions for PSA storage -*/ - -#ifndef PSA_STORAGE_COMMON_H -#define PSA_STORAGE_COMMON_H - -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -typedef uint32_t psa_storage_create_flags_t; - -typedef uint64_t psa_storage_uid_t; - -/* Flags */ - -#define PSA_STORAGE_FLAG_NONE 0u -#define PSA_STORAGE_FLAG_WRITE_ONCE (1u << 0) -#define PSA_STORAGE_FLAG_NO_CONFIDENTIALITY (1u << 1) -#define PSA_STORAGE_FLAG_NO_REPLAY_PROTECTION (1u << 2) - -/* A container for metadata associated with a specific uid */ - -struct psa_storage_info_t { - size_t capacity; - size_t size; - psa_storage_create_flags_t flags; -}; - -#define PSA_STORAGE_SUPPORT_SET_EXTENDED (1u << 0) - -#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) -#define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152) - -#ifdef __cplusplus -} -#endif - -#endif // PSA_STORAGE_COMMON_H diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa_manifest/sid.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa_manifest/sid.h deleted file mode 100644 index f9bdf7c..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/psa_manifest/sid.h +++ /dev/null @@ -1,147 +0,0 @@ -/* - * Copyright (c) 2019-2020, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -/*********** WARNING: This is an auto-generated file. Do not edit! ***********/ - -#ifndef __PSA_MANIFEST_SID_H__ -#define __PSA_MANIFEST_SID_H__ - -#ifdef __cplusplus -extern "C" { -#endif - -/******** TFM_SP_PS ********/ -#define TFM_PS_SET_SID (0x00000060U) -#define TFM_PS_SET_VERSION (1U) -#define TFM_PS_GET_SID (0x00000061U) -#define TFM_PS_GET_VERSION (1U) -#define TFM_PS_GET_INFO_SID (0x00000062U) -#define TFM_PS_GET_INFO_VERSION (1U) -#define TFM_PS_REMOVE_SID (0x00000063U) -#define TFM_PS_REMOVE_VERSION (1U) -#define TFM_PS_GET_SUPPORT_SID (0x00000064U) -#define TFM_PS_GET_SUPPORT_VERSION (1U) - -/******** TFM_SP_ITS ********/ -#define TFM_ITS_SET_SID (0x00000070U) -#define TFM_ITS_SET_VERSION (1U) -#define TFM_ITS_GET_SID (0x00000071U) -#define TFM_ITS_GET_VERSION (1U) -#define TFM_ITS_GET_INFO_SID (0x00000072U) -#define TFM_ITS_GET_INFO_VERSION (1U) -#define TFM_ITS_REMOVE_SID (0x00000073U) -#define TFM_ITS_REMOVE_VERSION (1U) - -/******** TFM_SP_CRYPTO ********/ -#define TFM_CRYPTO_SID (0x00000080U) -#define TFM_CRYPTO_VERSION (1U) - -/******** TFM_SP_PLATFORM ********/ -#define TFM_SP_PLATFORM_SYSTEM_RESET_SID (0x00000040U) -#define TFM_SP_PLATFORM_SYSTEM_RESET_VERSION (1U) -#define TFM_SP_PLATFORM_IOCTL_SID (0x00000041U) -#define TFM_SP_PLATFORM_IOCTL_VERSION (1U) -#define TFM_SP_PLATFORM_NV_COUNTER_SID (0x00000042U) -#define TFM_SP_PLATFORM_NV_COUNTER_VERSION (1U) - -/******** TFM_SP_INITIAL_ATTESTATION ********/ -#define TFM_ATTEST_GET_TOKEN_SID (0x00000020U) -#define TFM_ATTEST_GET_TOKEN_VERSION (1U) -#define TFM_ATTEST_GET_TOKEN_SIZE_SID (0x00000021U) -#define TFM_ATTEST_GET_TOKEN_SIZE_VERSION (1U) -#define TFM_ATTEST_GET_PUBLIC_KEY_SID (0x00000022U) -#define TFM_ATTEST_GET_PUBLIC_KEY_VERSION (1U) - -/******** TFM_SP_CORE_TEST ********/ -#define SPM_CORE_TEST_INIT_SUCCESS_SID (0x0000F020U) -#define SPM_CORE_TEST_INIT_SUCCESS_VERSION (1U) -#define SPM_CORE_TEST_DIRECT_RECURSION_SID (0x0000F021U) -#define SPM_CORE_TEST_DIRECT_RECURSION_VERSION (1U) -#define SPM_CORE_TEST_SS_TO_SS_SID (0x0000F024U) -#define SPM_CORE_TEST_SS_TO_SS_VERSION (1U) -#define SPM_CORE_TEST_SS_TO_SS_BUFFER_SID (0x0000F025U) -#define SPM_CORE_TEST_SS_TO_SS_BUFFER_VERSION (1U) -#define SPM_CORE_TEST_OUTVEC_WRITE_SID (0x0000F026U) -#define SPM_CORE_TEST_OUTVEC_WRITE_VERSION (1U) -#define SPM_CORE_TEST_PERIPHERAL_ACCESS_SID (0x0000F027U) -#define SPM_CORE_TEST_PERIPHERAL_ACCESS_VERSION (1U) -#define SPM_CORE_TEST_GET_CALLER_CLIENT_ID_SID (0x0000F028U) -#define SPM_CORE_TEST_GET_CALLER_CLIENT_ID_VERSION (1U) -#define SPM_CORE_TEST_SPM_REQUEST_SID (0x0000F029U) -#define SPM_CORE_TEST_SPM_REQUEST_VERSION (1U) -#define SPM_CORE_TEST_BLOCK_SID (0x0000F02AU) -#define SPM_CORE_TEST_BLOCK_VERSION (1U) -#define SPM_CORE_TEST_NS_THREAD_SID (0x0000F02BU) -#define SPM_CORE_TEST_NS_THREAD_VERSION (1U) - -/******** TFM_SP_CORE_TEST_2 ********/ -#define SPM_CORE_TEST_2_SLAVE_SERVICE_SID (0x0000F040U) -#define SPM_CORE_TEST_2_SLAVE_SERVICE_VERSION (1U) -#define SPM_CORE_TEST_2_CHECK_CALLER_CLIENT_ID_SID (0x0000F041U) -#define SPM_CORE_TEST_2_CHECK_CALLER_CLIENT_ID_VERSION (1U) -#define SPM_CORE_TEST_2_GET_EVERY_SECOND_BYTE_SID (0x0000F042U) -#define SPM_CORE_TEST_2_GET_EVERY_SECOND_BYTE_VERSION (1U) -#define SPM_CORE_TEST_2_INVERT_SID (0x0000F043U) -#define SPM_CORE_TEST_2_INVERT_VERSION (1U) -#define SPM_CORE_TEST_2_PREPARE_TEST_SCENARIO_SID (0x0000F044U) -#define SPM_CORE_TEST_2_PREPARE_TEST_SCENARIO_VERSION (1U) -#define SPM_CORE_TEST_2_EXECUTE_TEST_SCENARIO_SID (0x0000F045U) -#define SPM_CORE_TEST_2_EXECUTE_TEST_SCENARIO_VERSION (1U) - -/******** TFM_SP_SECURE_TEST_PARTITION ********/ -#define TFM_SECURE_CLIENT_SFN_RUN_TESTS_SID (0x0000F000U) -#define TFM_SECURE_CLIENT_SFN_RUN_TESTS_VERSION (1U) - -/******** TFM_SP_IPC_SERVICE_TEST ********/ -#define IPC_SERVICE_TEST_BASIC_SID (0x0000F080U) -#define IPC_SERVICE_TEST_BASIC_VERSION (1U) -#define IPC_SERVICE_TEST_PSA_ACCESS_APP_MEM_SID (0x0000F081U) -#define IPC_SERVICE_TEST_PSA_ACCESS_APP_MEM_VERSION (1U) -#define IPC_SERVICE_TEST_PSA_ACCESS_APP_READ_ONLY_MEM_SID (0x0000F082U) -#define IPC_SERVICE_TEST_PSA_ACCESS_APP_READ_ONLY_MEM_VERSION (1U) -#define IPC_SERVICE_TEST_APP_ACCESS_PSA_MEM_SID (0x0000F083U) -#define IPC_SERVICE_TEST_APP_ACCESS_PSA_MEM_VERSION (1U) -#define IPC_SERVICE_TEST_CLIENT_PROGRAMMER_ERROR_SID (0x0000F084U) -#define IPC_SERVICE_TEST_CLIENT_PROGRAMMER_ERROR_VERSION (1U) - -/******** TFM_SP_IPC_CLIENT_TEST ********/ -#define IPC_CLIENT_TEST_BASIC_SID (0x0000F060U) -#define IPC_CLIENT_TEST_BASIC_VERSION (1U) -#define IPC_CLIENT_TEST_PSA_ACCESS_APP_MEM_SID (0x0000F061U) -#define IPC_CLIENT_TEST_PSA_ACCESS_APP_MEM_VERSION (1U) -#define IPC_CLIENT_TEST_PSA_ACCESS_APP_READ_ONLY_MEM_SID (0x0000F062U) -#define IPC_CLIENT_TEST_PSA_ACCESS_APP_READ_ONLY_MEM_VERSION (1U) -#define IPC_CLIENT_TEST_APP_ACCESS_PSA_MEM_SID (0x0000F063U) -#define IPC_CLIENT_TEST_APP_ACCESS_PSA_MEM_VERSION (1U) -#define IPC_CLIENT_TEST_MEM_CHECK_SID (0x0000F064U) -#define IPC_CLIENT_TEST_MEM_CHECK_VERSION (1U) - -/******** TFM_IRQ_TEST_1 ********/ -#define SPM_CORE_IRQ_TEST_1_PREPARE_TEST_SCENARIO_SID (0x0000F0A0U) -#define SPM_CORE_IRQ_TEST_1_PREPARE_TEST_SCENARIO_VERSION (1U) -#define SPM_CORE_IRQ_TEST_1_EXECUTE_TEST_SCENARIO_SID (0x0000F0A1U) -#define SPM_CORE_IRQ_TEST_1_EXECUTE_TEST_SCENARIO_VERSION (1U) - -/******** TFM_SP_PS_TEST ********/ -#define TFM_PS_TEST_PREPARE_SID (0x0000F0C0U) -#define TFM_PS_TEST_PREPARE_VERSION (1U) - -/******** TFM_SP_SECURE_CLIENT_2 ********/ -#define TFM_SECURE_CLIENT_2_SID (0x0000F0E0U) -#define TFM_SECURE_CLIENT_2_VERSION (1U) - -/******** TFM_SP_MULTI_CORE_TEST ********/ -#define MULTI_CORE_MULTI_CLIENT_CALL_TEST_0_SID (0x0000F100U) -#define MULTI_CORE_MULTI_CLIENT_CALL_TEST_0_VERSION (1U) -#define MULTI_CORE_MULTI_CLIENT_CALL_TEST_1_SID (0x0000F101U) -#define MULTI_CORE_MULTI_CLIENT_CALL_TEST_1_VERSION (1U) - -#ifdef __cplusplus -} -#endif - -#endif /* __PSA_MANIFEST_SID_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_api.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_api.h deleted file mode 100644 index 09abc39..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_api.h +++ /dev/null @@ -1,142 +0,0 @@ -/* - * Copyright (c) 2017-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __TFM_API_H__ -#define __TFM_API_H__ - -#ifdef __cplusplus -extern "C" { -#endif - -#include -#include "psa/client.h" - -#define TFM_INVALID_CLIENT_ID 0 - -/** - * \brief Checks if the provided client ID is a secure client ID. - * - * \param[in] client_id Client ID to check. - * - * \retval 1 Client ID is secure. - * \retval 0 Client ID is non-secure. - */ -#define TFM_CLIENT_ID_IS_S(client_id) ((client_id)>0) - -/** - * \brief Checks if the provided client ID is a non-secure client ID. - * - * \param[in] client_id Client ID to check. - * - * \retval 1 Client ID is non-secure. - * \retval 0 Client ID is secure. - */ -#define TFM_CLIENT_ID_IS_NS(client_id) ((client_id)<0) - -/* The mask used for timeout values */ -#define PSA_TIMEOUT_MASK PSA_BLOCK - -/* FixMe: sort out DEBUG compile option and limit return value options - * on external interfaces */ -enum tfm_status_e -{ - TFM_SUCCESS = 0, - TFM_PARTITION_BUSY, - TFM_ERROR_SECURE_DOMAIN_LOCKED, - TFM_ERROR_INVALID_PARAMETER, - TFM_ERROR_PARTITION_NON_REENTRANT, - TFM_ERROR_NS_THREAD_MODE_CALL, - TFM_ERROR_NOT_INITIALIZED, - TFM_ERROR_NO_ACTIVE_PARTITION, - TFM_ERROR_INVALID_EXC_MODE, - TFM_SECURE_LOCK_FAILED, - TFM_SECURE_UNLOCK_FAILED, - TFM_ERROR_GENERIC = 0x1F, -}; - -/* - * Structure to package type, in_len and out_len, it is mainly used for - * psa_call. - */ -struct tfm_control_parameter_t { - int32_t type; - size_t in_len; - size_t out_len; -}; - -/********************* Secure function declarations ***************************/ - -/** - * \brief Assign client ID to the current TZ context. - * - * \param[in] ns_client_id The client ID to be assigned to the current - * context. - * \retval TFM_SUCCESS The client ID assigned successfully. - * \retval error code The client ID assignment failed, an error code - * returned according to \ref tfm_status_e. - * \note This function have to be called from handler mode. - */ -enum tfm_status_e tfm_register_client_id (int32_t ns_client_id); - -/** - * \brief Retrieve the version of the PSA Framework API that is implemented. - * - * \return The version of the PSA Framework. - */ -uint32_t tfm_psa_framework_version_veneer(void); - -/** - * \brief Return version of secure function provided by secure binary. - * - * \param[in] sid ID of secure service. - * - * \return Version number of secure function. - */ -uint32_t tfm_psa_version_veneer(uint32_t sid); - -/** - * \brief Connect to secure function. - * - * \param[in] sid ID of secure service. - * \param[in] version Version of SF requested by client. - * - * \return Returns handle to connection. - */ -psa_handle_t tfm_psa_connect_veneer(uint32_t sid, uint32_t version); - -/** - * \brief Call a secure function referenced by a connection handle. - * - * \param[in] handle Handle to connection. - * \param[in] ctrl_param Parameter structure, includes reuqest type, - * in_num and out_num. - * \param[in] in_vec Array of input \ref psa_invec structures. - * \param[in/out] out_vec Array of output \ref psa_outvec structures. - * - * \return Returns \ref psa_status_t status code. - */ -psa_status_t tfm_psa_call_veneer(psa_handle_t handle, - const struct tfm_control_parameter_t *ctrl_param, - const psa_invec *in_vec, - psa_outvec *out_vec); - -/** - * \brief Close connection to secure function referenced by a connection handle. - * - * \param[in] handle Handle to connection - * - * \return void - */ -void tfm_psa_close_veneer(psa_handle_t handle); - -/***************** End Secure function declarations ***************************/ - -#ifdef __cplusplus -} -#endif - -#endif /* __TFM_API_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_crypto_defs.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_crypto_defs.h deleted file mode 100644 index dd45e3b..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_crypto_defs.h +++ /dev/null @@ -1,165 +0,0 @@ -/* - * Copyright (c) 2018-2020, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __TFM_CRYPTO_DEFS_H__ -#define __TFM_CRYPTO_DEFS_H__ - -#ifdef __cplusplus -extern "C" { -#endif - -#include -#include -#include "tfm_api.h" -#include "psa/crypto.h" - -/** - * \brief This type is used to overcome a limitation in the number of maximum - * IOVECs that can be used especially in psa_aead_encrypt and - * psa_aead_decrypt. To be removed in case the AEAD APIs number of - * parameters passed gets restructured - */ -#define TFM_CRYPTO_MAX_NONCE_LENGTH (16u) -struct tfm_crypto_aead_pack_input { - uint8_t nonce[TFM_CRYPTO_MAX_NONCE_LENGTH]; - uint32_t nonce_length; -}; - -/** - * \brief Structure used to pack non-pointer types in a call - * - */ -struct tfm_crypto_pack_iovec { - uint32_t sfn_id; /*!< Secure function ID used to dispatch the - * request - */ - uint16_t step; /*!< Key derivation step */ - psa_key_handle_t key_handle; /*!< Key handle */ - psa_algorithm_t alg; /*!< Algorithm */ - psa_algorithm_t alg2; /*!< Enrollment Algorithm */ - uint32_t op_handle; /*!< Frontend context handle associated to a - * multipart operation - */ - size_t capacity; /*!< Key derivation capacity */ - - struct tfm_crypto_aead_pack_input aead_in; /*!< FixMe: Temporarily used for - * AEAD until the API is - * restructured - */ -}; - -/** - * \brief Define a progressive numerical value for each SID which can be used - * when dispatching the requests to the service - */ -enum { - TFM_CRYPTO_GET_KEY_ATTRIBUTES_SID = (0u), - TFM_CRYPTO_RESET_KEY_ATTRIBUTES_SID, - TFM_CRYPTO_OPEN_KEY_SID, - TFM_CRYPTO_CLOSE_KEY_SID, - TFM_CRYPTO_IMPORT_KEY_SID, - TFM_CRYPTO_DESTROY_KEY_SID, - TFM_CRYPTO_EXPORT_KEY_SID, - TFM_CRYPTO_EXPORT_PUBLIC_KEY_SID, - TFM_CRYPTO_COPY_KEY_SID, - TFM_CRYPTO_HASH_COMPUTE_SID, - TFM_CRYPTO_HASH_COMPARE_SID, - TFM_CRYPTO_HASH_SETUP_SID, - TFM_CRYPTO_HASH_UPDATE_SID, - TFM_CRYPTO_HASH_FINISH_SID, - TFM_CRYPTO_HASH_VERIFY_SID, - TFM_CRYPTO_HASH_ABORT_SID, - TFM_CRYPTO_HASH_CLONE_SID, - TFM_CRYPTO_MAC_COMPUTE_SID, - TFM_CRYPTO_MAC_VERIFY_SID, - TFM_CRYPTO_MAC_SIGN_SETUP_SID, - TFM_CRYPTO_MAC_VERIFY_SETUP_SID, - TFM_CRYPTO_MAC_UPDATE_SID, - TFM_CRYPTO_MAC_SIGN_FINISH_SID, - TFM_CRYPTO_MAC_VERIFY_FINISH_SID, - TFM_CRYPTO_MAC_ABORT_SID, - TFM_CRYPTO_CIPHER_ENCRYPT_SID, - TFM_CRYPTO_CIPHER_DECRYPT_SID, - TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID, - TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID, - TFM_CRYPTO_CIPHER_GENERATE_IV_SID, - TFM_CRYPTO_CIPHER_SET_IV_SID, - TFM_CRYPTO_CIPHER_UPDATE_SID, - TFM_CRYPTO_CIPHER_FINISH_SID, - TFM_CRYPTO_CIPHER_ABORT_SID, - TFM_CRYPTO_AEAD_ENCRYPT_SID, - TFM_CRYPTO_AEAD_DECRYPT_SID, - TFM_CRYPTO_AEAD_ENCRYPT_SETUP_SID, - TFM_CRYPTO_AEAD_DECRYPT_SETUP_SID, - TFM_CRYPTO_AEAD_GENERATE_NONCE_SID, - TFM_CRYPTO_AEAD_SET_NONCE_SID, - TFM_CRYPTO_AEAD_SET_LENGTHS_SID, - TFM_CRYPTO_AEAD_UPDATE_AD_SID, - TFM_CRYPTO_AEAD_UPDATE_SID, - TFM_CRYPTO_AEAD_FINISH_SID, - TFM_CRYPTO_AEAD_VERIFY_SID, - TFM_CRYPTO_AEAD_ABORT_SID, - TFM_CRYPTO_SIGN_HASH_SID, - TFM_CRYPTO_VERIFY_HASH_SID, - TFM_CRYPTO_ASYMMETRIC_ENCRYPT_SID, - TFM_CRYPTO_ASYMMETRIC_DECRYPT_SID, - TFM_CRYPTO_KEY_DERIVATION_SETUP_SID, - TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY_SID, - TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY_SID, - TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES_SID, - TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY_SID, - TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT_SID, - TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_SID, - TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY_SID, - TFM_CRYPTO_KEY_DERIVATION_ABORT_SID, - TFM_CRYPTO_RAW_KEY_AGREEMENT_SID, - TFM_CRYPTO_GENERATE_RANDOM_SID, - TFM_CRYPTO_GENERATE_KEY_SID, - TFM_CRYPTO_SET_KEY_DOMAIN_PARAMETERS_SID, - TFM_CRYPTO_GET_KEY_DOMAIN_PARAMETERS_SID, - TFM_CRYPTO_SID_MAX, -}; - -/** - * \brief Define an invalid value for an SID - * - */ -#define TFM_CRYPTO_SID_INVALID (~0x0u) - -/** - * \brief This value is used to mark an handle as invalid. - * - */ -#define TFM_CRYPTO_INVALID_HANDLE (0x0u) - -/** - * \brief The persistent key identifier that refers to the hardware unique key. - * - */ -#define TFM_CRYPTO_KEY_ID_HUK (0xFFFF815Bu) - -/** - * \brief The algorithm identifier that refers to key derivation from the - * hardware unique key. - * - */ -#define TFM_CRYPTO_ALG_HUK_DERIVATION ((psa_algorithm_t)0xB0000F00) - -/** - * \brief Define miscellaneous literal constants that are used in the service - * - */ -enum { - TFM_CRYPTO_NOT_IN_USE = 0, - TFM_CRYPTO_IN_USE = 1 -}; - -#ifdef __cplusplus -} -#endif - -#endif /* __TFM_CRYPTO_DEFS_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_mailbox.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_mailbox.h deleted file mode 100644 index 3d128f4..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_mailbox.h +++ /dev/null @@ -1,180 +0,0 @@ -/* - * Copyright (c) 2019-2020, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -/* - * This is header file of common mailbox objects shared by NSPE and SPE. - * Please refer to tfm_ns_mailbox.h for the definitions only used in NSPE - * mailbox library. - * Please refer to tfm_spe_mailbox.h for the SPE specific definitions and APIs. - */ - -#ifndef __TFM_MAILBOX_H__ -#define __TFM_MAILBOX_H__ - -#include -#include -#include -#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL -#include "device_cfg.h" -#endif -#include "psa/client.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * If multiple outstanding NS PSA Client calls is enabled, multi-core platform - * should define the number of mailbox queue slots NUM_MAILBOX_QUEUE_SLOT in - * platform device_cfg.h. - * Otherwise, NUM_MAILBOX_QUEUE_SLOT is defined as 1. - */ -#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL -#ifndef NUM_MAILBOX_QUEUE_SLOT -#error "Error: Platform doesn't define NUM_MAILBOX_QUEUE_SLOT for mailbox queue" -#endif - -#if (NUM_MAILBOX_QUEUE_SLOT < 2) -#error "Error: Invalid NUM_MAILBOX_QUEUE_SLOT. The value should be more than 1" -#endif - -/* - * The number of slots should be no more than the number of bits in - * mailbox_queue_status_t. - * Here the value is hardcoded. A better way is to define a sizeof() to - * calculate the bits in mailbox_queue_status_t and dump it with pragma message. - */ -#if (NUM_MAILBOX_QUEUE_SLOT > 32) -#error "Error: Invalid NUM_MAILBOX_QUEUE_SLOT. The value should be no more than 32" -#endif -#else /* TFM_MULTI_CORE_MULTI_CLIENT_CALL */ -/* Force the number of mailbox queue slots as 1. */ -#undef NUM_MAILBOX_QUEUE_SLOT -#define NUM_MAILBOX_QUEUE_SLOT (1) -#endif /* TFM_MULTI_CORE_MULTI_CLIENT_CALL */ - -/* PSA client call type value */ -#define MAILBOX_PSA_FRAMEWORK_VERSION (0x1) -#define MAILBOX_PSA_VERSION (0x2) -#define MAILBOX_PSA_CONNECT (0x3) -#define MAILBOX_PSA_CALL (0x4) -#define MAILBOX_PSA_CLOSE (0x5) - -/* Return code of mailbox APIs */ -#define MAILBOX_SUCCESS (0) -#define MAILBOX_QUEUE_FULL (INT32_MIN + 1) -#define MAILBOX_INVAL_PARAMS (INT32_MIN + 2) -#define MAILBOX_NO_PERMS (INT32_MIN + 3) -#define MAILBOX_NO_PEND_EVENT (INT32_MIN + 4) -#define MAILBOX_CHAN_BUSY (INT32_MIN + 5) -#define MAILBOX_CALLBACK_REG_ERROR (INT32_MIN + 6) -#define MAILBOX_INIT_ERROR (INT32_MIN + 7) - -/* - * This structure holds the parameters used in a PSA client call. - */ -struct psa_client_params_t { - union { - struct { - uint32_t sid; - } psa_version_params; - - struct { - uint32_t sid; - uint32_t version; - } psa_connect_params; - - struct { - psa_handle_t handle; - int32_t type; - const psa_invec *in_vec; - size_t in_len; - psa_outvec *out_vec; - size_t out_len; - } psa_call_params; - - struct { - psa_handle_t handle; - } psa_close_params; - }; -}; - -/* Mailbox message passed from NSPE to SPE to deliver a PSA client call */ -struct mailbox_msg_t { - uint32_t call_type; /* PSA client call type */ - struct psa_client_params_t params; /* Contain parameters used in PSA - * client call - */ - - int32_t client_id; /* Optional client ID of the - * non-secure caller. - * It is required to identify the - * non-secure task when NSPE OS - * enforces non-secure task isolation - */ -}; - -/* A handle to a mailbox message in use */ -typedef int32_t mailbox_msg_handle_t; - -#define MAILBOX_MSG_NULL_HANDLE ((mailbox_msg_handle_t)0) - -/* - * Mailbox reply structure in non-secure memory - * to hold the PSA client call return result from SPE - */ -struct mailbox_reply_t { - int32_t return_val; -}; - -/* A single slot structure in NSPE mailbox queue */ -struct ns_mailbox_slot_t { - struct mailbox_msg_t msg; - struct mailbox_reply_t reply; - const void *owner; /* Handle of the owner task of this - * slot - */ - bool is_woken; /* Indicate that owner task has been - * or should be woken up, after the - * replied is received. - */ -}; - -typedef uint32_t mailbox_queue_status_t; - -/* NSPE mailbox queue */ -struct ns_mailbox_queue_t { - mailbox_queue_status_t empty_slots; /* Bitmask of empty slots */ - mailbox_queue_status_t pend_slots; /* Bitmask of slots pending - * for SPE handling - */ - mailbox_queue_status_t replied_slots; /* Bitmask of active slots - * containing PSA client call - * return result - */ - - struct ns_mailbox_slot_t queue[NUM_MAILBOX_QUEUE_SLOT]; - -#ifdef TFM_MULTI_CORE_TEST - uint32_t nr_tx; /* The total number of - * submission of NS PSA Client - * calls from NS task via - * mailbox. - */ - uint32_t nr_used_slots; /* The total number of used - * mailbox queue slots each time - * NS thread requests a mailbox - * queue slot. - */ -#endif -}; - -#ifdef __cplusplus -} -#endif - -#endif /* __TFM_MAILBOX_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_multi_core_api.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_multi_core_api.h deleted file mode 100644 index 7999fa4..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_multi_core_api.h +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (c) 2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __TFM_MULTI_CORE_API__ -#define __TFM_MULTI_CORE_API__ - -#ifdef __cplusplus -extern "C" { -#endif - -#include - -/** - * \brief Called on the non-secure CPU. - * Flags that the non-secure side has completed its initialization. - * Waits, if necessary, for the secure CPU to flag that it has completed - * its initialization. - * - * \return Return 0 if succeeds. - * \return Otherwise, return specific error code. - */ -int32_t tfm_ns_wait_for_s_cpu_ready(void); - -/** - * \brief Synchronisation with secure CPU, platform-specific implementation. - * Flags that the non-secure side has completed its initialization. - * Waits, if necessary, for the secure CPU to flag that it has completed - * its initialization. - * - * \retval Return 0 if succeeds. - * \retval Otherwise, return specific error code. - */ -int32_t tfm_platform_ns_wait_for_s_cpu_ready(void); - -/** - * \brief Acquire the multi-core lock for synchronizing PSA client call(s) - * The actual implementation depends on the use scenario. - * - * \return \ref TFM_SUCCESS on success - * \return \ref TFM_ERROR_GENERIC on error - */ -uint32_t tfm_ns_multi_core_lock_acquire(void); - -/** - * \brief Release the multi-core lock for synchronizing PSA client call(s) - * The actual implementation depends on the use scenario. - * - * \return \ref TFM_SUCCESS on success - * \return \ref TFM_ERROR_GENERIC on error - */ -uint32_t tfm_ns_multi_core_lock_release(void); - -#ifdef __cplusplus -} -#endif - -#endif /* __TFM_MULTI_CORE_API__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_ns_interface.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_ns_interface.h deleted file mode 100644 index 21857be..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_ns_interface.h +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Copyright (c) 2017-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ -#ifndef __TFM_NS_INTERFACE_H__ -#define __TFM_NS_INTERFACE_H__ - -#ifdef __cplusplus -extern "C" { -#endif - -#include -#include "tfm_api.h" - -typedef int32_t (*veneer_fn) (uint32_t arg0, uint32_t arg1, - uint32_t arg2, uint32_t arg3); - -/** - * \brief NS interface, veneer function dispatcher - * - * \details This function implements the dispatching mechanism for the - * desired veneer function, to be called with the parameters - * described from arg0 to arg3. - * - * \param[in] fn Function pointer to the veneer function desired - * \param[in] arg0 Argument 0 - * \param[in] arg1 Argument 1 - * \param[in] arg2 Argument 2 - * \param[in] arg3 Argument 3 - * - * \return Returns the same return value of the requested veneer function - */ -int32_t tfm_ns_interface_dispatch(veneer_fn fn, - uint32_t arg0, uint32_t arg1, - uint32_t arg2, uint32_t arg3); - -/** - * \brief NS interface, Initialise the NS interface - * - * \details This function needs to be called from the NS world to - * properly initialise the NS interface towards TF-M. This - * function will initialise all the objects required for - * runtime dispatching of TF-M requests to services - * - * \return A value according to \ref enum tfm_status_e - */ -enum tfm_status_e tfm_ns_interface_init(void); -#ifdef __cplusplus -} -#endif - -#endif /* __TFM_NS_INTERFACE_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_ns_mailbox.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_ns_mailbox.h deleted file mode 100644 index 2fcb1b6..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_ns_mailbox.h +++ /dev/null @@ -1,229 +0,0 @@ -/* - * Copyright (c) 2019-2020, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -/* Data types and API definitions in NSPE mailbox library */ - -#ifndef __TFM_NS_MAILBOX_H__ -#define __TFM_NS_MAILBOX_H__ - -#include -#include -#include "tfm_mailbox.h" - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef TFM_MULTI_CORE_TEST -/** - * \brief The structure to hold the statistics result of NSPE mailbox - */ -struct ns_mailbox_stats_res_t { - uint8_t avg_nr_slots; /* The value before the decimal point - * in the average number of NSPE - * mailbox slots in use. - */ - uint8_t avg_nr_slots_tenths; /* The first digit value after the - * decimal point in the average - * number of NSPE mailbox slots in use. - */ -}; -#endif - -/** - * \brief Prepare and send PSA client request to SPE via mailbox. - * - * \param[in] call_type PSA client call type - * \param[in] params Parmaters used for PSA client call - * \param[in] client_id Optional client ID of non-secure caller. - * It is required to identify the non-secure caller - * when NSPE OS enforces non-secure task isolation. - * - * \retval >= 0 The handle to the mailbox message assigned. - * \retval < 0 Operation failed with an error code. - */ -mailbox_msg_handle_t tfm_ns_mailbox_tx_client_req(uint32_t call_type, - const struct psa_client_params_t *params, - int32_t client_id); - -/** - * \brief Fetch PSA client return result. - * - * \param[in] handle The handle to the mailbox message - * \param[out] reply The address to be written with return result. - * - * \retval MAILBOX_SUCCESS Successfully get PSA client call return result. - * \retval Other return code Operation failed with an error code. - */ -int32_t tfm_ns_mailbox_rx_client_reply(mailbox_msg_handle_t handle, - int32_t *reply); - -/** - * \brief Check whether a specific mailbox message has been replied. - * - * \param[in] handle The handle to the mailbox message - * - * \retval true The PSA client call return value is replied. - * \retval false The PSA client call return value is not - * replied yet. - */ -bool tfm_ns_mailbox_is_msg_replied(mailbox_msg_handle_t handle); - -/** - * \brief NSPE mailbox initialization - * - * \param[in] queue The base address of NSPE mailbox queue to be - * initialized. - * - * \retval MAILBOX_SUCCESS Operation succeeded. - * \retval Other return code Operation failed with an error code. - */ -int32_t tfm_ns_mailbox_init(struct ns_mailbox_queue_t *queue); - -/** - * \brief Get the handle of the current non-secure task executing mailbox - * functionalities - * - * \note This function should be implemented according to platform, NS OS - * and actual use scenario. - * This function can be ignored or return NULL if sleep/wake-up mechanism - * is not required in PSA Client API implementation. - * - * \return Return the handle of task. - */ -const void *tfm_ns_mailbox_get_task_handle(void); - -/** - * \brief Fetch the handle to the first replied mailbox message in the NSPE - * mailbox queue. - * This function is intended to be called inside platform specific - * notification IRQ handler. - * - * \note The replied status of the fetched mailbox message will be cleaned after - * the message is fetched. When this function is called again, it fetches - * the next replied mailbox message from the NSPE mailbox queue. - * - * \return Return the handle to the first replied mailbox message in the - * queue. - * Return \ref MAILBOX_MSG_NULL_HANDLE if no mailbox message is replied. - */ -mailbox_msg_handle_t tfm_ns_mailbox_fetch_reply_msg_isr(void); - -/** - * \brief Return the handle of owner task of a mailbox message according to the - * \ref mailbox_msg_handle_t - * - * \param[in] handle The handle of mailbox message. - * - * \return Return the handle value of the owner task. - */ -const void *tfm_ns_mailbox_get_msg_owner(mailbox_msg_handle_t handle); - -#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL -/** - * \brief Wait for the reply returned from SPE to the mailbox message specified - * by handle - * - * \param[in] handle The handle of mailbox message. - * - * \retval MAILBOX_SUCCESS Return from waiting successfully. - * \retval Other return code Failed to wait with an error code. - */ -int32_t tfm_ns_mailbox_wait_reply(mailbox_msg_handle_t handle); -#endif - -/** - * \brief Platform specific NSPE mailbox initialization. - * Invoked by \ref tfm_ns_mailbox_init(). - * - * \param[in] queue The base address of NSPE mailbox queue to be - * initialized. - * - * \retval MAILBOX_SUCCESS Operation succeeded. - * \retval Other return code Operation failed with an error code. - */ -int32_t tfm_ns_mailbox_hal_init(struct ns_mailbox_queue_t *queue); - -/** - * \brief Notify SPE to deal with the PSA client call sent via mailbox - * - * \note The implementation depends on platform specific hardware and use case. - * - * \retval MAILBOX_SUCCESS Operation succeeded. - * \retval Other return code Operation failed with an error code. - */ -int32_t tfm_ns_mailbox_hal_notify_peer(void); - -/** - * \brief Enter critical section of NSPE mailbox. - * - * \note The implementation depends on platform specific hardware and use case. - */ -void tfm_ns_mailbox_hal_enter_critical(void); - -/** - * \brief Exit critical section of NSPE mailbox. - * - * \note The implementation depends on platform specific hardware and use case. - */ -void tfm_ns_mailbox_hal_exit_critical(void); - -/** - * \brief Enter critical section of NSPE mailbox in IRQ handler. - * - * \note The implementation depends on platform specific hardware and use case. - */ -void tfm_ns_mailbox_hal_enter_critical_isr(void); - -/** - * \brief Enter critical section of NSPE mailbox in IRQ handler - * - * \note The implementation depends on platform specific hardware and use case. - */ -void tfm_ns_mailbox_hal_exit_critical_isr(void); - -#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL -/** - * \brief Performs platform and NS OS specific waiting mechanism to wait for - * the reply of the specified mailbox message to be returned from SPE. - * - * \note This function is implemented by platform and NS OS specific waiting - * mechanism accroding to use scenario. - * - * \param[in] handle The handle of mailbox message. - */ -void tfm_ns_mailbox_hal_wait_reply(mailbox_msg_handle_t handle); -#endif - -#ifdef TFM_MULTI_CORE_TEST -/** - * \brief Initialize the statistics module in TF-M NSPE mailbox. - * - * \note This function is only available when multi-core tests are enabled. - */ -void tfm_ns_mailbox_tx_stats_init(void); - -/** - * \brief Calculate the average number of used NS mailbox queue slots each time - * NS task requires a queue slot to submit mailbox message, which is - * recorded in NS mailbox statisitics module. - * - * \note This function is only available when multi-core tests are enabled. - * - * \param[in] stats_res The buffer to be written with - * \ref ns_mailbox_stats_res_t. - * - * \return Return the calculation result. - */ -void tfm_ns_mailbox_stats_avg_slot(struct ns_mailbox_stats_res_t *stats_res); -#endif - -#ifdef __cplusplus -} -#endif - -#endif /* __TFM_NS_MAILBOX_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_ns_svc.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_ns_svc.h deleted file mode 100644 index def0c2f..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_ns_svc.h +++ /dev/null @@ -1,68 +0,0 @@ -/* - * Copyright (c) 2017-2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include -#include "cmsis_compiler.h" - -#ifndef __TFM_NS_SVC_H__ -#define __TFM_NS_SVC_H__ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Include all the SVC handler headers - */ -#include "tfm_nspm_svc_handler.h" - -/** - * \brief Macro to encode an svc instruction - * - */ -#define SVC(code) __ASM volatile("svc %0" : : "I" (code)) - -/** - * \def LIST_SVC_NSPM - * - * \brief This is an X macro which lists - * the SVC interface exposed by TF-M - * for the NS OS. - * - */ -#define LIST_SVC_NSPM \ - X(SVC_TFM_NSPM_REGISTER_CLIENT_ID, tfm_nspm_svc_register_client_id) \ - -/** - * \brief Numbers associated to each SVC available - * - * \details Start from 1 as 0 is reserved by RTX - */ -enum tfm_svc_num { - SVC_INVALID = 0, - -#define X(SVC_ENUM, SVC_HANDLER) SVC_ENUM, - - /* SVC API for Services */ -#ifdef TFM_NS_CLIENT_IDENTIFICATION - LIST_SVC_NSPM -#endif - -#undef X - - /* add all the new entries above this line */ - SVC_TFM_MAX, -}; - -/* number of user SVC functions */ -#define USER_SVC_COUNT ((uint32_t)SVC_TFM_MAX - 1) - -#ifdef __cplusplus -} -#endif - -#endif /* __TFM_NS_SVC_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_platform_api.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_platform_api.h deleted file mode 100644 index 8c9b0db..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_platform_api.h +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (c) 2018-2020, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#ifndef __TFM_PLATFORM_API__ -#define __TFM_PLATFORM_API__ - -#include -#include -#include -#include "tfm_api.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief TFM secure partition platform API version - */ -#define TFM_PLATFORM_API_VERSION_MAJOR (0) -#define TFM_PLATFORM_API_VERSION_MINOR (3) - -#define TFM_PLATFORM_API_ID_NV_READ (1010) -#define TFM_PLATFORM_API_ID_NV_INCREMENT (1011) - -/*! - * \enum tfm_platform_err_t - * - * \brief Platform service error types - * - */ -enum tfm_platform_err_t { - TFM_PLATFORM_ERR_SUCCESS = 0, - TFM_PLATFORM_ERR_SYSTEM_ERROR, - TFM_PLATFORM_ERR_INVALID_PARAM, - TFM_PLATFORM_ERR_NOT_SUPPORTED, - - /* Following entry is only to ensure the error code of int size */ - TFM_PLATFORM_ERR_FORCE_INT_SIZE = INT_MAX -}; - -typedef int32_t tfm_platform_ioctl_req_t; - -/*! - * \brief Resets the system. - * - * \return Returns values as specified by the \ref tfm_platform_err_t - */ -enum tfm_platform_err_t tfm_platform_system_reset(void); - -/*! - * \brief Performs a platform-specific service - * - * \param[in] request Request identifier (valid values vary - * based on the platform) - * \param[in] input Input buffer to the requested service (or NULL) - * \param[in,out] output Output buffer to the requested service (or NULL) - * - * \return Returns values as specified by the \ref tfm_platform_err_t - */ -enum tfm_platform_err_t tfm_platform_ioctl(tfm_platform_ioctl_req_t request, - psa_invec *input, - psa_outvec *output); - -/*! - * \brief Increments the given non-volatile (NV) counter by one - * - * \param[in] counter_id NV counter ID. - * - * \return TFM_PLATFORM_ERR_SUCCESS if the value is read correctly. Otherwise, - * it returns TFM_PLATFORM_ERR_SYSTEM_ERROR. - */ -enum tfm_platform_err_t -tfm_platform_nv_counter_increment(uint32_t counter_id); - -/*! - * \brief Reads the given non-volatile (NV) counter - * - * \param[in] counter_id NV counter ID. - * \param[in] size Size of the buffer to store NV counter value - * in bytes. - * \param[out] val Pointer to store the current NV counter value. - * - * \return TFM_PLATFORM_ERR_SUCCESS if the value is read correctly. Otherwise, - * it returns TFM_PLATFORM_ERR_SYSTEM_ERROR. - */ -enum tfm_platform_err_t -tfm_platform_nv_counter_read(uint32_t counter_id, - uint32_t size, uint8_t *val); - -#ifdef __cplusplus -} -#endif - -#endif /* __TFM_PLATFORM_API__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_veneers.h b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_veneers.h deleted file mode 100644 index c66006a..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/include/tfm_veneers.h +++ /dev/null @@ -1,180 +0,0 @@ -/* - * Copyright (c) 2018-2020, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -/*********** WARNING: This is an auto-generated file. Do not edit! ***********/ - -#ifndef __TFM_VENEERS_H__ -#define __TFM_VENEERS_H__ - -#include "tfm_api.h" - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef TFM_PARTITION_PROTECTED_STORAGE -/******** TFM_SP_PS ********/ -psa_status_t tfm_tfm_ps_set_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_ps_get_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_ps_get_info_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_ps_remove_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_ps_get_support_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -#endif /* TFM_PARTITION_PROTECTED_STORAGE */ - -#ifdef TFM_PARTITION_INTERNAL_TRUSTED_STORAGE -/******** TFM_SP_ITS ********/ -psa_status_t tfm_tfm_its_set_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_its_get_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_its_get_info_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_its_remove_req_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -#endif /* TFM_PARTITION_INTERNAL_TRUSTED_STORAGE */ - -#ifdef TFM_PARTITION_AUDIT_LOG -/******** TFM_SP_AUDIT_LOG ********/ -psa_status_t tfm_audit_core_retrieve_record_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_audit_core_add_record_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_audit_core_get_info_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_audit_core_get_record_info_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_audit_core_delete_record_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -#endif /* TFM_PARTITION_AUDIT_LOG */ - -#ifdef TFM_PARTITION_CRYPTO -/******** TFM_SP_CRYPTO ********/ -psa_status_t tfm_tfm_crypto_get_key_attributes_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_open_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_close_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_reset_key_attributes_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_import_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_destroy_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_export_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_export_public_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_copy_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_hash_compute_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_hash_compare_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_hash_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_hash_update_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_hash_finish_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_hash_verify_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_hash_abort_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_hash_clone_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_mac_compute_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_mac_verify_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_mac_sign_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_mac_verify_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_mac_update_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_mac_sign_finish_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_mac_verify_finish_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_mac_abort_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_cipher_encrypt_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_cipher_decrypt_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_cipher_encrypt_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_cipher_decrypt_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_cipher_generate_iv_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_cipher_set_iv_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_cipher_update_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_cipher_finish_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_cipher_abort_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_aead_encrypt_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_aead_decrypt_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_aead_encrypt_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_aead_decrypt_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_aead_generate_nonce_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_aead_set_nonce_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_aead_set_lengths_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_aead_update_ad_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_aead_update_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_aead_finish_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_aead_verify_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_aead_abort_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_sign_hash_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_verify_hash_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_asymmetric_encrypt_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_asymmetric_decrypt_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_key_derivation_setup_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_key_derivation_get_capacity_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_key_derivation_set_capacity_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_key_derivation_input_bytes_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_key_derivation_input_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_key_derivation_key_agreement_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_key_derivation_output_bytes_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_key_derivation_output_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_key_derivation_abort_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_raw_key_agreement_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_generate_random_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_tfm_crypto_generate_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -#endif /* TFM_PARTITION_CRYPTO */ - -#ifdef TFM_PARTITION_PLATFORM -/******** TFM_SP_PLATFORM ********/ -psa_status_t tfm_platform_sp_system_reset_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_platform_sp_ioctl_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_platform_sp_nv_counter_read_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_platform_sp_nv_counter_increment_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -#endif /* TFM_PARTITION_PLATFORM */ - -#ifdef TFM_PARTITION_INITIAL_ATTESTATION -/******** TFM_SP_INITIAL_ATTESTATION ********/ -psa_status_t tfm_initial_attest_get_token_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_initial_attest_get_token_size_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_initial_attest_get_public_key_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -#endif /* TFM_PARTITION_INITIAL_ATTESTATION */ - -#ifdef TFM_PARTITION_TEST_CORE -/******** TFM_SP_CORE_TEST ********/ -psa_status_t tfm_spm_core_test_sfn_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_spm_core_test_sfn_init_success_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_spm_core_test_sfn_direct_recursion_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -#endif /* TFM_PARTITION_TEST_CORE */ - -#ifdef TFM_PARTITION_TEST_CORE -/******** TFM_SP_CORE_TEST_2 ********/ -psa_status_t tfm_spm_core_test_2_slave_service_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_spm_core_test_2_sfn_invert_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_spm_core_test_2_check_caller_client_id_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_spm_core_test_2_get_every_second_byte_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_spm_core_test_2_prepare_test_scenario_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_spm_core_test_2_execute_test_scenario_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -#endif /* TFM_PARTITION_TEST_CORE */ - -#ifdef TFM_PARTITION_TEST_SECURE_SERVICES -/******** TFM_SP_SECURE_TEST_PARTITION ********/ -psa_status_t tfm_tfm_secure_client_service_sfn_run_tests_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -#endif /* TFM_PARTITION_TEST_SECURE_SERVICES */ - -#ifdef TFM_PARTITION_TEST_CORE_IPC -/******** TFM_SP_IPC_SERVICE_TEST ********/ -#endif /* TFM_PARTITION_TEST_CORE_IPC */ - -#ifdef TFM_PARTITION_TEST_CORE_IPC -/******** TFM_SP_IPC_CLIENT_TEST ********/ -#endif /* TFM_PARTITION_TEST_CORE_IPC */ - -#ifdef TFM_ENABLE_IRQ_TEST -/******** TFM_IRQ_TEST_1 ********/ -psa_status_t tfm_spm_irq_test_1_prepare_test_scenario_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -psa_status_t tfm_spm_irq_test_1_execute_test_scenario_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -#endif /* TFM_ENABLE_IRQ_TEST */ - -#ifdef TFM_PARTITION_TEST_PS -/******** TFM_SP_PS_TEST ********/ -psa_status_t tfm_tfm_ps_test_prepare_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -#endif /* TFM_PARTITION_TEST_PS */ - -#ifdef TFM_PARTITION_TEST_SECURE_SERVICES -/******** TFM_SP_SECURE_CLIENT_2 ********/ -psa_status_t tfm_tfm_secure_client_2_call_veneer(psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len); -#endif /* TFM_PARTITION_TEST_SECURE_SERVICES */ - -#ifdef TFM_MULTI_CORE_TEST -/******** TFM_SP_MULTI_CORE_TEST ********/ -#endif /* TFM_MULTI_CORE_TEST */ - -#ifdef __cplusplus -} -#endif - -#endif /* __TFM_VENEERS_H__ */ diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/src/tfm_crypto_ipc_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/src/tfm_crypto_ipc_api.c deleted file mode 100644 index 70b3a0d..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/src/tfm_crypto_ipc_api.c +++ /dev/null @@ -1,1875 +0,0 @@ -/* - * Copyright (c) 2018-2020, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include "tfm_crypto_defs.h" -#include "psa/crypto.h" -#include "tfm_ns_interface.h" -#include "psa_manifest/sid.h" -#include "psa/client.h" - -#define ARRAY_SIZE(arr) (sizeof(arr)/sizeof(arr[0])) - -#define PSA_CONNECT(service) \ - psa_handle_t ipc_handle; \ - ipc_handle = psa_connect(service##_SID, service##_VERSION); \ - if (!PSA_HANDLE_IS_VALID(ipc_handle)) { \ - return PSA_ERROR_GENERIC_ERROR; \ - } \ - -#define PSA_CLOSE() psa_close(ipc_handle) - -#define API_DISPATCH(sfn_name, sfn_id) \ - psa_call(ipc_handle, PSA_IPC_CALL, \ - in_vec, ARRAY_SIZE(in_vec), \ - out_vec, ARRAY_SIZE(out_vec)) - -#define API_DISPATCH_NO_OUTVEC(sfn_name, sfn_id) \ - psa_call(ipc_handle, PSA_IPC_CALL, \ - in_vec, ARRAY_SIZE(in_vec), \ - (psa_outvec *)NULL, 0) - -psa_status_t psa_crypto_init(void) -{ - /* Service init is performed during TFM boot up, - * so application level initialisation is empty - */ - return PSA_SUCCESS; -} - -psa_status_t psa_open_key(psa_key_id_t id, - psa_key_handle_t *handle) -{ -#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - const struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_OPEN_KEY_SID, - }; - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - {.base = &id, .len = sizeof(psa_key_id_t)}, - }; - psa_outvec out_vec[] = { - {.base = handle, .len = sizeof(psa_key_handle_t)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_open_key, - TFM_CRYPTO_OPEN_KEY); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ -} - -psa_status_t psa_close_key(psa_key_handle_t handle) -{ -#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - const struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_CLOSE_KEY_SID, - .key_handle = handle, - }; - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH_NO_OUTVEC(tfm_crypto_close_key, - TFM_CRYPTO_CLOSE_KEY);; - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ -} - -psa_status_t psa_import_key(const psa_key_attributes_t *attributes, - const uint8_t *data, - size_t data_length, - psa_key_handle_t *handle) -{ -#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_IMPORT_KEY_SID, - }; - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - {.base = attributes, .len = sizeof(psa_key_attributes_t)}, - {.base = data, .len = data_length} - }; - psa_outvec out_vec[] = { - {.base = handle, .len = sizeof(psa_key_handle_t)} - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_import_key, - TFM_CRYPTO_IMPORT_KEY); - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ -} - -psa_status_t psa_destroy_key(psa_key_handle_t handle) -{ -#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_DESTROY_KEY_SID, - .key_handle = handle, - }; - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH_NO_OUTVEC(tfm_crypto_destroy_key, - TFM_CRYPTO_DESTROY_KEY); - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ -} - -psa_status_t psa_get_key_attributes(psa_key_handle_t handle, - psa_key_attributes_t *attributes) -{ -#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_GET_KEY_ATTRIBUTES_SID, - .key_handle = handle, - }; - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - psa_outvec out_vec[] = { - {.base = attributes, .len = sizeof(psa_key_attributes_t)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_get_key_attributes, - TFM_CRYPTO_GET_KEY_ATTRIBUTES); - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ -} - -void psa_reset_key_attributes(psa_key_attributes_t *attributes) -{ -#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED - return; -#else - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_RESET_KEY_ATTRIBUTES_SID, - }; - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - psa_outvec out_vec[] = { - {.base = attributes, .len = sizeof(psa_key_attributes_t)}, - }; - - psa_handle_t ipc_handle; - ipc_handle = psa_connect(TFM_CRYPTO_SID, TFM_CRYPTO_VERSION); - if (!PSA_HANDLE_IS_VALID(ipc_handle)) { - return; - } - - (void)API_DISPATCH(tfm_crypto_reset_key_attributes, - TFM_CRYPTO_RESET_KEY_ATTRIBUTES); - PSA_CLOSE(); - - return; -#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ -} - -psa_status_t psa_export_key(psa_key_handle_t handle, - uint8_t *data, - size_t data_size, - size_t *data_length) -{ -#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_EXPORT_KEY_SID, - .key_handle = handle, - }; - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - psa_outvec out_vec[] = { - {.base = data, .len = data_size} - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_export_key, - TFM_CRYPTO_EXPORT_KEY); - - *data_length = out_vec[0].len; - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ -} - -psa_status_t psa_export_public_key(psa_key_handle_t handle, - uint8_t *data, - size_t data_size, - size_t *data_length) -{ -#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_EXPORT_PUBLIC_KEY_SID, - .key_handle = handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - psa_outvec out_vec[] = { - {.base = data, .len = data_size} - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_export_public_key, - TFM_CRYPTO_EXPORT_PUBLIC_KEY); - - *data_length = out_vec[0].len; - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ -} - -psa_status_t psa_copy_key(psa_key_handle_t source_handle, - const psa_key_attributes_t *attributes, - psa_key_handle_t *target_handle) -{ -#ifdef TFM_CRYPTO_KEY_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_COPY_KEY_SID, - .key_handle = source_handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - {.base = attributes, .len = sizeof(psa_key_attributes_t)}, - - }; - - psa_outvec out_vec[] = { - {.base = target_handle, .len = sizeof(psa_key_handle_t)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_copy_key, - TFM_CRYPTO_COPY_KEY); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_KEY_MODULE_DISABLED */ -} - -psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, - unsigned char *iv, - size_t iv_size, - size_t *iv_length) -{ -#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_CIPHER_GENERATE_IV_SID, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - psa_outvec out_vec[] = { - {.base = &(operation->handle), .len = sizeof(uint32_t)}, - {.base = iv, .len = iv_size}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_cipher_generate_iv, - TFM_CRYPTO_CIPHER_GENERATE_IV); - - *iv_length = out_vec[1].len; - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ -} - -psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, - const unsigned char *iv, - size_t iv_length) -{ -#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_CIPHER_SET_IV_SID, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - {.base = iv, .len = iv_length}, - }; - psa_outvec out_vec[] = { - {.base = &(operation->handle), .len = sizeof(uint32_t)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_cipher_set_iv, - TFM_CRYPTO_CIPHER_SET_IV); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ -} - -psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, - psa_key_handle_t handle, - psa_algorithm_t alg) -{ -#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID, - .key_handle = handle, - .alg = alg, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - psa_outvec out_vec[] = { - {.base = &(operation->handle), .len = sizeof(uint32_t)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_cipher_encrypt_setup, - TFM_CRYPTO_CIPHER_ENCRYPT_SETUP); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ -} - -psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, - psa_key_handle_t handle, - psa_algorithm_t alg) -{ -#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID, - .key_handle = handle, - .alg = alg, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - psa_outvec out_vec[] = { - {.base = &(operation->handle), .len = sizeof(uint32_t)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_cipher_decrypt_setup, - TFM_CRYPTO_CIPHER_DECRYPT_SETUP); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ -} - -psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, - const uint8_t *input, - size_t input_length, - unsigned char *output, - size_t output_size, - size_t *output_length) -{ -#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_CIPHER_UPDATE_SID, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - {.base = input, .len = input_length}, - }; - psa_outvec out_vec[] = { - {.base = &(operation->handle), .len = sizeof(uint32_t)}, - {.base = output, .len = output_size} - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_cipher_update, - TFM_CRYPTO_CIPHER_UPDATE); - - *output_length = out_vec[1].len; - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ -} - -psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation) -{ -#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_CIPHER_ABORT_SID, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - psa_outvec out_vec[] = { - {.base = &(operation->handle), .len = sizeof(uint32_t)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_cipher_abort, - TFM_CRYPTO_CIPHER_ABORT); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ -} - -psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, - uint8_t *output, - size_t output_size, - size_t *output_length) -{ -#ifdef TFM_CRYPTO_CIPHER_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_CIPHER_FINISH_SID, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - psa_outvec out_vec[] = { - {.base = &(operation->handle), .len = sizeof(uint32_t)}, - {.base = output, .len = output_size}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_cipher_finish, - TFM_CRYPTO_CIPHER_FINISH); - - *output_length = out_vec[1].len; - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_CIPHER_MODULE_DISABLED */ -} - -psa_status_t psa_hash_setup(psa_hash_operation_t *operation, - psa_algorithm_t alg) -{ -#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_HASH_SETUP_SID, - .alg = alg, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - psa_outvec out_vec[] = { - {.base = &(operation->handle), .len = sizeof(uint32_t)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_hash_setup, - TFM_CRYPTO_HASH_SETUP); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */ -} - -psa_status_t psa_hash_update(psa_hash_operation_t *operation, - const uint8_t *input, - size_t input_length) -{ -#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_HASH_UPDATE_SID, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - {.base = input, .len = input_length}, - }; - psa_outvec out_vec[] = { - {.base = &(operation->handle), .len = sizeof(uint32_t)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_hash_update, - TFM_CRYPTO_HASH_UPDATE); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */ -} - -psa_status_t psa_hash_finish(psa_hash_operation_t *operation, - uint8_t *hash, - size_t hash_size, - size_t *hash_length) -{ -#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_HASH_FINISH_SID, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - psa_outvec out_vec[] = { - {.base = &(operation->handle), .len = sizeof(uint32_t)}, - {.base = hash, .len = hash_size}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_hash_finish, - TFM_CRYPTO_HASH_FINISH); - - *hash_length = out_vec[1].len; - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */ -} - -psa_status_t psa_hash_verify(psa_hash_operation_t *operation, - const uint8_t *hash, - size_t hash_length) -{ -#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_HASH_VERIFY_SID, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - {.base = hash, .len = hash_length}, - }; - psa_outvec out_vec[] = { - {.base = &(operation->handle), .len = sizeof(uint32_t)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_hash_verify, - TFM_CRYPTO_HASH_VERIFY); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */ -} - -psa_status_t psa_hash_abort(psa_hash_operation_t *operation) -{ -#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_HASH_ABORT_SID, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - psa_outvec out_vec[] = { - {.base = &(operation->handle), .len = sizeof(uint32_t)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_hash_abort, - TFM_CRYPTO_HASH_ABORT); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */ -} - -psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, - psa_hash_operation_t *target_operation) -{ -#ifdef TFM_CRYPTO_HASH_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_HASH_CLONE_SID, - .op_handle = source_operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - psa_outvec out_vec[] = { - {.base = target_operation, .len = sizeof(psa_hash_operation_t)}, - }; - - if (target_operation && (target_operation->handle != 0)) { - return PSA_ERROR_BAD_STATE; - } - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_hash_clone, - TFM_CRYPTO_HASH_CLONE); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_HASH_MODULE_DISABLED */ -} - -psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, - psa_key_handle_t handle, - psa_algorithm_t alg) -{ -#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_MAC_SIGN_SETUP_SID, - .key_handle = handle, - .alg = alg, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - psa_outvec out_vec[] = { - {.base = &(operation->handle), .len = sizeof(uint32_t)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_mac_sign_setup, - TFM_CRYPTO_MAC_SIGN_SETUP); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */ -} - -psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, - psa_key_handle_t handle, - psa_algorithm_t alg) -{ -#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_MAC_VERIFY_SETUP_SID, - .key_handle = handle, - .alg = alg, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - psa_outvec out_vec[] = { - {.base = &(operation->handle), .len = sizeof(uint32_t)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_mac_verify_setup, - TFM_CRYPTO_MAC_VERIFY_SETUP); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */ -} - -psa_status_t psa_mac_update(psa_mac_operation_t *operation, - const uint8_t *input, - size_t input_length) -{ -#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_MAC_UPDATE_SID, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - {.base = input, .len = input_length}, - }; - psa_outvec out_vec[] = { - {.base = &(operation->handle), .len = sizeof(uint32_t)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_mac_update, - TFM_CRYPTO_MAC_UPDATE); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */ -} - -psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length) -{ -#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_MAC_SIGN_FINISH_SID, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - psa_outvec out_vec[] = { - {.base = &(operation->handle), .len = sizeof(uint32_t)}, - {.base = mac, .len = mac_size}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_mac_sign_finish, - TFM_CRYPTO_MAC_SIGN_FINISH); - - *mac_length = out_vec[1].len; - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */ -} - -psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, - const uint8_t *mac, - size_t mac_length) -{ -#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_MAC_VERIFY_FINISH_SID, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - {.base = mac, .len = mac_length}, - }; - psa_outvec out_vec[] = { - {.base = &(operation->handle), .len = sizeof(uint32_t)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_mac_verify_finish, - TFM_CRYPTO_MAC_VERIFY_FINISH); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */ -} - -psa_status_t psa_mac_abort(psa_mac_operation_t *operation) -{ -#ifdef TFM_CRYPTO_MAC_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_MAC_ABORT_SID, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - psa_outvec out_vec[] = { - {.base = &(operation->handle), .len = sizeof(uint32_t)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_mac_abort, - TFM_CRYPTO_MAC_ABORT); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_MAC_MODULE_DISABLED */ -} - -psa_status_t psa_aead_encrypt(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *nonce, - size_t nonce_length, - const uint8_t *additional_data, - size_t additional_data_length, - const uint8_t *plaintext, - size_t plaintext_length, - uint8_t *ciphertext, - size_t ciphertext_size, - size_t *ciphertext_length) -{ -#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_AEAD_ENCRYPT_SID, - .key_handle = handle, - .alg = alg, - .aead_in = {.nonce = {0}, .nonce_length = nonce_length} - }; - - /* Sanitize the optional input */ - if ((additional_data == NULL) && (additional_data_length != 0)) { - return PSA_ERROR_INVALID_ARGUMENT; - } - - size_t idx = 0; - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - {.base = plaintext, .len = plaintext_length}, - {.base = additional_data, .len = additional_data_length}, - }; - psa_outvec out_vec[] = { - {.base = ciphertext, .len = ciphertext_size}, - }; - - if (nonce_length > TFM_CRYPTO_MAX_NONCE_LENGTH) { - return PSA_ERROR_INVALID_ARGUMENT; - } - - if (nonce != NULL) { - for (idx = 0; idx < nonce_length; idx++) { - iov.aead_in.nonce[idx] = nonce[idx]; - } - } - - PSA_CONNECT(TFM_CRYPTO); - - size_t in_len = ARRAY_SIZE(in_vec); - if (additional_data == NULL) { - in_len--; - } - status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len, - out_vec, ARRAY_SIZE(out_vec)); - - *ciphertext_length = out_vec[0].len; - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */ -} - -psa_status_t psa_aead_decrypt(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *nonce, - size_t nonce_length, - const uint8_t *additional_data, - size_t additional_data_length, - const uint8_t *ciphertext, - size_t ciphertext_length, - uint8_t *plaintext, - size_t plaintext_size, - size_t *plaintext_length) -{ -#ifdef TFM_CRYPTO_AEAD_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_AEAD_DECRYPT_SID, - .key_handle = handle, - .alg = alg, - .aead_in = {.nonce = {0}, .nonce_length = nonce_length} - }; - - /* Sanitize the optional input */ - if ((additional_data == NULL) && (additional_data_length != 0)) { - return PSA_ERROR_INVALID_ARGUMENT; - } - - size_t idx = 0; - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - {.base = ciphertext, .len = ciphertext_length}, - {.base = additional_data, .len = additional_data_length}, - }; - psa_outvec out_vec[] = { - {.base = plaintext, .len = plaintext_size}, - }; - - if (nonce_length > TFM_CRYPTO_MAX_NONCE_LENGTH) { - return PSA_ERROR_INVALID_ARGUMENT; - } - - if (nonce != NULL) { - for (idx = 0; idx < nonce_length; idx++) { - iov.aead_in.nonce[idx] = nonce[idx]; - } - } - - PSA_CONNECT(TFM_CRYPTO); - - size_t in_len = ARRAY_SIZE(in_vec); - if (additional_data == NULL) { - in_len--; - } - status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len, - out_vec, ARRAY_SIZE(out_vec)); - - *plaintext_length = out_vec[0].len; - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_AEAD_MODULE_DISABLED */ -} - -psa_status_t psa_asymmetric_sign(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - uint8_t *signature, - size_t signature_size, - size_t *signature_length) -{ - return psa_sign_hash(handle, alg, hash, hash_length, signature, signature_size, signature_length); -} - -psa_status_t psa_sign_hash(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - uint8_t *signature, - size_t signature_size, - size_t *signature_length) -{ -#ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_SIGN_HASH_SID, - .key_handle = handle, - .alg = alg, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - {.base = hash, .len = hash_length}, - }; - psa_outvec out_vec[] = { - {.base = signature, .len = signature_size}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_sign_hash, - TFM_CRYPTO_SIGN_HASH); - - *signature_length = out_vec[0].len; - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */ -} - -psa_status_t psa_asymmetric_verify(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - const uint8_t *signature, - size_t signature_length) -{ - return psa_verify_hash(handle, alg, hash, hash_length, signature, signature_length); -} - -psa_status_t psa_verify_hash(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - const uint8_t *signature, - size_t signature_length) -{ -#ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_VERIFY_HASH_SID, - .key_handle = handle, - .alg = alg - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - {.base = hash, .len = hash_length}, - {.base = signature, .len = signature_length} - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH_NO_OUTVEC(tfm_crypto_verify_hash, - TFM_CRYPTO_VERIFY_HASH); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */ -} - -psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *salt, - size_t salt_length, - uint8_t *output, - size_t output_size, - size_t *output_length) -{ -#ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_ASYMMETRIC_ENCRYPT_SID, - .key_handle = handle, - .alg = alg - }; - - /* Sanitize the optional input */ - if ((salt == NULL) && (salt_length != 0)) { - return PSA_ERROR_INVALID_ARGUMENT; - } - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - {.base = input, .len = input_length}, - {.base = salt, .len = salt_length} - }; - - psa_outvec out_vec[] = { - {.base = output, .len = output_size}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - size_t in_len = ARRAY_SIZE(in_vec); - if (salt == NULL) { - in_len--; - } - status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len, - out_vec, ARRAY_SIZE(out_vec)); - - *output_length = out_vec[0].len; - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */ -} - -psa_status_t psa_asymmetric_decrypt(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *salt, - size_t salt_length, - uint8_t *output, - size_t output_size, - size_t *output_length) -{ -#ifdef TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_ASYMMETRIC_DECRYPT_SID, - .key_handle = handle, - .alg = alg - }; - - /* Sanitize the optional input */ - if ((salt == NULL) && (salt_length != 0)) { - return PSA_ERROR_INVALID_ARGUMENT; - } - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - {.base = input, .len = input_length}, - {.base = salt, .len = salt_length} - }; - - psa_outvec out_vec[] = { - {.base = output, .len = output_size}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - size_t in_len = ARRAY_SIZE(in_vec); - if (salt == NULL) { - in_len--; - } - status = psa_call(ipc_handle, PSA_IPC_CALL, in_vec, in_len, - out_vec, ARRAY_SIZE(out_vec)); - - *output_length = out_vec[0].len; - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED */ -} - -psa_status_t psa_key_derivation_get_capacity( - const psa_key_derivation_operation_t *operation, - size_t *capacity) -{ -#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY_SID, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - - psa_outvec out_vec[] = { - {.base = capacity, .len = sizeof(size_t)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_key_derivation_get_capacity, - TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ -} - -psa_status_t psa_key_derivation_output_bytes( - psa_key_derivation_operation_t *operation, - uint8_t *output, - size_t output_length) -{ -#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_SID, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - - psa_outvec out_vec[] = { - {.base = output, .len = output_length}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_key_derivation_output_bytes, - TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ -} - -psa_status_t psa_key_derivation_input_key( - psa_key_derivation_operation_t *operation, - psa_key_derivation_step_t step, - psa_key_handle_t handle) -{ -#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY_SID, - .key_handle = handle, - .step = step, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH_NO_OUTVEC(tfm_crypto_key_derivation_input_key, - TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ -} - -psa_status_t psa_key_derivation_abort( - psa_key_derivation_operation_t *operation) -{ -#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_KEY_DERIVATION_ABORT_SID, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - - psa_outvec out_vec[] = { - {.base = &(operation->handle), .len = sizeof(uint32_t)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_key_derivation_abort, - TFM_CRYPTO_KEY_DERIVATION_ABORT); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ -} - -psa_status_t psa_key_derivation_key_agreement( - psa_key_derivation_operation_t *operation, - psa_key_derivation_step_t step, - psa_key_handle_t private_key, - const uint8_t *peer_key, - size_t peer_key_length) -{ -#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT_SID, - .key_handle = private_key, - .step = step, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - {.base = peer_key, .len = peer_key_length}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH_NO_OUTVEC(tfm_crypto_key_derivation_key_agreement, - TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ -} - -psa_status_t psa_generate_random(uint8_t *output, - size_t output_size) -{ -#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_GENERATE_RANDOM_SID, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - - psa_outvec out_vec[] = { - {.base = output, .len = output_size}, - }; - - if (output_size == 0) { - return PSA_SUCCESS; - } - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_generate_random, - TFM_CRYPTO_GENERATE_RANDOM); - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ -} - -psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, - psa_key_handle_t *handle) -{ -#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_GENERATE_KEY_SID, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - {.base = attributes, .len = sizeof(psa_key_attributes_t)}, - }; - - psa_outvec out_vec[] = { - {.base = handle, .len = sizeof(psa_key_handle_t)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_generate_key, - TFM_CRYPTO_GENERATE_KEY); - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ -} - -psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, - psa_key_type_t type, - const uint8_t *data, - size_t data_length) -{ - psa_status_t status; - - status = PSA_ERROR_NOT_SUPPORTED; - - return status; -} - -psa_status_t psa_get_key_domain_parameters( - const psa_key_attributes_t *attributes, - uint8_t *data, - size_t data_size, - size_t *data_length) -{ - psa_status_t status; - - status = PSA_ERROR_NOT_SUPPORTED; - - return status; -} - -psa_status_t psa_hash_compare(psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *hash, - const size_t hash_length) -{ - psa_status_t status; - - status = PSA_ERROR_NOT_SUPPORTED; - - return status; -} - -psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, - const uint8_t *input, - size_t input_length) -{ - psa_status_t status; - - status = PSA_ERROR_NOT_SUPPORTED; - - return status; -} - -psa_status_t psa_aead_finish(psa_aead_operation_t *operation, - uint8_t *ciphertext, - size_t ciphertext_size, - size_t *ciphertext_length, - uint8_t *tag, - size_t tag_size, - size_t *tag_length) -{ - psa_status_t status; - - status = PSA_ERROR_NOT_SUPPORTED; - - return status; -} - -psa_status_t psa_aead_verify(psa_aead_operation_t *operation, - uint8_t *plaintext, - size_t plaintext_size, - size_t *plaintext_length, - const uint8_t *tag, - size_t tag_length) -{ - psa_status_t status; - - status = PSA_ERROR_NOT_SUPPORTED; - - return status; -} - -psa_status_t psa_aead_abort(psa_aead_operation_t *operation) -{ - psa_status_t status; - - status = PSA_ERROR_NOT_SUPPORTED; - - return status; -} - -psa_status_t psa_mac_compute(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length) -{ - psa_status_t status; - - status = PSA_ERROR_NOT_SUPPORTED; - - return status; -} - -psa_status_t psa_mac_verify(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *mac, - const size_t mac_length) -{ - psa_status_t status; - - status = PSA_ERROR_NOT_SUPPORTED; - - return status; -} - -psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length) -{ - psa_status_t status; - - status = PSA_ERROR_NOT_SUPPORTED; - - return status; -} - -psa_status_t psa_cipher_decrypt(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length) -{ - psa_status_t status; - - status = PSA_ERROR_NOT_SUPPORTED; - - return status; -} - -psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, - psa_key_handle_t private_key, - const uint8_t *peer_key, - size_t peer_key_length, - uint8_t *output, - size_t output_size, - size_t *output_length) -{ -#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_RAW_KEY_AGREEMENT_SID, - .alg = alg, - .key_handle = private_key - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - {.base = peer_key, .len = peer_key_length}, - }; - - psa_outvec out_vec[] = { - {.base = output, .len = output_size}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_raw_key_agreement, - TFM_CRYPTO_RAW_KEY_AGREEMENT); - - *output_length = out_vec[0].len; - - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ -} - -psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation, - psa_algorithm_t alg) -{ -#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_KEY_DERIVATION_SETUP_SID, - .alg = alg, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - psa_outvec out_vec[] = { - {.base = &(operation->handle), .len = sizeof(uint32_t)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_key_derivation_setup, - TFM_CRYPTO_KEY_DERIVATION_SETUP); - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ -} - -psa_status_t psa_key_derivation_set_capacity( - psa_key_derivation_operation_t *operation, - size_t capacity) -{ -#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY_SID, - .capacity = capacity, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH_NO_OUTVEC(tfm_crypto_key_derivation_set_capacity, - TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY); - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ -} - -psa_status_t psa_key_derivation_input_bytes( - psa_key_derivation_operation_t *operation, - psa_key_derivation_step_t step, - const uint8_t *data, - size_t data_length) -{ -#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES_SID, - .step = step, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - {.base = data, .len = data_length}, - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH_NO_OUTVEC(tfm_crypto_key_derivation_input_bytes, - TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES); - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ -} - -psa_status_t psa_key_derivation_output_key( - const psa_key_attributes_t *attributes, - psa_key_derivation_operation_t *operation, - psa_key_handle_t *handle) -{ -#ifdef TFM_CRYPTO_GENERATOR_MODULE_DISABLED - return PSA_ERROR_NOT_SUPPORTED; -#else - psa_status_t status; - struct tfm_crypto_pack_iovec iov = { - .sfn_id = TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY_SID, - .op_handle = operation->handle, - }; - - psa_invec in_vec[] = { - {.base = &iov, .len = sizeof(struct tfm_crypto_pack_iovec)}, - {.base = attributes, .len = sizeof(psa_key_attributes_t)}, - }; - - psa_outvec out_vec[] = { - {.base = handle, .len = sizeof(psa_key_handle_t)} - }; - - PSA_CONNECT(TFM_CRYPTO); - - status = API_DISPATCH(tfm_crypto_key_derivation_output_key, - TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY); - PSA_CLOSE(); - - return status; -#endif /* TFM_CRYPTO_GENERATOR_MODULE_DISABLED */ -} - -psa_status_t psa_hash_compute(psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *hash, - size_t hash_size, - size_t *hash_length) -{ - psa_status_t status; - - status = PSA_ERROR_NOT_SUPPORTED; - - return status; -} - -psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, - psa_key_handle_t handle, - psa_algorithm_t alg) -{ - psa_status_t status; - - status = PSA_ERROR_NOT_SUPPORTED; - - return status; -} - -psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, - psa_key_handle_t handle, - psa_algorithm_t alg) -{ - psa_status_t status; - - status = PSA_ERROR_NOT_SUPPORTED; - - return status; -} - -psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, - uint8_t *nonce, - size_t nonce_size, - size_t *nonce_length) -{ - psa_status_t status; - - status = PSA_ERROR_NOT_SUPPORTED; - - return status; -} - -psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, - const uint8_t *nonce, - size_t nonce_length) -{ - psa_status_t status; - - status = PSA_ERROR_NOT_SUPPORTED; - - return status; -} - -psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, - size_t ad_length, - size_t plaintext_length) -{ - psa_status_t status; - - status = PSA_ERROR_NOT_SUPPORTED; - - return status; -} - -psa_status_t psa_aead_update(psa_aead_operation_t *operation, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length) -{ - psa_status_t status; - - status = PSA_ERROR_NOT_SUPPORTED; - - return status; -} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/src/tfm_initial_attestation_ipc_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/src/tfm_initial_attestation_ipc_api.c deleted file mode 100644 index 78f9dec..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/src/tfm_initial_attestation_ipc_api.c +++ /dev/null @@ -1,105 +0,0 @@ -/* - * Copyright (c) 2018-2020, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include "psa/initial_attestation.h" -#include "tfm_ns_interface.h" -#include "psa/client.h" -#include "psa/crypto_types.h" -#include "psa_manifest/sid.h" - -#define IOVEC_LEN(x) (sizeof(x)/sizeof(x[0])) - -psa_status_t -psa_initial_attest_get_token(const uint8_t *auth_challenge, - size_t challenge_size, - uint8_t *token_buf, - size_t token_buf_size, - size_t *token_size) -{ - psa_handle_t handle = PSA_NULL_HANDLE; - psa_status_t status; - - psa_invec in_vec[] = { - {auth_challenge, challenge_size} - }; - psa_outvec out_vec[] = { - {token_buf, token_buf_size} - }; - - handle = psa_connect(TFM_ATTEST_GET_TOKEN_SID, - TFM_ATTEST_GET_TOKEN_VERSION); - if (!PSA_HANDLE_IS_VALID(handle)) { - return PSA_HANDLE_TO_ERROR(handle); - } - - status = psa_call(handle, PSA_IPC_CALL, - in_vec, IOVEC_LEN(in_vec), - out_vec, IOVEC_LEN(out_vec)); - psa_close(handle); - - if (status == PSA_SUCCESS) { - *token_size = out_vec[0].len; - } - - return status; -} - -psa_status_t -psa_initial_attest_get_token_size(size_t challenge_size, - size_t *token_size) -{ - psa_handle_t handle = PSA_NULL_HANDLE; - psa_status_t status; - psa_invec in_vec[] = { - {&challenge_size, sizeof(challenge_size)} - }; - psa_outvec out_vec[] = { - {token_size, sizeof(size_t)} - }; - - handle = psa_connect(TFM_ATTEST_GET_TOKEN_SIZE_SID, - TFM_ATTEST_GET_TOKEN_SIZE_VERSION); - if (!PSA_HANDLE_IS_VALID(handle)) { - return PSA_HANDLE_TO_ERROR(handle); - } - - status = psa_call(handle, PSA_IPC_CALL, - in_vec, IOVEC_LEN(in_vec), - out_vec, IOVEC_LEN(out_vec)); - psa_close(handle); - - return status; -} - -psa_status_t -tfm_initial_attest_get_public_key(uint8_t *public_key, - size_t public_key_buf_size, - size_t *public_key_len, - psa_ecc_curve_t *elliptic_curve_type) -{ - psa_handle_t handle = PSA_NULL_HANDLE; - psa_status_t status; - - psa_outvec out_vec[] = { - {.base = public_key, .len = public_key_buf_size}, - {.base = elliptic_curve_type, .len = sizeof(*elliptic_curve_type)}, - {.base = public_key_len, .len = sizeof(*public_key_len)} - }; - - handle = psa_connect(TFM_ATTEST_GET_PUBLIC_KEY_SID, - TFM_ATTEST_GET_PUBLIC_KEY_VERSION); - if (!PSA_HANDLE_IS_VALID(handle)) { - return PSA_HANDLE_TO_ERROR(handle); - } - - status = psa_call(handle, PSA_IPC_CALL, - NULL, 0, - out_vec, IOVEC_LEN(out_vec)); - psa_close(handle); - - return status; -} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/src/tfm_its_ipc_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/src/tfm_its_ipc_api.c deleted file mode 100644 index 9326f7b..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/src/tfm_its_ipc_api.c +++ /dev/null @@ -1,137 +0,0 @@ -/* - * Copyright (c) 2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include "psa/internal_trusted_storage.h" -#include "tfm_api.h" - -#include "psa/client.h" -#include "psa_manifest/sid.h" - -#define IOVEC_LEN(x) (sizeof(x)/sizeof(x[0])) - -psa_status_t psa_its_set(psa_storage_uid_t uid, - size_t data_length, - const void *p_data, - psa_storage_create_flags_t create_flags) -{ - psa_status_t status; - psa_handle_t handle; - - psa_invec in_vec[] = { - { .base = &uid, .len = sizeof(uid) }, - { .base = p_data, .len = data_length }, - { .base = &create_flags, .len = sizeof(create_flags) } - }; - - handle = psa_connect(TFM_ITS_SET_SID, TFM_ITS_SET_VERSION); - if (!PSA_HANDLE_IS_VALID(handle)) { - return PSA_ERROR_GENERIC_ERROR; - } - - status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), NULL, 0); - - psa_close(handle); - - if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) { - return PSA_ERROR_INVALID_ARGUMENT; - } - - return status; -} - -psa_status_t psa_its_get(psa_storage_uid_t uid, - size_t data_offset, - size_t data_size, - void *p_data, - size_t *p_data_length) -{ - psa_status_t status; - psa_handle_t handle; - - psa_invec in_vec[] = { - { .base = &uid, .len = sizeof(uid) }, - { .base = &data_offset, .len = sizeof(data_offset) } - }; - - psa_outvec out_vec[] = { - { .base = p_data, .len = data_size } - }; - - if (p_data_length == NULL) { - return PSA_ERROR_INVALID_ARGUMENT; - } - - handle = psa_connect(TFM_ITS_GET_SID, TFM_ITS_GET_VERSION); - if (!PSA_HANDLE_IS_VALID(handle)) { - return PSA_ERROR_GENERIC_ERROR; - } - - status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec, - IOVEC_LEN(out_vec)); - - psa_close(handle); - - if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) { - return PSA_ERROR_INVALID_ARGUMENT; - } - - *p_data_length = out_vec[0].len; - - return status; -} - -psa_status_t psa_its_get_info(psa_storage_uid_t uid, - struct psa_storage_info_t *p_info) -{ - psa_status_t status; - psa_handle_t handle; - - psa_invec in_vec[] = { - { .base = &uid, .len = sizeof(uid) } - }; - - psa_outvec out_vec[] = { - { .base = p_info, .len = sizeof(*p_info) } - }; - - handle = psa_connect(TFM_ITS_GET_INFO_SID, TFM_ITS_GET_INFO_VERSION); - if (!PSA_HANDLE_IS_VALID(handle)) { - return PSA_ERROR_GENERIC_ERROR; - } - - status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec, - IOVEC_LEN(out_vec)); - - psa_close(handle); - - if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) { - return PSA_ERROR_INVALID_ARGUMENT; - } - - return status; -} - -psa_status_t psa_its_remove(psa_storage_uid_t uid) -{ - psa_status_t status; - psa_handle_t handle; - - psa_invec in_vec[] = { - { .base = &uid, .len = sizeof(uid) } - }; - - handle = psa_connect(TFM_ITS_REMOVE_SID, TFM_ITS_REMOVE_VERSION); - if (!PSA_HANDLE_IS_VALID(handle)) { - return PSA_ERROR_GENERIC_ERROR; - } - - status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), NULL, 0); - - psa_close(handle); - - return status; -} diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/src/tfm_platform_ipc_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/src/tfm_platform_ipc_api.c deleted file mode 100644 index 0c1edf4..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/src/tfm_platform_ipc_api.c +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright (c) 2019, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include -#include "tfm_platform_api.h" -#include "psa_manifest/sid.h" - -enum tfm_platform_err_t tfm_platform_system_reset(void) -{ - psa_status_t status = PSA_ERROR_CONNECTION_REFUSED; - psa_handle_t handle = PSA_NULL_HANDLE; - - handle = psa_connect(TFM_SP_PLATFORM_SYSTEM_RESET_SID, - TFM_SP_PLATFORM_SYSTEM_RESET_VERSION); - if (handle <= 0) { - return TFM_PLATFORM_ERR_SYSTEM_ERROR; - } - - status = psa_call(handle, PSA_IPC_CALL, - NULL, 0, NULL, 0); - psa_close(handle); - - if (status < PSA_SUCCESS) { - return TFM_PLATFORM_ERR_SYSTEM_ERROR; - } else { - return (enum tfm_platform_err_t) status; - } - -} - -enum tfm_platform_err_t -tfm_platform_ioctl(tfm_platform_ioctl_req_t request, - psa_invec *input, psa_outvec *output) -{ - tfm_platform_ioctl_req_t req = request; - struct psa_invec in_vec[2] = { {0} }; - size_t inlen, outlen; - psa_status_t status = PSA_ERROR_CONNECTION_REFUSED; - psa_handle_t handle = PSA_NULL_HANDLE; - - in_vec[0].base = &req; - in_vec[0].len = sizeof(req); - if (input != NULL) { - in_vec[1].base = input->base; - in_vec[1].len = input->len; - inlen = 2; - } else { - inlen = 1; - } - - if (output != NULL) { - outlen = 1; - } else { - outlen = 0; - } - - handle = psa_connect(TFM_SP_PLATFORM_IOCTL_SID, - TFM_SP_PLATFORM_IOCTL_VERSION); - if (handle <= 0) { - return TFM_PLATFORM_ERR_SYSTEM_ERROR; - } - - status = psa_call(handle, PSA_IPC_CALL, - in_vec, inlen, - output, outlen); - psa_close(handle); - - if (status < PSA_SUCCESS) { - return TFM_PLATFORM_ERR_SYSTEM_ERROR; - } else { - return (enum tfm_platform_err_t) status; - } -} - diff --git a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/src/tfm_ps_ipc_api.c b/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/src/tfm_ps_ipc_api.c deleted file mode 100644 index 7cc3a63..0000000 --- a/features/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/src/tfm_ps_ipc_api.c +++ /dev/null @@ -1,183 +0,0 @@ -/* - * Copyright (c) 2017-2020, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ - -#include "psa/protected_storage.h" - -#include "tfm_ns_interface.h" -#include "psa_manifest/sid.h" - -#define IOVEC_LEN(x) (uint32_t)(sizeof(x)/sizeof(x[0])) - -psa_status_t psa_ps_set(psa_storage_uid_t uid, - size_t data_length, - const void *p_data, - psa_storage_create_flags_t create_flags) -{ - psa_status_t status; - psa_handle_t handle; - - psa_invec in_vec[] = { - { .base = &uid, .len = sizeof(uid) }, - { .base = p_data, .len = data_length }, - { .base = &create_flags, .len = sizeof(create_flags) } - }; - - handle = psa_connect(TFM_PS_SET_SID, TFM_PS_SET_VERSION); - if (!PSA_HANDLE_IS_VALID(handle)) { - return PSA_ERROR_GENERIC_ERROR; - } - - status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), - NULL, 0); - - psa_close(handle); - - /* A parameter with a buffer pointer pointer that has data length longer - * than maximum permitted is treated as a secure violation. - * TF-M framework rejects the request with TFM_ERROR_INVALID_PARAMETER. - */ - if (status == (psa_status_t)TFM_ERROR_INVALID_PARAMETER) { - return PSA_ERROR_INVALID_ARGUMENT; - } - - return status; -} - -psa_status_t psa_ps_get(psa_storage_uid_t uid, - size_t data_offset, - size_t data_size, - void *p_data, - size_t *p_data_length) -{ - psa_status_t status; - psa_handle_t handle; - - psa_invec in_vec[] = { - { .base = &uid, .len = sizeof(uid) }, - { .base = &data_offset, .len = sizeof(data_offset) } - }; - - psa_outvec out_vec[] = { - { .base = p_data, .len = data_size } - }; - - if (p_data_length == NULL) { - return PSA_ERROR_INVALID_ARGUMENT; - } - - handle = psa_connect(TFM_PS_GET_SID, TFM_PS_GET_VERSION); - if (!PSA_HANDLE_IS_VALID(handle)) { - return PSA_ERROR_GENERIC_ERROR; - } - - status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec, - IOVEC_LEN(out_vec)); - - psa_close(handle); - - *p_data_length = out_vec[0].len; - - return status; -} - -psa_status_t psa_ps_get_info(psa_storage_uid_t uid, - struct psa_storage_info_t *p_info) -{ - psa_status_t status; - psa_handle_t handle; - - psa_invec in_vec[] = { - { .base = &uid, .len = sizeof(uid) } - }; - - psa_outvec out_vec[] = { - { .base = p_info, .len = sizeof(*p_info) } - }; - - handle = psa_connect(TFM_PS_GET_INFO_SID, TFM_PS_GET_INFO_VERSION); - if (!PSA_HANDLE_IS_VALID(handle)) { - return PSA_ERROR_GENERIC_ERROR; - } - - status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), out_vec, - IOVEC_LEN(out_vec)); - - psa_close(handle); - - return status; -} - -psa_status_t psa_ps_remove(psa_storage_uid_t uid) -{ - psa_status_t status; - psa_handle_t handle; - - psa_invec in_vec[] = { - { .base = &uid, .len = sizeof(uid) } - }; - - - handle = psa_connect(TFM_PS_REMOVE_SID, TFM_PS_REMOVE_VERSION); - if (!PSA_HANDLE_IS_VALID(handle)) { - return PSA_ERROR_GENERIC_ERROR; - } - - status = psa_call(handle, PSA_IPC_CALL, in_vec, IOVEC_LEN(in_vec), - NULL, 0); - - psa_close(handle); - - return status; -} - -psa_status_t psa_ps_create(psa_storage_uid_t uid, size_t size, - psa_storage_create_flags_t create_flags) -{ - (void)uid; - (void)size; - (void)create_flags; - - return PSA_ERROR_NOT_SUPPORTED; -} - -psa_status_t psa_ps_set_extended(psa_storage_uid_t uid, size_t data_offset, - size_t data_length, const void *p_data) -{ - (void)uid; - (void)data_offset; - (void)data_length; - (void)p_data; - - return PSA_ERROR_NOT_SUPPORTED; -} - -uint32_t psa_ps_get_support(void) -{ - /* Initialise support_flags to a sensible default, to avoid returning an - * uninitialised value in case the secure function fails. - */ - uint32_t support_flags = 0; - psa_handle_t handle; - - psa_outvec out_vec[] = { - { .base = &support_flags, .len = sizeof(support_flags) } - }; - - /* The PSA API does not return an error, so any error from TF-M is - * ignored. - */ - handle = psa_connect(TFM_PS_GET_SUPPORT_SID, TFM_PS_GET_SUPPORT_VERSION); - if (!PSA_HANDLE_IS_VALID(handle)) { - return support_flags; - } - - (void)psa_call(handle, PSA_IPC_CALL, NULL, 0, out_vec, IOVEC_LEN(out_vec)); - - psa_close(handle); - - return support_flags; -} diff --git a/features/mbedtls/platform/inc/platform_mbed.h b/features/mbedtls/platform/inc/platform_mbed.h index c424a05..66d5292 100644 --- a/features/mbedtls/platform/inc/platform_mbed.h +++ b/features/mbedtls/platform/inc/platform_mbed.h @@ -54,6 +54,8 @@ #define MBEDTLS_PSA_CRYPTO_STORAGE_C #define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C #undef MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C + +#define MBEDTLS_ENTROPY_HARDWARE_ALT #endif /* diff --git a/features/mbedtls/platform/src/mbed_trng.cpp b/features/mbedtls/platform/src/mbed_trng.cpp index 79fed2a..eb7a516 100644 --- a/features/mbedtls/platform/src/mbed_trng.cpp +++ b/features/mbedtls/platform/src/mbed_trng.cpp @@ -14,7 +14,7 @@ * limitations under the License. */ -#if DEVICE_TRNG +#if defined(DEVICE_TRNG) || defined(FEATURE_PSA) #include "hal/trng_api.h" #include "platform/SingletonPtr.h" @@ -24,6 +24,7 @@ extern "C" int mbedtls_hardware_poll( void *data, unsigned char *output, size_t len, size_t *olen ) { +#if defined(DEVICE_TRNG) trng_t trng_obj; mbedtls_mutex->lock(); trng_init(&trng_obj); @@ -31,6 +32,12 @@ trng_free(&trng_obj); mbedtls_mutex->unlock(); return ret; +#else /* defined(FEATURE_PSA) */ + mbedtls_mutex->lock(); + int ret = trng_get_bytes(NULL, output, len, olen); + mbedtls_mutex->unlock(); + return ret; +#endif } #endif diff --git a/features/mbedtls/targets/TARGET_Cypress/TARGET_MXCRYPTO/mbedtls_device.h b/features/mbedtls/targets/TARGET_Cypress/TARGET_MXCRYPTO/mbedtls_device.h index ac98f7d..3df0225 100644 --- a/features/mbedtls/targets/TARGET_Cypress/TARGET_MXCRYPTO/mbedtls_device.h +++ b/features/mbedtls/targets/TARGET_Cypress/TARGET_MXCRYPTO/mbedtls_device.h @@ -18,6 +18,7 @@ #ifndef MBEDTLS_DEVICE_H #define MBEDTLS_DEVICE_H +#ifndef MXCRYPTO_DISABLED /* Currently this target supports SHA1 */ // #define MBEDTLS_SHA1_C @@ -44,4 +45,5 @@ #define MBEDTLS_ECDSA_SIGN_ALT #define MBEDTLS_ECDSA_VERIFY_ALT +#endif /* #ifndef MXCRYPTO_DISABLED */ #endif /* MBEDTLS_DEVICE_H */ diff --git a/hal/trng_api.h b/hal/trng_api.h index 7677094..34780d6 100644 --- a/hal/trng_api.h +++ b/hal/trng_api.h @@ -23,7 +23,7 @@ #include #include "device.h" -#if DEVICE_TRNG +#if defined(DEVICE_TRNG) || defined(FEATURE_PSA) /** TRNG HAL structure. trng_s is declared in the target's HAL */ diff --git a/storage/kvstore/kv_config/tdb_internal/mbed_lib.json b/storage/kvstore/kv_config/tdb_internal/mbed_lib.json index 4289423..8eb9090 100644 --- a/storage/kvstore/kv_config/tdb_internal/mbed_lib.json +++ b/storage/kvstore/kv_config/tdb_internal/mbed_lib.json @@ -41,6 +41,10 @@ }, "MCU_PSOC6": { "internal_size": "0x10000" + }, + "CYTFM_064B0S2_4343W": { + "internal_size": "0x8000", + "internal_base_address": "0x10168000" } } } diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/COMPONENT_WHD/resources/nvram/TARGET_CYTFM_064B0S2_4343W/wifi_nvram_image.h b/targets/TARGET_Cypress/TARGET_PSOC6/COMPONENT_WHD/resources/nvram/TARGET_CYTFM_064B0S2_4343W/wifi_nvram_image.h new file mode 100755 index 0000000..dd417d4 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/COMPONENT_WHD/resources/nvram/TARGET_CYTFM_064B0S2_4343W/wifi_nvram_image.h @@ -0,0 +1,96 @@ +/* + * Copyright (c) 2019, Cypress Semiconductor Corporation, All Rights Reserved + * SPDX-License-Identifier: LicenseRef-PBL + * + * This file and the related binary are licensed under the + * Permissive Binary License, Version 1.0 (the "License"); + * you may not use these files except in compliance with the License. + * + * You may obtain a copy of the License here: + * LICENSE-permissive-binary-license-1.0.txt and at + * https://www.mbed.com/licenses/PBL-1.0 + * + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef INCLUDED_NVRAM_IMAGE_H_ +#define INCLUDED_NVRAM_IMAGE_H_ + +#include +#include +#include "generated_mac_address.txt" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * Character array of NVRAM image + * Generated from cyw9cy8cmod-064b0s2-4343w_P100_724315.txt + */ + +static const char wifi_nvram_image[] = + "NVRAMRev=$Rev: 724315 $" "\x00" + "manfid=0x2d0" "\x00" + "prodid=0x087d" "\x00" + "vendid=0x14e4" "\x00" + "devid=0x43e2" "\x00" + "boardtype=0x087d" "\x00" + "boardrev=0x1100" "\x00" + "boardnum=22" "\x00" + NVRAM_GENERATED_MAC_ADDRESS "\x00" + "sromrev=11" "\x00" + "boardflags=0x00404201" "\x00" + "boardflags3=0x08000000" "\x00" + "xtalfreq=37400" "\x00" + "nocrc=1" "\x00" + "ag0=255" "\x00" + "aa2g=1" "\x00" + "ccode=ALL" "\x00" + "" "\x00" + "swdiv_en=1" "\x00" + "swdiv_gpio=2" "\x00" + "" "\x00" + "pa0itssit=0x20" "\x00" + "extpagain2g=0" "\x00" + "" "\x00" + "pa2ga0=-168,6393,-757" "\x00" + "AvVmid_c0=0x0,0xc8" "\x00" + "AvVmidIQcal=0x2,0xa8" "\x00" + "cckpwroffset0=5" "\x00" + "" "\x00" + "maxp2ga0=84" "\x00" + "txpwrbckof=6" "\x00" + "cckbw202gpo=0" "\x00" + "legofdmbw202gpo=0x66111111" "\x00" + "mcsbw202gpo=0x77711111" "\x00" + "propbw202gpo=0xdd" "\x00" + "" "\x00" + "ofdmdigfilttype=18" "\x00" + "ofdmdigfilttypebe=18" "\x00" + "papdmode=1" "\x00" + "papdvalidtest=1" "\x00" + "pacalidx2g=32" "\x00" + "papdepsoffset=-36" "\x00" + "papdendidx=61" "\x00" + "" "\x00" + "" "\x00" + "wl0id=0x431b" "\x00" + "" "\x00" + "deadman_to=0xffffffff" "\x00" + "muxenab=0x11" "\x00" + "" "\x00" + "spurconfig=0x3 " "\x00" + "" "\x00" + "rssicorrnorm=1" "\x00" + "\x00\x00"; +#ifdef __cplusplus +} /*extern "C" */ +#endif + +#else /* ifndef INCLUDED_NVRAM_IMAGE_H_ */ + +#error Wi-Fi NVRAM image included twice + +#endif /* ifndef INCLUDED_NVRAM_IMAGE_H_ */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg.c b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg.c new file mode 100755 index 0000000..7b3eac9 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg.c @@ -0,0 +1,36 @@ +/******************************************************************************* +* File Name: cycfg.c +* +* Description: +* Wrapper function to initialize all generated code. +* This file was automatically generated and should not be modified. +* cfg-backend-cli: 1.2.0.1483 +* Device Support Library (libs/psoc6pdl): 1.6.0.4266 +* +******************************************************************************** +* Copyright 2017-2019 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +********************************************************************************/ + +#include "cycfg.h" + +void init_cycfg_all(void) +{ + init_cycfg_system(); + init_cycfg_clocks(); + init_cycfg_routing(); + init_cycfg_peripherals(); + init_cycfg_pins(); +} diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg.h b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg.h new file mode 100755 index 0000000..59b32b9 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg.h @@ -0,0 +1,49 @@ +/******************************************************************************* +* File Name: cycfg.h +* +* Description: +* Simple wrapper header containing all generated files. +* This file was automatically generated and should not be modified. +* cfg-backend-cli: 1.2.0.1483 +* Device Support Library (libs/psoc6pdl): 1.6.0.4266 +* +******************************************************************************** +* Copyright 2017-2019 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +********************************************************************************/ + +#if !defined(CYCFG_H) +#define CYCFG_H + +#if defined(__cplusplus) +extern "C" { +#endif + +#include "cycfg_notices.h" +#include "cycfg_system.h" +#include "cycfg_clocks.h" +#include "cycfg_routing.h" +#include "cycfg_peripherals.h" +#include "cycfg_pins.h" + +void init_cycfg_all(void); + + +#if defined(__cplusplus) +} +#endif + + +#endif /* CYCFG_H */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg.timestamp b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg.timestamp new file mode 100755 index 0000000..d8d85b9 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg.timestamp @@ -0,0 +1,26 @@ +/******************************************************************************* +* File Name: cycfg.timestamp +* +* Description: +* Sentinel file for determining if generated source is up to date. +* This file was automatically generated and should not be modified. +* cfg-backend-cli: 1.2.0.1483 +* Device Support Library (libs/psoc6pdl): 1.6.0.4266 +* +******************************************************************************** +* Copyright 2017-2019 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +********************************************************************************/ + diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_clocks.c b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_clocks.c new file mode 100755 index 0000000..c2836a6 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_clocks.c @@ -0,0 +1,47 @@ +/******************************************************************************* +* File Name: cycfg_clocks.c +* +* Description: +* Clock configuration +* This file was automatically generated and should not be modified. +* cfg-backend-cli: 1.2.0.1483 +* Device Support Library (libs/psoc6pdl): 1.6.0.4266 +* +******************************************************************************** +* Copyright 2017-2019 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +********************************************************************************/ + +#include "cycfg_clocks.h" + +#if defined (CY_USING_HAL) + const cyhal_resource_inst_t CYBSP_CSD_CLK_DIV_obj = + { + .type = CYHAL_RSC_CLOCK, + .block_num = CYBSP_CSD_CLK_DIV_HW, + .channel_num = CYBSP_CSD_CLK_DIV_NUM, + }; +#endif //defined (CY_USING_HAL) + + +void init_cycfg_clocks(void) +{ + Cy_SysClk_PeriphDisableDivider(CY_SYSCLK_DIV_8_BIT, 0U); + Cy_SysClk_PeriphSetDivider(CY_SYSCLK_DIV_8_BIT, 0U, 0U); + Cy_SysClk_PeriphEnableDivider(CY_SYSCLK_DIV_8_BIT, 0U); +#if defined (CY_USING_HAL) + cyhal_hwmgr_reserve(&CYBSP_CSD_CLK_DIV_obj); +#endif //defined (CY_USING_HAL) +} diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_clocks.h b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_clocks.h new file mode 100755 index 0000000..f00f300 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_clocks.h @@ -0,0 +1,55 @@ +/******************************************************************************* +* File Name: cycfg_clocks.h +* +* Description: +* Clock configuration +* This file was automatically generated and should not be modified. +* cfg-backend-cli: 1.2.0.1483 +* Device Support Library (libs/psoc6pdl): 1.6.0.4266 +* +******************************************************************************** +* Copyright 2017-2019 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +********************************************************************************/ + +#if !defined(CYCFG_CLOCKS_H) +#define CYCFG_CLOCKS_H + +#include "cycfg_notices.h" +#include "cy_sysclk.h" +#if defined (CY_USING_HAL) + #include "cyhal_hwmgr.h" +#endif //defined (CY_USING_HAL) + +#if defined(__cplusplus) +extern "C" { +#endif + +#define CYBSP_CSD_CLK_DIV_ENABLED 1U +#define CYBSP_CSD_CLK_DIV_HW CY_SYSCLK_DIV_8_BIT +#define CYBSP_CSD_CLK_DIV_NUM 0U + +#if defined (CY_USING_HAL) + extern const cyhal_resource_inst_t CYBSP_CSD_CLK_DIV_obj; +#endif //defined (CY_USING_HAL) + +void init_cycfg_clocks(void); + +#if defined(__cplusplus) +} +#endif + + +#endif /* CYCFG_CLOCKS_H */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_notices.h b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_notices.h new file mode 100755 index 0000000..a00457a --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_notices.h @@ -0,0 +1,32 @@ +/******************************************************************************* +* File Name: cycfg_notices.h +* +* Description: +* Contains warnings and errors that occurred while generating code for the +* design. +* This file was automatically generated and should not be modified. +* cfg-backend-cli: 1.2.0.1483 +* Device Support Library (libs/psoc6pdl): 1.6.0.4266 +* +******************************************************************************** +* Copyright 2017-2019 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +********************************************************************************/ + +#if !defined(CYCFG_NOTICES_H) +#define CYCFG_NOTICES_H + + +#endif /* CYCFG_NOTICES_H */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_peripherals.c b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_peripherals.c new file mode 100755 index 0000000..3800fe5 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_peripherals.c @@ -0,0 +1,38 @@ +/******************************************************************************* +* File Name: cycfg_peripherals.c +* +* Description: +* Peripheral Hardware Block configuration +* This file was automatically generated and should not be modified. +* cfg-backend-cli: 1.2.0.1483 +* Device Support Library (libs/psoc6pdl): 1.6.0.4266 +* +******************************************************************************** +* Copyright 2017-2019 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +********************************************************************************/ + +#include "cycfg_peripherals.h" + +cy_stc_csd_context_t cy_csd_0_context = +{ + .lockKey = CY_CSD_NONE_KEY, +}; + + +void init_cycfg_peripherals(void) +{ + Cy_SysClk_PeriphAssignDivider(PCLK_CSD_CLOCK, CY_SYSCLK_DIV_8_BIT, 0U); +} diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_peripherals.h b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_peripherals.h new file mode 100755 index 0000000..ef5c2fe --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_peripherals.h @@ -0,0 +1,84 @@ +/******************************************************************************* +* File Name: cycfg_peripherals.h +* +* Description: +* Peripheral Hardware Block configuration +* This file was automatically generated and should not be modified. +* cfg-backend-cli: 1.2.0.1483 +* Device Support Library (libs/psoc6pdl): 1.6.0.4266 +* +******************************************************************************** +* Copyright 2017-2019 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +********************************************************************************/ + +#if !defined(CYCFG_PERIPHERALS_H) +#define CYCFG_PERIPHERALS_H + +#include "cycfg_notices.h" +#include "cy_sysclk.h" +#include "cy_csd.h" + +#if defined(__cplusplus) +extern "C" { +#endif + +#define CYBSP_CSD_ENABLED 1U +#define CY_CAPSENSE_CORE 4u +#define CY_CAPSENSE_CPU_CLK 100000000u +#define CY_CAPSENSE_PERI_CLK 100000000u +#define CY_CAPSENSE_VDDA_MV 3300u +#define CY_CAPSENSE_PERI_DIV_TYPE CY_SYSCLK_DIV_8_BIT +#define CY_CAPSENSE_PERI_DIV_INDEX 0u +#define Cmod_PORT GPIO_PRT7 +#define CintA_PORT GPIO_PRT7 +#define CintB_PORT GPIO_PRT7 +#define Button0_Rx0_PORT GPIO_PRT1 +#define Button0_Tx_PORT GPIO_PRT8 +#define Button1_Rx0_PORT GPIO_PRT1 +#define Button1_Tx_PORT GPIO_PRT8 +#define LinearSlider0_Sns0_PORT GPIO_PRT8 +#define LinearSlider0_Sns1_PORT GPIO_PRT8 +#define LinearSlider0_Sns2_PORT GPIO_PRT8 +#define LinearSlider0_Sns3_PORT GPIO_PRT8 +#define LinearSlider0_Sns4_PORT GPIO_PRT8 +#define Cmod_PIN 7u +#define CintA_PIN 1u +#define CintB_PIN 2u +#define Button0_Rx0_PIN 0u +#define Button0_Tx_PIN 1u +#define Button1_Rx0_PIN 0u +#define Button1_Tx_PIN 2u +#define LinearSlider0_Sns0_PIN 3u +#define LinearSlider0_Sns1_PIN 4u +#define LinearSlider0_Sns2_PIN 5u +#define LinearSlider0_Sns3_PIN 6u +#define LinearSlider0_Sns4_PIN 7u +#define Cmod_PORT_NUM 7u +#define CintA_PORT_NUM 7u +#define CintB_PORT_NUM 7u +#define CYBSP_CSD_HW CSD0 +#define CYBSP_CSD_IRQ csd_interrupt_IRQn + +extern cy_stc_csd_context_t cy_csd_0_context; + +void init_cycfg_peripherals(void); + +#if defined(__cplusplus) +} +#endif + + +#endif /* CYCFG_PERIPHERALS_H */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_pins.c b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_pins.c new file mode 100755 index 0000000..55a7f95 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_pins.c @@ -0,0 +1,485 @@ +/******************************************************************************* +* File Name: cycfg_pins.c +* +* Description: +* Pin configuration +* This file was automatically generated and should not be modified. +* cfg-backend-cli: 1.2.0.1483 +* Device Support Library (libs/psoc6pdl): 1.6.0.4266 +* +******************************************************************************** +* Copyright 2017-2019 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +********************************************************************************/ + +#include "cycfg_pins.h" + +const cy_stc_gpio_pin_config_t CYBSP_WCO_IN_config = +{ + .outVal = 1, + .driveMode = CY_GPIO_DM_ANALOG, + .hsiom = CYBSP_WCO_IN_HSIOM, + .intEdge = CY_GPIO_INTR_DISABLE, + .intMask = 0UL, + .vtrip = CY_GPIO_VTRIP_CMOS, + .slewRate = CY_GPIO_SLEW_FAST, + .driveSel = CY_GPIO_DRIVE_1_2, + .vregEn = 0UL, + .ibufMode = 0UL, + .vtripSel = 0UL, + .vrefSel = 0UL, + .vohSel = 0UL, +}; +#if defined (CY_USING_HAL) + const cyhal_resource_inst_t CYBSP_WCO_IN_obj = + { + .type = CYHAL_RSC_GPIO, + .block_num = CYBSP_WCO_IN_PORT_NUM, + .channel_num = CYBSP_WCO_IN_PIN, + }; +#endif //defined (CY_USING_HAL) +const cy_stc_gpio_pin_config_t CYBSP_WCO_OUT_config = +{ + .outVal = 1, + .driveMode = CY_GPIO_DM_ANALOG, + .hsiom = CYBSP_WCO_OUT_HSIOM, + .intEdge = CY_GPIO_INTR_DISABLE, + .intMask = 0UL, + .vtrip = CY_GPIO_VTRIP_CMOS, + .slewRate = CY_GPIO_SLEW_FAST, + .driveSel = CY_GPIO_DRIVE_1_2, + .vregEn = 0UL, + .ibufMode = 0UL, + .vtripSel = 0UL, + .vrefSel = 0UL, + .vohSel = 0UL, +}; +#if defined (CY_USING_HAL) + const cyhal_resource_inst_t CYBSP_WCO_OUT_obj = + { + .type = CYHAL_RSC_GPIO, + .block_num = CYBSP_WCO_OUT_PORT_NUM, + .channel_num = CYBSP_WCO_OUT_PIN, + }; +#endif //defined (CY_USING_HAL) +const cy_stc_gpio_pin_config_t CYBSP_CSD_RX_config = +{ + .outVal = 1, + .driveMode = CY_GPIO_DM_ANALOG, + .hsiom = CYBSP_CSD_RX_HSIOM, + .intEdge = CY_GPIO_INTR_DISABLE, + .intMask = 0UL, + .vtrip = CY_GPIO_VTRIP_CMOS, + .slewRate = CY_GPIO_SLEW_FAST, + .driveSel = CY_GPIO_DRIVE_1_2, + .vregEn = 0UL, + .ibufMode = 0UL, + .vtripSel = 0UL, + .vrefSel = 0UL, + .vohSel = 0UL, +}; +#if defined (CY_USING_HAL) + const cyhal_resource_inst_t CYBSP_CSD_RX_obj = + { + .type = CYHAL_RSC_GPIO, + .block_num = CYBSP_CSD_RX_PORT_NUM, + .channel_num = CYBSP_CSD_RX_PIN, + }; +#endif //defined (CY_USING_HAL) +const cy_stc_gpio_pin_config_t CYBSP_SWO_config = +{ + .outVal = 1, + .driveMode = CY_GPIO_DM_STRONG_IN_OFF, + .hsiom = CYBSP_SWO_HSIOM, + .intEdge = CY_GPIO_INTR_DISABLE, + .intMask = 0UL, + .vtrip = CY_GPIO_VTRIP_CMOS, + .slewRate = CY_GPIO_SLEW_FAST, + .driveSel = CY_GPIO_DRIVE_1_2, + .vregEn = 0UL, + .ibufMode = 0UL, + .vtripSel = 0UL, + .vrefSel = 0UL, + .vohSel = 0UL, +}; +#if defined (CY_USING_HAL) + const cyhal_resource_inst_t CYBSP_SWO_obj = + { + .type = CYHAL_RSC_GPIO, + .block_num = CYBSP_SWO_PORT_NUM, + .channel_num = CYBSP_SWO_PIN, + }; +#endif //defined (CY_USING_HAL) +const cy_stc_gpio_pin_config_t CYBSP_SWDIO_config = +{ + .outVal = 1, + .driveMode = CY_GPIO_DM_PULLUP, + .hsiom = CYBSP_SWDIO_HSIOM, + .intEdge = CY_GPIO_INTR_DISABLE, + .intMask = 0UL, + .vtrip = CY_GPIO_VTRIP_CMOS, + .slewRate = CY_GPIO_SLEW_FAST, + .driveSel = CY_GPIO_DRIVE_1_2, + .vregEn = 0UL, + .ibufMode = 0UL, + .vtripSel = 0UL, + .vrefSel = 0UL, + .vohSel = 0UL, +}; +#if defined (CY_USING_HAL) + const cyhal_resource_inst_t CYBSP_SWDIO_obj = + { + .type = CYHAL_RSC_GPIO, + .block_num = CYBSP_SWDIO_PORT_NUM, + .channel_num = CYBSP_SWDIO_PIN, + }; +#endif //defined (CY_USING_HAL) +const cy_stc_gpio_pin_config_t CYBSP_SWDCK_config = +{ + .outVal = 1, + .driveMode = CY_GPIO_DM_PULLDOWN, + .hsiom = CYBSP_SWDCK_HSIOM, + .intEdge = CY_GPIO_INTR_DISABLE, + .intMask = 0UL, + .vtrip = CY_GPIO_VTRIP_CMOS, + .slewRate = CY_GPIO_SLEW_FAST, + .driveSel = CY_GPIO_DRIVE_1_2, + .vregEn = 0UL, + .ibufMode = 0UL, + .vtripSel = 0UL, + .vrefSel = 0UL, + .vohSel = 0UL, +}; +#if defined (CY_USING_HAL) + const cyhal_resource_inst_t CYBSP_SWDCK_obj = + { + .type = CYHAL_RSC_GPIO, + .block_num = CYBSP_SWDCK_PORT_NUM, + .channel_num = CYBSP_SWDCK_PIN, + }; +#endif //defined (CY_USING_HAL) +const cy_stc_gpio_pin_config_t CYBSP_CINA_config = +{ + .outVal = 1, + .driveMode = CY_GPIO_DM_ANALOG, + .hsiom = CYBSP_CINA_HSIOM, + .intEdge = CY_GPIO_INTR_DISABLE, + .intMask = 0UL, + .vtrip = CY_GPIO_VTRIP_CMOS, + .slewRate = CY_GPIO_SLEW_FAST, + .driveSel = CY_GPIO_DRIVE_1_2, + .vregEn = 0UL, + .ibufMode = 0UL, + .vtripSel = 0UL, + .vrefSel = 0UL, + .vohSel = 0UL, +}; +#if defined (CY_USING_HAL) + const cyhal_resource_inst_t CYBSP_CINA_obj = + { + .type = CYHAL_RSC_GPIO, + .block_num = CYBSP_CINA_PORT_NUM, + .channel_num = CYBSP_CINA_PIN, + }; +#endif //defined (CY_USING_HAL) +const cy_stc_gpio_pin_config_t CYBSP_CINB_config = +{ + .outVal = 1, + .driveMode = CY_GPIO_DM_ANALOG, + .hsiom = CYBSP_CINB_HSIOM, + .intEdge = CY_GPIO_INTR_DISABLE, + .intMask = 0UL, + .vtrip = CY_GPIO_VTRIP_CMOS, + .slewRate = CY_GPIO_SLEW_FAST, + .driveSel = CY_GPIO_DRIVE_1_2, + .vregEn = 0UL, + .ibufMode = 0UL, + .vtripSel = 0UL, + .vrefSel = 0UL, + .vohSel = 0UL, +}; +#if defined (CY_USING_HAL) + const cyhal_resource_inst_t CYBSP_CINB_obj = + { + .type = CYHAL_RSC_GPIO, + .block_num = CYBSP_CINB_PORT_NUM, + .channel_num = CYBSP_CINB_PIN, + }; +#endif //defined (CY_USING_HAL) +const cy_stc_gpio_pin_config_t CYBSP_CMOD_config = +{ + .outVal = 1, + .driveMode = CY_GPIO_DM_ANALOG, + .hsiom = CYBSP_CMOD_HSIOM, + .intEdge = CY_GPIO_INTR_DISABLE, + .intMask = 0UL, + .vtrip = CY_GPIO_VTRIP_CMOS, + .slewRate = CY_GPIO_SLEW_FAST, + .driveSel = CY_GPIO_DRIVE_1_2, + .vregEn = 0UL, + .ibufMode = 0UL, + .vtripSel = 0UL, + .vrefSel = 0UL, + .vohSel = 0UL, +}; +#if defined (CY_USING_HAL) + const cyhal_resource_inst_t CYBSP_CMOD_obj = + { + .type = CYHAL_RSC_GPIO, + .block_num = CYBSP_CMOD_PORT_NUM, + .channel_num = CYBSP_CMOD_PIN, + }; +#endif //defined (CY_USING_HAL) +const cy_stc_gpio_pin_config_t CYBSP_CSD_BTN0_config = +{ + .outVal = 1, + .driveMode = CY_GPIO_DM_ANALOG, + .hsiom = CYBSP_CSD_BTN0_HSIOM, + .intEdge = CY_GPIO_INTR_DISABLE, + .intMask = 0UL, + .vtrip = CY_GPIO_VTRIP_CMOS, + .slewRate = CY_GPIO_SLEW_FAST, + .driveSel = CY_GPIO_DRIVE_1_2, + .vregEn = 0UL, + .ibufMode = 0UL, + .vtripSel = 0UL, + .vrefSel = 0UL, + .vohSel = 0UL, +}; +#if defined (CY_USING_HAL) + const cyhal_resource_inst_t CYBSP_CSD_BTN0_obj = + { + .type = CYHAL_RSC_GPIO, + .block_num = CYBSP_CSD_BTN0_PORT_NUM, + .channel_num = CYBSP_CSD_BTN0_PIN, + }; +#endif //defined (CY_USING_HAL) +const cy_stc_gpio_pin_config_t CYBSP_CSD_BTN1_config = +{ + .outVal = 1, + .driveMode = CY_GPIO_DM_ANALOG, + .hsiom = CYBSP_CSD_BTN1_HSIOM, + .intEdge = CY_GPIO_INTR_DISABLE, + .intMask = 0UL, + .vtrip = CY_GPIO_VTRIP_CMOS, + .slewRate = CY_GPIO_SLEW_FAST, + .driveSel = CY_GPIO_DRIVE_1_2, + .vregEn = 0UL, + .ibufMode = 0UL, + .vtripSel = 0UL, + .vrefSel = 0UL, + .vohSel = 0UL, +}; +#if defined (CY_USING_HAL) + const cyhal_resource_inst_t CYBSP_CSD_BTN1_obj = + { + .type = CYHAL_RSC_GPIO, + .block_num = CYBSP_CSD_BTN1_PORT_NUM, + .channel_num = CYBSP_CSD_BTN1_PIN, + }; +#endif //defined (CY_USING_HAL) +const cy_stc_gpio_pin_config_t CYBSP_CSD_SLD0_config = +{ + .outVal = 1, + .driveMode = CY_GPIO_DM_ANALOG, + .hsiom = CYBSP_CSD_SLD0_HSIOM, + .intEdge = CY_GPIO_INTR_DISABLE, + .intMask = 0UL, + .vtrip = CY_GPIO_VTRIP_CMOS, + .slewRate = CY_GPIO_SLEW_FAST, + .driveSel = CY_GPIO_DRIVE_1_2, + .vregEn = 0UL, + .ibufMode = 0UL, + .vtripSel = 0UL, + .vrefSel = 0UL, + .vohSel = 0UL, +}; +#if defined (CY_USING_HAL) + const cyhal_resource_inst_t CYBSP_CSD_SLD0_obj = + { + .type = CYHAL_RSC_GPIO, + .block_num = CYBSP_CSD_SLD0_PORT_NUM, + .channel_num = CYBSP_CSD_SLD0_PIN, + }; +#endif //defined (CY_USING_HAL) +const cy_stc_gpio_pin_config_t CYBSP_CSD_SLD1_config = +{ + .outVal = 1, + .driveMode = CY_GPIO_DM_ANALOG, + .hsiom = CYBSP_CSD_SLD1_HSIOM, + .intEdge = CY_GPIO_INTR_DISABLE, + .intMask = 0UL, + .vtrip = CY_GPIO_VTRIP_CMOS, + .slewRate = CY_GPIO_SLEW_FAST, + .driveSel = CY_GPIO_DRIVE_1_2, + .vregEn = 0UL, + .ibufMode = 0UL, + .vtripSel = 0UL, + .vrefSel = 0UL, + .vohSel = 0UL, +}; +#if defined (CY_USING_HAL) + const cyhal_resource_inst_t CYBSP_CSD_SLD1_obj = + { + .type = CYHAL_RSC_GPIO, + .block_num = CYBSP_CSD_SLD1_PORT_NUM, + .channel_num = CYBSP_CSD_SLD1_PIN, + }; +#endif //defined (CY_USING_HAL) +const cy_stc_gpio_pin_config_t CYBSP_CSD_SLD2_config = +{ + .outVal = 1, + .driveMode = CY_GPIO_DM_ANALOG, + .hsiom = CYBSP_CSD_SLD2_HSIOM, + .intEdge = CY_GPIO_INTR_DISABLE, + .intMask = 0UL, + .vtrip = CY_GPIO_VTRIP_CMOS, + .slewRate = CY_GPIO_SLEW_FAST, + .driveSel = CY_GPIO_DRIVE_1_2, + .vregEn = 0UL, + .ibufMode = 0UL, + .vtripSel = 0UL, + .vrefSel = 0UL, + .vohSel = 0UL, +}; +#if defined (CY_USING_HAL) + const cyhal_resource_inst_t CYBSP_CSD_SLD2_obj = + { + .type = CYHAL_RSC_GPIO, + .block_num = CYBSP_CSD_SLD2_PORT_NUM, + .channel_num = CYBSP_CSD_SLD2_PIN, + }; +#endif //defined (CY_USING_HAL) +const cy_stc_gpio_pin_config_t CYBSP_CSD_SLD3_config = +{ + .outVal = 1, + .driveMode = CY_GPIO_DM_ANALOG, + .hsiom = CYBSP_CSD_SLD3_HSIOM, + .intEdge = CY_GPIO_INTR_DISABLE, + .intMask = 0UL, + .vtrip = CY_GPIO_VTRIP_CMOS, + .slewRate = CY_GPIO_SLEW_FAST, + .driveSel = CY_GPIO_DRIVE_1_2, + .vregEn = 0UL, + .ibufMode = 0UL, + .vtripSel = 0UL, + .vrefSel = 0UL, + .vohSel = 0UL, +}; +#if defined (CY_USING_HAL) + const cyhal_resource_inst_t CYBSP_CSD_SLD3_obj = + { + .type = CYHAL_RSC_GPIO, + .block_num = CYBSP_CSD_SLD3_PORT_NUM, + .channel_num = CYBSP_CSD_SLD3_PIN, + }; +#endif //defined (CY_USING_HAL) +const cy_stc_gpio_pin_config_t CYBSP_CSD_SLD4_config = +{ + .outVal = 1, + .driveMode = CY_GPIO_DM_ANALOG, + .hsiom = CYBSP_CSD_SLD4_HSIOM, + .intEdge = CY_GPIO_INTR_DISABLE, + .intMask = 0UL, + .vtrip = CY_GPIO_VTRIP_CMOS, + .slewRate = CY_GPIO_SLEW_FAST, + .driveSel = CY_GPIO_DRIVE_1_2, + .vregEn = 0UL, + .ibufMode = 0UL, + .vtripSel = 0UL, + .vrefSel = 0UL, + .vohSel = 0UL, +}; +#if defined (CY_USING_HAL) + const cyhal_resource_inst_t CYBSP_CSD_SLD4_obj = + { + .type = CYHAL_RSC_GPIO, + .block_num = CYBSP_CSD_SLD4_PORT_NUM, + .channel_num = CYBSP_CSD_SLD4_PIN, + }; +#endif //defined (CY_USING_HAL) + + +void init_cycfg_pins(void) +{ + Cy_GPIO_Pin_Init(CYBSP_WCO_IN_PORT, CYBSP_WCO_IN_PIN, &CYBSP_WCO_IN_config); +#if defined (CY_USING_HAL) + cyhal_hwmgr_reserve(&CYBSP_WCO_IN_obj); +#endif //defined (CY_USING_HAL) + + Cy_GPIO_Pin_Init(CYBSP_WCO_OUT_PORT, CYBSP_WCO_OUT_PIN, &CYBSP_WCO_OUT_config); +#if defined (CY_USING_HAL) + cyhal_hwmgr_reserve(&CYBSP_WCO_OUT_obj); +#endif //defined (CY_USING_HAL) + +#if defined (CY_USING_HAL) + cyhal_hwmgr_reserve(&CYBSP_CSD_RX_obj); +#endif //defined (CY_USING_HAL) + + Cy_GPIO_Pin_Init(CYBSP_SWO_PORT, CYBSP_SWO_PIN, &CYBSP_SWO_config); +#if defined (CY_USING_HAL) + cyhal_hwmgr_reserve(&CYBSP_SWO_obj); +#endif //defined (CY_USING_HAL) + + Cy_GPIO_Pin_Init(CYBSP_SWDIO_PORT, CYBSP_SWDIO_PIN, &CYBSP_SWDIO_config); +#if defined (CY_USING_HAL) + cyhal_hwmgr_reserve(&CYBSP_SWDIO_obj); +#endif //defined (CY_USING_HAL) + + Cy_GPIO_Pin_Init(CYBSP_SWDCK_PORT, CYBSP_SWDCK_PIN, &CYBSP_SWDCK_config); +#if defined (CY_USING_HAL) + cyhal_hwmgr_reserve(&CYBSP_SWDCK_obj); +#endif //defined (CY_USING_HAL) + +#if defined (CY_USING_HAL) + cyhal_hwmgr_reserve(&CYBSP_CINA_obj); +#endif //defined (CY_USING_HAL) + +#if defined (CY_USING_HAL) + cyhal_hwmgr_reserve(&CYBSP_CINB_obj); +#endif //defined (CY_USING_HAL) + +#if defined (CY_USING_HAL) + cyhal_hwmgr_reserve(&CYBSP_CMOD_obj); +#endif //defined (CY_USING_HAL) + +#if defined (CY_USING_HAL) + cyhal_hwmgr_reserve(&CYBSP_CSD_BTN0_obj); +#endif //defined (CY_USING_HAL) + +#if defined (CY_USING_HAL) + cyhal_hwmgr_reserve(&CYBSP_CSD_BTN1_obj); +#endif //defined (CY_USING_HAL) + +#if defined (CY_USING_HAL) + cyhal_hwmgr_reserve(&CYBSP_CSD_SLD0_obj); +#endif //defined (CY_USING_HAL) + +#if defined (CY_USING_HAL) + cyhal_hwmgr_reserve(&CYBSP_CSD_SLD1_obj); +#endif //defined (CY_USING_HAL) + +#if defined (CY_USING_HAL) + cyhal_hwmgr_reserve(&CYBSP_CSD_SLD2_obj); +#endif //defined (CY_USING_HAL) + +#if defined (CY_USING_HAL) + cyhal_hwmgr_reserve(&CYBSP_CSD_SLD3_obj); +#endif //defined (CY_USING_HAL) + +#if defined (CY_USING_HAL) + cyhal_hwmgr_reserve(&CYBSP_CSD_SLD4_obj); +#endif //defined (CY_USING_HAL) +} diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_pins.h b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_pins.h new file mode 100755 index 0000000..3d96f03 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_pins.h @@ -0,0 +1,546 @@ +/******************************************************************************* +* File Name: cycfg_pins.h +* +* Description: +* Pin configuration +* This file was automatically generated and should not be modified. +* cfg-backend-cli: 1.2.0.1483 +* Device Support Library (libs/psoc6pdl): 1.6.0.4266 +* +******************************************************************************** +* Copyright 2017-2019 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +********************************************************************************/ + +#if !defined(CYCFG_PINS_H) +#define CYCFG_PINS_H + +#include "cycfg_notices.h" +#include "cy_gpio.h" +#if defined (CY_USING_HAL) + #include "cyhal_hwmgr.h" +#endif //defined (CY_USING_HAL) +#include "cycfg_routing.h" + +#if defined(__cplusplus) +extern "C" { +#endif + +#define CYBSP_WCO_IN_ENABLED 1U +#define CYBSP_WCO_IN_PORT GPIO_PRT0 +#define CYBSP_WCO_IN_PORT_NUM 0U +#define CYBSP_WCO_IN_PIN 0U +#define CYBSP_WCO_IN_NUM 0U +#define CYBSP_WCO_IN_DRIVEMODE CY_GPIO_DM_ANALOG +#define CYBSP_WCO_IN_INIT_DRIVESTATE 1 +#ifndef ioss_0_port_0_pin_0_HSIOM + #define ioss_0_port_0_pin_0_HSIOM HSIOM_SEL_GPIO +#endif +#define CYBSP_WCO_IN_HSIOM ioss_0_port_0_pin_0_HSIOM +#define CYBSP_WCO_IN_IRQ ioss_interrupts_gpio_0_IRQn +#if defined (CY_USING_HAL) + #define CYBSP_WCO_IN_HAL_PORT_PIN P0_0 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_WCO_IN P0_0 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_WCO_IN_HAL_IRQ CYHAL_GPIO_IRQ_NONE +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_WCO_IN_HAL_DIR CYHAL_GPIO_DIR_INPUT +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_WCO_IN_HAL_DRIVEMODE CYHAL_GPIO_DRIVE_ANALOG +#endif //defined (CY_USING_HAL) +#define CYBSP_WCO_OUT_ENABLED 1U +#define CYBSP_WCO_OUT_PORT GPIO_PRT0 +#define CYBSP_WCO_OUT_PORT_NUM 0U +#define CYBSP_WCO_OUT_PIN 1U +#define CYBSP_WCO_OUT_NUM 1U +#define CYBSP_WCO_OUT_DRIVEMODE CY_GPIO_DM_ANALOG +#define CYBSP_WCO_OUT_INIT_DRIVESTATE 1 +#ifndef ioss_0_port_0_pin_1_HSIOM + #define ioss_0_port_0_pin_1_HSIOM HSIOM_SEL_GPIO +#endif +#define CYBSP_WCO_OUT_HSIOM ioss_0_port_0_pin_1_HSIOM +#define CYBSP_WCO_OUT_IRQ ioss_interrupts_gpio_0_IRQn +#if defined (CY_USING_HAL) + #define CYBSP_WCO_OUT_HAL_PORT_PIN P0_1 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_WCO_OUT P0_1 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_WCO_OUT_HAL_IRQ CYHAL_GPIO_IRQ_NONE +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_WCO_OUT_HAL_DIR CYHAL_GPIO_DIR_INPUT +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_WCO_OUT_HAL_DRIVEMODE CYHAL_GPIO_DRIVE_ANALOG +#endif //defined (CY_USING_HAL) +#define CYBSP_CSD_RX_ENABLED 1U +#define CYBSP_CSD_RX_PORT GPIO_PRT1 +#define CYBSP_CSD_RX_PORT_NUM 1U +#define CYBSP_CSD_RX_PIN 0U +#define CYBSP_CSD_RX_NUM 0U +#define CYBSP_CSD_RX_DRIVEMODE CY_GPIO_DM_ANALOG +#define CYBSP_CSD_RX_INIT_DRIVESTATE 1 +#ifndef ioss_0_port_1_pin_0_HSIOM + #define ioss_0_port_1_pin_0_HSIOM HSIOM_SEL_GPIO +#endif +#define CYBSP_CSD_RX_HSIOM ioss_0_port_1_pin_0_HSIOM +#define CYBSP_CSD_RX_IRQ ioss_interrupts_gpio_1_IRQn +#if defined (CY_USING_HAL) + #define CYBSP_CSD_RX_HAL_PORT_PIN P1_0 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_RX P1_0 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_RX_HAL_IRQ CYHAL_GPIO_IRQ_NONE +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_RX_HAL_DIR CYHAL_GPIO_DIR_INPUT +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_RX_HAL_DRIVEMODE CYHAL_GPIO_DRIVE_ANALOG +#endif //defined (CY_USING_HAL) +#define CYBSP_SWO_ENABLED 1U +#define CYBSP_SWO_PORT GPIO_PRT6 +#define CYBSP_SWO_PORT_NUM 6U +#define CYBSP_SWO_PIN 4U +#define CYBSP_SWO_NUM 4U +#define CYBSP_SWO_DRIVEMODE CY_GPIO_DM_STRONG_IN_OFF +#define CYBSP_SWO_INIT_DRIVESTATE 1 +#ifndef ioss_0_port_6_pin_4_HSIOM + #define ioss_0_port_6_pin_4_HSIOM HSIOM_SEL_GPIO +#endif +#define CYBSP_SWO_HSIOM ioss_0_port_6_pin_4_HSIOM +#define CYBSP_SWO_IRQ ioss_interrupts_gpio_6_IRQn +#if defined (CY_USING_HAL) + #define CYBSP_SWO_HAL_PORT_PIN P6_4 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_SWO P6_4 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_SWO_HAL_IRQ CYHAL_GPIO_IRQ_NONE +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_SWO_HAL_DIR CYHAL_GPIO_DIR_OUTPUT +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_SWO_HAL_DRIVEMODE CYHAL_GPIO_DRIVE_STRONG +#endif //defined (CY_USING_HAL) +#define CYBSP_SWDIO_ENABLED 1U +#define CYBSP_SWDIO_PORT GPIO_PRT6 +#define CYBSP_SWDIO_PORT_NUM 6U +#define CYBSP_SWDIO_PIN 6U +#define CYBSP_SWDIO_NUM 6U +#define CYBSP_SWDIO_DRIVEMODE CY_GPIO_DM_PULLUP +#define CYBSP_SWDIO_INIT_DRIVESTATE 1 +#ifndef ioss_0_port_6_pin_6_HSIOM + #define ioss_0_port_6_pin_6_HSIOM HSIOM_SEL_GPIO +#endif +#define CYBSP_SWDIO_HSIOM ioss_0_port_6_pin_6_HSIOM +#define CYBSP_SWDIO_IRQ ioss_interrupts_gpio_6_IRQn +#if defined (CY_USING_HAL) + #define CYBSP_SWDIO_HAL_PORT_PIN P6_6 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_SWDIO P6_6 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_SWDIO_HAL_IRQ CYHAL_GPIO_IRQ_NONE +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_SWDIO_HAL_DIR CYHAL_GPIO_DIR_BIDIRECTIONAL +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_SWDIO_HAL_DRIVEMODE CYHAL_GPIO_DRIVE_PULLUP +#endif //defined (CY_USING_HAL) +#define CYBSP_SWDCK_ENABLED 1U +#define CYBSP_SWDCK_PORT GPIO_PRT6 +#define CYBSP_SWDCK_PORT_NUM 6U +#define CYBSP_SWDCK_PIN 7U +#define CYBSP_SWDCK_NUM 7U +#define CYBSP_SWDCK_DRIVEMODE CY_GPIO_DM_PULLDOWN +#define CYBSP_SWDCK_INIT_DRIVESTATE 1 +#ifndef ioss_0_port_6_pin_7_HSIOM + #define ioss_0_port_6_pin_7_HSIOM HSIOM_SEL_GPIO +#endif +#define CYBSP_SWDCK_HSIOM ioss_0_port_6_pin_7_HSIOM +#define CYBSP_SWDCK_IRQ ioss_interrupts_gpio_6_IRQn +#if defined (CY_USING_HAL) + #define CYBSP_SWDCK_HAL_PORT_PIN P6_7 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_SWDCK P6_7 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_SWDCK_HAL_IRQ CYHAL_GPIO_IRQ_NONE +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_SWDCK_HAL_DIR CYHAL_GPIO_DIR_BIDIRECTIONAL +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_SWDCK_HAL_DRIVEMODE CYHAL_GPIO_DRIVE_PULLDOWN +#endif //defined (CY_USING_HAL) +#define CYBSP_CINA_ENABLED 1U +#define CYBSP_CINA_PORT GPIO_PRT7 +#define CYBSP_CINA_PORT_NUM 7U +#define CYBSP_CINA_PIN 1U +#define CYBSP_CINA_NUM 1U +#define CYBSP_CINA_DRIVEMODE CY_GPIO_DM_ANALOG +#define CYBSP_CINA_INIT_DRIVESTATE 1 +#ifndef ioss_0_port_7_pin_1_HSIOM + #define ioss_0_port_7_pin_1_HSIOM HSIOM_SEL_GPIO +#endif +#define CYBSP_CINA_HSIOM ioss_0_port_7_pin_1_HSIOM +#define CYBSP_CINA_IRQ ioss_interrupts_gpio_7_IRQn +#if defined (CY_USING_HAL) + #define CYBSP_CINA_HAL_PORT_PIN P7_1 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CINA P7_1 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CINA_HAL_IRQ CYHAL_GPIO_IRQ_NONE +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CINA_HAL_DIR CYHAL_GPIO_DIR_INPUT +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CINA_HAL_DRIVEMODE CYHAL_GPIO_DRIVE_ANALOG +#endif //defined (CY_USING_HAL) +#define CYBSP_CINB_ENABLED 1U +#define CYBSP_CINB_PORT GPIO_PRT7 +#define CYBSP_CINB_PORT_NUM 7U +#define CYBSP_CINB_PIN 2U +#define CYBSP_CINB_NUM 2U +#define CYBSP_CINB_DRIVEMODE CY_GPIO_DM_ANALOG +#define CYBSP_CINB_INIT_DRIVESTATE 1 +#ifndef ioss_0_port_7_pin_2_HSIOM + #define ioss_0_port_7_pin_2_HSIOM HSIOM_SEL_GPIO +#endif +#define CYBSP_CINB_HSIOM ioss_0_port_7_pin_2_HSIOM +#define CYBSP_CINB_IRQ ioss_interrupts_gpio_7_IRQn +#if defined (CY_USING_HAL) + #define CYBSP_CINB_HAL_PORT_PIN P7_2 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CINB P7_2 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CINB_HAL_IRQ CYHAL_GPIO_IRQ_NONE +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CINB_HAL_DIR CYHAL_GPIO_DIR_INPUT +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CINB_HAL_DRIVEMODE CYHAL_GPIO_DRIVE_ANALOG +#endif //defined (CY_USING_HAL) +#define CYBSP_CMOD_ENABLED 1U +#define CYBSP_CMOD_PORT GPIO_PRT7 +#define CYBSP_CMOD_PORT_NUM 7U +#define CYBSP_CMOD_PIN 7U +#define CYBSP_CMOD_NUM 7U +#define CYBSP_CMOD_DRIVEMODE CY_GPIO_DM_ANALOG +#define CYBSP_CMOD_INIT_DRIVESTATE 1 +#ifndef ioss_0_port_7_pin_7_HSIOM + #define ioss_0_port_7_pin_7_HSIOM HSIOM_SEL_GPIO +#endif +#define CYBSP_CMOD_HSIOM ioss_0_port_7_pin_7_HSIOM +#define CYBSP_CMOD_IRQ ioss_interrupts_gpio_7_IRQn +#if defined (CY_USING_HAL) + #define CYBSP_CMOD_HAL_PORT_PIN P7_7 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CMOD P7_7 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CMOD_HAL_IRQ CYHAL_GPIO_IRQ_NONE +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CMOD_HAL_DIR CYHAL_GPIO_DIR_INPUT +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CMOD_HAL_DRIVEMODE CYHAL_GPIO_DRIVE_ANALOG +#endif //defined (CY_USING_HAL) +#define CYBSP_CSD_BTN0_ENABLED 1U +#define CYBSP_CSD_BTN0_PORT GPIO_PRT8 +#define CYBSP_CSD_BTN0_PORT_NUM 8U +#define CYBSP_CSD_BTN0_PIN 1U +#define CYBSP_CSD_BTN0_NUM 1U +#define CYBSP_CSD_BTN0_DRIVEMODE CY_GPIO_DM_ANALOG +#define CYBSP_CSD_BTN0_INIT_DRIVESTATE 1 +#ifndef ioss_0_port_8_pin_1_HSIOM + #define ioss_0_port_8_pin_1_HSIOM HSIOM_SEL_GPIO +#endif +#define CYBSP_CSD_BTN0_HSIOM ioss_0_port_8_pin_1_HSIOM +#define CYBSP_CSD_BTN0_IRQ ioss_interrupts_gpio_8_IRQn +#if defined (CY_USING_HAL) + #define CYBSP_CSD_BTN0_HAL_PORT_PIN P8_1 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_BTN0 P8_1 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_BTN0_HAL_IRQ CYHAL_GPIO_IRQ_NONE +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_BTN0_HAL_DIR CYHAL_GPIO_DIR_INPUT +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_BTN0_HAL_DRIVEMODE CYHAL_GPIO_DRIVE_ANALOG +#endif //defined (CY_USING_HAL) +#define CYBSP_CSD_BTN1_ENABLED 1U +#define CYBSP_CSD_BTN1_PORT GPIO_PRT8 +#define CYBSP_CSD_BTN1_PORT_NUM 8U +#define CYBSP_CSD_BTN1_PIN 2U +#define CYBSP_CSD_BTN1_NUM 2U +#define CYBSP_CSD_BTN1_DRIVEMODE CY_GPIO_DM_ANALOG +#define CYBSP_CSD_BTN1_INIT_DRIVESTATE 1 +#ifndef ioss_0_port_8_pin_2_HSIOM + #define ioss_0_port_8_pin_2_HSIOM HSIOM_SEL_GPIO +#endif +#define CYBSP_CSD_BTN1_HSIOM ioss_0_port_8_pin_2_HSIOM +#define CYBSP_CSD_BTN1_IRQ ioss_interrupts_gpio_8_IRQn +#if defined (CY_USING_HAL) + #define CYBSP_CSD_BTN1_HAL_PORT_PIN P8_2 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_BTN1 P8_2 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_BTN1_HAL_IRQ CYHAL_GPIO_IRQ_NONE +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_BTN1_HAL_DIR CYHAL_GPIO_DIR_INPUT +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_BTN1_HAL_DRIVEMODE CYHAL_GPIO_DRIVE_ANALOG +#endif //defined (CY_USING_HAL) +#define CYBSP_CSD_SLD0_ENABLED 1U +#define CYBSP_CSD_SLD0_PORT GPIO_PRT8 +#define CYBSP_CSD_SLD0_PORT_NUM 8U +#define CYBSP_CSD_SLD0_PIN 3U +#define CYBSP_CSD_SLD0_NUM 3U +#define CYBSP_CSD_SLD0_DRIVEMODE CY_GPIO_DM_ANALOG +#define CYBSP_CSD_SLD0_INIT_DRIVESTATE 1 +#ifndef ioss_0_port_8_pin_3_HSIOM + #define ioss_0_port_8_pin_3_HSIOM HSIOM_SEL_GPIO +#endif +#define CYBSP_CSD_SLD0_HSIOM ioss_0_port_8_pin_3_HSIOM +#define CYBSP_CSD_SLD0_IRQ ioss_interrupts_gpio_8_IRQn +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD0_HAL_PORT_PIN P8_3 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD0 P8_3 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD0_HAL_IRQ CYHAL_GPIO_IRQ_NONE +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD0_HAL_DIR CYHAL_GPIO_DIR_INPUT +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD0_HAL_DRIVEMODE CYHAL_GPIO_DRIVE_ANALOG +#endif //defined (CY_USING_HAL) +#define CYBSP_CSD_SLD1_ENABLED 1U +#define CYBSP_CSD_SLD1_PORT GPIO_PRT8 +#define CYBSP_CSD_SLD1_PORT_NUM 8U +#define CYBSP_CSD_SLD1_PIN 4U +#define CYBSP_CSD_SLD1_NUM 4U +#define CYBSP_CSD_SLD1_DRIVEMODE CY_GPIO_DM_ANALOG +#define CYBSP_CSD_SLD1_INIT_DRIVESTATE 1 +#ifndef ioss_0_port_8_pin_4_HSIOM + #define ioss_0_port_8_pin_4_HSIOM HSIOM_SEL_GPIO +#endif +#define CYBSP_CSD_SLD1_HSIOM ioss_0_port_8_pin_4_HSIOM +#define CYBSP_CSD_SLD1_IRQ ioss_interrupts_gpio_8_IRQn +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD1_HAL_PORT_PIN P8_4 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD1 P8_4 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD1_HAL_IRQ CYHAL_GPIO_IRQ_NONE +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD1_HAL_DIR CYHAL_GPIO_DIR_INPUT +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD1_HAL_DRIVEMODE CYHAL_GPIO_DRIVE_ANALOG +#endif //defined (CY_USING_HAL) +#define CYBSP_CSD_SLD2_ENABLED 1U +#define CYBSP_CSD_SLD2_PORT GPIO_PRT8 +#define CYBSP_CSD_SLD2_PORT_NUM 8U +#define CYBSP_CSD_SLD2_PIN 5U +#define CYBSP_CSD_SLD2_NUM 5U +#define CYBSP_CSD_SLD2_DRIVEMODE CY_GPIO_DM_ANALOG +#define CYBSP_CSD_SLD2_INIT_DRIVESTATE 1 +#ifndef ioss_0_port_8_pin_5_HSIOM + #define ioss_0_port_8_pin_5_HSIOM HSIOM_SEL_GPIO +#endif +#define CYBSP_CSD_SLD2_HSIOM ioss_0_port_8_pin_5_HSIOM +#define CYBSP_CSD_SLD2_IRQ ioss_interrupts_gpio_8_IRQn +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD2_HAL_PORT_PIN P8_5 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD2 P8_5 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD2_HAL_IRQ CYHAL_GPIO_IRQ_NONE +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD2_HAL_DIR CYHAL_GPIO_DIR_INPUT +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD2_HAL_DRIVEMODE CYHAL_GPIO_DRIVE_ANALOG +#endif //defined (CY_USING_HAL) +#define CYBSP_CSD_SLD3_ENABLED 1U +#define CYBSP_CSD_SLD3_PORT GPIO_PRT8 +#define CYBSP_CSD_SLD3_PORT_NUM 8U +#define CYBSP_CSD_SLD3_PIN 6U +#define CYBSP_CSD_SLD3_NUM 6U +#define CYBSP_CSD_SLD3_DRIVEMODE CY_GPIO_DM_ANALOG +#define CYBSP_CSD_SLD3_INIT_DRIVESTATE 1 +#ifndef ioss_0_port_8_pin_6_HSIOM + #define ioss_0_port_8_pin_6_HSIOM HSIOM_SEL_GPIO +#endif +#define CYBSP_CSD_SLD3_HSIOM ioss_0_port_8_pin_6_HSIOM +#define CYBSP_CSD_SLD3_IRQ ioss_interrupts_gpio_8_IRQn +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD3_HAL_PORT_PIN P8_6 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD3 P8_6 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD3_HAL_IRQ CYHAL_GPIO_IRQ_NONE +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD3_HAL_DIR CYHAL_GPIO_DIR_INPUT +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD3_HAL_DRIVEMODE CYHAL_GPIO_DRIVE_ANALOG +#endif //defined (CY_USING_HAL) +#define CYBSP_CSD_SLD4_ENABLED 1U +#define CYBSP_CSD_SLD4_PORT GPIO_PRT8 +#define CYBSP_CSD_SLD4_PORT_NUM 8U +#define CYBSP_CSD_SLD4_PIN 7U +#define CYBSP_CSD_SLD4_NUM 7U +#define CYBSP_CSD_SLD4_DRIVEMODE CY_GPIO_DM_ANALOG +#define CYBSP_CSD_SLD4_INIT_DRIVESTATE 1 +#ifndef ioss_0_port_8_pin_7_HSIOM + #define ioss_0_port_8_pin_7_HSIOM HSIOM_SEL_GPIO +#endif +#define CYBSP_CSD_SLD4_HSIOM ioss_0_port_8_pin_7_HSIOM +#define CYBSP_CSD_SLD4_IRQ ioss_interrupts_gpio_8_IRQn +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD4_HAL_PORT_PIN P8_7 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD4 P8_7 +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD4_HAL_IRQ CYHAL_GPIO_IRQ_NONE +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD4_HAL_DIR CYHAL_GPIO_DIR_INPUT +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + #define CYBSP_CSD_SLD4_HAL_DRIVEMODE CYHAL_GPIO_DRIVE_ANALOG +#endif //defined (CY_USING_HAL) + +extern const cy_stc_gpio_pin_config_t CYBSP_WCO_IN_config; +#if defined (CY_USING_HAL) + extern const cyhal_resource_inst_t CYBSP_WCO_IN_obj; +#endif //defined (CY_USING_HAL) +extern const cy_stc_gpio_pin_config_t CYBSP_WCO_OUT_config; +#if defined (CY_USING_HAL) + extern const cyhal_resource_inst_t CYBSP_WCO_OUT_obj; +#endif //defined (CY_USING_HAL) +extern const cy_stc_gpio_pin_config_t CYBSP_CSD_RX_config; +#if defined (CY_USING_HAL) + extern const cyhal_resource_inst_t CYBSP_CSD_RX_obj; +#endif //defined (CY_USING_HAL) +extern const cy_stc_gpio_pin_config_t CYBSP_SWO_config; +#if defined (CY_USING_HAL) + extern const cyhal_resource_inst_t CYBSP_SWO_obj; +#endif //defined (CY_USING_HAL) +extern const cy_stc_gpio_pin_config_t CYBSP_SWDIO_config; +#if defined (CY_USING_HAL) + extern const cyhal_resource_inst_t CYBSP_SWDIO_obj; +#endif //defined (CY_USING_HAL) +extern const cy_stc_gpio_pin_config_t CYBSP_SWDCK_config; +#if defined (CY_USING_HAL) + extern const cyhal_resource_inst_t CYBSP_SWDCK_obj; +#endif //defined (CY_USING_HAL) +extern const cy_stc_gpio_pin_config_t CYBSP_CINA_config; +#if defined (CY_USING_HAL) + extern const cyhal_resource_inst_t CYBSP_CINA_obj; +#endif //defined (CY_USING_HAL) +extern const cy_stc_gpio_pin_config_t CYBSP_CINB_config; +#if defined (CY_USING_HAL) + extern const cyhal_resource_inst_t CYBSP_CINB_obj; +#endif //defined (CY_USING_HAL) +extern const cy_stc_gpio_pin_config_t CYBSP_CMOD_config; +#if defined (CY_USING_HAL) + extern const cyhal_resource_inst_t CYBSP_CMOD_obj; +#endif //defined (CY_USING_HAL) +extern const cy_stc_gpio_pin_config_t CYBSP_CSD_BTN0_config; +#if defined (CY_USING_HAL) + extern const cyhal_resource_inst_t CYBSP_CSD_BTN0_obj; +#endif //defined (CY_USING_HAL) +extern const cy_stc_gpio_pin_config_t CYBSP_CSD_BTN1_config; +#if defined (CY_USING_HAL) + extern const cyhal_resource_inst_t CYBSP_CSD_BTN1_obj; +#endif //defined (CY_USING_HAL) +extern const cy_stc_gpio_pin_config_t CYBSP_CSD_SLD0_config; +#if defined (CY_USING_HAL) + extern const cyhal_resource_inst_t CYBSP_CSD_SLD0_obj; +#endif //defined (CY_USING_HAL) +extern const cy_stc_gpio_pin_config_t CYBSP_CSD_SLD1_config; +#if defined (CY_USING_HAL) + extern const cyhal_resource_inst_t CYBSP_CSD_SLD1_obj; +#endif //defined (CY_USING_HAL) +extern const cy_stc_gpio_pin_config_t CYBSP_CSD_SLD2_config; +#if defined (CY_USING_HAL) + extern const cyhal_resource_inst_t CYBSP_CSD_SLD2_obj; +#endif //defined (CY_USING_HAL) +extern const cy_stc_gpio_pin_config_t CYBSP_CSD_SLD3_config; +#if defined (CY_USING_HAL) + extern const cyhal_resource_inst_t CYBSP_CSD_SLD3_obj; +#endif //defined (CY_USING_HAL) +extern const cy_stc_gpio_pin_config_t CYBSP_CSD_SLD4_config; +#if defined (CY_USING_HAL) + extern const cyhal_resource_inst_t CYBSP_CSD_SLD4_obj; +#endif //defined (CY_USING_HAL) + +void init_cycfg_pins(void); + +#if defined(__cplusplus) +} +#endif + + +#endif /* CYCFG_PINS_H */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_qspi_memslot.c b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_qspi_memslot.c new file mode 100755 index 0000000..ec8db9f --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_qspi_memslot.c @@ -0,0 +1,266 @@ +/******************************************************************************* +* File Name: cycfg_qspi_memslot.c +* +* Description: +* Provides definitions of the SMIF-driver memory configuration. +* This file was automatically generated and should not be modified. +* QSPI Configurator: 2.0.0.1483 +* +******************************************************************************** +* Copyright 2017-2019 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +********************************************************************************/ + +#include "cycfg_qspi_memslot.h" + +const cy_stc_smif_mem_cmd_t S25FL512S_4byteaddr_SlaveSlot_0_readCmd = +{ + /* The 8-bit command. 1 x I/O read command. */ + .command = 0xECU, + /* The width of the command transfer. */ + .cmdWidth = CY_SMIF_WIDTH_SINGLE, + /* The width of the address transfer. */ + .addrWidth = CY_SMIF_WIDTH_QUAD, + /* The 8-bit mode byte. This value is 0xFFFFFFFF when there is no mode present. */ + .mode = 0x01U, + /* The width of the mode command transfer. */ + .modeWidth = CY_SMIF_WIDTH_QUAD, + /* The number of dummy cycles. A zero value suggests no dummy cycles. */ + .dummyCycles = 4U, + /* The width of the data transfer. */ + .dataWidth = CY_SMIF_WIDTH_QUAD +}; + +const cy_stc_smif_mem_cmd_t S25FL512S_4byteaddr_SlaveSlot_0_writeEnCmd = +{ + /* The 8-bit command. 1 x I/O read command. */ + .command = 0x06U, + /* The width of the command transfer. */ + .cmdWidth = CY_SMIF_WIDTH_SINGLE, + /* The width of the address transfer. */ + .addrWidth = CY_SMIF_WIDTH_SINGLE, + /* The 8-bit mode byte. This value is 0xFFFFFFFF when there is no mode present. */ + .mode = 0xFFFFFFFFU, + /* The width of the mode command transfer. */ + .modeWidth = CY_SMIF_WIDTH_SINGLE, + /* The number of dummy cycles. A zero value suggests no dummy cycles. */ + .dummyCycles = 0U, + /* The width of the data transfer. */ + .dataWidth = CY_SMIF_WIDTH_SINGLE +}; + +const cy_stc_smif_mem_cmd_t S25FL512S_4byteaddr_SlaveSlot_0_writeDisCmd = +{ + /* The 8-bit command. 1 x I/O read command. */ + .command = 0x04U, + /* The width of the command transfer. */ + .cmdWidth = CY_SMIF_WIDTH_SINGLE, + /* The width of the address transfer. */ + .addrWidth = CY_SMIF_WIDTH_SINGLE, + /* The 8-bit mode byte. This value is 0xFFFFFFFF when there is no mode present. */ + .mode = 0xFFFFFFFFU, + /* The width of the mode command transfer. */ + .modeWidth = CY_SMIF_WIDTH_SINGLE, + /* The number of dummy cycles. A zero value suggests no dummy cycles. */ + .dummyCycles = 0U, + /* The width of the data transfer. */ + .dataWidth = CY_SMIF_WIDTH_SINGLE +}; + +const cy_stc_smif_mem_cmd_t S25FL512S_4byteaddr_SlaveSlot_0_eraseCmd = +{ + /* The 8-bit command. 1 x I/O read command. */ + .command = 0xDCU, + /* The width of the command transfer. */ + .cmdWidth = CY_SMIF_WIDTH_SINGLE, + /* The width of the address transfer. */ + .addrWidth = CY_SMIF_WIDTH_SINGLE, + /* The 8-bit mode byte. This value is 0xFFFFFFFF when there is no mode present. */ + .mode = 0xFFFFFFFFU, + /* The width of the mode command transfer. */ + .modeWidth = CY_SMIF_WIDTH_SINGLE, + /* The number of dummy cycles. A zero value suggests no dummy cycles. */ + .dummyCycles = 0U, + /* The width of the data transfer. */ + .dataWidth = CY_SMIF_WIDTH_SINGLE +}; + +const cy_stc_smif_mem_cmd_t S25FL512S_4byteaddr_SlaveSlot_0_chipEraseCmd = +{ + /* The 8-bit command. 1 x I/O read command. */ + .command = 0x60U, + /* The width of the command transfer. */ + .cmdWidth = CY_SMIF_WIDTH_SINGLE, + /* The width of the address transfer. */ + .addrWidth = CY_SMIF_WIDTH_SINGLE, + /* The 8-bit mode byte. This value is 0xFFFFFFFF when there is no mode present. */ + .mode = 0xFFFFFFFFU, + /* The width of the mode command transfer. */ + .modeWidth = CY_SMIF_WIDTH_SINGLE, + /* The number of dummy cycles. A zero value suggests no dummy cycles. */ + .dummyCycles = 0U, + /* The width of the data transfer. */ + .dataWidth = CY_SMIF_WIDTH_SINGLE +}; + +const cy_stc_smif_mem_cmd_t S25FL512S_4byteaddr_SlaveSlot_0_programCmd = +{ + /* The 8-bit command. 1 x I/O read command. */ + .command = 0x34U, + /* The width of the command transfer. */ + .cmdWidth = CY_SMIF_WIDTH_SINGLE, + /* The width of the address transfer. */ + .addrWidth = CY_SMIF_WIDTH_SINGLE, + /* The 8-bit mode byte. This value is 0xFFFFFFFF when there is no mode present. */ + .mode = 0xFFFFFFFFU, + /* The width of the mode command transfer. */ + .modeWidth = CY_SMIF_WIDTH_QUAD, + /* The number of dummy cycles. A zero value suggests no dummy cycles. */ + .dummyCycles = 0U, + /* The width of the data transfer. */ + .dataWidth = CY_SMIF_WIDTH_QUAD +}; + +const cy_stc_smif_mem_cmd_t S25FL512S_4byteaddr_SlaveSlot_0_readStsRegQeCmd = +{ + /* The 8-bit command. 1 x I/O read command. */ + .command = 0x35U, + /* The width of the command transfer. */ + .cmdWidth = CY_SMIF_WIDTH_SINGLE, + /* The width of the address transfer. */ + .addrWidth = CY_SMIF_WIDTH_SINGLE, + /* The 8-bit mode byte. This value is 0xFFFFFFFF when there is no mode present. */ + .mode = 0xFFFFFFFFU, + /* The width of the mode command transfer. */ + .modeWidth = CY_SMIF_WIDTH_SINGLE, + /* The number of dummy cycles. A zero value suggests no dummy cycles. */ + .dummyCycles = 0U, + /* The width of the data transfer. */ + .dataWidth = CY_SMIF_WIDTH_SINGLE +}; + +const cy_stc_smif_mem_cmd_t S25FL512S_4byteaddr_SlaveSlot_0_readStsRegWipCmd = +{ + /* The 8-bit command. 1 x I/O read command. */ + .command = 0x05U, + /* The width of the command transfer. */ + .cmdWidth = CY_SMIF_WIDTH_SINGLE, + /* The width of the address transfer. */ + .addrWidth = CY_SMIF_WIDTH_SINGLE, + /* The 8-bit mode byte. This value is 0xFFFFFFFF when there is no mode present. */ + .mode = 0xFFFFFFFFU, + /* The width of the mode command transfer. */ + .modeWidth = CY_SMIF_WIDTH_SINGLE, + /* The number of dummy cycles. A zero value suggests no dummy cycles. */ + .dummyCycles = 0U, + /* The width of the data transfer. */ + .dataWidth = CY_SMIF_WIDTH_SINGLE +}; + +const cy_stc_smif_mem_cmd_t S25FL512S_4byteaddr_SlaveSlot_0_writeStsRegQeCmd = +{ + /* The 8-bit command. 1 x I/O read command. */ + .command = 0x01U, + /* The width of the command transfer. */ + .cmdWidth = CY_SMIF_WIDTH_SINGLE, + /* The width of the address transfer. */ + .addrWidth = CY_SMIF_WIDTH_SINGLE, + /* The 8-bit mode byte. This value is 0xFFFFFFFF when there is no mode present. */ + .mode = 0xFFFFFFFFU, + /* The width of the mode command transfer. */ + .modeWidth = CY_SMIF_WIDTH_SINGLE, + /* The number of dummy cycles. A zero value suggests no dummy cycles. */ + .dummyCycles = 0U, + /* The width of the data transfer. */ + .dataWidth = CY_SMIF_WIDTH_SINGLE +}; + +const cy_stc_smif_mem_device_cfg_t deviceCfg_S25FL512S_4byteaddr_SlaveSlot_0 = +{ + /* Specifies the number of address bytes used by the memory slave device. */ + .numOfAddrBytes = 0x04U, + /* The size of the memory. */ + .memSize = 0x04000000U, + /* Specifies the Read command. */ + .readCmd = (cy_stc_smif_mem_cmd_t*)&S25FL512S_4byteaddr_SlaveSlot_0_readCmd, + /* Specifies the Write Enable command. */ + .writeEnCmd = (cy_stc_smif_mem_cmd_t*)&S25FL512S_4byteaddr_SlaveSlot_0_writeEnCmd, + /* Specifies the Write Disable command. */ + .writeDisCmd = (cy_stc_smif_mem_cmd_t*)&S25FL512S_4byteaddr_SlaveSlot_0_writeDisCmd, + /* Specifies the Erase command. */ + .eraseCmd = (cy_stc_smif_mem_cmd_t*)&S25FL512S_4byteaddr_SlaveSlot_0_eraseCmd, + /* Specifies the sector size of each erase. */ + .eraseSize = 0x00040000U, + /* Specifies the Chip Erase command. */ + .chipEraseCmd = (cy_stc_smif_mem_cmd_t*)&S25FL512S_4byteaddr_SlaveSlot_0_chipEraseCmd, + /* Specifies the Program command. */ + .programCmd = (cy_stc_smif_mem_cmd_t*)&S25FL512S_4byteaddr_SlaveSlot_0_programCmd, + /* Specifies the page size for programming. */ + .programSize = 0x00000200U, + /* Specifies the command to read the QE-containing status register. */ + .readStsRegQeCmd = (cy_stc_smif_mem_cmd_t*)&S25FL512S_4byteaddr_SlaveSlot_0_readStsRegQeCmd, + /* Specifies the command to read the WIP-containing status register. */ + .readStsRegWipCmd = (cy_stc_smif_mem_cmd_t*)&S25FL512S_4byteaddr_SlaveSlot_0_readStsRegWipCmd, + /* Specifies the command to write into the QE-containing status register. */ + .writeStsRegQeCmd = (cy_stc_smif_mem_cmd_t*)&S25FL512S_4byteaddr_SlaveSlot_0_writeStsRegQeCmd, + /* The mask for the status register. */ + .stsRegBusyMask = 0x01U, + /* The mask for the status register. */ + .stsRegQuadEnableMask = 0x02U, + /* The max time for the erase type-1 cycle-time in ms. */ + .eraseTime = 2600U, + /* The max time for the chip-erase cycle-time in ms. */ + .chipEraseTime = 460000U, + /* The max time for the page-program cycle-time in us. */ + .programTime = 1300U +}; + +const cy_stc_smif_mem_config_t S25FL512S_4byteaddr_SlaveSlot_0 = +{ + /* Determines the slot number where the memory device is placed. */ + .slaveSelect = CY_SMIF_SLAVE_SELECT_0, + /* Flags. */ + .flags = CY_SMIF_FLAG_MEMORY_MAPPED | CY_SMIF_FLAG_WR_EN, + /* The data-line selection options for a slave device. */ + .dataSelect = CY_SMIF_DATA_SEL0, + /* The base address the memory slave is mapped to in the PSoC memory map. + Valid when the memory-mapped mode is enabled. */ + .baseAddress = 0x18000000U, + /* The size allocated in the PSoC memory map, for the memory slave device. + The size is allocated from the base address. Valid when the memory mapped mode is enabled. */ + .memMappedSize = 0x4000000U, + /* If this memory device is one of the devices in the dual quad SPI configuration. + Valid when the memory mapped mode is enabled. */ + .dualQuadSlots = 0, + /* The configuration of the device. */ + .deviceCfg = (cy_stc_smif_mem_device_cfg_t*)&deviceCfg_S25FL512S_4byteaddr_SlaveSlot_0 +}; + +const cy_stc_smif_mem_config_t* const smifMemConfigs[] = { + &S25FL512S_4byteaddr_SlaveSlot_0 +}; + +const cy_stc_smif_block_config_t smifBlockConfig = +{ + /* The number of SMIF memories defined. */ + .memCount = CY_SMIF_DEVICE_NUM, + /* The pointer to the array of memory config structures of size memCount. */ + .memConfig = (cy_stc_smif_mem_config_t**)smifMemConfigs, + /* The version of the SMIF driver. */ + .majorVersion = CY_SMIF_DRV_VERSION_MAJOR, + /* The version of the SMIF driver. */ + .minorVersion = CY_SMIF_DRV_VERSION_MINOR +}; + diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_qspi_memslot.h b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_qspi_memslot.h new file mode 100755 index 0000000..a5af025 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_qspi_memslot.h @@ -0,0 +1,51 @@ +/******************************************************************************* +* File Name: cycfg_qspi_memslot.h +* +* Description: +* Provides declarations of the SMIF-driver memory configuration. +* This file was automatically generated and should not be modified. +* QSPI Configurator: 2.0.0.1483 +* +******************************************************************************** +* Copyright 2017-2019 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +********************************************************************************/ + +#ifndef CYCFG_QSPI_MEMSLOT_H +#define CYCFG_QSPI_MEMSLOT_H +#include "cy_smif_memslot.h" + +#define CY_SMIF_DEVICE_NUM 1 + +extern const cy_stc_smif_mem_cmd_t S25FL512S_4byteaddr_SlaveSlot_0_readCmd; +extern const cy_stc_smif_mem_cmd_t S25FL512S_4byteaddr_SlaveSlot_0_writeEnCmd; +extern const cy_stc_smif_mem_cmd_t S25FL512S_4byteaddr_SlaveSlot_0_writeDisCmd; +extern const cy_stc_smif_mem_cmd_t S25FL512S_4byteaddr_SlaveSlot_0_eraseCmd; +extern const cy_stc_smif_mem_cmd_t S25FL512S_4byteaddr_SlaveSlot_0_chipEraseCmd; +extern const cy_stc_smif_mem_cmd_t S25FL512S_4byteaddr_SlaveSlot_0_programCmd; +extern const cy_stc_smif_mem_cmd_t S25FL512S_4byteaddr_SlaveSlot_0_readStsRegQeCmd; +extern const cy_stc_smif_mem_cmd_t S25FL512S_4byteaddr_SlaveSlot_0_readStsRegWipCmd; +extern const cy_stc_smif_mem_cmd_t S25FL512S_4byteaddr_SlaveSlot_0_writeStsRegQeCmd; + +extern const cy_stc_smif_mem_device_cfg_t deviceCfg_S25FL512S_4byteaddr_SlaveSlot_0; + +extern const cy_stc_smif_mem_config_t S25FL512S_4byteaddr_SlaveSlot_0; +extern const cy_stc_smif_mem_config_t* const smifMemConfigs[CY_SMIF_DEVICE_NUM]; + +extern const cy_stc_smif_block_config_t smifBlockConfig; + + +#endif /*CY_SMIF_MEMCONFIG_H*/ + diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_routing.c b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_routing.c new file mode 100755 index 0000000..e0ba904 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_routing.c @@ -0,0 +1,41 @@ +/******************************************************************************* +* File Name: cycfg_routing.c +* +* Description: +* Establishes all necessary connections between hardware elements. +* This file was automatically generated and should not be modified. +* cfg-backend-cli: 1.2.0.1483 +* Device Support Library (libs/psoc6pdl): 1.6.0.4266 +* +******************************************************************************** +* Copyright 2017-2019 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +********************************************************************************/ + +#include "cycfg_routing.h" + +#include "cy_device_headers.h" + +void init_cycfg_routing(void) +{ + HSIOM->AMUX_SPLIT_CTL[2] = HSIOM_V2_AMUX_SPLIT_CTL_SWITCH_AA_SL_Msk | + HSIOM_V2_AMUX_SPLIT_CTL_SWITCH_AA_SR_Msk | + HSIOM_V2_AMUX_SPLIT_CTL_SWITCH_BB_SL_Msk | + HSIOM_V2_AMUX_SPLIT_CTL_SWITCH_BB_SR_Msk; + HSIOM->AMUX_SPLIT_CTL[4] = HSIOM_V2_AMUX_SPLIT_CTL_SWITCH_AA_SL_Msk | + HSIOM_V2_AMUX_SPLIT_CTL_SWITCH_AA_SR_Msk | + HSIOM_V2_AMUX_SPLIT_CTL_SWITCH_BB_SL_Msk | + HSIOM_V2_AMUX_SPLIT_CTL_SWITCH_BB_SR_Msk; +} diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_routing.h b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_routing.h new file mode 100755 index 0000000..e0cfe03 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_routing.h @@ -0,0 +1,59 @@ +/******************************************************************************* +* File Name: cycfg_routing.h +* +* Description: +* Establishes all necessary connections between hardware elements. +* This file was automatically generated and should not be modified. +* cfg-backend-cli: 1.2.0.1483 +* Device Support Library (libs/psoc6pdl): 1.6.0.4266 +* +******************************************************************************** +* Copyright 2017-2019 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +********************************************************************************/ + +#if !defined(CYCFG_ROUTING_H) +#define CYCFG_ROUTING_H + +#if defined(__cplusplus) +extern "C" { +#endif + +#include "cycfg_notices.h" +void init_cycfg_routing(void); +#define init_cycfg_connectivity() init_cycfg_routing() +#define ioss_0_port_0_pin_0_ANALOG P0_0_SRSS_WCO_IN +#define ioss_0_port_0_pin_1_ANALOG P0_1_SRSS_WCO_OUT +#define ioss_0_port_1_pin_0_HSIOM HSIOM_SEL_AMUXB +#define ioss_0_port_6_pin_4_HSIOM P6_4_CPUSS_SWJ_SWO_TDO +#define ioss_0_port_6_pin_6_HSIOM P6_6_CPUSS_SWJ_SWDIO_TMS +#define ioss_0_port_6_pin_7_HSIOM P6_7_CPUSS_SWJ_SWCLK_TCLK +#define ioss_0_port_7_pin_1_HSIOM HSIOM_SEL_AMUXA +#define ioss_0_port_7_pin_2_HSIOM HSIOM_SEL_AMUXB +#define ioss_0_port_7_pin_7_HSIOM HSIOM_SEL_AMUXA +#define ioss_0_port_8_pin_1_HSIOM HSIOM_SEL_AMUXB +#define ioss_0_port_8_pin_2_HSIOM HSIOM_SEL_AMUXB +#define ioss_0_port_8_pin_3_HSIOM HSIOM_SEL_AMUXB +#define ioss_0_port_8_pin_4_HSIOM HSIOM_SEL_AMUXB +#define ioss_0_port_8_pin_5_HSIOM HSIOM_SEL_AMUXB +#define ioss_0_port_8_pin_6_HSIOM HSIOM_SEL_AMUXA +#define ioss_0_port_8_pin_7_HSIOM HSIOM_SEL_AMUXB + +#if defined(__cplusplus) +} +#endif + + +#endif /* CYCFG_ROUTING_H */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_system.c b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_system.c new file mode 100755 index 0000000..d3aa57c --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_system.c @@ -0,0 +1,1181 @@ +/******************************************************************************* +* File Name: cycfg_system.c +* +* Description: +* System configuration +* This file was automatically generated and should not be modified. +* cfg-backend-cli: 1.2.0.1483 +* Device Support Library (libs/psoc6pdl): 1.6.0.4266 +* +******************************************************************************** +* Copyright 2017-2019 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +********************************************************************************/ + +#include "cycfg_system.h" + +#define CY_CFG_SYSCLK_ECO_ERROR 1 +#define CY_CFG_SYSCLK_ALTHF_ERROR 2 +#define CY_CFG_SYSCLK_PLL_ERROR 3 +#define CY_CFG_SYSCLK_FLL_ERROR 4 +#define CY_CFG_SYSCLK_WCO_ERROR 5 +#define CY_CFG_SYSCLK_CLKBAK_ENABLED 1 +#define CY_CFG_SYSCLK_CLKBAK_SOURCE CY_SYSCLK_BAK_IN_CLKLF +#define CY_CFG_SYSCLK_CLKFAST_ENABLED 1 +#define CY_CFG_SYSCLK_CLKFAST_DIVIDER 0 +#define CY_CFG_SYSCLK_FLL_ENABLED 1 +#define CY_CFG_SYSCLK_FLL_MULT 500U +#define CY_CFG_SYSCLK_FLL_REFDIV 20U +#define CY_CFG_SYSCLK_FLL_CCO_RANGE CY_SYSCLK_FLL_CCO_RANGE4 +#define CY_CFG_SYSCLK_FLL_ENABLE_OUTDIV true +#define CY_CFG_SYSCLK_FLL_LOCK_TOLERANCE 10U +#define CY_CFG_SYSCLK_FLL_IGAIN 9U +#define CY_CFG_SYSCLK_FLL_PGAIN 5U +#define CY_CFG_SYSCLK_FLL_SETTLING_COUNT 8 +#define CY_CFG_SYSCLK_FLL_OUTPUT_MODE CY_SYSCLK_FLLPLL_OUTPUT_OUTPUT +#define CY_CFG_SYSCLK_FLL_CCO_FREQ 355 +#define CY_CFG_SYSCLK_FLL_OUT_FREQ 100000000 +#define CY_CFG_SYSCLK_CLKHF0_ENABLED 1 +#define CY_CFG_SYSCLK_CLKHF0_DIVIDER CY_SYSCLK_CLKHF_NO_DIVIDE +#define CY_CFG_SYSCLK_CLKHF0_FREQ_MHZ 100UL +#define CY_CFG_SYSCLK_CLKHF0_CLKPATH CY_SYSCLK_CLKHF_IN_CLKPATH0 +#define CY_CFG_SYSCLK_CLKHF2_ENABLED 1 +#define CY_CFG_SYSCLK_CLKHF2_DIVIDER CY_SYSCLK_CLKHF_DIVIDE_BY_2 +#define CY_CFG_SYSCLK_CLKHF2_FREQ_MHZ 50UL +#define CY_CFG_SYSCLK_CLKHF2_CLKPATH CY_SYSCLK_CLKHF_IN_CLKPATH0 +#define CY_CFG_SYSCLK_CLKHF3_ENABLED 1 +#define CY_CFG_SYSCLK_CLKHF3_DIVIDER CY_SYSCLK_CLKHF_NO_DIVIDE +#define CY_CFG_SYSCLK_CLKHF3_FREQ_MHZ 100UL +#define CY_CFG_SYSCLK_CLKHF3_CLKPATH CY_SYSCLK_CLKHF_IN_CLKPATH0 +#define CY_CFG_SYSCLK_CLKHF4_ENABLED 1 +#define CY_CFG_SYSCLK_CLKHF4_DIVIDER CY_SYSCLK_CLKHF_NO_DIVIDE +#define CY_CFG_SYSCLK_CLKHF4_FREQ_MHZ 100UL +#define CY_CFG_SYSCLK_CLKHF4_CLKPATH CY_SYSCLK_CLKHF_IN_CLKPATH0 +#define CY_CFG_SYSCLK_ILO_ENABLED 1 +#define CY_CFG_SYSCLK_ILO_HIBERNATE true +#define CY_CFG_SYSCLK_IMO_ENABLED 1 +#define CY_CFG_SYSCLK_CLKLF_ENABLED 1 +#define CY_CFG_SYSCLK_CLKPATH0_ENABLED 1 +#define CY_CFG_SYSCLK_CLKPATH0_SOURCE CY_SYSCLK_CLKPATH_IN_IMO +#define CY_CFG_SYSCLK_CLKPATH0_SOURCE_NUM 0UL +#define CY_CFG_SYSCLK_CLKPATH1_ENABLED 1 +#define CY_CFG_SYSCLK_CLKPATH1_SOURCE CY_SYSCLK_CLKPATH_IN_IMO +#define CY_CFG_SYSCLK_CLKPATH1_SOURCE_NUM 0UL +#define CY_CFG_SYSCLK_CLKPATH2_ENABLED 1 +#define CY_CFG_SYSCLK_CLKPATH2_SOURCE CY_SYSCLK_CLKPATH_IN_IMO +#define CY_CFG_SYSCLK_CLKPATH2_SOURCE_NUM 0UL +#define CY_CFG_SYSCLK_CLKPERI_ENABLED 1 +#define CY_CFG_SYSCLK_CLKPERI_DIVIDER 0 +#define CY_CFG_SYSCLK_PLL0_ENABLED 1 +#define CY_CFG_SYSCLK_PLL0_FEEDBACK_DIV 36 +#define CY_CFG_SYSCLK_PLL0_REFERENCE_DIV 1 +#define CY_CFG_SYSCLK_PLL0_OUTPUT_DIV 2 +#define CY_CFG_SYSCLK_PLL0_LF_MODE false +#define CY_CFG_SYSCLK_PLL0_OUTPUT_MODE CY_SYSCLK_FLLPLL_OUTPUT_AUTO +#define CY_CFG_SYSCLK_PLL0_OUTPUT_FREQ 144000000 +#define CY_CFG_SYSCLK_PLL1_ENABLED 1 +#define CY_CFG_SYSCLK_PLL1_FEEDBACK_DIV 30 +#define CY_CFG_SYSCLK_PLL1_REFERENCE_DIV 1 +#define CY_CFG_SYSCLK_PLL1_OUTPUT_DIV 5 +#define CY_CFG_SYSCLK_PLL1_LF_MODE false +#define CY_CFG_SYSCLK_PLL1_OUTPUT_MODE CY_SYSCLK_FLLPLL_OUTPUT_AUTO +#define CY_CFG_SYSCLK_PLL1_OUTPUT_FREQ 48000000 +#define CY_CFG_SYSCLK_CLKSLOW_ENABLED 1 +#define CY_CFG_SYSCLK_CLKSLOW_DIVIDER 0 +#define CY_CFG_SYSCLK_CLKTIMER_ENABLED 1 +#define CY_CFG_SYSCLK_CLKTIMER_SOURCE CY_SYSCLK_CLKTIMER_IN_IMO +#define CY_CFG_SYSCLK_CLKTIMER_DIVIDER 0U +#define CY_CFG_SYSCLK_WCO_ENABLED 1 +#define CY_CFG_SYSCLK_WCO_IN_PRT GPIO_PRT0 +#define CY_CFG_SYSCLK_WCO_IN_PIN 0U +#define CY_CFG_SYSCLK_WCO_OUT_PRT GPIO_PRT0 +#define CY_CFG_SYSCLK_WCO_OUT_PIN 1U +#define CY_CFG_SYSCLK_WCO_BYPASS CY_SYSCLK_WCO_NOT_BYPASSED +#define CY_CFG_PWR_ENABLED 1 +#define CY_CFG_PWR_INIT 1 +#define CY_CFG_PWR_USING_PMIC 0 +#define CY_CFG_PWR_VBACKUP_USING_VDDD 1 +#define CY_CFG_PWR_LDO_VOLTAGE CY_SYSPM_LDO_VOLTAGE_LP +#define CY_CFG_PWR_USING_ULP 0 +#define CY_CFG_PWR_REGULATOR_MODE_MIN false + +#if defined (CY_DEVICE_SECURE) && (CY_CPU_CORTEX_M4) + static cy_stc_pra_system_config_t srss_0_clock_0_secureConfig; +#endif //defined (CY_DEVICE_SECURE) && (CY_CPU_CORTEX_M4) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + static const cy_stc_fll_manual_config_t srss_0_clock_0_fll_0_fllConfig = + { + .fllMult = 500U, + .refDiv = 20U, + .ccoRange = CY_SYSCLK_FLL_CCO_RANGE4, + .enableOutputDiv = true, + .lockTolerance = 10U, + .igain = 9U, + .pgain = 5U, + .settlingCount = 8U, + .outputMode = CY_SYSCLK_FLLPLL_OUTPUT_OUTPUT, + .cco_Freq = 355U, + }; +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) +#if defined (CY_USING_HAL) + const cyhal_resource_inst_t srss_0_clock_0_pathmux_0_obj = + { + .type = CYHAL_RSC_CLKPATH, + .block_num = 0U, + .channel_num = 0U, + }; +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + const cyhal_resource_inst_t srss_0_clock_0_pathmux_1_obj = + { + .type = CYHAL_RSC_CLKPATH, + .block_num = 1U, + .channel_num = 0U, + }; +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + const cyhal_resource_inst_t srss_0_clock_0_pathmux_2_obj = + { + .type = CYHAL_RSC_CLKPATH, + .block_num = 2U, + .channel_num = 0U, + }; +#endif //defined (CY_USING_HAL) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + static const cy_stc_pll_manual_config_t srss_0_clock_0_pll_0_pllConfig = + { + .feedbackDiv = 36, + .referenceDiv = 1, + .outputDiv = 2, + .lfMode = false, + .outputMode = CY_SYSCLK_FLLPLL_OUTPUT_AUTO, + }; +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + static const cy_stc_pll_manual_config_t srss_0_clock_0_pll_1_pllConfig = + { + .feedbackDiv = 30, + .referenceDiv = 1, + .outputDiv = 5, + .lfMode = false, + .outputMode = CY_SYSCLK_FLLPLL_OUTPUT_AUTO, + }; +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + +__WEAK void cycfg_ClockStartupError(uint32_t error) +{ + (void)error; /* Suppress the compiler warning */ + while(1); +} +#if defined (CY_DEVICE_SECURE) && (CY_CPU_CORTEX_M4) + __STATIC_INLINE void init_cycfg_secure_struct(cy_stc_pra_system_config_t * secure_config) + { + #ifdef CY_CFG_PWR_ENABLED + secure_config->powerEnable = CY_CFG_PWR_ENABLED; + #endif /* CY_CFG_PWR_ENABLED */ + + #ifdef CY_CFG_PWR_USING_LDO + secure_config->ldoEnable = CY_CFG_PWR_USING_LDO; + #endif /* CY_CFG_PWR_USING_LDO */ + + #ifdef CY_CFG_PWR_USING_PMIC + secure_config->pmicEnable = CY_CFG_PWR_USING_PMIC; + #endif /* CY_CFG_PWR_USING_PMIC */ + + #ifdef CY_CFG_PWR_VBACKUP_USING_VDDD + secure_config->vBackupVDDDEnable = CY_CFG_PWR_VBACKUP_USING_VDDD; + #endif /* CY_CFG_PWR_VBACKUP_USING_VDDD */ + + #ifdef CY_CFG_PWR_USING_ULP + secure_config->ulpEnable = CY_CFG_PWR_USING_ULP; + #endif /* CY_CFG_PWR_USING_ULP */ + + #ifdef CY_CFG_SYSCLK_ECO_ENABLED + secure_config->ecoEnable = CY_CFG_SYSCLK_ECO_ENABLED; + #endif /* CY_CFG_SYSCLK_ECO_ENABLED */ + + #ifdef CY_CFG_SYSCLK_EXTCLK_ENABLED + secure_config->extClkEnable = CY_CFG_SYSCLK_EXTCLK_ENABLED; + #endif /* CY_CFG_SYSCLK_EXTCLK_ENABLED */ + + #ifdef CY_CFG_SYSCLK_ILO_ENABLED + secure_config->iloEnable = CY_CFG_SYSCLK_ILO_ENABLED; + #endif /* CY_CFG_SYSCLK_ILO_ENABLED */ + + #ifdef CY_CFG_SYSCLK_WCO_ENABLED + secure_config->wcoEnable = CY_CFG_SYSCLK_WCO_ENABLED; + #endif /* CY_CFG_SYSCLK_WCO_ENABLED */ + + #ifdef CY_CFG_SYSCLK_FLL_ENABLED + secure_config->fllEnable = CY_CFG_SYSCLK_FLL_ENABLED; + #endif /* CY_CFG_SYSCLK_FLL_ENABLED */ + + #ifdef CY_CFG_SYSCLK_PLL0_ENABLED + secure_config->pll0Enable = CY_CFG_SYSCLK_PLL0_ENABLED; + #endif /* CY_CFG_SYSCLK_PLL0_ENABLED */ + + #ifdef CY_CFG_SYSCLK_PLL1_ENABLED + secure_config->pll1Enable = CY_CFG_SYSCLK_PLL1_ENABLED; + #endif /* CY_CFG_SYSCLK_PLL1_ENABLED */ + + #ifdef CY_CFG_SYSCLK_CLKPATH0_ENABLED + secure_config->path0Enable = CY_CFG_SYSCLK_CLKPATH0_ENABLED; + #endif /* CY_CFG_SYSCLK_CLKPATH0_ENABLED */ + + #ifdef CY_CFG_SYSCLK_CLKPATH1_ENABLED + secure_config->path1Enable = CY_CFG_SYSCLK_CLKPATH1_ENABLED; + #endif /* CY_CFG_SYSCLK_CLKPATH1_ENABLED */ + + #ifdef CY_CFG_SYSCLK_CLKPATH2_ENABLED + secure_config->path2Enable = CY_CFG_SYSCLK_CLKPATH2_ENABLED; + #endif /* CY_CFG_SYSCLK_CLKPATH2_ENABLED */ + + #ifdef CY_CFG_SYSCLK_CLKPATH3_ENABLED + secure_config->path3Enable = CY_CFG_SYSCLK_CLKPATH3_ENABLED; + #endif /* CY_CFG_SYSCLK_CLKPATH3_ENABLED */ + + #ifdef CY_CFG_SYSCLK_CLKPATH4_ENABLED + secure_config->path4Enable = CY_CFG_SYSCLK_CLKPATH4_ENABLED; + #endif /* CY_CFG_SYSCLK_CLKPATH4_ENABLED */ + + #ifdef CY_CFG_SYSCLK_CLKPATH5_ENABLED + secure_config->path5Enable = CY_CFG_SYSCLK_CLKPATH5_ENABLED; + #endif /* CY_CFG_SYSCLK_CLKPATH5_ENABLED */ + + #ifdef CY_CFG_SYSCLK_CLKFAST_ENABLED + secure_config->clkFastEnable = CY_CFG_SYSCLK_CLKFAST_ENABLED; + #endif /* CY_CFG_SYSCLK_CLKFAST_ENABLED */ + + #ifdef CY_CFG_SYSCLK_CLKPERI_ENABLED + secure_config->clkPeriEnable = CY_CFG_SYSCLK_CLKPERI_ENABLED; + #endif /* CY_CFG_SYSCLK_CLKPERI_ENABLED */ + + #ifdef CY_CFG_SYSCLK_CLKSLOW_ENABLED + secure_config->clkSlowEnable = CY_CFG_SYSCLK_CLKSLOW_ENABLED; + #endif /* CY_CFG_SYSCLK_CLKSLOW_ENABLED */ + + #ifdef CY_CFG_SYSCLK_CLKHF0_ENABLED + secure_config->clkHF0Enable = CY_CFG_SYSCLK_CLKHF0_ENABLED; + #endif /* CY_CFG_SYSCLK_CLKHF0_ENABLED */ + + #ifdef CY_CFG_SYSCLK_CLKHF1_ENABLED + secure_config->clkHF1Enable = CY_CFG_SYSCLK_CLKHF1_ENABLED; + #endif /* CY_CFG_SYSCLK_CLKHF1_ENABLED */ + + #ifdef CY_CFG_SYSCLK_CLKHF2_ENABLED + secure_config->clkHF2Enable = CY_CFG_SYSCLK_CLKHF2_ENABLED; + #endif /* CY_CFG_SYSCLK_CLKHF2_ENABLED */ + + #ifdef CY_CFG_SYSCLK_CLKHF3_ENABLED + secure_config->clkHF3Enable = CY_CFG_SYSCLK_CLKHF3_ENABLED; + #endif /* CY_CFG_SYSCLK_CLKHF3_ENABLED */ + + #ifdef CY_CFG_SYSCLK_CLKHF4_ENABLED + secure_config->clkHF4Enable = CY_CFG_SYSCLK_CLKHF4_ENABLED; + #endif /* CY_CFG_SYSCLK_CLKHF4_ENABLED */ + + #ifdef CY_CFG_SYSCLK_CLKHF5_ENABLED + secure_config->clkHF5Enable = CY_CFG_SYSCLK_CLKHF5_ENABLED; + #endif /* CY_CFG_SYSCLK_CLKHF5_ENABLED */ + + #ifdef CY_CFG_SYSCLK_CLKPUMP_ENABLED + secure_config->clkPumpEnable = CY_CFG_SYSCLK_CLKPUMP_ENABLED; + #endif /* CY_CFG_SYSCLK_CLKPUMP_ENABLED */ + + #ifdef CY_CFG_SYSCLK_CLKLF_ENABLED + secure_config->clkLFEnable = CY_CFG_SYSCLK_CLKLF_ENABLED; + #endif /* CY_CFG_SYSCLK_CLKLF_ENABLED */ + + #ifdef CY_CFG_SYSCLK_CLKBAK_ENABLED + secure_config->clkBakEnable = CY_CFG_SYSCLK_CLKBAK_ENABLED; + #endif /* CY_CFG_SYSCLK_CLKBAK_ENABLED */ + + #ifdef CY_CFG_SYSCLK_CLKTIMER_ENABLED + secure_config->clkTimerEnable = CY_CFG_SYSCLK_CLKTIMER_ENABLED; + #endif /* CY_CFG_SYSCLK_CLKTIMER_ENABLED */ + + #ifdef CY_CFG_SYSCLK_CLKALTSYSTICK_ENABLED + #error Configuration Error : ALT SYSTICK cannot be enabled for Secure devices. + #endif /* CY_CFG_SYSCLK_CLKALTSYSTICK_ENABLED */ + + #ifdef CY_CFG_SYSCLK_PILO_ENABLED + secure_config->piloEnable = CY_CFG_SYSCLK_PILO_ENABLED; + #endif /* CY_CFG_SYSCLK_PILO_ENABLED */ + + #ifdef CY_CFG_SYSCLK_ALTHF_ENABLED + secure_config->clkAltHfEnable = CY_CFG_SYSCLK_ALTHF_ENABLED; + #endif /* CY_CFG_SYSCLK_ALTHF_ENABLED */ + + #ifdef CY_CFG_PWR_LDO_VOLTAGE + secure_config->ldoVoltage = CY_CFG_PWR_LDO_VOLTAGE; + #endif /* CY_CFG_PWR_LDO_VOLTAGE */ + + #ifdef CY_CFG_PWR_REGULATOR_MODE_MIN + secure_config->pwrCurrentModeMin = CY_CFG_PWR_REGULATOR_MODE_MIN; + #endif /* CY_CFG_PWR_REGULATOR_MODE_MIN */ + + #ifdef CY_CFG_PWR_BUCK_VOLTAGE + secure_config->buckVoltage = CY_CFG_PWR_BUCK_VOLTAGE; + #endif /* CY_CFG_PWR_BUCK_VOLTAGE */ + + #ifdef CY_CFG_SYSCLK_ECO_FREQ + secure_config->ecoFreqHz = CY_CFG_SYSCLK_ECO_FREQ; + #endif /* CY_CFG_SYSCLK_ECO_FREQ */ + + #ifdef CY_CFG_SYSCLK_ECO_CLOAD + secure_config->ecoLoad = CY_CFG_SYSCLK_ECO_CLOAD; + #endif /* CY_CFG_SYSCLK_ECO_CLOAD */ + + #ifdef CY_CFG_SYSCLK_ECO_ESR + secure_config->ecoEsr = CY_CFG_SYSCLK_ECO_ESR; + #endif /* CY_CFG_SYSCLK_ECO_ESR */ + + #ifdef CY_CFG_SYSCLK_ECO_DRIVE_LEVEL + secure_config->ecoDriveLevel = CY_CFG_SYSCLK_ECO_DRIVE_LEVEL; + #endif /* CY_CFG_SYSCLK_ECO_DRIVE_LEVEL */ + + #ifdef CY_CFG_SYSCLK_ECO_GPIO_IN_PRT + secure_config->ecoInPort = CY_CFG_SYSCLK_ECO_GPIO_IN_PRT; + #endif /* CY_CFG_SYSCLK_ECO_GPIO_IN_PRT */ + + #ifdef CY_CFG_SYSCLK_ECO_GPIO_OUT_PRT + secure_config->ecoOutPort = CY_CFG_SYSCLK_ECO_GPIO_OUT_PRT; + #endif /* CY_CFG_SYSCLK_ECO_GPIO_OUT_PRT */ + + #ifdef CY_CFG_SYSCLK_ECO_GPIO_IN_PIN + secure_config->ecoInPinNum = CY_CFG_SYSCLK_ECO_GPIO_IN_PIN; + #endif /* CY_CFG_SYSCLK_ECO_GPIO_IN_PIN */ + + #ifdef CY_CFG_SYSCLK_ECO_GPIO_OUT_PIN + secure_config->ecoOutPinNum = CY_CFG_SYSCLK_ECO_GPIO_OUT_PIN; + #endif /* CY_CFG_SYSCLK_ECO_GPIO_OUT_PIN */ + + #ifdef CY_CFG_SYSCLK_EXTCLK_FREQ + secure_config->extClkFreqHz = CY_CFG_SYSCLK_EXTCLK_FREQ; + #endif /* CY_CFG_SYSCLK_EXTCLK_FREQ */ + + #ifdef CY_CFG_SYSCLK_EXTCLK_GPIO_PRT + secure_config->extClkPort = CY_CFG_SYSCLK_EXTCLK_GPIO_PRT; + #endif /* CY_CFG_SYSCLK_EXTCLK_GPIO_PRT */ + + #ifdef CY_CFG_SYSCLK_EXTCLK_GPIO_PIN + secure_config->extClkPinNum = CY_CFG_SYSCLK_EXTCLK_GPIO_PIN; + #endif /* CY_CFG_SYSCLK_EXTCLK_GPIO_PIN */ + + #ifdef CY_CFG_SYSCLK_EXTCLK_GPIO_HSIOM + secure_config->extClkHsiom = CY_CFG_SYSCLK_EXTCLK_GPIO_HSIOM; + #endif /* CY_CFG_SYSCLK_EXTCLK_GPIO_HSIOM */ + + #ifdef CY_CFG_SYSCLK_ILO_HIBERNATE + secure_config->iloHibernateON = CY_CFG_SYSCLK_ILO_HIBERNATE; + #endif /* CY_CFG_SYSCLK_ILO_HIBERNATE */ + + #ifdef CY_CFG_SYSCLK_WCO_BYPASS + secure_config->bypassEnable = CY_CFG_SYSCLK_WCO_BYPASS; + #endif /* CY_CFG_SYSCLK_WCO_BYPASS */ + + #ifdef CY_CFG_SYSCLK_WCO_IN_PRT + secure_config->wcoInPort = CY_CFG_SYSCLK_WCO_IN_PRT; + #endif /* CY_CFG_SYSCLK_WCO_IN_PRT */ + + #ifdef CY_CFG_SYSCLK_WCO_OUT_PRT + secure_config->wcoOutPort = CY_CFG_SYSCLK_WCO_OUT_PRT; + #endif /* CY_CFG_SYSCLK_WCO_OUT_PRT */ + + #ifdef CY_CFG_SYSCLK_WCO_IN_PIN + secure_config->wcoInPinNum = CY_CFG_SYSCLK_WCO_IN_PIN; + #endif /* CY_CFG_SYSCLK_WCO_IN_PIN */ + + #ifdef CY_CFG_SYSCLK_WCO_OUT_PIN + secure_config->wcoOutPinNum = CY_CFG_SYSCLK_WCO_OUT_PIN; + #endif /* CY_CFG_SYSCLK_WCO_OUT_PIN */ + + #ifdef CY_CFG_SYSCLK_FLL_OUT_FREQ + secure_config->fllOutFreqHz = CY_CFG_SYSCLK_FLL_OUT_FREQ; + #endif /* CY_CFG_SYSCLK_FLL_OUT_FREQ */ + + #ifdef CY_CFG_SYSCLK_FLL_MULT + secure_config->fllMult = CY_CFG_SYSCLK_FLL_MULT; + #endif /* CY_CFG_SYSCLK_FLL_MULT */ + + #ifdef CY_CFG_SYSCLK_FLL_REFDIV + secure_config->fllRefDiv = CY_CFG_SYSCLK_FLL_REFDIV; + #endif /* CY_CFG_SYSCLK_FLL_REFDIV */ + + #ifdef CY_CFG_SYSCLK_FLL_CCO_RANGE + secure_config->fllCcoRange = CY_CFG_SYSCLK_FLL_CCO_RANGE; + #endif /* CY_CFG_SYSCLK_FLL_CCO_RANGE */ + + #ifdef CY_CFG_SYSCLK_FLL_ENABLE_OUTDIV + secure_config->enableOutputDiv = CY_CFG_SYSCLK_FLL_ENABLE_OUTDIV; + #endif /* CY_CFG_SYSCLK_FLL_ENABLE_OUTDIV */ + + #ifdef CY_CFG_SYSCLK_FLL_LOCK_TOLERANCE + secure_config->lockTolerance = CY_CFG_SYSCLK_FLL_LOCK_TOLERANCE; + #endif /* CY_CFG_SYSCLK_FLL_LOCK_TOLERANCE */ + + #ifdef CY_CFG_SYSCLK_FLL_IGAIN + secure_config->igain = CY_CFG_SYSCLK_FLL_IGAIN; + #endif /* CY_CFG_SYSCLK_FLL_IGAIN */ + + #ifdef CY_CFG_SYSCLK_FLL_PGAIN + secure_config->pgain = CY_CFG_SYSCLK_FLL_PGAIN; + #endif /* CY_CFG_SYSCLK_FLL_PGAIN */ + + #ifdef CY_CFG_SYSCLK_FLL_SETTLING_COUNT + secure_config->settlingCount = CY_CFG_SYSCLK_FLL_SETTLING_COUNT; + #endif /* CY_CFG_SYSCLK_FLL_SETTLING_COUNT */ + + #ifdef CY_CFG_SYSCLK_FLL_OUTPUT_MODE + secure_config->outputMode = CY_CFG_SYSCLK_FLL_OUTPUT_MODE; + #endif /* CY_CFG_SYSCLK_FLL_OUTPUT_MODE */ + + #ifdef CY_CFG_SYSCLK_FLL_CCO_FREQ + secure_config->ccoFreq = CY_CFG_SYSCLK_FLL_CCO_FREQ; + #endif /* CY_CFG_SYSCLK_FLL_CCO_FREQ */ + + #ifdef CY_CFG_SYSCLK_PLL0_FEEDBACK_DIV + secure_config->pll0FeedbackDiv = CY_CFG_SYSCLK_PLL0_FEEDBACK_DIV; + #endif /* CY_CFG_SYSCLK_PLL0_FEEDBACK_DIV */ + + #ifdef CY_CFG_SYSCLK_PLL0_REFERENCE_DIV + secure_config->pll0ReferenceDiv = CY_CFG_SYSCLK_PLL0_REFERENCE_DIV; + #endif /* CY_CFG_SYSCLK_PLL0_REFERENCE_DIV */ + + #ifdef CY_CFG_SYSCLK_PLL0_OUTPUT_DIV + secure_config->pll0OutputDiv = CY_CFG_SYSCLK_PLL0_OUTPUT_DIV; + #endif /* CY_CFG_SYSCLK_PLL0_OUTPUT_DIV */ + + #ifdef CY_CFG_SYSCLK_PLL0_LF_MODE + secure_config->pll0LfMode = CY_CFG_SYSCLK_PLL0_LF_MODE; + #endif /* CY_CFG_SYSCLK_PLL0_LF_MODE */ + + #ifdef CY_CFG_SYSCLK_PLL0_OUTPUT_MODE + secure_config->pll0OutputMode = CY_CFG_SYSCLK_PLL0_OUTPUT_MODE; + #endif /* CY_CFG_SYSCLK_PLL0_OUTPUT_MODE */ + + #ifdef CY_CFG_SYSCLK_PLL0_OUTPUT_FREQ + secure_config->pll0OutFreqHz = CY_CFG_SYSCLK_PLL0_OUTPUT_FREQ; + #endif /* CY_CFG_SYSCLK_PLL0_OUTPUT_FREQ */ + + #ifdef CY_CFG_SYSCLK_PLL1_FEEDBACK_DIV + secure_config->pll1FeedbackDiv = CY_CFG_SYSCLK_PLL1_FEEDBACK_DIV; + #endif /* CY_CFG_SYSCLK_PLL1_FEEDBACK_DIV */ + + #ifdef CY_CFG_SYSCLK_PLL1_REFERENCE_DIV + secure_config->pll1ReferenceDiv = CY_CFG_SYSCLK_PLL1_REFERENCE_DIV; + #endif /* CY_CFG_SYSCLK_PLL1_REFERENCE_DIV */ + + #ifdef CY_CFG_SYSCLK_PLL1_OUTPUT_DIV + secure_config->pll1OutputDiv = CY_CFG_SYSCLK_PLL1_OUTPUT_DIV; + #endif /* CY_CFG_SYSCLK_PLL1_OUTPUT_DIV */ + + #ifdef CY_CFG_SYSCLK_PLL1_LF_MODE + secure_config->pll1LfMode = CY_CFG_SYSCLK_PLL1_LF_MODE; + #endif /* CY_CFG_SYSCLK_PLL1_LF_MODE */ + + #ifdef CY_CFG_SYSCLK_PLL1_OUTPUT_MODE + secure_config->pll1OutputMode = CY_CFG_SYSCLK_PLL1_OUTPUT_MODE; + #endif /* CY_CFG_SYSCLK_PLL1_OUTPUT_MODE */ + + #ifdef CY_CFG_SYSCLK_PLL1_OUTPUT_FREQ + secure_config->pll1OutFreqHz = CY_CFG_SYSCLK_PLL1_OUTPUT_FREQ; + #endif /* CY_CFG_SYSCLK_PLL1_OUTPUT_FREQ */ + + #ifdef CY_CFG_SYSCLK_CLKPATH0_SOURCE + secure_config->path0Src = CY_CFG_SYSCLK_CLKPATH0_SOURCE; + #endif /* CY_CFG_SYSCLK_CLKPATH0_SOURCE */ + + #ifdef CY_CFG_SYSCLK_CLKPATH1_SOURCE + secure_config->path1Src = CY_CFG_SYSCLK_CLKPATH1_SOURCE; + #endif /* CY_CFG_SYSCLK_CLKPATH1_SOURCE */ + + #ifdef CY_CFG_SYSCLK_CLKPATH2_SOURCE + secure_config->path2Src = CY_CFG_SYSCLK_CLKPATH2_SOURCE; + #endif /* CY_CFG_SYSCLK_CLKPATH2_SOURCE */ + + #ifdef CY_CFG_SYSCLK_CLKPATH3_SOURCE + secure_config->path3Src = CY_CFG_SYSCLK_CLKPATH3_SOURCE; + #endif /* CY_CFG_SYSCLK_CLKPATH3_SOURCE */ + + #ifdef CY_CFG_SYSCLK_CLKPATH4_SOURCE + secure_config->path4Src = CY_CFG_SYSCLK_CLKPATH4_SOURCE; + #endif /* CY_CFG_SYSCLK_CLKPATH4_SOURCE */ + + #ifdef CY_CFG_SYSCLK_CLKPATH5_SOURCE + secure_config->path5Src = CY_CFG_SYSCLK_CLKPATH5_SOURCE; + #endif /* CY_CFG_SYSCLK_CLKPATH5_SOURCE */ + + #ifdef CY_CFG_SYSCLK_CLKFAST_DIVIDER + secure_config->clkFastDiv = CY_CFG_SYSCLK_CLKFAST_DIVIDER; + #endif /* CY_CFG_SYSCLK_CLKFAST_DIVIDER */ + + #ifdef CY_CFG_SYSCLK_CLKPERI_DIVIDER + secure_config->clkPeriDiv = CY_CFG_SYSCLK_CLKPERI_DIVIDER; + #endif /* CY_CFG_SYSCLK_CLKPERI_DIVIDER */ + + #ifdef CY_CFG_SYSCLK_CLKSLOW_DIVIDER + secure_config->clkSlowDiv = CY_CFG_SYSCLK_CLKSLOW_DIVIDER; + #endif /* CY_CFG_SYSCLK_CLKSLOW_DIVIDER */ + + #ifdef CY_CFG_SYSCLK_CLKHF0_CLKPATH + secure_config->hf0Source = CY_CFG_SYSCLK_CLKHF0_CLKPATH; + #endif /* CY_CFG_SYSCLK_CLKHF0_CLKPATH */ + + #ifdef CY_CFG_SYSCLK_CLKHF0_DIVIDER + secure_config->hf0Divider = CY_CFG_SYSCLK_CLKHF0_DIVIDER; + #endif /* CY_CFG_SYSCLK_CLKHF0_DIVIDER */ + + #ifdef CY_CFG_SYSCLK_CLKHF0_FREQ_MHZ + secure_config->hf0OutFreqMHz = CY_CFG_SYSCLK_CLKHF0_FREQ_MHZ; + #endif /* CY_CFG_SYSCLK_CLKHF0_FREQ_MHZ */ + + #ifdef CY_CFG_SYSCLK_CLKHF1_CLKPATH + secure_config->hf1Source = CY_CFG_SYSCLK_CLKHF1_CLKPATH; + #endif /* CY_CFG_SYSCLK_CLKHF1_CLKPATH */ + + #ifdef CY_CFG_SYSCLK_CLKHF1_DIVIDER + secure_config->hf1Divider = CY_CFG_SYSCLK_CLKHF1_DIVIDER; + #endif /* CY_CFG_SYSCLK_CLKHF1_DIVIDER */ + + #ifdef CY_CFG_SYSCLK_CLKHF1_FREQ_MHZ + secure_config->hf1OutFreqMHz = CY_CFG_SYSCLK_CLKHF1_FREQ_MHZ; + #endif /* CY_CFG_SYSCLK_CLKHF1_FREQ_MHZ */ + + #ifdef CY_CFG_SYSCLK_CLKHF2_CLKPATH + secure_config->hf2Source = CY_CFG_SYSCLK_CLKHF2_CLKPATH; + #endif /* CY_CFG_SYSCLK_CLKHF2_CLKPATH */ + + #ifdef CY_CFG_SYSCLK_CLKHF2_DIVIDER + secure_config->hf2Divider = CY_CFG_SYSCLK_CLKHF2_DIVIDER; + #endif /* CY_CFG_SYSCLK_CLKHF2_DIVIDER */ + + #ifdef CY_CFG_SYSCLK_CLKHF2_FREQ_MHZ + secure_config->hf2OutFreqMHz = CY_CFG_SYSCLK_CLKHF2_FREQ_MHZ; + #endif /* CY_CFG_SYSCLK_CLKHF2_FREQ_MHZ */ + + #ifdef CY_CFG_SYSCLK_CLKHF3_CLKPATH + secure_config->hf3Source = CY_CFG_SYSCLK_CLKHF3_CLKPATH; + #endif /* CY_CFG_SYSCLK_CLKHF3_CLKPATH */ + + #ifdef CY_CFG_SYSCLK_CLKHF3_DIVIDER + secure_config->hf3Divider = CY_CFG_SYSCLK_CLKHF3_DIVIDER; + #endif /* CY_CFG_SYSCLK_CLKHF3_DIVIDER */ + + #ifdef CY_CFG_SYSCLK_CLKHF3_FREQ_MHZ + secure_config->hf3OutFreqMHz = CY_CFG_SYSCLK_CLKHF3_FREQ_MHZ; + #endif /* CY_CFG_SYSCLK_CLKHF3_FREQ_MHZ */ + + #ifdef CY_CFG_SYSCLK_CLKHF4_CLKPATH + secure_config->hf4Source = CY_CFG_SYSCLK_CLKHF4_CLKPATH; + #endif /* CY_CFG_SYSCLK_CLKHF4_CLKPATH */ + + #ifdef CY_CFG_SYSCLK_CLKHF4_DIVIDER + secure_config->hf4Divider = CY_CFG_SYSCLK_CLKHF4_DIVIDER; + #endif /* CY_CFG_SYSCLK_CLKHF4_DIVIDER */ + + #ifdef CY_CFG_SYSCLK_CLKHF4_FREQ_MHZ + secure_config->hf4OutFreqMHz = CY_CFG_SYSCLK_CLKHF4_FREQ_MHZ; + #endif /* CY_CFG_SYSCLK_CLKHF4_FREQ_MHZ */ + + #ifdef CY_CFG_SYSCLK_CLKHF5_CLKPATH + secure_config->hf5Source = CY_CFG_SYSCLK_CLKHF5_CLKPATH; + #endif /* CY_CFG_SYSCLK_CLKHF5_CLKPATH */ + + #ifdef CY_CFG_SYSCLK_CLKHF5_DIVIDER + secure_config->hf5Divider = CY_CFG_SYSCLK_CLKHF5_DIVIDER; + #endif /* CY_CFG_SYSCLK_CLKHF5_DIVIDER */ + + #ifdef CY_CFG_SYSCLK_CLKHF5_FREQ_MHZ + secure_config->hf5OutFreqMHz = CY_CFG_SYSCLK_CLKHF5_FREQ_MHZ; + #endif /* CY_CFG_SYSCLK_CLKHF5_FREQ_MHZ */ + + #ifdef CY_CFG_SYSCLK_CLKPUMP_SOURCE + secure_config->pumpSource = CY_CFG_SYSCLK_CLKPUMP_SOURCE; + #endif /* CY_CFG_SYSCLK_CLKPUMP_SOURCE */ + + #ifdef CY_CFG_SYSCLK_CLKPUMP_DIVIDER + secure_config->pumpDivider = CY_CFG_SYSCLK_CLKPUMP_DIVIDER; + #endif /* CY_CFG_SYSCLK_CLKPUMP_DIVIDER */ + + #ifdef CY_CFG_SYSCLK_CLKLF_SOURCE + secure_config->clkLfSource = CY_CFG_SYSCLK_CLKLF_SOURCE; + #endif /* CY_CFG_SYSCLK_CLKLF_SOURCE */ + + #ifdef CY_CFG_SYSCLK_CLKBAK_SOURCE + secure_config->clkBakSource = CY_CFG_SYSCLK_CLKBAK_SOURCE; + #endif /* CY_CFG_SYSCLK_CLKBAK_SOURCE */ + + #ifdef CY_CFG_SYSCLK_CLKTIMER_SOURCE + secure_config->clkTimerSource = CY_CFG_SYSCLK_CLKTIMER_SOURCE; + #endif /* CY_CFG_SYSCLK_CLKTIMER_SOURCE */ + + #ifdef CY_CFG_SYSCLK_CLKTIMER_DIVIDER + secure_config->clkTimerDivider = CY_CFG_SYSCLK_CLKTIMER_DIVIDER; + #endif /* CY_CFG_SYSCLK_CLKTIMER_DIVIDER */ + + #ifdef CY_CFG_SYSCLK_CLKALTSYSTICK_SOURCE + secure_config->clkSrcAltSysTick = CY_CFG_SYSCLK_CLKALTSYSTICK_SOURCE; + #endif /* CY_CFG_SYSCLK_CLKALTSYSTICK_SOURCE */ + + #ifdef CY_CFG_SYSCLK_ALTHF_BLE_ECO_CLOAD + secure_config->altHFcLoad = CY_CFG_SYSCLK_ALTHF_BLE_ECO_CLOAD; + #endif /* CY_CFG_SYSCLK_ALTHF_BLE_ECO_CLOAD */ + + #ifdef CY_CFG_SYSCLK_ALTHF_BLE_ECO_TIME + secure_config->altHFxtalStartUpTime = CY_CFG_SYSCLK_ALTHF_BLE_ECO_TIME; + #endif /* CY_CFG_SYSCLK_ALTHF_BLE_ECO_TIME */ + + #ifdef CY_CFG_SYSCLK_ALTHF_BLE_ECO_FREQ + secure_config->altHFfreq = CY_CFG_SYSCLK_ALTHF_BLE_ECO_FREQ; + #endif /* CY_CFG_SYSCLK_ALTHF_BLE_ECO_FREQ */ + + #ifdef CY_CFG_SYSCLK_ALTHF_BLE_ECO_CLK_DIV + secure_config->altHFsysClkDiv = CY_CFG_SYSCLK_ALTHF_BLE_ECO_CLK_DIV; + #endif /* CY_CFG_SYSCLK_ALTHF_BLE_ECO_CLK_DIV */ + + #ifdef CY_CFG_SYSCLK_ALTHF_BLE_ECO_VOL_REGULATOR + secure_config->altHFvoltageReg = CY_CFG_SYSCLK_ALTHF_BLE_ECO_VOL_REGULATOR; + #endif /* CY_CFG_SYSCLK_ALTHF_BLE_ECO_VOL_REGULATOR */ + } +#endif //defined (CY_DEVICE_SECURE) && (CY_CPU_CORTEX_M4) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + __STATIC_INLINE void Cy_SysClk_ClkBakInit() + { + Cy_SysClk_ClkBakSetSource(CY_SYSCLK_BAK_IN_CLKLF); + } +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + __STATIC_INLINE void Cy_SysClk_ClkFastInit() + { + Cy_SysClk_ClkFastSetDivider(0U); + } +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + __STATIC_INLINE void Cy_SysClk_FllInit() + { + if (CY_SYSCLK_SUCCESS != Cy_SysClk_FllManualConfigure(&srss_0_clock_0_fll_0_fllConfig)) + { + cycfg_ClockStartupError(CY_CFG_SYSCLK_FLL_ERROR); + } + if (CY_SYSCLK_SUCCESS != Cy_SysClk_FllEnable(200000UL)) + { + cycfg_ClockStartupError(CY_CFG_SYSCLK_FLL_ERROR); + } + } +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + __STATIC_INLINE void Cy_SysClk_ClkHf0Init() + { + Cy_SysClk_ClkHfSetSource(0U, CY_CFG_SYSCLK_CLKHF0_CLKPATH); + Cy_SysClk_ClkHfSetDivider(0U, CY_SYSCLK_CLKHF_NO_DIVIDE); + } +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + __STATIC_INLINE void Cy_SysClk_ClkHf2Init() + { + Cy_SysClk_ClkHfSetSource(CY_CFG_SYSCLK_CLKHF2, CY_CFG_SYSCLK_CLKHF2_CLKPATH); + Cy_SysClk_ClkHfSetDivider(CY_CFG_SYSCLK_CLKHF2, CY_SYSCLK_CLKHF_DIVIDE_BY_2); + Cy_SysClk_ClkHfEnable(CY_CFG_SYSCLK_CLKHF2); + } +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + __STATIC_INLINE void Cy_SysClk_ClkHf3Init() + { + Cy_SysClk_ClkHfSetSource(CY_CFG_SYSCLK_CLKHF3, CY_CFG_SYSCLK_CLKHF3_CLKPATH); + Cy_SysClk_ClkHfSetDivider(CY_CFG_SYSCLK_CLKHF3, CY_SYSCLK_CLKHF_NO_DIVIDE); + Cy_SysClk_ClkHfEnable(CY_CFG_SYSCLK_CLKHF3); + } +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + __STATIC_INLINE void Cy_SysClk_ClkHf4Init() + { + Cy_SysClk_ClkHfSetSource(CY_CFG_SYSCLK_CLKHF4, CY_CFG_SYSCLK_CLKHF4_CLKPATH); + Cy_SysClk_ClkHfSetDivider(CY_CFG_SYSCLK_CLKHF4, CY_SYSCLK_CLKHF_NO_DIVIDE); + Cy_SysClk_ClkHfEnable(CY_CFG_SYSCLK_CLKHF4); + } +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + __STATIC_INLINE void Cy_SysClk_IloInit() + { + /* The WDT is unlocked in the default startup code */ + Cy_SysClk_IloEnable(); + Cy_SysClk_IloHibernateOn(true); + } +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + __STATIC_INLINE void Cy_SysClk_ClkLfInit() + { + /* The WDT is unlocked in the default startup code */ + Cy_SysClk_ClkLfSetSource(CY_SYSCLK_CLKLF_IN_WCO); + } +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + __STATIC_INLINE void Cy_SysClk_ClkPath0Init() + { + Cy_SysClk_ClkPathSetSource(0U, CY_CFG_SYSCLK_CLKPATH0_SOURCE); + } +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + __STATIC_INLINE void Cy_SysClk_ClkPath1Init() + { + Cy_SysClk_ClkPathSetSource(1U, CY_CFG_SYSCLK_CLKPATH1_SOURCE); + } +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + __STATIC_INLINE void Cy_SysClk_ClkPath2Init() + { + Cy_SysClk_ClkPathSetSource(2U, CY_CFG_SYSCLK_CLKPATH2_SOURCE); + } +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + __STATIC_INLINE void Cy_SysClk_ClkPeriInit() + { + Cy_SysClk_ClkPeriSetDivider(0U); + } +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + __STATIC_INLINE void Cy_SysClk_Pll0Init() + { + if (CY_SYSCLK_SUCCESS != Cy_SysClk_PllManualConfigure(1U, &srss_0_clock_0_pll_0_pllConfig)) + { + cycfg_ClockStartupError(CY_CFG_SYSCLK_PLL_ERROR); + } + if (CY_SYSCLK_SUCCESS != Cy_SysClk_PllEnable(1U, 10000u)) + { + cycfg_ClockStartupError(CY_CFG_SYSCLK_PLL_ERROR); + } + } +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + __STATIC_INLINE void Cy_SysClk_Pll1Init() + { + if (CY_SYSCLK_SUCCESS != Cy_SysClk_PllManualConfigure(2U, &srss_0_clock_0_pll_1_pllConfig)) + { + cycfg_ClockStartupError(CY_CFG_SYSCLK_PLL_ERROR); + } + if (CY_SYSCLK_SUCCESS != Cy_SysClk_PllEnable(2U, 10000u)) + { + cycfg_ClockStartupError(CY_CFG_SYSCLK_PLL_ERROR); + } + } +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + __STATIC_INLINE void Cy_SysClk_ClkSlowInit() + { + Cy_SysClk_ClkSlowSetDivider(0U); + } +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + __STATIC_INLINE void Cy_SysClk_ClkTimerInit() + { + Cy_SysClk_ClkTimerDisable(); + Cy_SysClk_ClkTimerSetSource(CY_SYSCLK_CLKTIMER_IN_IMO); + Cy_SysClk_ClkTimerSetDivider(0U); + Cy_SysClk_ClkTimerEnable(); + } +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + __STATIC_INLINE void Cy_SysClk_WcoInit() + { + (void)Cy_GPIO_Pin_FastInit(GPIO_PRT0, 0U, 0x00U, 0x00U, HSIOM_SEL_GPIO); + (void)Cy_GPIO_Pin_FastInit(GPIO_PRT0, 1U, 0x00U, 0x00U, HSIOM_SEL_GPIO); + if (CY_SYSCLK_SUCCESS != Cy_SysClk_WcoEnable(1000000UL)) + { + cycfg_ClockStartupError(CY_CFG_SYSCLK_WCO_ERROR); + } + } +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) +#if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + __STATIC_INLINE void init_cycfg_power(void) + { + /* Reset the Backup domain on POR, XRES, BOD only if Backup domain is supplied by VDDD */ + #if (CY_CFG_PWR_VBACKUP_USING_VDDD) + #ifdef CY_CFG_SYSCLK_ILO_ENABLED + if (0u == Cy_SysLib_GetResetReason() /* POR, XRES, or BOD */) + { + Cy_SysLib_ResetBackupDomain(); + Cy_SysClk_IloDisable(); + Cy_SysClk_IloInit(); + } + #endif /* CY_CFG_SYSCLK_ILO_ENABLED */ + #endif /* CY_CFG_PWR_VBACKUP_USING_VDDD */ + /* Configure core regulator */ + #if !((CY_CPU_CORTEX_M4) && (defined(CY_DEVICE_SECURE))) + #if CY_CFG_PWR_USING_LDO + Cy_SysPm_LdoSetVoltage(CY_SYSPM_LDO_VOLTAGE_LP); + #else + Cy_SysPm_BuckEnable(CY_SYSPM_BUCK_OUT1_VOLTAGE_LP); + #endif /* CY_CFG_PWR_USING_LDO */ + #if CY_CFG_PWR_REGULATOR_MODE_MIN + Cy_SysPm_SystemSetMinRegulatorCurrent(); + #else + Cy_SysPm_SystemSetNormalRegulatorCurrent(); + #endif /* CY_CFG_PWR_REGULATOR_MODE_MIN */ + #endif /* !((CY_CPU_CORTEX_M4) && (defined(CY_DEVICE_SECURE))) */ + /* Configure PMIC */ + Cy_SysPm_UnlockPmic(); + #if CY_CFG_PWR_USING_PMIC + Cy_SysPm_PmicEnableOutput(); + #else + Cy_SysPm_PmicDisableOutput(); + #endif /* CY_CFG_PWR_USING_PMIC */ + } +#endif //((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + + +void init_cycfg_system(void) +{ + #if ((CY_CPU_CORTEX_M4) && (defined(CY_DEVICE_SECURE))) + cy_en_pra_status_t configStatus; + init_cycfg_secure_struct(&srss_0_clock_0_secureConfig); + #if ((CY_CFG_SYSCLK_CLKPATH0_SOURCE_NUM != 0UL) && (CY_CFG_SYSCLK_CLKHF0_CLKPATH_NUM == 0UL)) + #error Configuration Error : ECO, WCO, ALTHF, EXTCLK, ILO, PILO cannot drive HF0. + #endif + #if ((CY_CFG_SYSCLK_CLKPATH1_SOURCE_NUM != 0UL) && (CY_CFG_SYSCLK_CLKHF0_CLKPATH_NUM == 1UL)) + #error Configuration Error : ECO, WCO, ALTHF, EXTCLK, ILO, PILO cannot drive HF0. + #endif + #if ((CY_CFG_SYSCLK_CLKPATH2_SOURCE_NUM != 0UL) && (CY_CFG_SYSCLK_CLKHF0_CLKPATH_NUM == 2UL)) + #error Configuration Error : ECO, WCO, ALTHF, EXTCLK, ILO, PILO cannot drive HF0. + #endif + #if ((CY_CFG_SYSCLK_CLKPATH3_SOURCE_NUM != 0UL) && (CY_CFG_SYSCLK_CLKHF0_CLKPATH_NUM == 3UL)) + #error Configuration Error : ECO, WCO, ALTHF, EXTCLK, ILO, PILO cannot drive HF0. + #endif + #if ((CY_CFG_SYSCLK_CLKPATH4_SOURCE_NUM != 0UL) && (CY_CFG_SYSCLK_CLKHF0_CLKPATH_NUM == 4UL)) + #error Configuration Error : ECO, WCO, ALTHF, EXTCLK, ILO, PILO cannot drive HF0. + #endif + #if ((CY_CFG_SYSCLK_CLKPATH5_SOURCE_NUM != 0UL) && (CY_CFG_SYSCLK_CLKHF0_CLKPATH_NUM == 5UL)) + #error Configuration Error : ECO, WCO, ALTHF, EXTCLK, ILO, PILO cannot drive HF0. + #endif + + configStatus = CY_PRA_FUNCTION_CALL_RETURN_PARAM(CY_PRA_MSG_TYPE_SYS_CFG_FUNC, + CY_PRA_FUNC_INIT_CYCFG_DEVICE, + &srss_0_clock_0_secureConfig); + if ( configStatus != CY_PRA_STATUS_SUCCESS ) + { + cycfg_ClockStartupError(configStatus); + } + + #ifdef CY_CFG_SYSCLK_EXTCLK_FREQ + Cy_SysClk_ExtClkSetFrequency(CY_CFG_SYSCLK_EXTCLK_FREQ); + #endif /* CY_CFG_SYSCLK_EXTCLK_FREQ */ + #else /* ((CY_CPU_CORTEX_M4) && (defined(CY_DEVICE_SECURE))) */ + + /* Set worst case memory wait states (! ultra low power, 150 MHz), will update at the end */ + Cy_SysLib_SetWaitStates(false, 150UL); + #ifdef CY_CFG_PWR_ENABLED + #ifdef CY_CFG_PWR_INIT + init_cycfg_power(); + #else + #warning Power system will not be configured. Update power personality to v1.20 or later. + #endif /* CY_CFG_PWR_INIT */ + #endif /* CY_CFG_PWR_ENABLED */ + + /* Reset the core clock path to default and disable all the FLLs/PLLs */ + Cy_SysClk_ClkHfSetDivider(0U, CY_SYSCLK_CLKHF_NO_DIVIDE); + Cy_SysClk_ClkFastSetDivider(0U); + Cy_SysClk_ClkPeriSetDivider(1U); + Cy_SysClk_ClkSlowSetDivider(0U); + for (uint32_t pll = CY_SRSS_NUM_PLL; pll > 0UL; --pll) /* PLL 1 is the first PLL. 0 is invalid. */ + { + (void)Cy_SysClk_PllDisable(pll); + } + Cy_SysClk_ClkPathSetSource(CY_SYSCLK_CLKHF_IN_CLKPATH1, CY_SYSCLK_CLKPATH_IN_IMO); + + if ((CY_SYSCLK_CLKHF_IN_CLKPATH0 == Cy_SysClk_ClkHfGetSource(0UL)) && + (CY_SYSCLK_CLKPATH_IN_WCO == Cy_SysClk_ClkPathGetSource(CY_SYSCLK_CLKHF_IN_CLKPATH0))) + { + Cy_SysClk_ClkHfSetSource(0U, CY_SYSCLK_CLKHF_IN_CLKPATH1); + } + + Cy_SysClk_FllDisable(); + Cy_SysClk_ClkPathSetSource(CY_SYSCLK_CLKHF_IN_CLKPATH0, CY_SYSCLK_CLKPATH_IN_IMO); + Cy_SysClk_ClkHfSetSource(0UL, CY_SYSCLK_CLKHF_IN_CLKPATH0); + #ifdef CY_IP_MXBLESS + (void)Cy_BLE_EcoReset(); + #endif + + + /* Enable all source clocks */ + #ifdef CY_CFG_SYSCLK_PILO_ENABLED + Cy_SysClk_PiloInit(); + #endif + + #ifdef CY_CFG_SYSCLK_WCO_ENABLED + Cy_SysClk_WcoInit(); + #endif + + #ifdef CY_CFG_SYSCLK_CLKLF_ENABLED + Cy_SysClk_ClkLfInit(); + #endif + + #ifdef CY_CFG_SYSCLK_ALTHF_ENABLED + Cy_SysClk_AltHfInit(); + #endif + + #ifdef CY_CFG_SYSCLK_ECO_ENABLED + Cy_SysClk_EcoInit(); + #endif + + #ifdef CY_CFG_SYSCLK_EXTCLK_ENABLED + Cy_SysClk_ExtClkInit(); + #endif + + /* Configure CPU clock dividers */ + #ifdef CY_CFG_SYSCLK_CLKFAST_ENABLED + Cy_SysClk_ClkFastInit(); + #endif + + #ifdef CY_CFG_SYSCLK_CLKPERI_ENABLED + Cy_SysClk_ClkPeriInit(); + #endif + + #ifdef CY_CFG_SYSCLK_CLKSLOW_ENABLED + Cy_SysClk_ClkSlowInit(); + #endif + + #if ((CY_CFG_SYSCLK_CLKPATH0_SOURCE_NUM == 0x6UL) && (CY_CFG_SYSCLK_CLKHF0_CLKPATH_NUM == 0U)) + /* Configure HFCLK0 to temporarily run from IMO to initialize other clocks */ + Cy_SysClk_ClkPathSetSource(1UL, CY_SYSCLK_CLKPATH_IN_IMO); + Cy_SysClk_ClkHfSetSource(0UL, CY_SYSCLK_CLKHF_IN_CLKPATH1); + #else + #ifdef CY_CFG_SYSCLK_CLKPATH1_ENABLED + Cy_SysClk_ClkPath1Init(); + #endif + #endif + + /* Configure Path Clocks */ + #ifdef CY_CFG_SYSCLK_CLKPATH0_ENABLED + Cy_SysClk_ClkPath0Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKPATH2_ENABLED + Cy_SysClk_ClkPath2Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKPATH3_ENABLED + Cy_SysClk_ClkPath3Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKPATH4_ENABLED + Cy_SysClk_ClkPath4Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKPATH5_ENABLED + Cy_SysClk_ClkPath5Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKPATH6_ENABLED + Cy_SysClk_ClkPath6Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKPATH7_ENABLED + Cy_SysClk_ClkPath7Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKPATH8_ENABLED + Cy_SysClk_ClkPath8Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKPATH9_ENABLED + Cy_SysClk_ClkPath9Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKPATH10_ENABLED + Cy_SysClk_ClkPath10Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKPATH11_ENABLED + Cy_SysClk_ClkPath11Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKPATH12_ENABLED + Cy_SysClk_ClkPath12Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKPATH13_ENABLED + Cy_SysClk_ClkPath13Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKPATH14_ENABLED + Cy_SysClk_ClkPath14Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKPATH15_ENABLED + Cy_SysClk_ClkPath15Init(); + #endif + + /* Configure and enable FLL */ + #ifdef CY_CFG_SYSCLK_FLL_ENABLED + Cy_SysClk_FllInit(); + #endif + + Cy_SysClk_ClkHf0Init(); + + #if ((CY_CFG_SYSCLK_CLKPATH0_SOURCE_NUM == 0x6UL) && (CY_CFG_SYSCLK_CLKHF0_CLKPATH_NUM == 0U)) + #ifdef CY_CFG_SYSCLK_CLKPATH1_ENABLED + /* Apply the ClkPath1 user setting */ + Cy_SysClk_ClkPath1Init(); + #endif + #endif + + /* Configure and enable PLLs */ + #ifdef CY_CFG_SYSCLK_PLL0_ENABLED + Cy_SysClk_Pll0Init(); + #endif + #ifdef CY_CFG_SYSCLK_PLL1_ENABLED + Cy_SysClk_Pll1Init(); + #endif + #ifdef CY_CFG_SYSCLK_PLL2_ENABLED + Cy_SysClk_Pll2Init(); + #endif + #ifdef CY_CFG_SYSCLK_PLL3_ENABLED + Cy_SysClk_Pll3Init(); + #endif + #ifdef CY_CFG_SYSCLK_PLL4_ENABLED + Cy_SysClk_Pll4Init(); + #endif + #ifdef CY_CFG_SYSCLK_PLL5_ENABLED + Cy_SysClk_Pll5Init(); + #endif + #ifdef CY_CFG_SYSCLK_PLL6_ENABLED + Cy_SysClk_Pll6Init(); + #endif + #ifdef CY_CFG_SYSCLK_PLL7_ENABLED + Cy_SysClk_Pll7Init(); + #endif + #ifdef CY_CFG_SYSCLK_PLL8_ENABLED + Cy_SysClk_Pll8Init(); + #endif + #ifdef CY_CFG_SYSCLK_PLL9_ENABLED + Cy_SysClk_Pll9Init(); + #endif + #ifdef CY_CFG_SYSCLK_PLL10_ENABLED + Cy_SysClk_Pll10Init(); + #endif + #ifdef CY_CFG_SYSCLK_PLL11_ENABLED + Cy_SysClk_Pll11Init(); + #endif + #ifdef CY_CFG_SYSCLK_PLL12_ENABLED + Cy_SysClk_Pll12Init(); + #endif + #ifdef CY_CFG_SYSCLK_PLL13_ENABLED + Cy_SysClk_Pll13Init(); + #endif + #ifdef CY_CFG_SYSCLK_PLL14_ENABLED + Cy_SysClk_Pll14Init(); + #endif + + /* Configure HF clocks */ + #ifdef CY_CFG_SYSCLK_CLKHF1_ENABLED + Cy_SysClk_ClkHf1Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKHF2_ENABLED + Cy_SysClk_ClkHf2Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKHF3_ENABLED + Cy_SysClk_ClkHf3Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKHF4_ENABLED + Cy_SysClk_ClkHf4Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKHF5_ENABLED + Cy_SysClk_ClkHf5Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKHF6_ENABLED + Cy_SysClk_ClkHf6Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKHF7_ENABLED + Cy_SysClk_ClkHf7Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKHF8_ENABLED + Cy_SysClk_ClkHf8Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKHF9_ENABLED + Cy_SysClk_ClkHf9Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKHF10_ENABLED + Cy_SysClk_ClkHf10Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKHF11_ENABLED + Cy_SysClk_ClkHf11Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKHF12_ENABLED + Cy_SysClk_ClkHf12Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKHF13_ENABLED + Cy_SysClk_ClkHf13Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKHF14_ENABLED + Cy_SysClk_ClkHf14Init(); + #endif + #ifdef CY_CFG_SYSCLK_CLKHF15_ENABLED + Cy_SysClk_ClkHf15Init(); + #endif + + /* Configure miscellaneous clocks */ + #ifdef CY_CFG_SYSCLK_CLKTIMER_ENABLED + Cy_SysClk_ClkTimerInit(); + #endif + + #ifdef CY_CFG_SYSCLK_CLKALTSYSTICK_ENABLED + Cy_SysClk_ClkAltSysTickInit(); + #endif + + #ifdef CY_CFG_SYSCLK_CLKPUMP_ENABLED + Cy_SysClk_ClkPumpInit(); + #endif + + #ifdef CY_CFG_SYSCLK_CLKBAK_ENABLED + Cy_SysClk_ClkBakInit(); + #endif + + /* Configure default enabled clocks */ + #ifdef CY_CFG_SYSCLK_ILO_ENABLED + Cy_SysClk_IloInit(); + #endif + + #ifndef CY_CFG_SYSCLK_IMO_ENABLED + #error the IMO must be enabled for proper chip operation + #endif + + #endif /* ((CY_CPU_CORTEX_M4) && (defined(CY_DEVICE_SECURE))) */ + + #ifdef CY_CFG_SYSCLK_MFO_ENABLED + Cy_SysClk_MfoInit(); + #endif + + #ifdef CY_CFG_SYSCLK_CLKMF_ENABLED + Cy_SysClk_ClkMfInit(); + #endif + + #if ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) + /* Set accurate flash wait states */ + #if (defined (CY_CFG_PWR_ENABLED) && defined (CY_CFG_SYSCLK_CLKHF0_ENABLED)) + Cy_SysLib_SetWaitStates(CY_CFG_PWR_USING_ULP != 0, CY_CFG_SYSCLK_CLKHF0_FREQ_MHZ); + #endif + + /* Update System Core Clock values for correct Cy_SysLib_Delay functioning */ + SystemCoreClockUpdate(); + #ifndef CY_CFG_SYSCLK_ILO_ENABLED + #ifdef CY_CFG_SYSCLK_CLKLF_ENABLED + /* Wait 4 ILO cycles in case of unfinished CLKLF clock source transition */ + Cy_SysLib_DelayUs(200U); + #endif + Cy_SysClk_IloDisable(); + Cy_SysClk_IloHibernateOn(false); + #endif + + #endif /* ((!CY_CPU_CORTEX_M4) || (!defined(CY_DEVICE_SECURE))) */ + + +#if defined (CY_USING_HAL) + cyhal_hwmgr_reserve(&srss_0_clock_0_pathmux_0_obj); +#endif //defined (CY_USING_HAL) + +#if defined (CY_USING_HAL) + cyhal_hwmgr_reserve(&srss_0_clock_0_pathmux_1_obj); +#endif //defined (CY_USING_HAL) + +#if defined (CY_USING_HAL) + cyhal_hwmgr_reserve(&srss_0_clock_0_pathmux_2_obj); +#endif //defined (CY_USING_HAL) +} diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_system.h b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_system.h new file mode 100755 index 0000000..f3c1c94 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/cycfg_system.h @@ -0,0 +1,109 @@ +/******************************************************************************* +* File Name: cycfg_system.h +* +* Description: +* System configuration +* This file was automatically generated and should not be modified. +* cfg-backend-cli: 1.2.0.1483 +* Device Support Library (libs/psoc6pdl): 1.6.0.4266 +* +******************************************************************************** +* Copyright 2017-2019 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +********************************************************************************/ + +#if !defined(CYCFG_SYSTEM_H) +#define CYCFG_SYSTEM_H + +#include "cycfg_notices.h" +#include "cy_sysclk.h" +#include "cy_pra.h" +#include "cy_pra_cfg.h" +#if defined (CY_USING_HAL) + #include "cyhal_hwmgr.h" +#endif //defined (CY_USING_HAL) +#include "cy_gpio.h" +#include "cy_syspm.h" + +#if defined(__cplusplus) +extern "C" { +#endif + +#define cpuss_0_dap_0_ENABLED 1U +#define srss_0_clock_0_ENABLED 1U +#define srss_0_clock_0_bakclk_0_ENABLED 1U +#define srss_0_clock_0_fastclk_0_ENABLED 1U +#define srss_0_clock_0_fll_0_ENABLED 1U +#define srss_0_clock_0_hfclk_0_ENABLED 1U +#define CY_CFG_SYSCLK_CLKHF0 0UL +#define CY_CFG_SYSCLK_CLKHF0_CLKPATH_NUM 0UL +#define srss_0_clock_0_hfclk_2_ENABLED 1U +#define CY_CFG_SYSCLK_CLKHF2 2UL +#define CY_CFG_SYSCLK_CLKHF2_CLKPATH_NUM 0UL +#define srss_0_clock_0_hfclk_3_ENABLED 1U +#define CY_CFG_SYSCLK_CLKHF3 3UL +#define CY_CFG_SYSCLK_CLKHF3_CLKPATH_NUM 0UL +#define srss_0_clock_0_hfclk_4_ENABLED 1U +#define CY_CFG_SYSCLK_CLKHF4 4UL +#define CY_CFG_SYSCLK_CLKHF4_CLKPATH_NUM 0UL +#define srss_0_clock_0_ilo_0_ENABLED 1U +#define srss_0_clock_0_imo_0_ENABLED 1U +#define srss_0_clock_0_lfclk_0_ENABLED 1U +#define CY_CFG_SYSCLK_CLKLF_FREQ_HZ 32768 +#define CY_CFG_SYSCLK_CLKLF_SOURCE CY_SYSCLK_CLKLF_IN_WCO +#define srss_0_clock_0_pathmux_0_ENABLED 1U +#define srss_0_clock_0_pathmux_1_ENABLED 1U +#define srss_0_clock_0_pathmux_2_ENABLED 1U +#define srss_0_clock_0_periclk_0_ENABLED 1U +#define srss_0_clock_0_pll_0_ENABLED 1U +#define srss_0_clock_0_pll_1_ENABLED 1U +#define srss_0_clock_0_slowclk_0_ENABLED 1U +#define srss_0_clock_0_timerclk_0_ENABLED 1U +#define srss_0_clock_0_wco_0_ENABLED 1U +#define srss_0_power_0_ENABLED 1U +#define CY_CFG_PWR_MODE_LP 0x01UL +#define CY_CFG_PWR_MODE_ULP 0x02UL +#define CY_CFG_PWR_MODE_ACTIVE 0x04UL +#define CY_CFG_PWR_MODE_SLEEP 0x08UL +#define CY_CFG_PWR_MODE_DEEPSLEEP 0x10UL +#define CY_CFG_PWR_SYS_IDLE_MODE CY_CFG_PWR_MODE_DEEPSLEEP +#define CY_CFG_PWR_SYS_ACTIVE_MODE CY_CFG_PWR_MODE_LP +#define CY_CFG_PWR_DEEPSLEEP_LATENCY 0UL +#define CY_CFG_PWR_USING_LDO 1 +#define CY_CFG_PWR_VDDA_MV 3300 +#define CY_CFG_PWR_VDDD_MV 3300 +#define CY_CFG_PWR_VBACKUP_MV 3300 +#define CY_CFG_PWR_VDD_NS_MV 3300 +#define CY_CFG_PWR_VDDIO0_MV 3300 +#define CY_CFG_PWR_VDDIO1_MV 3300 + +#if defined (CY_USING_HAL) + extern const cyhal_resource_inst_t srss_0_clock_0_pathmux_0_obj; +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + extern const cyhal_resource_inst_t srss_0_clock_0_pathmux_1_obj; +#endif //defined (CY_USING_HAL) +#if defined (CY_USING_HAL) + extern const cyhal_resource_inst_t srss_0_clock_0_pathmux_2_obj; +#endif //defined (CY_USING_HAL) + +void init_cycfg_system(void); + +#if defined(__cplusplus) +} +#endif + + +#endif /* CYCFG_SYSTEM_H */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/qspi_config.cfg b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/qspi_config.cfg new file mode 100755 index 0000000..909b041 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/GeneratedSource/qspi_config.cfg @@ -0,0 +1,3 @@ +set SMIF_BANKS { + 0 {addr 0x18000000 size 0x4000000 psize 0x00000200 esize 0x00040000} +} diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/cyreservedresources.list b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/cyreservedresources.list new file mode 100755 index 0000000..47fe487 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/cyreservedresources.list @@ -0,0 +1,20 @@ +[Device=CYB0644ABZI-S2D44] + +[Blocks] +# WIFI +# CYBSP_WIFI_SDIO +sdhc[0] +# CYBSP_WIFI_SDIO_D0 +ioss[0].port[2].pin[0] +# CYBSP_WIFI_SDIO_D1 +ioss[0].port[2].pin[1] +# CYBSP_WIFI_SDIO_D2 +ioss[0].port[2].pin[2] +# CYBSP_WIFI_SDIO_D3 +ioss[0].port[2].pin[3] +# CYBSP_WIFI_SDIO_CMD +ioss[0].port[2].pin[4] +# CYBSP_WIFI_SDIO_CLK +ioss[0].port[2].pin[5] +# CYBSP_WIFI_WL_REG_ON +ioss[0].port[2].pin[6] \ No newline at end of file diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/design.cycapsense b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/design.cycapsense new file mode 100755 index 0000000..978ea02 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/design.cycapsense @@ -0,0 +1,402 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/design.cyqspi b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/design.cyqspi new file mode 100755 index 0000000..58e8231 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/design.cyqspi @@ -0,0 +1,63 @@ + + + + PSoC 6.xml + + + 0 + S25FL512S-4byteaddr + true + None + 0x18000000 + 0x4000000 + 0x1BFFFFFF + true + false + QUAD_SPI_DATA_0_3 + S25FL512S-4byteaddr + true + + + 1 + Not used + false + None + 0x18010000 + 0x10000 + 0x1801FFFF + false + false + SPI_MOSI_MISO_DATA_0_1 + default_memory.xml + false + + + 2 + Not used + false + None + 0x18020000 + 0x10000 + 0x1802FFFF + false + false + SPI_MOSI_MISO_DATA_0_1 + default_memory.xml + false + + + 3 + Not used + false + None + 0x18030000 + 0x10000 + 0x1803FFFF + false + false + SPI_MOSI_MISO_DATA_0_1 + default_memory.xml + false + + + diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/design.modus b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/design.modus new file mode 100755 index 0000000..853df6b --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_BSP_DESIGN_MODUS/design.modus @@ -0,0 +1,473 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_TFM_S_FW/LICENSE-2.0.txt b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_TFM_S_FW/LICENSE-2.0.txt new file mode 100644 index 0000000..d645695 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_TFM_S_FW/LICENSE-2.0.txt @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_TFM_S_FW/NOTICE.txt b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_TFM_S_FW/NOTICE.txt new file mode 100644 index 0000000..2025135 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_TFM_S_FW/NOTICE.txt @@ -0,0 +1,12 @@ +Copyright (c) 2019-2020, Arm Limited. All rights reserved. +Copyright (c) 2019-2020, Cypress Semiconductor Corporation. All rights reserved. + +Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. + +3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_TFM_S_FW/VERSION.txt b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_TFM_S_FW/VERSION.txt new file mode 100755 index 0000000..6e07348 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_TFM_S_FW/VERSION.txt @@ -0,0 +1 @@ +e90e02327eb3 \ No newline at end of file diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_TFM_S_FW/tfm_s.axf b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_TFM_S_FW/tfm_s.axf new file mode 100755 index 0000000..0d617a8 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_TFM_S_FW/tfm_s.axf Binary files differ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_TFM_S_FW/tfm_s.hex b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_TFM_S_FW/tfm_s.hex new file mode 100644 index 0000000..1fcd21d --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_TFM_S_FW/tfm_s.hex @@ -0,0 +1,12550 @@ +:020000041000EA +:1004000000940008910400100D0000007DCB021044 +:1004100000000000000000000000000000000000DC +:1004200000000000000000000000000065CB02108A +:10043000000000000000000029CB02101105001090 +:1004400011050010D1CB021011050010110500108C +:1004500011050010110500101105001025CA021029 +:1004600011050010110500101105001011050010F4 +:1004700011050010110500101105001011050010E4 +:100480007047EFF3108072B6704780F310887047A2 +:10049000FFF7F6FF72B6174C174DAC4209DA216828 +:1004A0006268A368043B02DBC858D050FAE70C34FA +:1004B000F3E7124B124CA34208DA19685A6800207D +:1004C000043A01DB8850FBE70833F4E70D480E4996 +:1004D0000860BFF34F8F2CF083FBEFF314800221F1 +:1004E000084380F31488094880F3098823F0FCFC52 +:1004F000FEE70000300500109C0500109C05001070 +:10050000F405001000AF010808ED00E0009C0008B1 +:10051000FEE7FEE700B504207146084202D0EFF383 +:10052000098001E0EFF30880043026F0AFFFFEE71A +:100530000004001000AF010830010000A00C0310FF +:1005400080AF010878020000000C031000180008BA +:1005500000000000000C0310009C000800000000D8 +:10056000000C031000C2000860000000600C0310C3 +:1005700080CD000840000000A00C0310809B010803 +:1005800000000000A00C031000A001080000000003 +:0C059000180F031000F80208C00400005F +:10059C00F8B10108A4360000009C000820180000E7 +:1005AC0080B40008800D000060C2000880040000C8 +:1005BC0000C7000880060000C0CD0008A0AD0000F8 +:1005CC00807B010800200000809B010820000000B7 +:1005DC00009C01080004000000A00108600200005B +:0805EC0080A20108000C0000D0 +:0805F4000000000000000000FF +:1005FC0000000000000000000000000000000000EF +:10060C0000000000000000000000000000000000DE +:1006200010B50A22002100F0ADFA10BD10B50A2263 +:10063000002100F067FB10BD10B5034B0A0001005C +:10064000186800F084F810BD20B00108084B10B500 +:100650000400002B02D0002100E000BF054B186809 +:10066000836A002B00D0984720002FF0C3F8C046C3 +:1006700000000000CC190010EC300068704700004A +:10068000044B1B681B6A002B00D1034BEC3318682A +:100690007047C04620B0010884B0010810B5034B74 +:1006A0000100186800F0ACF810BDC04620B0010889 +:1006B00010B5034B0100186800F058F810BDC04693 +:1006C00020B0010882B0002900D101A9101E06D077 +:1006D000002B06D013780B601078431E984102B0AF +:1006E000704702204042FAE730B50024A24201D10F +:1006F000002005E0035D651C0C5DA34201D0181BC2 +:1007000030BD2C00F2E7002310B59A4200D110BD95 +:10071000CC5CC4540133F8E710B5884202D98B1879 +:10072000984203D3002307E08B5C8354013AFBD249 +:1007300010BDCC5CC45401339A42FAD1F8E70300EF +:100740001218934200D1704719700133F9E74A43F8 +:1007500070B51100140000F053F8051E03D02200FC +:100760000021FFF7ECFF280070BD000070B5050008 +:10077000002910D00C1F2368002B00DAE418280091 +:1007800000F0A4FD1D4A1368002B05D163601460BE +:10079000280000F09CFD70BDA34209D921686018B3 +:1007A0008342F3D118685B6841182160EEE71300BB +:1007B0005A68002A01D0A242F9D919685818A042F3 +:1007C0000BD120680918581819608242E0D11068CE +:1007D0005268411819605A60DAE7A04202D90C2326 +:1007E0002B60D5E721686018824203D110685268F7 +:1007F0004118216062605C60CAE7C04608E80108F1 +:10080000032370B5CD1C9D43083506000C2D1ED268 +:100810000C25A9421DD8300000F058FD254A146867 +:100820002100002919D1244C2368002B03D130006A +:1008300000F0C8F820602900300000F0C3F8431C25 +:100840002BD10C233000336000F041FD03E0002D7C +:10085000DFDA0C233360002070BD0B685B1B19D4FA +:100860000B2B03D90B60CC18256003E04B688C423E +:100870000DD11360300000F02AFD200007220B305C +:10088000231D9043C31AE7D05A42E250E4E7636065 +:100890000C00EFE70C004968C3E70323C41C9C432A +:1008A000A042E1D0211A300000F08CF8431CDBD1CB +:1008B000C7E7C04608E801080CE801080FB40B4B75 +:1008C00013B51C68002C05D0A369002B02D12000B1 +:1008D00000F0FCFB05AB049AA1682000019300F036 +:1008E0001FFD16BC08BC04B01847C04620B0010864 +:1008F00070B505000E00002804D08369002B01D1DB +:1009000000F0E4FBAB69AC68002B02D1280000F0DA +:10091000DDFB244B9C420FD16C68A3891B0702D5D9 +:100920002369002B1FD12100280000F061FA002864 +:1009300019D00120404270BD1B4B9C4201D1AC68D4 +:10094000EBE71A4B9C42E8D1EC68E6E70136A3607E +:10095000002B04DAA2699A4216DC0A2914D0236813 +:100960005A1C22601970A3683178013B0029EDD12F +:10097000A360002B0FDA22000A31280000F0D6F91C +:10098000431CD6D00A20D6E72200280000F0CEF97A +:10099000431CE8D1CDE70A2023685A1C2260187056 +:1009A000C9E7C046FC1A00101C1B0010DC1A00101E +:1009B00010B5034B01001868FFF79AFF10BDC04641 +:1009C00020B00108002370B5064C05000800236024 +:1009D0002EF002FF431C03D12368002B00D02B60B4 +:1009E00070BDC04698E80108C9B20378002B04D056 +:1009F0008B4200D170470130F7E74B4259414942E1 +:100A00000840F7E702780B78002A03D00130013163 +:100A10009A42F7D0D01A70470023C25C0133002AF3 +:100A2000FBD1581E704730B50500002A00D130BDFB +:100A30000C78013A6B1C2C700131002C05D19A18EE +:100A40009A42F4D01C700133FAE71D00EDE710B5AF +:100A50000378002B0FD10B785A4253415B42184068 +:100A600010BD0023CA5C002AFAD0C45C944201D1B4 +:100A70000133F7E701300378002BF2D11800EFE7DC +:100A8000F0B51F000E0087B00590019102920C98FE +:100A90003478FFF7F1FD082200194378751C1340E4 +:100AA00036D12D2C36D1B51C74780126002F62D09A +:100AB000102F09D1302C07D120222B789343582BAB +:100AC00054D110276C7802352D4B3900F3181800DB +:100AD000039302F0AFFB049101210023494202007D +:100AE0008C4618002100303909291AD80C00A74279 +:100AF00023DD591C09D06346824206D302D10499F2 +:100B0000A14202DB0123784320182C780135E9E764 +:100B10002E00BCE72B2C01D01E00C7E7B51C747853 +:100B2000FAE721004139192901D8373CDFE72100D4 +:100B30006139192901D8573CD9E75A1C08D1059ABF +:100B400023331360029B0398002B09D107B0F0BD3B +:100B5000002E00D04042029A002AF7D0002B01D08C +:100B60006B1E0193029B019A1A60EFE73024002F5D +:100B7000AAD10827A8E7302C9ED00A27A4E7C046B0 +:100B8000FFFFFF7F37B51300064A05001068046AAF +:100B9000002C00D1044C0A0000942900FFF770FFDC +:100BA0003EBDC04620B0010884B00108F0B51F006A +:100BB0000E008DB00B900291039212983478FFF7DB +:100BC0005BFD082200194378751C134053D12D2C6E +:100BD00053D17478B51C01330193002F00D18AE002 +:100BE000102F0AD1302C08D120222B789343582B78 +:100BF00000D07AE010276C780235019B002B41D1A0 +:100C0000013B04933E4B05933A00FB17049805996A +:100C1000089302F015FB002309900E00002000212C +:100C20000A922200303A092A31D81400A7423DDD49 +:100C30005A1C1DD0B14236D802D1099B984232D8F5 +:100C4000099B834206D18E4204D101230A9A5B425A +:100C5000A2420DDB0B0002000899380002F010FBE5 +:100C6000E31706940793069B079CC0186141012374 +:100C70002C780135D5E72E009FE72B2CACD1B51C85 +:100C80007478A9E70023049380231B06BBE72200A6 +:100C9000413A192A01D8373CC8E72200613A192A9B +:100CA00004D8573CC2E701235B42E1E75A1C09D153 +:100CB0000B9A23331360039B04980599002B0ED1E4 +:100CC0000DB0F0BD019A002A04D006000F000021EB +:100CD0007042B941039A002AF2D0002B01D06B1E5A +:100CE0000293039B029A1A60EAE73024002F00D097 +:100CF00083E7082781E7302C00D175E70A277CE7D6 +:100D0000FFFFFF7F37B51300064A05001068046A2D +:100D1000002C00D1044C0A0000942900FFF746FF84 +:100D200003B030BD20B0010884B00108F8B505005B +:100D30000E001400002804D08369002B01D100F0BC +:100D4000C5F9224B9C422DD16C68A369A360A3898D +:100D50001B0731D52369002B2ED023682269F7B2F7 +:100D6000981A6369F6B2834205DC2100280000F07E +:100D70003FF9002826D1A3680130013BA360236816 +:100D80005A1C22601F706369834204D0A389DB0769 +:100D90001AD50A2E18D12100280000F029F90028C0 +:100DA00012D00FE00A4B9C4201D1AC68CDE7094B51 +:100DB0009C42CAD1EC68C8E72100280000F018F86E +:100DC0000028CAD0012676423000F8BDFC1A001077 +:100DD0001C1B0010DC1A00100B1E04D0FF2A04D9C3 +:100DE0008A2303608B3B180070470A700123FAE7DF +:100DF000364B70B51D6806000C00002D05D0AB69A0 +:100E0000002B02D1280000F061F9314B9C420FD138 +:100E10006C680C23E25E93B219072DD4D90611D465 +:100E200009230120336037331343A381404270BD4F +:100E3000284B9C4201D1AC68EBE7274B9C42E8D1A0 +:100E4000EC68E6E75B0713D5616B002908D0230047 +:100E50004433994202D03000FFF788FC00236363DB +:100E60002422A3899343A381002363602369236021 +:100E70000823A2891343A3812369002B0BD1A0214E +:100E80008022A389890092000B40934203D0210065 +:100E9000300000F0D7F90123A289134011D00023BC +:100EA000A36063695B42A361002023698342BED1D2 +:100EB0000C23E25E1306BAD540231343A381013805 +:100EC000B5E7920700D46369A360EDE720B001089D +:100ED000FC1A00101C1B0010DC1A0010F7B58A89E0 +:100EE00005000C00130760D44B68002B04DC0B6C6E +:100EF000002B01DC0020FEBDE76A002FFAD00023A2 +:100F00002E682B6080235B01216A1A4034D0606D0B +:100F1000A3895B0706D56368C01A636B002B01D0F9 +:100F2000236CC01A0200216A00232800E76AB84730 +:100F3000A189431C06D12B681D2B30D82B4ADA40DF +:100F4000D3072CD50023636023692360CB0405D528 +:100F5000431C02D12B68002B00D16065616B2E60B1 +:100F60000029C7D023004433994202D02800FFF75C +:100F7000FDFB00206063BEE701232800B847431C47 +:100F8000C6D12B68002BC3D01D2B01D0162B01D14D +:100F90002E60AFE74023A2891343A381ABE7402330 +:100FA0000B430120A3814042A5E70F69002FA1D088 +:100FB0000B680F60DB1B01930023920700D14B6984 +:100FC000A360019B002B00DC94E7019B3A00216A9F +:100FD0002800A66AB047002803DC4023A2891343F7 +:100FE000DFE7019B3F181B1A0193EAE7010040204D +:100FF0000B6970B505000C00002B01D1002070BDFD +:10100000002804D08369002B01D100F05FF80B4B5E +:101010009C4209D16C680C22A35E002BEED021000B +:101020002800FFF75BFFEAE7054B9C4201D1AC6863 +:10103000F1E7044B9C42EED1EC68ECE7FC1A00109F +:101040001C1B0010DC1A0010002310B50400036004 +:101050004360836081814366C28103614361836130 +:10106000190008225C30FFF76AFB054B24626362BB +:10107000044BA362044BE362044B236310BDC046E0 +:10108000391800106118001099180010C5180010C8 +:1010900010B5024900F08CF810BDC046F10F0010E9 +:1010A00070B568254A1E55430E0029007431FFF7BC +:1010B000A7FB041E08D000212A00016046600C3006 +:1010C000A0606832FFF73BFB200070BD836913B559 +:1010D0000400002B28D18364C3640365134B144AB6 +:1010E0001B6882620193984201D101238361200031 +:1010F00000F020F86060200000F01CF8A0602000E4 +:1011000000F018F80022E06004216068FFF79CFFFF +:1011100001220921A068FFF797FF02221221E0684F +:10112000FFF792FF0123A36113BDC046CC19001045 +:1011300091100010F8B51C4B07001E68B369002B16 +:1011400002D13000FFF7C2FF4836B4687368013B34 +:1011500004D53368002B07D03668F6E70C22A55E6D +:10116000002D0DD06834F2E704213800FFF798FF16 +:1011700030600028F0D10C2304003B602000F8BD53 +:1011800020000A4B656625606560A560E360256107 +:101190006561A561082229005C30FFF7D0FA65631C +:1011A000A563A564E564E9E7CC1900100100FFFF21 +:1011B000F7B504000700002601914834002C01D146 +:1011C0003000FEBD6368A5680093009B013B00935F +:1011D00001D52468F2E7AB89012B08D90E22AB5E5A +:1011E000013304D029003800019B98470643683535 +:1011F000EBE7000070B50E001D000E23C95E96B02F +:101200001400002907DA00232B60B3891B0611D4D0 +:101210008023DB000FE06A4600F080FB0028F2DB51 +:10122000F022019B12021340054A9B185A42534177 +:101230002B60EDE740230020236016B070BDC04650 +:1012400000E0FFFFF7B502268B8905000C00334252 +:1012500006D0230047332360236101236361F7BD78 +:1012600001AB6A46FFF7C6FF009907002800FFF7A9 +:10127000C7FA002808D10C22A35E9A05EFD40322F6 +:1012800093431E43A681E4E70F4BAB628023A28900 +:1012900020601343A381009B20616361019B002BAD +:1012A0000DD00E23E15E280000F04AFB002806D096 +:1012B0000322A38993431A0001231343A381A08926 +:1012C0003843A081CBE7C0469110001070477047AB +:1012D000936810B5013B9360002B04DA9469A34234 +:1012E00007DB0A2905D01368581C10601970080024 +:1012F00010BDFFF71BFD0100F9E7F8B506000F0070 +:101300001400D518AC4201D1002007E021783A0042 +:101310003000FFF7DDFF0134431CF3D1F8BD0000BE +:10132000F0B5A1B003900F0016001D00002805D0F5 +:1013300083690593002B01D1FFF7C8FE7B4B9F42C9 +:101340005CD1039B5F68BB891B0763D53B69002B9E +:1013500060D0002308AC6361203363761033A3763A +:10136000079535002B78002B01D0252B5CD1AB1BCA +:1013700005930CD0320039000398FFF7BEFF431CE1 +:1013800000D1C4E06269059B9446634463612B7895 +:10139000002B00D1BBE0012200235242626004A96D +:1013A000543252186E1C2360E360A3601370A3656F +:1013B000317805225E4800F0E9FA751C002835D125 +:1013C0002268D30604D5532304A95B182021197081 +:1013D000130704D5532304A95B182B211970337804 +:1013E0002A2B2CD0350000210A20E3682A786E1CB5 +:1013F000303A092A64D900292ED026E04D4B9F426D +:1014000002D1039B9F689EE74B4B9F429BD1039B5E +:10141000DF6898E739000398FFF7EAFC002898D0C6 +:101420000120404221B0F0BD01359BE7404B2268CE +:10143000C01A01238340134323602E00B8E7079BA3 +:10144000191D1B680791002B01DB0B9304E05B4225 +:10145000E3600223134323602B782E2B0AD16B7891 +:101460002A2B35D1079B02351A1D1B680792002BCA +:101470002BDB0993314E29780322300000F086FAE5 +:10148000002806D04023801B834022680135134387 +:101490002360297806222A486E1C217600F076FA0D +:1014A00000283AD0274B002B25D10722079B073372 +:1014B0009343083307936369049A9B18636150E769 +:1014C000434301219B18350090E701235B42D0E79D +:1014D00000230A201A000135636029786E1C303918 +:1014E000092903D9002BC5D00992C3E74243012340 +:1014F00052183500F1E707AB00933A00124B210078 +:10150000039800E000BF0490049B0133D3D1BB8952 +:101510005B0600D584E70D9884E707AB00933A009B +:10152000094B2100039800F07FF8ECE7FC1A00104B +:101530003C1B00101C1B0010DC1A0010421B00108A +:10154000461B001000000000FB120010F7B515004C +:1015500001938A680B6900900C00934200DA130033 +:1015600022002B6043321278002A01D001332B6015 +:1015700023689B0602D52B6802332B60062723685D +:101580001F4027D0230043331B785A1E9341226803 +:10159000920630D42200019943320098089EB04749 +:1015A000431C25D0062320682A68E16803400025F3 +:1015B000042B03D18D1AEB43DB171D40A36822696E +:1015C000934201DD9B1AED180027BD4220D1002077 +:1015D00010E00137E3682A689B1ABB42D2DD220083 +:1015E0000123193201990098089EB047431CF0D19D +:1015F00001204042FEBD3020E11843310870210037 +:101600005A1C45310978A218433202331170C1E7E0 +:10161000220001231A3201990098089EB047431C0A +:10162000E6D00137D1E70000F0B589B004920A0096 +:1016300043320593039002920A7E0C000E9B6E2AA1 +:1016400000D186E01FD8632A33D008D8002A00D101 +:101650008CE0582A4DD0250042352A7030E0642AAB +:1016600001D0692AF7D1196825680A1D280629D5ED +:1016700008681A60002803DA2D23029A404213708A +:101680006B4E0A274FE0732A74D008D86F2A1FD0F8 +:10169000702AE0D1202209680A43226003E0752AFB +:1016A00016D0782AD7D12200782145321170614EA8 +:1016B00022E025001A684235111D196013682B704D +:1016C000012365E008681A606906D3D500B2D1E746 +:1016D00019682568081D186008682E0605D5544E3F +:1016E00008276F2A1BD00A2719E06D06F7D580B2AC +:1016F000F5E745314E4E0A7018682268011D0068F2 +:101700001960150621D5D30702D520231A4322607C +:101710001027002803D1202322689A432260230047 +:10172000002243331A706368A360002B58DB042245 +:10173000216891432160002854D1029D002B5AD08A +:101740002500337842352B7055E05506DBD580B245 +:10175000D9E71A680D68101D4969186013682E06CC +:1017600001D5196002E06D06FBD519800023029DAA +:1017700023614FE01A68111D196015680021626825 +:10178000280000F003F9002801D0401B6060636866 +:1017900023610023029A13703CE023692A00049914 +:1017A0000398059DA847431C3ED023689B0715D48A +:1017B000079BE068984239DA180037E022000123DD +:1017C000193204990398059EB047431C2CD001356B +:1017D000E368079A9B1AAB42F0DCE9E70025F7E7DC +:1017E0000028ADD0029D390001F024FD735C013D5D +:1017F0002B700028F7D1082F09D12368DB0706D505 +:1018000063682269934202DC3023013D2B70029B06 +:101810005B1B2361059B07AA00932100049B03988F +:10182000FFF794FE431CB8D10120404209B0F0BD3F +:101830004D1B00105E1B001070B50C000E25495F9B +:1018400000F0B0F8002803DB636D1B18636570BD02 +:10185000A389024A1340A381F9E7C046FFEFFFFFC7 +:10186000F8B51F008B8905000C001600DB0505D5B7 +:101870000E23C95E0022022300F074F8A389054AF2 +:1018800028001340A38132000E23E15E3B0000F0EC +:101890001FF8F8BDFFEFFFFF70B50C000E25495F84 +:1018A00000F060F8A389421C03D1054A1340A381CC +:1018B00070BD802252011343A3816065F8E7C046E2 +:1018C000FFEFFFFF10B50E23C95E00F015F810BD45 +:1018D00070B50500080011000022064C22601A00B5 +:1018E00023F0E6F8431C03D12368002B00D02B60C3 +:1018F00070BDC04698E80108002370B5064C05008D +:10190000080023602DF040FF431C03D12368002B07 +:1019100000D02B6070BDC04698E80108002370B568 +:10192000064C05000800110023602DF035FF431C14 +:1019300003D12368002B00D02B6070BD98E801080C +:10194000002370B5064C0500080023602DF02CFF25 +:10195000431C03D12368002B00D02B6070BDC04610 +:1019600098E8010870B50500080011000022064C37 +:1019700022601A002DF020FF431C03D12368002BA6 +:1019800000D02B6070BDC04698E80108C9B282182B +:10199000904201D10020704703788B42FBD0013088 +:1019A000F6E7000070B50500080011000022064CA3 +:1019B00022601A002DF008FF431C03D12368002B7E +:1019C00000D02B6070BDC04698E8010824B0010823 +:1019D0004300504F534958002E0000202020202063 +:1019E00020202020282828282820202020202020CF +:1019F00020202020202020202020208810101010BF +:101A00001010101010101010101010040404040412 +:101A1000040404040410101010101010414141413E +:101A20004141010101010101010101010101010126 +:101A30000101010101011010101010104242424238 +:101A400042420202020202020202020202020202F6 +:101A5000020202020202101010102000000000001A +:101A60000000000000000000000000000000000076 +:101A70000000000000000000000000000000000066 +:101A80000000000000000000000000000000000056 +:101A90000000000000000000000000000000000046 +:101AA0000000000000000000000000000000000036 +:101AB0000000000000000000000000000000000026 +:101AC0000000000000000000000000000000000016 +:101AD0000000000000000000000000000000000006 +:101AE00000000000000000000000000000000000F6 +:101AF00000000000000000000000000000000000E6 +:101B000000000000000000000000000000000000D5 +:101B100000000000000000000000000000000000C5 +:101B200000000000000000000000000000000000B5 +:101B3000000000000000000000000000232D302BFA +:101B40002000686C4C0065666745464700303132BE +:101B50003334353637383941424344454600303115 +:101B60003233343536373839616263646566000074 +:101B700005DF70470020FBE706DF7047000000002C +:101B80000800000008000000000200000000000043 +:101B90000000000000000000000000000000000045 +:101BA00000000000000000000B0000003F000000EB +:101BB000000000003F00000000000000EFF314836D +:101BC0000138421E9041012210409343184380F394 +:101BD0001488704730B58BB00290039102A904912C +:101BE000069308210EAB0893042305917020073952 +:101BF0000792099302F0FEFB041E10DD002304AAE5 +:101C0000019300930021033302F0F6FB050020004E +:101C100002F0FEFB032D05D028000BB030BD84255B +:101C20006D42F9E787256D42F6E7C04670B58CB086 +:101C3000039204AA08920822099203AA0A92042293 +:101C4000119E0B92109A0490059106920793002E14 +:101C500019D00121712002F0CDFB041E16DD0123F5 +:101C6000019306AB009308AA0223002102F0C4FBF3 +:101C70000500200002F0CCFB032D04D0079B33604D +:101C800028000CB070BD87256D42F9E784256D42B0 +:101C9000F6E7C04630B589B002AB04930823029042 +:101CA000039105930121043372200692079302F0F9 +:101CB000A1FB041E11DD0123019306AB009304AACE +:101CC0000123002102F098FB0500200002F0A0FB98 +:101CD000032D05D0280009B030BD84256D42F9E7F9 +:101CE00087256D42F6E7C04630B587B002AB049356 +:101CF00008230290039101217320059302F07AFBDF +:101D0000041E0EDD002304AA019300930021013379 +:101D100002F072FB0500200002F07AFB280007B0F9 +:101D200030BD84256D42F9E70020704730B595B08D +:101D30000C000390242200210BA8FEF700FD0AAA44 +:101D400006922822079203AA022308920422012164 +:101D5000802004940A930992059302F04BFB041E21 +:101D60000FDD0123019304AB009306AA0223002197 +:101D700002F042FB0500200002F04AFB280015B0EB +:101D800030BD84256D42F9E7862040427047C04649 +:101D900030B58FB005002422002105A8FEF7CFFC46 +:101DA000032304AC0493012125338020E5800294B1 +:101DB000039302F01FFB041E0EDD002302AA019311 +:101DC00000930021013302F017FB0500200002F010 +:101DD0001FFB28000FB030BD84256D42F9E7C046D7 +:101DE000F0B595B007000E001500002124220BA8C5 +:101DF0001C00FEF7A4FC04230A930AAB04932823D7 +:101E00000593043B07930121223B8020029406970F +:101E100008960995039302F0EDFA041E0FDD0123E5 +:101E2000019302AB009304AA0323002102F0E4FA19 +:101E30000500200002F0ECFA280015B0F0BD842562 +:101E40006D42F9E730B58FB005002422002105A8C6 +:101E5000FEF775FC052304AC049301212333802095 +:101E6000E5800294039302F0C5FA041E0EDD002300 +:101E700002AA019300930021013302F0BDFA05008C +:101E8000200002F0C5FA28000FB030BD84256D4255 +:101E9000F9E7C04670B590B006AC06000D002822E8 +:101EA00000212000FEF74BFC282301210393802012 +:101EB000043BE68002940495059302F09BFA041E0D +:101EC0000FDD0123019304AB009302AA012300213B +:101ED00002F092FA0500200002F09AFA280010B0F1 +:101EE00070BD84256D42F9E7F0B5C64600B590B0E7 +:101EF00007000E0015000021242207A89846FEF7CF +:101F00001EFC062306AC0693012122338020E780C5 +:101F1000029403930496059502F06CFA041E14DDF6 +:101F20000123019304AB009302AA0123002102F0D4 +:101F300063FA4346059A05001A60200002F068FA29 +:101F4000280010B004BC9046F0BD84256D42F7E730 +:101F5000F0B5C64600B590B007000E001500002190 +:101F6000242207A89846FEF7EAFB072306AC06934F +:101F7000012121338020E780029403930496059584 +:101F800002F038FA041E14DD0123019304AB009320 +:101F900002AA0123002102F02FFA4346059A050008 +:101FA0001A60200002F034FA280010B004BC9046F9 +:101FB000F0BD84256D42F7E7F0B593B007000E0041 +:101FC00015000021242209A8FEF7B9FB0823089375 +:101FD00020330593043B08AC07930121223B80206A +:101FE000E780049406960295039302F003FA041E18 +:101FF0000FDD0123019302AB009304AA0223002109 +:1020000002F0FAF90500200002F002FA280013B0ED +:10201000F0BD84256D42F9E7F0B5C64600B592B033 +:1020200004000F0016000021242209A89846FEF79C +:1020300086FB1D230893236808ADEB60282301214C +:1020400003938020243B04940295059306970796FA +:1020500002F0D0F9041E14DD0223019304AB0093B7 +:1020600002AA0123002102F0C7F94346079A05009E +:102070001A60200002F0CCF9280012B004BC90468F +:10208000F0BD84256D42F7E7F0B593B004000F0072 +:1020900016000021242209A8FEF751FB1E230893F5 +:1020A000236808ADEB602823012105938020243BA1 +:1020B0000294049506970796039302F09BF9041E79 +:1020C0000FDD0123019302AB009304AA0223002138 +:1020D00002F092F90500200002F09AF9280013B0EE +:1020E000F0BD84256D42F9E7F0B591B005000F0011 +:1020F00016000021242207A8FEF721FB1B230693CC +:102100002B6806ACE3602823012103938020243B45 +:10211000E780A66002940495059302F06BF9041E13 +:102120000FDD0123019304AB009302AA01230021D8 +:1021300002F062F90500200002F06AF9280011B0EF +:10214000F0BD84256D42F9E7F0B591B005000F00B0 +:1021500016000021242207A8FEF7F1FA1C2306939B +:102160002B6806ACE3602823012103938020243BE5 +:10217000E780A66002940495059302F03BF9041EE3 +:102180000FDD0123019304AB009302AA0123002178 +:1021900002F032F90500200002F03AF9280011B0EF +:1021A000F0BD84256D42F9E7F0B5C64600B594B0A0 +:1021B000040088461700002124220BA81E00FEF709 +:1021C000BEFA1F230A9323680AADEB60282303930A +:1021D00043460493042307931A9B0121802006940D +:1021E000029505970896099302F004F9041E14DD80 +:1021F0000223019306AB009302AA0223002102F0FE +:10220000FBF8099A1B9B05001A60200002F000F9F8 +:10221000280014B004BC9046F0BD84256D42F7E759 +:1022200030B591B004002422002107A8FEF787FAF8 +:1022300021230693236806ADEB6028230121039335 +:102240008020243B04940295059302F0D3F8041EE9 +:102250000FDD0123019304AB009302AA01230021A7 +:1022600002F0CAF80500200002F0D2F8280011B0F0 +:1022700030BD84256D42F9E7F0B5C64600B592B091 +:1022800004000F0016000021242209A89846FEF73A +:1022900056FA20230893236808ADEB602823012118 +:1022A00003938020243B0494029505930697079698 +:1022B00002F0A0F8041E14DD0223019304AB009386 +:1022C00002AA0123002102F097F84346079A05006D +:1022D0001A60200002F09CF8280012B004BC90465E +:1022E000F0BD84256D42F7E770B590B005000E0093 +:1022F0002422002107A8FEF722FA0B2306932B685D +:1023000006ACE3602823012103938020243BA660D0 +:1023100002940495059302F06DF8041E0FDD01236D +:10232000019304AB009302AA0123002102F064F898 +:102330000500200002F06CF8280010B070BD842564 +:102340006D42F9E7F0B593B004000F0016000021CC +:10235000242209A8FEF7F3F90C230893236808AD9B +:10236000EB602823012105938020243B02940495EF +:1023700006970796039302F03DF8041E0FDD012334 +:10238000019302AB009304AA0223002102F034F867 +:102390000500200002F03CF8280013B0F0BD8425B1 +:1023A0006D42F9E7F0B5C64600B592B004000F00E3 +:1023B00016000021242209A89846FEF7C0F90D2333 +:1023C0000893236808ADEB60282301210393802044 +:1023D000243B0494029505930697079602F00AF8A9 +:1023E000041E14DD0223019304AB009302AA01230F +:1023F000002102F001F84346079A05001A60200008 +:1024000002F006F8280012B004BC9046F0BD842506 +:102410006D42F7E7F0B593B004000F0016000021FD +:10242000242209A8FEF78BF90E230893236808AD30 +:10243000EB602823012105938020243B029404951E +:1024400006970796039301F0D5FF041E0FDD0123C5 +:10245000019302AB009304AA0223002101F0CCFFF8 +:102460000500200001F0D4FF280013B0F0BD842542 +:102470006D42F9E730B591B004002422002107A88D +:10248000FEF75DF90F230693236806ADEB60282362 +:10249000012103938020243B04940295059301F0CD +:1024A000A9FF041E0FDD0123019304AB009302AAD0 +:1024B0000123002101F0A0FF0500200001F0A8FF8A +:1024C000280011B030BD84256D42F9E770B590B099 +:1024D00006000C002422002107A8FEF730F9102383 +:1024E0000693336806ADEB6028230393243B0295E3 +:1024F00004940593002C02D02368002B18D10121ED +:10250000802001F077FF041E0FDD0123019304AB4F +:10251000009302AA0123002101F06EFF05002000B4 +:1025200001F076FF280010B070BD84256D42F9E7F8 +:1025300089256D42F6E7C046F0B591B005000F0061 +:1025400016000021242207A8FEF7F9F813230693AA +:102550002B6806ACE3602823012103938020243BF1 +:10256000E780A66002940495059301F043FF041EE2 +:102570000FDD0123019304AB009302AA0123002184 +:1025800001F03AFF0500200001F042FF280011B0E1 +:10259000F0BD84256D42F9E7F0B591B005000F005C +:1025A00016000021242207A8FEF7C9F81423069379 +:1025B0002B6806ACE3602823012103938020243B91 +:1025C000E780A66002940495059301F013FF041EB2 +:1025D0000FDD0123019304AB009302AA0123002124 +:1025E00001F00AFF0500200001F012FF280011B0E1 +:1025F000F0BD84256D42F9E7F0B593B004000F00FB +:1026000016000021242209A8FEF799F81523089343 +:10261000236808ADEB602823012105938020243B2B +:102620000294049506970796039301F0E3FE041EB7 +:102630000FDD0123019302AB009304AA02230021C2 +:1026400001F0DAFE0500200001F0E2FE280013B0E0 +:10265000F0BD84256D42F9E7F0B5C64600B592B0ED +:1026600004000F0016000021242209A89846FEF756 +:1026700066F816230893236808ADEB602823012130 +:1026800003938020243B04940295059306970796B4 +:1026900001F0B0FE041E14DD0223019304AB00938D +:1026A00002AA0123002101F0A7FE4346079A050074 +:1026B0001A60200001F0ACFE280012B004BC904665 +:1026C000F0BD84256D42F7E7F0B593B004000F002C +:1026D00016000021242209A8FEF731F817230893D9 +:1026E000236808ADEB602823012105938020243B5B +:1026F0000294049506970796039301F07BFE041E4F +:102700000FDD0123019302AB009304AA02230021F1 +:1027100001F072FE0500200001F07AFE280013B0DF +:10272000F0BD84256D42F9E730B591B00400242254 +:10273000002107A8FEF703F818230693236806ADC7 +:10274000EB602823012103938020243B049402950D +:10275000059301F04FFE041E0FDD0123019304AB2E +:10276000009302AA0123002101F046FE050020008B +:1027700001F04EFE280011B030BD84256D42F9E70E +:10278000F0B595B004000F001600002120220BA820 +:102790001D00FDF7D4FF22230A936B46DC851A9BAC +:1027A0000C971395002B36D00AAB0493282305937E +:1027B0001C9B06931D9B07931A9B08931B9B0993D5 +:1027C0001E9B02931F9B0393102D27D8002E06D02B +:1027D000002D04D02A0031000FA8FDF794FF01213D +:1027E000802001F007FE051E1BDD1A9B01225C1EE6 +:1027F000A341019202AA02330092002104AA01F02F +:10280000FBFD039A209B04001A60280001F000FEE3 +:10281000200015B0F0BD1B9B002BC5D0872464425F +:10282000F6E784246442F3E7F0B595B004000F00A6 +:102830001600002120220BA81D00FDF780FF232396 +:102840000A936B46DC851A9B0C971395002B36D0A8 +:102850000AAB0493282305931C9B06931D9B0793A7 +:102860001A9B08931B9B09931E9B02931F9B039328 +:10287000102D27D8002E06D0002D04D02A003100BC +:102880000FA8FDF740FF0121802001F0B3FD051ED8 +:102890001BDD1A9B01225C1EA341019202AA023396 +:1028A0000092002104AA01F0A7FD039A209B0400D6 +:1028B0001A60280001F0ACFD200015B0F0BD1B9B94 +:1028C000002BC5D087246442F6E784246442F3E7F2 +:1028D000F0B5C64600B592B080460F001600002144 +:1028E000242209A81D00FDF72AFF2E230893434642 +:1028F00008ACE38028230593189B01210293199BC0 +:102900008020A760049406960795039301F072FD5A +:10291000041E14DD0123019302AB009304AA0223D9 +:10292000002101F069FD039A1A9B05001A6020003E +:1029300001F06EFD280012B004BC9046F0BD842565 +:102940006D42F7E7F0B5C64600B592B080460F007D +:1029500016000021242209A81D00FDF7F0FE2E23F9 +:102960000893434608ACE38028230593189B012174 +:102970000293199B8020A760049406960795039301 +:1029800001F038FD041E14DD0123019302AB009316 +:1029900004AA0223002101F02FFD039A1A9B0500CF +:1029A0001A60200001F034FD280012B004BC9046EB +:1029B000F0BD84256D42F7E7F0B5C64600B592B08C +:1029C00080460F0016000021242209A81D00FDF7F3 +:1029D000B6FE2F230893434608ACE38028230393D5 +:1029E000189B01210693199B8020A76002940496EE +:1029F0000595079301F0FEFC041E10DD002302AADA +:102A0000019300930021033301F0F6FC0500200040 +:102A100001F0FEFC280012B004BC9046F0BD8425F5 +:102A20006D42F7E7F0B5C64600B592B080460F009C +:102A300016000021242209A81D00FDF780FE2F2387 +:102A40000893434608ACE38028230393189B012195 +:102A50000693199B8020A76002940496059507931E +:102A600001F0C8FC041E10DD002302AA01930093AC +:102A70000021033301F0C0FC0500200001F0C8FC78 +:102A8000280012B004BC9046F0BD84256D42F7E7E3 +:102A9000F0B595B005000C001700002124220BA80A +:102AA0001E00FDF74CFE30230A936B46DD851A9B12 +:102AB0000C94002B28D00AAB0493282304AC636049 +:102AC0001A9BE66023611B9B02AE63611C9BA7609F +:102AD00002931D9B01217360802001F08BFC032376 +:102AE000051E2BDD01220096019200212200280004 +:102AF00001F082FC72681E9B04001A60280001F03D +:102B000087FC200015B0F0BD1B9B002B19D10AAB30 +:102B10000493282304AC63601B9BE660236163611C +:102B20001C9B02AE02931D9BA76073600121802055 +:102B300001F060FC051E01DD0223D3E7842464421A +:102B4000DFE787246442DCE7F0B595B005000C00B0 +:102B50001700002124220BA81E00FDF7F0FD3123F1 +:102B60000A936B46DD851A9B0C94002B28D00AAB88 +:102B70000493282304AC63601A9BE66023611B9BCB +:102B800002AE63611C9BA76002931D9B01217360D1 +:102B9000802001F02FFC0323051E2BDD012200966F +:102BA000019200212200280001F026FC72681E9B81 +:102BB00004001A60280001F02BFC200015B0F0BDC5 +:102BC0001B9B002B19D10AAB0493282304AC636030 +:102BD0001B9BE660236163611C9B02AE02931D9BFD +:102BE000A76073600121802001F004FC051E01DD57 +:102BF0000223D3E784246442DFE787246442DCE7CE +:102C000070B590B006000D002422002107A8FDF742 +:102C100096FD33230693336806ACE3602823012135 +:102C200003938020243B02940495059301F0E2FB7A +:102C3000041E0FDD0123019304AB009302AA0123BC +:102C4000002101F0D9FB0500200001F0E1FB280084 +:102C500010B070BD84256D42F9E7C046F0B591B063 +:102C600007000E0015000021242207A8FDF767FDCC +:102C7000382306933B6806ACE360282301218020BB +:102C8000029403930496059501F0B4FB041E0FDD36 +:102C90000123019304AB009302AA0123002101F058 +:102CA000ABFB0500200001F0B3FB280011B0F0BD24 +:102CB00084256D42F9E7C046F0B58FB005000F00DE +:102CC00016000021202206A8FDF739FD36230493C3 +:102CD0002B6804ACE360282301218020A780E680D4 +:102CE0000294039301F086FB041E0EDD002302AA6A +:102CF000019300930021013301F07EFB05002000C9 +:102D000001F086FB28000FB0F0BD84256D42F9E785 +:102D100030B591B004002422002107A8FDF70FFD73 +:102D20003A230693236806ADEB6028230121039321 +:102D30008020243B04940295059301F05BFB041E64 +:102D40000FDD0123019304AB009302AA01230021AC +:102D500001F052FB0500200001F05AFB280011B0E1 +:102D600030BD84256D42F9E7F0B5C64600B592B096 +:102D7000050088461700002120220AA81E00FDF742 +:102D8000DEFC37230893434608ACA3802B6801215F +:102D9000E36028230593189B802007930423E78092 +:102DA000049406960295039301F024FB041E11DDA2 +:102DB0000123019302AB009304AA0223002101F036 +:102DC0001BFB0500200001F023FB280012B004BC0F +:102DD0009046F0BD84256D42F7E7C04630B591B00E +:102DE00005000C002422002107A8FDF7A8FC3C23C5 +:102DF000069306AB029328230495039305940025BC +:102E0000002C02D1280011B030BD0121802001F03A +:102E1000F1FA041E0DDD0123019304AB009302AA15 +:102E20000123002101F0E8FA0500200001F0F0FA8A +:102E3000E8E784256D42E5E730B593B00C00050066 +:102E40002422002109A8FDF77AFC3D23089308AB52 +:102E5000049328230593043B07930121223B802000 +:102E600002940695039301F0C5FA041E0FDD0123B9 +:102E7000019302AB009304AA0223002101F0BCFAE3 +:102E80000500200001F0C4FA280013B030BD8425ED +:102E90006D42F9E7862040427047C0468620404296 +:102EA0007047C046862040427047C0468620404258 +:102EB0007047C046862040427047C0468620404248 +:102EC0007047C046862040427047C0468620404238 +:102ED0007047C046862040427047C0468620404228 +:102EE0007047C046862040427047C046F0B5C6468F +:102EF00000B592B00700884616000021242209A8D8 +:102F00001D00FDF71CFC3B230893434608ACE380FF +:102F100028230593189B01210293199B8020A76009 +:102F2000049406960795039301F064FA041E14DDD9 +:102F30000123019302AB009304AA0223002101F0B4 +:102F40005BFA039A1A9B05001A60200001F060FAF0 +:102F5000280012B004BC9046F0BD84256D42F7E70E +:102F600070B590B005000E002422002107A8FDF7DF +:102F7000E6FB322306932B6806ACE360282301218D +:102F800003938020243BA66002940495059301F0EE +:102F900031FA041E0FDD0123019304AB009302AA52 +:102FA0000123002101F028FA0500200001F030FA89 +:102FB000280010B070BD84256D42F9E770B58EB061 +:102FC00006000D002422002105A8FDF7B8FB3423DC +:102FD0000493336804ACE360282301218020256139 +:102FE0000294039301F006FA041E0EDD002302AAE8 +:102FF000019300930021013301F0FEF90500200048 +:1030000001F006FA28000EB070BD84256D42F9E784 +:10301000F0B5C64607001E2000B590B088461600E1 +:103020000021222268441D00FDF789FB3523069309 +:10303000434606ACA3803B680121E360282380203F +:10304000029403930496059501F0D4F9041E10DD53 +:10305000002302AA019300930021023301F0CCF96E +:103060000500200001F0D4F9280010B004BC9046FF +:10307000F0BD84256D42F7E7F0B593B006000F0070 +:1030800015000021242209A8FDF759FB39230893D4 +:103090003B6808ACE36028230593043B07930121B8 +:1030A000223B8020049406960295039301F0A2F936 +:1030B000041E0FDD0123019302AB009304AA022337 +:1030C000002101F099F90500200001F0A1F9280084 +:1030D00013B0F0BD84256D42F9E7C046862040421A +:1030E0007047C046862040427047C0468620404216 +:1030F0007047C046862040427047C0468620404206 +:103100007047C046862040427047C04686204042F5 +:103110007047C04602B4714649084900095C49003D +:103120008E4402BC7047C046002243088B4274D3D1 +:1031300003098B425FD3030A8B4244D3030B8B42B8 +:1031400028D3030C8B420DD3FF22090212BA030CC1 +:103150008B4202D31212090265D0030B8B4219D3A2 +:1031600000E0090AC30B8B4201D3CB03C01A5241C2 +:10317000830B8B4201D38B03C01A5241430B8B420A +:1031800001D34B03C01A5241030B8B4201D30B03F3 +:10319000C01A5241C30A8B4201D3CB02C01A52411A +:1031A000830A8B4201D38B02C01A5241430A8B42DD +:1031B00001D34B02C01A5241030A8B4201D30B02C6 +:1031C000C01A5241CDD2C3098B4201D3CB01C01AE0 +:1031D000524183098B4201D38B01C01A52414309EA +:1031E0008B4201D34B01C01A524103098B4201D3D8 +:1031F0000B01C01A5241C3088B4201D3CB00C01A45 +:10320000524183088B4201D38B00C01A52414308BC +:103210008B4201D34B00C01A5241411A00D20146E1 +:10322000524110467047FFE701B5002000F006F854 +:1032300002BDC0460029F7D076E770477047C04608 +:10324000002B11D1002A0FD1002900D1002802D073 +:103250000021C943081C07B4024802A1401802908B +:1032600003BDC046D9FFFFFF03B4684601B502980D +:1032700000F030F8019B9E4602B00CBC7047C0467F +:10328000F0B5CE46474615042D0C2E0080B5070438 +:10329000140C3F0C9946030C7E435D436743634324 +:1032A0007F19340CE4199C46A54203D980235B02A4 +:1032B0009846C4444B4643435143250C3604654469 +:1032C000360C2404A4195B19591820000CBC904634 +:1032D0009946F0BDF0B54F464646D646C0B5040007 +:1032E00082B00D00914698468B422FD82CD0414693 +:1032F000484600F0B1F829000600200000F0ACF8C4 +:10330000331A9C46203B9A4600D576E04B465246FF +:1033100093401F004B46624693401E00AF4228D8A0 +:1033200025D05346A41BBD41002B00DA7BE00022D0 +:1033300000230092019301235246934001930123FD +:1033400062469340009318E08242D0D900220023C5 +:10335000009201930A9B002B01D01C605D600098D5 +:10336000019902B01CBC90469946A246F0BDA3420A +:10337000D7D900220023009201936346002BE9D0A5 +:10338000FB079846414672080A437B0866460EE0F2 +:10339000AB4201D1A2420CD8A41A9D4101202419AC +:1033A0006D410021013E24184D41002E06D0AB4254 +:1033B000EED9013E24196D41002EF8D100980199F3 +:1033C000534600196941002B23DB2B005246D340A2 +:1033D0002A006446E2401C0053461500002B2DDBFA +:1033E00026005746BE40330026006746BE403200E6 +:1033F000801A994100900191ACE7624620239B1A04 +:103400004A46DA406146130042468A4017001F438D +:1034100080E7624620239B1A2A0066469A402300D2 +:10342000F3401343D4E76246202300219B1A002275 +:10343000009101920122DA40019280E72023624646 +:1034400026009B1ADE402F00B0466646B74046462F +:103450003B003343C8E7C04610B5002903D100F054 +:1034600007F8203002E0081C00F002F810BDC0464A +:103470001C2101231B04984201D3000C10391B0AA4 +:10348000984201D3000A08391B09984201D3000968 +:10349000043902A2105C40187047C04604030202BF +:1034A0000101010100000000000000000FB4F0B5B0 +:1034B0005746DE464E464546E0B595B01EAE08CEB0 +:1034C00000249A46002357469B4607960B933B7869 +:1034D000002B12D07A1C9046252B20D00BAD621CFD +:1034E0002C190B9223711F2A24D8012347469C468E +:1034F0003B78E3441400002BECD1002C04D02100D5 +:103500000CA821F0BFFA8344584615B03CBC904645 +:103510009946A246AB46F0BC08BC04B018477B787D +:10352000253BDBB2532B01D900F09EFC854A9B0062 +:10353000D3589F46002320210CA80B9321F0A2FA18 +:103540000B9AD2E70023804A0BAD984691462A0099 +:103550004546B04616003033621C34193260237180 +:103560001F2A0BD84B4601355B5D002B12D014008F +:10357000621C3419326023711F2AF3D900232021E1 +:103580000CA8336021F07EFA4B4601355B5D326852 +:10359000002BECD133004646A8461D00331D019395 +:1035A00008AB924600210C22180034689946FDF7BA +:1035B000C6F80F231A00494664482240825CC3447F +:1035C0000A7003925246984621090132002901D11E +:1035D00000F0D7FD4E461940415C7170260A01D1BA +:1035E00000F010FE1E404B46865D9E70230B01D1FD +:1035F00000F031FE1900434619404B46415CD9703A +:10360000230C01D100F04BFE1E0043461E404B46EA +:10361000865D1E71230D01D100F04AFE190043465C +:1036200019404B46415C5971230E01D100F076FEE2 +:1036300046461E404B46865D240F9E7101D100F028 +:1036400090FE015DD97106230293023398465346DA +:10365000EB182A6019711F2A01D900F06BFD541C68 +:10366000AA182C6016711F2C01D900F0A6FC029B31 +:10367000002B01D100F05CFC4346DE1E4B469A5DF8 +:10368000631C2C192B6022711F2B01D900F014FD33 +:10369000002E01D100F078FC4246161F4A46925D8A +:1036A0005C1CEB182C601A711F2C01D900F02FFD47 +:1036B000002E01D100F092FC43465E1F4B469A5DFE +:1036C000631C2C192B6022711F2B01D900F071FD96 +:1036D000002E01D100F00AFD4246961F4A46925D37 +:1036E0005C1CEB182C601A711F2C06D900232021BA +:1036F0000CA82B6021F0C6F92C68002E01D100F037 +:1037000017FD46464B46073E9A5D631C2C192B60FD +:1037100022711F2B01D900F077FC002E01D100F09F +:103720005AFD039A5C1CEB182C601A7108261F2C9A +:1037300000D80FE2002320210CA82B6021F0A2F971 +:103740002C6807E2284400109845001078450010C6 +:10375000331D029308AB180036680C2200219946ED +:10376000FCF7EDFF631C9A46002E00DAA6E3002367 +:10377000B046012603930BAD0A214046FFF75AFDE0 +:103780004A463031CBB213700A2140460593FFF709 +:10379000CBFC002801D100F0E9FC0A21FFF74AFD2B +:1037A0004B463031CEB25E7064214046FFF7BCFC20 +:1037B000002801D100F017FD0A21FFF73BFD303151 +:1037C000CBB24A46FA219370890040460193FFF735 +:1037D000ABFC002801D100F02DFD0A21FFF72AFDE6 +:1037E0004B463031CEB2DE70E4494046FFF79CFCD8 +:1037F000002801D100F049FD0A21FFF71BFD4A46D0 +:103800003031CBB21371DE4940460193FFF78CFC97 +:10381000002801D100F055FD0A21FFF70BFD4B46B2 +:103820003031CEB25E71D7494046FFF77DFC0028AB +:1038300001D100F05BFD0A21FFF7FCFC4A46303164 +:10384000CBB29371D04940460193FFF76DFC00283D +:1038500001D100F075FD0A21FFF7ECFC4B46303139 +:10386000CEB2DE71C9494046FFF75EFC002801D1A7 +:1038700000F091FD0A21FFF7DDFC4A463031CBB262 +:103880001372C34940460193FFF74EFC002801D153 +:1038900000F0A0FD4B463030C6B25E7208230493A0 +:1038A0000233984653462C192B6026711F2B01D9E1 +:1038B00000F052FC5346019A5C1CEB182C601A7104 +:1038C0001F2C00D971E3049B002B01D100F0CCFC2C +:1038D0004346DE1E4B469A5D631C2C192B602271F9 +:1038E0001F2B00D9F1E3002E01D100F0C9FC4246A4 +:1038F000161F4A46925D5C1CEB182C601A711F2C37 +:1039000001D900F0FBFB002E01D100F0E3FC43469F +:103910005E1F4B469A5D631C2C192B6022711F2B76 +:1039200001D900F04FFC002E01D100F0FDFC424611 +:10393000961F4A46925D5C1CEB182C601A711F2C76 +:1039400006D9002320210CA82B6021F09BF82C68BD +:10395000002E01D100F0EDFC4346DE1F4B469A5D80 +:10396000631C2C192B6022711F2B00D955E3002EEC +:1039700001D100F016FD46464A46083E925D5C1CA9 +:10398000EB182C601A711F2C00D966E3002E01D1B0 +:1039900000F029FD46464B46093E9A5D631C2C19F2 +:1039A0002B6022711F2B00D95FE3002E00D16CE346 +:1039B000059A5C1CEB182C601A711F2C01D900F0C1 +:1039C0009BFC039E0A36B3440237029E7FE5331DFB +:1039D00032780BAD9846631C2C190B9322711F2B68 +:1039E00000D97DE2012294461C00E344464602379A +:1039F0006DE5331D019308AB00210C2218003568DA +:103A00009946FCF79CFE63490F231A002A408A5C02 +:103A1000984692464A46504610702809621C002873 +:103A200000D19FE24E461840085C70702E0A00D10B +:103A3000ADE21E404B468E5D9E702B0B00D12BE3FA +:103A40001800434618404B46085CD8702B0C00D138 +:103A50004FE31E0043461E404B468E5D1E712B0DEC +:103A600000D1BDE21800434618404B46085C58712F +:103A70002B0E00D1B2E346461E404B468E5D2D0F05 +:103A80009E7100D1CEE3485DD871062302930233C4 +:103A900098460BAD2C190B9220711F2A00D959E2C0 +:103AA000541CAA182C6016711F2C00D928E2029B06 +:103AB000002B00D13CE24346DE1E4B469A5D631C60 +:103AC0002C192B6022711F2B00D921E2002E00D16E +:103AD0005AE24246161F4A46925D5C1CEB182C6067 +:103AE0001A711F2C00D91BE2002E00D176E243464A +:103AF0005E1F4B469A5D631C2C192B6022711F2B95 +:103B000000D939E2002E00D1F0E24246961F4A4623 +:103B1000925D5C1CEB182C601A711F2C00D93CE2E2 +:103B2000002E00D104E346464B46073E9A5D631CD7 +:103B30002C192B6022711F2B00D9B5E2002E00D169 +:103B400049E352465C1CEB182C601A7108261F2CA6 +:103B500000D9EFE5B3440237019EB8E425220BAD4E +:103B6000631C2C190B9322711F2B00D9C0E1012279 +:103B700094461C00E3440237A9E4C0461027000025 +:103B8000A086010040420F008096980000E1F505F4 +:103B900000CA9A3B88450010331D019308AB0021F1 +:103BA0000C22180035689946FCF7C9FDE1492BE75E +:103BB000331D029308AB994635680C22180000218A +:103BC000FCF7BDFD0A212800FFF734FB4A463031DF +:103BD000CBB213700A2128000493FFF7A5FA631CE7 +:103BE0009A46002800D103E20A21FFF723FB4B4647 +:103BF0003031CEB25E7064212800FFF795FA0028BC +:103C000000D1F8E20A21FFF715FB3031CBB298461C +:103C1000FA214B46424689009A702800FFF784FA41 +:103C2000002800D10FE30A21FFF704FB4B46303197 +:103C3000CEB2DE70C0492800FFF776FA002800D126 +:103C400019E30A21FFF7F6FA3031CBB298464B461A +:103C50004246BA491A712800FFF766FA002800D1D7 +:103C60003CE30A21FFF7E6FA4B463031CEB25E71F3 +:103C7000B3492800FFF758FA002800D149E30A2188 +:103C8000FFF7D8FA3031CBB298464B464246AD49A1 +:103C90009A712800FFF748FA002800D159E30A2159 +:103CA000FFF7C8FA4B463031CEB2DE71A649280084 +:103CB000FFF73AFA002800D178E30A21FFF7BAFAB1 +:103CC0003031CBB298464B464246A0491A72280082 +:103CD000FFF72AFA002800D171E34B463030C6B214 +:103CE0005E72082303930233019353460BAD2C19E4 +:103CF0000B9326711F2B00D925E2534642465C1CCC +:103D0000EB182C601A711F2C00D95FE1039B002B6C +:103D100000D1ADE2019BDE1E4B469A5D631C2C195F +:103D20002B6022711F2B00D9D8E1002E00D1B2E206 +:103D3000019A5C1C161F4A46925DEB182C601A71A2 +:103D40001F2C00D9ECE1002E00D1AEE2019B5E1FDA +:103D50004B469A5D631C2C192B6022711F2B00D9D6 +:103D60001FE2002E00D1D0E2019A5C1C961F4A4649 +:103D7000925DEB182C601A711F2C06D900232021AC +:103D80000CA82B6020F07EFE2C68002E00D1D4E21F +:103D9000019BDE1F4B469A5D631C2C192B60227120 +:103DA0001F2B00D941E1002E00D104E34A46019EB9 +:103DB0005C1C083E925DEB182C601A711F2C00D918 +:103DC00043E1002E00D102E34B46019E093E9A5D7D +:103DD000631C2C192B6022711F2B00D94DE1002E82 +:103DE00000D156E1049A5C1CEB182C601A710A266B +:103DF0001F2C00D8E7E5002320210CA82B6020F021 +:103E000041FE2C68DFE5331D994633681A789846E1 +:103E1000002A25D000239A463B000BAD4746984622 +:103E2000631C2C1900262B6022711F2B0AD8013627 +:103E3000BA5D002A11D01C00631C2C192B60227162 +:103E40001F2BF4D9534620210CA801362B6020F0FB +:103E500019FEBA5D2B68002AEDD147461C00B34419 +:103E60004E460237FFF733FB394B5B22994600235E +:103E70000BAD9A46631C2C1900272B6022711F2B57 +:103E80000BD84A460137D25D002A12D01C00631CB1 +:103E90002C192B6022711F2BF3D9534620210CA81B +:103EA0002B6020F0EFFD4A460137D25D2B68002AD7 +:103EB000ECD1BB441C004746FFF709FB0B932D23B5 +:103EC0000BAD2C19237153461F2B00D9A1E173426E +:103ED000984601239C4654460226E24403934BE451 +:103EE000002320210CA80B9320F0CCFD0B9B79E53F +:103EF000002320210CA80B9320F0C4FD0B9B36E679 +:103F0000002320210CA82B6020F0BCFD2C68CEE5FE +:103F1000002320210CA82B6020F0B4FD2B68D5E5F0 +:103F2000002320210CA82B6020F0ACFD2C68DBE5E1 +:103F300002260FE67845001010270000A086010039 +:103F400040420F008096980000E1F50500CA9A3BB8 +:103F50009C450010002320210CA80B9320F092FD1B +:103F60000B9A9DE553460BAD2C190B9223711F2A1A +:103F700063D814000126EDE5002320210CA82B6056 +:103F800020F080FD2B68BDE51C000326E2E5002340 +:103F900002930233564698467BE5002320210CA865 +:103FA0002B6020F06FFD2C68BAE5002320210CA8BF +:103FB0002B6020F067FD2C6885E4002320210CA8ED +:103FC0002B6020F05FFD2C68FFF751FB00232021C0 +:103FD0000CA82B6020F056FD2C6897E60426B9E566 +:103FE000030030001E00032302930233984650E57D +:103FF0000BAD0B93049B2C19237153461F2B00D937 +:10400000C0E154460126DEE4002320210CA82B60E9 +:1040100020F038FD2B68FFF780FB002320210CA83F +:104020002B6020F02FFD2B68A1E4002320210CA899 +:104030002B6020F027FD2B68B5E60B9020210CA803 +:1040400020F020FD01260B9C84E5002320210CA8F4 +:104050002B6020F017FD2C68B3E6002320210CA86C +:104060002B6020F00FFD2C6890E4002320210CA889 +:104070002B6020F007FD2B6897E4002320210CA87B +:104080002B6020F0FFFC2B68A9E6039E1C0009367C +:1040900099E41C00092696E4030030001E00012369 +:1040A000029302339846F4E4002320210CA82B60ED +:1040B00020F0E8FC2B6841E5002320210CA82B60B0 +:1040C00020F0E0FC2B68FFF7E3FA002320210CA886 +:1040D0002B6020F0D7FC2B68FFF705FC0023202184 +:1040E0000CA82B6020F0CEFC2B681EE61C000526D9 +:1040F00030E50223029302339846CAE400232021CC +:104100000CA82B6020F0BEFC2C68FFF7FCFB002302 +:1041100020210CA82B6020F0B5FC2C68FFF7C8FA12 +:10412000002320210CA82B6020F0ACFC2C680AE6B0 +:1041300006260FE5002320210CA82B6020F0A2FC0E +:104140002A68FFF78CFA002320210CA80B9320F09B +:1041500099FC0B9B9A46D0E5002320210CA82B60EC +:1041600020F090FC2B689A46FFF7A4FB53462B6087 +:10417000059B2C19237153461F2B00D9FAE0544696 +:1041800021E453460398EB182A6018711F2A00D8BF +:10419000EFE629600CA8202120F074FC01262C6891 +:1041A000D8E4002320210CA82B6020F06BFC2B68A6 +:1041B000D7E5002320210CA82B6020F063FC2B689E +:1041C000FFF786FA002320210CA82B6020F05AFC70 +:1041D0002B68FFF7A8FB1C000726BBE4042302930F +:1041E0000233984655E4059B019300230493023360 +:1041F0009846FFF757FB049B98460023039302332E +:10420000019372E5002302930233039E9846FFF761 +:104210001EFA002320210CA80B9320F033FC0B9BEB +:104220009A4654E6030030001E0005230293023331 +:1042300098462EE43300019E019301230493023338 +:104240009846FFF72FFB3300464698460123039319 +:104250000233019349E50B0031001E000123029354 +:1042600002339846FFF7F3F9039E0236FFF7ABFBE4 +:104270000226FFF7A8FB022303930233019334E5E0 +:10428000039E1C000336FFF79EFB022304930233B8 +:104290009846FFF707FB1C000326FFF794FB022359 +:1042A000029302339846FFF7D2F90426FFF78BFBFF +:1042B0000B0031001E000323029302339846FFF7E0 +:1042C000C6F93300019E01930323049302339846F9 +:1042D000FFF7E8FA039E0436FFF775FB3300464606 +:1042E00098460323039302330193FEE404230493CB +:1042F00002339846FFF7D6FA002320210CA82B6042 +:1043000020F0C0FB2C68FFF75CFB1C000526FFF7C4 +:104310005AFB0423039302330193E6E4042302933C +:1043200002339846FFF793F9039E1C000536FFF70A +:104330004AFB039E0636FFF746FB0626FFF743FBC4 +:104340003300019E01930523049302339846FFF73F +:10435000A9FA330046469846052303930233019396 +:10436000C3E40B0031001E0005230293023398467C +:10437000FFF76DF9286020210CA820F083FB2C6842 +:10438000FFF721FB0B9020210CA820F07BFB0126DE +:104390000B9CFFF718FB0623049302339846FFF7A4 +:1043A00081FA039E1C000736FFF70DFB06230393DB +:1043B0000233019399E41C000726FFF704FB330046 +:1043C0004646984607230393023301938DE408265B +:1043D000FFF7F9FA3300019E019307230493023398 +:1043E0009846FFF75FFA039E0836FFF7ECFAC046DF +:1043F00011DF704710DF704700B585B00293079B4F +:104400000191039301A9069BFFF7F2FF05B000BDE0 +:1044100012DF70470BDF704713DF704715DF7047FF +:1044200017DF704718DF70475C3B0010683E0010D4 +:10443000683E0010683E0010683E0010683E0010A4 +:10444000683E0010683E0010683E0010683E001094 +:10445000683E0010683E0010683E0010683E001084 +:10446000683E0010683E0010683E0010683E001074 +:10447000683E0010683E0010683E0010683E001064 +:10448000683E0010683E0010683E0010683E001054 +:10449000683E0010683E0010683E0010683E001044 +:1044A000683E0010683E0010683E0010683E001034 +:1044B000683E0010683E0010683E0010683E001024 +:1044C000683E0010683E0010683E0010683E001014 +:1044D000683E0010683E0010683E0010683E001004 +:1044E000683E0010683E0010683E0010683E0010F4 +:1044F000683E0010F2390010683E0010683E00105F +:10450000683E0010683E0010683E0010683E0010D3 +:10451000683E0010683E0010683E0010683E0010C3 +:10452000CE39001050370010683E0010683E001071 +:10453000683E0010683E001050370010683E0010C2 +:10454000683E0010683E0010683E0010683E001093 +:10455000683E001044350010683E0010683E0010B0 +:10456000063E0010683E0010B03B0010683E001090 +:10457000683E0010983B0010303132333435363706 +:1045800038396162636465663031323334353637C9 +:104590003839414243444546307800005B556E73DC +:1045A0007570706F72746564205461675D000000FF +:1045B00000000000000000000000000000000000FB +:1045C000F0B5CE46474680B58DB000F00DF9002815 +:1045D00025D106AB81279846734C08AE7F428021D7 +:1045E000012009064042FFF715FF0300C20676D4FA +:1045F000820645D4420614D4020600D59BE08020F2 +:10460000400003420CD02100FFF706FF2568AB1CD9 +:1046100000DAC5E0002D00DBB1E00021A6E0FEE7F6 +:10462000FEE721004020FFF7F7FE21688B1C00DA2F +:10463000A4E00029F1DB00D0A0E023696068082B2A +:1046400000D0AFE0226A0C2A00D0ABE04246FFF770 +:10465000E5FE2369984200D0A4E0069A079B0096E5 +:10466000A06800F02BF9051E05D1236A3200002155 +:104670006068FFF7D5FE29006068FFF7D3FEAEE75C +:1046800021002020FFF7C8FE21688B1C00DA88E09B +:104690000029C2DB00D084E023696068082B69D15F +:1046A0006269042A66D13200FFF7B8FE2369984296 +:1046B00060D1636905AA01216068FFF7AFFE6369F5 +:1046C000984257D143460293236A0193059B009376 +:1046D000A068089A099B00F0C5F8010046E0210097 +:1046E0001020FFF799FE21688B1C46DB002994DB24 +:1046F00043D12369A5686068082B3BD1A269042ACD +:1047000038D13200FFF78AFE2369984232D1A3697B +:10471000424602216068FFF781FEA369984229D1D1 +:10472000069B2800019363690093089A099B00F097 +:1047300069F801001AE021008020FFF76DFE216872 +:104740008B1C19DB002900DA67E715D12369606843 +:10475000082B0FD13200FFF761FE2369984209D17F +:10476000089A099BA06800F0CDF801006068FFF787 +:1047700059FE34E73900F9E7FEE7FEE7FEE7002DD2 +:104780000ED1236A9946042BF4D100F0E1F82900F8 +:1047900008904B4632006068FFF742FE2900E5E7CB +:1047A000FEE7FEE73D0066E7009C0008074B10B5FA +:1047B00002000C0058680B000121FFF72FFE201AA1 +:1047C000441EA04180234042984310BD009C000835 +:1047D00010B50B000349020048680021FFF720FED6 +:1047E00010BDC046009C000810B500F0B3F80028CA +:1047F00000D110BD00F0E8F90028FAD100F0AAF8C5 +:10480000F7E7C04630B51D00130083B014002B43FA +:104810001FD00723079A9A431ED10123104A5B42F7 +:1048200012196B41002B09D0069B02000093200057 +:10483000079B290000F0CEF803B030BDFF2AF3D863 +:10484000079B22000193069B00932B0029F044FF55 +:10485000F2E787204042EFE786204042ECE7C0467F +:1048600000FFFFFF30B51D00130085B014002B437F +:104870001FD00123104A5B4212196B41002B0BD051 +:104880000A9B02000193099B200000932900089BCA +:1048900000F06EF805B030BDFF2AF1D80A9B220067 +:1048A0000293099B0193089B00932B0029F018FFAA +:1048B000F0E787204042EDE700FFFFFF30B51D0025 +:1048C000130083B014002B4317D001230C4A5B4222 +:1048D00012196B41002B07D00200069B2000290013 +:1048E00000F00CF903B030BDFF2AF5D8069B22007A +:1048F00000932B0029F022FFF4E787204042F1E7E4 +:1049000000FFFFFF70B51D00130014002B4316D0ED +:1049100001230E4A5B4212196B41002B08D00200A2 +:104920002900200000F012F9030095330AD070BD71 +:10493000FF2AF4D822002B0029F01EFFF7E787207A +:104940004042F4E784204042F1E7C04600FFFFFF09 +:104950000020704710B5044C200000F013FA034B00 +:10496000283C5C6010BDC046609C0008309C00087C +:10497000F8B5154D1E002B0000F07EFB041E01D083 +:104980002000F8BD114F2868390000F001FD041E19 +:1049900004D1FD69B54208D28724644280220021F7 +:1049A00012013800FBF7CBFEEAE7069BAD1B9D42E8 +:1049B00007D8074829003018FFF70AFF079B1D603A +:1049C000ECE71D00F5E7C046309C0008389C000865 +:1049D000609C0008F0B557464E46DE4645469A466E +:1049E000FB23E0B583B091460C9A06000F00DB0074 +:1049F0009A4269D83E4B4A46984600F03DFB041E59 +:104A000011D003003B4D8C334CD080220021120189 +:104A10002800FBF794FE200003B03CBC904699466A +:104A2000A246AB46F0BD4346324D1868290000F05F +:104A3000AFFC041EE9D16B6ADB0742D453466B62BC +:104A40000C9B2B6243461B68019301239B462A4B18 +:104A50000C9918009A46FFF7A9FE041ED5D1282309 +:104A60005B429C46E24453460C9A41465846DA6102 +:104A700000F050FA041EC8D143465146186800F0B1 +:104A8000C7FC041EC1D143464A463000390000F03D +:104A900077FA041E25D1019B002B18D100F044FBAE +:104AA0000400B2E78022002112012800FBF747FE34 +:104AB0000C9B2B6253466B6202239B46002301939F +:104AC000C5E785246442A0E787246442A3E700F099 +:104AD0002BFB041E99D101980021FDF705F9040074 +:104AE00093E7434600211868FDF7FEF88DE7C046BE +:104AF000309C0008389C0008609C0008F8B5114DF7 +:104B00001F002B0000F0B8FA041E01D02000F8BDF1 +:104B10000D4E2868310000F03BFC041E06D08022B8 +:104B2000002112013000FBF70AFEEFE78022F36953 +:104B300012017B60736A0021BB603000FBF7FFFD50 +:104B4000E4E7C046309C0008389C0008F8B54746AA +:104B5000CE461B4D80B52B0006000F00904600F09E +:104B60008BFA041E04D020000CBC90469946F8BD78 +:104B7000144B28681900994600F00AFC041E05D160 +:104B80004B465B6ADB0708D58524644280220021FE +:104B900012014846FBF7D3FDE5E7424630003900F5 +:104BA00000F08EFA041EF1D12D6800F0BDFA041E4B +:104BB000ECD128000021FDF797F80400E6E7C04695 +:104BC000309C0008389C000810B500F0C5F810BDF6 +:104BD000F0B583001A4C5E58A544CA686B460C00B9 +:104BE0003100184F1C31DA5105003A006846FBF7D6 +:104BF0008AFDF5226946D200300000F0A5FB0028AE +:104C000005D10223641923720F4B9D44F0BD236923 +:104C1000002B03D1641901332372F5E76A46D3519F +:104C2000F5226946D200300000F08EFB431E984109 +:104C3000012340429843033064192072E4E7C046E0 +:104C400054F8FFFFA4070000AC070000F0B5CE4603 +:104C50004746002380B53B4C0020A544039300F059 +:104C600037FC041E06D02000374B9D440CBC9046F8 +:104C70009946F0BD03A9002000F01EFC041EF2D1ED +:104C800000F060FA041EEED1304D039C280000F0C5 +:104C9000B7FA290004AE2E4A1C313000B450FBF79D +:104CA00032FDF5223100D200280000F029FB041E5D +:104CB00041D100F08DFA041ED5D1F827254BFF0015 +:104CC0009946EB5C3A00581C00949846C1172B009B +:104CD000FCF780FF041EC6D14A46EB5D3100AB54A1 +:104CE000434604900120EB55039D00F0E5FB0028AE +:104CF00024D1049B9D4209D9012000F0E9FB041E48 +:104D0000B1D1049B013304939D42F5D831000220B8 +:104D100000F0D2FB002811D1049B9D4209D902204A +:104D200000F0D6FB041E9ED1049B013304939D42E8 +:104D3000F5D8002497E700F04BFA94E78424644206 +:104D400091E7C04644F8FFFFBC07000038A4000804 +:104D5000A4070000C107000010B500F0A3FB002865 +:104D60000DD1F922064CD20000212000FBF7E7FC10 +:104D70000123F8222377D200A354FFF767FF10BD69 +:104D800038A400080023F0B589B003AC2372637225 +:104D9000E3602361F8235E4E02AF6060DB000197A1 +:104DA00000960022012000210396FCF73FFF002817 +:104DB00001D0012323720197636800220093F82336 +:104DC0000220DB000021FCF731FF002801D0012385 +:104DD000637200F0B7F9051E02D0280009B0F0BDDB +:104DE00000F060FB051E0BD106A9002000F064FB5B +:104DF000051E05D13900012000F05EFB051E02D022 +:104E000000F0E6F9E9E707A9022000F055FB051ECE +:104E1000F6D12369029A934200D02061237A012BB4 +:104E200003D021000020FFF7D3FE637A012B03D0CB +:104E300021000120FFF7CCFE00F0CAF9051ECCD1FD +:104E4000039B1B7F012B01D00123237261680B7F21 +:104E5000012B01D00123637202232289FF339A427E +:104E600052D0237A012B4CD0637A012B01D0022B34 +:104E70003DD0F823802202200021DB005200F252B4 +:104E8000FCF732FF051E02D003008C33A5D10023AE +:104E900039000120E468029300F00EFB002833D1B2 +:104EA000029B9C420AD9012000F012FB051E00D093 +:104EB00093E7029B013302939C42F4D8390002200D +:104EC00000F0FAFA00281FD1029B9C420AD9022066 +:104ED00000F0FEFA051E00D07FE7029B013302932B +:104EE0009C42F4D8300000F081F9002575E7F822E3 +:104EF0000123D200B3523000FBF705FC0120002152 +:104F0000BEE7F822D200F5E784256D4265E7C0468A +:104F100038A4000870B50D0000282CD00024002112 +:104F2000164B1A685E6832430CD14A1C01383D2A80 +:104F30000ED0203300280DD00C005E6811001A68D6 +:104F40003243F2D001313D2901D02033E9E721007D +:104F500000280DD1CC1C20000021FCF7C5FE002844 +:104F600002D100202C6070BD03008C33FBD1F8E728 +:104F70008E204042F7E787204042F4E768A400080B +:104F8000F0B5454657464E46DE46E0B5984689B0F0 +:104F900005000F001600364B002403E001342033D7 +:104FA0003D2C49D01A68AA42F8D15A68BA42F5D1C4 +:104FB0009A689642F2D12F4B0134994664014C44D1 +:104FC000202221006846FBF79EFB236920229B4696 +:104FD0006369002120009A46FBF7B1FB43461A683B +:104FE000D31E5B014B441D639E635F634346951E66 +:104FF0006D014D44596810222800FBF784FBFFF730 +:1050000025FE061E10D05B465246134307D05B4672 +:1050100005926946202220000493FBF774FB2022AE +:1050200000212800FBF78BFB300009B03CBC904608 +:105030009946A246AB46F0BD43461A680D49D31EB9 +:105040005B01CB181D639E635F634346951E6D0134 +:105050006D18102259682800FBF755FBFFF7F6FD85 +:10506000061EE1D0202200212800FBF768FBDBE7C9 +:1050700068A4000838A4000870B50F4C002503E0B0 +:10508000013520343D2D14D026688642F8D166685B +:105090008E42F5D1A668B242F2D1EA1C691C074DD6 +:1050A00049011A60586849191022FBF72CFB0020AF +:1050B00070BD8C204042FBE768A4000838A40008BB +:1050C00030B5174B89B0002403E0013420333D2C68 +:1050D00023D01D688542F8D15D688D42F5D19D6869 +:1050E000AA42F2D10F4B013464011C192022210085 +:1050F0006846FBF708FB202200212000FBF71FFB7E +:10510000FFF7A4FD051E02D1280009B030BD202202 +:1051100069462000FBF7F7FAF6E78C256D42F3E7C6 +:1051200068A4000838A4000810B5044A044BD05CF9 +:105130000130C117FCF7D8FD10BDC04638A40008E7 +:10514000C107000030B58BB00021202202A8FBF778 +:10515000F6FA00230093C0239B000493164B01AC86 +:105160000593164B16490193802368462383FDF768 +:10517000F7FE002801D00BB030BD0C23114A1249B4 +:105180006846FDF745FF00280FD1104D69462A00FB +:105190002000FDF771FF002807D16846FDF7B8FD34 +:1051A0000028E8D02888FCF74DFE6846FDF7B0FDE2 +:1051B00084204042DFE7C046021040060100004064 +:1051C000000F00B0E4540010010200000CAC000815 +:1051D000054B10B51888FCF735FE002800D110BD2E +:1051E00084204042FBE7C0460CAC0008010010B52B +:1051F00010310C220148FBF786FA10BD00AC000804 +:10520000F0B583B06C460E4923000A0060CA60C343 +:105210000122009E019F002392197B41009201937D +:105220001A4353425A410B008D681030AD1844CCDC +:1052300044C38D600C22FBF766FA03B0F0BDC04694 +:1052400000AC0008F0B51500020089B0109F060000 +:105250001148119C008805970F9F029304970E9F99 +:10526000019500911032069403970C230B49FDF72A +:1052700087FA051E0CD10F9B21689C4610392160CE +:10528000102261443000FBF73EFA280009B0F0BD5F +:1052900084256D42F9E7C0460CAC000802104006B8 +:1052A000F0B5C6460400904600B588B00E9D0F00CC +:1052B0005819102221001E00FBF725FA0E4B220080 +:1052C0001888119B10350693109B103205930F9B85 +:1052D0000395049343460296019300970C230749D4 +:1052E000FDF7A2FA002803D108B004BC9046F0BD37 +:1052F00095204042F8E7C0460CAC0008021040067A +:10530000030030B514008BB002000D4809AD0088D1 +:105310000695049310250023009103930293103205 +:10532000059501940C330749FDF72AFA002804D1AA +:10533000099B102B01D10BB030BD84204042FAE70D +:105340000CAC00080210400630B503008BB015000D +:1053500002000D4809AC00880694002405940494CA +:105360001034029300911032039401950C230749E5 +:10537000FDF75AFA002804D1099B002B01D10BB08C +:1053800030BD95204042FAE70CAC00080210400600 +:10539000F0B589B005AB01930B0010330093802367 +:1053A0000D001B01002200210400FCF73FFC002837 +:1053B00001D009B0F0BD059E0694FFF7C3FE00289A +:1053C000F7D134002F00104E0C3C1C37220039005E +:1053D0003000FBF798F907AB03930C4B019702934E +:1053E00000943300042206A92800FFF759FF002883 +:1053F00005D1079B9C4202D1FFF7EAFED9E7FFF7F0 +:10540000E7FE84204042D4E710AC0008E407000027 +:10541000F0B5CE46474680B587B006000C00CD6992 +:105420000490FFF78FFE002804D007B00CBC904614 +:105430009946F0BD1C232F0098462000FFF7E0FEA0 +:1054400005AB0393154B0C370293154BA0449946BB +:10545000019300974346042204A92000FFF7F2FEBF +:10546000002815D1059B9F4212D13A00494640467B +:10547000FBF749F9FFF7ACFE0028D6D123002A003C +:1054800000901033183230000021FCF7A3FBCCE76A +:10549000FFF79EFE84204042C7E7C046F4070000A5 +:1054A00010AC000810B529F0F3FA431E984183238D +:1054B0004042984310BDC04610B50A00042129F0AF +:1054C00057FB431E984183234042984310BDC0467A +:1054D00010B529F0B5FB431E984183234042984301 +:1054E00010BDC04673746F726167655F6B6579004C +:1054F00000000000000000000000000000000000AC +:10550000F0B5CE46474680B58DB000F0E9F80028EA +:1055100022D106AB81269846644C08AD76428021A4 +:10552000012009064042FEF775FFC30616D4830624 +:105530006FD4430642D403060FD521008020FEF726 +:105540006BFF0028EBD121688B1C00DA94E0002966 +:1055500000DB95E000218BE0FEE7FEE72100102054 +:10556000FEF75AFF0028DAD121688B1C00DA9CE094 +:105570000029EFDB00D098E023696068082B00D099 +:105580007BE0A769042F78D1626991462A00FEF773 +:1055900045FF082871D13B00424602216068FEF7B2 +:1055A0003DFF042869D1069B01934B460093A068F8 +:1055B000089A099B00F0C6F8010059E0210040203C +:1055C000FEF72AFF0028AAD121688B1C6CDB00297A +:1055D000C0DB69D123696068082B63D1226A0C2A79 +:1055E00060D14246FEF71AFF08285BD1069A079B56 +:1055F0000095A06800F094F9071E05D101000C2366 +:105600002A006068FEF70CFF39006068FEF70AFFA9 +:1056100085E721002020FEF7FFFE002800D07EE76E +:1056200021688B1C2BDB002994DB28D1236960685F +:10563000082B22D16769042F1FD1226A91462A00C4 +:10564000FEF7ECFE082818D13B0005AA012160688E +:10565000FEF7E4FE042810D1434602934B46019323 +:10566000059B0093A068089A099B00F0F5F80100DB +:105670006068FEF7D7FE52E7FEE73100F8E7FEE785 +:105680000029F9D123696068082BF6D12A00FEF7BA +:10569000C5FE0828F1D1089A099BA06800F06EF9B0 +:1056A0000100E5E73700AFE7FEE7FEE760C200086C +:1056B00010B50B000349020048680121FEF7AEFE59 +:1056C00010BDC04660C2000810B50B0003490200BF +:1056D00048680021FEF7A4FE10BDC04660C2000865 +:1056E00010B5002000F07EF9144C0100200000F0FD +:1056F000FDF900280BD0200000F0FEF9002800D0B2 +:1057000010BD00F06FF90100200000F0EFF901205A +:1057100000F068F90A4C0100200000F0E7F90028C9 +:10572000EED0200000F0E8F90028E9D1013000F0C7 +:1057300059F90100200000F0D9F9E1E790C600080E +:10574000A4C60008F0B5DE4657464E464546110051 +:10575000E0B5194385B0002900D16DE007210F9C09 +:105760008C4366D10393374B0292984602AA01C339 +:1057700012CA12C380235B00984257D0324B99461D +:10578000324C41462200484600F02AFA071E42D118 +:10579000A368DB0753D44146484600F0B1FA071E20 +:1057A0003CD180230E9EDB009E4200D91E00284B78 +:1057B00031009A461800FFF77BFF534601930F9B79 +:1057C0000E9A009341463300484600F099F9071EAF +:1057D00024D10E9B9C1B03D120E07619641B1DD0A5 +:1057E00080232500DB009C4200D91D002900504683 +:1057F000FFF75EFF53462A000093414633004846B8 +:1058000000F014FA83460028E7D04146484600F0ED +:1058100077FA5F4602E003008C33C2D0380005B04F +:105820003CBC90469946A246AB46F0BD094B994612 +:10583000A6E786277F42F1E787277F42EEE78527A5 +:105840007F42EBE7B8C6000890C60008C4C600084F +:1058500090C20008A4C60008F0B54E46DE46574682 +:1058600045461100E0B585B00E9E19434AD003931A +:10587000264B0292994602AA01C312CA12C3802380 +:105880005B0098423BD0224B9A46224C494622006C +:10589000504600F0A5F9071E27D12468B44231D341 +:1058A0000F9BA41B9C4228D8109B1C601A4B984647 +:1058B0008023DB009B4606E029004046FFF704FFFB +:1058C0007619641B11D025005C4501D98025ED00B7 +:1058D00043462A00009349463300504600F096FAAA +:1058E000071EE9D00023109A1360380005B03CBCB5 +:1058F00090469946A246AB46F0BD1C00D4E7074B44 +:105900009A46C2E787277F42EFE7C046B8C600083D +:1059100090C60008C4C6000890C20008A4C60008CB +:10592000110070B582B0069C19431BD00F4901933A +:105930000B0000926A4601C360CA60C380235B000B +:1059400098420DD00A480B4D2A0000F049F9002872 +:1059500004D12B6823606360AB68A36002B070BDA4 +:105960000548F0E787204042F8E7C046B8C600087F +:1059700090C60008C4C60008A4C60008110070B58F +:10598000194382B0002922D0124C019323000092C7 +:105990006A4601C322CA22C380235B00984211D009 +:1059A0000D4E0E4D21002A00300000F019F900289C +:1059B00006D1AB68DB0707D42100300000F0A0F966 +:1059C00002B070BD064EECE785204042F8E7872024 +:1059D0004042F5E7B8C6000890C60008C4C60008F3 +:1059E000A4C6000810B5044B8000C45820002368EA +:1059F0009847200010BDC046B06B0010F0B54E4671 +:105A00004546DE465746E0B5C3B04D9D06008B4681 +:105A100090469946002D29D080235B009A4610E0DD +:105A20000094434602AA59463000F768B847002858 +:105A300015D14C9BA0449C46A44463462D1B4C931B +:105A400014D02C00554501D98024640000944C9B4F +:105A500002AA49463000B768B8470028E0D043B0F2 +:105A60003CBC90469946A246AB46F0BD0020F6E706 +:105A700010B5040082B01C3001A927F0B9FE618C7A +:105A80000198FDF751FB238DA084002B0AD0638D74 +:105A9000002B02D127F0EEFE6085200000F0EAF92D +:105AA00002B010BD27F0CEFE2085F0E710B504004F +:105AB00082B01C3001A927F0F5FE618C0198FDF73A +:105AC00033FB238DA084002B0BD0638D002B03D1DF +:105AD00027F02AFF03306085200000F0CBF902B0E8 +:105AE00010BD27F009FF28302085EEE710B50160D2 +:105AF00000F05AFB10BDC04610B500F0DFFD10BD30 +:105B0000F0B54746CE4680B59946036891B01B8DE7 +:105B100004008846170093425FD304AA00F0C8FA35 +:105B200000285AD004AB05AE08AD0093029601954B +:105B3000189B3A004146200000F0C4FC002844D1E4 +:105B40004B46002B1FD04A460021E86800F0A8FF12 +:105B500000283FD1199B2A0001934B463100009346 +:105B60002000002300F020FA002833D14B4629689A +:105B700020003768AB6000F095FA2A683060390081 +:105B8000200000F0DDFE32000899200000F0DCFE6D +:105B900000281FD12A000499200000F069FF002886 +:105BA00018D10499200000F045FA002812D12B6882 +:105BB000002B02D14B46002B04D1200000F0B0FB9B +:105BC000002807D1200000F07BFB11B00CBC9046F0 +:105BD0009946F0BD84204042F7E787204042F4E731 +:105BE00070B58CB0150003AA04000E0000F060FA36 +:105BF000002817D1200004AA039900F0D9FB041E45 +:105C00000DD10C2209A93000FAF76EFD002809D148 +:105C1000079B6B60069B01932B60089BAB60200089 +:105C20000CB070BD8C246442F9E7C04670B590B0EA +:105C3000160004AA04001D0000F03AFA00285BD107 +:105C400008AA0499200000F0B3FB002854D105AA4B +:105C50000899200000F0FCFB00284AD10A9B03931E +:105C60009D4246D80B9B320029001800039300F098 +:105C700017FF00283DD1149B0096019308AA2B0022 +:105C800005A9200000F090F9002832D10A9BAD1937 +:105C900003939D4226D808992000059D00F002FA42 +:105CA000089A05902900200000F04AFE05AA0899EC +:105CB000200000F049FE00281BD108AA049920000A +:105CC00000F0D6FE002814D10499200000F0B2F9AB +:105CD00000280ED1089B002B06D1200000F0F0FA1E +:105CE00010B070BD0A95D6E7200000F019FB00281F +:105CF000F3D084204042F3E78C204042F0E7C046D6 +:105D0000F0B54646D6464F46C0B503688EB005AAE4 +:105D100005005E8C00F0CCF9002800D070E006AAE7 +:105D20000599280000F044FB002805D00EB01CBCEB +:105D300090469946A246F0BD0BA800F0BDFE002893 +:105D40005ED1079B20229846099B002106A8069F4A +:105D50009946FAF7F4FC06AA0599280000F088FE97 +:105D60000028E3D12B685B8D002B30D0002200246B +:105D700092460BE006AA2100280000F079FE0028D8 +:105D8000D4D12B685B8D0134A34222D9059AA2425B +:105D9000F9D006AA2100280000F00AFB0028C5D18E +:105DA000069B0393BB42E5D10BA800F085FE0028BB +:105DB000E0D1079B4345DDD99E4200D91E004A46EB +:105DC0009B1A0793099B9C460393E244D2E7002366 +:105DD0009A465346019343464A460093390033009E +:105DE000280000F06BF80028A0D1002F04D0280074 +:105DF00000F096FA002806D1280000F061FA95E735 +:105E00008C20404292E7842040428FE7F0B58FB06B +:105E1000170005AA04000D001E0000F049F9002833 +:105E200025D106AA0599200000F0C2FA00281BD14E +:105E30000C220BA92800FAF757FC002817D1089B61 +:105E40003A0031001800039300F02AFE002801D028 +:105E50000FB0F0BD149B3200009306A93B00200058 +:105E600000F086F80028F3D084204042F0E78C2030 +:105E70004042EDE710B5838C012B12D9032B10D0D3 +:105E8000418D448C4901022B0DD0008D023B5A00FC +:105E9000D3189B0008315B18A34203DCA0420BD946 +:105EA000FEE7FEE7FEE70B00008D1433E31A98428D +:105EB00001DC0123EBE7FEE710BDC046F0B5C646A6 +:105EC00000B588B0170005AA05000E00984600F03E +:105ED000BFFA041E04D0200008B004BC9046F0BDF8 +:105EE000079B31009C46280067440393079700F006 +:105EF000D9F80F9B0700002B23D1069A0E9B05991A +:105F00009A4212D33200280000F01AFD05AA31008F +:105F10002800059700F018FD041E23D1002EDAD0CA +:105F20002868036998470400D5E7981A01900B0088 +:105F3000009239002868FFF761FD00280FD105990C +:105F4000E0E7059B010003930F9B0E9A01934346E4 +:105F500028680093039BFFF751FD0028CDD08424CF +:105F60006442B8E732003900280000F0E9FCB2E7EB +:105F7000F0B587B00D001400096803AA06001F00E1 +:105F800000F066FA00280BD103994B1C08D030684A +:105F90006B680097E3180C9A8468A04707B0F0BDBF +:105FA00084204042FAE7C046F0B54746CE46160088 +:105FB00080B50F0083B011681C00050000F072F876 +:105FC00073687A689C466444A31A019300928046E1 +:105FD00001003B682868FFF711FD00280AD10A9BE1 +:105FE00028680093C3680B9A994641462300C84726 +:105FF000002804D003B00CBC90469946F0BDF1686F +:1060000073688C4663441A002968B868498C3B68F9 +:10601000091A891A0191009241462868FFF7EEFC9F +:106020000028E7D13368002BE4D02868036998473B +:10603000E0E7C046F0B507000569C668006883B0B0 +:10604000838C022B20D0023B5A00D21892000832D7 +:106050004C010194009233002900FFF7CFFC002887 +:1060600010D13F68B98C022919D002394B00591858 +:10607000890022007B8D28325B01083352185B189F +:10608000934203D803B0F0BD1422E1E79B1A0193B9 +:106090000092330029003800FFF7B0FCF2E70C2132 +:1060A000E7E7C046002901D0406870470069FCE777 +:1060B000F0B545464E46DE465746E0B50500006859 +:1060C0008DB0438D89469046002B67D00024202652 +:1060D00042E02B68049A9B8C022B5AD0023B9A42D6 +:1060E0004BD209A800F0E8FC002829D12868079ABB +:1060F000038D9A4241D8069B03939A423DD3049B59 +:1061000005990393002B16D1438D9B46838C9A46A9 +:10611000022B40D002235B429C46E24453465B0084 +:106120009C46D44463469B009C465B465B01083317 +:106130006344994221D3408C00F0B2FC00281CD16A +:106140000C22494609A8FAF7CFFA002829D0286876 +:106150000134438DA34221D9818C022917D0023901 +:106160004B00591889006301009608335B18876853 +:1061700004AAE968B847071EABD084277F423800DD +:106180000DB03CBC90469946A246AB46F0BD0C21F2 +:10619000E9E70123A3E70C239C46C6E78C277F424F +:1061A000EDE743461C60EAE7F0B50400006887B0FD +:1061B00043689847002801D007B0F0BD0825206843 +:1061C00000958668002302AA0021B047002817D056 +:1061D00020688668082304AA009301210023B047A1 +:1061E00000280AD16B461B7D012B06D16B465A7DD8 +:1061F0002C232068C35C9A4239D184204042DBE7DB +:106200006B4620681B7B8668012BE3D16B462C27ED +:106210005A7BC35D9A42DDD00095002304AA012178 +:10622000B047002826D001230021206823610823DD +:106230000093E160221D85680023A8470028DCD177 +:10624000237A012BD9D120682B33627AC35C9A421E +:10625000D3D04369216998470028ADD123689A8C2F +:10626000022AA9D961685A6918009047A4E7002357 +:106270000121DBE76B46197D012904D02368180052 +:1062800000210123D2E76B4620685A7DC55D0300DB +:106290009542F4D06B465D7B002A09D10023012D85 +:1062A000C4D1954289410023494295425B41BDE7F3 +:1062B000002DF6D1531E594259415A1E9341B5E75C +:1062C0002C2230B5437A04000133DBB243720068FC +:1062D00083B0825C9A4201D1002363720823009349 +:1062E000221DC56800232169A847002804D1206821 +:1062F00003699847002801D003B030BD2369E168E5 +:106300002068E3602161436998470028F4D123683D +:106310009A8C022AF0D961685A6918009047EBE715 +:106320000C2330B5040089B0006800938568043BF5 +:1063300005AAE168A847002823D1236805999A8C0B +:10634000914230D2079A0292069A0392588C029A8E +:10635000039900F0A5FB002825D1059B002202939C +:10636000012B10D9069B029393421CD12068E3684D +:106370002169448C079DA41A641B01940092FFF7C5 +:106380003DFB09B030BD2368998C5A8D02290DD090 +:1063900002394B005B189B0052010832D218069B51 +:1063A00002939342E2D098204042EAE70C23F3E7BD +:1063B00070B5050000681400828C82B0022A3ED0BD +:1063C000023A53009A18920049010B0008339B18B7 +:1063D0002022009286682200E968B047061E2BD171 +:1063E0002B6822689B8C022B2BD0023B9A422CD22A +:1063F0002000143000F060FB00281DD12868E268FE +:10640000038D9A4221D8A3689A421ED323686168FB +:10641000002B0CD1848C438D022C14D0023C6500DF +:106420002C19A4005B0108331B198B420DD8408C3A +:1064300000F036FB002808D1300002B070BD0C22FD +:10644000C2E70123D2E70C24ECE798267642F3E773 +:1064500070B514000C2205004B0082B000685B1878 +:1064600000929B00083386682200E968B047002844 +:1064700012D12B6821689A8C91421ED2588CA26846 +:10648000616800F00DFB002817D122680023012A63 +:1064900004D962689A4210D102B070BD2A68918C0A +:1064A000538D02290CD002394A00521892005B0128 +:1064B00008339B1862689A42EED098204042EBE77E +:1064C0000C22F4E7F0B557464E46DE464546E0B5A9 +:1064D0008DB00393169B04009B460C2302919146BA +:1064E000189D0068082700269A461DE020682A6843 +:1064F000838C9A4200D3B0E0AA68408C696800F0AF +:10650000CFFA021E206800D0A7E0296800230129E5 +:1065100000D892E06968994200D09EE0AB680C37E1 +:10652000994500D8A2E00136838C022B00D178E097 +:10653000023B9E4200D378E05346009383682A00D2 +:106540009846E1683B00C0470028CFD084235B42D7 +:1065500098462068438D002B55D00825002620271B +:1065600041E02368049A9B8C022B64D0023B9A4240 +:1065700049D209A800F0A0FA002829D12068079A7A +:10658000038D9A423FD8069B02939A423BD3049BC9 +:1065900005990293002B16D1438D9A46838C994618 +:1065A000022B60D002235B429C46E1444B465B00D9 +:1065B0009C46CC4463469B009C4653465B01083393 +:1065C00063448B421FD8408C00F06AFA00281AD12D +:1065D00009A800F071FA002864D120680136438DC3 +:1065E00020359E420FD2828C022A22D0023A5300DA +:1065F0009B189B0000978268EB189146E16804AAFB +:10660000C8470028ADD05A462B4B13608E235B42FF +:10661000984640460DB03CBC90469946A246AB46D3 +:10662000F0BD01239E4200D286E78E235B4298464E +:1066300090E70C23DEE7012399E7818C438D022943 +:106640000FD002398C464900614489005B01083350 +:106650005B186968994200D160E784235B429846E1 +:1066600078E70C21F2E70C239C46A6E79046179AA0 +:1066700002991660428CD31A179A536013004A4647 +:106680001800DA6014300C22FAF73DF80023179A4C +:10669000206893601300039A1A614A46AB689B1AFC +:1066A000AB6057E75B461E604346002BAED1024B02 +:1066B0009E42AED1AAE7C046FFFF0000F0B54E46AD +:1066C0004546DE465746E0B508258FB00400006811 +:1066D00000958668002303AA0021B047002800D057 +:1066E000E3E06B4620681B7C8668012B00D1DFE06D +:1066F00006AB994608234A46009301210023B04780 +:10670000002800D0F3E04B461B79012B00D0EEE0CF +:106710004B462C2221685B798A5C9A4200D1E6E0E4 +:1067200000250122E260256120682900436998471D +:10673000071E00D0B1E0012629002068714043699E +:106740009847071E00D0A8E060722068838C428DB5 +:10675000022B00D1C5E002216160991E4B0059183F +:1067600026722661E76089005201130008335B1826 +:106770000493428C0121D31A0593002303930C3315 +:106780000093C568043B03AAA847071E00D084E015 +:10679000256804906B8C0593AE8C022E00D19AE094 +:1067A00003239846032E13D06B692800414698476F +:1067B00025680743AE8C022E07D043469A1E01235C +:1067C0009C46F31EE0449A42EED3002F00D090E0A6 +:1067D00014239A46083B00279B4615E0F31E9F4270 +:1067E00016D2FB1C03935B460093EE68534603AA44 +:1067F00041462800B0470C239C460137E24400285C +:1068000000D06BE02568AE8C23699846022EE5D156 +:10681000202200214846F9F792FF6B8D002B1FD0F4 +:10682000202300279A4617E0023E73009E19B60007 +:1068300052467B01009208339B194A46EE68414656 +:106840002800B047002849D12369256898466B8DF8 +:106850000137BB4204D9AE8C022EE5D10C26E7E706 +:106860002C22637A0133DBB26372AA5C9A4201D1B3 +:106870000023637208230093221DEE680023414623 +:106880002800B047002829D1206803699847071ECF +:1068900003D12369E268E360226138000FB03CBC99 +:1068A00090469946A246AB46F0BD206886681FE731 +:1068B0006B462C275A7CC35D9A4200D118E706AB81 +:1068C0009946009500234A460121B047002813D07D +:1068D0000125002226E72369984699E784277F420D +:1068E000DBE7666026722661E7600C213CE7002545 +:1068F0001AE792277F42D0E74B461A79012AE7D15F +:1069000021685B79C95D994216D06946487C002BA5 +:106910000AD10025012800D004E7984292410025C1 +:10692000524298426D41FDE60028F6D15D1E6A4252 +:106930006A416B1E9D41F5E615000022F2E6C04655 +:10694000002A00D041607047F0B5CE4647460400AB +:1069500080B500680D0089B02169C668002D23D17B +:106960000C23116021690093043BB04700286AD1D1 +:106970002769E66820686B1C5D00ED18AD002A00F1 +:10698000818C0832022961D002394B005B189B00D0 +:106990005D1B0195009233003900FFF72FF809B015 +:1069A0000CBC90469946F0BD0C276B005B199B0010 +:1069B000984600970833B946B047002843D14B4664 +:1069C000206800938368E668994605AA0823310089 +:1069D0002769C847002836D1236805999A8C9142C7 +:1069E00031D2079A0292069A0392588C029A03991E +:1069F00000F056F8002826D1059B0293029A002346 +:106A0000012A25D9069A02929A421CD10C232068A9 +:106A10000093C3680597994605AA08232169C847CA +:106A2000002810D12068012DA5D943460C3B0193C5 +:106A300014231422009339003300FEF7DFFF0028EF +:106A4000ADD1206897E784204042A8E70C239FE758 +:106A50002268538D928C022A07D0023A51008A187C +:106A600092005B0108339B18CCE70C22F9E7C04683 +:106A700030B50500006883B0848C022C0ED0023C37 +:106A800063001C19A40049010B0008331B192024C2 +:106A900000942969C468A04703B030BD0C24F2E714 +:106AA000814205D8401A904280418623984370471E +:106AB00087204042FBE7C0460378002B24D143786F +:106AC000002B21D18378002B1ED1C378002B1BD142 +:106AD0000379002B18D14379002B15D18379002B32 +:106AE00012D1C379002B0FD1037A002B0CD1437A3A +:106AF000002B09D1837A002B06D1C07A434258413A +:106B00008B234042984300E000207047836910B512 +:106B10009B6800209847431E984191234042984328 +:106B200010BDC04610B50C001100428C5443C26920 +:106B3000944682696344E31818005469029AA04796 +:106B4000431E984191234042984310BD10B50C005C +:106B50001100428C5443C269944682696344E3182D +:106B600018009469029AA047431E9841912340421D +:106B7000984310BD0020704770B50400408C0E0093 +:106B8000002813D0002504E0238C608CED18A84267 +:106B90000CD9E36970439C46A36960444019DB69E2 +:106BA00098470028F0D09220404200E0002070BDBD +:106BB00000C2000830C20008000000000000000011 +:106BC000024A034BD358036000207047C04D0108B0 +:106BD00004140000F0B5DE4657464E464546E0B583 +:106BE000A9B000F00DF9002806D029B03CBC9046B1 +:106BF0009946A246AB46F0BD80217D48090202F0CD +:106C000047FA07F055FD002875D105F0F3FC002880 +:106C1000EBD112AB1800282200219846F9F78FFD1E +:106C200001235B429B46734C0AAD8021012009067B +:106C30004042FDF7EFFB102318425AD01CA9180060 +:106C4000FDF7EAFB002855D11C998B1C56DB002967 +:106C500055DB53D1282342461D98FDF7DFFB28283A +:106C600059D05B4601334FD02022002102A8F9F70A +:106C700066FD202200212800F9F761FD042701E0CC +:106C8000171E41D01CA98C467A1E930063441B69D1 +:106C9000002BF5D0434602932823039321AB99465A +:106CA000A0235B0101269A46BE423FD24B460321F8 +:106CB0001B685046DA1C8A4351466158401A82428A +:106CC0005DD81D985218019060185146009062508E +:106CD000020031000198FDF7A1FB02AA4946944643 +:106CE0000098F300D05004C9634489465A600136C5 +:106CF000DAE7FEE7FEE79320404276E7FEE7010091 +:106D00001D98FDF78FFB90E784277F4239001D987F +:106D1000FDF788FB89E743461B689B463F2BA3D9B9 +:106D2000012384275B429B467F42EFE7042101E079 +:106D3000111E33D01CA884464A1E930063441E6A69 +:106D4000002EF5D0A0267601A2590023B146009767 +:106D50008C4608E0A7181218D8002F5001332818C5 +:106D60004160634517D01CA882460327990051440F +:106D7000096AC81CB8434F46BF1AB842EAD9A022D4 +:106D800000218D271C4B52012000A150E1507F4271 +:106D9000F9F7D5FCBAE7A2511E00009F1E9B3900EF +:106DA0000093009A144B02A8E2505B46134A9B00E2 +:106DB000D3582A0099463300C8470023B14607003C +:106DC0001E004E4509D0F200AB1831005B68AA588E +:106DD0001D98FDF725FB0136F3E7A0220021064BA5 +:106DE00052012000A150E150F9F7A9FC8EE7C046FE +:106DF000C0CD0008C04D010804140000DCE60110FD +:106E0000892210B5520100210248F9F798FC0020B0 +:106E100010BDC046C86101080023F0B583B006006C +:106E200001A80D0014000193FFF7CAFE00282AD123 +:106E30002B68002B58D1002C59D02E4B206019689C +:106E4000002922D0892292009A58002A30D0892223 +:106E5000D2009A58002A2FD0274A9A58002A2FD0B9 +:106E6000892212019A58002A2ED0244A9A58002AC0 +:106E70002ED0234A9A58002A2ED0224A9A58002A05 +:106E80002ED08520404203B0F0BD012294460A0175 +:106E90005218D200521801219200019F995099185E +:106EA0004F608E6061460C329B1829602360EAE7D0 +:106EB000022201219446EAE7032202219446E6E7F2 +:106EC000042203219446E2E7052204219446DEE7EA +:106ED000062205219446DAE7072206219446D6E7E2 +:106EE000083207219446D2E789204042CBE7872029 +:106EF0004042C8E7C86101086C060000B40A0000FF +:106F0000D80C0000FC0E0000F0B5C646002300B50A +:106F100082B00568804601A80193FFF751FE071E65 +:106F200028D1013D072D2AD82C016019C000154E2B +:106F3000401980003358012B21D133185A68019928 +:106F40008A421CD19B680C30013B30180022032B75 +:106F500002D80D4A9B009A580021F9F7F0FB002354 +:106F600042466419E4006519AD0073517519AB60B0 +:106F70006B601360380002B004BC9046F0BD8727F8 +:106F80007F42F7E7C8610108DCE70110002370B514 +:106F900082B0050001A80E0014000193FFF710FE57 +:106FA000002816D1013E072E15D831018919C900D4 +:106FB0000A4A891989008B58012B0CD153189E68F5 +:106FC000AE4208D15B68019DAB4204D10C318918F7 +:106FD000216002B070BD89204042FAE7C861010813 +:106FE000F0B5CE4647461400002280B583B001922A +:106FF00001292AD1022B28D14368282B25D1636887 +:10700000042B22D103682768DE68A36801AA98468A +:10701000E36831003E6001209946FFF7B7FF051E87 +:1070200005D0280003B00CBC90469946F0BD230063 +:107030003E600C334A464146019804F055FB051E5C +:10704000EFD03800FFF760FFEBE782256D42E8E7FD +:10705000F0B5002483B00194022921D1012B1FD166 +:107060004368282B1CD15368042B19D10368156879 +:10707000D9688668C76801AA29600120FFF786FFE2 +:10708000041E02D0200003B0F0BD3A003100019888 +:1070900004F008FB041EF5D02800FFF735FFF1E7E8 +:1070A00082246442EEE7C046F0B5002483B0009429 +:1070B00001292AD1012B28D15368042B25D14368FB +:1070C000282B22D103681668D9689F680191DD8852 +:1070D0000021280000F068FB041E02D0200003B04D +:1070E000F0BD6A4601A90120FFF796FE041EF5D106 +:1070F000019B3A0033602900009804F0C9FA041E8D +:10710000ECD03000FFF700FFE8E782246442E5E7B7 +:10711000F0B5002483B0009401292AD1012B28D195 +:107120005368042B25D14368282B22D103681668A5 +:10713000D9689F680191DD880021280000F034FBA8 +:10714000041E02D0200003B0F0BD6A4601A9012050 +:10715000FFF762FE041EF5D1019B3A00336029005F +:10716000009804F09AFA041EECD03000FFF7CCFE31 +:10717000E8E782246442E5E7F0B5D6464F46464646 +:1071800014000022C0B584B00392022930D1022B32 +:107190002ED14368282B2BD16368042B28D1036898 +:1071A0002668D968C36887689846A368012099460D +:1071B000E3683160E26003AA9A46FFF7E7FE051E26 +:1071C00006D0280004B01CBC90469946A246F0BDEB +:1071D00053460C34009301944B46424639000398C1 +:1071E00004F0AEFA051EECD03000FFF78DFEE8E7A4 +:1071F00082256D42E5E7C046F0B5C6461400002280 +:1072000000B582B0019201292CD1022B2AD143680A +:10721000282B27D16368042B24D103682668D968FA +:10722000E368A76801203160E26001AA9846FFF791 +:10723000ADFE051E04D0280002B004BC9046F0BD8F +:10724000230042460C333900019804F0ADFA0500E2 +:107250003000002D03D1FFF757FE0500EBE7FFF7E5 +:1072600053FEE8E782256D42E5E7C04630B50024CD +:1072700083B00194012922D1012B20D14368282B0E +:107280001DD15368042B1AD103681568D96801AA67 +:1072900029600120FFF77AFE002802D0200003B009 +:1072A00030BD019804F01EF904002800002C03D121 +:1072B000FFF72AFE0400F1E7FFF726FEEEE782243F +:1072C0006442EBE7862040427047C0468620404239 +:1072D0007047C04670B5002482B00094012923D1C4 +:1072E000012B21D15368042B1ED14368282B1BD1BD +:1072F00001681568CB688E6801936A462B6001A906 +:107300000320FFF789FD041E02D0200002B070BDEB +:10731000019B31002B60009803F0A6F9041EF4D005 +:107320002800FFF7F1FDF0E782246442EDE7C04654 +:10733000F0B5002483B00194022921D1012B1FD183 +:107340004368282B1CD15368042B19D10368156896 +:10735000D9688668C76801AA29600320FFF716FE6E +:10736000041E02D0200003B0F0BD3A0031000198A5 +:1073700003F0BCF9041EF5D02800FFF7C5FDF1E7C6 +:1073800082246442EEE7C046F0B5C64614000022EF +:1073900000B582B0019201292CD1022B2AD1436879 +:1073A000282B27D16368042B24D103682668D96869 +:1073B000E368A76803203160E26001AA9846FFF7FE +:1073C000E5FD051E04D0280002B004BC9046F0BDC7 +:1073D000230042460C333900019803F091F905006F +:1073E0003000002D03D1FFF78FFD0500EBE7FFF71D +:1073F0008BFDE8E782256D42E5E7C046F0B5002445 +:1074000083B00194022926D1012B24D14368282B73 +:1074100021D15368042B1ED103681568D96886688A +:10742000C76801AA29600320FFF7B0FD041E02D03F +:10743000200003B0F0BD3A003100019803F0B2FB28 +:1074400004002800002C03D1FFF75EFD0400EFE7E5 +:10745000FFF75AFDECE782246442E9E730B50024E7 +:1074600083B00194012922D1012B20D14368282B1C +:107470001DD15368042B1AD103681568D96801AA75 +:1074800029600320FFF782FD002802D0200003B00E +:1074900030BD019803F09AF804002800002C03D1B5 +:1074A000FFF732FD0400F1E7FFF72EFDEEE782243F +:1074B0006442EBE730B5002483B0009401940129C5 +:1074C00024D1012B22D14368282B1FD15368042BD0 +:1074D0001CD103681568D9686A460320FFF756FD7A +:1074E000041E02D0200003B030BD01AA29000320F1 +:1074F000FFF792FC041EF5D10199009803F072FB8E +:10750000041EEFD02800FFF7FFFCEBE78224644263 +:10751000E8E7C046862040427047C0468620404289 +:107520007047C046F0B5C646002400B582B000944E +:1075300001292FD1012B2DD15368042B2AD1436867 +:10754000282B27D105680021EB6817680193EE8886 +:10755000AB683000984600F027F9041E04D02000E4 +:1075600002B004BC9046F0BDEB686A463B6001A9DE +:107570000220FFF751FC041EF1D1019B42463B6003 +:107580003100009803F078FC041EE8D03800FFF7C3 +:10759000BBFCE4E782246442E1E7C046F0B5C6469E +:1075A000002400B582B0009401292FD1012B2DD1E8 +:1075B0005368042B2AD14368282B27D10568002162 +:1075C000EB6817680193EE88AB683000984600F0CE +:1075D000EBF8041E04D0200002B004BC9046F0BDBD +:1075E000EB686A463B6001A90220FFF715FC041E08 +:1075F000F1D1019B42463B603100009803F041FC11 +:10760000041EE8D03800FFF77FFCE4E782246442E0 +:10761000E1E7C046F0B5002483B00194022921D1EE +:10762000012B1FD14368282B1CD15368042B19D17F +:1076300003681568D9688668C76801AA29600220AE +:10764000FFF7A4FC041E02D0200003B0F0BD3A00F6 +:107650003100019803F01AFC041EF5D02800FFF752 +:1076600053FCF1E782246442EEE7C046F0B5C6461B +:107670001400002200B582B0019201292CD1022B06 +:107680002AD14368282B27D16368042B24D10368AF +:107690002668D968E368A76802203160E26001AA21 +:1076A0009846FFF773FC051E04D0280002B004BC06 +:1076B0009046F0BD230042460C333900019803F098 +:1076C00015FC05003000002D03D1FFF71DFC05005F +:1076D000EBE7FFF719FCE8E782256D42E5E7C046D6 +:1076E000F0B5002483B00194022926D1012B24D1C6 +:1076F0004368282B21D15368042B1ED103681568D9 +:10770000D9688668C76801AA29600220FFF73EFC95 +:10771000041E02D0200003B0F0BD3A0031000198F1 +:1077200003F013FC04002800002C03D1FFF7ECFB4E +:107730000400EFE7FFF7E8FBECE782246442E9E7A7 +:1077400030B5002483B00194012922D1012B20D12E +:107750004368282B1DD15368042B1AD10368156880 +:10776000D96801AA29600220FFF710FC002802D086 +:10777000200003B030BD019803F05EFA0400280039 +:10778000002C03D1FFF7C0FB0400F1E7FFF7BCFBBF +:10779000EEE782246442EBE7862040427047C04611 +:1077A000862040427047C046002330B583B00400B5 +:1077B00001A80D000193FFF703FA002800D07AE03A +:1077C000554B9A79002A03D09A88A24200D17AE0D8 +:1077D0009A7B002A03D09A89A24200D17DE09A7D4B +:1077E000002A00D069E09A7F002A03D09A8BA24237 +:1077F00000D186E026229A5C002A03D09A8CA2420D +:1078000000D180E02E229A5C002A03D09A8DA242F9 +:1078100000D17AE036229A5C002A03D09A8EA242E6 +:1078200000D174E03E229A5C002A02D09A8FA242D4 +:1078300055D046229A5C002A03D044229A5AA2428A +:107840004FD04E229A5C002A03D04C229A5AA24270 +:1078500049D056229A5C002A03D054229A5AA24256 +:1078600043D05E229A5C002A03D05C229A5AA2423C +:107870003DD066229A5C002A03D064229A5AA24222 +:1078800037D06E229A5C002A03D06C229A5AA24208 +:1078900031D076229A5C002A03D074229A5AA242EE +:1078A0002BD07E229A5C002A03D07C229A5AA242D4 +:1078B00025D08820404203B030BD9A8AA24200D031 +:1078C00091E7022200E00022D1005B5801998B422F +:1078D0001FD1002DEFD02A60EDE70122F4E7072247 +:1078E000F2E70822F0E70922EEE70A22ECE70B2292 +:1078F000EAE70C22E8E70D22E6E70E22E4E70F2292 +:10790000E2E70322E0E70422DEE70522DCE70622C5 +:10791000DAE785204042CEE7E8720108304B9A79D9 +:10792000002A3BD09A7B002A3CD09A7D002A3BD08B +:107930009A7F002A3AD026229A5C002A38D02E223A +:107940009A5C002A36D036229A5C002A36D03E2233 +:107950009A5C002A34D046229A5C002A2CD04E220F +:107960009A5C002A2ED056229A5C002A2CD05E22E5 +:107970009A5C002A2AD066229A5C002A28D06E22BD +:107980009A5C002A26D076229A5C002A24D07E2295 +:107990009B5C002B22D08D20404270470023036067 +:1079A0000020FAE70123FAE70223F8E70323F6E7CA +:1079B0000423F4E70523F2E70823F0E70623EEE7C4 +:1079C0000723ECE70923EAE70A23E8E70B23E6E7C6 +:1079D0000C23E4E70D23E2E70E23E0E70F33DEE7B5 +:1079E000E872010830B583B0040001A80D00FFF76C +:1079F000E7F8002807D1054B019AE400E250012284 +:107A00001B199D809A7103B030BDC046E872010811 +:107A10000023F0B58BB0242206000F0001A800213E +:107A20000093F8F78CFE6846FFF7CAF8051E00D0F1 +:107A300089E0B64CA379002B04D0009B22689342C6 +:107A400000D193E0A37B002B04D0A368009A93425B +:107A500000D198E0A37D002B04D02369009A9342C3 +:107A600000D19DE0A37F002B04D0A369009A93422C +:107A700000D1A2E02623E35C002B04D0236A009A05 +:107A8000934200D1E1E02E23E35C002B04D0A36AF3 +:107A9000009A934200D1CBE03623E35C002B04D064 +:107AA000236B009A934200D1A8E03E23E35C002BB5 +:107AB00004D0A36B009A934200D1ACE04623E35C70 +:107AC000002B04D0236C009A934200D188E04E230F +:107AD000E35C002B04D0A36C009A934200D1C1E078 +:107AE0005623E35C002B04D0236D009A934200D10F +:107AF000C6E05E23E35C002B04D0A36D009A9342A2 +:107B000000D1CBE06623E35C002B04D0236E009A07 +:107B1000934200D1D0E06E23E35C002B04D0A36E2F +:107B2000009A934200D1D5E07623E35C002B04D089 +:107B3000236F009A934200D1DAE07E23E35C002BAE +:107B400004D18C256D4228000BB0F0BDA36F009AC4 +:107B50009342F6D17C2301A9E05A02F0A3FB00284E +:107B6000EFD1039B9E42ECD10F2332E0A08801A904 +:107B700002F098FB002800D064E7039B9E4200D0EF +:107B800060E7002325E0A08901A902F08BFB002813 +:107B900000D05FE7039B9E4200D05BE7012318E023 +:107BA000A08A01A902F07EFB002800D05AE7039BBF +:107BB0009E4200D056E702230BE0A08B01A902F001 +:107BC00071FB002800D055E7039B9E4200D051E78F +:107BD0000323002FB7D0DB00E418A3883B80B2E773 +:107BE000442301A9E05A02F05DFB002800D06EE7B3 +:107BF000039B9E4200D06AE70823EAE7A08E01A912 +:107C000002F050FB002800D04FE7039B9E4200D0BB +:107C10004BE70623DDE7A08F01A902F043FB002814 +:107C200000D04BE7039B9E4200D047E70723D0E7F5 +:107C3000A08D01A902F036FB002800D02CE7039BA1 +:107C40009E4200D028E70523C3E7A08C01A902F0DB +:107C500029FB002800D016E7039B9E4200D012E7C4 +:107C60000423B6E74C2301A9E05A02F01BFB0028CD +:107C700000D035E7039B9E4200D031E70923A8E7F7 +:107C8000542301A9E05A02F00DFB002800D030E790 +:107C9000039B9E4200D02CE70A239AE75C2301A9AC +:107CA000E05A02F0FFFA002800D02BE7039B9E4227 +:107CB00000D027E70B238CE7642301A9E05A02F0E8 +:107CC000F1FA002800D026E7039B9E4200D022E76D +:107CD0000C237EE76C2301A9E05A02F0E3FA0028A6 +:107CE00000D021E7039B9E4200D01DE70D2370E7E3 +:107CF000742301A9E05A02F0D5FA002800D01CE74D +:107D0000039B9E4200D018E70E2362E7E872010849 +:107D1000862040427047C046862040427047C04699 +:107D2000F0B5CE46474680B583B0032955D1012B27 +:107D300053D14368282B50D1C368242B4DD15368AD +:107D4000022B4AD113684A4C984600230193A37929 +:107D5000856806694769002B42D0A37B002B59D068 +:107D6000A37D002B59D0A37F002B5CD02623E35C9E +:107D7000002B5BD02E23E35C002B5AD03623E35C30 +:107D8000002B4DD03E23E35C002B55D04623E35C13 +:107D9000002B54D04E23E35C002B53D05623E35CDE +:107DA000002B52D05E23E35C002B51D06623E35CB2 +:107DB000002B50D06E23E35C002B4FD07623E35C86 +:107DC000002B4ED07E23E35C002B4DD08D20404213 +:107DD00003B00CBC90469946F0BD82204042F7E7C4 +:107DE0000023994601A8FEF7EBFE0028F0D1434698 +:107DF0003A003100280002F0EAFA0028E8D14B46A8 +:107E0000019ADB00E250E41843461B88A38001235B +:107E1000A371DDE701239946E4E702239946E1E7F0 +:107E200006239946DEE703239946DBE704239946B8 +:107E3000D8E705239946D5E707239946D2E70823D3 +:107E40009946CFE709239946CCE70A239946C9E723 +:107E50000B239946C6E70C239946C3E70D239946A1 +:107E6000C0E70E239946BDE70F239946BAE7C046FF +:107E7000E872010810B5022916D1012B14D143680C +:107E8000282B11D1C368042B0ED15368022B0BD1C0 +:107E9000836811681868C0231B06C218054B9A42F4 +:107EA00005D800F05DFB10BD82204042FBE7862034 +:107EB0004042F8E7FFFFFF3F70B582B0012900D0D4 +:107EC000A3E0002B00D0A0E04268282A00D09CE06C +:107ED000026801A8D5880193FEF772FE002800D041 +:107EE0007EE0594CA379002B03D0A388AB4200D18C +:107EF000A4E0A37B002B03D0A389AB4200D19FE079 +:107F0000A37D002B03D0A38AAB4200D19AE0A37FCC +:107F1000002B03D0A38BAB4200D179E02623E35C96 +:107F2000002B03D0A38CAB4200D173E02E23E35C83 +:107F3000002B03D0A38DAB4200D16DE03623E35C70 +:107F4000002B03D0A38EAB4200D167E03E23E35C5D +:107F5000002B02D0A38FAB4262D04623E35C002B00 +:107F600003D04423E35AAB425CD04E23E35C002BA6 +:107F700003D04C23E35AAB4256D05623E35C002B8C +:107F800003D05423E35AAB4250D05E23E35C002B72 +:107F900003D05C23E35AAB424AD06623E35C002B58 +:107FA00003D06423E35AAB4244D06E23E35C002B3E +:107FB00003D06C23E35AAB423ED07623E35C002B24 +:107FC00003D07423E35AAB420CD07E23E35C002B36 +:107FD00004D07C23E35A0F26AB4204D088204042D1 +:107FE00002B070BD0E268520F600A359019A4042CA +:107FF0009342F5D1280004F0B8FB0028F0D100230B +:10800000A051A419A080A371EAE782204042E7E7CB +:108010000326E8E70426E6E70526E4E70626E2E786 +:108020000726E0E70826DEE70926DCE70A26DAE786 +:108030000B26D8E70C26D6E70D26D4E70026D2E794 +:108040000126D0E70226CEE7E872010870B582B0BB +:10805000012900D0A3E0002B00D0A0E04268282A2C +:1080600000D09CE0026801A8D5880193FEF7A8FD26 +:10807000002800D07EE0594CA379002B03D0A388C0 +:10808000AB4200D1A4E0A37B002B03D0A389AB4279 +:1080900000D19FE0A37D002B03D0A38AAB4200D187 +:1080A0009AE0A37F002B03D0A38BAB4200D179E0F1 +:1080B0002623E35C002B03D0A38CAB4200D173E0FA +:1080C0002E23E35C002B03D0A38DAB4200D16DE0E7 +:1080D0003623E35C002B03D0A38EAB4200D167E0D4 +:1080E0003E23E35C002B02D0A38FAB4262D0462339 +:1080F000E35C002B03D04423E35AAB425CD04E2315 +:10810000E35C002B03D04C23E35AAB4256D05623FA +:10811000E35C002B03D05423E35AAB4250D05E23E0 +:10812000E35C002B03D05C23E35AAB424AD06623C6 +:10813000E35C002B03D06423E35AAB4244D06E23AC +:10814000E35C002B03D06C23E35AAB423ED0762392 +:10815000E35C002B03D07423E35AAB420CD07E23A4 +:10816000E35C002B04D07C23E35A0F26AB4204D0FF +:108170008820404202B070BD0E268520F600A3592B +:10818000019A40429342F5D1280002F051F80028AC +:10819000F0D10023A051A419A080A371EAE78220A6 +:1081A0004042E7E70326E8E70426E6E70526E4E79A +:1081B0000626E2E70726E0E70826DEE70926DCE7F1 +:1081C0000A26DAE70B26D8E70C26D6E70D26D4E7F1 +:1081D0000026D2E70126D0E70226CEE7E8720108A2 +:1081E00010B501290DD1012B0BD14368282B08D1E3 +:1081F0005368242B05D103681168D88802F052F81F +:1082000010BD82204042FBE710B501290CD1012BA3 +:108210000AD14368282B07D15368242B04D1106856 +:1082200002F015F8002010BD82204042FBE7C04656 +:1082300010B501290CD1012B0AD14368282B07D195 +:10824000131D12CA0268D088220002F095F810BDF2 +:1082500082204042FBE7C046F0B5140083B00129FC +:108260001AD1012B18D14368282B15D1036801A915 +:10827000DD8816682800576800F052F9231D3A007F +:108280003100002804D1280002F08BF803B0F0BDC3 +:10829000019800F0D5F9F9E782204042F6E7C046A0 +:1082A000F0B5C64600B582B0022954D1012B52D197 +:1082B0004368282B4FD15368022B4CD1C368242B21 +:1082C00049D103683F4CDE888368176898460023CD +:1082D0000193A379002B41D0A37B002B54D0A37D25 +:1082E000002B53D0A37F002B54D02623E35C002B1C +:1082F00052D02E23E35C002B50D03623E35C002BBE +:1083000046D03E23E35C002B4AD04623E35C002B9F +:1083100048D04E23E35C002B46D05623E35C002B71 +:1083200044D05E23E35C002B42D06623E35C002B49 +:1083300040D06E23E35C002B3ED07623E35C002B21 +:108340003CD07E23E35C002B3AD08D20404202B02B +:1083500004BC9046F0BD82204042F8E7002501A809 +:10836000FEF72EFC0028F2D13A004146300002F020 +:1083700059F80028EBD1019BED0063513B8864194B +:10838000A3800123A371E2E70125E8E70225E6E7E0 +:108390000625E4E70325E2E70425E0E70525DEE717 +:1083A0000725DCE70825DAE70925D8E70A25D6E717 +:1083B0000B25D4E70C25D2E70D25D0E70E25CEE717 +:1083C0000F25CCE7E8720108F0B583B002294FD140 +:1083D000012B4DD14368282B4AD1C368242B47D1A8 +:1083E0005368022B44D100233C4C0193A3791668B7 +:1083F0008768002B3FD0A37B002B51D0A37D002B9F +:1084000050D0A37F002B51D02623E35C002B4FD00C +:108410002E23E35C002B4DD03623E35C002B43D0AE +:108420003E23E35C002B47D04623E35C002B45D082 +:108430004E23E35C002B43D05623E35C002B41D05A +:108440005E23E35C002B3FD06623E35C002B3DD032 +:108450006E23E35C002B3BD07623E35C002B39D00A +:108460007E23E35C002B37D08D20404203B0F0BD6B +:1084700082204042FAE7002501A8FEF7A1FB002870 +:10848000F4D13100380003F0DFFF0028EED1019B6A +:10849000ED00635133886419A3800123A371E5E7DC +:1084A0000125E9E70225E7E70625E5E70325E3E7F8 +:1084B0000425E1E70525DFE70725DDE70825DBE7FC +:1084C0000925D9E70A25D7E70B25D5E70C25D3E7FA +:1084D0000D25D1E70E25CFE70F25CDE7E87201087E +:1084E00030B504008BB00D002422002101A8F8F75C +:1084F00026F901A9200001F0D5FE002808D0074C7C +:10850000002D00D02C60200026F03AF90BB030BDD1 +:1085100001A8039C01F09BFEF2E7C046FFFFFF7F2E +:1085200030B504008BB00D002422002101A8F8F71B +:1085300006F901A9200001F0B5FE002808D0074C7B +:10854000002D00D02C60200026F028F90BB030BDA3 +:1085500001A8039C01F07BFEF2E7C046FFFFFF7F0E +:1085600030B5A5B004000D00242200210AA8F8F7B8 +:10857000E6F844232000099326F002F9002842D0AF +:1085800029002000FFF744FA002801D125B030BDB2 +:1085900004A8FFF7C3F90028F8D106AA05A920000E +:1085A00026F006F90028F1D109AB009308AA13AB15 +:1085B00007A9200026F02CF90028E7D1059B079990 +:1085C0000D93069B0E93119B0393002B19D0002350 +:1085D00000220AA801F046FE089B0C4A934200D9EB +:1085E0000B4B02AA138713A92B00099A0AA80C9413 +:1085F00001F0EDFE0028C9D129880498FFF7F2F9AF +:10860000C4E70A91E8E78C204042BFE7F8FF00008A +:10861000FFFF000010B584B0089C0294079C0194F1 +:10862000069C009426F03CF904B010BD10B582B051 +:10863000059C0194049C009426F064F902B010BDDE +:1086400010B526F08FF910BDF0B5DE4657464E4600 +:108650004546E0B514008A1E8DB0012A3FD8012B93 +:108660003DD14368282B3AD105686B6AEE880B939D +:108670008368AF689846C368994623689A466368DA +:108680009B46032926D000230A9309930023002147 +:1086900063603000FFF788F8002814D15B4605932B +:1086A000534604934B46039343462A0002930A9B86 +:1086B00004340193099B1432009306940B9B3900F8 +:1086C000300003F0BDF80DB03CBC90469946A24680 +:1086D000AB46F0BD0369099343690A93D6E782204C +:1086E0004042F0E7F0B5DE4657464E464546E0B517 +:1086F00014008A1E8DB0012A3FD8012B3DD8436853 +:10870000282B3AD105686B6AEE880B938368AF68B3 +:108710009846C368994623689A4663689B4603292E +:1087200026D000230A9309930023002163603000C0 +:10873000FFF73AF8002814D15B460593534604939B +:108740004B46039343462A0002930A9B0434019349 +:10875000099B1432009306940B9B3900300003F000 +:10876000E1F80DB03CBC90469946A246AB46F0BD40 +:108770000369099343690A93D6E782204042F0E7F0 +:10878000862040427047C046862040427047C0461F +:10879000862040427047C046862040427047C0460F +:1087A000862040427047C046862040427047C046FF +:1087B000862040427047C046862040427047C046EF +:1087C000862040427047C046862040427047C046DF +:1087D000F0B5D6464F464646C0B5140086B00229CD +:1087E00031D1012B2FD14368282B2CD10368876806 +:1087F000DD889E68C3680021984613682800994662 +:1088000053689A46FEF7D0FF002805D006B01CBC7E +:1088100090469946A246F0BD05A92800FFF760FEE4 +:10882000534601934B4604340093029443463A0066 +:108830003100002803D1280002F0BEFBE6E70598CE +:10884000FFF7E8FEE2E782204042DFE7F0B5CE46E0 +:10885000474680B585B003292DD1002B2BD1436825 +:10886000282B28D103688668DC889D680369C7685F +:1088700098464369002120009946FEF795FF00289D +:1088800004D005B00CBC90469946F0BD03A9200069 +:10889000FFF726FE4B460193434632000093290022 +:1088A0003B00002803D1200002F08AFCE9E703988E +:1088B000FFF7BCFEE5E782204042E2E7F0B54E4616 +:1088C0004546DE465746E0B515008A1E95B00400C1 +:1088D0000E00012A4CD8012B4AD14368282B47D1DE +:1088E00003682422DF889B680021994683689A46A2 +:1088F000C3680BA807932B689B466B689846F7F7ED +:108900001EFF032E31D00024002600213800FEF780 +:108910004BFF002806D015B03CBC90469946A246B5 +:10892000AB46F0BD0BA9380001F0BCFC0028F2D129 +:1089300004AB9B8E0BA809930B9B089301F087FC5B +:10894000089A114B1340114A934214D043460393A3 +:108950005B4604350293049501940096079B5246AA +:108960004946380002F0E0FCD5E726696469CCE7A7 +:1089700082204042CFE7099B0733DB089845E5D2C8 +:108980008A204042C7E7C046FFFFFFEF00000160BA +:10899000F0B5DE4657464E464546E0B514008A1E01 +:1089A00089B0012A35D8012B33D14368282B30D127 +:1089B0000368C768DD889E688368079323689A46C2 +:1089C00063689B4603291FD00023994698460021DF +:1089D0002800FEF7E9FE00280FD15B4603935346BB +:1089E00002934B46019343460434009304943B00A6 +:1089F000079A3100280002F00DFD09B03CBC9046FA +:108A00009946A246AB46F0BD03699846436999462C +:108A1000DDE782204042F0E770B5002482B0009488 +:108A2000012927D1012B25D15368042B22D143687A +:108A3000282B1FD103681668D9686A460191042063 +:108A400001A99D68FEF7E8F9041E0AD1019B009870 +:108A500033600A4B9D4207D0290003F0E5FB041E5A +:108A600004D1200002B070BD0560FAE73000FEF7C7 +:108A70004BFAF6E782246442F3E7C046000F00B0E9 +:108A800030B583B001291AD1012B18D14368282BA6 +:108A900015D15368042B12D1002403681568D968D6 +:108AA00001AA04200194FEF771FA002802D02C607C +:108AB00003B030BD2900019803F030F9F8E78220B7 +:108AC0004042F5E710B582B0012914D1002B12D134 +:108AD0004268282A0FD102680420D168146901AACB +:108AE0000193FEF753FA002803D12100019803F007 +:108AF0001FF902B010BD82204042FAE7F0B5C64629 +:108B000000B582B002293ED1002B3CD14268282A10 +:108B100039D10268C7689688D16882680420904677 +:108B20006A460093FEF732FA041E0BD1009D1A4BE1 +:108B30002A689A420BD03B0042463100280003F0DD +:108B400099FB0400200002B004BC9046F0BD134B1A +:108B50009E421BD101A8FEF733F8041EF2D13E1D40 +:108B60003100012000F0C4FAA861002811D00422CD +:108B700001A9F7F7C8FDAB693A00181D4146F7F7A0 +:108B8000C2FDEE61DEE782246442DBE787246442B3 +:108B9000D8E78D246442D5E7000F00B00102000041 +:108BA00030B583B0012916D1012B14D14368282B8D +:108BB00011D130CA036801AAD968002304200193A7 +:108BC000FEF7E4F9002804D12A002100019803F0FF +:108BD000BDF803B030BD82204042FAE770B582B0E4 +:108BE00001291ED1002B1CD14268282A19D1026804 +:108BF0000021D48896882000D5680193FEF7D4FD23 +:108C0000002801D002B070BD01AA29000430FEF78F +:108C1000BDF90028F6D122003100019803F031FBA4 +:108C2000F0E782204042EDE7F0B585B002292DD172 +:108C3000012B2BD14368282B28D1C368242B25D1A5 +:108C40005368022B22D103688568D9680023146811 +:108C5000042002AA0293FEF799F9002801D005B07A +:108C6000F0BD03A8FEF75AFE0028F8D10299194B6F +:108C70000A689A420DD02200280003F085FA0028E5 +:108C8000EDD121880398FEF7ADFEE8E7822040424F +:108C9000E5E72E8B0736F608402E18D8CB690F0073 +:108CA0009C46D937FF378869002301960097002238 +:108CB000614625F09BFE002806D1230032003900D2 +:108CC000280001F084FBDAE793204042C7E78D20BB +:108CD0004042C4E7000F00B070B582B001293BD11B +:108CE000012B39D14368282B36D15368042B33D15B +:108CF00003681668DC68002301AA01932100346030 +:108D00000420FEF743F9002500280DD13460019CB2 +:108D1000134B22689A420AD0200002F075FE051E0D +:108D200015D03000FEF7F0F8280002B070BDA06941 +:108D3000002806D0E2690021F7F701FDA06900F0E4 +:108D4000DFF98622002192002000F7F7F8FC3000BE +:108D5000FEF7DAF80500E7E782256D42E4E7C04652 +:108D6000000F00B0F0B5C64600B584B0022926D188 +:108D7000002B24D14268282A21D10268C168D488F6 +:108D800087688846039300212000D5689688FEF7FF +:108D90000BFD002803D004B004BC9046F0BD03AA2C +:108DA00029000430FEF7F2F80028F4D143462200EF +:108DB000009331003B00039803F08AFAEBE782202E +:108DC0004042E8E710B5012908D1012B06D14368DC +:108DD000282B03D103CA03F0CFFA10BD82204042F2 +:108DE000FBE7C04630B585B0022914D1012B12D162 +:108DF0004368282B0FD104688568C368E188A068A0 +:108E0000141D029454680194126800922A0003F021 +:108E1000DDFA05B030BD82204042FAE70D4A016814 +:108E20000123914213D10C4AC16991420FD182684A +:108E30009A420CD8C268002A02D001698A4206D040 +:108E40004269131E03D083699B1A5842434118009C +:108E50007047C04655AA00FF669911EE0F4B70B5DA +:108E60009E680124002E0AD03000FFF7D7FF041EB1 +:108E700012D1F368002B0FD13569002D01D12000EC +:108E800070BD2800FFF7CAFF002805D1EB68B34288 +:108E900002D12E002D69F0E70124F0E76873010884 +:108EA000F8B53B4E0C003368002B4FD0B368002B55 +:108EB0004CD00D004543002848D0002915D00100B2 +:108EC0002800FAF731F9A04240D12B1D3ED80323E8 +:108ED00029001D4201D099430431F46803E062681F +:108EE0008A4235D2A469002CF9D12000F8BDF36084 +:108EF0003DE00B002033E3189F60264F203A5A6074 +:108F000022691F60244FDC601A61DF61002A00D0F3 +:108F1000D360624658619A61002815D083619A69CE +:108F2000002A00D053612361002301226361A36101 +:108F30003369A2606160134223D120342A000021EA +:108F40002000F7F7FCFBD0E7F360E8E70024CCE76C +:108F5000A768002F19D1A369521A60699C46232A79 +:108F6000C7D80123A36063460028C0D08361A369EA +:108F7000002B00D0586100236361A3613369DB07D4 +:108F8000DBD5FFF76BFF0028D7D00120F7F75EFB9A +:108F90006873010855AA00FF669911EEF8B500281C +:108FA0005DD03A4E3368002B59D0B268002A56D0B3 +:108FB000834203D872689B18984202D30120F7F7C6 +:108FC00045FB20380400FFF729FF0028F6D1A368ED +:108FD000012BF3D1E568A060002D14D0AB68002B05 +:108FE0003ED163686A682033D3186B6023692B61B4 +:108FF000002B00D0DD6027002000202200212C0063 +:10900000F7F79DFB3D002069002835D08368002BD1 +:1090100032D16368426820339B18636062690369D8 +:10902000A1692361002A1DD1002921D142698169EA +:109030006261A161002A1DD09461A269002A00D05A +:109040005461002B00D0DC6020220021F7F777FB71 +:1090500033699B0703D5FFF701FF0028AED1F8BDA8 +:109060000500D0E79161A1690029DFD04A61DDE701 +:10907000F160F8E7F460E0E7002DE9D1F368A3615F +:10908000002B00D05C61F460E2E7C0466873010821 +:1090900070B5124E0D000400002114223000F7F7C5 +:1090A0004EFB0F490F4800F033F8232D15D9032349 +:1090B000234003D0043DE41A5D1904342A00002142 +:1090C0002000F7F73CFB084B7560B4603460236008 +:1090D000064B203D6560E361F46070BD6873010874 +:1090E0009D8F0010A18E001055AA00FF669911EE09 +:1090F00010B5024B1B68984710BDC04680CD0008D4 +:1091000010B5024B1B68984710BDC04684CD0008BF +:10911000024B1860024B00201960704780CD000898 +:1091200084CD000810B50A1E03D0024B00211B6835 +:10913000984710BD88CD0008030000B57F3304DADE +:10914000FF234042DB011840404203006C334DD006 +:1091500003006C3300DDC3E0984B984200D1ECE192 +:1091600064DC974B984225D032DC964B984246D02F +:1091700016DC954B984200D1DFE10ADC934B984214 +:109180004AD09723924A5B42904200D1E5E1842382 +:1091900011E0904B984200D1D5E08F4A9623F2E738 +:1091A0008E4B984238D008DC8D4B984261D08D4B65 +:1091B0009842ECD186235B42CFE18B4B98421ED084 +:1091C0008A4B984255D08A4B9842E0D19223F2E7DD +:1091D000884B98424DD014DC874B9842EAD007DC8C +:1091E000864B984245D0864B9842D0D18A23E2E7FD +:1091F000844B984200D1A0E1834B9842C7D18D2384 +:10920000D9E7824B984207D008DC814B984200D1C5 +:1092100093E1804B9842BAD19323CCE77E4B98429E +:10922000EDD07E4B9842E1D07D4BC1E77D4B98421B +:10923000C0D028DC7C4B98421BD010DC7B4B984282 +:1092400017D007DC7A4B984202D07A4B98429ED1D5 +:109250009723B0E7784B9842DED0784A9EE7784B68 +:10926000984206D007DC774B9842C8D0764B98429C +:109270008DD187239FE7754B9842FAD0744B984263 +:10928000F7D0744BA0E7744B984293D012DC734B29 +:109290009842EED008DC724B984203D0714B984252 +:1092A00000D074E7852386E76F4B984200D181E7B1 +:1092B0006E4B7DE703007A33AED003007A3305DCD2 +:1092C0006B4B984200D138E16A4BA3E7030070333F +:1092D000A2D003006E33BBD0723000D057E769E7ED +:1092E0000300293398D00300293300DDD0E00300C8 +:1092F0003A3335D003003A3334DC03006033B8D05E +:109300000300603312DC03006633B2D0030066331F +:1093100006DC03006A3300D171E76830A9D036E774 +:1093200003006433A5D06230A3D030E7030051338B +:109330009FD00300513308DC0300563300D1FCE01A +:10934000543000D023E7892335E70300403307D0AA +:109350000300403300DA1AE73D30012800D916E750 +:10936000942328E703003433FAD00300343316DCA7 +:109370000300373300D14FE70300373307DC030026 +:10938000393300D148E7383000D113E7FFE6030056 +:10939000363300D10EE7353000D13DE7F7E6030064 +:1093A000313300D138E70300313365DC0300333358 +:1093B00000D131E7323000D1FCE6E8E680BCFFFFA7 +:1093C00080AFFFFF809EFFFF009DFFFF009CFFFF1F +:1093D000809CFFFF809DFFFF009EFFFF80ADFFFF91 +:1093E000009FFFFF809FFFFF80AEFFFF00AFFFFFEA +:1093F00000AEFFFF80B3FFFF80B1FFFF80B0FFFF33 +:1094000000B1FFFF00B2FFFF80B2FFFF80BAFFFF95 +:1094100000B4FFFF80B4FFFF80BBFFFF00BCFFFF75 +:1094200000BBFFFF80C3FFFF80BFFFFF00BEFFFF49 +:1094300000BDFFFF80BDFFFF80BEFFFF00BFFFFF3D +:1094400080C1FFFF80C0FFFF00C1FFFF80C2FFFFA0 +:1094500000C3FFFF00C2FFFF80C6FFFF00C5FFFF84 +:1094600000C4FFFF80C4FFFF80C5FFFF00C6FFFFF1 +:1094700000C7FFFF80C7FFFF03002D3300D1CBE6FD +:1094800003002B3300D1C7E62F3000D07FE6C3E6C0 +:109490000300133300D1BFE60300133331DC0300B4 +:1094A000223313DC0300243300DB83E6030027337D +:1094B00000D1B1E60300273300DADAE603002633F1 +:1094C00000D177E6253000D1A6E660E60300183328 +:1094D00000D16FE60300183307DC0300203300D10E +:1094E00068E6193000D197E651E60300163300D143 +:1094F00060E60300163300DA8EE6143000D1B8E6D9 +:1095000045E603000C3300D1B3E603000C3316DC50 +:109510000300103300D172E60300103306DC0300B1 +:1095200012330AD0113000D176E630E603000E3354 +:1095300000D19EE60E3000DD9BE695233BE6831DC1 +:1095400000D196E6831D0ADC03000A3300D190E6C1 +:109550008A235B42083000D019E6180000BD831C46 +:1095600000D133E600239842F7D0031D00D00EE669 +:109570007FE6C046832270B50C00920000210500F2 +:109580000C30F7F7DCF8FF2122002B4B2B488A43E5 +:109590002340834202D02A4B9A4229D10C40802199 +:1095A000284B49042143CB18022B36D9264BCB1824 +:1095B000012B37D9254B994236D0254B99421AD0E9 +:1095C000244B994227D0244B994233D0234B9942C4 +:1095D0002AD0234B994229D0224B994224D0224BA6 +:1095E000994223D0214B994222D0214B994221D03C +:1095F000862040420EE020231148824206D01D48BA +:10960000824203D11C4A89180129F1D8FF22002087 +:109610005343AB6070BD3023EEE71023084882420D +:10962000EDD1E5E71423F9E71C23F7E72023F5E75D +:109630003023F3E74023F1E700FDFFFF00010020A6 +:1096400000020020FFFFFFFEFCFFFFFE08000001FC +:10965000090000010A0000010B0000010C000001DC +:109660000D000001100000011100000112000001B6 +:109670001300000100030020F7FFFFFEF0B51F00FC +:10968000002387B03B600C9B06000D001400002BEC +:1096900009D00368C0221900D2051140914200D1BF +:1096A0009CE087264BE0002A00D19AE0C02280216E +:1096B0000368D2051A40C9058A4211D1026AA24242 +:1096C00000D98EE0C1692800F7F71DF8306A0C99BF +:1096D000221A2818F7F733F8336A3B60002620E097 +:1096E00041491A0C12048A421ED10C9A002A1BD13D +:1096F000338B0733DB1001939C4200D271E0F06999 +:109700001A0029007C300CF059FCFFF715FD061EED +:1097100007D1019B0C99E21AE818F7F710F8019BA2 +:109720003B60300007B0F0BD304A31491A408A42F0 +:1097300007D0304A1340304A934227D086267642DB +:10974000EFE704A810F008FC2C4B0493F369059391 +:109750000C9B002B07D1E0223368D2051340C022B6 +:10976000D205934217D12B1904AA290003A8039309 +:1097700011F0B8FC061E14DA220000212800F6F7CA +:10978000DEFF3000FFF7D8FC0600CAE704A810F09F +:10979000E3FB1B4BD9E72200290004A811F006FDCA +:1097A000E8E74300A3420DD8241A2C190200210037 +:1097B0002800F6F7A8FF320000212000F6F7BFFFCF +:1097C0003E608BE7A042FBD2241A02002919280030 +:1097D000F6F7A2FFA81922000021EFE7002C00D025 +:1097E0007EE78A26ABE7C04600000370FFFFFFEF6D +:1097F000000001600000FFEF00000360940E021003 +:10980000340E0210F0B50B6889B006000D00002B75 +:1098100006D00268934203D08720404209B0F0BDD1 +:109820002B6A002B30D032681B4B13401B4A9342EB +:10983000F2D102AF38000CF0B7F905A80CF0B4F97A +:109840000021019700910B000A00F06903F0D6F99E +:10985000041E0DD12A6AE96905A80CF03EFB041E1E +:1098600006D105A938000CF01FFD041E00D00C4CD9 +:1098700038000CF09FF905A80CF09CF9002C03D0DF +:109880002000FFF759FCC9E700202B8B8342C5D08D +:10989000328B9A42C2D0BFE7FFFFFFEF00000160AA +:1098A00080BFFFFF70B51500FE22D2050400024004 +:1098B000C020C004824201D12E4A1440FA228020E6 +:1098C000D2052240C004824237D12B4A94422CD088 +:1098D0000FD82A4A94420AD006D8294AA41802224C +:1098E000012C11D9002035E0264A9442FAD10722F2 +:1098F0000AE0254A94421ED011D8244A944216D038 +:10990000042223488442EDD122480918002004296A +:1099100020D80800F9F7FEFB2B1F172729001E4A45 +:10992000944206D01D480622ECE70522ECE703220C +:10993000EAE70822E8E70A22E6E7194A002094420B +:1099400008D10122E0E70520002B00D01870290083 +:109950000EF022FA70BD0320402DF5D00130802D8D +:10996000F2D14035F0E70720EEE70920ECE70220CE +:10997000EAE7C046FFC0FFFF0100C0040100800409 +:1099800000FF9FFB05008004050000060200C004E4 +:109990000300C004FFFFFFBF0100400602004006B5 +:1099A0000200C002CC235B00C358084A10B59342A2 +:1099B00003D0074A934204D010BD08300EF08EF851 +:1099C000FAE708300FF0F9FEF6E7C046011040064E +:1099D0000210400670B505001E4B1F4A1D409542FF +:1099E00004D01E4C1E4E0440B44230D10B40934272 +:1099F00004D01A4C1A4E0C40B44228D10400FF2661 +:109A00004C40B44323D1954204D0144C144D04402F +:109A1000AC4208D1C5B2002D05D0802464042C438B +:109A2000104DAC4211D0934204D00C4B0C4A0B4069 +:109A300093420CD1CAB200218A4206D080235B0433 +:109A40001343084A934200D10100080070BD002171 +:109A5000FBE7C04600FFFEFF0000021000FFFCFF16 +:109A600000000410FF00000170B50122814224D0E3 +:109A70000A00134B134D1A40AA4205D0124C134E44 +:109A80000C400022B44218D10340AB4205D00E4B2B +:109A90000E4C03400022A3420FD1FF2405000022F8 +:109AA0002540954209D080235B042B43084DAB42EF +:109AB00003D14140A1434A424A41100070BDC04613 +:109AC00000FFFEFF0000021000FFFCFF000004107A +:109AD000FF000001F0B585B0019300230F000B607B +:109AE00003A91600039302F0D9FD051E1ED1E02341 +:109AF000039CDB0522681340C022D205934201D1AA +:109B000001239E43E3683340B34212D1019B002BF3 +:109B10000BD019002069FFF7A7FF002805D1019994 +:109B20006069FFF7A1FF002803D03C60280005B062 +:109B3000F0BD85256D42F9E7174B70B515009842C9 +:109B40000ED005D8154B98421BD08620404217E016 +:109B5000A223DB05984203D0A423DB059842F4D16D +:109B600007240C4016D10731C90869600120FFF7AE +:109B7000BFFA030028602000002B01D16C608D38F3 +:109B800070BD40230A009A43802AE9D080235B00FD +:109B90009942E5D08720D9E701000050010000403C +:109BA000F8B516001A000023040040680F00136087 +:109BB000984205D1144BE2681A4208D0872021E070 +:109BC0000123A16802F0C8FD0028F3D0F8BD228B64 +:109BD0000E4B9A4215D80125638BAB43EED1310071 +:109BE000380002F097FD0028F0D131680A00C8CC97 +:109BF000C8C2C8CCC8C2236813601B0CAB434B83DC +:109C0000E4E786204042E1E7FCE0FFFFF8FF0000C8 +:109C1000F7B50D006B46016804000E8B0733320068 +:109C200009682800FFF73EFE6060002807D0344B2B +:109C3000344A2B40934204D0334A93423DD0862687 +:109C40000EE0CC23314A5B00E25010220433E25490 +:109C500023680E3A1B6893432D4A934202D087260D +:109C6000764228E02700083738000DF010FF6B46D9 +:109C70002268D979D269330038000DF00EFFFFF762 +:109C80005BFA061E37D1FE23C021DB052B40C90439 +:109C900000228B4201D1AA04920ECE204000205C0B +:109CA000904226D300228B4201D1AD04AA0E9E23FE +:109CB0000026FF33E2543000FEBDCC23154A5B0082 +:109CC000E25010220433E25423680E3A1B68934397 +:109CD0000F4A9342C3D12700083738000FF0E0FA4B +:109CE0006B462268D979D269330038000FF0DFFA69 +:109CF000C5E7872676422000FFF754FEDBE7C04623 +:109D0000FFC0FFFF010040060200400601104006B0 +:109D1000010000400210400610B5FF230C000100B6 +:109D20000C4A9943914212D10340802040041843C9 +:109D3000094BC01803280AD8084B8000C05810F0FF +:109D400047F801210200200003F01CF810BD00209C +:109D5000F5E7C04600000312F8FFFFFE08E8011017 +:109D600070B50D000400AC210120FFF7C1F9286097 +:109D700000280ED0123CA4B205F0C0FA00210C2C31 +:109D800001D8054B195D286807F06CFBFFF7D4F983 +:109D900070BD8D204042FBE7F9E70110F7B51D00CB +:109DA00000230E0001A917000193FFF7D9FF041E3D +:109DB00017D101993B0088313200019805F022FC4F +:109DC000FFF7BAF9041E0CD101990198883105F00A +:109DD00093FCFFF7B1F9041E03D1019B2B60200017 +:109DE000FEBD01980028FAD005F01AFB0198FFF794 +:109DF00087F9F4E7F0B515000024BFB0060006A807 +:109E000003930F0005940EF08FFE2B782000013B8A +:109E1000DBB20C2B01D81A4AD05C05AB3A003100FA +:109E2000FFF7BCFF041E1ED10122059906A80EF003 +:109E3000C9FEFFF781F9041E15D10200290006A80A +:109E40000EF0C0FEFFF778F9041E0CD10D4B039AFB +:109E500001930D4B4599009306A8449B0EF0E2FE3A +:109E6000FFF76AF9040006A80EF08EFE059805F0CB +:109E7000D7FA0598FFF744F920003FB0F0BDC0467F +:109E8000ECE7011010760108C38A0110F7B5FF2333 +:109E900006001D4F9E431D4B05000091019203409B +:109EA000BB4204D01A4B1B4A0340934220D1EBB271 +:109EB000002B1DD0802252041343174A9B18032BFA +:109EC00016D8164A9B009C5820000FF081FF019B7A +:109ED0001870BE420ED1B54211D0002C11D0200016 +:109EE0000FF072FF009B984209D08720404207E0A4 +:109EF0000024E9E70A4B9E4201D1002C01D000204A +:109F0000FEBD8620F2E7C0460000021000FFFEFF03 +:109F100000FFFCFF00000410F8FFFFFE08E801103E +:109F200000000310C023F0B5150080220768DB0590 +:109F300089B004000E003B40D205934225D1964BD8 +:109F4000E9009D4200D923E1944B994200D91FE1D9 +:109F5000020038001C32FFF7EFFD071E00D0A3E01F +:109F6000002D04D02A003100E069F6F7CCFBC022B6 +:109F700080212368D2051A40C9058A4200D0F3E047 +:109F8000236AD800208300278EE0854A3B0C1B04FF +:109F9000934200D08BE00023B8B20593153301281B +:109FA0004AD0022848D0032846D00433042843D09E +:109FB000052841D0053306283ED007283CD0082884 +:109FC0003AD00633092837D00A2835D010330B2869 +:109FD00032D00C2830D014330D282DD00E282BD0A1 +:109FE000343B0F2828D0102826D0112824D0043341 +:109FF000122821D013281FD0043314281CD0152870 +:10A000001AD00433162817D0172815D01033182863 +:10A0100012D0123319280FD0223B1A280CD010333B +:10A020001B2809D010331C2806D0203B1D2803D044 +:10A0300018331E2800D0002387279D4200D0A8E0B7 +:10A0400005A9FFF78DFE071E26D105982A003100CD +:10A050007C300BF042FFFFF76FF8071E1CD105990B +:10A0600005987C3105F056FEFFF766F8071E13D100 +:10A0700005984C4D03000200010001954A4D28331C +:10A080007C328831009505F053FCFFF755F8071E28 +:10A0900002D1059BE3616AE70598002804D005F02A +:10A0A000BFF90598FFF72CF8380009B0F0BD3F4A1A +:10A0B000934208D12300B8B21C332A00FFF76EFE8A +:10A0C000071EF1D153E73A4B3A4A3B4093425FD1E6 +:10A0D00003A80FF041FFE023DB051F409F4236D16C +:10A0E00000232A000093310003A810F007FEFFF7B9 +:10A0F00023F8071E27D103A80FF064FF01282CD1F5 +:10A10000049D280002F044FE8023C0005B019842B9 +:10A1100026D805A80BF048FD3B003A0001970097B0 +:10A1200005A9280002F06AFDFFF706F8071E05D111 +:10A1300005A80BF074FE430700D0863F05A80BF07E +:10A1400039FD002F0ED003A80FF00AFFACE72A005C +:10A15000310003A810F0FCFEC9E787277F42F2E731 +:10A160008627FBE7E56102E7114A12491A408A4255 +:10A1700004D1E06902F00CFEC00003E70E4A0020A3 +:10A1800013400A4A934200D0FCE6E369986DF9E671 +:10A1900086277F4288E7C046FFFFFF1FF8FF0000C9 +:10A1A0000000037010760108C38A011000000360EC +:10A1B000FFFFFFEF000001600000FFEF70B500251A +:10A1C00003680400AB4209D0C0228021D2051A40A6 +:10A1D000C9058A4209D1E069FEF792FF24220021D5 +:10A1E0002000F6F7ACFA280070BD0A4A0A491A4066 +:10A1F0008A4203D1C06903F033FEECE7074A1340FB +:10A20000074A934203D1C06905F00AF9E3E79725AD +:10A210006D42E3E7FFFFFFEF000001600000FFEF8A +:10A220000000036010B5002801D0FFF7C7FF10BD84 +:10A2300007B503000020834208D001A9180002F0EE +:10A240002DFA002802D10198FFF7B8FF0EBD10B516 +:10A250000400C069FEF754FF242200212000F6F715 +:10A260006EFA10BDF7B500260400019117001D001D +:10A27000B34209D019000120FEF73AFF061E0ED0A6 +:10A280002A003900F6F73FFAE069002801D0FEF70E +:10A2900037FF0020019BE66125622360FEBD8D2013 +:10A2A0004042FBE7F0B5050089B008000C00FFF75D +:10A2B000CEFF002328001A0004A9FFF70BFC051E9F +:10A2C0004ED1049B21001A00C1CAC1C1C1CAC1C17B +:10A2D00012680A60D203D20F628324491A688A4244 +:10A2E00002D023498A423BD105AF3800DD690BF02B +:10A2F0005BFC00232800019700931A00190002F06C +:10A300007DFC00260500B0421AD11A4938000CF035 +:10A3100012F80500B04213D038000BF0A1FD0390F5 +:10A3200001000120FEF7E4FE061E1CD00100039A86 +:10A3300038000BF043FE051E02D1039BE661236249 +:10A3400038000BF037FC002D02D03000FEF7D8FEAD +:10A350002800FEF7F1FE051E02D02000FFF777FF70 +:10A36000280009B0F0BD10256D42E9E7000001604A +:10A3700000000170010001007FB51C0000230D00EA +:10A3800016002360012203A9FFF7A4FB002806D1D1 +:10A3900000902300320029000398FFF76FF904B002 +:10A3A00070BD7FB5160000220D001C001A6003A9C5 +:10A3B0001300FFF78FFB002807D101233200009321 +:10A3C000290023000398FFF759F904B070BDF0B5D8 +:10A3D0001F00002385B0050001911600029303932E +:10A3E0009A4216D003AB02AA3900FFF7D9FB041E2C +:10A3F00012D1320001990298FFF794FD041E0BD18F +:10A4000029000298FFF7FEF9041E05D1200005B0CF +:10A41000F0BD87246442F9E70298FFF703FF0023A9 +:10A420003B80F3E7F0B595B000230BAC059222001A +:10A430008446079308930E00A1C9A1C2A1C9A1C275 +:10A44000A1C9A1C2022207A960460993FFF742FBF6 +:10A45000051E00D0A7E031000798FFF7D3F9051ECD +:10A4600000D0A0E0079E27693369049702939F42BA +:10A4700004D019003800FFF7ADFA049065697369DC +:10A48000280003939D4202D01900FFF7A3FA049B12 +:10A49000002B05D1002F03D0029B002B00D080E0C1 +:10A4A000002805D1002D03D0039B002B00D078E0BD +:10A4B000F368E26860611340E360049B08AA2361CB +:10A4C000059909AB2000FFF76BFB051E00D06AE081 +:10A4D000C0228021089B079E02933368D2051A4050 +:10A4E000C9058A4203D1348B0734E40809E0314AB4 +:10A4F00093422ED10923348B64080134E4085C4371 +:10A500003B3421000120FEF7F3FD8D25071E49D0C5 +:10A5100000230100009322000AAB3000FFF7AEF8E1 +:10A52000051E0AD1336839000393039A029B1A600F +:10A5300018000A9AFFF7F6FC050038002100FEF724 +:10A54000F1FD3800FEF7DCFD002D2CD1280015B000 +:10A55000F0BD194A934203D1348BE4081034D0E79C +:10A56000164A934205D10324338BDB085C435A34EB +:10A57000C7E7134A934205D10324338BDB085C43BE +:10A580004A34BEE70F4A1B0C1B049342ABD00E4A61 +:10A5900004009342B5D1348B0734E40864000134DD +:10A5A000AFE787256D420898FFF73CFE0023059A28 +:10A5B0001380CBE700000170000001600000027012 +:10A5C00000000260000003700000036003680D4A91 +:10A5D00010B50400934207D80B4A93420BD2002BCC +:10A5E0000CD0892040420BE0084A9342F9D804304D +:10A5F00007F018FA02E0043007F0DAF900202060D2 +:10A6000010BDC04609000001080000010B00000158 +:10A6100010B504008021F830FEF784FD2000FFF71C +:10A62000D5FF10BD036870B505000E481818032843 +:10A6300014D82B1DF8F76EFD02020E0E180007F05D +:10A64000D7F9041E02D02800FFF7C0FF2000FEF754 +:10A6500073FD70BD180007F005FAF2E7892040424B +:10A66000F7E7C046F8FFFFFE036870B506000D006F +:10A67000002B36D11C4BC818032824D8341DF8F7FA +:10A6800049FD0210151D200007F08CF90121200062 +:10A6900007F0A2F9041E20D135602000FEF74CFD22 +:10A6A0001AE0200007F07EF90021F0E7200007F013 +:10A6B000B3F90121200007F0C9F9EBE7200007F00A +:10A6C000ABF90021F6E7FE20FF23C0051B0608407A +:10A6D000C01843425841873870BD3000FFF776FFFD +:10A6E000DBE789204042F7E7F8FFFFFE002310B5C3 +:10A6F0009A4202D0FFF796FF0300180010BD000039 +:10A70000F7B580241F00036864041600DBB2334AE7 +:10A7100023439A18050001911024022A2DD9304AAA +:10A7200004349A18012A28D92E4A0834934224D096 +:10A730002D4A0434934220D02C4A103493421CD02A +:10A740002B4A1034934218D02A4A243C934214D006 +:10A75000294A0434934210D0284A043C93420CD036 +:10A76000274A0434934208D0264A1034934204D036 +:10A77000254A9B185C425C41A4013E60002E04D037 +:10A78000320021210198F5F7DAFFB4421CD82B687A +:10A790001E4A981803281DD82B1D0199F8F7BAFCFA +:10A7A00002021010180007F031F9FEF7C5FC061E72 +:10A7B0000CD13C602800FFF709FF06003000FEBD09 +:10A7C000180007F05DF9F0E78A2676422800FFF7C7 +:10A7D000FDFEF3E789267642F0E7C046FFFFFFFE65 +:10A7E000FCFFFFFE08000001090000010A00000153 +:10A7F0000B0000010C0000010D0000011000000121 +:10A800001100000112000001EDFFFFFEF8FFFFFE46 +:10A81000F0B5A5B001936B46039280221B795204D8 +:10A8200013434F4A029199180500102202292DD98D +:10A830004C4904325918012928D94B4908328B4216 +:10A8400024D04A4904328B4220D0494910328B42ED +:10A850001CD0484910328B4218D04749243A8B42C9 +:10A8600014D0464904328B4210D04549043A8B42F9 +:10A870000CD0444904328B4208D0434910328B42F9 +:10A8800004D0424A9B185A4253419A01019B3449D1 +:10A890005B180A2B06D83E49CE5C802E03D986244D +:10A8A000644242E00026B242F9D8039C04AFB442AD +:10A8B0003ED901992800FFF7D7FE041E31D1039A33 +:10A8C00002992800FFF712FF041E2AD103AB802251 +:10A8D00039002800FFF714FF041E22D1002336217F +:10A8E000039C9C422CD1331B1A0038193621029349 +:10A8F000F5F725FF002004AAA04226D12B00F8334B +:10A900001818029A5C21F5F71AFF01992800FFF741 +:10A91000ABFE041E05D1320039002800FFF7E6FE29 +:10A920000400802104A8FEF7FDFB200025B0F0BD47 +:10A93000002CD8D0220002993800F5F7E4FECDE7CC +:10A94000FA5C4A40FA540133CBE7F8239C466A216B +:10A95000835C84444B40614601306B54CCE7C04675 +:10A96000FFFFFFFEFCFFFFFE0800000109000001E1 +:10A970000A0000010B0000010C0000010D000001A5 +:10A98000100000011100000112000001EDFFFFFEA8 +:10A9900018E8011070B51E00244B0400049D9A4273 +:10A9A0002ED003339A4213D00223FF3387209A42DA +:10A9B0001BD1A378012B36D120000B002A003100D7 +:10A9C0001430FFF725FF002801D10223A37070BDCA +:10A9D0008378002B27D1002D0ED029000120FEF70F +:10A9E00087FB6060002802D18D204042EFE72A00FB +:10A9F0003100F5F788FEA5600123A3700020E6E78B +:10AA00008378022B0FD1002D0BD029000120FEF7F7 +:10AA10006FFBE0600028E7D02A003100F5F773FEF5 +:10AA200025610323E9E78920DFE7C0460102000032 +:10AA3000F0B5C5B00700009101921E00802B2FD801 +:10AA4000002503AC1A00637002AB2900981D257025 +:10AA5000F5F775FE02AB06339B191D7062789D1CDD +:10AA60005A70280032000199F5F74DFEBB78AD19F8 +:10AA70002A1B012B11D13800009B21001430FFF755 +:10AA8000C7FE051E01D10223BB70822120004900B0 +:10AA9000FEF748FB280045B0F0BD89256D42F4E77C +:10AAA00087256D42F6E70000F0B5002607681E4BCB +:10AAB00095B0FB1805000091019203960A2B01D86E +:10AAC0001A4AD65C03AB402204A92800FFF718FEFF +:10AAD000041E25D139002800FFF7C6FD041E1BD136 +:10AAE00029003200F8312800FFF700FE041E13D1C0 +:10AAF000039A04A92800FFF7F9FD041E0CD103AB4B +:10AB0000402204A92800FFF7FBFD041E04D1019A8E +:10AB100004A90098F5F7F7FD039904A8FEF702FBD6 +:10AB2000200015B0F0BDC046FFFFFFFE18E8011081 +:10AB30007FB503790D0004001100DA072CD5062239 +:10AB40001340022B28D042798A4222D80368134945 +:10AB50008B4213D1694608300DF01AFD061E04D150 +:10AB6000627969462800F5F7CEFD68461021FEF7A8 +:10AB7000D9FA3000FEF7E0FA04B070BD08490B4086 +:10AB8000A02189048B4207D129000830FFF78CFFF0 +:10AB9000F2E78A204042EFE78920FBE70200C0028B +:10ABA0000000C07FF0B593B002AC0D00160001AB01 +:10ABB00040222100FFF7A4FD00280AD1019FB742DF +:10ABC00005D1020003009F4205D1002A01D0952043 +:10ABD000404213B0F0BDE95CE65C013371400A43CA +:10ABE000F1E700000B6870B505000C00002B1BD1CD +:10ABF00003680E4A934207D80D4A93420CD2002BA9 +:10AC000012D0862040420EE00A4A9342F9D8011D34 +:10AC1000201D06F00FFF03E0011D201D06F0D0FEF1 +:10AC200000202B68236070BD8920EBE7090000013C +:10AC3000080000010B0000010021036810B50400AA +:10AC40008B420BD00F4A93420AD108300DF0C0F866 +:10AC5000E02200212379216013402371080010BDF8 +:10AC6000094A1340A0229204934203D10830FFF70F +:10AC7000CFFCEDE7C0225200F5F761FD8921494282 +:10AC8000ECE7C0460200C0020000C07FF0B51D0026 +:10AC90001E006B1E9D4180236D421B01AD0285B0DD +:10ACA000ED18664B019101681340040017000093F2 +:10ACB000002900D0B9E0E02203600379134003715A +:10ACC000009B1A005E4B9A4227D108300DF07AF8AB +:10ACD000002E03D010232279134323713B002A0056 +:10ACE00003A90198FEF7F6FE061E12D1009BBD04D3 +:10ACF0001A00534BAD0E03999A4249D10F8B0300B2 +:10AD000009683A000098FEF7CDFD011E1DD1862688 +:10AD100076422000FFF790FF14E0A022494B9204F6 +:10AD20003B40934201D18160D2E7FE26FE23F60527 +:10AD30003E401B06F618C02277427E415200873EF5 +:10AD4000F5F7FDFC300005B0F0BD2600436908367C +:10AD50006371039B300000930DF06AFA002805D15F +:10AD6000009B3A00D96930000DF07EFBFEF7E4F954 +:10AD70000600002D05D0032DC9D96379AB4232D32B +:10AD80006571002EC5D10123227913432371D9E7C0 +:10AD9000A0222C4B92043B40934249D1FBB2802726 +:10ADA000294A7F043B439A18022A35D9274A9A1820 +:10ADB000012A2FD9264A934201D11C220DE0254AAF +:10ADC000934201D1202208E0234A934201D130224C +:10ADD00003E0224A934208D140226271A22208680D +:10ADE000D20590421AD0872692E71D4A9342E4D0BA +:10ADF0001C4A9342E6D01C4A9342DED01B4A93423F +:10AE0000E0D01B4A9342E2D01A4A9342E4D0002396 +:10AE100063717CE71422E0E71022DEE720000A6A73 +:10AE20000830C969FFF7F4FCA2E78926764289E772 +:10AE3000002D00D16BE7862676429CE7FFC0FFFF1E +:10AE40000200C0020000C07FFFFFFFFEFCFFFFFE0C +:10AE500008000001090000010A0000010B000001C8 +:10AE60000C0000010D0000011000000111000001A4 +:10AE7000120000011300000110B50123FFF706FFC7 +:10AE800010BD10B50023FFF701FF10BD70B5040021 +:10AE90000079C30703D489256D42280070BD0623BD +:10AEA0000340022BF7D00823034323710D48236886 +:10AEB00083420BD1200008300DF000FBFEF73CF977 +:10AEC000051EEAD02000FFF7B7FEE6E7064803407C +:10AED000A02080048342DED120000830FFF706FC6A +:10AEE000EEE7C0460200C0020000C07FF7B51F00B9 +:10AEF0000368040001911600002B03D189256D42DF +:10AF00002800FEBD3A60002A03D021210198F5F700 +:10AF100016FC2379DB06F1D5320001992000FFF7FA +:10AF200007FE05002000002D0CD1FFF785FE051E51 +:10AF300002D163793B60E3E7320021210198F5F704 +:10AF4000FEFBDDE7FFF778FEDAE7F0B5036893B0C4 +:10AF500006000191002B2BD0102304791C4027D12F +:10AF6000477997421ED1402202A9FFF7E1FD230055 +:10AF700005009F420ED8002C14D1002D14D13000B2 +:10AF8000FFF75AFE0500402102A8FEF7CBF8280083 +:10AF900013B0F0BD019A02A9D25CC95C01334A40EA +:10AFA0001443E6E795256D423000FFF745FEEAE7DA +:10AFB00089256D42EBE70000F0B593B00892079346 +:10AFC000199A1A9B0C001A60002A00D1DCE080223A +:10AFD0000B00D2000BA9FEF77DFD051E1AD10B9ABE +:10AFE000E0211368C90518000840884249D1684922 +:10AFF0008B425CD10FAFD66907993A002000FEF76B +:10B0000045FF051E06D1300001F0C2FE199B8342A8 +:10B0100004D28A3D199A212118982AE0FF239C43E3 +:10B020005C4B9C422AD12A002900300001F0AAFE84 +:10B03000189B594A0393089B58490293079B300079 +:10B0400001933B780093012302F05CFD041E04D1C0 +:10B05000300001F09DFE1A9B18602000FEF76CF88E +:10B06000051ED7D121211A9B1868199B1A1A189B03 +:10B070001818F5F764FB280013B0F0BD484B9C424C +:10B0800002D087256D42C5E73A783000012101F0F2 +:10B0900079FE189B00950393089B3F4A0293079BF8 +:10B0A0003E4901933000012302F0F6FBCEE73D4913 +:10B0B00086250B403C498B42E4D13C4B3C49234024 +:10B0C0008B42DED1D6690CA8B36DDD1DED080AF008 +:10B0D0006BFD0FA80AF068FD6B000993199B6A00CD +:10B0E00093424FD337007C37E3033CD5E4B2002CC6 +:10B0F00037D080235B041C432E4BE418032C30D83C +:10B100002D4BA400E0580EF063FE234B02900493F5 +:10B11000224B0FAA0393079B0CA90193089B3000B5 +:10B1200000933B000DF030FE041E0DD12A0018994B +:10B130000CA80AF043FF041E06D1189B2A005919D7 +:10B140000FA80AF03BFF04000CA80AF033FD0FA87B +:10B150000AF030FD002C00D07FE71A9B099A1A6094 +:10B160007BE70020CFE70C4B0FAA03930B4B0CA9F6 +:10B170000293079B30000193089B00933B0003F070 +:10B1800099FAD1E70D4CDFE78A256D4273E7C04697 +:10B19000000001700000021010760108C38A01103F +:10B1A000000003100000FFEF0000036000FFFEFF3F +:10B1B00000000610F8FFFFFE08E8011000B1FFFFD5 +:10B1C000F0B591B00792802206930D000B0012019A +:10B1D00009A9FEF77FFC041E36D1099A4749136876 +:10B1E00047481940814248D10DAFD66906993A00C7 +:10B1F0002800FEF74BFE041E26D1300001F0C8FDEA +:10B20000179B834202D0952464421DE0FF239D4397 +:10B210003C4B9D421BD122002100300001F0B2FDC9 +:10B22000169B394A0393079B38490293069B3000CB +:10B2300001933B780093230002F0F0FD344B9842D9 +:10B24000E1D0FDF779FF0400200011B0F0BD314BD3 +:10B250009D4251D13A783000012101F093FD169BB7 +:10B2600000940393079B284A0293069B2749019366 +:10B270003000230002F052FDE0E727490B40274948 +:10B280008B4237D1264B1D40264B9D4234D1D76986 +:10B290000AAEBB6D30000733DB080DAD05930AF035 +:10B2A00083FC28000AF080FC059B179A5B009A42F9 +:10B2B000A9D1059A169930000AF00FFE041E11D18B +:10B2C000169B059A280099180AF007FE041E09D15A +:10B2D0003B00019588330096069A0799380003F0E1 +:10B2E000BDFA040030000AF065FC28000AF062FC98 +:10B2F0002000A6E7862487E7872485E7FFFFFFEF86 +:10B30000000001600000021010760108C38A0110DD +:10B3100000BFFFFF000003100000FFEF000003600C +:10B3200000FFFEFF00000610F0B51F0000238BB0E9 +:10B330000792149A0E0013600A00FF339A432F4BB2 +:10B3400006929A4205D0119B002B02D087246442BA +:10B3500034E080223300520009A9FEF7BBFB041E33 +:10B360002CD1099AC0211368C905180008408842E9 +:10B37000ECD123490B4023498B423BD1D5692800AE +:10B3800001F006FD139B984236D81F4B9E4218D100 +:10B39000129B00970293079B1C4A01931C492300B0 +:10B3A000280002F069F8041E04D1280001F0F0FC26 +:10B3B000149B18602000FDF7BFFE040020000BB0B6 +:10B3C000F0BD069B1A000D4B9A42BFD129003000F8 +:10B3D000FEF7A2FC129B02970493079B0B4A039370 +:10B3E000119B0B490193109B28000093230001F04F +:10B3F0003BFFD8E78624AAE78A24A8E700000312C7 +:10B40000FFFFFFEF0000016000000212107601084C +:10B41000C38A0110F0B58BB0079300231700149A6C +:10B420002B4E13600A00FF339A430D000692B2427E +:10B4300005D0119B002B02D0872040422BE08022B8 +:10B440002B00920009A9FEF745FB002823D1099B98 +:10B45000E0211A68C905100008408842ECD11D4956 +:10B460008A4233D1DC69200001F092FC079B9842AC +:10B47000E2D1194B9D4210D1139B01970393129B6C +:10B48000164A0293149B164900932000012302F0F0 +:10B49000DFF9FDF751FE0BB0F0BD069BB342CBD1F7 +:10B4A00021002800FEF738FC139B03970593129B9D +:10B4B0000A4A0493149B0A490293119B20000193AA +:10B4C000109B0093012301F0F7FFE2E78620B4E729 +:10B4D0000000031200000170000002121076010843 +:10B4E000C38A011070B5002503680400AB4210D078 +:10B4F000FE22D20513408022D20493420BD10830A1 +:10B500000CF066FCF8222379256013406571A57163 +:10B510002371280070BD89256D42FAE7F0B585B02A +:10B5200004000091160001938025012B12D0AD007C +:10B530002168002900D09BE0FE238022DB053340F8 +:10B54000D204934208D04C222000F5F7F8F8872562 +:10B550006D428AE06D00EBE701222700237908376E +:10B56000934303329343023A134323716171A171F0 +:10B57000380026600CF026FC2A00330003A900984E +:10B58000FEF7A8FA051E6DD103990B8B096800938D +:10B59000009A03003000FEF785F9011E60D03800E4 +:10B5A0000CF046FE051E48D10399019B009AC9691B +:10B5B00038000CF025FC051E3FD12F4B9E4242D097 +:10B5C0002E4B9E424AD00122237990211343FF2221 +:10B5D000D20523713240C90401238A4214D0039B4F +:10B5E00027491A6810238A420ED02649083B8A420E +:10B5F0000AD0254908338A4206D0244B0121D218AB +:10B60000002391425B41DBB2A371730215D5039B0A +:10B610001B491A6810238A420ED01A49083B8A42F5 +:10B620000AD0194908338A4206D0184B0121D21892 +:10B63000002391425B41DBB263712800FDF77CFD82 +:10B64000051E12D00EE0042138000CF0AFFD0028DA +:10B6500010D10123227913432371C0E70100F3E7DE +:10B6600086256D422000FFF73DFF280005B0F0BDA4 +:10B6700089256DE70500E0E7000160040101600431 +:10B68000010000400200004003000040FCFFFFBF3B +:10B6900010B50123FFF742FF10BD10B50023FFF7DF +:10B6A0003DFF10BD037970B5040006200340022B56 +:10B6B00017D1637993420ED120001A0008300CF0A4 +:10B6C000BFFBFDF739FD051E07D104232279134383 +:10B6D0002371280070BD87256D422000FFF702FF0F +:10B6E000F7E789256D42F4E770B50C0006211E00CE +:10B6F000037905000B40022B1CD14379934213D8E8 +:10B700001A0021000D480DF0DCF9002805D0FDF7E6 +:10B7100013FD041E0AD1200070BD6A792100326039 +:10B720002800FFF7BFFFF4E78A2464422800FFF7F0 +:10B73000D9FEF0E789246442EDE7C046107601089F +:10B74000F0B585B00393036804000F001600002BCA +:10B7500027D0FF22D205134090223500D204934215 +:10B7600006D08579C36A2900F018F7F7DDFC454358 +:10B770000A9B9D420FD820000B9B3200009339009A +:10B78000039B08300CF08AFBFDF7D6FC051E04D1A4 +:10B79000280005B0F0BD8A256D422000FFF7A2FE0B +:10B7A000F6E789256D42F3E7F0B51E00037985B011 +:10B7B00004000D001700DA073CD506221340022BC7 +:10B7C00038D01023C356012B06D11C4B02689A4275 +:10B7D00002D1C36A002B28D120003200694608300C +:10B7E0000CF076FC00280CD0FDF7A6FC0500002329 +:10B7F000684633601021FDF795FC2000FFF772FECC +:10B8000010E03268002A05D0BA4211D869462800F3 +:10B81000F4F779FF10216846FDF784FC2000FFF75C +:10B8200061FE0500280005B0F0BD87256D42DEE70A +:10B830008A25FBE789256D42F4E7C04600016004D4 +:10B84000F0B51E000023F3B009927E9A0AAD136092 +:10B8500080220B000F0052002900FEF73BF9041E66 +:10B860003ED139002800FEF7D3F9041E38D19E27B7 +:10B87000FF37EB5D7B9A7D999A188A4247D87B996E +:10B880007C9A26485218CC214900695881422AD115 +:10B8900005937C9B069204937A9B00960393799B75 +:10B8A0007B9A0293789B012101930CA8099B0DF0D0 +:10B8B0003FFFFDF741FC041E07D07D9B002B04D009 +:10B8C0001A0000217C98F4F73AFF0AAD2800FEF731 +:10B8D00069F8002C04D1EB5D7B9A9B187E9A13606B +:10B8E000200073B0F0BD0E48814213D105937C9BBC +:10B8F000049203937A9B099A0293799B7B99019313 +:10B90000789B0CA8009333000CF008F9D1E78A2447 +:10B910006442DAE786246442E2E7C0460210400649 +:10B9200001104006F0B5F1B00793002316007C9A91 +:10B9300008AD136080220B000F0092002900FEF773 +:10B94000C9F8041E3DD139002800FEF761F9041E34 +:10B9500037D19E27FF37EB5D799A934247D8D11AAA +:10B960007B9A8A4246D3CC204000789A2858244CAF +:10B970005218A04228D17A980393779B059001939F +:10B980007898769B0490029200933200079B0AA855 +:10B990000DF0E9FEFDF7D0FB041E07D07B9B002BCA +:10B9A00004D01A0000217A98F4F7C9FE08AD2800E7 +:10B9B000FDF7F8FF002C04D1EB5D799AD31A7C9A3D +:10B9C0001360200071B0F0BD0E4CA04214D105935D +:10B9D0007A9B04920393789B32000293779B0AA888 +:10B9E0000193769B0093079B0CF0DAF8D2E787244B +:10B9F0006442DBE78A24FBE786246442E1E7C04631 +:10BA00000210400601104006FE22C0210368D20544 +:10BA100070B51A40040089058A4213D11D4A1340AB +:10BA2000802292051343FF22190091431A4A914242 +:10BA300012D1E068FDF764FB20001430FEF7E8FD4A +:10BA4000050002E00025AB42EDD1862120008900EF +:10BA5000FDF768FB280070BD104A5B0A5B02934249 +:10BA600014D12069002805D06169FDF75BFB2069CE +:10BA7000FDF746FBA069002805D0E169FDF752FB00 +:10BA8000A069FDF73DFB20002030D7E789256D42F6 +:10BA9000DBE7C046FFFF0308000100200002002092 +:10BAA000F0B585B00293FE230E00C0210568DB05CA +:10BAB00004002B4089058B4204D182490D4080212E +:10BAC00089050D430223FF339E4207D004D37E49EC +:10BAD0007118032900D88EE0872694E0A421C905B7 +:10BAE0008A4201D0002AF7D1FF212A0077488A43F1 +:10BAF000824200D0B7E00D408021754A49040D43D1 +:10BB000096427AD0734A964200D190E09E42E3D1A9 +:10BB10000327714BE15C039339400FD120002B00C8 +:10BB20000A001430FEF774FE061E00D0BCE0039B32 +:10BB3000E25C0123BA431343039AA3540322039BF9 +:10BB4000E35C1340012B5DD1270014370A9A029958 +:10BB50003800FEF7CBFD061E00D0A5E021008D3198 +:10BB60004022FF313800FEF79FFF061E00D09BE009 +:10BB70005A4A1023AA18022A2DD9594A0433AA185E +:10BB8000012A28D9574A0833954224D0564A04330B +:10BB9000954220D0554A103395421CD0544A103358 +:10BBA000954218D0534A243B954214D0524A04334C +:10BBB000954210D0514A043B95420CD0504A043370 +:10BBC000954208D04F4A1033954204D04E4BED18A1 +:10BBD0006B425D41AB0183229200A35400224B4B88 +:10BBE000E254039B0332E35C93431A0002231343A2 +:10BBF000039AA35418E0464972E70322364FE35DE7 +:10BC0000134202D0892676424EE020002B000A9A89 +:10BC100002991430FEF7FCFD061E45D10323E25DB8 +:10BC20009A43023B1343E355300005B0F0BD2A4D63 +:10BC3000635DDA439207E5D05B07E3D40A9B236197 +:10BC4000002B0AD019000120FDF752FAE06000280D +:10BC500033D00A9A0299F4F756FD0423625D002658 +:10BC600013436355E0E72B4882420CD10D408021FD +:10BC7000200032000A9B49040093029B29430C30A8 +:10BC8000FEF788FE0EE02448824218D10D40802144 +:10BC9000200049040C3029439E4209D10A9B029A94 +:10BCA000FEF7C6FE061EBFD02000FFF7ADFEBBE7C5 +:10BCB0000A9B32000093029BE2E78D26A3E78926C8 +:10BCC0007642B1E7FFFF0308FFFDFFFF0001002000 +:10BCD00002020000030200000E020000FFFFFFFE50 +:10BCE000FCFFFFFE08000001090000010A0000013E +:10BCF0000B0000010C0000010D000001100000010C +:10BD00001100000112000001EDFFFFFE0D02000016 +:10BD10000100005000020020000300200368002BF7 +:10BD200003D0836800200B60704789204042FBE706 +:10BD30000368002B05D083688B4205D38160002007 +:10BD4000704789204042FBE78720FBE7F0B5C7B08A +:10BD50000292FE220591C0210368D20504001A4018 +:10BD600089058A420DD1B64A1340802292051343B9 +:10BD7000A26802998A4209D200238F25A3606D42EE +:10BD8000A7E0002BF4D189256D427CE002990029BF +:10BD900002D1002A00D1F5E102991800521AA260DE +:10BDA000FF22A8499043884200D0B6E08027134084 +:10BDB0007F041F43A44B1026FB18022B2DD9A34B45 +:10BDC0000436FB18012B28D9A14B08369F4224D0FA +:10BDD000A04B04369F4220D09F4B10369F421CD070 +:10BDE0009E4B10369F4218D09D4B243E9F4214D04C +:10BDF0009C4B04369F4210D09B4B043E9F420CD07C +:10BE00009A4B04369F4208D0994B10369F4204D07B +:10BE1000984BFE1873425E41B6019749625C9307E6 +:10BE20009B0F012B00D8ABE1530700D4A8E10323FB +:10BE300013436354029B0093059B0493009B002BC8 +:10BE400020D083239B00E15C009B751AEDB29D42DC +:10BE500001D96B461D782300CD33FF332A005918D2 +:10BE600004980393F4F74FFC8322049B92005B1920 +:10BE70000493009B5B1B0093A35CED18009BA554EF +:10BE8000002B03D10025280047B0F0BD7B4AA35CFE +:10BE9000FF2B00D174E101338321A35400238900D7 +:10BEA000635423002100143301938D313B00320091 +:10BEB000FF310198FEF7ACFC051E0AD16F4AA35C66 +:10BEC000012B11D12269E1680198FEF70FFC051ED4 +:10BED00012D026682000FFF797FD2660029A2121E4 +:10BEE0000598F4F72CFCCEE7320003990198FEF791 +:10BEF000FDFB051EE6D0ECE7604B0122E11801983E +:10BF0000FEF790FB051EE4D1402203990198FEF74D +:10BF1000CBFD051E00D191E7DBE75948590A4902DC +:10BF2000814200D02FE7802713407F041F43464BF8 +:10BF3000FB18079310230093079B022B38D9142377 +:10BF40000093424BFB18012B32D91C22404B00922C +:10BF50009F422DD03F4B043200929F4228D03E4B4F +:10BF6000103200929F4223D03C4B103200929F42ED +:10BF70001ED03B4B243A00929F4219D0394B0432D9 +:10BF800000929F4214D0384B043A00929F420FD047 +:10BF9000364B043200929F420AD0354B1032009249 +:10BFA0009F4205D0334BFB185A4253419B010093EB +:10BFB000029B0393059B0493039B002B00D161E735 +:10BFC000267B002E00D0C0E0079B022B2CD91F4BF4 +:10BFD000FB18012B2AD91E4B9F422BD01D4B9F4291 +:10BFE0002AD01D4B9F4229D01C4B9F4220D01C4B76 +:10BFF0009F421FD01B4B9F421ED01B4B9F4219D00C +:10C000001A4B9F4218D01A4B9F4217D01D4B9F428C +:10C0100000D14036F822002108A8F4F790FB637B9A +:10C02000FF2B31D19725AAE61026F3E71426F1E776 +:10C030004026EFE71C26EDE72026EBE73026E9E770 +:10C04000FFFF030800010020FFFFFFFEFCFFFFFED3 +:10C0500008000001090000010A0000010B000001B6 +:10C060000C0000010D000001100000011100000192 +:10C0700012000001EDFFFFFE0E0200000D020000A5 +:10C0800000020020130000010133637323002033FA +:10C09000267308A918000193FEF7A4FD051E44D1DC +:10C0A000637B012B4CD1E269A1690198FEF71EFB6D +:10C0B000051E3AD1626921690198FEF717FB051E3A +:10C0C00033D123009933FF333200190001980693CE +:10C0D000FEF7EAFC051E28D1019908A8FEF782FDAB +:10C0E000051E22D1320006990198FEF7FFFA051EBF +:10C0F0001BD1E269A1690198FEF7F8FA051E14D177 +:10C10000626921690198FEF7F1FA051E0DD121003F +:10C11000D9313200FF310198FEF7C6FC051E04D16B +:10C12000019908A8FEF75EFD050008A8FEF74EFA83 +:10C13000002D00D0CDE6002800D13DE70500C8E67F +:10C14000210099313200FF31B6E7039B35009E4252 +:10C1500001D96B461D7B009B2A00991B2600D9360E +:10C16000C9B2FF3671180498F4F7CDFA049B5B1935 +:10C170000493039B5B1B0393237B5D1B25731BE7CE +:10C180008925FCE58F25FFE50023F0B585B00293F6 +:10C190000393038B050000910192002B3ED00126F2 +:10C1A0000B7933423DD003AB02AA0199FDF7F8FCAD +:10C1B000041E25D1C023029FDB0539682A8B0B4062 +:10C1C0008021D51DED08C9058B4222D1530720D10E +:10C1D00030002900FCF78CFF061E1DD001002A004C +:10C1E0000098FFF7B3FD041E05D12A003100380086 +:10C1F000FDF798FE04003000FCF782FF002C05D00C +:10C200000298FEF70FF80023019A1380200005B072 +:10C21000F0BD87246442F3E78D24FBE78724644262 +:10C22000F4E78524FBE70000036870B504000D0007 +:10C23000002B18D1FE23DB050B408022C021920584 +:10C2400089058B420BD10A492940114391420DD0F7 +:10C250002000FDF78FF9002800D1256070BD9342C2 +:10C2600004D12900F4E789204042F7E78720FBE763 +:10C27000FFFF030807B5009313000022FFF710FC2F +:10C280000EBD7FB50400100080220E00236852010D +:10C2900003A9FDF71FFC051E05D02000FFF7B4FB26 +:10C2A000280004B070BD0223FF339E4204D12279DE +:10C2B000013BFF3B13432371039A3100136A2000B3 +:10C2C0000093D3691268FFF7EBFB0500E8E7000075 +:10C2D000F0B50600FE251000C02299B00393336824 +:10C2E000ED050F001D40920595423DD1802205A924 +:10C2F0005201FDF7EFFB041E2ED1FC2331681B0415 +:10C300000B401D431A4B059A06909D4227D1136896 +:10C3100018491B0C1B048B4224D106AB019342230A +:10C320000093D26907AB1E990398FDF763FD041EC5 +:10C3300009D1A422069BD2050093390007AB300037 +:10C34000FFF7AEFB0400069907A8FCF7EBFE002CF4 +:10C3500002D03000FFF758FB200019B0F0BD862452 +:10C360006442F0E78724FBE787246442F4E7C04691 +:10C370000000203000000370F8B5CF23104A9B0066 +:10C38000D35C07000E00DB0716D580250C00ED00FE +:10C39000B919091B0B48AC4203D822000CF091FBE1 +:10C3A00004E02A000CF08DFB002802D0FCF7C4FE4C +:10C3B000F8BD054BE418EBE789204042F8E7C0469A +:10C3C0007C7301081076010800FCFFFFF0B51F0028 +:10C3D000FE2305001600C022DB0585B008002B40B7 +:10C3E0009205934202D0872464421DE080222B00F4 +:10C3F000520103A9FDF76EFB041E15D1104B039AE1 +:10C400009D421BD113680F491B0C1B048B42EAD1C0 +:10C410000C9B390001930B9B30000093D2690A9B5F +:10C42000FDF7E8FC041E06D00B990A98FFF7A4FF5D +:10C430000C9B0B9A1A60200005B0F0BD8624D3E750 +:10C4400000002030000003700023F0B587B0049393 +:10C450000593038B07000391002B00D19FE005ABF0 +:10C4600004AAFDF79DFB041E2AD1049DFA693E8BA8 +:10C470003C6A2868002A02D1002C00D08DE0C0233D +:10C480008021DB050340C9058B4210D12A00310011 +:10C490001C32FDF751FB041E12D1296AE869FFF72F +:10C4A0006BFF041E0CD10024200007B0F0BD3D4BF3 +:10C4B000984240D180235B019E4208D98624644281 +:10C4C0000498FDF7AFFE0023039A1380ECE70723DF +:10C4D0003340F3D1002C13D0042CEFD811191C00D9 +:10C4E0001378240201321C439142F9D1002CE5DB80 +:10C4F000AC210120FCF7FCFD071E03D18D24DEE7F3 +:10C50000294CF5E70022110000F02EFC00943300C6 +:10C51000264A2749380001F0DBFC041E09D0380008 +:10C5200001F09EFC3800FCF7EBFD2000FCF704FE58 +:10C53000B7E7EF61B8E71F4A030C1B049342BDD174 +:10C54000123880B200270C2801D81B4B1F5C380022 +:10C5500002F082FE002CB1D1002FAFD00028ADD068 +:10C5600083889E4219D1AC210120FCF7C1FD061E33 +:10C57000C4D002F0C3FE38000C4B0D4A310003F06A +:10C5800099FC071E07D0300002F04AFF3000FCF78C +:10C59000B7FD3800CAE7EE6186E787248FE7872476 +:10C5A000644281E70000017001000100107601087B +:10C5B000C38A011000000370F9E7011010B500F004 +:10C5C00093F8CF23084C9B00E25C06231A4205D067 +:10C5D00006480CF0BEF9064863689847D021200051 +:10C5E0008900FCF79FFD10BD7C73010810760108DF +:10C5F00084730108F0B5224B85B00393CF23214CFF +:10C600009B00E35C0026DB0733D42368B34201D1EF +:10C610001D4B23606368002B01D11C4B63601C4FD2 +:10C62000236838009847CF251A4EAD0030000CF033 +:10C6300086F90623625D18499A43043B1343635508 +:10C6400003233A000093300003AB0CF093F9FCF79E +:10C6500073FD061E10D10623625D9A43023B13430D +:10C66000635500F035F8061E06D10123625D1343C1 +:10C670006355300005B0F0BDFFF7A0FFF9E7C046F5 +:10C68000505341007C7301083990011081900110D2 +:10C690008473010810760108A390011090230B4ABF +:10C6A000DB00D35CDB070CD5431E98B21F280BD8E8 +:10C6B0002420584380180368002B05D00860002010 +:10C6C000704789204042FBE78820FBE7BC760108E1 +:10C6D000902201230349D200885C03438B5400203D +:10C6E0007047C046BC76010870B50024242630008F +:10C6F0006043074D01344019FDF760FD202CF6D151 +:10C7000090220121D200AB5C8B43AB5470BDC0467C +:10C71000BC760108902330B50E4CDB00E35CDB07F0 +:10C7200013D52023242503800288002A03D18D20DD +:10C730000A60404230BD2B00013A5343E3180B60BE +:10C740001B68002B03D00280EEE78920F1E7180078 +:10C75000F0E7C046BC760108002A01D00023136030 +:10C760000138434258418738704707B5030000201D +:10C77000834208D001A91800FFF790FF002802D1DA +:10C780000198FDF71BFD0EBDF0B597B002920600B3 +:10C7900040220D0006A800210393F3F7D0FF0023E9 +:10C7A00005931C9B18680DF00FFB0190002D07D11D +:10C7B0002C0006A84021FCF7B5FC200017B0F0BD06 +:10C7C000019B00959D4200D900931C980DF0D4F96F +:10C7D000041EEED1039A02991C980DF0EDF9041E87 +:10C7E000E7D1042205A91C980DF0E6F9041EE0D15A +:10C7F00006AF39001C980DF0F9F9041ED9D1009B41 +:10C800009C4206D105AAD37836190133D3702D1B6B +:10C81000CCE7335DE25D534033550134EFE7000070 +:10C82000F0B51E00002385B005000F0001920293B1 +:10C830000393984260D00DF025F9041E03D13B4DBF +:10C84000280005B0F0BD280002AA03A90DF032FBB4 +:10C85000051EF4D120000DF0B7FA029A009083185B +:10C860001A0008327F2AEAD8010002320A318A42CD +:10C87000E5D3B242E3D834000A3CE41A0A2CDED9EC +:10C880000A9B0A9A9F1C1D700123033C5370FF21D1 +:10C8900022003800F3F753FF30213B1959701D7007 +:10C8A000029C00982200083282189A70E2B2D97075 +:10C8B000111D19710621DF1D59719A71039922000A +:10C8C0003800F3F720FF05233F193B70013BFC18AC +:10C8D000BB70009B20001A00FB707D700199F3F77C +:10C8E00012FF0A9B009A9B19A418A342A8D03100FA +:10C8F0000A98FCF717FCA2E78E42A0D3761A0A2EFC +:10C900009DD90A9B0A9A18709C1C0123033E537000 +:10C91000FF2132002000A619F3F711FF3570701CBB +:10C920003A000199F3F7EFFE8AE7C04680BFFFFFA8 +:10C93000F8B5050008354768040028000E0009F026 +:10C940008FFA874201D02848F8BD80236268DB0057 +:10C950009A42F8D80021280009F0EDFC0028F2DD09 +:10C960000021280009F005FA0028ECD0002E1FD184 +:10C9700020000021143009F0DEFC0028E3DD002E49 +:10C9800014D020000021443009F0D5FC0028DADD65 +:10C9900020000021503009F0CEFC0028D3DD20001B +:10C9A00000215C3009F0C7FC0028CCDD0020CBE77B +:10C9B00025002C350021280009F0BDFC0028C2DD2F +:10C9C0000021280009F0D5F90028BCD00C35002141 +:10C9D000280009F0B0FC0028B5DD0021280009F08E +:10C9E000C8F90028C4D1AEE780BFFFFF70B50400CE +:10C9F0001D0000290AD006000836300009F06DFA43 +:10CA0000002818D1300009F02BFA6060002D0AD1FF +:10CA1000059B002B12D1079B002B18D1099B002BE3 +:10CA20001ED1002070BD2000049A29002C3009F08E +:10CA300054FA0028ECD00F4BC018F3E72000069AF8 +:10CA40000599383009F049FA0028F4D1E3E72000CD +:10CA5000089A0799203009F040FA0028EBD1DDE769 +:10CA600020000A9A1430099909F037FA0028D8D022 +:10CA7000E1E7C04680BFFFFF0300F0B508338BB08D +:10CA8000039000211800069309F055FC039B002138 +:10CA90002C3305001800049309F04DFC039B07009C +:10CAA000383300211800059309F045FC039B0290E0 +:10CAB000203300211800079309F03DFC039B0890E8 +:10CAC000143300211800099309F035FC002F00D120 +:10CAD0008DE0029B002B00D171E0089B002B00D160 +:10CAE0006DE00200531E9A41002D62D0029C3C432F +:10CAF00000D069E0089B2600002B02D00600731EC0 +:10CB00009E41089B23431C1E1ED10123002800D1F7 +:10CB1000002321003143114308910B4347D0002DDE +:10CB200019D1002F17D0029B002B14D0059A04991D +:10CB3000069809F014FD002808D02F4BC0180BB040 +:10CB4000F0BD3A00D2E7029E0024E1E7069809F022 +:10CB500087F9039B5860002E20D0059B079A00930D +:10CB60000999049B069801F09DFA0028E5D1089BDD +:10CB7000002B0ED0039B079A5C330193039B05990E +:10CB800050330093039B0498443301F033FD002895 +:10CB9000D3D108990398FFF7CBFED0E7002CE6D05D +:10CBA000079B099A0599049801F062FBDDE712489A +:10CBB000C5E73E1EC8D0029B1E1EC5D00AE02A1E35 +:10CBC000F7D00022029C3C433E1E00D199E7029B15 +:10CBD000002BB8D00024089BA34202D10400601EA1 +:10CBE00084412E1E00D193E70026330091E7002DEB +:10CBF000A7D12A002E00A7E780BFFFFFF7B51E00D0 +:10CC00000300083304000F001800002115000193F1 +:10CC100009F091FB002803D1002D2FD02A483AE0DB +:10CC2000200000212C3009F086FB0028F4D02000E1 +:10CC30000021383009F07FFB0028EDD020000021D2 +:10CC4000203009F078FB0028E6D0200000211430C5 +:10CC500009F071FB0028DFD0002F16D1002D1BD169 +:10CC6000002E21D1089B002B26D1099B181E12D023 +:10CC700021000998143108F0D9FF0CE0002ECDD125 +:10CC8000089B002BCAD1002FEFD00199380008F083 +:10CC9000CDFF0028E2D0FEBD210028002C3108F095 +:10CCA000C5FF0028DCD0F6E721003000383108F05D +:10CCB000BDFF0028D6D0EEE721000898203108F00B +:10CCC000B5FF0028D1D0E6E780BFFFFFF8B504002C +:10CCD0000F000830002116001D0009F02CFB002871 +:10CCE00001D12048F8BD200000212C3009F023FBA1 +:10CCF0000028F6D020000021383009F01CFB002865 +:10CD0000EFD020000021203009F015FB0028E8D0EA +:10CD100020000021143009F00EFB0028E1D0002F84 +:10CD200005D1002E0DD1002D13D10020DAE721000E +:10CD30003800443108F07AFF0028F2D0094BC018BF +:10CD4000D0E721003000503108F070FF0028F5D105 +:10CD5000E9E7210028005C3108F068FF0028EDD1E8 +:10CD6000E3E7C04680BFFFFF70B504000E0015006A +:10CD70000021A422F3F7E3FC2300A834A4331E60AF +:10CD8000256070BD0300A830A433196002607047AD +:10CD90004068704770B500210400FFF7C9FD051E0B +:10CDA00018D126000836300009F039F87F2811D94B +:10CDB00014342900200008F0DCFF00280AD02000ED +:10CDC00009F02DF8012805D93100200009F06CFA8E +:10CDD000002800DB014D280070BDC04600BEFFFFEB +:10CDE000F0B585B00400FFF7D5FF002802D0164843 +:10CDF00005B0F0BD01212000FFF79AFD0028F6D113 +:10CE00002500260027002300029001902000143303 +:10CE10002C3538362037009332003B00290008308B +:10CE200001F00EFB0028E2D1220023005C325034D6 +:10CE30000192443300943A003100280001F074FA62 +:10CE40000028D5D0D3E7C04600BEFFFF70B5040070 +:10CE50000D00FFF79FFF002814D12800FFF7C0FF47 +:10CE600000280FD1290020000831083009F01CFAF1 +:10CE7000002807D1290020001431143009F014FAD9 +:10CE8000002800D0004870BD00BEFFFFF0B50C00C8 +:10CE900087B0002105001600FFF74AFD002830D1B9 +:10CEA00003A808F081FE21006A6803A809F015F8BC +:10CEB000041E19D12C000834210003A809F0F4F94C +:10CEC00000281BDA2A006F6803A968352300143292 +:10CED0000095080009F062FE041E05D13A003100F9 +:10CEE00003A809F06BF8040003A808F063FE002C07 +:10CEF00001D0054BE418200007B0F0BD04246442C3 +:10CF0000F2E7024CF7E7C04680BDFFFF80BFFFFF9E +:10CF1000F0B5A7B002910121050007921C00FFF7B0 +:10CF200007FD002800D094E108A808F03DFE0BA8FA +:10CF300008F03AFE0EA808F037FE11A808F034FEFB +:10CF4000029B002B05D01AA808F02EFE1DA808F0A1 +:10CF50002BFE14A808F028FE17A808F025FE20A82C +:10CF600008F022FE23A808F01FFE21006A6808A826 +:10CF700008F0B3FF041E00D03CE12F000837390051 +:10CF800008A809F091F9002800DB5BE108A920A8B6 +:10CF900008F04CFE041E00D02CE12B004433039318 +:10CFA0000C330493029B002B00D181E02B00A033B3 +:10CFB0001B68002B00D1D9E02E008C3632003100E6 +:10CFC000300009F0CCFA041E00D013E13A00310021 +:10CFD000300009F073FD041E00D00BE10C36320066 +:10CFE0003100300009F0BBFA041E00D002E13A0023 +:10CFF0003100300009F062FD041E00D0FAE02A0082 +:10D0000008A98C32080009F0AAFA041E00D0F1E049 +:10D0100008A93A00080009F051FD041E00D0E9E01B +:10D02000290001222C310BA809F087FA041E00D038 +:10D03000E0E02900012238310EA809F07EFA041E32 +:10D0400000D0D7E0079B029A1C2111A80AF04AF8E9 +:10D05000041E00D0CEE011AA0BA91AA809F07FFA8D +:10D06000041E00D0C6E01AA9039A080009F00BFAC2 +:10D07000041E00D0BEE0079B029A1C2111A80AF0F2 +:10D0800031F8041E00D0B5E011AA0EA91DA809F0C0 +:10D0900066FA041E00D0ADE01DA9049A080009F04C +:10D0A000F2F9041E00D0A5E01DAB04931AAB039364 +:10D0B0002B002C33059348330093039A059B08A952 +:10D0C00014A809F06BFD041E00D093E02E002B0085 +:10D0D000383680330093049A330008A917A809F062 +:10D0E0005DFD041E00D085E017AA14A908A809F068 +:10D0F000EEF9041E00D07DE02A0008A95C3214A8D5 +:10D1000009F02DFA041E75D1059A14A908A809F092 +:10D11000D5FC041E6ED1320008A914A809F01FFA2C +:10D12000041E67D114AA17A908A809F0ACF9041EB7 +:10D1300060D1029B002B4ED12B002A006833009354 +:10D1400014323B0008A923A809F028FD041E51D180 +:10D1500020A923A809F0A8F8002800D077E06A6881 +:10D160002C9908A808F02AFF040043E00C2305933B +:10D17000059B013B0593002B00D166E02B00983303 +:10D1800006936B68029A591E0698079B09F0AAFF3E +:10D19000041E2FD12E008C363A000699300009F07B +:10D1A00027FF041E26D10121300009F0C4F8002811 +:10D1B000DED13A00069930000AF08CF8041E19D12D +:10D1C0002B002A006833009314323B0031003000FA +:10D1D00009F0E4FC10E72A0008A99832080009F0D9 +:10D1E000BEF9041E06D108A93A00080009F066FC41 +:10D1F000041EA1D00BA808F0DDFC0EA808F0DAFC94 +:10D2000011A808F0D7FC029B002B05D01AA808F043 +:10D21000D1FC1DA808F0CEFC08A808F0CBFC14A88F +:10D2200008F0C8FC17A808F0C5FC23A808F0C2FC49 +:10D2300020A808F0BFFC002C01D0074BE418200008 +:10D2400027B0F0BD04246442D4E7044CD2E7044C78 +:10D25000D0E7044CF3E7C04600BDFFFF80BBFFFFF3 +:10D2600080BCFFFF80BFFFFFF0B58DB0029005913D +:10D2700006920793012B08D10300A4331B68012BEE +:10D2800003D0454C20000DB0F0BD059B002BF8D01D +:10D29000029BA8331868C0B20CF0F4FB061EF0D055 +:10D2A000029B5B6803930CF08FFD43000493149B77 +:10D2B000420002339B18149A07009342E1D3039A69 +:10D2C0009342DED800211698F3F739FA169B169A86 +:10D2D0000133049300230499137006983A00059BC8 +:10D2E0009847002802D02D4BC418CBE7049B139A13 +:10D2F000DD192B00129930000CF092FC041EC1D1F4 +:10D30000039B149A981A02387B00C019C01A012393 +:10D3100028180370002A03D001301599F3F7F3F9A8 +:10D3200009A80CF0BBFB0022310009A80CF0E8FBB7 +:10D33000041E18D1039D169B7E1C013D9E19ED1BFA +:10D3400009AB0093049A3B0029003000FFF71CFA58 +:10D35000041E08D109AB009332002B003900049859 +:10D36000FFF712FA040009A80CF09EFB002C00D075 +:10D3700088E7079B002B06D1169A02981100FFF749 +:10D3800085FD04007EE7169B069A00930599029896 +:10D39000FFF7BEFDF5E7C04680BFFFFF80BBFFFF84 +:10D3A000F0B587B006000F00049203930E9D012B89 +:10D3B00007D10300A4331B68002B02D02C4807B010 +:10D3C000F0BD0C9B70680C33F8D80C9B0B33834278 +:10D3D000F4D80C9BC01A00232B70039B0338002B3E +:10D3E0002FD1002FEAD00233AC1C6B7023180593A9 +:10D3F000059B9C4212D1002323700C9B002B04D070 +:10D40000601C1A000D99F3F77EF9039B002B22D1C3 +:10D410002A0029003000FFF739FDD0E7642302938A +:10D42000012221000498B8472378002B1BD1029BCE +:10D43000013B0293002B01D00028F1D00D4BC01806 +:10D44000BDE70123FF226B70AB1C1C189C42D2D09D +:10D450001A700133FAE700952B00049A3900300066 +:10D46000FFF756FDABE70028E8D10134C0E7C0461E +:10D4700080BFFFFF80BBFFFFF0B50700A4373F6808 +:10D4800087B00C9C0D9D0E9E002F03D0012F08D05D +:10D49000084804E0029601950094FFF781FF07B069 +:10D4A000F0BD029400240496039501940094FFF7C4 +:10D4B000DBFEF4E700BFFFFFF0B5694C1D00A5449B +:10D4C000069104000792012B09D10300A4331B68C5 +:10D4D000012B04D0634C2000634B9D44F0BD636876 +:10D4E0001A000493FC23103A9B009A42F2D82300BE +:10D4F000A8331868C0B20CF0C5FA061EEAD00CF0CA +:10D5000063FC049A471C7B00039005939342E1D887 +:10D510001CAA002D1ED1FFAB983319682000FFF71D +:10D52000B5FC041E0CD109A80CF0B8FA2200310099 +:10D5300009A80CF0E5FA041E16D009A80CF0B4FAFC +:10D5400080211CA8C900FBF7EDFD40210CA8FBF7CA +:10D55000E9FDC0E7FFAB009298331B68079A069974 +:10D560002000FFF7D5FCDCE759201CABDD19049B3C +:10D5700006AC5F1E039B0019FF1A09AB00932A003B +:10D580003B000399FFF700F9041ED6D1592209ABDD +:10D5900006A900935218039B39002800FFF7F4F8FE +:10D5A000041ECAD109A80CF07FFAFFAAFFA90CAD8E +:10D5B00090328C312B001268096830000CF030FB7F +:10D5C000041EBDD1582206AB9B181E78592306AA0B +:10D5D0009B18039A99180200039B76B29A4229D3AA +:10D5E0000020C918059A049B0D009B1A5B189C46E5 +:10D5F00002000127AC4524D101208B5C5840064332 +:10D6000076B2002E27D101328918049B1CAA8A1AEF +:10D610009A1AFFABA0331B689A421ED8FFAB943313 +:10D620001B681A60002A8BD0FFAB9C331868F3F795 +:10D630006AF885E7535D885C013243401E43F6B2C9 +:10D64000CAE72B780135184343420343DBB2DB09B9 +:10D650007B40D218CEE7054C72E7054C70E7C04618 +:10D660008CFBFFFF80BFFFFF7404000000BFFFFFC3 +:10D6700000BCFFFFF0B5734C1D004368A544039345 +:10D68000012D05D10300A4331B68002B00D0D7E087 +:10D69000FC24039BA400103BA34200D9D0E008AFB8 +:10D6A000002D28D1FFAB40333A001968FFF7EEFB9D +:10D6B000041E00D0AFE03B7801257C7802276C4047 +:10D6C000234300242100082006AA1218D25D013746 +:10D6D0005042C00F684004436042D2432043C60F0B +:10D6E0006E40B446C017D2B282431343039A6144DA +:10D6F000BA42E8D123E0FFAB009740331B68FFF745 +:10D7000007FC041E00D086E03B78012DD4D1022016 +:10D7100021007A7842401343C25D013056423243C1 +:10D72000D2B2D2096A401443E4B262422243D2B276 +:10D73000D2096A40D2B28918039A8242ECD1FFA87A +:10D74000039A483000680B3A824200D90200080070 +:10D750000838C00F034301206442E40F444003989B +:10D760002343C71E7F1A390058421843C01751403F +:10D7700001407940571AFF0F3B4388247D4282269F +:10D780005F423B43DB17DB43E4012C40F60166407C +:10D79000304044409C460B2064420826634606AF56 +:10D7A000BF193F5C1F4006AB9B191F54039B013000 +:10D7B0008342F2D113004B401D40039B4D40991A08 +:10D7C00008AB5918002A18D0531B06935318079317 +:10D7D000531E6E4205930800F3170493431C9C46A6 +:10D7E000079B634520D1059B049FCB181878013611 +:10D7F00007401F70069BB342EDD1FFAB48331B6857 +:10D80000002B04D0FFAB44331868F2F77CFFFFAB6A +:10D810003C331B681D60802108A8C900FBF782FC0F +:10D820002000094B9D44F0BD03784778FFB2039771 +:10D830007B40049F3B40039F7B4003706046CDE7E5 +:10D84000024CEDE7DCFBFFFF2404000080BFFFFF7C +:10D85000F0B50400A434246887B00D9D0E9E0F9F80 +:10D86000002C03D0012C0AD00A4806E00C9C039738 +:10D87000029601950094FFF7FDFE07B0F0BD0C9CE9 +:10D880000597029400240496039501940094FFF7F1 +:10D8900013FEF2E700BFFFFFF0B5A1B00A9326AB7D +:10D8A000039018780A9B05910992012B08D1039BDC +:10D8B000A4331B68012B03D05D4C200021B0F0BDC8 +:10D8C000059B002BF8D0039B5B680293002806D0D1 +:10D8D0000CF0D8F80028EFD00CF076FA2790039BD4 +:10D8E000A8331868C0B20CF0CDF8071EE4D00CF0D5 +:10D8F0006BFA029A049043009A42DDD30233060089 +:10D90000934201D9961E361A029A00212998F2F7FD +:10D9100016FF320010A90998059B9847041E02D0F3 +:10D92000444BC418C9E7039B0DAD08331800069398 +:10D9300008F075FA049A029B10A99B1A0793299A7A +:10D94000023B9B1BD3185A1C089201220B901A70A1 +:10D9500008983200F2F7D7FE28000CF09FF822005A +:10D96000390028000CF0CCF8041E48D128000CF037 +:10D9700003F9041E43D1089B08229F19390028008F +:10D980000CF01AF9041E3AD1279A289928000CF0B5 +:10D9900013F9041E33D1320010A928000CF00CF941 +:10D9A000041E2CD1390028000CF020F9041E26D1C9 +:10D9B00007230B9807990138184043425841299B87 +:10D9C0000139091A009518183A00049BFEF7DCFE8D +:10D9D000041E14D1069808F022FAFF22029B40216F +:10D9E000DB000133181A0241299B10A81B78134051 +:10D9F000299A1370BC23049ABB54FBF793FB0DA820 +:10DA00000CF052F8002C00D057E70A9B002B06D1EF +:10DA1000299A03981100FFF739FA04004DE7299B72 +:10DA2000099A009305990398FFF772FAF5E7C04643 +:10DA300080BFFFFF80BBFFFFF0B585B01E000AABC3 +:10DA40000500029103921878012E04D12B00A43313 +:10DA50001B68002B50D10D9B0C9A00936B680B999F +:10DA6000FEF7DEFE041E07D1002E08D10D9A280015 +:10DA70001100FFF70BFA0400200005B0F0BD696843 +:10DA80000120FBF735FB061E08D069680120FBF773 +:10DA90002FFB071E05D13000FBF732FB1024644238 +:10DAA000EAE700960D9B039A02992800FFF730FAE7 +:10DAB000041E11D13A0031002800FFF7E7F9041ED7 +:10DAC0000AD1010003006A689A420CD1002911D1E1 +:10DAD00031000D98F2F717FE3000FBF711FB38000C +:10DAE000FBF70EFBC8E70D9DF85CED5C0133684069 +:10DAF0000143E9E7014CEFE7014CBDE700BDFFFF43 +:10DB000080BFFFFFF0B50500A43585B02D680AACD5 +:10DB100024780C9E0D9F002D03D0012D0AD00948BA +:10DB200006E00B9D0397029601950094FFF784FF92 +:10DB300005B0F0BD0B9D0397029601950094FFF789 +:10DB4000ABFEF5E700BFFFFFF0B56F4C0500A54445 +:10DB5000FFA88C3000780390FFA8983000780490DC +:10DB6000012B09D12800A4300068012804D0674C9B +:10DB70002000674B9D44F0BD6E68FC203400103CD3 +:10DB800080008442F3D81CA8002B00D0ADE0FFAB8E +:10DB9000A033020019682800FFF778F9041EE7D1C6 +:10DBA000771E1CABDB5DBC2B00D0AAE0039B002BD7 +:10DBB00009D018000BF066FF0028D8D00CF004F94B +:10DBC000FFAB9033186004980BF05CFF041ECED0BE +:10DBD0000CF0FAF808220021039007A8F2F7AFFD35 +:10DBE0002800083008F01BF9431E049304981CAA6F +:10DBF000F3001178C31A08331941B8D1612504AB79 +:10DC0000ED1803005B0701D037001500039B0233BA +:10DC1000BB42ACD809AE30000BF040FF210000221F +:10DC200030000BF06DFF041E5BD1039B0096D943BF +:10DC3000C9196B1805936A18039B2800FEF7A4FD09 +:10DC4000041E4ED1FF22049B6021F800C01A02413D +:10DC500004AB5B181B78134004AA52181370059B81 +:10DC60005A1E2B780135691E8A4201D9002BF8D043 +:10DC7000012B42D1059B5E1BFFAB9C331B6801331C +:10DC800004D0FFAB9C331B689E4236D109A80BF031 +:10DC900073FF041E25D1082207A909A80BF08CFFE9 +:10DCA000041E1ED1FFAB90331A68FFAB9433196882 +:10DCB00009A80BF081FF041E13D13200290009A826 +:10DCC0000BF07AFF041E0CD10CA909A80BF08EFFF3 +:10DCD000041E06D1039A0CA90598F2F705FD041E4F +:10DCE0000DD109A80BF0E0FE42E7FFAB0090A03396 +:10DCF0001B682800FFF70CF950E7064CF1E7064CCB +:10DD0000EFE7044C34E7C0468CFBFFFF80BFFFFF0A +:10DD10007404000000BFFFFF80BCFFFF70B505006A +:10DD200086B0A8350AAC24782E682500002E00D0D5 +:10DD3000F5B20D9E0395059601260C9D764202953F +:10DD40000B9D049601950094FFF7FEFE06B070BD92 +:10DD5000F0B587B003930CAB1C78039B0290049141 +:10DD600005924768012B04D10300A4331B68002BE4 +:10DD700045D139000120FBF7BBF9061E41D039001F +:10DD80000120FBF7B5F9051E3ED000903B002000B6 +:10DD90000E9A0D99FEF744FD041E0FD1039B002B34 +:10DDA0001FD132000F990298FFF770F8041E05D1B9 +:10DDB000020003009F421CD1002A28D13000390004 +:10DDC000FBF7B0F93000FBF79BF9002D06D02800D7 +:10DDD0003900FBF7A7F92800FBF792F9200007B0FC +:10DDE000F0BD00960F9B059A04990298FFF790F8F2 +:10DDF000DCE7F15CE85C013341400A43DAE7054CBB +:10DE0000ECE710246442E9E710246442D6E7024CB0 +:10DE1000D4E7C04680BFFFFF80BCFFFFF0B5050020 +:10DE2000A43585B02D680AAC24780C9E0D9F002D7A +:10DE300003D0012D0AD0094806E00B9D03970296F6 +:10DE400001950094FFF784FF05B0F0BD0B9D03978B +:10DE5000029601950094FFF761FFF5E700BFFFFF11 +:10DE600010B5041E32D08C3007F0A4FE200098308C +:10DE700007F0A0FE2000683007F09CFE2000203054 +:10DE800007F098FE2000383007F094FE20002C3078 +:10DE900007F090FE2000143007F08CFE20000830C0 +:10DEA00007F088FE2000803007F084FE20007430E8 +:10DEB00007F080FE20005C3007F07CFE2000503030 +:10DEC00007F078FE2000443007F074FE10BD00001B +:10DED000F0B595B00600069107921D007F2B00D883 +:10DEE000DAE01A9B022B00DCD6E0EB0700D5D3E08A +:10DEF0008023DB00AB429B415B425B000BA8059398 +:10DF000007F052FE0EA807F04FFE11A807F04CFED6 +:10DF1000330014331A991800029307F010FF041EFF +:10DF200000D0A6E06B0804930890C72D01D9633B8D +:10DF3000089301356B0809933700079B2C37009332 +:10DF4000059A069B0499380009F036FB041E00D0A0 +:10DF50008FE03500079B38350093059A069B04999E +:10DF6000280009F029FB041E00D082E02A003900B5 +:10DF70000BA808F0ACFA041E00D07AE00BA807F05A +:10DF80004EFF089B9842D7D90B9B002B03DA290040 +:10DF9000380007F07EFE01223900380008F0CDFA83 +:10DFA000041E66D101222900280008F0C6FA041ECA +:10DFB0005FD12A0039000BA808F0D1FA041E58D10D +:10DFC0000BAA02990EA809F013F8041E51D10121E1 +:10DFD0000EA808F0B0F90028AED12A0039000EA82A +:10DFE00009F006F8041E44D101000EAB0BAA11A8DB +:10DFF00008F0C0FB041E3CD13300203311AA029963 +:10E000001800039309F066F9041E32D1039807F053 +:10E0100006FF099B98428FD901223900380008F089 +:10E020007AFA041E25D101222900280008F073FA8B +:10E03000041E1ED1330008332A0039001800029351 +:10E0400008F08DFA041E14D1029807F009FF33007E +:10E050005C3301930C3B70600093039A0C3B2900E6 +:10E06000380000F0C7FA041E03D13000FEF7B8FEF6 +:10E0700004000BA807F09EFD0EA807F09BFD11A859 +:10E0800007F098FD002C04D03000FFF7E9FE034BA9 +:10E09000E418200015B0F0BD014CFAE780BEFFFF88 +:10E0A00080BFFFFFF0B59BB005000F0014006F4963 +:10E0B00036220CA81E00F2F726FB002E04D1042401 +:10E0C000644220001BB0F0BD209B002BF7D0B3684A +:10E0D000002BF4D1209B99680029F0D1280008F08A +:10E0E0002AF90028EBDD0121200008F024F900289E +:10E0F000E5DD2900200008F0D7F80028DFDA01214B +:10E10000380008F018F90028D9DD2900380008F097 +:10E11000CBF80028D3DA09A807F046FD06A807F0D7 +:10E1200043FD21003A0006A808F019FA041E0FD199 +:10E1300006A90122080008F000FA041E08D106A86A +:10E1400007F04DFE83B20393002B08D104246442F0 +:10E1500009A807F02FFD06A807F02CFDB1E781B252 +:10E1600006A807F0B9FF041EF2D10722AB6807002A +:10E170001B681340013B5A425341DBB29AB20492EE +:10E180000CAAD3180593059B09A8D95D07F0D7FD04 +:10E190002A0009A9300008F02BFF041ED8D1012164 +:10E1A000300008F0C8F8002806D0049B0137DB19BE +:10E1B0009BB2352BE7D9C9E7209B09A9009306AA92 +:10E1C0002B00080008F0EAFC041EC1D101230293D1 +:10E1D000012109A808F0AFF800283FD009A90122C1 +:10E1E000080008F098F9041EB2D12A0009A93000ED +:10E1F00008F0FEFE041EABD10121300008F09BF8B0 +:10E2000001280DD12900300008F04EF8431C07D139 +:10E21000210033002A00209808F0ACFA040097E7A8 +:10E2200009A90122080008F088F9041E90D109AA62 +:10E230001100100008F093F9041E89D109A92A00E1 +:10E24000080008F03BFC041E00D081E7029B01336C +:10E250009BB20293029A039B9342B9D2012109A86F +:10E2600008F069F80028A0D070E7C04623E8011044 +:10E27000F0B589B006000D0001921C1E04D10426E1 +:10E280007642300009B0F0BD0021180008F053F8C4 +:10E29000071EF4D10121300008F04DF80028EEDD12 +:10E2A0000121280008F047F80028E8DD390001982E +:10E2B00008F041F80028E2D002A807F075FC05A894 +:10E2C00007F072FC3100012202A808F036F9061EA0 +:10E2D00022D10122290005A808F02FF9061E1BD122 +:10E2E00005AA02A9200008F083FE061E14D102A987 +:10E2F00005AA080008F033F9061E0DD102AA010094 +:10E300002300100008F036FA061E05D102AA019972 +:10E31000200008F0DFFF060002A807F04BFC05A86C +:10E3200007F048FCADE70000F0B587B00400684690 +:10E330001F000D00160007F037FC03A807F034FC9F +:10E34000002F07D10C9B002B2DD10D9B002B48D10A +:10E35000002402E0002C09D1374C684607F02AFC63 +:10E3600003A807F027FC200007B0F0BD0122210020 +:10E37000684608F0E2F8002853D13200390003A8BB +:10E3800008F0A5F800284CD103A96A46080008F057 +:10E3900095FB002845D1010003A807F0CCFF002819 +:10E3A000D0D0264CD9E7002DD6D0012229006846CE +:10E3B00008F0C3F8002834D132000C9903A808F003 +:10E3C00086F800282DD103A96A46080008F076FBDC +:10E3D000002826D1010003A807F0ADFF0028E0D1F6 +:10E3E000B3E7002CB8D0002DB6D02A000D996846AE +:10E3F00008F0B5F8002814D101226946684608F0F3 +:10E400009CF800280DD122006946684608F056FBAA +:10E41000002806D10100684607F08DFF0028C0D112 +:10E4200096E7064B9842BCD0034B984200D193E745 +:10E43000024BC41891E7C04680BFFFFF00BEFFFF3C +:10E44000F0B589B0050002A801930E00170007F08F +:10E45000ABFB05A807F0A8FB0F9B002B00D191E0B8 +:10E46000002E08D0109B0F9A3221300009F071F86D +:10E47000002800D0BAE0002F00D188E0109B0F9A4E +:10E480003221380009F065F8002800D0AEE0002EF7 +:10E4900000D17CE0002D1AD03A00310002A808F02B +:10E4A0005EF8041E76D10121280007F044FF002801 +:10E4B00000DC9BE0290002A807F0F6FE002800D04F +:10E4C00094E0019B002B00D073E0002E61D0002F60 +:10E4D0005FD0019B002B5CD00E9B002B59D00121FB +:10E4E000300007F028FF002800DC7FE00121380021 +:10E4F00007F021FF002800DC78E00E9A019902A8BD +:10E5000008F02DF8041E45D102A90122080008F0E8 +:10E5100014F8041E3ED10122310005A808F00DF8C0 +:10E52000041E37D102A905AA080008F0C7FA041E84 +:10E5300030D1010002A807F0FEFE002856D10E9A45 +:10E54000019902A808F00BF8041E23D102A90122A8 +:10E55000080007F0F2FF041E1CD10122390005A8B3 +:10E5600007F0EBFF041E15D102A905AA080008F068 +:10E57000A5FA041E0ED1010002A807F0DCFE041E5D +:10E5800008D033E0002E02D0002F00D082E7002D0B +:10E5900097D1002402A807F00DFB05A807F00AFB9D +:10E5A000002C03D0124B9C4200D0E418200009B08C +:10E5B000F0BD0E9B002B00D187E70121019807F0E9 +:10E5C000BAFE002812DD01210E9807F0B4FE0028E3 +:10E5D0000CDD2900019807F067FE002806DA290003 +:10E5E0000E9807F061FE002800DA6EE7004CD1E7D4 +:10E5F00000BEFFFFF0B587B0019003A81F000D001B +:10E60000160007F0D1FA002F0CD10C9B002B1DD166 +:10E610000D9B1C1E14D0019A29000D9808F05AFE7B +:10E6200004000DE00122019903A807F086FF041EF3 +:10E6300006D103AA3100380008F040FA041EE4D0E5 +:10E6400003A807F0B7FA200007B0F0BD01222900A7 +:10E6500003A807F072FF041EF2D103AA31000C9840 +:10E6600008F02CFA041ED3D0EAE7000070B50E4C77 +:10E67000051E236805D05A1C2260002B09D02800F3 +:10E6800070BD013B2360002BF9D1084816F02CFE29 +:10E69000F5E7064816F074FD0028F0D02368002541 +:10E6A000013B2360EBE7C046407B010800001040BF +:10E6B00000207047F0B557464E464546DE46E0B569 +:10E6C0001D00436D8BB004000E001700002B00D11D +:10E6D000B1E0007801F034FD02AB5874012128004C +:10E6E00007F029FE002861DB210028004C3107F0EB +:10E6F000DBFD00285ADA05A80DF028FF02AB587C94 +:10E7000003F0C4F944680734E4082000F1F7C6FFB9 +:10E71000099000281AD001002200280007F04EFCC2 +:10E72000051E15D005A80DF01BFF0998002805D07F +:10E730002100FAF7F7FC0998F1F7BAFF28000BB0AF +:10E740003CBC90469946A246AB46F0BD3F4DE9E73A +:10E75000099B21001800039316F0DCFD63001800EC +:10E760009A46F1F79BFF81460028EFD02000F1F791 +:10E7700095FF804600281BD002AB597C179B0200F6 +:10E7800000930598169B03F08FF900282FD0304D89 +:10E7900005A80DF0E5FE0998002810D1484651461D +:10E7A000FAF7C0FC4846F1F783FF18E0294DC5E7AA +:10E7B00005A80DF0D5FE099800283ED0234D210074 +:10E7C000FAF7B0FC0998F1F773FF51464846FAF79B +:10E7D000A9FC4846F1F76CFF4346002BAED04046FB +:10E7E0002100FAF79FFC4046F1F762FFA6E7434697 +:10E7F000019306AB0093159A4B461499059803F0C4 +:10E80000B7FB0028C3D1A34621004846CB4416F0ED +:10E8100081FD2100584616F07DFD2200494630005A +:10E8200007F05BFB051EB3D122005946380007F004 +:10E8300054FB0500ACE7084D80E751464846FAF71F +:10E8400071FC4846F1F734FF004D77E780B2FFFFD7 +:10E8500080B4FFFF80B3FFFF80B0FFFFF0B54546F7 +:10E86000DE4657464E46E0B59846436D8FB00400ED +:10E8700003910492002B00D19AE0007801F060FC33 +:10E8800004AB587600280BD109A80DF069FE4A4E5A +:10E8900030000FB03CBC90469946A246AB46F0BD56 +:10E8A00009A80DF053FE04AB587E03F0EFF843685F +:10E8B0000733DB089A465B009B4601235B44180044 +:10E8C0009946F1F7EBFE051E23D0431C0B935346EC +:10E8D0000133C31858460C93F1F7E0FE071E1DD014 +:10E8E00001005246189807F069FB061E22D009A8BD +:10E8F0000DF036FE49462800FAF714FC2800F1F71F +:10E90000D7FE38005946FAF70DFC3800F1F7D0FE73 +:10E91000BEE709A80DF024FE284EB9E709A80DF0BE +:10E920001FFE49462800FAF7FDFB2800F1F7C0FE5C +:10E93000224EADE75146380016F0ECFC3B00534444 +:10E94000524619001998059307F038FB061ECED1E0 +:10E950005146059816F0DEFC4B46009501930022C7 +:10E9600008AB4146200000F0DBFD061EBFD10B9B2B +:10E9700051461800059316F0CDFC0C9B514618002B +:10E98000059316F0C7FC0AAB04AA944601930F2323 +:10E9900063440093039A049B3900099803F0E2FC56 +:10E9A000002807D104ABDB7B012BA0D0044E9EE7EF +:10E9B000014E6DE7034E9AE780B0FFFF80B2FFFF84 +:10E9C00000B2FFFF80B4FFFF4B6E70B504000D0076 +:10E9D000002B44D00368002B3ADB200007F01FFA1D +:10E9E000AB6D5B00984238D86B6E200098470435B9 +:10E9F000061E0ED0300070BD0021200007F09BFCE9 +:10EA0000002816D02A002100200007F03CFD002835 +:10EA10001CD12368002BEFDB2900200007F044FC09 +:10EA20000028E7DB2A002100200007F0EEFC002888 +:10EA30000CD12900200007F037FC0028DADB2A007F +:10EA40002100200007F0E1FC0028F2D00600D1E709 +:10EA5000002107F070FC0028BFD0044ECAE70A1D51 +:10EA6000010008F02BF80600C4E7C04680B0FFFFA5 +:10EA7000F0B5DE4657464E4645468046E0B59946D7 +:10EA800085B0836D01A8DE1D8B46924607F08CF899 +:10EA900043460C27F6081D1D4B465246310001A87F +:10EAA00008F020FB041E06D02FE0012101A807F08A +:10EAB00013FB041E29D1290001A807F0F5FB00284B +:10EAC000F3DA013F002F2BD0012101A807F033FC1E +:10EAD0000028E1DD01AA5946584607F040FD041E12 +:10EAE00013D141465846FFF76FFF041E0DD15D4616 +:10EAF000183501AA2900280007F031FD041E04D1B1 +:10EB000041462800FFF760FF040001A807F052F813 +:10EB1000200005B03CBC90469946A246AB46F0BDED +:10EB2000004CF5E700B3FFFFF0B5D6464F4646462A +:10EB3000C0B51E0037009EB0804603A889469246A5 +:10EB400007F032F806A807F02FF809A807F02CF80C +:10EB50000CA807F029F80FA807F026F812A807F06C +:10EB600023F815A807F020F818A807F01DF81837A3 +:10EB70001BA807F019F83A00310003A807F083FC3E +:10EB8000041E16D143461D1D06E003A92A000800F5 +:10EB900007F03BFC041E0CD1290003A807F084FBFE +:10EBA0000028F2DA03AA110006A807F0D8FC041E18 +:10EBB00021D003A806F0FEFF06A806F0FBFF09A877 +:10EBC00006F0F8FF0CA806F0F5FF0FA806F0F2FF1C +:10EBD00012A806F0EFFF15A806F0ECFF18A806F043 +:10EBE000E9FF1BA806F0E6FF20001EB01CBC904603 +:10EBF0009946A246F0BD414606A8FFF7E5FE041E71 +:10EC0000D7D13A00310009A807F061FC041E0DD0ED +:10EC1000CFE7002109A807F08EFB00280AD009A938 +:10EC20002A00080007F02FFC041EC2D1099B0193A3 +:10EC3000002BEEDB09AA11000CA807F090FC041EC3 +:10EC4000B7D141460CA8FFF7BFFE041EB1D10CAAF4 +:10EC500006A90FA807F03BFC041E0DD0A9E7002170 +:10EC60000FA807F068FB00280AD00FA92A000800A7 +:10EC700007F009FC041E9CD10F9B0193002BEEDBD7 +:10EC8000269E26991836320012A807F0FCFB041EB7 +:10EC900008D08EE712A92A00080007F0B6FB041E70 +:10ECA00000D086E7290012A807F0FEFA0028F1DA62 +:10ECB0003200269915A807F00AFC041E0ED078E74A +:10ECC000002115A807F037FB00280BD015A92A0052 +:10ECD000080007F0D8FB041E00D06AE7159B0193DB +:10ECE000002BEDDB03AA15A918A807F038FC041EB9 +:10ECF00000D05EE7414618A8FFF766FE041E00D06C +:10ED000057E709AA12A91BA807F029FC041E00D086 +:10ED10004FE741461BA8FFF757FE041E00D048E707 +:10ED20001BAA18A9504607F0AEFB041E00D040E70E +:10ED300041465046FFF748FE041E00D039E75246D0 +:10ED40005146504607F00BFC041E00D031E7414607 +:10ED50005046FFF739FE041E00D02AE75646183603 +:10ED60001BAA18A9300007F0B2FB041E00D020E750 +:10ED700053469B69002B0DDA0021300007F0DBFAC7 +:10ED8000002807D02A003100300007F07CFB041E69 +:10ED9000EED00EE732003100300007F0E0FB041E39 +:10EDA00000D006E741463000FFF70EFE041E00D0FB +:10EDB000FFE632002799300007F0D1FB041E00D097 +:10EDC000F7E641463000FFF7FFFD041E00D0F0E6F5 +:10EDD0000CAA06A9484607F0C2FB041E00D0E8E6CC +:10EDE00041464846FFF7F0FD041E00D0E1E64E46DE +:10EDF000414618360FAA1031300007F0B0FB041E50 +:10EE000000D0D6E641463000FFF7DEFD041E00D0FC +:10EE1000CFE632000CA9300007F035FB041E00D00D +:10EE2000C7E62900300007F03FFA002807DB2A0078 +:10EE30003100300007F0E9FA041EF2D0B9E63200E2 +:10EE40000FA9300007F08BFB041E00D0B1E641464D +:10EE50003000FFF7B9FD0400ABE6C04670B50C000A +:10EE6000183406000D00021D2100200008F032FABF +:10EE7000002800D070BD22002900280007F06FFB99 +:10EE80000028F7D131002800FFF79EFD0028F1D1BE +:10EE90000121200006F053FFECE7C046F0B55746CD +:10EEA0004E464546DE46E0B59846036B97B00400F3 +:10EEB0000F009146002B53D0C36B002B52D0A36D93 +:10EEC00006932378013BDBB2042B49D8CE4AD35CAE +:10EED0000793002B44D0200000214C3006F049FF5E +:10EEE00001283DD10AAE09A80DF030FB300006F034 +:10EEF0005BFE4946300006F099FE0DAB051E9B46B1 +:10EF000057D010AB9A4613AB0593300006F052FE73 +:10EF1000584606F04FFE504606F04CFE059806F0A7 +:10EF200049FE002F11D018239C46BC44634606932B +:10EF30000C239C46BC44E046380006F03BFE4046AD +:10EF400006F038FE069806F035FE09A80DF008FB1D +:10EF5000280017B03CBC90469946A246AB46F0BD8F +:10EF6000AA4DF5E70DAB18009B4606F01DFE10AB51 +:10EF700018009A4606F018FE13AB18000AAE059367 +:10EF800006F012FE300006F00FFE4146300006F09B +:10EF90004DFE051E00D187E0584606F00BFE504698 +:10EFA00006F008FE059806F005FE300006F002FEA9 +:10EFB000CEE7180006F0F8FD10AB18009A4606F0F0 +:10EFC000F3FD13AB1800059306F0EEFD41465846DD +:10EFD00006F02CFE051E98D1414650460C3106F035 +:10EFE00025FE051E00D090E741460598183106F031 +:10EFF0001DFE051E00D088E71F24069A300014402D +:10F0000023005C1EA34154091C19210006F0E6FDF3 +:10F01000051E00D079E72100584606F0DFFD051EE9 +:10F0200000D072E72100504606F0D8FD051E00D042 +:10F030006BE72100380006F0D1FD051E00D064E723 +:10F040000C239C46BC44634660462100984606F06B +:10F05000C5FD051E00D058E77B695A460293BB6880 +:10F0600007990193B368099800935B4692685B69BE +:10F0700006F058F818239C46BC44634660460121BC +:10F08000069306F05CFE0500300006F093FD58463E +:10F0900006F090FD504606F08DFD059806F08AFDBD +:10F0A000002D00D151E747E74146584606F0BEFD26 +:10F0B000051E00D070E7414650460C3106F0B6FD03 +:10F0C000051E00D068E741460598183106F0AEFDF0 +:10F0D000051E00D060E70121380006F030FE051E55 +:10F0E00000D059E718239C46BC4463460021604683 +:10F0F000069306F024FE051E00D04DE70C239C4627 +:10F10000BC44604606F056FD231D5D46A3461C0028 +:10F1100006E022002900280007F077F9002870D1C6 +:10F120002100280007F0C0F80028F2DA209B5C4696 +:10F13000AB46002B08D02900219B209A2000FFF726 +:10F1400097FC051E00D027E7484606F068FE4246B9 +:10F15000431E5D460792B346A0461E002CE03100D8 +:10F16000484606F006FEC4B222002900380006F028 +:10F17000A4FD002844D122000599069806F09DFDC3 +:10F1800000283DD15B46009501932A003B003900E1 +:10F190004046FFF7C9FC002832D122002900380080 +:10F1A00006F08BFD00282BD122000599069806F069 +:10F1B00084FD013E002823D1731CD0D14446079B17 +:10F1C0003900200098465E46FFF748FEAB46050032 +:10F1D000584606F0EFFC504606F0ECFC059806F0A9 +:10F1E000E9FC300006F0E6FC002D00D0B0E6236B11 +:10F1F000002B00D1ACE6E36B002B00D1A8E65EE665 +:10F200005E46AB460500C7E65CE8011080B0FFFF34 +:10F210000F4B10B51A680F48002A17D105210A2490 +:10F22000017003314170043981700331C1700439B8 +:10F23000017109314171063981710439C171093196 +:10F2400001720A3941728472C272196010BDC046DF +:10F25000507B0108447B0108064B052802D106E0DB +:10F26000824204D00C331A78002AF9D10023180006 +:10F270007047C04664E80110036B002B04D0C06BDC +:10F2800043425841013070470020FCE710B50400AC +:10F2900006F08AFC20000C3006F086FC20001830B6 +:10F2A00006F082FC10BDC04670B500250400057054 +:10F2B000043006F079FC2000103006F075FC2000C8 +:10F2C0001C3006F071FC2000283006F06DFC200098 +:10F2D000343006F069FC2000403006F065FC200068 +:10F2E0004C3006F061FCA565E56525666566A5669A +:10F2F000E56625676567A56770BDC04670B50025E2 +:10F3000004000570043006F04FFC2000103006F0B9 +:10F310004BFC20001C3006F047FC2000283006F093 +:10F3200043FC2000343006F03FFC2000403006F063 +:10F330003BFC20004C3006F037FC2000A565E5655D +:10F3400025666566A566E56625676567A5677C3001 +:10F3500006F02AFC2000883006F026FC20009430BD +:10F3600006F022FC2000A03006F01EFC70BDC04656 +:10F3700010B5041E09D006F01DFC20000C3006F06C +:10F3800019FC2000183006F015FC10BD70B5061EE3 +:10F3900025D0036E012B27D1706F00281BD0B36FCF +:10F3A0000025002B15D0EC006419A4000419002CD2 +:10F3B00016D0200006F0FEFB20000C3006F0FAFB11 +:10F3C0002000183006F0F6FBB36F0135706F9D42D8 +:10F3D000E9D3F9F795FE7C213000F9F7A3FE70BD63 +:10F3E00001359D42DFD3F4E7043006F0E3FB300043 +:10F3F000103006F0DFFB30001C3006F0DBFB300085 +:10F40000283006F0D7FB3000343006F0D3FB300054 +:10F41000403006F0CFFB30004C3006F0CBFBBBE7B2 +:10F4200070B5051E35D0036E012B33D1686F0028EF +:10F430001BD0AB6F0026002B15D0F400A419A4003C +:10F440000419002C42D0200006F0B4FB20000C3040 +:10F4500006F0B0FB2000183006F0ACFBAB6F0136B5 +:10F46000686F9E42E9D3F9F74BFE7C212800F9F73B +:10F4700059FE28007C3006F09DFB2800883006F0FD +:10F4800099FB2800943006F095FB2800A03006F088 +:10F4900091FB70BD043006F08DFB2800103006F0A3 +:10F4A00089FB28001C3006F085FB2800283006F078 +:10F4B00081FB2800343006F07DFB2800403006F048 +:10F4C00079FB28004C3006F075FBAFE701369E4211 +:10F4D000B3D3C8E770B504000D0006F0A7FB002801 +:10F4E00000D070BD290020000C310C3006F09EFBCE +:10F4F0000028F6D1290020001831183006F096FBBC +:10F50000EFE7C04610B5097801F0ACFF10BDC0466A +:10F5100010B51830002106F00EFF4342584110BDCF +:10F52000F0B5C646040000B504301F000E0090463A +:10F5300006F096FC236B0500002B33D0E36B002B09 +:10F540001DD02E4C30000021183006F0F4FE0028AB +:10F550002AD04346002B2FD16B00079A01333B6022 +:10F56000934249D80423069A30001370511C2A0094 +:10F5700006F024FD002835D004BC9046F0BD079B62 +:10F580003860984238D802000699300006F0DAFC5C +:10F590000028F1D1236B002BEED0E36B0024002B6D +:10F5A000EAD0CFE71548E7E7079B002B24D0069B5E +:10F5B000187001233B60DFE72000012BDCD1079AA4 +:10F5C0006B1C3B60934217D8300000210C3006F0D2 +:10F5D000D0FB069B02301870591C2A00300006F040 +:10F5E000EDFCC9E7069B30009C46691C61442A007B +:10F5F0000C3006F0E3FCBFE70148BDE780B1FFFF38 +:10F6000000B1FFFFF0B5C646040000B50E001700BC +:10F610001D1E61D0043006F023FC236B8046002BB6 +:10F6200038D0E36B002B17D03B78002B36D1012D5F +:10F6300052D10121300006F082FB00282BD130008E +:10F6400001210C3006F07BFB002824D13000002182 +:10F65000183006F074FB1EE085423DD12A003900C7 +:10F66000300006F003FC002815D130000C3006F005 +:10F67000A1FA2378092B31D030000121183006F08F +:10F680005EFB002807D1236B002B04D0E36B002B1B +:10F6900001D0C9E7164804BC9046F0BD042BF9D14F +:10F6A00043465B000133AB4216D1791C4246300021 +:10F6B00006F013FC0028EED143463000591C79189F +:10F6C00042460C3006F009FC0028E4D1300001214C +:10F6D000183006F034FBDEE70648DCE7E9000139C4 +:10F6E0000022300006F055FB0028C5D0D3E7C04605 +:10F6F00080B1FFFF80B0FFFFF0B50600080089B0C1 +:10F700000D001830012106F016FE041E00D09EE008 +:10F71000336B002B00D18FE0F36B002B00D18DE019 +:10F720000021280006F007FE002800DA8FE02C00F8 +:10F730000C340021200006F0FEFD002800DA86E0EF +:10F74000371D3900280006F0AFFD002800DB7EE001 +:10F750003900200006F0A8FD002800DB77E002A8B1 +:10F7600006F022FA05A806F01FFA2200210002A8DE +:10F7700006F0F5FE041E08D002A806F01BFA05A844 +:10F7800006F018FA200009B0F0BD310002A8FFF71A +:10F790001BF9041EF0D12A00290005A806F0DFFE9F +:10F7A000041EE9D1310005A8FFF70EF9041EE3D1CC +:10F7B000B369002B4DD0320005A91032080006F0C5 +:10F7C00062FE041ED8D106E005A93A00080006F042 +:10F7D0001CFE041ED0D1390005A806F065FD0028E6 +:10F7E000F2DA05A92A00080006F0B9FE041EC3D10A +:10F7F000310005A8FFF7E8F8041EBDD1320005A9C5 +:10F800001C32080006F03FFE041EB5D106E005A933 +:10F810003A00080006F0F9FD041EADD1390005A834 +:10F8200006F042FD0028F2DA05A902A806F03CFD28 +:10F83000041EA1D0154C9FE7154CA3E7280006F045 +:10F840000FFBF36D0733DB08984200D89AE70F4CA3 +:10F8500098E705A90322080006F06FFE041E00D0F9 +:10F860008AE70DE0002105A806F065FD0028B8D064 +:10F8700005A93A00080006F006FE041E00D07BE74A +:10F88000059B0193002BEDDBABE7C04680B3FFFF88 +:10F8900080B0FFFFF0B51E00036B83B004000F00C3 +:10F8A0001500002B21D0C36B002B20D001211000AC +:10F8B00006F041FD002835DB210028004C3106F020 +:10F8C000F3FC00282EDA31002000FFF715FF002896 +:10F8D00009D1099B2A000193089B3900009320005D +:10F8E0003300FFF7DBFA03B0F0BD0F48FBE7002160 +:10F8F000100006F03EFA002814D10121280006F07D +:10F9000038FA00280ED1280006F089FAE36D013894 +:10F91000984207D1FE28D6D10221280006F029FA04 +:10F920000028D0D00148DEE780B0FFFF80B3FFFFA2 +:10F93000F0B557464E464546DE46E0B51F00036B20 +:10F9400097B0040088461600002B00D16EE0C36B10 +:10F95000002B6DD00121100006F0EDFC002800DA2C +:10F9600083E0210030004C3106F09EFC002800DBD3 +:10F970007BE039002000FFF7BFFE051E4ED1236B50 +:10F98000002B53D0E36B002B00D1E7E0A36D06936F +:10F990002378013BDBB2042B48D8AE4AD35C0793F3 +:10F9A000002B43D0200000214C3006F0E2F9012862 +:10F9B0003CD109A80CF0CAFD0AAB9946180006F024 +:10F9C000F3F83100484606F031F90DAB051E9B46B1 +:10F9D0004DD010AB9A4613AB0593484606F0EAF8B3 +:10F9E000584606F0E7F8504606F0E4F8059806F0A9 +:10F9F000E1F84346002B0ED01823434406930C2312 +:10FA000043441E00404606F0D5F8300006F0D2F818 +:10FA1000069806F0CFF809A80CF0A2FD280017B050 +:10FA20003CBC90469946A246AB46F0BD8A4DF5E7F0 +:10FA30000021100006F09DF9002816D101213000A8 +:10FA400006F097F9002810D1300006F0E8F9E36DD0 +:10FA50000138984209D1FE2800D08AE702213000FF +:10FA600006F087F9002800D183E77C4DD6E718001F +:10FA700006F09AF810AB18009A4606F095F813AB0A +:10FA80001800059306F090F83900584606F0CEF8B5 +:10FA9000051EA2D1390050460C3106F0C7F8051EEC +:10FAA0009BD139000598183106F0C0F8051E94D195 +:10FAB0001F24069A48461440631E9C415309E418CB +:10FAC000210006F08BF8051E00D086E7210058467D +:10FAD00006F084F8051E00D07FE72100504606F0AE +:10FAE0007DF8051E00D078E72100404606F076F844 +:10FAF000051E00D071E70C234344210018001E00AE +:10FB000006F06CF8051E00D067E743465B695A466D +:10FB1000029343469B68079901934B469B6809985B +:10FB200000935B4692685B6905F0FCFA1823434436 +:10FB300001211800069306F002F90500484606F078 +:10FB400039F8584606F036F8504606F033F805986E +:10FB500006F030F8002D00D15DE753E70DAB18003B +:10FB60009B4606F021F810AB18009A4606F01CF8E8 +:10FB700013AB1800059306F017F80AAB9946180066 +:10FB800006F012F83900484606F050F8051E0CD071 +:10FB9000584606F00FF8504606F00CF8059806F0A7 +:10FBA00009F8484606F006F838E73900584606F0E6 +:10FBB0003DF8051EECD1390050460C3106F036F800 +:10FBC000051EE5D139000598183106F02FF8051EFD +:10FBD000DED10121404606F0B2F8051ED8D1182327 +:10FBE000434400211800069306F0A9F8051ECFD162 +:10FBF0000C234344180005F0DDFF231D1D005B4668 +:10FC0000A3461C0006E02A002100200006F0FDFBB0 +:10FC1000002878D12900200006F046FB0028F2DAFF +:10FC200023005C469B46209B002B07D0219B209AFB +:10FC300059462000FEF71CFF051EA9D1300006F032 +:10FC4000EEF8431E07935B464546B346A0461E00AA +:10FC5000079B34E05CE8011080B0FFFF80B3FFFF3A +:10FC60000799584606F085F8C4B2220031002800F2 +:10FC700006F023F8002849D122000599069806F0DD +:10FC80001CF8002842D14A46009601922B0032000F +:10FC900029004046FEF748FF002837D122003100F6 +:10FCA000280006F00AF8002830D1220005990698AD +:10FCB00006F003F8079B013B0793002826D1013388 +:10FCC000CED144463300290020005E469B46FFF714 +:10FCD000C5F8A8460500584605F06CFF504605F0EB +:10FCE00069FF059805F066FF484605F063FF002DA3 +:10FCF00000D093E6236B002B00D18FE6E36B002B43 +:10FD000000D18BE642E60500A34641E70500B34675 +:10FD10003EE7C046036B70B504000D00002B11D008 +:10FD2000C36B002B10D00121280006F004FB002833 +:10FD300025DB210028004C3106F0B6FA00281EDA37 +:10FD4000002070BD0F48FCE70021280006F011F8E4 +:10FD5000002814D10121280006F00BF800280ED14C +:10FD6000280006F05CF8E36D0138984207D1FE28C0 +:10FD7000E6D10221280005F0FCFF0028E0D002486F +:10FD8000DFE7C04680B0FFFF80B3FFFFF0B5574606 +:10FD90004E464546DE46E0B59A46036B83B0070003 +:10FDA0000D009146002B47D0C36D07339846DB0802 +:10FDB0009B46C36B002B36D0072342469A434533FC +:10FDC0009C46BC4463461F269046019353464A46D0 +:10FDD0005946280007F086F9041E17D14346FA6DEC +:10FDE0002800991A06F078F9041E0FD1013E002E62 +:10FDF00024D00121280006F09EFA0028E6DB0199B4 +:10FE0000280006F051FA0028E0DA0024200003B0B0 +:10FE10003CBC90469946A246AB46F0BD280005F092 +:10FE2000FEFF00280CD153464A465946280007F0E9 +:10FE300059F9041EF2D0E9E71C4CE7E71C4CE5E752 +:10FE4000280005F0ECFFF96D013881421DD2411AFE +:10FE5000280006F041F9041ED8D100220021280014 +:10FE600005F097FF041ED1D100220121280005F0E2 +:10FE700090FF041ECAD1FB6DFE2B0DD03B6B002BF7 +:10FE8000C3D0FB6B002BC1D096E70122280005F000 +:10FE900080FF041EE1D0B9E700220221280005F00E +:10FEA00078FF0028EAD00400B0E7C04680B0FFFF2A +:10FEB00000B3FFFFF0B5C6460C0000B5010082B0EC +:10FEC000200015001E0001F0CDFA002803D002B07A +:10FED00004BC9046F0BD27007C3733002A0039006F +:10FEE0002000FFF753FF0028F1D139002000FFF771 +:10FEF00011FF0028EBD128239846A044414620005A +:10FF0000FFF7FAFB0028E2D1210001968831009525 +:10FF100043463A002000FEF7C1FFD8E7F0B5464659 +:10FF2000D6464F46C0B50378AAB004000E00002B99 +:10FF300000D1F6E00A789A4200D0F2E08823984691 +:10FF400088444146883006F0AFF9002800D0E8E048 +:10FF5000942399462000B1444946943006F0A4F910 +:10FF6000002800D0DDE0A0239A462000B244A03053 +:10FF7000514606F099F9041E00D0D2E002A805F01F +:10FF800013FE05A805F010FE08A80BAD05F00CFE49 +:10FF90000CA82C7005F008FE0FA805F005FE12A8AD +:10FFA00005F002FE15A805F0FFFD18A805F0FCFD00 +:10FFB0001BA805F0F9FD1EA805F0F6FDAC65EC6583 +:10FFC0002C666C66AC66EC662C676C67AC673400BC +:10FFD0003178280001F046FA2B6B2834002B00D131 +:10FFE0007EE0EB6B7C36002B00D17BE00121300002 +:10FFF00006F0A1F9002800DA91E01EA9300006F011 +:020000041001E9 +:1000000053F9002800DB8AE021002800FFF774FB89 +:10001000071E09D1019000902300320002A9280098 +:10002000FEF73CFF071E4FD002A805F0C3FD05A850 +:1000300005F0C0FD08A805F0BDFD2B6E012B2DD1EC +:10004000686F00281BD0AB6F0026002B15D0F40082 +:10005000A419A4000419002C1CD0200005F0AAFD4E +:1000600020000C3005F0A6FD2000183005F0A2FDA0 +:10007000AB6F0136686F9E42E9D3F9F741F87C21F6 +:100080002800F9F74FF838002AB01CBC9046994672 +:10009000A246F0BD01369E42D9D3EEE70CA805F08A +:1000A00089FD0FA805F086FD12A805F083FD15A8AF +:1000B00005F080FD18A805F07DFD1BA805F07AFD70 +:1000C0001EA805F077FDBBE7414602A806F0ECF854 +:1000D000002805D1494605A806F0E6F8002822D0F8 +:1000E000154FA1E70021300005F043FE002816D18E +:1000F0000121300005F03DFE002810D1300005F050 +:100100008EFEEB6D0138984209D1FE2800D07BE7C6 +:100110000221300005F02DFE002800D174E7074FC2 +:1001200082E7054FAFE7514608A806F0BDF8071E65 +:1001300000D179E7004F77E780B0FFFF80B3FFFF82 +:100140000138C3B20020042B01D8014AD05C7047AB +:100150005CE80110F0B5CE46474680B5446805001E +:10016000A5B000200E2C27D92600012301AF0E3E9A +:1001700001937E600E2E5CD815AB3C220021180046 +:100180009846BB60F0F7DBFA38229446AB68B200C1 +:100190006344994619004046F0F7B5FA264B002112 +:1001A000E21892004846F0F7CAFA3A0029002800FF +:1001B00006F069F9002804D025B00CBC9046994699 +:1001C000F0BD04AC23003A0043CA43C307A841462C +:1001D0003822A060F0F797FAE021200005F07CFFBC +:1001E0000028E9D122002900280006F04CF9002857 +:1001F000E2D17A68072A07D9104B00219C46624455 +:1002000092001CA8F0F79BFA22003900380006F093 +:100210003AF90028D0D10F23E02138007B6005F0A7 +:1002200007FF0028C8D13A002900280006F02BF962 +:10023000C2E70348C0E7C046F2FFFF3FF9FFFF3FB8 +:1002400080B0FFFF70B54468050090B00020072C17 +:1002500018D90123073C03930494092C38D806AE1F +:100260002822002130000596F0F769FAA968A2005B +:100270001C313000F0F747FA1F2103A805F02CFFCE +:10028000002801D010B070BD049B00220193FF2113 +:1002900001332800049305F07CFD0028F2D16A6840 +:1002A000082A08D90B4BA8689C466244920020306B +:1002B0000021F0F744FA03A91322080006F0C2F95E +:1002C0000028DFD103AA2900280006F046F8D9E764 +:1002D0000148D7E7F8FFFF3F80B0FFFF10B5426845 +:1002E000040096B00020102A27D90123103A019368 +:1002F000122A24D802929200A16804A840310390E7 +:10030000F0F701FA092101A805F0E6FE002814D152 +:10031000A0686268036CDB05DB0D0364112A07D952 +:10032000094B44309C46624492000021F0F707FAE2 +:1003300001AA2100200006F010F816B010BD12230B +:1003400048220293D8E7C046EFFFFF3FF0B5DE46F4 +:1003500057464E464546E0B50C2187B0040005F0EF +:100360003DFC0190002800D0B8E0A368626898695D +:1003700019689E6A44188442894134191C60B44249 +:10038000A4415D6892009A18494203924A19DD69B6 +:100390006442A846A1469044C1448A428941A1458D +:1003A000A44149426442DD6A0919DC69AC46A045B2 +:1003B0009241CC4452428918AC4592419C685242C9 +:1003C00089180A198A428941DC6849426746A04671 +:1003D0008C468218E0445F6082428041DF69444677 +:1003E000BC4640421F6A059101198C44049464463E +:1003F000BC4662440294BA42A4416742029CBB4696 +:10040000A246B2189A60B24292415C6ADA448142D2 +:100410008941DA458041A04652429146AC4640426D +:100420004942D04409180298C144CC4491459241B4 +:100430008146D86952428145804189184042081856 +:10044000A0458941AC45924149424018524280182A +:10045000049A0599904688459241524282185869FB +:1004600067468446186A196980465118914292413C +:100470004144814280415242944440428246604419 +:100480008919DF600719B846B142B641A045A441B9 +:100490007642B044196141466442A146B045B64136 +:1004A0005045A4414919A942AD41944592411800D3 +:1004B00064427642A4194C446D4265195242AA180E +:1004C00059619A61039A1C30824207D9D21A1D3AA7 +:1004D0009208013292000021F0F731F9019807B03B +:1004E0003CBC90469946A246AB46F0BDF0B5DE4610 +:1004F00057464E46454601230400E0B59DB008909E +:100500000C930FA80C33342200210D930E90F0F7BA +:1005100016F91821200005F061FB0790002800D093 +:1005200057E2A068036B416D98460368026D43442F +:100530001E00CC1815194645B6418C42A441C36D26 +:1005400064427642A6199542A44101929D4292418D +:1005500064425242A419A41AED1A0091056042683F +:10056000611C00D13DE21219A242A4416442456BD4 +:100570004746AC4629000295856D6244AB46AD18EE +:100580008A4292415E1952425D45AD4112199E4226 +:10059000A4416D42AA186442A2184645A44164428F +:1005A000141B019AF71B9742AD41BF1A6D42826836 +:1005B000641B47601519002C00DA56E2A542A441DD +:1005C0006442816B029E8C4665445A1903918D42A8 +:1005D000AD4102999A42BF41961B8A4292417F42A5 +:1005E0006D427D195242AD1A009A9642BF417F4238 +:1005F000B61AED1BC2682D1986605419002D00DA59 +:100600002EE2AC42AD416A429146C16B47468C46F0 +:100610006444A2465C46019A5744D619009A47455D +:10062000BF419519039A0591AA1A141BA4468A453D +:10063000A44101997F428E42B641009964423C191F +:100640008D42BF41039976427F4234198D42AD41BC +:100650003C195A45BF416D42641B7F42E71B9C45D4 +:10066000A441624664423F1BD21A4F44C2600269F1 +:100670007FB2D419002F00DAEDE1BC42BF417A42CB +:100680000492009A47469446644421008A46140026 +:10069000524492460A91016CA245A4410A00524478 +:1006A000914664420B940A9C029AA246069189459F +:1006B00089419446009C4942A245A441CC448946C4 +:1006C000029964428C4589415A460A940B9C019DCB +:1006D000A24667444942EE198C464745BF419519E9 +:1006E0000199059A0A9CAA1A8E42B641544409926D +:1006F0004C4464447F4209993C195D45BF418C4696 +:1007000076423419059E7F42B542AD413C199C4565 +:10071000BF416D42D21A641B7F42E71B04999A4283 +:10072000A4418C4664423F1BD21A6744026142696D +:100730007FB2D419002F00DA88E1BC42BF417A426F +:100740009246426C5C440399A04694460D00D844FE +:10075000C44465442F00029D0492EE19009D5C453F +:10076000A441AD195A199146D8459241524290463A +:10077000049A8F42BF419445924152429446029955 +:10078000009A64428E42B64144447F429542AD4154 +:1007900064443C199945BF41764234196D4206992B +:1007A0002C197F423F198945A4414A4664423F1BA8 +:1007B000574486697FB2541A4461F519002F00DA54 +:1007C0003FE1BD42BF417A4292465D195A199046B7 +:1007D000846C0599A4460E0098459241C444664431 +:1007E000524237009046A4459241039E9D42AD413E +:1007F000F6195242B14694468F42BF416D42039969 +:100800004544D9447F428E42B64165447D19D9455D +:10081000BF417642049975197F427F198945AD41E0 +:100820004A466D427E1B551A56448561C56976B2AB +:10083000AF19002E00DAFFE0B742B641724292468D +:100840000699059E88463200C56C9946EF19B84452 +:10085000424494468845924152429046B445924162 +:10086000E14452429446AF42BF41994592417F4292 +:10087000524247449046A145924167445242474400 +:10088000BF1A4A463E00171B026A5644C761944687 +:100890009719002E00DACAE0B742B641724291467B +:1008A000019A049E94466744F1198C460699974232 +:1008B000BF410E006644B046049E88459241B4454F +:1008C000B6417642B44652427F4267449446A845B8 +:1008D000924167445242BF1A42463E00571B426A49 +:1008E0004E44076290469719002E00DA9BE0B7420B +:1008F000B641764200998C466744E21994460499C1 +:10090000A445924188465242E0449446009A974258 +:10091000BF41884592417F42019952426744D719AD +:10092000884592415242BF1A4246BE19876A521AFE +:100930004262BA19002E00DA71E0B242BF417F4232 +:100940005A441600AA189446AC4589415E45B64102 +:1009500049428C46A21800997642A242A441B4446E +:100960008A42B6416442511A64447642A61B8162AF +:10097000C16AF6198A19002E4DDBB242B6417642A1 +:10098000019F9A18BC1829199A429B41BC42A44164 +:100990005B42A942AD416442E41859459B416D4216 +:1009A0005B422D19ED1A5B46AE19C91AF343DB17EA +:1009B00033400363089BC1625A680D2A07D92D4B47 +:1009C00034309C46624492000021EFF7B8FE002EBE +:1009D0000CDB07981DB03CBC90469946A246AB463E +:1009E000F0BD54425441013A6442C0E5224A0D9B95 +:1009F0009446089C0E9A63449B00764200929E5057 +:100A00000CA92200200005F000FD0028E1D10123FF +:100A10005B422360DDE77642B142B641B0E7764201 +:100A2000B742BF418CE77642B045B64162E77642B5 +:100A3000B4459241914633E77642B542924192469F +:100A4000FEE67F42BE4292419246BEE67F42BA42F5 +:100A50009241924675E67F42BA429241049210E674 +:100A60006D42AA4292419146CFE56442A242A4411E +:100A7000A7E5C046F3FFFF3FFFFFFF3FF0B5CE46BF +:100A8000474680B54468050095B00020072C2AD958 +:100A9000012306930393093B98463C4AA0440892DD +:100AA0004346022209AF07920597082B20D92C2232 +:100AB00000213800EFF743FEAE68202220363100D7 +:100AC0003800EFF720FE0A230493314B0021E2188F +:100AD00092003000EFF733FE03A906AA080005F0E4 +:100AE0003EFD002816D015B00CBC90469946F0BDCE +:100AF0002A3200213800EFF722FE4346AE689A0002 +:100B0000203631003800EFF7FEFDA31F0493082CB8 +:100B1000DBD1E1E703AA2900280005F01EFC00282C +:100B2000E1D108235B4298466C68A0444346082BF9 +:100B300027D89B0099462C2200213800EFF7FFFDB3 +:100B4000AE684A46203631003800EFF7DCFD079BDF +:100B5000019343440493082C06D90D4B0021E2185D +:100B600092003000EFF7EBFD03A906AA080005F09C +:100B7000F6FC0028B7D103AA2900280005F0EDFBF8 +:100B8000B1E720239946183B9846D4E79CCD00084E +:100B9000F8FFFF3FF0B5DE4657464E464546012377 +:100BA000E0B506008FB0039306A80733202200218A +:100BB00004930590EFF7C3FD0E21300005F00EF809 +:100BC000071E00D0B4E0B068C26903689246C16AEB +:100BD0009A1A53459B418C468A4289415B42C91A05 +:100BE0006346D21A026043680022002900D0ACE0BC +:100BF000016A056B8946591A4B459B415B42D21AE3 +:100C0000A9429B415B42D21A8368491B52B29B4660 +:100C100041600023002A00D09DE0426A446B904668 +:100C20005A464146511AC345924152429B1AA1422B +:100C3000924152429B1A0022091B5BB281600092D2 +:100C4000C168002B00D08CE05246836AD21A521839 +:100C50009346994289415245924149425242521A21 +:100C60000099E3448A469244E345924159465242F0 +:100C70005244C160016952B201938B189B46002A0D +:100C80005EDB9345924153429A464B4662469A1A1E +:100C90005A44A918E3459B414A4592415B4252425E +:100CA000D31AA94292419B4652425A44016141697A +:100CB00052448B189946002A6EDB9145924151426D +:100CC00043465A1B4A44A318A945AD4142459241A7 +:100CD0009C4652426D42531BA445AD419846634623 +:100CE0006D4245446D18816943614A19002D57DBF7 +:100CF000AA42AD416D42019B191B8918A242A44131 +:100D000099429B4164425B421C1B6419E343726835 +:100D1000DB1723408161C361082A07D9224B2030A9 +:100D20009C46624492000021EFF709FD002C1FDB76 +:100D300038000FB03CBC90469946A246AB46F0BD89 +:100D4000524291429B419A469FE74A4293429241C6 +:100D50005B18D2B24CE753429B459B419344DBB2B4 +:100D60005BE75A4291429241D2B20092C9186BE7B6 +:100D70000E4A049B9446059A63449B006442009289 +:100D80009C5003A93200300005F03FFB0028CFD172 +:100D900001235B423360CBE75242914289418FE7A6 +:100DA0006D42A942AD41A6E7F8FFFF3FFFFFFF3FBD +:100DB000F0B5DE4657464E46454601230400E0B5F1 +:100DC00095B0069008930BA80833242200210993BC +:100DD0000A90EFF7B4FC1021200004F0FFFE05900C +:100DE000002800D0EEE1A068036A02689C46456ACC +:100DF0006244914602932B00C46A4B44066B1F1B4E +:100E0000416BA346BC1B621A9446826B0395019208 +:100E1000AB429241029D52429046A94592415B45A8 +:100E20009B4152425B424244B742BF41D21A8C427C +:100E30009B417F42D21B019C5B42D31A6246A44570 +:100E4000BF41121B7F4202604268DB1BD718002B98 +:100E500000DABFE19F429B415B42039A856A944658 +:100E60006744AC46BC446446A41B621AA046019C7D +:100E70000495141BA146C46B0094AC45A441039D8A +:100E80006442AF42BF41A246B445A4417F4264429E +:100E900057443F1B019D8845A441AA4292416442A8 +:100EA0003F1B009C5242BF1AA14592415242BF1AB9 +:100EB0004A46121B42608268FB18D718002B00DAE2 +:100EC000B7E19F429B412C005B42049DAC466744C6 +:100ED000BC46DC446246521A141BA046DC45A441C1 +:100EE000AF42BF416442A1468C45A4417F42644267 +:100EF0004F443F1B019CA2429241009C5242BF1AA8 +:100F0000A04592415242BF1A4246FB18C768121BC5 +:100F10008260FA18002B00DA86E19A429B415B421C +:100F200007935A449146B046B446D944C844C44491 +:100F30006346029DCF183B1B5C1BA246D945A441CA +:100F40006442A146B045A4416442A046B445A441D0 +:100F50006442A4465A4592418F42A441524264429F +:100F60004A44A146009CAB429B41A742BF41424438 +:100F700062447F424A44D21B5B42D31A039A079CC5 +:100F80009245BF41A44654467F42DB1BA21A6344EC +:100F9000C26002695BB2D718002B00DA40E19F42C1 +:100FA0009B415B42F719F219914688468C46C8442A +:100FB000019DC444AA466246039D5244541BA24666 +:100FC000B145A4416442A1468845A4416442A0467B +:100FD0008C45A4416442A446019CB742BF41A24251 +:100FE000A4417F4264424F44AA429241A1464744F1 +:100FF000049D674452424F44BF1AAA45924152424F +:10100000BF1A5246521BFB18026142695BB2D718E5 +:10101000002B00DA00E19F429B415B42CF19CA19C5 +:101020009146019A009D90469446C844C444AA46FD +:101030006246049D5244541BA2468945A441644221 +:10104000A146019C8F42BF41A045A4416442A046F5 +:10105000019C7F42A445A4416442A446009C4F44A5 +:10106000A242A4416442A146AA4292414744674435 +:1010700052424F44BF1ADA4592415242BF1A5C466F +:101080005246121BFB18426182695BB2D718002BD3 +:1010900000DABDE09F4292415242019DAC46674456 +:1010A000EB199A46009B2C0099469846D144C844B7 +:1010B000C4446346029DCB185D1B01952500A245E3 +:1010C000A4416442A246009CAF42BF41A145A44155 +:1010D0006442A146009CAC45AD41A045A441644298 +:1010E000A0467F4257444F446D424744EF198B421C +:1010F000AD416D42EF19029D039CAB42AD41019B96 +:101100006D429C467D1BA445BF417F42EB1B9B1853 +:101110006246C569121B5BB28261EA18002B00DAD5 +:1011200071E09A429B415B420193009B029C9C466A +:101130006244A4469F18DD19AC446346049C1C1B02 +:10114000A14623005C461B1B98469B1B9A46009BAE +:10115000029C9F42BF419A4292419D42AD417F42D3 +:1011600052426D42BA18AA18A445AD41049C6D4282 +:10117000A445A441AA186442141BD9459241B04524 +:10118000B6415242A41A7642A41B019B8A45B6413D +:101190009C4653467642A41B644464B2591AE34306 +:1011A000DB1723400362069BC1615A68092A07D9ED +:1011B000224B24309C46624492000021EFF7BFFA94 +:1011C000002C0BDB059815B03CBC90469946A24616 +:1011D000AB46F0BD5B429A429B413EE6184A099BF2 +:1011E00094460A9A634464429B009C50069C009279 +:1011F00008A92200200005F008F90028E2D1012307 +:101200005B422360DEE75B429D429B4101938CE79A +:101210005B429A42924140E75B429A429B41FDE623 +:101220005B429A429B41BDE65B429F429B410793D2 +:1012300077E65B429A429B412C0046E6F7FFFF3F70 +:10124000FFFFFF3FF0B5CE46474680B54468050036 +:1012500095B00020052C28D93C4A0123089202228F +:101260000693039309AFA31F079205979846062B91 +:1012700020D92C2200213800EFF761FAAE6818223D +:10128000183631003800EFF73EFA08230493304B4C +:101290000021E21892003000EFF751FA03A906AAE4 +:1012A000080005F05CF9002816D015B00CBC90467B +:1012B0009946F0BD2A3200213800EFF740FA434644 +:1012C000AE689A00183631003800EFF71CFA231F79 +:1012D0000493062CDBD1E1E703AA2900280005F0DE +:1012E0003CF80028E1D16C68A31F9846062B27D84C +:1012F0009B0099462C2200213800EFF720FAAE68B7 +:101300004A46183631003800EFF7FDF9079B019384 +:1013100043440493062C06D90D4B0021E218920099 +:101320003000EFF70CFA03A906AA080005F017F938 +:101330000028BAD103AA2900280005F00EF8B4E766 +:1013400018239946123B9846D4E7C0468CCD000836 +:10135000FAFFFF3FF0B5CE46474680B5446805002A +:1013600095B00020062C28D93C4A0123089202227D +:101370000693039309AFE31F079205979846072B3F +:1013800020D92C2200213800EFF7D9F9AE681C22B1 +:101390001C3631003800EFF7B6F909230493304BBF +:1013A0000021E21892003000EFF7C9F903A906AA5C +:1013B000080005F0D4F8002816D015B00CBC9046F3 +:1013C0009946F0BD2A3200213800EFF7B8F94346BC +:1013D000AE689A001C3631003800EFF794F9631FAD +:1013E0000493072CDBD1E1E703AA2900280004F0CD +:1013F000B4FF0028E1D16C68E31F9846072B27D87B +:101400009B0099462C2200213800EFF798F9AE682E +:101410004A461C3631003800EFF775F9079B0193F7 +:1014200043440493072C06D90D4B0021E218920087 +:101430003000EFF784F903A906AA080005F08FF839 +:101440000028BAD103AA2900280004F086FFB4E7D7 +:101450001C239946153B9846D4E7C04694CD000816 +:10146000F9FFFF3F70B504000D0084B0FDF78EFF5B +:1014700025700D2D00D994E1CC4BAD005B599F46F2 +:10148000CB4B01A8636604F08FFB2000C94A1021F2 +:10149000103005F0E3F8051E00D121E201A804F0A8 +:1014A00089FB2000FDF772FF26E0C34B0125636630 +:1014B0000623C24AA360E260C14A23626262C14A53 +:1014C00023656265C04AE362A363C04B6560E56162 +:1014D000E564A56222636563E363BD4B25646564CF +:1014E000A364201D04F09BFCA06520004C3004F098 +:1014F00096FC25660025E065280004B070BDB54B5C +:10150000012563660823B44AA360E260B34A2362FC +:101510006262B34A23656265B24AE362A3636560AF +:10152000E561E564A56222636563AF4BD4E7AF4B29 +:10153000012563660C23AE4AA360E260AD4A2362D4 +:101540006262AD4A23656265AC4AE362A36365608B +:10155000E561E564A56222636563A94BBCE7A94B1D +:10156000012563660823A360A74BA84AE36007230D +:101570006262A74A23626265A64A2365E362A363A7 +:101580006560E561E564A56222636563A24BA3E73C +:10159000A24B012563661123A14AA360E260A14A20 +:1015A00023626262A04A23656265A04AE362A36384 +:1015B0006560E561E564A562226365639C4B8BE72A +:1015C000082301259B4AA360E2609B4A6361A261F4 +:1015D0009A4A236262629A4A23656265994AE36283 +:1015E000A36365602561E561E564A56222636563C7 +:1015F000954B71E70C230125944AA360E260944A5D +:101600006361A261934A23626262934A23656265C1 +:10161000924AE362A36365602561E561E564A562C2 +:10162000226365638E4B57E7102301258D4AA36023 +:10163000E2608D4A6361A2618C4A236262628C4AD5 +:10164000236562658B4AE362A36365602561E5619A +:10165000E564A56222636563874B3DE72000874B05 +:10166000874A63661021103004F0F8FF051E00D091 +:1016700017E7261D0121300004F061FB051E00D094 +:101680000FE7FF21300004F0D3FC051E00D008E76F +:1016900013223100300004F050FF051E00D000E797 +:1016A000300004F0BCFB4836A065764A10213000BB +:1016B00004F0D4FF051E00D0F3E60122FC21300027 +:1016C00004F067FB051E00D0EBE62000092128305E +:1016D00004F035FB051E00D0E3E620000121403078 +:1016E00004F02DFB051E00D0DBE62000343004F0B2 +:1016F00061FAFE23E365FFE6634B0125636606237B +:10170000624AA360E260624A2365A261614AE362C1 +:101710006262614AA3636265604A656025616561D2 +:10172000E5612562E564A562226365635C4BD3E6EF +:101730005C4A5D4BE2605D4A0125A2615C4A6366DA +:1017400062620822072322655A4AA36062655A4AE8 +:10175000E362A363656025616561E5612562E56417 +:10176000A56222636563554BB6E6554B012563665A +:101770000823544AA360E260534A2365A261534A96 +:10178000E3626262524AA3636265524A6560256100 +:101790006561E5612562E564A562226365634E4B80 +:1017A0009AE62000FDF7F2FD4C4DA5E684E9011014 +:1017B0005501011048ED01104D03011054EE0110C8 +:1017C000F4ED01103CEE01100CEE011024EE0110BE +:1017D000A4CD0008B10D011080F0011000F001103F +:1017E00060F0011020F0011040F00110ED04011034 +:1017F00060F10110A0F0011030F10110D0F00110E3 +:1018000000F10110950B011058EF0110E8EE0110E6 +:101810003CEF011004EF011020EF0110DD02011078 +:10182000A0F2011090F101105CF20110D4F101104E +:1018300018F201105CEA0110BCE90110DCE90110AA +:101840003CEA0110FCE901101CEA01106CEB0110EC +:101850007CEA0110ACEA01103CEB0110DCEA01105B +:101860000CEB0110DCEC01109CEB0110DCEB011027 +:101870009CEC01101CEC01105CEC01104502011005 +:101880001CED011024ED011045120110DCED0110DA +:101890008CED011090ED0110C4ED011094ED0110DC +:1018A000ACED0110CCEE0110551301106CEE0110DF +:1018B00070EE0110ACEE011074EE011090EE01100C +:1018C0007D0A0110E0EF011078EF01107CEF0110AC +:1018D000C0EF011080EF0110A0EF011080B1FFFFF9 +:1018E000261D0121300004F02AFA051E00D0D5E59E +:1018F000E021300004F09CFB051E00D0CEE5012263 +:101900003100300004F019FE051E00D0C6E5E021CC +:10191000300004F08DFB051E00D0BFE50122310030 +:10192000300004F00AFE051E00D0B7E5300004F0D8 +:1019300076FAA06520000521283004F000FA051E83 +:1019400000D0ABE520000121403004F0F8F9051E7D +:1019500000D0A3E52000343004F02CF9DF21483614 +:1019600001224900300004F014FA051E00D095E56C +:101970000B4A102101A804F071FE051E00D08DE570 +:1019800001AA3100300004F0A2FD051E00D085E55B +:10199000C023FF33E36501A804F00CF9ACE5C046B1 +:1019A00050ED011010B594210AF008FE10BDC0469C +:1019B00010B5002802D094210AF02EFE10BDC046BA +:1019C000020000B5343283B00092031D94220AF065 +:1019D000B7FE03B000BDC0460A0053425A4103009F +:1019E00010B5011D013234330AF042FE10BDC0466D +:1019F00010B504000020002A06D0201D13000A00A4 +:101A0000010020000AF060FE10BDC04610B50A00BB +:101A1000011D0AF077FE10BD10B5F4210AF0CEFDCD +:101A200010BDC04610B5002802D0F4210AF0F4FD24 +:101A300010BDC046020000B5343283B00092031DD1 +:101A4000F4220AF07DFE03B000BDC0460A005342F6 +:101A50005A41030010B5011D033234330AF008FE69 +:101A600010BDC04610B504000020002A06D0201D7D +:101A700013000A00010020000AF026FE10BDC04637 +:101A800010B50A00011D0AF03DFE10BD421E030004 +:101A9000042A05D88000C018024BC000C018704747 +:101AA0000020FCE7E4F20110F0B54E46DE46454664 +:101AB0005746E0B5040087B0080015000392994628 +:101AC000FFF7E4FF061E00D1A0E0002D00D19DE04D +:101AD000A24B4568984629239B4643465A461B68B5 +:101AE00000219B5C0A3A924696229A459B4112033A +:101AF0001340A022120294466A1E634413430492C8 +:101B00002000122213F03CF843465A46EF1DFF080E +:101B1000F9001B6805919B5C87229A459B41120343 +:101B200013409022120294464A1E6344134300213C +:101B30001222200013F024F8894B19689B468B6B06 +:101B4000E3181A680B6924331B191B689B009B0C54 +:101B50009B0099184B46002B14D03A001098C847A8 +:101B6000002834D07F4DC0231322DB000021200049 +:101B700013F006F8280007B03CBC90469946A246F0 +:101B8000AB46F0BD2F1E22DD5346049AAA469A4367 +:101B90002B00203B9B1AB1460D001E001F2F00DCBE +:101BA000D9E020234146292209688A5C00951F2A32 +:101BB00000D8CAE06C4A6D49200013F0CBFC002825 +:101BC000D0D1203F0435B742E8D14E4655460921D1 +:101BD000200003F051FD059BAB4200D991E0644B1E +:101BE00030220021200012F0CBFF42462923126848 +:101BF000D35C1F2B0CD85B4680211B681A68A21887 +:101C000013681942FCD1E0231B020AE0594DB1E7E9 +:101C10005B461B681A68A2181368002BFCD1E023EE +:101C20001B03049A002113432000122212F0A8FF84 +:101C3000B2690E2120002B0003F0AAFB0E220A211C +:101C4000200003F0F1FC00280ED080231322DB01DA +:101C50000021200012F094FF2B000A22039920009B +:101C600003F022FC00257EE729239A46434652468C +:101C70001B6820009B5C0A3A9146C32299459B4110 +:101C800012031340D0221202944663442B436F1C6C +:101C90001222002112F074FF3B00F26920000D2196 +:101CA00003F076FB434652461B6820009B5CF02203 +:101CB00099459B41D2021340802212029446049A15 +:101CC00063441A4313000021122212F059FF2A4BD9 +:101CD00030220021200012F053FF307B03F0F8F98E +:101CE000280003F0C9F92B00200008220A2100F087 +:101CF0004BFE842313229B010021200012F040FFA1 +:101D0000A3E729229146424649461F2712685B1BDA +:101D1000525C20009742924152420C3293401A008A +:101D200080239B0513430021802212F029FF4346A4 +:101D30004A461B6800219B5C00229F4252412000C2 +:101D400023320E4B12F01CFF49E7074A07492000D7 +:101D500013F0C4FB33E73B0024E7C04614E8010856 +:101D6000DCC2010801003200E146D2528D0B746CD6 +:101D700009A000000B0032000A80000098900000CB +:101D8000F0B55746DE464E464546E0B5040085B000 +:101D900008008A4615001F00FFF778FE061E00D1D6 +:101DA000D9E00395002D00D1D5E0002F00D1D2E07D +:101DB0007968002900D1CEE0B968002900D1CAE0D5 +:101DC0006949456889462921884649464046096847 +:101DD000D2220B5C1F218B46E0219B459B410902CF +:101DE0008C46120313406344691E0B430291122276 +:101DF0000021200012F0C4FE4846424600680299C5 +:101E0000835C9020872200029B459B4184461203FD +:101E1000134063440B4312220021200012F0B0FE55 +:101E20004A46404612680021135CC3229B459B41F1 +:101E300012031340D0221202944663442B43122211 +:101E4000200012F09DFE4A46404612680299135C3B +:101E5000A5229B459B4112031340B02212029446D7 +:101E600063440B4312220021200012F089FE4A46EF +:101E7000404612680299135CB4229B459B411203B1 +:101E80001340C0221202944663440B4312220021E5 +:101E9000200012F075FE2B0032690E21200003F0A5 +:101EA00077FA2B00B2690921200003F071FA6B1C4C +:101EB00072690D21200003F06BFA2B00326A0B21AE +:101EC000200003F065FA2B00726A0C21200003F059 +:101ED0005FFA280003F0D0F8307B03F0F9F84846A9 +:101EE000036840461B5CA020962200029B459B4154 +:101EF000844612030299134063440B4312220021CB +:101F0000200012F03DFE2B00039A0A21200003F06E +:101F10003FFA09230C2200930B2101332000019585 +:101F200003F0DCF82B000B227968200003F0BCFAE8 +:101F30002B000C22B968200003F0B6FA00233B7096 +:101F400053467B70FC232000DB011322002112F09A +:101F500017FE002000E0054805B03CBC90469946BD +:101F6000A246AB46F0BDC04614E801080B003200A3 +:101F7000F0B557464E46DE464546E0B50400ABB0E8 +:101F80000E0092461F00002900D19FE0002B00D1D7 +:101F90009CE0349B002B00D198E0359B002B00D1B6 +:101FA00094E0349B5878FFF771FD8046002800D1FB +:101FB00095E04368359A994608AB059319AB0693AB +:101FC000349B2000597804ABFFF7DAFE051E7ED162 +:101FD000DC4B00219B461A682923D35C1F229446C0 +:101FE000D2229C459B4112031340E02212029446E8 +:101FF0004A466344013A134303922000122212F02E +:10200000BFFD41464B468A6920000E2103F0C0F90E +:10201000594629230968C322CB5C1F218C46D02155 +:102020009C459B4109028C46494612031340634478 +:102030000B4312220021200012F0A2FD41464B4624 +:10204000CA6920000D2103F0A3F959462923096824 +:102050008722CB5C1F218C4690219C459B41090225 +:102060008C4612031340039A634413430021122247 +:10207000200012F085FD5946292309689622CB5C81 +:102080001F218C46A0219C459B4109028C461203CE +:102090001340039A6344134300211222200012F0DC +:1020A0006FFD09212000059A4B4603F071F90921C3 +:1020B000200003F069FA002813D0A34DCC2313228B +:1020C000DB010021200012F05BFD00E09E4D2800A6 +:1020D0002BB03CBC90469946A246AB46F0BD9B4D0A +:1020E000F5E75B461A682923D35C1F229446F02249 +:1020F0009C459B41D2021340802212029446039ACF +:102100006344134300211222200012F039FD52468D +:10211000D20092465A46292312680021D35C1F221E +:102120009446A5229C459B4112031340B022120203 +:10213000944652466344013A13432000122212F09F +:102140001FFD0E220921200003F06EFA002800D0A6 +:1021500099E07F4B30220021200012F011FD5A46F9 +:1021600029231268D35C1F2B00D99DE08021794B75 +:1021700098461B681A68A21813681942FCD14B468E +:1021800008220921200000F0FFFB390020004B4607 +:10219000092203F089F90921200003F0F5F900284C +:1021A00068D1349B0821DA6820004B4603F0F0F830 +:1021B000022002F08DFF4B46082200930A210923DA +:1021C000200000F0C7FC0B2120005346320003F032 +:1021D000DFF80B21200003F04FFACA4500D987E051 +:1021E0000E220B21200003F01FFA002865D04B4679 +:1021F000359A0921200003F0CBF80A230B220A218B +:10220000200002F065F8039B12220021200012F04A +:10221000B7FC0A2330220021200012F0B1FC5B46FB +:102220001A682923D35C1F2B36D8434680211B68AC +:102230001A68A21813681942FCD14B460022009379 +:102240000A210923200002F083F800212000012345 +:10225000132212F095FC0A21200003F095F90028C2 +:1022600008D14B46D91DC90879180A22200003F06D +:102270001BF900E0384D902313221B0100212000A0 +:1022800012F07EFC1AE74B4609223900200003F0C9 +:102290000BF9304B984684E743461B681A68A2182E +:1022A0001368002BFCD1C8E72A4B98461B681A68B4 +:1022B000A2181368002BFCD161E7284B30220021C3 +:1022C000200012F05DFC5A4629231268D35C1F2BB4 +:1022D0002FD8434680211B681A68A2181368194238 +:1022E000FCD14B4608220B21200000F04DFB7EE77D +:1022F0004A4653461F219B1A5A4629268A46126887 +:102300002000925D00219245924152420C3293404E +:10231000802212F035FC5B46514600221B682000EB +:102320009B5D994252410E4B2332002112F028FC52 +:1023300056E743461B681A68A2181368002BFCD1A5 +:10234000CFE7C04614E801080B0032000A00320053 +:1023500009800000DCC20108010032000B8000008F +:10236000B0B00000F0B55746DE464E464546E0B5F3 +:1023700087B004000F1E9246039300D12AE2002A80 +:1023800000D127E2109B002B00D123E2119B002BF0 +:1023900000D11FE25878FFF779FB8046002800D172 +:1023A0002CE246680220F21DD308049302F090FE4E +:1023B000300002F061FEBA4A1F2591462922934659 +:1023C0004A46594612682000535CD2229D429B41E6 +:1023D00012031340E02212029446721E6344134318 +:1023E00002920021122212F0CBFB414633008A698F +:1023F00020000E2102F0CCFF494658460968731CA4 +:1024000005930B5CD021C3229D429B4109028C465F +:10241000120313406344334312220021200012F0C0 +:10242000AFFB4146731CCA6920000D2102F0B0FFCA +:10243000494658460968F0220B5C80219D429B4129 +:10244000C9018C4692021340029A6344134300214F +:102450001222200012F094FB494658460968029A5D +:102460000B5CA0219D429B419625C9018C46ED0243 +:102470002B406344134300211222200012F080FB02 +:102480003A0033000421200002F082FF049B052162 +:10249000FA182000330002F07BFF0421200003F033 +:1024A00073F8451EA8417F4F45420E2204212000AB +:1024B0003D4003F0B9F8002800D13D00052120007F +:1024C00003F062F80E220521002800D08BE12000E5 +:1024D00003F0AAF8002800D192E1002D00D0CDE150 +:1024E00029239B464B465A461F271B6800219B5CAD +:1024F000B4229F429B41D2021340C022D201944693 +:10250000029A634413432000122212F039FB4B4617 +:1025100059461B68D2225B5CE0219F429B41C90166 +:102520008C46D2021340029A6344134300211222C4 +:10253000200012F025FB4B4659461B6887225B5C46 +:1025400090219F429B4109028C4612031340029A3C +:102550006344134300211222200012F011FB4B466A +:1025600059461B6896225B5CA0219F429B41090251 +:102570008C4612031340029A634413430021122233 +:10258000200012F0FDFA4B4659461B68A5225B5C01 +:10259000B0219F429B4109028C4612031340029ACC +:1025A0006344134300211222200012F0E9FA4B4643 +:1025B00059461B68B4225B5CC0219F429B410902C3 +:1025C0008C4612031340029A6344134300211222E3 +:1025D000200012F0D5FAC0233422DB0100212000B4 +:1025E00012F0CEFA039B5A46D9004B461B682000D6 +:1025F0009B5CF0229F429B41D20213408022120238 +:1026000094464A1E6344134303911222002112F0A0 +:10261000B7FA802334221B020021200012F0B0FA06 +:10262000039B52460821200002F0B2FE0821200040 +:1026300003F022F80399B14200D902E11A4B30228B +:102640000021200012F09CFA802313225B0000215D +:10265000200012F095FA4B4629271B680021DA5D0D +:102660001F2393429B41F022D20213408022120288 +:102670009446029A634413432000122212F080FA17 +:10268000122200212000029B12F07AFA0E2206216B +:10269000200002F0C9FF002800D1B8E006E0C046E3 +:1026A00014E801080B003200086000000023352206 +:1026B0000021200012F064FA0523002205212000E9 +:1026C000009601F045FE0523062206212000009613 +:1026D00000F040FA0422072105232000009600F0B4 +:1026E00039FA4346187B02F0F3FC42463300126984 +:1026F0000E21200002F04CFE4246059B52690D213E +:10270000200002F045FE42463300126A09212000F3 +:1027100002F03EFE434608275A6A0A213300200091 +:1027200002F036FE119B0B215B6820000293029A97 +:10273000330002F02DFE119B0C219A68200033001B +:1027400002F026FE06230A220921200001960097A6 +:1027500002F0C4FC07230C220B21200001960097F5 +:1027600002F0BCFC0A230C220021200001F0D0FD65 +:1027700009230B220521200001F0CAFD05230022B8 +:1027800005212000009601F0E3FD3300052205211C +:10279000200001F0D5FD092305220521200001F0CC +:1027A000B7FD0B2305220521200001F0B1FD802398 +:1027B0001322002120005B0012F0E2F9042205211F +:1027C000200002F009FF00281DD00123109A137089 +:1027D0002F4B0DE02F4D280007B03CBC904699468A +:1027E000A246AB46F0BD200002F01EFF294D2A4B49 +:1027F00013220021200012F0C3F9ECE7274DEAE78D +:10280000244D254BF4E7109B1870214BF0E7244B27 +:1028100030220021200012F0B3F94B461B68DB5D2B +:102820001F2B2DD880211F4B1B681A68A218136814 +:102830001942FCD1330008220621200000F0A4F840 +:1028400034E74A468B1B594612682000525C00212F +:102850009742924152420C329340802212F090F9FA +:102860004B465A461B6800219B5C2A009F426A41E6 +:10287000200023320C4B12F083F9DFE6064BB7E75A +:10288000084B1B681A68A2181368002BFCD1D1E70B +:10289000F17E00000B003200306000000A003200C0 +:1028A00006800000DCC2010880800000F8B504004A +:1028B00000231022002112F063F920002A4B00228D +:1028C000002112F05DF9C02329261F2520009B015D +:1028D0000022002112F054F9244FF0223B6812022A +:1028E0009B5D20009D429B411340214A002194465C +:1028F0001222634412F044F93B681E4A9B5D9446E1 +:102900009D429B411340634420008022002112F02D +:1029100037F900223B6820009B5D00219D42524117 +:10292000154B233212F02CF92000144B36220021D3 +:1029300012F026F92000124B3D22002112F020F95E +:102940002000104B3722002112F01AF92000022338 +:102950001322002112F014F900231122002120007B +:1029600012F00EF9F8BDC0460120000014E801087D +:1029700008120000009020003020000023200000FA +:102980002E0040002E203000F0B5D6464F46464679 +:102990009A46C0B515000E00002310220021040045 +:1029A00012F0EEF88023DB013343200000220021E7 +:1029B00012F0E6F8C0239B012B43200000220021E7 +:1029C00012F0DEF853465A002923984641461F2547 +:1029D000594F013A3B6820005B5CF0219D429B41CE +:1029E00049020B40802189018C4663441343002136 +:1029F000122212F0C5F842463B6820009B5CF02290 +:102A00009D429B41120291461340802252019446FE +:102A100052466344013A13430021122212F0B0F8E7 +:102A200042463B6820009B5C52469D429B415B4274 +:102A30000C339A4000211300802212F0A1F80026E6 +:102A400042463B6820009B5C32009D42724100215F +:102A500023323A4B12F094F82000394B33220021F4 +:102A600012F08EF842463B6820009B5C00219D429C +:102A70007641812332005B01233212F081F820007D +:102A8000304B3322002112F07BF820000223132266 +:102A9000002112F075F842463B6820009B5C002143 +:102AA0009D42AD414B461D4080235B019C465346F1 +:102AB00065445F1C2B00173A3B4312F061F83B0062 +:102AC00020001222002112F05BF82000322337226E +:102AD000002112F055F820001B4B3722002112F084 +:102AE0004FF82000194B0322002112F049F8200072 +:102AF0001E233722002112F043F82000144B30220D +:102B0000002112F03DF8C12320009B033022002158 +:102B100012F036F8200007231322002112F030F8BB +:102B2000002311220021200012F02AF81CBC90463C +:102B30009946A246F0BDC04614E8010830400000A6 +:102B40004D2000001E2000000E100000100040006C +:102B500001404000F0B5C64600B51D0088B00F002A +:102B60001600002310220021040012F009F880232F +:102B70005B013B4300220021200012F001F880237A +:102B80009B01334300220021200011F0F9FFC023F4 +:102B90009B012B4300220021200011F0F1FF0E9B2E +:102BA00012225B00013B0021200011F0E9FF2323EA +:102BB00033220021200011F0E3FF2923864D2A68EB +:102BC000D35C1F2B15D88021844B1B681A68A21870 +:102BD00013681942FCD1824B1B78002B14D0012BB7 +:102BE0001AD1804B1B78052B1CD87F4A9B00D358E9 +:102BF0009F467A4B1B681A68A2181368002BFCD1F9 +:102C0000774B1B78002BEAD1764B1B78052B09D824 +:102C1000764A9B00D3589F460E9B0022012120003C +:102C2000FFF7B2FE200001231322002111F0A8FFBC +:102C3000002311220021200011F0A2FF08B004BCE3 +:102C40009046F0BD2000FFF731FEEBE701AE320009 +:102C5000674B1C3383CB83C21968200011601B793A +:102C6000002113710023102211F08AFF614B002212 +:102C70000021200011F084FFA0230022DB010021AD +:102C8000200011F07DFF802312229B0000212000F4 +:102C900011F076FF2923984642461F272B68002112 +:102CA0009B5CF0229F429B4112021340524A20003B +:102CB00094461222634411F063FF42462B680021C0 +:102CC0009B5CB4229F429B41D2021340C122D2019D +:102CD000944620006344122211F052FF42462B68B2 +:102CE00000219B5CC0229F429B41D2021340434A79 +:102CF000200094468022634411F042FF42462B6834 +:102D000000219B5CC0229F429B41520313403C4ADE +:102D1000200094468022634411F032FF3200812368 +:102D20000621200002F034FB002642462B680021D9 +:102D30009B5C32009F42724120002332314B11F0E4 +:102D40001FFF314B30220021200011F019FF162304 +:102D500033220021200011F013FF0423362200212A +:102D6000200011F00DFF42462B6800219B5C2000E3 +:102D70009F4276413200254B233211F001FF802320 +:102D80003022DB010021200011F0FAFE162333224D +:102D90000021200011F0F4FE1D4B362200212000FE +:102DA00011F0EEFE4E233D220021200011F0E8FE3E +:102DB000184B37220021200011F0E2FE43232000AF +:102DC0001322002111F0DCFE00231122002120003B +:102DD00011F0D6FE26E7C04614E80108DCC201085F +:102DE000A8CD0008547B0108E0F80110F8F80110A4 +:102DF00010F9011001400000DF110000000006087A +:102E00000000180C531000000540000003100000E3 +:102E1000044000004E40300001AE3200B04B83CB86 +:102E200083C283CB83C21B68002113602000002370 +:102E3000102211F0A5FEAB4B00220021200011F062 +:102E40009FFE80230022DB010021200011F098FE6C +:102E50002923984642461F272B6800219B5C962217 +:102E60009F429B41D20213409F4A20009446122267 +:102E7000634411F085FEE0231222FF33002120007D +:102E800011F07EFE42462B6800219B5CF0229F429F +:102E90009B4112021340954A20009446122263443B +:102EA00011F06EFE42462B6800219B5C80229F42FF +:102EB0009B41520313408122120594462000634433 +:102EC000802211F05DFE3200E02305212000002663 +:102ED00002F05EFA42462B6800219B5C32009F4262 +:102EE000724120002332824B11F04AFE814B302286 +:102EF0000021200011F044FE152333220021200080 +:102F000011F03EFE032336220021200011F038FE8E +:102F100042462B6800219B5C32009F427241200098 +:102F20002332754B11F02CFEC02330229B0100216F +:102F3000200011F025FE152333220021200011F07E +:102F40001FFE032336220021200011F019FE424605 +:102F50002B6800219B5C32009F427241200023328B +:102F6000654B11F00DFEC02330229B010021200093 +:102F700011F006FE152333220021200011F000FE7F +:102F8000032336220021200011F0FAFD42462B686F +:102F900000219B5C32009F42724120002332564B3D +:102FA00011F0EEFDC02330229B010021200011F022 +:102FB000E7FD152333220021200011F0E1FD03235A +:102FC00036220021200011F0DBFD42462B68002153 +:102FD0009B5C32009F42724120002332464B11F02D +:102FE000CFFDC02330229B010021200011F0C8FD3D +:102FF000152333220021200011F0C2FD03233622C5 +:103000000021200011F0BCFD42462B6800219B5C92 +:1030100032009F42724120002332374B11F0B0FD45 +:10302000C02330229B010021200011F0A9FD1523AF +:1030300033220021200011F0A3FD032336220021BA +:10304000200011F09DFD42462B6800219B5C320060 +:103050009F42724120002332274B11F091FDC02383 +:1030600030229B010021200011F08AFD152333221C +:103070000021200011F084FD0323362200212000CE +:1030800011F07EFD42462B6800219B5C20009F4290 +:1030900076413200184B233211F072FDC0233022EA +:1030A0009B010021200011F06BFD1523332200212C +:1030B000200011F065FD114B36220021200011F097 +:1030C0005FFD3E233D220021200011F059FD0C4BF5 +:1030D00037220021200011F053FD23236FE6C04664 +:1030E00010F9011001300000DF500000FF10000057 +:1030F0004210000004300000021000000330000005 +:103100003E303000002310220021200011F038FD55 +:103110008C4B00220021200011F032FDA023002260 +:10312000DB010021200011F02BFDA02312225B0007 +:103130000021200011F024FD2923984642461F2734 +:103140002B6800219B5CF0229F429B41120213409E +:103150007D4A200094461222634411F011FD42463C +:103160002B6800219B5CC0229F429B41D2021340EE +:10317000764A200094468022634411F001FD4246C5 +:103180002B6800219B5CE0229F429B41120313406D +:103190006F4A200094468022634411F0F1FC00261F +:1031A00042462B6800219B5C32009F427241200006 +:1031B0002332684B11F0E4FC674B302200212000E1 +:1031C00011F0DEFC412337220021200011F0D8FC51 +:1031D000624B20220021200011F0D2FC0123362274 +:1031E0000021200011F0CCFC42462B6800219B5CA2 +:1031F00020009F4276413200594B233211F0C0FC2F +:103200003722504B0021200011F0BAFC534B2022F2 +:103210000021200011F0B4FC524B36220021200086 +:1032200011F0AEFC4E233D220021200011F0A8FC3D +:103230004D4B37220021200011F0A2FC0323BEE5F4 +:10324000002310220021200011F09AFC3D4B0022A7 +:103250000021200011F094FCA0230022DB010021BA +:10326000200011F08DFC802312225B000021200041 +:1032700011F086FC2923984642461F272B6800211F +:103280009B5CF0229F429B4112021340374A200070 +:1032900094461222634411F073FC42462B680021CD +:1032A0009B5C80229F429B41D2021340304A200007 +:1032B00094468022634411F063FC42462B6800214F +:1032C0009B5CC0229F429B4112031340294A20006D +:1032D00094468022634411F053FC002642462B683A +:1032E00000219B5C32009F42724120002332194B27 +:1032F00011F046FC184B30220021200011F040FC58 +:10330000142336220021200011F03AFC134B202216 +:103310000021200011F034FC01233622002120007E +:1033200011F02EFC42462B6800219B5C20009F423E +:10333000764132000A4B233211F022FC0E4B36222A +:1033400060E7C046014000003F1100000000060891 +:1033500000000E0C53100000054000001210000089 +:1033600003100000414000004E403000FF100000FC +:103370000000040800000C0C104000000023102284 +:103380000021200011F0FCFBFD4B00220021200059 +:1033900011F0F6FBA02300221B020021200011F0F7 +:1033A000EFFB2923984642461F272B6800219B5C90 +:1033B000B4229F429B41D2021340F24A200094461D +:1033C0001222634411F0DCFB42462B6800219B5C17 +:1033D000D2229F429B41D2021340EB4A20009446E6 +:1033E0001222634411F0CCFB42462B6800219B5C07 +:1033F000F0229F429B41D2021340E44A20009446AF +:103400001222634411F0BCFB42462B6800219B5CF6 +:1034100080229F429B419202944613406344802243 +:10342000200011F0ADFB42462B6800219B5C8022FE +:103430009F429B41D2021340D54A200094468022ED +:10344000634411F09DFB42462B6800219B5CC02227 +:103450009F429B41D2021340CE4A200094468022D4 +:10346000634411F08DFB42462B6800219B5C802257 +:103470009F429B4112031340C74A2000944680227A +:10348000634411F07DFB42462B6800219B5C802247 +:103490009F429B4152031340C04A20009446802221 +:1034A000634411F06DFB42462B6800219B5CC022F7 +:1034B0009F429B4152031340B94A20009446802208 +:1034C0006344002611F05CFB42462B6800219B5CA4 +:1034D00032009F42724120002332B24B11F050FB68 +:1034E000B14B36220021200011F04AFBAF4B3D22A8 +:1034F0000021200011F044FBAD4B372200212000B9 +:1035000011F03EFB42462B6800219B5C32009F423B +:10351000724120002332A74B11F032FBA64B36221A +:103520000021200011F02CFBA04B3D2200212000A7 +:1035300011F026FB9E4B37220021200011F020FBCA +:103540009E4B20220021200011F01AFB9C4B3622BA +:103550000021200011F014FB944B3D22002120009B +:1035600011F00EFB924B37220021200011F008FBD6 +:1035700042462B6800219B5C32009F427241200032 +:103580002332904B11F0FCFA8F4B202200212000B7 +:1035900011F0F6FA8A4B36220021200011F0F0FAE1 +:1035A000824B3D220021200011F0EAFA804B3722A5 +:1035B0000021200011F0E4FA42462B6800219B5CB8 +:1035C00032009F42724120002332804B11F0D8FA22 +:1035D0007B4B37220021200011F0D2FA7C4B36229F +:1035E0000021200011F0CCFA42462B6800219B5CA0 +:1035F00032009F42724120002332764B11F0C0FA14 +:103600006F4B36220021200011F0BAFA674B3D22A1 +:103610000021200011F0B4FA654B37220021200070 +:1036200011F0AEFA42462B6800219B5C20009F42BD +:1036300076413200684B233211F0A2FA5E4B3722FA +:103640000021200011F09CFA614B3622002120005D +:1036500011F096FA5D4B20220021200011F090FA23 +:10366000574B36220021200011F08AFA4F4B3D22A1 +:103670000021200011F084FA4D4B37220021200058 +:1036800011F07EFA554B20220021200011F078FA2B +:103690004B4B36220021200011F072FA434B3D22A1 +:1036A0000021200011F06CFA414B3722002120004C +:1036B00011F066FA424B36220021200011F060FA28 +:1036C0003A4B3D220021200011F05AFA384B3722A4 +:1036D0000021200011F054FAE1232022DB01002117 +:1036E000200011F04DFA364B36220021200011F057 +:1036F00047FA2E4B3D220021200011F041FA2C4BBD +:1037000037220021200011F03BFA324B2022002109 +:10371000200011F035FA2A4B37220021200011F049 +:103720002FFA2B4B36220021200011F029FA2B4BC7 +:1037300020220021200011F023FA214B3722002102 +:10374000200011F01DFA224B36220021200011F03A +:1037500017FA234B20220021200011F011FA184BF8 +:1037600037220021200011F00BFA194B36220021DC +:10377000200011F005FA174B20220021200031E033 +:10378000019000007F6100007F7100001F80000039 +:1037900000000404000006080000080C00001010DF +:1037A00000001814A56000006A9000009E00400010 +:1037B0009E903000648000009890000082700000AD +:1037C0009790000064700000737000007270000039 +:1037D0009E904000717000007180000070700000C9 +:1037E0006070000011F0CCF9164B36220021200049 +:1037F00011F0C6F9144B3D220021200011F0C0F950 +:10380000124B37220021200011F0BAF9104B202270 +:103810000021200011F0B4F90A4B362200212000CB +:1038200011F0AEF9084B3D220021200011F0A8F95B +:10383000064B37220021200011F0A2F9E0235B00A3 +:10384000FFF7BDFA979000009E0040009E90300068 +:1038500070700000002310220021200011F090F968 +:10386000FE4B00220021200011F08AF9B023002233 +:103870001B020021200011F083F9292398464246BB +:103880001F272B6800219B5C96229F429B41D202FE +:103890001340F34A200094461222634411F070F959 +:1038A00042462B6800219B5CB4229F429B41D2027E +:1038B0001340EC4A200094461222634411F060F950 +:1038C00042462B6800219B5CD2229F429B41D20240 +:1038D0001340E54A200094461222634411F050F947 +:1038E00042462B6800219B5CF0229F429B41D20202 +:1038F0001340DE4A200094461222634411F040F93E +:1039000042462B6800219B5C87229F429B41120309 +:103910001340D74A200094461222634411F030F934 +:1039200042462B6800219B5C80229F429B415203B0 +:103930009446134063448022200011F021F942464E +:103940002B6800219B5C80229F429B419202134086 +:10395000C84A200094468022634411F011F942467F +:103960002B6800219B5CC0229F429B41D2021340E6 +:10397000C14A200094468022634411F001F9424676 +:103980002B6800219B5CC0229F429B411203134085 +:10399000BA4A200094468022634411F0F1F842466E +:1039A0002B6800219B5CE0229F429B411203134045 +:1039B000B34A2000944680226344002611F0E0F8C8 +:1039C00042462B6800219B5C32009F4272412000DE +:1039D0002332AC4B11F0D4F842462B6800219B5C9B +:1039E00032009F42724120002332A74B11F0C8F8E9 +:1039F00042462B6800219B5C32009F4272412000AE +:103A00002332A24B11F0BCF842462B6800219B5C8C +:103A100032009F427241200023329D4B11F0B0F8DA +:103A20009C4B20220021200011F0AAF89A4B36224C +:103A30000021200011F0A4F8984B3D220021200025 +:103A400011F09EF8964B37220021200011F098F8D3 +:103A5000944B20220021200011F092F8924B372243 +:103A60000021200011F08CF8904B3622002120001C +:103A700011F086F88E4B20220021200011F080F8F2 +:103A8000894B36220021200011F07AF8834B3D2229 +:103A90000021200011F074F8814B37220021200012 +:103AA00011F06EF8804B36220021200011F068F8EA +:103AB0007A4B3D220021200011F062F8784B37222A +:103AC0000021200011F05CF842462B6800219B5C2D +:103AD00032009F42724120002332764B11F050F8A1 +:103AE000714B37220021200011F04AF86F4B36222B +:103AF0000021200011F044F86F4B2022002120000B +:103B000011F03EF8684B36220021200011F038F801 +:103B1000624B3D220021200011F032F8604B372229 +:103B20000021200011F02CF8644B372200212000E6 +:103B300011F026F85D4B36220021200011F020F80C +:103B400042462B6800219B5C32009F42724120005C +:103B500023325B4B11F014F85A4B20220021200035 +:103B600011F00EF8504B36220021200011F008F819 +:103B70004A4B3D220021200011F002F8484B372229 +:103B80000021200010F0FCFF4F4B202200212000DC +:103B900010F0F6FF444B37220021200010F0F0FF18 +:103BA000424B36220021200010F0EAFF42462B68EB +:103BB00000219B5C32009F42724120002332434B24 +:103BC00010F0DEFF3D4B37220021200010F0D8FF1F +:103BD000364B36220021200010F0D2FF344B202239 +:103BE0000021200010F0CCFF2F4B362200212000B6 +:103BF00010F0C6FF294B3D220021200010F0C0FF2D +:103C0000274B37220021200010F0BAFF42462B68D4 +:103C100000219B5C32009F427241200023322C4BDA +:103C200010F0AEFF1F4B20220021200010F0A8FF53 +:103C30001D4B37220021200010F0A2FF1B4B362223 +:103C40000021200010F09CFF42462B6800219B5C65 +:103C500032009F42724120003CE0C04601A00000BB +:103C6000FF500000FF600000FF7000001F80000098 +:103C70005F900000000002040000060800000C0C29 +:103C800000000E10B050000052A00000A160000023 +:103C9000A1800000A2A00000AAA00000AE00400089 +:103CA000AEA0300084700000A7A00000AEA04000CD +:103CB000627000005370000073700000A6A0000046 +:103CC000618000008370000071700000616000007E +:103CD000528000002332EF4B10F052FFEE4B2022B7 +:103CE0000021200010F04CFFEC4B37220021200077 +:103CF00010F046FFEA4B36220021200010F040FF72 +:103D000042462B6800219B5C32009F42724120009A +:103D10002332E44B10F034FFE34B37220021200024 +:103D200010F02EFFDE4B36220021200010F028FF7D +:103D300042462B6800219B5C32009F42724120006A +:103D40002332DA4B10F01CFFD74B36220021200023 +:103D500010F016FFD64B3D220021200010F010FF7E +:103D6000D44B37220021200010F00AFF42462B6876 +:103D700000219B5C32009F42724120002332CE4BD7 +:103D800010F0FEFECD4B20220021200010F0F8FEA6 +:103D9000C24B37220021200010F0F2FEC04B362229 +:103DA0000021200010F0ECFEC54B20220021200055 +:103DB00010F0E6FEB94B37220021200010F0E0FEA3 +:103DC000B74B36220021200010F0DAFE00238022BB +:103DD0000021200010F0D4FE42462B6800219B5C9D +:103DE00032009F42724120002332B64B10F0C8FED1 +:103DF000AD4B36220021200010F0C2FEAC4B3D221C +:103E00000021200010F0BCFEAA4B37220021200028 +:103E100010F0B6FEAA4B20220021200010F0B0FEC8 +:103E20009E4B37220021200010F0AAFE9C4B362228 +:103E30000021200010F0A4FEA34B2022002120002E +:103E400010F09EFE954B36220021200010F098FEC7 +:103E5000974B3D220021200010F092FE954B372217 +:103E60000021200010F08CFE42462B6800219B5C54 +:103E700032009F42724120002332944B10F080FEAA +:103E8000864B37220021200010F07AFE844B362228 +:103E90000021200010F074FE42462B6800219B5C3C +:103EA00020009F4276413200894B233210F068FE99 +:103EB0007A4B36220021200010F062FE7C4B3D221E +:103EC0000021200010F05CFE7A4B372200212000F8 +:103ED00010F056FEF8239B00FEF771FF002310221E +:103EE0000021200010F04CFE7A4B0022002120001F +:103EF00010F046FEA02329271F26DB010022002107 +:103F0000200010F03DFE2B68F022DB5D12029E4285 +:103F10009B411340704A00219446200063441222C2 +:103F200010F02EFE2B68F022DB5D52029E429B4178 +:103F300013406A4A0021944620006344122210F084 +:103F40001FFE2B68B422DB5D92029E429B41134010 +:103F5000634A0021944620006344122210F010FEB0 +:103F6000E0222B681203DB5D94469E429B41134086 +:103F7000634480220021200010F002FE00222B6802 +:103F80009046DB5D11009E42524120002332554B8A +:103F900010F0F6FD80222B681203DB5D94469E42F2 +:103FA0009B411340634480220021200010F0E8FD73 +:103FB00042462B680021DB5D20009E425241822355 +:103FC00023325B0110F0DCFDC0222B68D202DB5DE6 +:103FD00090469E429B411340434480220021200092 +:103FE00010F0CEFD404B20220021200010F0C8FD33 +:103FF0002B684246DB5D00219E429B4113404344B7 +:104000008022200010F0BCFDC12320229B01002152 +:10401000200010F0B5FD354B36220021200010F0B5 +:10402000AFFD334B3D220021200010F0A9FD314BA4 +:1040300037220021200010F0A3FD2F4B3722002152 +:10404000200010F09DFD2D4B36220021200010F0A5 +:1040500097FD2B4B37220021200010F091FD274BBC +:1040600036220021200010F08BFD264B3622002145 +:10407000200010F085FD244B3D220021200010F08F +:104080007FFD224B37220021200010F079FD0E2306 +:10409000FEF795FE5180000083700000A7A000008D +:1040A000AEA0400052900000A9A000005190000076 +:1040B000AE004000AEA0300091800000847000008F +:1040C0009270000050900000547000007170000069 +:1040D000B070000001400000DF100000DF20000091 +:1040E000DF300000504000001020000025200000BC +:1040F0002E0040002E203000242000002E20400002 +:1041000021200000234000004E0040004E403000BF +:10411000002310220021200010F032FD614B00220C +:104120000021200010F02CFDA0230022DB01002143 +:10413000200010F025FD2923984642461F262B68B3 +:1041400000219B5CF0229E429B4152021340564A42 +:10415000200094461222634410F012FD42462B6860 +:1041600000219B5CB4229E429B41920213404F4A25 +:10417000200094461222634410F002FD42462B6850 +:1041800000219B5CC0229E429B4112039446134037 +:1041900063448022200010F0F3FC002742462B6885 +:1041A00000219B5C3A009E427A4120002332404B22 +:1041B00010F0E6FC42462B6800219B5C80229E4268 +:1041C0009B4112039446134063448022200010F068 +:1041D000D7FC42462B6800219B5C20009E427F4119 +:1041E00081233A009B01233210F0CAFC42462B681F +:1041F00000219B5C20009E429B418026F602B44633 +:1042000033406344802210F0BBFCC12320229B0179 +:104210000021200010F0B4FC264B362200212000A3 +:1042200010F0AEFC244B3D220021200010F0A8FC31 +:10423000224B37220021200010F0A2FC204B362216 +:104240000021200010F09CFC1B4B3D22002120008F +:1042500010F096FC194B37220021200010F090FC42 +:10426000184B20220021200010F08AFC164B382227 +:104270000021200010F084FC144B36220021200085 +:1042800010F07EFC0C4B3D220021200010F078FC49 +:104290000A4B37220021200010F072FC0C23FEF79D +:1042A0008EFDC046014000007F200000BF300000AE +:1042B00050400000454000004E0040004E4030009D +:1042C0004340000020300000232000004240000056 +:1042D00070B50C00050012010E0313433343362260 +:1042E000002110F04DFC084B2401280023433D22FF +:1042F000002110F045FC054B3443280023433722AE +:10430000002110F03DFC70BD0E0040000E0030009A +:1043100070B50C00050012010E031343334337221E +:10432000002110F02DFC2401044B344328002343CA +:104330003622002110F024FC70BDC0460E00400063 +:1043400000B583B000931300FEF704FC03B000BD7A +:10435000F8B5CE4647460D0080B51E001700002375 +:1043600010220021040010F00BFCE023DB013B4392 +:1043700000220021200010F003FC80231B023343A5 +:1043800000220021200010F0FBFBB0231B022B4376 +:1043900000220021200010F0F3FB2923984642461A +:1043A0001F26B24D00212B6820009B5C87229E4275 +:1043B0009B4112031340902212029446089A6344D0 +:1043C000571E3B43122210F0DBFB42462B680021B4 +:1043D0009B5C96229E429B4112031340A022120234 +:1043E000944663443B431222200010F0C9FB42462E +:1043F0002B6800219B5CC0229E429B41B426120286 +:1044000094463603334063443B431222200010F0AD +:10441000B7FB974B30220021200010F0B1FB954BE9 +:1044200030220021200010F0ABFB934B3022002102 +:10443000200010F0A5FBC02329261B0234220021F6 +:10444000200010F09DFB8D4F9A2320003D2200217B +:1044500010F096FB2B6838689B5D1F2B00D987E016 +:1044600080210368E21813681942FCD1C36B3F2214 +:10447000E3181B68200098460021092310F080FBF8 +:104480002B6838689B5D1F2B6CD880210368E2186D +:1044900013681942FCD1C36B3F22E3181B6800214B +:1044A000994620000A2310F06BFB2B68995D3B684E +:1044B0009C461B68E2181F294DD8802013681842BB +:1044C000FCD16346DB6BE318186802239C464B461D +:1044D000624613404246520700D59AE0002B4DD168 +:1044E0006346034200D088E04346DB0752D5644B65 +:1044F00037220021200010F043FB2B689B5D1F2B0F +:1045000000D89EE05F4B24220021200010F038FBF1 +:104510005D4B37220021200010F032FB36225B4B2E +:104520000021200010F02CFB0B233F220021200053 +:1045300010F026FB564B36220021200010F020FB05 +:104540002B689B5D1F2B1ED9524B2522002120007A +:1045500010F016FB78E71368002BB2D01368002B1D +:10456000F9D1AEE70368E2181368002BFCD192E79B +:104570000368E2181368002BFCD177E71F2959D98B +:10458000404B2422CCE7444B26220021200010F08F +:10459000F7FA59E7414B37220021200010F0F0FADA +:1045A0002B689B5D1F2B53D93D4B242200212000FB +:1045B00010F0E6FA3B4B37220021200010F0E0FA21 +:1045C0003622394B0021200010F0DAFA0C233F226A +:1045D0000021200010F0D4FA344B362200212000B4 +:1045E00010F0CEFA2B689B5D1F2B0BD9304B252288 +:1045F0000021200010F0C4FA26E71F292FD9284BEC +:104600002422DFE72B4B26220021200010F0B8FAED +:104610001AE7B02320005B011322002110F0B0FA4A +:10462000002311220021200010F0AAFA0CBC9046B1 +:104630009946F8BD204B25220021200010F0A0FA59 +:1046400072E71D4B25220021200010F099FA5FE748 +:104650001A4B25220021200010F092FAAAE7174BEE +:1046600025220021200010F08BFAAFE714E80108A2 +:10467000089000000EA0000007B00000DCC2010896 +:104680009A9000009F900000BCB00000BEB04000B7 +:10469000BEB08000BFB00000B0B00000A9A0000014 +:1046A000AFA00000CBC00000CEC04000CEC0800054 +:1046B000CFC00000C0C0000090900000A0A000008B +:1046C000F0B5CE464746884680B51D0083B017003A +:1046D00000231022002104000A9E10F051FAA023AA +:1046E00042461B02134320000022002110F048FA2A +:1046F000B0231B023B4320000022002110F040FAAF +:10470000C0231B022B4320000022002110F038FAA6 +:104710003D4B1F259946292398464B4642461B6828 +:10472000771E9B5CD2229D429B41D2021340E02225 +:10473000D201944663443B4320001222002110F032 +:104740001FFA4B4642461B6820009B5CF0229D42AC +:104750009B41D202134080221202944663443B43A1 +:104760001222002110F00CFA4B4642461B68200032 +:104770009B5C90229D42AD418723120294461B030D +:104780002B4063443B431222002110F0F9F9E0234F +:104790002000DB013522002110F0F2F92000009604 +:1047A0000C2307220821FFF7D3FD200000960823E1 +:1047B00008220721FEF7CEF92000009607230A22DF +:1047C0000A21FEF7C7F92000009607230B220921D2 +:1047D000FEF7C0F920000096082309220B21FEF7FE +:1047E000B9F9E02320009B001322002110F0C8F942 +:1047F000002311220021200010F0C2F903B00CBCEC +:1048000090469946F0BDC04614E80108F0B5CE4682 +:104810004746884680B51E0083B01700002310224B +:10482000002104000C9D10F0ABF9802342461B02CE +:10483000134320000022002110F0A2F990231B0254 +:104840003B4320000022002110F09AF9A0231B0214 +:10485000334320000022002110F092F9B0230A9A7D +:104860001B02134320000022002110F089F9C0230D +:104870000B9A1B02134320000022002110F080F944 +:10488000844B1F269946292398464B4642461B686F +:104890006F1E9B5CF0229E429B419202134080223D +:1048A000D201944663443B4320001222002110F0C1 +:1048B00067F94B4642461B6820009B5C96229E424D +:1048C0009B41D2021340A022D201944663443B4351 +:1048D0001222002110F054F94B4642461B6820007A +:1048E0009B5CB4229E429B41D2021340C022D20163 +:1048F000944663443B431222002110F041F94B4699 +:1049000042461B6820009B5CE0229E42B641D223B7 +:10491000D2019446DB02334063443B431222002120 +:1049200010F02EF9200000950A230A220421FEF738 +:1049300011F92000009504230B220621FEF70AF945 +:10494000200000950A230C220521FEF703F9200020 +:10495000514B3722002110F013F920004F4B362223 +:10496000002110F00DF9200000950A2308220A21E9 +:10497000FEF7F0F820000095042305220721FEF73A +:10498000E9F82000464B3722002110F0F9F820000A +:10499000444B3622002110F0F3F820000095082344 +:1049A00008220421FEF7D6F82000009504230622F1 +:1049B0000521FEF7CFF820000095082304220621E8 +:1049C000FEF7C8F820000095062307220421FEF711 +:1049D000C1F820000095092309220821FEF7BAF842 +:1049E00020002D4B3722002110F0CAF820002B4B5D +:1049F0003622002110F0C4F820002B4B3622002173 +:104A000010F0BEF82000294B3D22002110F0B8F82C +:104A10002000274B3722002110F0B2F82000254B50 +:104A20003722002110F0ACF820001C4B3622002168 +:104A300010F0A6F82000204B3722002110F0A0F83B +:104A400020001E4B3622002110F09AF8200000951D +:104A5000052309220921FEF77DF82000184B372293 +:104A6000002110F08DF820000E4B3622002110F0AE +:104A700087F82000F0231322002110F081F8002392 +:104A800011220021200010F07BF803B00CBC9046EE +:104A90009946F0BD14E80108868000008E80400031 +:104AA000979000009E904000557000007E004000EE +:104AB0007E70300087800000585000005E5040003B +:104AC00094900000F0B5CE464746884680B51D005C +:104AD00083B0170000231022002104000A9E10F06A +:104AE0004FF8A0234246DB0113430021002220009F +:104AF00010F046F8C023DB013B43002200212000D8 +:104B000010F03EF8E0232927DB012B431F2500226C +:104B10000021200010F034F89C4BF02298461B68CE +:104B20001202DB5D00219D429B4113408022520115 +:104B30009446721E6344914613432000122210F0E3 +:104B40001FF843461B68F022DB5D52029D429B41E9 +:104B500013408022920194464A4663441343002145 +:104B60001222200010F00CF843461B68B422DB5DD3 +:104B700092029D429B411340C022920194464A46B4 +:104B8000634413430021122220000FF0F9FF434633 +:104B900080221B68D201DB5D94469D42AD41F0232B +:104BA0004A469B022B4063441343002112222000FB +:104BB0000FF0E6FF06230622042120000096FDF7F1 +:104BC000C9FF07230722032120000096FDF7C2FF3B +:104BD00007230622072120000096FDF7BBFF0423D0 +:104BE0000522062120000096FDF7B4FF684B36220F +:104BF000002120000FF0C4FF664B3D220021200061 +:104C00000FF0BEFF644B3722002120000FF0B8FFE9 +:104C1000624B3622002120000FF0B2FF604B3D2294 +:104C2000002120000FF0ACFF5E4B37220021200056 +:104C30000FF0A6FF5C4B3722002120000FF0A0FFF1 +:104C40005A4B3622002120000FF09AFF0323052241 +:104C5000012120000096FDF77DFF554B36220021F3 +:104C600020000FF08DFF4E4B3D22002120000FF061 +:104C700087FF4C4B3722002120000FF081FF4D4B66 +:104C80003622002120000FF07BFF4B4B3D220021FC +:104C900020000FF075FF494B3722002120000FF054 +:104CA0006FFF01233F22002120000FF069FF444BDA +:104CB0003622002120000FF063FF43461B68DB5DB6 +:104CC0001F2B5BD93F4B2522002120000FF058FFFE +:104CD00020000096012301220321FDF73BFF200065 +:104CE000394B372200210FF04BFF20002F4B36228B +:104CF00000210FF045FF2000344B372200210FF038 +:104D00003FFF2000324B362200210FF039FF2000F8 +:104D1000304B372200210FF033FF20002E4B36227C +:104D200000210FF02DFF2000009606230122022112 +:104D3000FDF710FF20000096042304220121FDF757 +:104D400009FF2000254B372200210FF019FF20001A +:104D5000214B362200210FF013FF20001E231322C7 +:104D600000210FF00DFF00231122002120000FF081 +:104D700007FF03B00CBC90469946F0BD184B2622A5 +:104D8000002120000FF0FCFEA2E7C04614E8010855 +:104D9000535000005E0040005E5030003330000091 +:104DA0003E0040003E303000533000003E304000B6 +:104DB00011300000131000001E0040001E103000D3 +:104DC0001E1080001F10000036300000365000001A +:104DD0005E504000656000006E6040002160000091 +:104DE00010100000F0B5DE4657464E464546E0B589 +:104DF00085B01D000E9B0F0016009946102200235F +:104E0000002104000FF0BCFEE023DB013B43002245 +:104E1000002120000FF0B4FE80231B023343002248 +:104E2000002120000FF0ACFEC02329271F261B0203 +:104E30002B430022002120000FF0A2FE864D962277 +:104E40002B68D202DB5D00219E429B411340A022D1 +:104E5000D20194460122524263444A44904613438D +:104E6000200012220FF08CFE2B68B422DB5DD202F0 +:104E70009E429B411340C022D20194464246634465 +:104E800013430021122220000FF07AFE2B688722A4 +:104E9000DB5D12039E429B41134090221202944616 +:104EA0004246634413430021122220000FF068FEA3 +:104EB0002B689622DB5D12039E429B411340A02289 +:104EC00012029446424663441343002112222000FA +:104ED0000FF056FE2B68A522DB5D12039E429B411C +:104EE0001340B02212029446424663441343002109 +:104EF000122220000FF044FE584B302200212000E7 +:104F00000FF03EFE564B3022002120000FF038FEFD +:104F1000902335221B02002120000FF031FEA02338 +:104F20003422DB01002120000FF02AFE2B68002133 +:104F3000DA5D0123964292419A432832494B200080 +:104F40000FF01EFE484B2022002120000FF018FE1B +:104F5000464B9A461B681B6918331B191E682B6841 +:104F6000B600DB5DB60C1F2B6ED9414B2122002110 +:104F700020000FF005FE4B469F1B2923013F002612 +:104F80009846002F29D042462B689B5C1F2B47D99F +:104F9000374B2122002120000FF0F2FD53464146FD +:104FA00018682A680368525CE3181F2A31D88021E8 +:104FB0001A681142FCD1C36B0822E3181B68072151 +:104FC0009B464B46200000930923FFF77BFD5B4681 +:104FD000DB072CD40136BE42D5D14B4620000093CE +:104FE000082209230721FFF76BFBE62320001B01A2 +:104FF000132200210FF0C4FD002311220021200004 +:105000000FF0BEFD05B03CBC90469946A246AB46AB +:10501000F0BD1A68002ACED01A68002AF9D1CAE772 +:10502000144B2122002120000FF0AAFDB6E74B46C9 +:1050300002930B230193013B00930822013B0721BC +:105040002000FFF7E3FBC5E70A4B212200212000E7 +:105050000FF096FD8FE7C04614E8010807A0000096 +:1050600008B00000C5600000C6C00000DCC2010836 +:10507000CFC00000C0C0000080235B0098421FD05A +:1050800007D8C02818D0E0280ED102220E4B1A7083 +:105090007047C0235B0098420AD00C4B984203D162 +:1050A0000522094B1A70F3E70022074B1A70EFE74D +:1050B0000422054B1A70EBE70122034B1A70E7E755 +:1050C0000322014B1A70E3E7547B01080902000038 +:1050D000014B18707047C046A8CD000810B50400F9 +:1050E00082B0059800902000FFF77CFE0B4B1A68F9 +:1050F0002923D35C1F2B09D88022094B1B68186811 +:10510000201803681A42FCD102B010BD044B1B6882 +:10511000186820180368002BFCD1F5E714E8010893 +:10512000DCC20108F0B5DE46574645464E46E0B5BE +:10513000050085B0080092469B46FCF7A7FC0028B6 +:1051400000D1F7E003694468029343690393027B4B +:10515000884B1A7080235B009C4200D106E100D985 +:10516000D8E0C02C00D1EDE0E02C00D0FAE0022223 +:10517000814B1A705346002B00D1D9E05B46002BBF +:1051800000D1D5E00E9B002B00D1D1E00F9B002B6E +:1051900000D1CDE0109B002B00D1C9E029271F26AC +:1051A000764B962299461B681203DB5D00219E42D6 +:1051B0009B411340A02212029446621E6344904613 +:1051C0001343280012220FF0DBFC4B461B68A5227C +:1051D000DB5D12039E429B411340B02212029446B3 +:1051E0004246634413430021122228000FF0C8FCFA +:1051F0004B461B68B422DB5D12039E429B41134069 +:10520000C0221202944642466344134300211222F4 +:1052100028000FF0B5FC4B461B68D222DB5D120361 +:105220009E429B411340E022120294464246634450 +:1052300013430021122228000FF0A2FC4B461B68EA +:10524000C322DB5D12039E429B411340D022120217 +:105250009446634423431222002128000FF090FC5F +:105260004B4690221B681202DB5D94469E429B4196 +:1052700087264246360333406344134300211222FB +:1052800028000FF07DFC2300029A0E21280000F078 +:105290007FF8631C039A0D21280000F079F82300A1 +:1052A00052460B21280000F073F823005A460C21C7 +:1052B000280000F06DF823000E9A0A21280000F063 +:1052C00067F80A2300940C220B212800FFF78AFDBF +:1052D0004B461B68DB5D1F2B3CD88021284B1B688D +:1052E0001A68AA1813681942FCD123000B220F99DF +:1052F000280000F0D9F823000C221099280000F0B3 +:10530000D3F8FC232800DB01132200210FF038FC26 +:10531000002010E0C0235B009C4217D0194B9C4238 +:1053200020D10522144B1A705346002B00D025E7DC +:10533000154800E0154805B03CBC90469946A24689 +:10534000AB46F0BD01220C4B1A7013E704220A4B46 +:105350001A700FE70A4B1B681A68AA181368002B0B +:10536000FCD1C2E70022044B1A7003E70322024B70 +:105370001A70FFE6A8CD0008547B010814E8010864 +:10538000DCC20108090200000B0032000A003200F2 +:10539000F0B5D6464F464646924629220500C0B58E +:1053A0003E4F3868825C3E48006884460068281892 +:1053B0001F2A0BD8802604682642FCD16046046967 +:1053C000281906684068B146804607E00468002C4A +:1053D000FCD1604604690020804681466046890011 +:1053E000806B69182818091900680C68DE1DA40074 +:1053F0001F33A40C5B09F608A4009B00B6B2241866 +:105400009BB21F2A44D900222100280007F048FC43 +:1054100029233A68D35C1F2B33D93300524621002D +:10542000280007F0DBFB29243B681B5D1F2B23D8DA +:105430004B461C4A1B091A404B461B051B0D1343C8 +:105440000021802228000FF09BFB43461F2198007B +:105450001A053B68800C1B5D120D9942894180231F +:10546000DB041A43030049420C318B4028001343EC +:10547000002180220FF084FB1CBC90469946A24676 +:10548000F0BD330052462100280007F041FBCAE777 +:1054900000222100280007F05BFBB9E714E80108AF +:1054A000DCC2010800F0FF03F8B54746CE46040011 +:1054B000292080B5314D2E68305C844666463048E0 +:1054C00000688046006820181F2E0AD880270668CA +:1054D0003742FCD14046006981462018076846687B +:1054E00006E00668002EFCD1404600690027814690 +:1054F00040469200806BA21820184A440068126847 +:1055000007339200920C920012186046DB089BB29F +:105510001F282FD9200007F061FB29239846424617 +:105520002B689B5C1F2B21D8164A3B093F05134073 +:105530003F0D3B438022002120000FF021FB42461B +:105540002B68B1009B5C0A3A9A429241802336054F +:10555000890CDB04360D1E430B0052420C32934083 +:1055600000213343802220000FF00AFB0CBC904640 +:105570009946F8BD200007F0CBFACEE714E8010801 +:10558000DCC2010800F0FF030B0010B53F22002130 +:1055900004000FF0F5FA0E4B1A682923D35C1F2B79 +:1055A0000DD880210B4B18680368E2181368194264 +:1055B000FCD1C36BE41820684007C00F10BD054B39 +:1055C00018680368E2181368002BFCD1F1E7C046A5 +:1055D00014E80108DCC2010813010B4310B53D2299 +:1055E000002104000FF0CCFA0D4B1A682923D35C7C +:1055F0001F2B0DD880210B4B18680368E218136825 +:105600001942FCD1C36BE41820684007C00F10BDDD +:10561000044B18680368E2181368002BFCD1F1E70B +:1056200014E80108DCC2010813010B4310B53D2248 +:10563000002104000FF0A4FA0D4B1A682923D35C53 +:105640001F2B0DD880210B4B18680368E2181368D4 +:105650001942FCD1C36B0120E4182368184010BD27 +:10566000044B18680368E2181368002BFCD1F1E7BB +:1056700014E80108DCC201080B4A8B00126810B55F +:105680001169926B8C4663441B1880181968026874 +:105690001868C9048000C90C800C08318000C90852 +:1056A00080180FF037FE10BDDCC201081300303B3C +:1056B00010B5DCB2092C00D9FF2303601300413B75 +:1056C000052B01D80A3303601300613B052B01D879 +:1056D000573A0260036800208B4201D30620404203 +:1056E00010BD0023F0B516001D00854204D1A900AD +:1056F0005118002B12D1F0BD34689C42BF41E41A0E +:105700003460AB00CB587F429C469C429B415B423D +:10571000DB196746E41B10C60135E6E70A68D01AB4 +:105720009A429B4101C15B42E3E7F0B50E001500D0 +:10573000002487B003900491059201930290029B8C +:105740002F680F2B00D9B9E0039B039A1D092B0189 +:10575000D31A0293049BAD015E19059B5D19029B50 +:10576000072B00D895E000233068019A1900EDF767 +:1057700087FD2018A042A4413818B842BF41002339 +:105780006442611828607F4270687F18019A19008E +:10579000EDF776FD3818B842BF417F4279186F683F +:1057A0000023C019B842BF4168607F42B0687F18CB +:1057B000019A1900EDF764FDAC683818B842BF4192 +:1057C0000019A042A44100237F427918A8606442D6 +:1057D000F0686418019A1900EDF752FDEF6820187F +:1057E000A042A441C019B842BF41002364426118DD +:1057F000E8607F4230697F18019A1900EDF740FD9B +:105800002C693818B842BF410019A042A4410023B6 +:105810007F4279182861644270696418019A1900FE +:10582000EDF72EFD6F692018A042A441C019B842BF +:10583000BF4100236442611868617F42B0697F18EC +:10584000019A1900EDF71CFDAC693818B842BF4148 +:105850000019A042A44100237F427918A861644244 +:105860006418F069019A1900EDF70AFD3700201855 +:10587000A0429B41EC6920370019A042A4413E00A0 +:105880005B425918E861029B6442083B641802932A +:1058900020352F00029B03933B680493039B002B4E +:1058A00000D030E10122029B9B00ED182B68E31829 +:1058B00008C5A34200D23DE107B0F0BD0023306827 +:1058C000019A1900EDF7DCFC2018A042A441C01990 +:1058D000B842BF4100236442611828607F4270686B +:1058E0007F18019A1900EDF7CBFC6C683818B842A4 +:1058F000BF412018A042A44100237F42791868606C +:105900006442B0686418019A1900EDF7B9FCAF68F9 +:105910002018A042A4413818B842BF410023644275 +:105920006118A8607F42F0687F18019A1900EDF7AE +:10593000A7FCEC683818B842BF412018A042A44127 +:1059400000237F427918E860644230696418019A44 +:105950001900EDF795FC2F692018A042A4413818D2 +:10596000B842BF4100236442611828617F427069D8 +:105970007F18019A1900EDF783FC6C693818B8425A +:10598000BF412018A042A44100237F4279186861DA +:105990006442B0696418019A1900EDF771FCAF69AF +:1059A0002018A042A4413818B842BF4100236442E5 +:1059B0006118A8617F42F0697F18019A1900EDF71C +:1059C0005FFCEC693818B842BF412018A042A441DE +:1059D00000237F42791864426418E8611900019A33 +:1059E000306AEDF74DFC2F6A2018A042A441381808 +:1059F000B842BF4100236442611828627F42706A46 +:105A00007F18019A1900EDF73BFC6C6A3818B84210 +:105A1000BF412018A042A44100237F427918686248 +:105A20006442B06A6418019A1900EDF729FCAF6A64 +:105A30002018A042A4413818B842BF410023644254 +:105A40006118A8627F42F06A7F18019A1900EDF789 +:105A500017FCEC6A3818B842BF412018A042A44194 +:105A600000237F427918E8626442306B6418019A1F +:105A70001900EDF705FC2F6B2018A042A44138183F +:105A8000B842BF4100236442611828637F42706BB3 +:105A90007F18019A1900EDF7F3FB6C6B3818B842C8 +:105AA000BF412018A042A44100237F4279186863B7 +:105AB0006442B06B6418019A1900EDF7E1FBAF6B1B +:105AC0002018A042A4413818B842BF4100236442C4 +:105AD0006118A8637F427F18F06B019A1900EDF7F7 +:105AE000CFFBEC6B3818B842BF412018A042A4414C +:105AF000E863029B7F427918103B64420293403670 +:105B0000403564181BE6002301CE1900019AEDF719 +:105B1000B7FB049B2018A042A441C018039B01C7F7 +:105B2000013B0393049B64429842804164184042C5 +:105B30000419B1E61400B9E6074BC91889004118E9 +:105B4000884200D970470A68036812BA1BBA04C0B9 +:105B500004394B60F4E7C046FFFFFF3FF7B54C68E0 +:105B60000E00150000210190A700043F002C09D170 +:105B70003368002B02DA002900D0691A019B00204B +:105B80001960FEBDB3680904DB59013C180C0843D9 +:105B900029000093EDF74EFB6B4618880904084373 +:105BA0002900EDF747FBE0E7012303600023436092 +:105BB0008360704710B5041E0ED08068002806D0A0 +:105BC00063689900F3F7AEFAA068F3F799FA012336 +:105BD000236000236360A36010BD0000124B70B50A +:105BE00004000D00994202D91020404270BD636844 +:105BF00000208B42FAD204212800F3F779FA061E1E +:105C0000F2D0A16800290BD063689A00EAF77BFD07 +:105C10006368A0689900F3F785FAA068F3F770FA53 +:105C20006560A6600020E1E710270000F8B50500D8 +:105C30000E0000208D4217D08F68874204D12800C3 +:105C4000FFF7B8FF00200FE04B685C1E002C0CD162 +:105C500033686A6801342B60A2420CD2210028000C +:105C6000FFF7BCFF00280ED0F8BDA300FB58002BA7 +:105C7000EED1013CEAE7AB68121BA00092001818B5 +:105C80000021EAF75CFDA868A200B168EAF73BFDD5 +:105C9000D8E77FB50C240D0006002200010001A802 +:105CA000EAF731FD290022003000EAF72CFD280038 +:105CB000220001A9EAF727FD7FBDF7B504000D001A +:105CC0001600884201D10020FEBD4968FFF786FF1B +:105CD0000028F9D161682800FFF780FF0028F3D180 +:105CE00027680123390072423243D2B2D2092E68AA +:105CF0009B1A5943564376182660296857435943DF +:105D0000C91929606168019101998142DBD0A668B7 +:105D100081007618009636680130B446AE68711876 +:105D20000E685643370066465E43BE19009F3E60CC +:105D300067460E6857435E43F6190E60E4E770B598 +:105D40000C0001210500FFF749FF061E0FD16B680B +:105D500001009A00A868EAF7F2FCE117AB68621844 +:105D60004A401A600123E1179943C918296030009D +:105D700070BD436802005B0100208B4208D94B09CB +:105D800092689B001F30014098580123C84018407A +:105D90007047F8B506000F0014004D09012A1BD802 +:105DA00043685B018B420DD91F231F40B368AD00D0 +:105DB0005D190123BB40BC4000202A689A4314436C +:105DC0002C60F8BD00208242FBD0691C3000FFF738 +:105DD00005FF0028E8D0F4E704204042F1E7F7B5DA +:105DE0000022110043680193019B8B4202D10023E2 +:105DF0001800FEBD85688B0016005F591300203621 +:105E00009D1AAC463D006446E5402C0001252C421D +:105E1000EED15B19B342F3D149191A00E4E700232C +:105E200042689A4212D08068531E9200002B0FD114 +:105E30009A0011588022002012060A4203D1013034 +:105E400052082028F9D15B0120331B1A1800704733 +:105E5000811804390968043A0029E9D1013BE5E7D2 +:105E600010B5FFF7DCFF0730C00810BDF7B50327FA +:105E700017407B1E9F419308FF18436804000E00E3 +:105E80001500BB421BD100212000FFF758FF00285E +:105E900022D1182203009446AB421DD01A000321E0 +:105EA0008A43A168DF008A18F15C013301916146E1 +:105EB0000F400199B940176839431160ECE7FFF7CB +:105EC00079FE01232360002339006360A360200072 +:105ED000FFF784FE0028D6D0FEBDF7B5032414409A +:105EE000631E9C419308E418436805000191170064 +:105EF000A34207D100212800FFF721FF061E0FD083 +:105F00003000FEBDFFF756FE01232B600023210069 +:105F10006B60AB602800FFF761FE061EEAD0EFE77A +:105F2000019B002BECD0A000AB68C01B18183A00F6 +:105F30000199EAF7E8FB002CE2D02100A868FFF7FE +:105F4000FBFDDDE7F7B5436801919B00934222D347 +:105F500014000326FF279C420FD1160000240327BC +:105F6000A6421AD10024934205D20199D21AC81828 +:105F70002100EAF7E4FB2000FEBD25003540E900E2 +:105F800025008C468168B5434D596146CD403D4260 +:105F900011D10134DFE71E00E0E721003940250080 +:105FA000C9008C468168BD434D596146CD40019979 +:105FB0000D550134D4E708246442DCE7F8B5050048 +:105FC0006B6808009C000326130094421AD2121B2F +:105FD0008E180021EAF7B3FB3000220000230327CC +:105FE0009A4212D10020F8BD19003140C9008C46F8 +:105FF0001900AF68B14379586746F940FF27394225 +:1060000012D10133A342EFD1E8E71C00D11A1E00E0 +:1060100001398C46A968BC430C593E40F600F44057 +:10602000614601334454DBE708204042DBE70000CF +:10603000F7B50B001F26050033400F0000934C09F5 +:10604000FFF7EDFE6B68C7195B01BB4206D3002C5E +:1060500010D1009B002B24D100200AE03E403100EB +:106060004E1EB1417F09C9192800FFF7B7FD00286E +:10607000EDD0FEBD6B68174AA0009A18121B920063 +:10608000A34207D800229B00043B191DE1D0A96858 +:10609000CA50F9E7A968013B8E5889180E50043A96 +:1060A000EEE7202100266B68A2009C46009BCB1ADD +:1060B0000193A445D0D9AB6800999B181F6801349F +:1060C0003800884030433E001860019B0432DE40B7 +:1060D000EFE7C046FFFFFF3F4368F7B54C09A34217 +:1060E00005D31F221140A34205D1002934D000213D +:1060F000FFF725FEFEBD002C1FD1002908D000228D +:10610000202594466A1A9C000192043C002B16D16B +:106110000020EFE786681519AD00AF599500AF5123 +:1061200001321D1B9542F5D80024AA00AB42E4D9E8 +:1061300086680135B4500432F8E70022F1E782683E +:10614000654612191768013B3E00CE402E4316608B +:10615000019A9740BC46D8E7002BD9D00A00E0E767 +:10616000436830B505009800002B11D14A689000B3 +:10617000002A16D11C0000201443844207D00130AD +:10618000934204D822D39A00002B13D1180030BDBB +:10619000AA681218043A12680438002AE6D1013BB2 +:1061A000E2E78C682418043C24680438002CE1D110 +:1061B000013ADDE7A868043A845888688058844228 +:1061C00002D803D3013BDFE70120E0E70120404292 +:1061D000DDE7F0B5160089B007930E9B07005A68FB +:1061E0007368069101339A425BD30E9B986800282E +:1061F00057D092000021EAF7A2FA0E9B9B68059304 +:1062000073680193069B019A5B680393934200D9DC +:106210000392019B059C01339B0002930023009392 +:10622000009B019AB868934214D1029B029A191FED +:10623000059B5918EAF767FA31003800FFF790FF1D +:1062400000282ADBBA68B1680098FFF74AFA0020F4 +:1062500009B0F0BD009B22009B001B5803980493DB +:10626000069B9968049B0D685D432368ED18079BA6 +:106270005D43049BFFF759FA22002B00B168019897 +:10628000FFF753FA0022049B2360029BE3185A6035 +:10629000009B043401330093C2E70E9BB9689A68EF +:1062A000D2E704204042D3E7436870B59C00002B3E +:1062B0000DD14C68A500002C12D1250000221D43F1 +:1062C000954202D09C4214D20268100070BD8268D0 +:1062D0001219043A1268043C002AEAD1013BE6E7AD +:1062E0008A685219043A1268043D002AE5D1013C3B +:1062F000E1E70D686A429C42E7D80268002A01DDA6 +:10630000002D14DB002D01DD002A12DB9C00002B88 +:1063100001D11A00D9E78568043C2E598D682D59A2 +:10632000AE42D2D801D25242CFE7013BEFE7012281 +:10633000CBE70122F7E71FB5CA178B18534000932C +:106340000123C9179943C91802936B46019101A90A +:106350000393FFF7A9FF05B000BDF7B505000C00DA +:106360001700904202D088422ED13C00012367687A +:106370002B60BA00002F2ED139002800FFF72EFC29 +:106380000190002825D1A368AA689C46110004004A +:106390000600B300B74227D1D218002C19D06B6881 +:1063A000771CB34208D839002800FFF717FC0028F3 +:1063B00029D1AB68B2009A1813683E00E318A342D3 +:1063C000A44108C26442E8E7FFF730FC01900028CE +:1063D000CBD00198FEBDA3689B18043B1B68043A10 +:1063E000002BC9D1013FC5E76046C0580B68013694 +:1063F000E318A342A4411B1808C183429B41644295 +:106400005B421C19C5E70190E3E7F0B50F0085B0CA +:106410000600110038001500FFF7A2FE00282FDB50 +:1064200001230193002302930393B54206D129006F +:1064300001A8FFF7FBFB041E14D101ADB7420BD13D +:1064400001236868A96833608300002810D1B2680E +:10645000FFF747F9002405E039003000FFF7E6FBBD +:10646000041EEDD001A8FFF7A5FB200005B0F0BD8C +:10647000CA18043A1268043B002AE8D10138E4E75C +:106480000A246442F1E7F8B50D68136804006B4311 +:106490000E001700002B17DA11003000FFF760FE26 +:1064A000002808DB3A0031002000FFF7AEFF00288B +:1064B00009D1256007E0320039002000FFF7A5FF71 +:1064C0006D420028F5D0F8BDFFF747FFEFE7F8B5BC +:1064D0000D68136804006B430E001700002B17DDD6 +:1064E00011003000FFF73CFE002808DB3A003100C5 +:1064F0002000FFF78AFF002809D1256007E032005D +:1065000039002000FFF781FF6D420028F5D0F8BD6B +:10651000FFF723FFEFE71FB5D4171319634000936C +:106520000123D2179A43D21802936B46019201AA13 +:106530000393FFF7A8FF04B010BD1FB5D4171319BC +:10654000634000930123D2179A43D21802936B46FB +:10655000019201AA0393FFF7BAFF04B010BDF0B592 +:106560000023160001228BB005000F000492059352 +:106570000693079208930993884206D1010004A864 +:10658000FFF754FB041E30D104AFB54206D12900F9 +:1065900007A8FFF74BFB041E27D107AE7B680293C9 +:1065A0009A00029B002B29D1736801939A00019BEA +:1065B000002B2ED1029B019A28009918FFF70EFBA1 +:1065C000041E12D101002800FFF7B9FB041E0CD1F4 +:1065D000019B9B000393039B043B0393019B002BB4 +:1065E00022D13A68336853432B6007A8FFF7E2FAD9 +:1065F00004A8FFF7DFFA20000BB0F0BDBB689B18C2 +:10660000043B1B68043A002BCED1029B013B029352 +:10661000C7E7B3689B18043B1B68043A002BC9D139 +:10662000019B013B0193C2E7AB68039A03999A1857 +:10663000B36802985B58B968FFF777F8019B013B94 +:106640000193C8E71FB50123019302936B460092A3 +:1066500001AA0393FFF783FF05B000BDF0B58B1EC1 +:1066600087B005000F0000920E2B04D90424644269 +:10667000200007B0F0BD0123002400980393049488 +:106680000594EAF7C9F906000190102F3DD1384B67 +:106690009842EBD81F21830019404A1E91415B09A3 +:1066A000C9182800FFF79AFA041E06D10100280035 +:1066B000FFF745FB0400071E23D003A8FFF77AFA73 +:1066C000D6E7012E06D1009B1B782D2B02D12E3B45 +:1066D0002B60F2E7009B013E9A5D102102A8FEF7B5 +:1066E000E5FF002842D11C21AA68FB089B00D318B3 +:1066F000BA000A400299013791400A0019680A431A +:106700001A60002EDDD10024D7E721002800FFF712 +:1067100016FB0400061ED0D1019B9E42F3D0002E32 +:1067200007D1009B1B782D2B03D12E3B2B6001360C +:10673000F2E7009B39009A5D02A8FEF7B7FF041E3E +:10674000BBD13A00290003A8FFF77CFF041EB4D197 +:106750002B68029A03A92800012B04D1FFF7DBFE66 +:10676000041EE4D0A9E7FFF7E8FEF9E70400A4E778 +:10677000FFFFFF3FF0B5A1B0049002911800002187 +:1067800016000693FFF7D7FD002800D18FE1032301 +:10679000002401251B9306991DAB30000E950F9424 +:1067A00010941195129413941495159416941795AA +:1067B000189419941A951C93FFF7D2FCA04227DA7B +:1067C000049BA34206D1029B002B1AD10024200077 +:1067D00021B0F0BD21000498FFF7B1FA041EF2D0F9 +:1067E0000EA8FFF7E7F911A8FFF7E4F914A8FFF7DF +:1067F000E1F917A8FFF7DEF90C211DA8F2F792FCCA +:10680000E5E731000298FFF711FA041EE8D1DDE751 +:1068100031000EA8FFF70AFA041EE1D1069911A86B +:10682000FFF704FA041EDBD1736814A8991C1195B4 +:106830000E95FFF7D3F9041ED2D1010014A8FFF77B +:106840007EFA041ECCD1022117A8FFF7C7F9041E57 +:10685000C6D111A8FFF7E3FA1F231840984270D061 +:106860001B1A19000EA80593FFF7E2FB041EB7D10F +:10687000059911A8FFF7DCFB041EB1D10F9B129DF7 +:106880000093013B01936B1E0893019B6A1E9F1AA4 +:106890007B01190011A80393FFF7CAFBBF00041E78 +:1068A0009ED111A90EA8FFF7FFFC00284BDA03992F +:1068B00011A8FFF711FC041E92D17E4A089B944652 +:1068C0009B0009937C4BEB189B000B93009B63444C +:1068D0009B000093AB005B420D93EB065B1B0C939C +:1068E000019B089A93423BD8049B002B0BD014A920 +:1068F0001800FFF79BF9002821D1069B32681B681E +:106900005343049A1360029B002B00D168E705995A +:106910000EA8FFF7E1FB002811D133680EA90298F9 +:106920000E93FFF783F9011E00D0BEE00298FFF737 +:1069300002FD002800D053E70123029A13600400EF +:106940004EE705949AE7169B0EA9DB191A68080012 +:1069500001321A6011AAFFF7BAFD041EA1D03FE769 +:106960000098109B8446009A07939F18139B099ADE +:1069700039689A580D9B6344039303000798043BBE +:10698000C3180A930398169B1D18914202D3012342 +:106990005B420BE00A9B186801235B42002A05D08A +:1069A0000023ECF74DFC03000029F0D1019A2B6085 +:1069B0000023012A05D0009A079B94466344083BB4 +:1069C0001B681D930A9B1B681E933B681F932B68D3 +:1069D00001332B60169B039A00219B181A6817A895 +:1069E000013A1A60FFF7ABF90028A8D1089B139A67 +:1069F000002B01D00B9BD058199B09991860525855 +:106A000017A95A60169B039A08009A580793FFF734 +:106A100019FE002893D11AA917A8FFF745FC0028F2 +:106A2000D8DC169B039A11A99A5817A80793FFF769 +:106A300009FE002883D1019B0C9A17A89D186D01AF +:106A40002900FFF7F5FA002800D078E70EA9080022 +:106A500017AAFFF73CFD011E27D10EA8FFF76BFC1C +:106A600000281BDA11A917A8FFF7E0F8002800D0CA +:106A700065E7290017A8FFF7DBFA002800D05EE7DA +:106A80000EA917AA0800FFF7FEFC002800D056E761 +:106A9000169B039A9B181A68013A1A60019B013BE6 +:106AA0000193009B043B00931AE70C0098E60C242A +:106AB00064428CE6FFFFFF3FFEFFFF3F70B504001E +:106AC0000D00100000211600FFF735FC002825DB23 +:106AD0002A00330021000020FFF74CFE051E08D0DD +:106AE000280070BD320021002000FFF7CCFC0028F8 +:106AF00012D100212000FFF71EFC0028F2DB31003C +:106B00002000FFF7D1FB0028EADB32002100200043 +:106B1000FFF7DDFC0028F2D00500E1E70A256D4211 +:106B2000DEE710B5002A0FD011DB0023012A05D0C3 +:106B3000022A06D18B68013A1B68134003600020CB +:106B400010BDFFF70BF8FBE70C204042F8E70A20E6 +:106B5000FBE70000836873B51B6806000E4DDB077A +:106B600013D40E20404214E021003000FFF7E3FB75 +:106B700000280FDD2200310001A8FFF7D2FF002816 +:106B800007D1019B0435002BEBD02C68002CEBDCEB +:106B9000002076BD0120FCE740F90110F0B5C04CA3 +:106BA0000E00A54403900021180008921F00FFF773 +:106BB000C2FB002800DC15E2BB681C68E30700D4B8 +:106BC00010E200210898FFF7B6FB002800DA09E27E +:106BD000082303210222A51C6D001D402D192B0046 +:106BE00063430139D31A5D430029F8D1C02201243F +:106BF000D2001AA80F91109112911391159116912C +:106C00000E9411941494E9F79AFD0898FFF707F988 +:106C10000622A44B049298420CD805230493EF2833 +:106C200008D8013B04934F2804D80494172801D9AD +:106C3000013B04937B680398013319000593FEF729 +:106C4000CDFF041E00D054E105991DA8FEF7C6FF34 +:106C5000041E00D04DE1059B11A85900FEF7BEFFB0 +:106C6000041E00D045E133680A93013309D1310095 +:106C700014A8FEF7DBFF041E00D03AE1012314AE96 +:106C80001493CB230AAADB009B181B68002B08D0A7 +:106C9000CB23DB009B181B689B680593002B00D05F +:106CA0009EE001210EA8FFF74AF8041E00D020E163 +:106CB0007B680EA89901FFF7BBF9041E00D018E10C +:106CC0000EA93A000800FFF7F9FE041E00D010E1FB +:106CD000CB230AAADB009B181B68002B08D0CB2310 +:106CE0000C220AA8DB001B1818680EA9E9F70BFD97 +:106CF00039003000FFF7D8FA002879DB3A0031007C +:106D00001DA8FFF7DBFE041E00D0F2E06B420593E6 +:106D100011AB00933A00059B0EA91DA8FFF759FA85 +:106D2000041E00D0E5E00EA90398FEF77FFF041EC5 +:106D300000D0DEE001250DAB199311AB00933A00B2 +:106D4000059B17A903980D9517951895FFF741FA1C +:106D5000041E00D0CDE0049BAB424ED100252E0096 +:106D6000089B07955B6809950693099B002B00D04B +:106D70009FE0069B002B00D096E00125049B9D40E0 +:106D8000069B079A934200D008E101250DAB1993A9 +:106D900011AB00933A00059B17A903980D95179521 +:106DA0001895FFF716FA041E00D0A2E00A9B0133E3 +:106DB00000D09EE0089B5B680593002B00D198E013 +:106DC000089B9B681B682B4200D192E0039B0A9AA8 +:106DD00039001A6018001A00FFF755FB040088E01C +:106DE000CB230AA9DB005B180C2219680EA87DE7EB +:106DF00031001DA8FEF71AFF85E70C262A00049B28 +:106E0000013B9E409A401AAB9E197B683000591C8A +:106E10000692FEF7E3FE041E6BD11DA93000FEF7BB +:106E200005FF041E65D111AB00933A00059B3100AC +:106E30003000FFF7CEF9041E5BD1049B0135AB4255 +:106E4000F1D10123049A069E934001360793079BD4 +:106E5000B34200D882E70C2373431AAA9D18069305 +:106E60007B682800591CFEF7B9FE041E41D117AA01 +:106E70009446069B280063441900FEF7D7FE041EC3 +:106E800037D111AB00933A00059B1DA92800FFF7ED +:106E9000A0F9041E2DD10136D9E7150065E7C046DB +:106EA00094F9FFFF9F020000069B013B06932023FD +:106EB0000993099B013B0993089B9B680B93069BD5 +:106EC0000B9A9B009B58099AD340012213402A0039 +:106ED0001A43E2D0002B34D1012D32D1039911ABEA +:106EE00000933A00059B0800FFF773F9041E00D1D8 +:106EF0003BE701263500049B0C27013B9D40049B8A +:106F00009E40AE4266D81DA8FEF754FE11A8FEF7BB +:106F100051FE14A8FEF74EFECB230AAADB009B18F5 +:106F20001B68002B06D0CB23DB009B181B689B68DB +:106F3000002B02D10EA8FEF73DFE20002B4B9D44F6 +:106F4000F0BD079A0225013207920799049A521A56 +:106F500093401E43049B8B4200D006E70025039913 +:106F600011AB00933A00059B0800FFF732F9041EAD +:106F7000BFD1049B0135AB42F1D80C2171431AAB50 +:106F8000591811AB00933A00059B0398FFF721F9BC +:106F9000041EAED1012506000790E6E6039911AB69 +:106FA00000933A00059B0800FFF713F9041EA0D1D7 +:106FB00076002E4203D1069B01330693E0E611AB27 +:106FC00000933A00059B1DA90398FFF702F9041EE0 +:106FD000F1D08EE7380068431AABC018FEF7EAFD1F +:106FE00001358EE704246442A7E7C0466C06000022 +:106FF00070B500231500012286B006006846009295 +:1070000001930293039204930593FEF70FFE041E6F +:1070100055D1290003A8FEF709FE041E4FD168468A +:10702000FEF7DDFE050003A8FEF7D9FE854200D974 +:10703000050029006846FFF74FF8041E3FD12900DC +:1070400003A8FFF749F8041E39D1012303930093E5 +:1070500000216846FFF76FF900280BD1290003A82B +:10706000FEF7E6FF041E2AD103A93000FEF7DEFD7D +:10707000040024E06846FEF7B2FE01006846FFF710 +:107080002BF8041E1BD103A8FEF7A9FE010003A8DC +:10709000FFF722F8041E12D103A96846FFF704F98E +:1070A000002815DB03AA69466846FFF7AEF9041EFF +:1070B00005D101216846FFF70FF8041EC8D06846C5 +:1070C000FEF778FD03A8FEF775FD200006B070BD41 +:1070D00003A96A460800FFF798F9041EEFD10121C1 +:1070E00003A8E8E7F7B503240C400193631E9C4115 +:1070F0008B08E418436805000F000092A34207D1F3 +:1071000000212800FEF71BFE061E0FD03000FEBD3A +:10711000FEF750FD01232B60002321006B60AB6064 +:107120002800FEF75BFD061EEAD0EFE7AB68A10082 +:10713000C91B59183A000198009B9847002CE5D0CC +:107140002100A868FEF7F8FCE0E70000F0B599B070 +:10715000069207930122002305910500010009A86A +:1071600009920A930B930C920D930E930F92109326 +:107170001193129213931493159216931793FFF78A +:10718000DCF9041E10D109A8FEF729FE09A9039015 +:107190000CA8FEF74BFD041E06D103990CA8FEF7C0 +:1071A0009BFF0400071E2ED009A8FEF703FD0CA8C4 +:1071B000FEF700FD0FA8FEF7FDFC12A8FEF7FAFC93 +:1071C00015A8FEF7F7FC200019B0F0BD09A912A818 +:1071D000FFF76AF800281ADA012112A8FFF7ABF8C6 +:1071E000002814DD15AB12A900930CAA2B0008008F +:1071F000FFF7D4FC002867D109A912A8FFF754F8BB +:1072000000282ED10137059B9F42CDD020266B68E8 +:10721000069A990012A8079BFFF764FF002853D134 +:1072200012A8FEF7FCFD049009A8FEF7F8FD049BE8 +:10723000834210D9139B254A14999A1892008A18F0 +:1072400023495B185B01DB43181801235B42834031 +:10725000116899431160013E002EB7D10E2464429B +:10726000A2E7012112A8FFF766F801260028C9D07D +:1072700009A912A8FFF718F8039B9E4215D200280F +:1072800013D012AA11000FA8FFF769F900281BD12B +:107290002A000FA912A8FFF711FC002814D1012120 +:1072A00012A8FFF748F800280CD109A912A8FEF788 +:1072B000FBFF0028D2D1012112A8FFF73CF80028DB +:1072C000A0D1CBE70136D3E704006DE7FFFFFF3F16 +:1072D000FFFFFF07F0B59FB001900F0010000121E4 +:1072E0001600FFF728F8002800DC2FE10023012515 +:1072F0003200390003A806950793089309950A936D +:107300000B930C950D930E930F951093119303957A +:10731000049305931295139314931595169317934D +:10732000189519931A931B951C931D93FFF760FEF4 +:10733000041E4FD1290003A8FEF7FDFF002800D04E +:1073400001E13200390006A8FFF7B8FB041E41D165 +:1073500006A909A8FEF76AFC041E3BD1310012A859 +:10736000FEF764FC041E35D1310015A8FEF75EFC63 +:10737000041E2FD129000CA8FEF7E1FC041E29D120 +:1073800001000FA8FEF7DBFC041E23D1010018A8A2 +:10739000FEF7D5FC041E1DD129001BA8FEF7CFFC6B +:1073A000041E17D10B9B1B682B425FD1290009A833 +:1073B000FEF792FE041E0DD10E9B1B682B4227D1B7 +:1073C000119B1B682B4223D129000CA8FEF784FED9 +:1073D000041E2CD006A8FEF7EDFB09A8FEF7EAFB79 +:1073E0000CA8FEF7E7FB0FA8FEF7E4FB03A8FEF7E7 +:1073F000E1FB12A8FEF7DEFB15A8FEF7DBFB18A8E1 +:10740000FEF7D8FB1BA8FEF7D5FB20001FB0F0BD90 +:107410000CA912AA0800FFF736F8041EDAD10FA94A +:1074200006AA0800FFF753F8041ECDD0D2E72900C2 +:107430000FA8FEF751FEB3E7290015A8FEF74CFE92 +:10744000041EC7D11A9B1B682B4249D11D9B1B6888 +:107450002B4245D1290018A8FEF73EFE041EB9D1E3 +:1074600029001BA8FEF738FE041EB3D1179B1B682A +:107470002B42E1D015A909A8FEF716FF00283FDB33 +:1074800009A915AA0800FFF722F8041EA2D10CA929 +:1074900018AA0800FFF71BF8041E00D09AE71BAAE1 +:1074A0000FA90800FFF713F8041E00D092E700218F +:1074B00009A8FEF740FF002800D073E7002118A8B4 +:1074C000FEF739FF00282EDB310018A8FEF7ECFE8E +:1074D000002830DA18A90198FEF7A8FB040079E724 +:1074E00018A912AA0800FEF7CEFF041E00D071E70B +:1074F0001BA906AA0800FEF7EAFF041EAAD069E746 +:1075000015A909AA0800FEF7E2FF041E00D061E7F2 +:1075100018A90CAA0800FEF7DAFF041E00D059E7EC +:107520000FAA1BA9BDE718A932000800FEF7ABFFA0 +:10753000041EC3D04EE718A932000800FEF7C7FFAB +:10754000041EC1D046E70E24644243E7042464428B +:107550005BE7F0B501271E00436887B0049383689A +:107560000C0003A800211500039701930593FEF773 +:10757000E2FE00281CD0390003A8FEF7DCFE00283C +:1075800016D0022103A8FEF7D6FE002806D003A8D5 +:10759000FFF7E0FA002804D0B84200D1002007B07D +:1075A000F0BD33002A00210003A8FFF7CFFDF6E766 +:1075B0000E204042F3E70000F0B58BB00093734B10 +:1075C0000292CA1E07000E009A4200D9DBE0012396 +:1075D00007930023089309931F330B405A1E9341CE +:1075E00002254A099B18029A2A4200D085E0684A7F +:1075F000914213D8674A013591420FD8664A013546 +:1076000091420BD85E22FF320435914206D80435F0 +:10761000F92903D80635952900D809359A005B0168 +:1076200003920193043A9B1B04920593109B009ACA +:1076300003993800FFF756FD041E00D08CE0BA68AD +:107640000499564B52589A42F0D9019B9E4200D25F +:107650007BE001220120B9680B681A430A60029A94 +:10766000024200D17EE0032213430B6006A83900DA +:10767000FEF774FA041E6FD1069B002B00D07DE04C +:10768000082239003800FEF746FF041E64D1390095 +:1076900007A8FEF7CBFA041E5ED1012107A8FEF76A +:1076A0001BFD041E58D13800FFF754FA041E14D1F4 +:1076B00007A8FFF74FFA041E0FD1109B009A29006C +:1076C0003800FFF743FD041E07D1109B009A2900E4 +:1076D00007A8FFF73BFD041E3ED023000E333BD12D +:1076E0000C2239003800FEF716FF041E34D107A91A +:1076F00006220800FEF70FFFD3E7294A042591422E +:107700008CD8284A0135914200D987E7264A0135AD +:10771000914200D982E71F4A0135914200D97DE7A5 +:10772000224A0135914200D978E7F422FF3205352B +:10773000914200D972E70F35F92900D96EE70C356F +:10774000952900D96AE70B3568E705993800FEF7F7 +:10775000C3FC041E00D17CE707A8FEF72BFA20002B +:107760000BB0F0BD109B009A29003800FFF7F1FE26 +:10777000030004000E3300D158E7EDE70422012B8B +:1077800000D084E77DE704246442E8E7FD1F0000A1 +:1077900013050000510300008902000033F304B513 +:1077A000A90500007D040000E7030000ED020000D1 +:1077B000F0B599B00893249B039006910492209D04 +:1077C000022B04D10D246442200019B0F0BD249B8B +:1077D000102BF7D8DB07F5D41E9B073B062BF1D8FF +:1077E000FF231B029D42EDD80F221E9B1120D9B210 +:1077F000521AD3B209932B005A1E93419A010E23B9 +:107800005B1ADBB20593249B0899023B5B08DB0003 +:107810001343059A13430CAA137008AB1E9AC018A1 +:10782000E8F771FF1F2308AA9B181E2208A9521807 +:107830000599049C521A1C70013B240A9342FAD108 +:10784000002CBFD110AE102221003000E8F777FFE6 +:10785000220031000CAF535CD05D434053540132E1 +:10786000102AF8D10BAB009303980B0000F016FB25 +:10787000041EA9D1002D3CD13120059B14AC2370EE +:1078800008AB1E9A0899C018E8F73DFF1E9B099A9D +:10789000581C20180021E8F752FF01231026E3733B +:1078A000049B002B7BD13F223E2108ABC918D21884 +:1078B000059BC91A049B1370013A9142FBD10BAB93 +:1078C0000CAD009310222B0014A9039800F0E6FAE7 +:1078D000041E00D078E7030010A95A5CE85C42401F +:1078E0005A540133102BF8D1249A2398E8F70BFF50 +:1078F0006AE71223010008A81B1818000E22E8F7F7 +:107900001EFF2B0A3B707D702F000E2D00D90E2715 +:107910001223002608A81B181F993A001800E8F740 +:10792000F2FE10A90CA8735C325C5340735401360C +:10793000102EF8D10BAB009332000B00039800F02F +:10794000ADFA041E00D03FE71F9BED1BDB19079328 +:10795000002D91D02F00102D00D937000CAC320033 +:1079600000212000E8F7EBFE07993A002000E8F735 +:10797000CAFE002310A95A5C185D42405A540133D4 +:10798000102BF8D10BAB009332000B00039800F0E2 +:1079900085FA041E00D017E7ED1B079BD6E7049D70 +:1079A000102D00D93500069B002B2BD00BAB0CAF54 +:1079B000009332003B0014A9039800F06FFA041EF4 +:1079C00000D001E7AC423BD3069B012B41D03F22C4 +:1079D0003E21229B5B192293219B5B192193049BDF +:1079E0005B1B049308ABC918D218059BC91A1378FE +:1079F0000133DBB21370002B00D051E7013A914202 +:107A0000F5D14DE70CAC320006992000E8F797FE5F +:107A100021992A002000E8F776FE069B10A95A5CFF +:107A2000185D42405A540133102BF8D10BAB009330 +:107A300032000B00039800F031FA041EB6D0C3E602 +:107A4000219B3A5D1B5D5340229A13550134E4B2E9 +:107A5000B8E70CAC320000212000E8F770FE229954 +:107A60002A002000E8F74FFE002310A95A5C185D99 +:107A700042405A540133102BF8D10BAB0093320023 +:107A80000B00039800F00AFA041EA0D09CE610B583 +:107A900044220021E8F753FE10BDF8B5040016009B +:107AA0000800012219001D0000F076F9071E12D00F +:107AB0004369102B0FD1200000F08AF93900200013 +:107AC00000F0B6FB002805D101232A003100200078 +:107AD00000F096F9F8BD0D204042FBE710B5041EFA +:107AE00005D000F075F944212000F1F71BFB10BD13 +:107AF00010B588B00F9C009306940E9C130005945B +:107B00000D9C0A0004940C9C002103940B9C02948D +:107B10000A9C0194FFF74CFE08B010BD10B586B06A +:107B20000D9C002C0ED005940C9C04940B9C03948B +:107B30000A9C0294099C0194089C0094FFF7D8FFCA +:107B400006B010BD0D204042FAE770B50C008CB0B5 +:107B50001399159D0491129908AE03911199009300 +:107B600002911099130001910695059622000121BA +:107B7000FFF71EFE031E08D00CB070BD149AF15C16 +:107B8000D25C01334A401043DBB2AB42F6D300284B +:107B9000F2D013982100F1F7C5FA0F204042EBE72D +:107BA00010B586B00D9C002C0ED005940C9C04944E +:107BB0000B9C03940A9C0294099C0194089C0094D9 +:107BC000FFF7C3FF06B010BD0D204042FAE70023C7 +:107BD00010B5891A8B4200D310BDC4180133A154CB +:107BE000DBB2F7E7F0B5002821D0002A1FD04318F8 +:107BF000013B1D784E1BA9429B4116606A426A41B7 +:107C00005B42134300228A4205D1581E83415842E9 +:107C1000084B1840F0BD845C6C40A44600246746C5 +:107C2000B24264417C432343DBB20132EBE70248BA +:107C3000F0E7C046009EFFFF009FFFFF802330B5A6 +:107C400000248354891A7F3B8B4200D330BDC51872 +:107C50000133AC54DBB2F7E770B5012300268D1A6F +:107C6000AB4203D340180138057070BDC418A41886 +:107C7000013C01332670DBB2F2E70000F0B50028CA +:107C80001ED0002A1CD04C1E035DCD1A994289419A +:107C900015605A4253414942194300231E009C4239 +:107CA00005D8481E8141484206490840F0BD3200CF +:107CB000AB427241C75C01337A431143C9B2EEE76C +:107CC0000148F3E7009EFFFF009FFFFF00238A4269 +:107CD00000D3704783540132F9E70000002804D034 +:107CE000002A02D00020116070470148FCE7C0461E +:107CF000009FFFFFF0B500281DD0002A1BD00024F4 +:107D000080231460002905D1581E834158420B4B33 +:107D10001840F0BD0139455C17686E1EB5410E0074 +:107D200025436C4066433E431660465C74436340A3 +:107D3000DBB22C00E6E70248EBE7C046009EFFFFFF +:107D4000009FFFFF70B5002814D0002A12D0002336 +:107D50001360002901D1080070BD4D1E445D661EF0 +:107D6000B4411C4363404B4311680B43136029002B +:107D70002300EEE70048EFE7009FFFFF054B1A687E +:107D8000002A05D0083319000C3909788142F6D150 +:107D900010007047ECFE011030B5094C2368002B31 +:107DA00001D1180030BD9D692D78854205D15D68EF +:107DB0008D4202D15D789542F3D00834EEE7C0469B +:107DC000ECFE011010B544220021E8F7B8FC10BD0C +:107DD00010B5041E13D0006C002805D02421F1F743 +:107DE000A1F9206CF1F78CF9E06B002803D023682F +:107DF0009B699B6A984744212000F1F793F910BDD5 +:107E000070B50468002C01D10C4870BD2569AD0720 +:107E100002D465689542F7D142600372012B03D00A +:107E20006578033D022D04D8A369DB69C06B9847D0 +:107E3000EBE7002BE8D1A3691B6AF7E7009FFFFF80 +:107E4000036870B506001400002B15D0102A11D855 +:107E50001A69D20703D4DB689C420DD31C000025AD +:107E6000AC4205D0300022002830E8F74CFCB46367 +:107E7000280070BD014DFBE7014DF9E7809FFFFF32 +:107E8000009FFFFF0368002B03D00023436218000C +:107E900070470148FCE7C046009FFFFFF0B5066849 +:107EA00089B004000491150006930E9F002E02D1A4 +:107EB000834809B0F0BD00233B6073690593737874 +:107EC0000793012B0DD1059B9A4200D0F2E00821C7 +:107ED000B3693A6041565D68049A069BC06BA84737 +:107EE000E7E7079B062B07D13A60069B049A290017 +:107EF000C06B01F036FBDCE7059B002B00D1DBE01B +:107F0000049B069A934208D1436A002BD0D105996D +:107F10002800EBF78FF90029CAD1079B022B7AD1F1 +:107F20000823E356606A002B11D1059BE2681B1AF7 +:107F3000002A10D0AB4210D314302A002018049924 +:107F4000E8F7E1FB636A5D1965620020B1E7012B88 +:107F500003D1059B1B1AAB42EED8002829D0059B04 +:107F600004991B1A14301A0020180793E8F7CBFB6A +:107F7000069A236808219B6901922200143200921C +:107F80009B6861561E002300059A2833E06BB047BA +:107F9000002800D08DE7059A3B6894469B183B600B +:107FA000069B079A63440693049B60629B180493A4 +:107FB000AD1A002DC9D005992800EBF73BF90E1E2C +:107FC00007D10823E356002B03D1E368002B00D030 +:107FD000059E2000049BAD1B591932001430E8F7B0 +:107FE00092FB636A9E196662002DAED023000821C1 +:107FF000069822682833926901900498615600908F +:108000009668E06B2A00B047002800D051E73B6833 +:108010005D193D604DE7079B032B12D10698B269AD +:10802000029004982300019020000821283000903D +:10803000D668243361562A00E06BB0470028E8D0A8 +:1080400037E7079B042B0DD1230022000698B16966 +:1080500001900498283300900E6924322900E06BC7 +:10806000B047EBE7079B052B10D10698B16902904A +:1080700004982300019020002200143000904E69E3 +:10808000283324322900E06BB047D7E7079B092B40 +:1080900014D1636A002B11D1230008210698B2691C +:1080A0000190049828330090966961562A00E06B8D +:1080B000B047C3E70348FCE60348FAE60348F8E69E +:1080C000009FFFFF809DFFFF809CFFFF809FFFFFC1 +:1080D000F7B5076804000E001500002F5AD00020E5 +:1080E00010607B78DA1E042A10D9092B0ED03A785A +:1080F000483A012A0AD9012B09D1606A4342584102 +:10810000C5224042D201264B1040C018FEBD022BB2 +:1081100042D10823E356626A012B29D1E368002B80 +:1081200002D150425041EBE72000A16B14300029EE +:1081300000D1F9689847200008212268143093691B +:108140006156019600909F68230052692833E06BC6 +:10815000B8470028DAD10822A2562368002A13D192 +:108160002469191E00D059692A003000A047CDE7C4 +:108170007B699342DFD0E368002B0FD1501E824110 +:108180005042074A1040C1E70200002B00D05A6954 +:108190002A60BBE70348B9E70348B7E70048B5E7FB +:1081A000809DFFFF009FFFFF809FFFFF026800B5DB +:1081B0000300002A21D05278022A1ED104291ED899 +:1081C0000800EAF7A7FF03090D1115000D4ADA6050 +:1081D0000D4A00201A6100BD0C4ADA600C4AF8E72B +:1081E0000C4ADA600C4AF4E70C4ADA600C4AF0E711 +:1081F00000200C4AD8601A61EDE70B48EBE70B480A +:10820000E9E7C046CF7B0110E57B01103D7C011002 +:10821000F57C0110597C01107D7C0110CD7C011092 +:10822000457D0110DD7C0110009FFFFF809FFFFF57 +:1082300070B504000D1E10D044220021E8F77FFA2B +:10824000AB695B6A9847E063002808D0256000218D +:108250002000FFF7ABFF002070BD0248FCE702489A +:10826000FAE7C046009FFFFF809EFFFF7FB50A9D93 +:1082700004001E00FFF7E4FD002819D12368002B3D +:1082800018D060620095099B089A31002000FFF722 +:1082900005FE00280CD12A68099B2000991803AA22 +:1082A000FFF716FF002803D12B68039A9B182B6059 +:1082B00004B070BD0048FBE7009FFFFF10B504004D +:1082C000FFF70CFC2000F0F71BFF10BD10B5442198 +:1082D0000120F0F70DFF041E01D0FFF7D8FB2000AE +:1082E00010BD10B513000A000221FFF7D6FB10BD28 +:1082F00010B5040001F061FA2000F0F701FF10BD95 +:10830000C82110B549000120F0F7F2FE041E01D08B +:1083100000F0C6FF200010BD10B513000A000221B6 +:1083200000F0C5FF10BD802110B549000120F0F715 +:10833000DFFE041E01D003F055F9200010BD10B57A +:1083400003F06CFA10BD10B503F0FAF910BD00008F +:1083500013B5002901D0012906D1059C0194049C84 +:10836000009403F0D9FB16BD0048FCE7009FFFFF17 +:1083700010B5040003F018F92000F0F7C1FE10BD9D +:1083800010B580210120F0F7B3FE041E01D003F0E8 +:1083900001F9200010BD10B503F0A4F910BD10B50F +:1083A00003F072F910BD1FB5089C0294079C01945C +:1083B000069C009404F01EF804B010BD13B5059C93 +:1083C0000194049C009403F0C3FF16BD1FB5089CE4 +:1083D0000294079C0194069C009403F033FF04B0C0 +:1083E00010BD13B5059C0194049C009403F0A8FAF9 +:1083F00016BD10B503F080FA10BD10B5041E04D0F0 +:1084000003F002F92000F0F77BFE10BD70B5102AD2 +:1084100004D01B25082A02D00C480EE08725013A1B +:1084200000231600002A09DA0023CB5680190278AF +:10843000DB112B4053400370002070BD8C5C640046 +:108440001C4384548B5C013ADB09EBE7009FFFFF80 +:1084500070B500249C4200D170BD0D5D165D754065 +:1084600005550134F6E7000070B5051E1DD0036800 +:10847000002B1AD0002918D00123FFF7C1FC041EDD +:1084800011D12B681B78022B0FD3042B01D9242B7D +:108490000BD124210120F0F72BFE002807D02864FF +:1084A0001021F0F73FFE200070BD024CFBE7024CAC +:1084B000F9E7C046009FFFFF809EFFFFF0B589B03F +:1084C00003900291170000285ED00368002B5BD058 +:1084D000002959D0046C002C56D0206A5D69002810 +:1084E0001FD02A1ABA421CD210302018E8F70BF914 +:1084F00021002B00220010312000FFF7A9FF07AB5D +:1085000000932A00230021000398FFF7C7FC061EF2 +:1085100020D1236A0299EA1A8A18DF1902927F1B76 +:108520002062681EC0192900EAF7FEFD01230590AC +:108530000493049B059A93420FD30026B74209D0B7 +:10854000206A3A00103020180299E8F7DCF8236A14 +:10855000DB192362300009B0F0BD2B002200029924 +:108560002000FFF775FF07AB00932A0023002100CE +:108570000398FFF793FC061EECD1029B7F1B5B194F +:108580000293049B0133D3E7004EE3E7009FFFFF14 +:10859000F0B593B0061E039100D17CE00368002B78 +:1085A00000D178E0046C002C00D174E0002900D1E7 +:1085B00071E0102106A85D69F0F7B4FD10210AA84A +:1085C000F0F7B0FD10210EA8F0F7ACFD33683000D5 +:1085D0005F6905AB00930EAB3A001900FFF75EFC34 +:1085E00000280BD13A000EA906A8FFF70FFF0028BC +:1085F00004D13A0006A90AA8FFF708FF27001021B6 +:108600000EA8F0F78FFD226A1037AA4240D32B0044 +:1086100006AA39000EA80FE09A4202D9F95CC154AB +:1086200004E000219A42FAD18021815401339D4215 +:10863000F2D12B0001000AAAFFF70AFF2B0022004B +:108640000EA92000FFF704FF05AB009330002300C4 +:108650002A002100FFF722FC061E04D12A00210077 +:108660000398E8F750F8102106A8F0F75BFD1021F9 +:108670000AA8F0F757FD0023102138002362F0F715 +:1086800051FD10212000F0F74DFD300013B0F0BD7A +:1086900000230EA8CBE7014EF7E7C046009FFFFF7F +:1086A000C023F0B5574C0E00A544029015005B00A6 +:1086B0009A4200D9A2E0D022002152003CA8E8F75B +:1086C0003EF81CA802F066FFF022F221002404AB61 +:1086D0009B1804AA1C8052182B0A1370F32204ABB7 +:1086E0009B181D703023053104AA521813703100F5 +:1086F0002A0042A8E8F707F88022A4AB5B19893B5F +:10870000FF3B1A7008A964540134202CFBD180224D +:108710001CA8520002F0B8FF041E50D10700193502 +:10872000039504AD102200212800E8F708F83CABBF +:10873000039E0193002301995A5DC95C4A405A5532 +:108740000133102BF7D1019B103301933300102E0E +:1087500000D91023F61A2A002B0001211CA803F0CF +:10876000CBF8041E2BD1002EE4D12A0010ABFB184D +:1087700013CA13C3126810371A603CAAD3780133A6 +:10878000D370302FCED1802210A952001CA802F045 +:108790007BFF041E13D1029F029E303718AD2B00C1 +:1087A0002A0001211CA803F0A7F8041E07D13300FA +:1087B00007CD07C32A6810361A60B742EED11CA84D +:1087C00002F0F2FED0213CA84900F0F7ABFC3021CA +:1087D00010A8F0F7A7FC202108A8F0F7A3FC1021AF +:1087E00004A8F0F79FFC002C03D030210298F0F78A +:1087F00099FC2000A5239B009D44F0BD38246442D1 +:10880000F7E7C0466CFDFFFFF0B58FB001910500A2 +:108810003022002102A8E7F792FF0026290002AAD1 +:10882000B3180F31681E0A780132D2B20A70002ADA +:1088300002D101398142F6D12F0020372A000121CF +:10884000380003F059F8041E19D11036302EE5D146 +:10885000019A02AB125D1B5D534002AA135501340D +:10886000302CF5D1802202A95200380002F00CFF12 +:10887000041E04D110220AA92800E7F744FF02A829 +:108880003021F0F74FFC20000FB0F0BDF0B5E5B09F +:108890000192C0228569040002911E005200954297 +:1088A0004BD8531BB34248D30199931B5B1B8B429C +:1088B00043D3002104A8E7F742FF27002300A03795 +:1088C000A433039318682A0004A93B68984700283A +:1088D00002D034256D422DE0A569002E08D0039802 +:1088E0003B68320004A9006898470028F1D1AD190F +:1088F000029B002B0AD0019B002B07D004ABE81889 +:10890000019A0299E7F7FFFE019BED1804A92A00DE +:108910000800FFF7C5FE051E07D104A92000FFF7D8 +:1089200073FF051E01D101232361C02104A8490062 +:10893000F0F7F8FB280065B0F0BD3825CAE710B5A0 +:10894000A82200210400E7F7FAFE01235B4223611D +:1089500010BD10B5041E06D0203002F025FEA8215F +:108960002000F0F7DFFB10BD10B50023FFF78EFFEE +:1089700010BD0000F0B5040025008BB00F001600FC +:108980000021202202A820350193E7F7D8FE280015 +:1089900002F000FE2300A0331F605E60A369002B7D +:1089A00001D13033A3612669002E05DAA3690026C0 +:1089B0002F2B01D85E1C76088022084B5200E36101 +:1089C00002A9280002F060FE002805D13300109AA9 +:1089D00001992000FFF75AFF0BB0F0BD10270000EF +:1089E000F0B51F00802393B0040001911500189E7C +:1089F000DB009A4260D880235B009E425FD8302221 +:108A0000002106A8E7F79BFE2369E269934202DC96 +:108A10006369002B13D0320039002000FFF7A4FF58 +:108A2000061E23D11027002D23D106A92000FFF711 +:108A3000EBFE061E12D12369013323610EE0002EE6 +:108A4000F0D03200390006A8FFF72AFE061E05D135 +:108A500006A92000FFF7D8FE061EE3D0302106A8A5 +:108A6000F0F760FB102102A8F0F75CFB300013B0B8 +:108A7000F0BD2200611E0F3213780133DBB2137098 +:108A8000002B02D1013A8A42F6D1200002AB22002B +:108A90000121203002F030FF061EDFD12E00102D04 +:108AA00000D93E00320002A90198E7F72CFE019B95 +:108AB000AD1B9B190193B6E736267642D6E73826DA +:108AC000FBE7002307B50093FFF78AFF0EBD000008 +:108AD000F0B58FB0040005A817001E000D00F6F7D2 +:108AE000D5FB00230293159B20000193149B3200B9 +:108AF000009305A93B00F6F7CDFE041E09D105A899 +:108B0000F6F706FD00280AD105A92800FDF78EF822 +:108B1000040005A8F6F72CFC20000FB0F0BD014CB6 +:108B2000F7E7C04680B0FFFF10B5E0220021040047 +:108B3000E7F705FE0023A370237010BD002370B576 +:108B400004000370051D01338370617028000E005E +:108B5000F6F7AAFB20008030FDF726F820008C30C5 +:108B6000F6F794FB2000B030F6F790FB2000D430ED +:108B7000FDF71AF831002800F8F774FC002800D03F +:108B8000004870BD80B1FFFF10B5041E19D0837876 +:108B9000012B12D10430F6F7F9FB20008030FDF7ED +:108BA00009F820008C30F6F7E3FB2000B030F6F730 +:108BB000DFFB2000D430FCF7FDFF00232370A370FF +:108BC000637010BD437870B50D000400160009787D +:108BD000002B08D1FFF7B2FF00280FD1A378012B9B +:108BE00004D00F480AE08B42F8D0FAE7012E06D1F4 +:108BF000290020008831B030F6F76CFC70BD002EE3 +:108C0000EFD12900200088318C30F6F763FC002872 +:108C1000F4D1290020007C318030FDF707F8EDE722 +:108C200080B0FFFFF0B585B00393837804000E0099 +:108C30001700012B04D1031D0293C36D002B01D13A +:108C4000174827E00B9B050001930A9B0200009345 +:108C50000300D4358033B03229000430FFF738FFE9 +:108C6000002817D12800FDF7FBF8039B8342E7D3C8 +:108C70000723E26D02981340591E8B41D2089B18BE +:108C80003360F6F7F9FA32683900022804D1280077 +:108C9000FDF758F905B0F0BD2800FDF78FF9F9E7A9 +:108CA00080B0FFFFF0B50600C7B005934EAB187853 +:108CB000F36D0691DF1D079200F0E4FEFF080490BB +:108CC00000285BD009A8FCF76FFF0CA800F080FD1E +:108CD0003A0025A90598FDF771F9051E3DD1F36D00 +:108CE000DC1D4D9BE4089C4200D91C0022004C99DD +:108CF00009A8FDF7F2F8051E2FD1F16DE4008C42B2 +:108D000025D834004C34210009A8FDF7CDFA0028FD +:108D10002CDA25ABD9193A0009A8FDF74FF9051E41 +:108D20001BD10CAC7B0025AA0499200000F006FEA4 +:108D3000134B039402934D9B079A01934C9B069906 +:108D400000933000059BF5F7B5FC050005E0611ABE +:108D500009A8FDF7C1F9051ED3D00CA800F087FEC5 +:108D600009A8FCF727FF280047B0F0BD09A9220099 +:108D70000800FDF7ACFB051ECBD0EEE7014DF2E796 +:108D8000639A011080B0FFFF1FB508AC24780294ED +:108D9000079C0194069C0094FFF784FF04B010BD6B +:108DA000F0B50400AFB005A81E000F001500FCF7D9 +:108DB000FBFE08A8FCF7F8FE230001967C3302971F +:108DC000009508AA05A92000FFF76CFF061E2AD10E +:108DD000B72308AA6B440BA904A8049304F081FFED +:108DE000041E1FDB05AA0BA904A804F07AFF0028C3 +:108DF00022DB25182A000BA904A804F0B1FE041EEA +:108E000010DB30220BA904A804F014FF002813DBA8 +:108E100064190419220004993498E7F774FC359B0F +:108E20001C603400260005A8FCF7C4FE08A8FCF767 +:108E3000C1FE30002FB0F0BD0400F3E710B50024F0 +:108E400086B004940B9C03940A9C0294099C0194A0 +:108E5000089C0094FFF7A4FF06B010BDF0B58DB0DC +:108E6000039206AE129A070009AD30009C180291D9 +:108E70000493FCF799FE2800FCF796FE302305AA20 +:108E8000210004A804F091FD00280AD0174BC71850 +:108E90003000FCF78FFE2800FCF78CFE38000DB088 +:108EA000F0BD049B059A9B189C421DD13200210005 +:108EB00004A804F0C7FD0028E8D12A00210004A876 +:108EC00004F0C0FD0028E1D13B0038008833019553 +:108ED0000096039A0299F5F7C1FC071ED8D1049BAE +:108EE000A342D5D0024FD3E7024FD1E780B0FFFFB6 +:108EF00000B4FFFF1AB0FFFF13B500240194049CD7 +:108F00000094FFF7ABFF16BD10B5F6F7F7F910BDEB +:108F100010B5002801D0F6F783FA10BD70B5060031 +:108F20000D00F6F7EFFA041E0FD1290030007C3156 +:108F30007C30FCF77BFE041E07D12900300088310D +:108F40008830F6F7C7FA041E02D03000FFF7E0FFC2 +:108F5000200070BDF0B595B00600019100921D0093 +:108F6000402B0AD9002304AA2900009802F0B3FA82 +:108F7000041E20D1402504AB0093019B03AF316850 +:108F80003B70331D7D70019300290FD00123022215 +:108F9000336039000198F8F765FD041E0BD12A00F3 +:108FA00000990198F8F75EFD040004E0301DF8F721 +:108FB0004DFD041EEAD004A84021F0F7B3F82000CC +:108FC00015B0F0BD0023F0B504003C2507001E00DD +:108FD000A5B0FC3401936D423B00F8331B689E4200 +:108FE0000BDB019B002B01D13D256D4204A88021A4 +:108FF000F0F798F8280025B0F0BD2369012B00D1C7 +:109000000193002325680393802203AB04A96068C1 +:10901000A847051EEAD1039B002B0AD0F1B204AA8F +:109020003800FFF797FF0028E5D1A368039A9B1843 +:10903000A36001361434CFE770B506000025C822BE +:109040000400F836520029003560FC30E7F777FB62 +:10905000200020C0F8F7E0FC3368132B0CDC14224E +:109060005A43A418054AFC3422602022E2601F3AC9 +:109070009B1865602261336070BDC04659E60210DE +:1090800070B504000430F8F7CDFC23000025200063 +:10909000C821F8331D60FC304900F0F743F8256023 +:1090A00070BDF0B595B0050003910292402A00D939 +:1090B0006CE081235B000193019B013B0193002B3A +:1090C0005FD02E00F8363368002B5DD02800FFF704 +:1090D00079FF041E3ED133686F1DFF379C460200A6 +:1090E0003B000121A4453CDC0029E5D03F2AE3D91F +:1090F0004022002104A82E1DE7F721FB04A930001F +:10910000F8F7BEFC041E25D13000F8F78BFC3000C8 +:10911000F8F782FC21003000F8F798FC041E19D102 +:10912000402204A93000F8F79DFC041E12D104AAC5 +:1091300003004021100002F0CEF9041E0AD1030002 +:109140000100F8352A689A4217DC029A04A90398AC +:10915000E7F7D9FA402104A8EFF7E4FF200015B0A3 +:10916000F0BD18685E68B04200D200219E68012EF2 +:1091700000D1121801341433B4E7396001331437C5 +:10918000E1E73C246442E5E74024FBE73C246442F9 +:10919000E4E70000F0B50F2589B00290C87B029B80 +:1091A0002840C00018180300C83303911C68816C64 +:1091B0005B68C06C0195019E039D0707AD5D0F269E +:1091C0002E402D0905950F2504960D40334EED00D8 +:1091D00075590E092D0406953E43250707093D43A1 +:1091E00007951F0725093D43AC46019D1F090F2D1B +:1091F00011D0049B0699D800029B079D1818030004 +:10920000C8331C685B684B4061464C40816CC06C45 +:109210007B407140684005070E092E430009250771 +:109220002843059DB446029EED0075192E001F07C8 +:10923000C83624093C43376876681B0973400F26FB +:109240003140164EC9007158AE6C09044B4061465E +:10925000ED6C7C406840019D71406E1E0196AAD263 +:109260001D0E15701D0C5570D3701D0A230E137141 +:10927000230C5371230A9371030E1372030C537260 +:10928000030A93720B0E13730B0C53730B0A957036 +:10929000D471D0729373D17309B0F0BDF80002108D +:1092A000C82210B552000021E7F749FA10BDF0B509 +:1092B00091B0029017000800012219001E00FEF76D +:1092C0006BFD051E00D1A2E04469102C00D09EE089 +:1092D0000298FEF77DFD29000298FEF7A9FF0028FD +:1092E00000D092E00123320039000298FEF788FD99 +:1092F000002800D089E001000B9022000CA8E7F7BD +:109300001EFA0BAB00930CAB220019000298FEF77B +:10931000C5FD002879D10F99029C0EBA0E990D9BBC +:10932000883409BA266061601ABA029C0C9BF83432 +:109330001BBA2261636100250024029FC8373C608C +:109340007D60029FBC64FD6404340325A4460127AC +:10935000E124374024066743CC070394490804916D +:10936000039976080E430499D40721435208DC0779 +:10937000224364465B087B40029FE4003C19A664DC +:10938000E164C8340CC46446013D6410A446002D59 +:10939000DDD103239C46013B03933B0048330493F8 +:1093A00080330593039B049ADB00D1180C00059AC7 +:1093B0000834D3181A6806925A68083307920A6864 +:1093C00008924A680992029A5032170080373E6824 +:1093D000069D6E401E607E68079D6E405E6016684A +:1093E000089D08336E4026605668099D08326E401D +:1093F000666008349142E8D1039B5B00039301232C +:109400005B429C446346002BCCD111B0F0BD1420CC +:109410004042FAE7F0B500278DB004000E00039239 +:109420001D000797BB4200D198E003006933FF336A +:109430001022390018000293E7F781F923007933ED +:10944000FF333900180010220493E7F778F9C4239A +:109450005B00E650230000200021F83318655965B1 +:109460009865D9650C2D1FD12A0003990298E7F75A +:109470004AF978230122FF33E25407AB009323001B +:109480005933FF33102202992000FEF707FD051E15 +:1094900007D12300139AF8339A65D865139B002BE4 +:1094A0003FD128000DB0F0BD08AE0C2239003000CD +:1094B000E7F745F9EB001A0E32731A0C72731A0AA9 +:1094C000B273F3732F00102D00D910272600039BD1 +:1094D0006936FA18FF3605923200117808001978BB +:1094E000013348400599107001329942F5D1029A32 +:1094F00020001100FFF74EFE039BED1BDB190393C9 +:10950000002DDFD108A933786A5C013553403370F0 +:109510000136102DF7D1029A20001100FFF73AFE14 +:10952000ABE7139E102E00D910262200129B793231 +:10953000FF32F01811781F78013379401170013231 +:109540009842F7D1049A20001100FFF723FE139BE5 +:109550009B1B1393129B9B1912939FE714256D423B +:109560009FE7F0B58DB0039300230793039B04009E +:109570000D001600934202D99B1A8B4267D3270035 +:109580002A000023F837386D796D12184B41994243 +:109590005DD801D190425AD80F2B58D802D1110072 +:1095A000203154D83A657B65002D02D128000DB0DA +:1095B000F0BD2F00102D00D9102722002100783295 +:1095C0007431FF32FF3113780133DBB21370002B9B +:1095D00002D1013A9142F6D1210007AB69310093E3 +:1095E000102208ABFF312000FEF758FC0028DED126 +:1095F000230008AA7933FF330592C4225200A258EF +:109600000492002A03D11A78315C4A401A70059AF4 +:10961000315C825C4A4003990A54C4214900615874 +:109620000491012902D119784A401A70013001339E +:109630008742E2D121007931FF310A002000FFF793 +:10964000A9FD039BED1BDB19F6190393ACE714206E +:109650004042ACE70300F0B5F83389B003921A6DCD +:109660009E6DDD6D0700586D039B0291510FD20076 +:10967000C4000192ED00720F043B0C431543F60049 +:109680000C2B52D839005931039AFF310298E7F771 +:109690003AF82200019B2A433343134302D10020AE +:1096A00009B0F0BD04AA2B0E13702B0C53702B0ABB +:1096B0009370330E1371330C5371330A9371230E6D +:1096C0001372230C5372230A9372019BD5701B0EE5 +:1096D0001373019BD6711B0C5373019BD4721B0A2D +:1096E00093731300019ADA733B007933FF3300223E +:1096F000190004AC1878A45C013260401870013382 +:10970000102AF6D10A003800FFF744FD00231A00A2 +:1097100002997932FF32C95CBA5C4A400299CA5454 +:10972000039A01339A42F2D1B9E714204042B7E7D5 +:1097300037B515001A00089B04000193079B00939E +:10974000069BFFF767FE00280CD10A9B099A2900A7 +:109750002000FFF706FF002804D10B9A0C99200087 +:10976000FFF778FF3EBD70B50C008CB01599139DC6 +:109770000491149908AE03911199009302911099E4 +:10978000130001910696059522000021FFF7D0FFF6 +:10979000031E07D00CB070BD129AF15CD25C01338D +:1097A0004A401043AB42F7D10028F3D0159821006E +:1097B000EFF7B8FC12204042ECE710B5041E06D0CB +:1097C000FEF706FBC82120004900EFF7ABFC10BDF7 +:1097D00010B564220021E6F7B2FF10BDF0B5050018 +:1097E00097B000680291039200F0EEFA029B01909C +:1097F0000127002B03D0039F7A1E974101370022D7 +:1098000005AB254C1A7004AB1B79BB421CD2280057 +:1098100000F0C2FA041E17D12E000C36019A310056 +:10982000280000F077FA041E0ED1012205A92800B5 +:1098300000F070FA041E07D1022F0CD006A92800F0 +:1098400000F078FA041E0ED006A84021EFF76AFC5B +:10985000200017B0F0BD039A0299280000F05AFAD0 +:10986000041EEBD0F0E7019A06A9280000F0F8F9F1 +:10987000041EE9D1019A3100280000F04BFA041EC1 +:10988000E2D13100280000F055FA041EDCD105AA0F +:10989000137801331370B6E700AFFFFFF0B5E3B004 +:1098A00001931600046D019A05000F002300002AA1 +:1098B00002D0032363435B088022520096423BD8C8 +:1098C0009B198032934237D8002102A8E6F737FF70 +:1098D000220002A9286EEB6D9847002802D00926C5 +:1098E000764226E0019B2C6D002B0AD002ABE118DA +:1098F0006208286EEB6D98470028F0D12B6D5B084D +:10990000E418002F08D0002E06D002ABE018320079 +:109910003900E6F7F8FEA419220002A92800FFF793 +:109920005DFF061E01D10123EB64210002A8EFF7C1 +:10993000F9FB300063B0F0BD0526D1E7F7B5019221 +:10994000012204000D001F0000F0DAF8002818D1F1 +:109950002600280000F038FA0C3602003100200002 +:1099600000F07EF900280CD1280000F02DFA01212A +:1099700002003000E6F7E3FE3A0001992000FFF70D +:109980002DFFFEBD10B50023FFF788FF10BDF0B519 +:10999000040085B000681E000291150000F014FA62 +:1099A00080230390DB009D4256D880230A9A5B00F7 +:1099B0009A4254D8E36D002B1CD0636D012B03D069 +:1099C000E36CA26D934215DD0A9A31002000FFF787 +:1099D000D9FF00281AD100230A93002D18D10A9A22 +:1099E00031002000FFF7FAFE00280FD1E36C0133AD +:1099F000E3640BE0002EF0D00A9B002BEBD01A00A2 +:109A000031002000FFF7EAFE0028E6D005B0F0BDE7 +:109A1000039B2F009D4200D91F00200000F0BCF9DD +:109A20000028F3D123000C33039A1900200001937E +:109A300000F070F90028E9D10199200000F07AF9CE +:109A40000028E3D13A0001990298E6F75CFE029BF8 +:109A5000ED1BDB190293C0E703204042D6E7052047 +:109A6000FBE7002307B50093FFF791FF0EBD10B58C +:109A7000041E05D000F018F864212000EFF752FB17 +:109A800010BD00000538C3B20020032B02D8024AE3 +:109A90009B0098587047C0467801021010B50C2200 +:109AA0000021E6F74CFE10BD10B5041E22D002685E +:109AB000002A1FD04368002B0DD0107905380328E9 +:109AC00006D8E9F727FB020218181800F7F770FF0D +:109AD0006068EFF715FBA068002807D02368997924 +:109AE0004900EFF71FFBA068EFF70AFB0C212000ED +:109AF000EFF718FB10BD1800F7F794FFE8E7000038 +:109B000070B504000D00160000292ED000282CD0BE +:109B100008790538032828D8E9F7FCFA02021A1A4E +:109B200094210120EFF7E4FA6060002801D1104889 +:109B300070BDF7F737FF002E14D0A9790220EFF798 +:109B4000D7FAA06000280DD12000FFF7ADFFEEE7A7 +:109B5000F4210120EFF7CCFA60600028E7D0F7F796 +:109B60005BFFE8E725600020E2E70248E0E7C04647 +:109B700080AEFFFF00AFFFFF10B5031E18D00268D4 +:109B8000002A15D010790538032811D8E9F7C2FA50 +:109B90000207090E01215868F7F71EFF10BD0021CA +:109BA000F9E701215868F7F751FFF7E70021F9E7D6 +:109BB0000048F3E700AFFFFF10B5031E12D00068A6 +:109BC00000280FD00079053803280BD8E9F7A2FA4E +:109BD000020206065868F7F70BFF10BD5868F7F742 +:109BE00041FFFAE70048F8E700AFFFFF10B5031E9A +:109BF00012D00268002A0FD01079053803280BD83C +:109C0000E9F788FA020206065868F7F7FFFE10BD6A +:109C10005868F7F735FFFAE70048F8E700AFFFFFAD +:109C200010B50C0011001A00002815D00079053875 +:109C3000032811D8E9F76EFA0207090E0123200064 +:109C400001F028FC10BD0023F9E70123200001F0FA +:109C500042FCF7E70023F9E70048F3E700AFFFFF16 +:109C6000F0B593B004000191170000284DD00368AF +:109C7000002B4AD08268002A47D09B79BB4214D27D +:109C8000FFF77AFF051E2DD13A0001992000FFF75A +:109C900093FF051E26D102A92000FFF7A7FF051E8E +:109CA00020D123685F7902AB01932368A6689A7973 +:109CB00036213000B518E6F742FD23685C219A7919 +:109CC0002800E6F73CFD00239F4212D12000FFF759 +:109CD00053FF051E06D1236831009A792000FFF753 +:109CE0006BFF0500402102A8EFF71CFA280013B013 +:109CF000F0BD0199F25CC95C4A400199F254EA5CFA +:109D0000C95C4A40EA540133DEE7014DEEE7C04644 +:109D100000AFFFFF10B5002808D00368002B05D066 +:109D20008368002B02D0FFF747FF10BD0048FCE717 +:109D300000AFFFFFF0B5040091B00E00002826D060 +:109D40000368002B23D08568002D20D069469F79B9 +:109D5000FFF74CFF002818D12000FFF70DFF002867 +:109D600013D12368E9199A792000FFF725FF00280D +:109D70000BD1236869465A792000FFF71DFF0028A0 +:109D800003D131002000FFF731FF11B0F0BD0148D1 +:109D9000FBE7C04600AFFFFF70B5041E10D003689C +:109DA000002B0DD08568002D0AD0FFF7E5FE0028B6 +:109DB00005D1236829009A792000FFF7FDFE70BDC8 +:109DC0000048FCE700AFFFFF002800D04079704753 +:109DD000002800D00079704770B505000E000C4CCB +:109DE00000280CD12E2040420DE062686B689A4238 +:109DF00004D1A968E6F778FC002805D0143420685F +:109E00000028F2D12E3870BD237C3370FBE7C046AA +:109E1000C803021070B505000E000C4C00280CD1D0 +:109E20002E2040420DE062686B689A4204D1A96816 +:109E3000E6F75AFC002805D0143420680028F2D137 +:109E40002E3870BD237C3370FBE7C0461002021031 +:109E500030B5084B1C68002C02D12E20404206E091 +:109E60001D7C854204D100205B680C60136030BD0E +:109E70001433EFE71002021070B505000E000C4C11 +:109E800000280CD12E2040420DE062686B689A4297 +:109E900004D1A968E6F728FC002805D0143420680E +:109EA0000028F2D12E3870BD237C3370FBE7C0460A +:109EB000D401021030B5084B1C68002C02D12E20B2 +:109EC000404206E01D7C854204D100205B680C60A6 +:109ED000136030BD1433EFE70003021070B50500C6 +:109EE0000E000C4C00280CD12E2040420DE0626880 +:109EF0006B689A4204D1A968E6F7F6FB002805D002 +:109F0000143420680028F2D12E3870BD237C3370C1 +:109F1000FBE7C04664030210F8B505000F00160009 +:109F20000C4C00280CD12E2040420DE062686B687A +:109F30009A4204D1A968E6F7D7FB002805D014346B +:109F400020680028F2D12E38F8BD237C3B70637C5A +:109F50003370F9E718040210002303604360704770 +:109F600010B5041E09D00368002B02D09B6A40681C +:109F7000984708212000EFF7D5F810BD0138C3B28B +:109F80000020032B02D8024A9B0098587047C04615 +:109F9000EC0D021070B505000E1E0AD00468002CEE +:109FA00007D14B6A98476860002804D020002E60D3 +:109FB00070BD0248FCE70248FAE7C04680C1FFFFD7 +:109FC00080C0FFFF031E03D00268131E00D0137869 +:109FD000180070470200012802D006384242424170 +:109FE00010007047064A01234A6002000B700B7391 +:109FF000044B083214308A600B6148617047C046D8 +:10A00000C40E0210CA0E02100238C3B2022200208F +:10A010009A4240417047806D7047000002230B70E8 +:10A02000024B88304B6088607047C046FC0D0210C0 +:10A030000238C3B2012200209A42404170470438DE +:10A0400043425841704710B50400F3F709FF200060 +:10A05000EFF756F810BD10B5AC210120EFF748F826 +:10A06000041E03D000221100F2F77EFE200010BD76 +:10A0700010B5F2F7EBFE10BD10B5F2F789FEC00087 +:10A0800010BD0000F0B585B01F0004000E001500E3 +:10A09000F2F77EFE0A9B18600B9B98420AD8029743 +:10A0A0000196009500230D9A0C992000F3F7E4F92E +:10A0B00005B0F0BD0048FBE700BCFFFFF0B585B080 +:10A0C000170004000D001E00F2F762FEB8420DD129 +:10A0D0000B9B029603930A9B019500930D9A012313 +:10A0E0000C992000F3F7B4FB05B0F0BD0048FBE786 +:10A0F00080BFFFFFF0B585B00D0017001E00040003 +:10A10000F2F746FE0B9B0D9A18600A9B0297039389 +:10A110000196009501230C992000F3F7F3FC05B09C +:10A12000F0BD0000F0B587B0059306000C001700E5 +:10A13000F2F72EFE0D9B0500984212D80C9B029759 +:10A140000393059B00940193002330001A0019002B +:10A15000F3F764FE002805D10D9B9D4202D2024810 +:10A1600000E0024807B0F0BD00C7FFFF80BCFFFF62 +:10A1700010B50400F5F754F92000EEF7C1FF10BD4B +:10A1800010B5AC210120EEF7B3FF041E01D0F5F7A6 +:10A19000B5F8200010BD10B5F5F7C0FE10BD10B524 +:10A1A000AC210120EEF7A4FF041E01D0FEF7ACFEA7 +:10A1B000200010BD10B50400FEF7AAFE2000EEF747 +:10A1C0009FFF10BD1FB5099C0394089C0294079C37 +:10A1D0000194069C0094FEF731FE04B010BDF0B56A +:10A1E0000400B1B005A80D0016001F00FEF78CFE9C +:10A1F000210005A8FEF792FE041E0ED1399B320005 +:10A200000393389B29000293379B05A80193369B43 +:10A2100000933B00FEF712FE040005A8FEF778FE4F +:10A22000200031B0F0BD000007B511001A00059BF9 +:10A230000093049BFEF760FE024B984200D1024857 +:10A240000EBDC04600B4FFFF00C7FFFFF0B504001D +:10A25000AFB003A80D0016001F00FEF755FE210049 +:10A2600003A8FEF75BFE041E0AD1359B3200019362 +:10A27000349B2900009303A83B00FFF7D5FF04009F +:10A2800003A8FEF745FE20002FB0F0BD70B58AB0E0 +:10A290001600302309AA04000D0003F086FB0028F5 +:10A2A00002D0294BC01805E02368099A9B189D42EB +:10A2B00002D026480AB070BD022309AA2900200056 +:10A2C00003F073FB0028ECD10690059004900390F6 +:10A2D0000290019000900300099A21683000F2F783 +:10A2E00085FB002801D01848E4E72368099A290073 +:10A2F0009B18236009AA0223200003F056FB0028C4 +:10A30000CFD1099B04900693236803900593029094 +:10A31000019000900300020001003000F2F766FB9C +:10A320000028E0D12368099A30009B182360F2F7D7 +:10A33000A3FB0028D7D13000F2F72CFD0028D2D1A2 +:10A340002368AB42B6D0B4E700C5FFFF9AC4FFFF55 +:10A35000F0B50368C3B004000E00062B10D103A9AA +:10A36000FFF758FD002800D054E1337803AA117894 +:10A37000002B00D049E13000F7F774F804001DE02D +:10A3800004A8F4F791FFA56863680295ED1823AA65 +:10A39000290002A803F050FB002805D09E4BC418EA +:10A3A000002C00D1A2E004E0239B013B022B08D942 +:10A3B000994C04A8F4F7EAFF002CD6D0200043B053 +:10A3C000F0BD302303AA290002A803F0EEFA041E10 +:10A3D000EFD1029B039A02A89F183900062303AA13 +:10A3E00003F0E3FA041EE4D1039A072A00D0C6E082 +:10A3F000029C8A492000E6F777F9002800D0BEE0E9 +:10A40000073405AA390002A8029403F01BFB0028B8 +:10A41000C4D105A8FBF703FD029B1A909F4200D010 +:10A42000ABE0302303AA290002A803F0BEFA041E01 +:10A43000BFD1029B039A02A89F183900042303AAE4 +:10A4400003F0B3FA0028A9D1039A029908A8FBF7F0 +:10A4500044FD0028A2D1029B039A39009B18029365 +:10A4600003AA042302A803F0A0FA002800D095E76D +:10A47000039A02990BA8FBF730FD002800D08DE766 +:10A48000029B039A39009B18029303AA032302A894 +:10A4900003F08BFA002803D1029B039A9B180293C6 +:10A4A000029B9F4269D1042303AA290002A803F05A +:10A4B0007CFA002800D071E7039B029A0EA904A839 +:10A4C000F5F7A0F800282DD1029B039A29009B18CC +:10A4D00002A817AA029303F0B5FA4F4BC41800283C +:10A4E00000D05DE717A8FBF79AFC1B9023A8F4F7B0 +:10A4F000DBFEF4F78DFE05002B78002B75D023A82A +:10A50000F4F744FF297823A8F6F7ACFF041E6DD1B9 +:10A510001A9B0093399B0193019A009B934230D080 +:10A520000135E9E73E4B984200D041E7029B1B789A +:10A53000023B012B00D93BE705A8FBF791FC0399EF +:10A54000431C02008B4200D032E7029B0EA8591C2C +:10A55000FBF7C3FC002800D02AE7029B11A819785A +:10A560000239FBF7ECFB002800D021E7012114A8F9 +:10A57000FBF7E5FB0028A7D01AE72A4C19E72A4C7D +:10A5800017E73A9A1B9B00929342C9D124A905A8C8 +:10A59000FBF78AFE0028C3D127A908A8FBF784FE91 +:10A5A0000028BDD12AA90BA8FBF77EFE0028B7D151 +:10A5B00036A917A8FBF778FE0028B1D12DA90EA85F +:10A5C000FBF772FE0028ABD133A914A8FBF76CFE91 +:10A5D0000028A5D1002111A8FBF7CBFB0021040026 +:10A5E00030A8FBF7C6FB84429AD1002423A8F4F7D5 +:10A5F000CDFE2A7803AB1A70002C00D0D9E62B7858 +:10A60000002B00D0D5E6064CD3E68B4200D1B2E653 +:10A61000014CD3E6054CD1E600C3FFFF66100210E3 +:10A6200080B1FFFF9AC2FFFF80C6FFFF00C6FFFF99 +:10A6300070B50C0016008EB005000BA8FBF7B4FA3D +:10A64000A119302309AA0AA80A9403F0AEF9002838 +:10A6500004D06B4BC41820000EB070BD099A0A9B41 +:10A660000AA89E18310008AA03F0E6F90028F0D1E4 +:10A67000089B002B00D0C0E0023309AA31000AA8D1 +:10A6800003F093F9041E00D0A6E006900590049014 +:10A6900003900290019000900300099A0A99280003 +:10A6A000F2F7A4F9041E00D096E00A9B099A310043 +:10A6B0009B180A9309AA02230AA803F076F9041E3C +:10A6C00000D089E0099B049006930A9B03900593B0 +:10A6D0000290019000900300020001002800F2F7B0 +:10A6E00085F9041E00D077E00A9B099A31009B1877 +:10A6F0000A9309AA02230AA803F057F9041E6BD192 +:10A70000099B069004930A9B059003930290019085 +:10A7100000900300020001002800F2F767F9041E10 +:10A720005AD10A9B099A31009B180A9309AA02235D +:10A730000AA803F03AF9041E4ED10021099B0691A4 +:10A740000093059104910391029101910A9B0A00E3 +:10A750002800F2F74BF9041E3ED10A9B099A3100FA +:10A760009B180A9309AA02230AA803F01EF9041EE3 +:10A7700032D1099B069002930A9B059004900390A6 +:10A78000019300900300020001002800F2F72EF967 +:10A79000041E21D10A9B099A28009B180A93F2F7FC +:10A7A0006BF9041E18D10BAA31000AA803F04AF96C +:10A7B000041E11D10BAA31000AA803F043F9041EAC +:10A7C0000AD10BAA31000AA803F03CF9041E03D1F8 +:10A7D0000A9BB34200D00B4C0BA8FBF7EBF9002C03 +:10A7E00000D138E7084B1C4205D1054BE41828007E +:10A7F000F3F736FB2FE7024CF9E7044C2BE7C04692 +:10A8000000C3FFFF9AC2FFFF80FF000080C2FFFF6E +:10A81000F0B58BB0050006913023891806A805AA6B +:10A8200003F0C3F8002804D05A4BC41820000BB022 +:10A83000F0BD059A069B06A89F18390004AA03F0EC +:10A84000FBF80028F0D1049B012B00D09DE00333DE +:10A8500005AA390006A803F0A8F80028E4D12E00C4 +:10A860007C36059A06993000FBF737FB041E05D0AD +:10A870002800F4F7D5FD474BE418D7E7069B059A67 +:10A880009B180693BB4238D0A02305AA390006A81E +:10A8900003F08BF8041E2DD1069B059A9C18002A04 +:10A8A00024DD1B780793062B01D0302B20D108AA7A +:10A8B000210006A803F079F800280DD0354BC41804 +:10A8C000002C05D1290007A8FFF742FD041E14D073 +:10A8D0002800F4F7A5FDA9E7069B089A09939B18A1 +:10A8E000039206939C42EDD02B4CF1E72B4CEFE703 +:10A8F0002B4CEDE703006233BAD1069BBB422ED04E +:10A90000A12305AA390006A803F04FF8041E23D19D +:10A91000059A069B06A89C18210005AA03F0A5F835 +:10A92000002800D080E7069A059BD1188C422ED1D2 +:10A930002F00883739002800F4F764FE002803D17F +:10A9400039002800F4F7D8FE0694002815D0154BDE +:10A95000984204D00F4C69E70300623388D100238A +:10A960002900019300932B003200283388312800FE +:10A97000F4F7DEFF041E00D07AE731002800F5F777 +:10A98000C9F9041E00D151E7A2E7074C4EE7024C7B +:10A990004CE7C04600C3FFFF9AC2FFFFA0C2FFFF03 +:10A9A0009EC2FFFF80B1FFFF80C2FFFFF0B506002F +:10A9B0000F001C0085B00021180015000C22E5F7DF +:10A9C000BEFE230001AA3900300003F065F800281C +:10A9D00003D00C4BC01805B0F0BD290001A8FFF74B +:10A9E000FBF900280CD12B78012BF4D12368052B1F +:10A9F00001D0002B02D16368002BECD00148EAE7BC +:10AA00000148E8E780C5FFFF80C3FFFFF0B589B0CC +:10AA10006B46DE1D00230500049133708918303326 +:10AA200003AA04A802F0C1FF002804D0284BC418D0 +:10AA3000200009B0F0BD039A049B04A89F183900B8 +:10AA400002AA02F0F9FF0028F0D1029B002B3BD1B3 +:10AA500005AB3200390004A8FFF7A8FF0028E5D1B4 +:10AA6000042303AA390004A802F09FFF0028DDD1C7 +:10AA7000039B002B2AD03078FFF780FA011E01D10A +:10AA8000144CD5E72800FFF785FA041ED0D133789F +:10AA9000012B0AD1039A04996868FFF7C9FD041EC7 +:10AAA000C6D02800FFF75CFAC2E7023B012BE7D8CB +:10AAB000696805A8FFF74CFC041EF2D1039A0499BB +:10AAC0006868FFF7A5FEEAE7034CB1E7034CAFE780 +:10AAD00000C3FFFF80C3FFFF80C2FFFFA0C2FFFFD4 +:10AAE000F0B593B01E00189B0B9107908918002BAE +:10AAF00000D172E030230AAA0BA802F056FF00280A +:10AB000003D0384BC01813B0F0BD0B9B0A9A0BA8AA +:10AB10009C1821000FAB0CAA02F0BEFF0028F0D158 +:10AB200004230AAA21000BA802F03FFF0028E8D165 +:10AB30001E251F2702ABED18FF1839002A000CA8AC +:10AB40000B9CFFF7E9F9011E13D10A983B782A788C +:10AB500003900B98049402901898009601900FA807 +:10AB600003F0D4FA00281CD01F4B9842CBD11F48C9 +:10AB7000C9E70D9A0A2A1AD10E991D48E5F7B4FDC6 +:10AB8000011E2CD10A9B029401930B9B320000936F +:10AB90000FA8189B03F0C4F90028B4D12378302BF8 +:10ABA000E5D10A9A21000798FFF730FFABE7092AA1 +:10ABB00015D10E990F48E5F797FD011E0FD10A9B9D +:10ABC000029401930B9B320000930FA8189B03F093 +:10ABD000F3FB0028E5D0084BC7E7084893E708488F +:10ABE00091E7C04600C3FFFF00E2FFFF80C4FFFF04 +:10ABF000511002105C10021000D2FFFF00C4FFFFD2 +:10AC000080C6FFFFF0B58BB004ABDD1D002317003D +:10AC10002B7006AA3033060002F0C7FE002804D0CD +:10AC2000324BC41820000BB0F0BD069A336894462E +:10AC3000634401932A0007AB01993000FFF7B6FE89 +:10AC4000041EEFD106AA0199300002F00EFF002881 +:10AC500001D0274BE5E7069A33689B18019A9A4280 +:10AC600040D12878FFF78AF9011E3DD03800FFF760 +:10AC700091F9041ED6D12B78012B0BD17A6801995A +:10AC80003000FFF703FB051E24D03800FFF768F9FA +:10AC90002C00C7E7023B012B22D8796807A8FFF7F1 +:10ACA00057FB051EF1D17B6832680293883303930A +:10ACB000019B03999B1A0298F4F7A4FC051E04D18A +:10ACC00003990298F4F718FD0500019B3360002DED +:10ACD000A8D0DAE73368019A9342A3D0054DD4E7B0 +:10ACE000054DD2E7034C9DE7034C9BE700C3FFFFF4 +:10ACF00000C5FFFF9AC4FFFF80C3FFFFF0B58BB014 +:10AD000004000F00151E059300D1F0E007A803F022 +:10AD100061F86B1EFB1804931B78002B20D0049B5A +:10AD20001B78002B5AD106AB0293109B794A0193F2 +:10AD3000059B7949009307A83B0003F051F8061ED4 +:10AD400043D10220FFF71AF901002000FFF722F992 +:10AD5000061E23D1089A07996068FFF759FD1BE08A +:10AD600006AB0293109B6D4A0193059B6C490093BF +:10AD700007A83B0003F034F8061E16D10120FFF7A8 +:10AD8000FDF801002000FFF705F9061E06D1089A1C +:10AD900007996068FFF74CFC061E02D02000FFF701 +:10ADA000DFF807A803F0A8F803E05E4B984203D150 +:10ADB0005D4E30000BB0F0BD5C4B984201D15C4E53 +:10ADC000F7E75C4B9842F4D1A9E7564B9842EFD095 +:10ADD000564B9842F3D0574B9842EAD1049B1B78CC +:10ADE000002B14D106AA029201930093524A3B0011 +:10ADF000524907A802F0F4FF061E05D1089A0799E8 +:10AE00002000FFF703FEC7E74A4B9842D1D1049BCD +:10AE10001B78002B17D106AA029201930093484A8F +:10AE20003B00484907A802F0DBFF061E08D1109B33 +:10AE3000089A00930799059B2000FFF751FEABE7A6 +:10AE40003C4B9842B5D129000120EEF751F9061E7E +:10AE500001D13D4EADE72A003900E5F754FC109BC7 +:10AE60002A0000933100059B2000FFF739FE2900DE +:10AE700004903000EEF756F93000EEF741F9049BEC +:10AE8000002B01D1002694E72000FFF769F820008D +:10AE9000FFF762F8244B049A9A4200D188E72A000F +:10AEA00039002000FFF7B2FD0028EBD02000FFF7AB +:10AEB00057F82000FFF750F80120FFF75FF8010076 +:10AEC0002000FFF767F8002813D02000FFF748F8AC +:10AED0002000FFF741F80220FFF750F801002000A2 +:10AEE000FFF758F800280CD02000FFF739F8174E6C +:10AEF0005FE72A0039006068FFF79AFB0028E4D179 +:10AF0000C0E72A0039006068FFF782FC0028B9D04A +:10AF1000EAE7C046250F0210420F0210E70E0210AA +:10AF2000050F021080ECFFFF80C4FFFF00EDFFFF64 +:10AF300000C4FFFF80EFFFFF610F02107B0F0210C4 +:10AF4000970F0210BB0F021080C0FFFF00C3FFFF6E +:10AF5000F0B505008DB00F00161E00D17AE009A8EB +:10AF600002F038FF731EFB1805931B78002B2FD1BE +:10AF700008AA029201930093374A3B00374909A877 +:10AF800002F02EFF041E20D1099B01200593079398 +:10AF9000FEF7F4FF011E03D1314C20000DB0F0BDCF +:10AFA0002800FEF7F7FF041EF7D10A99079B6A688D +:10AFB000591807A8FFF76AF9041E02D02800FEF707 +:10AFC000CFFF09A802F098FFE7E7264B9842F8D197 +:10AFD000059B1B78002B19D108AA029201930093BC +:10AFE000214A3B00214909A802F0FAFE041E0AD1B9 +:10AFF00009990A9B07912A00C91807A80593FFF72A +:10B0000001FE0400DDE7174B9842DAD109A802F0EF +:10B0100073FF0120FEF7B2FF011EBDD02800FEF72E +:10B02000B9FF041EB9D1BE196A68310007A8079795 +:10B03000FFF72CF9041EB0D02800FEF791FF0C4B4F +:10B040009C42AAD12A00310007A80797FFF7DAFD32 +:10B050000400A2E7074CA0E7E10F0210FE0F021068 +:10B0600080C3FFFF80EFFFFF1D100210361002109B +:10B070009EC4FFFF00C3FFFF70B5050010008523CD +:10B080000E0001000022A6B004AC019388310094A8 +:10B0900003AB0392F4F744FA00280CD12868B042BD +:10B0A0000BD3039A861B964207D3801A286021008F +:10B0B000E5F729FB039826B070BD6C204042FAE703 +:10B0C00037B504000D001000694601AAFEF7C0FE66 +:10B0D000002805D1019B009A2900200002F03DFEC6 +:10B0E0003EBD0000F0B58BB0039010000491140039 +:10B0F000FEF768FF012848D10025636807AF3800D4 +:10B100000593FAF751FD019700952B002A002900BD +:10B110000598F1F773FD2E000400A8421CD13A00F7 +:10B120000499039802F0DDFD0400A84214DB060038 +:10B13000019500952B002A0039000598F1F75EFD76 +:10B140000400A84208D13A000499039802F0C9FD0E +:10B150000400A84200DB36183800FAF72BFD002C5B +:10B1600010DB32000499039802F0FAFC0400051E7B +:10B1700008DB30220499039802F05CFD041E01DB19 +:10B18000AE19841920000BB0F0BD2000FEF71AFFA5 +:10B19000022806D1626804990398FFF76DFF040046 +:10B1A000F0E7014CEEE7C04680C6FFFFF0B50400B3 +:10B1B0009BB00F00002A04D16C24644220001BB015 +:10B1C000F0BD8A180892FEF7FDFE012800D0C1E00C +:10B1D000636809A80293FAF7E7FC002209AB1100A3 +:10B1E0000298F1F773FD00250400A84200D08FE01B +:10B1F00009AA390008A802F074FD0400A84200DA88 +:10B2000086E00023050009AA19000298F1F75EFD07 +:10B21000041E00D07CE009AA390008A802F061FDF4 +:10B22000041E75DB00232D181A0009A90298F1F7F6 +:10B230004DFD041E6CD109AA390008A802F051FD89 +:10B24000041E65DB00212D180191009109AB0A0055 +:10B250000298F1F7D3FC041E5AD109AA390008A8B4 +:10B2600002F03FFD041E53DB00262D1801960096C8 +:10B27000330009AA31000298F1F7C0FC0400B04283 +:10B2800046D109AA390008A802F02BFD0400B042FB +:10B290003EDB09AB00932D180196330032003100DC +:10B2A0000298F1F7ABFC0400B04231D109AA390091 +:10B2B00008A802F016FD0400B04229DB09AB019397 +:10B2C0002D1800963300320031000298F1F796FCF9 +:10B2D0000400B0421CD109AA390008A802F001FDFF +:10B2E0000400B04214DB2D180196009633003200A2 +:10B2F00009A90298F1F782FC0400B04208D109AA1A +:10B30000390008A802F0EDFC0400B04200DB2D1863 +:10B3100009A8FAF74FFC002C00DA4FE700223900A9 +:10B3200008A802F036FD041E00DA47E745192A0096 +:10B33000390008A802F014FC041E00DA3EE73022AF +:10B34000390008A802F076FC002800DA9EE06419B3 +:10B35000041933E72000FEF735FE022800D093E001 +:10B3600066683900320008A8FFF786FE041E00DA7E +:10B3700024E7089BDA1B002A00DC1DE70022013BC2 +:10B38000451C089339001A7008A82A0002F0E8FB4F +:10B39000041E00DA12E70322390008A802F04AFC72 +:10B3A000002873DB641903191A00390008A80593F3 +:10B3B00002F0D6FB0290041E00DAFFE6A12239005B +:10B3C00008A802F037FC0390041E00DAF6E6327893 +:10B3D000390008A8FFF774FE041E00DAEEE60490B8 +:10B3E0000200390008A802F0BBFB041E069000DA38 +:10B3F000E4E6A022390008A802F01CFC041E079015 +:10B4000000DADBE63000B36D7C30DD1DED082A008C +:10B4100009A9FAF7D3FD041E06D12B0009AA3900A9 +:10B4200008A802F0BBFC0400290009A8EDF77AFE89 +:10B43000002C00DAC2E60122390008A802F0A9FCBB +:10B44000002823DB059A029B944663441D00039B5E +:10B4500039005D19049BED18069BED18079BED184C +:10B46000651945192A0008A802F07AFB041E00DAC3 +:10B47000A4E645193022390008A802F0DBFB041EBF +:10B4800000DA9BE6441999E6014C97E6040095E63C +:10B4900080C6FFFFF0B51C00A7B0060001A80F0092 +:10B4A0001500F6F77FFA210001A8F6F795FA041EB9 +:10B4B0000BD13A00310001A8F6F79AFA041E04D124 +:10B4C000290001A8F6F7A2FA040001A8F6F770FA1D +:10B4D000200027B0F0BDF0B51C00BFB0060001A8E9 +:10B4E0000F001500F6F798FA210001A8F6F7AEFA5A +:10B4F000041E0BD13A00310001A8F6F7B3FA041E7E +:10B5000004D1290001A8F6F7BBFA040001A8F6F758 +:10B5100089FA20003FB0F0BDF0B5C646082200B55C +:10B52000CD684F68EB0FDB00D21A872313410E68FA +:10B53000DA178C68944631003A0089197A41241947 +:10B540006D4182B04B4098460094019525006346BA +:10B55000F90F0D4341465A40130E12021B06120A00 +:10B560001A4342602B022A0E12061B0A13430E0EC8 +:10B5700083600902009B019C220E230236061206FC +:10B58000090A1B0A314313430160C36002B004BCC3 +:10B590009046F0BD10B50400802100F0E7FF2000C8 +:10B5A00000F0D4FF10BDC04610B5041E13D0836850 +:10B5B000002B09D00A4B01001A682923D35C01C96A +:10B5C0001F2B09D901F006FA200000F0C9FF8021E5 +:10B5D000200000F0CBFF10BD01F016F9F4E7C046E3 +:10B5E00014E8010810B50400802100F0BFFF20001E +:10B5F000803400F0ABFF8021200000F0B7FF200076 +:10B6000000F0A4FF10BDC04670B5041E2BD08368A7 +:10B61000002B09D01B4B01001A682923D35C01C9F8 +:10B620001F2B21D901F0D6F92500200000F098FF4A +:10B6300080358021200000F099FFAB68002B0BD0F3 +:10B640008023E0580F4B21001A682923D35C8431F2 +:10B650001F2B0CD901F0BEF9280000F081FF8021DA +:10B66000280000F083FF70BD01F0CEF8DCE701F0A8 +:10B67000CBF8280000F074FF8021280000F076FF4E +:10B68000F1E7C04614E8010870B582B0C02A25D0A1 +:10B6900080235B009A421FD0802A03D020204042A2 +:10B6A00002B070BD00220300103004000C4820CB13 +:10B6B00006682920305C00941F2809D9280001F071 +:10B6C00099F9434258414342252018402538E7E77D +:10B6D000280001F06DF8F4E70222E4E70122E2E736 +:10B6E00014E8010870B582B0C02A25D080235B0021 +:10B6F0009A421FD0802A03D02020404202B070BD61 +:10B7000000220300103004000C4820CB06682920DA +:10B71000305C00941F2809D9280001F06BF94342DE +:10B7200058414342252018402538E7E7280001F01A +:10B730003FF8F4E70222E4E70122E2E714E8010817 +:10B74000F0B54646D6464F468023C0B5050082B0C8 +:10B750000E005B009A420AD0DB189A4207D02020E4 +:10B76000404202B01CBC90469946A246F0BD540827 +:10B77000C02C44D080235B009C4242D00020802C0F +:10B78000EDD180232927EB58B8469C462B00843303 +:10B790009A46214B11091F68994643462A00FB5CD3 +:10B7A0009032711800921F2B23D902005346604635 +:10B7B00001F020F9002819D1C02C24D080235B008F +:10B7C0009C4227D0802CCAD1002249460C682921EE +:10B7D0002B00615C103501CB00951F2915D9310074 +:10B7E00001F008F903000020002BBAD025204042C8 +:10B7F000B7E702005346604600F0DAFFDAE70120BF +:10B80000BFE70220BDE70122DFE7310000F0D0FFF3 +:10B810000300E8E70222D8E714E80108F0B546463D +:10B82000D6464F468023C0B5050082B00E005B00AF +:10B830009A420AD0DB189A4207D02020404202B038 +:10B840001CBC90469946A246F0BD5408C02C44D07A +:10B8500080235B009C4242D00020802CEDD18023CD +:10B860002927EB58B8469C462B0084339A46214B37 +:10B8700011091F68994643462A00FB5C90327118F3 +:10B8800000921F2B23D902005346604601F0B2F804 +:10B89000002819D1C02C24D080235B009C4227D0E3 +:10B8A000802CCAD1002249460C6829212B00615CFA +:10B8B000103501CB00951F2915D9310001F09AF8F8 +:10B8C00003000020002BBAD025204042B7E7020039 +:10B8D0005346604600F06CFFDAE70120BFE7022024 +:10B8E000BDE70122DFE7310000F062FF0300E8E777 +:10B8F0000222D8E714E8010870B51E000F4C0300BF +:10B900002568292401CB82B02C5D009313003200FE +:10B91000012909D001211F2C09D901F081F8002843 +:10B9200008D1002002B070BD00211F2CF5D800F016 +:10B930007BFFF4E725204042F4E7C04614E8010805 +:10B94000F0B5454657464E46DE4698461300E0B5EC +:10B9500089B005009246129E139C1B0700D0D5E0CB +:10B96000002950D1002A46D02B1D03932923994644 +:10B97000684F4A463B6828689B5C1F2B00D8BFE095 +:10B980001023320004A901F029F94A463B682868CF +:10B990009B5C1F2B00D8AAE0039B2200009301218F +:10B9A000330001F03DF883464A463B6828689B5CBB +:10B9B0001F2B00D893E01023220000932100434660 +:10B9C00001F0BCF94A463B6828689B5C1F2B00D8F5 +:10B9D0007FE0102304AA414601F000F95B461036CF +:10B9E0001034002B00D071E010235B429C46E244EF +:10B9F0005346002BBDD1002009B03CBC904699466F +:10BA0000A246AB46F0BD002AF5D02B1D0393292397 +:10BA100099464A463F4F28683B689B5C1F2B30D9AC +:10BA20001023320000932100434601F087F94A4673 +:10BA30003B6828689B5C1F2B30D9039B2200009336 +:10BA40000021230000F0ECFF4A463B6883469B5CE4 +:10BA500028681F2B30D910232200414601F0BEF880 +:10BA60005B4610361034002B30D1103B9C46E2442C +:10BA70005346002BBFD04A463B6828689B5C1F2B6F +:10BA8000CED81023320000932100434601F080F805 +:10BA90004A463B6828689B5C1F2BCED8039B22003C +:10BAA00000930021230000F0BFFE4A463B68834616 +:10BAB0009B5C28681F2BCED810232200414601F042 +:10BAC00027F85B4610361034002BCED0252040429C +:10BAD00092E7102304AA414601F01AF87EE71023EA +:10BAE000220000932100434601F052F86AE7039BCD +:10BAF000220000930121330000F096FE834653E7B5 +:10BB00001023320004A901F003F83EE7222040424E +:10BB100072E7C04614E80108F0B54E464546574660 +:10BB2000DE46E0B593B0039111008146059208000E +:10BB300015090F221040794A10391C9F1D9E80461E +:10BB4000914200D96EE3802249468858744A843174 +:10BB50009246544629222468A25C06AC00911F2A12 +:10BB600000D8D5E02200002100F05AFF002800D0C4 +:10BB7000C1E16B1E9B46002D00D1D3E04B46043340 +:10BB800004930EAD56E01F2B00D8B1E0049B2A00B1 +:10BB9000009301212B0000F043FF002800D0AAE110 +:10BBA0002A7823782100534033706A786378200024 +:10BBB00053407370A278AB7810375340B370E2787B +:10BBC000EB785340F37022792B79534033716279CB +:10BBD0006B7953407371A279AB795340B371E279B9 +:10BBE000EB795340F371227A2B7A53403372627AA5 +:10BBF0006B7A53407372A27AAB7A5340B372E27A93 +:10BC0000EB7A5340F372227B2B7B53403373627B7E +:10BC10006B7B53407373A27BAB7B5340B373EB7B63 +:10BC2000E27B5340F373FFF777FC5B461036013B32 +:10BC30009B4677D34346002B06D0039B002B03D1B2 +:10BC40005B46002B00D1F2E222783B7853402B7008 +:10BC500062787B7853406B70A278BB785340AB70AE +:10BC6000E278FB785340EB7022793B7953402B719B +:10BC700062797B7953406B71A279BB795340AB7188 +:10BC8000E279FB795340EB71227A3B7A53402B7275 +:10BC9000627A7B7A53406B72A27ABB7A5340AB7262 +:10BCA000E27AFB7A5340EB72227B3B7B53402B734F +:10BCB000627B7B7B53406B73A27BBB7B5340AB733C +:10BCC000E27BFB7B5340EB734B46186853462922BB +:10BCD0001B689B5C039A012A00D054E71F2B0FD9E5 +:10BCE000049B2A00009300212B0000F099FE54E7EA +:10BCF000049B2A00009301212B0000F095FD4CE7E6 +:10BD0000049B2A00009300212B0000F08DFD44E7E6 +:10BD10002200002100F088FD28E7C046F0FFFF0068 +:10BD200014E801084346002B00D1DCE0039B002B04 +:10BD300000D10AAC10235B429B4600231900321D40 +:10BD4000974259410A00391D8E425B411343042238 +:10BD5000424592415242B3441A4200D1B7E13B00FE +:10BD60005A46334313439B0700D0B0E14346013B9F +:10BD7000022B00D859E243469A085B461B682168AB +:10BD800033603B684B400E93012A11D033000C3BCB +:10BD90001B68616873607B684B400F93032A07D16F +:10BDA0003300083B1B68A268B360BB685340109324 +:10BDB0000C23059A0EAD134098451BD05A46D25C11 +:10BDC000E15CF254FA5C0EAD4A40EA545A1C9045CC +:10BDD00010D95946895CA05CB154B95C023341402A +:10BDE000A954984506D95A46D25CF254F95CE25CF3 +:10BDF0004A40EA544046424610232818414607006C +:10BE00009B1A103AB218611817430F430493BB07EB +:10BE100000D0CFE0049B052B00D8CBE00F27434692 +:10BE2000FF1A022F1BD9049B17689B089C460B68BE +:10BE30005F4063460760012B0AD04B6857685F403C +:10BE400063464760032B03D1926889684A40826049 +:10BE5000049903220B00934398448B4217D0424627 +:10BE60005B469B5CA25C53404246AB544346013365 +:10BE7000102B0CD05A46E15CD25C4A40EA540133A4 +:10BE8000102B04D05946E25CC95C4A40EA544A4649 +:10BE900010685246116829224B468A5C0399043384 +:10BEA00000932B00012929D01F2A33D92A00012110 +:10BEB00000F0B6FD00281ED15B469B072FD12268FB +:10BEC0000E9B616853405A46136032000F9B0C3A38 +:10BED0004B401360A168109B043E4B405360E368E5 +:10BEE000119A53403360002013B03CBC90469946F1 +:10BEF000A246AB46F0BD25204042F5E71F2A04D9F3 +:10BF00002A00002100F08CFDD4E72A00002100F077 +:10BF10008BFCCFE72A00012100F086FCCAE72A78D3 +:10BF20002378617853405A46137032006B780F3A89 +:10BF30004B401370AB78A1784B405370E978E378AD +:10BF40004B409370297923794B40D3706979637999 +:10BF50004B401371A979A3794B405371E979E37987 +:10BF60004B409371297A237A4B40D371697A637A73 +:10BF7000F21F4B401370A97AA37AB21F4B40137083 +:10BF8000E97AE37A721F4B401370297B237B321FBF +:10BF90004B401370697B637BF21E4B401370A97B8F +:10BFA000A37BB21E4B401370EA7BE37B013E534000 +:10BFB000337098E742465B469B5C0A7853404246A2 +:10BFC000AB5443460133102B00D160E75946E25C85 +:10BFD000C95C4A40EA5443460233102B00D156E76D +:10BFE0005946E25CC95C4A40EA5443460333102B8D +:10BFF00000D14CE75946E25CC95C4A40EA544346EA +:10C000000433102B00D142E75946E25CC95C4A4038 +:10C01000EA5443460533102B00D138E75946E25C19 +:10C02000C95C4A40EA5443460633102B00D12EE740 +:10C030005A46E15CD25C4A40EA5443460733102B2F +:10C0400000D124E75A46E15CD25C4A40EA5401330D +:10C05000102B00D11BE75A46E15CD25C4A40EA54FF +:10C060000133102B00D112E75A46E15CD25C4A4002 +:10C07000EA540133102B00D109E75A46E15CD25C47 +:10C080004A40EA540133102B00D100E75A46E15CE4 +:10C09000D25C4A40EA540133102B00D1F7E65A46ED +:10C0A000E15CD25C4A40EA540133102B00D1EEE649 +:10C0B0005A46E15CD25C4A40EA544346022B00D126 +:10C0C000E5E6721EE37B12785340EB73DFE65B46D6 +:10C0D0001B78227833703B780EAD53402B7043466B +:10C0E000012B00D186E633000F3B1B78627873701A +:10C0F0007B7853406B704346022B00D17AE63300C5 +:10C100000E3B1B78A278B370BB785340AB704346AC +:10C11000032B00D16EE633000D3B1B78E278F37001 +:10C12000FB785340EB704346042B00D862E63300A3 +:10C130000C3B1B78227933713B7953402B7143467A +:10C14000052B00D856E633000B3B1B7862797371E0 +:10C150007B7953406B714346062B00D14AE633008E +:10C160000A3B1B78A279B371BB795340AB7143464C +:10C17000072B00D13EE63300093B1B78E279F371CF +:10C18000FB795340EB714346082B00D132E6330074 +:10C19000083B1B78227A33723B7A53402B7243461A +:10C1A000092B00D126E6F31F1B78627A73727B7A23 +:10C1B00053406B7243460A2B00D11BE6B31F1B781A +:10C1C000A27AB372BB7A5340AB7243460B2B00D1B9 +:10C1D00010E6731F1B78E27AF372FB7A5340EB721E +:10C1E00043460C2B00D105E6331F1B78227B3373AB +:10C1F0003B7B53402B7343460D2B00D1FAE5F31ED6 +:10C200001B78627B73737B7B53406B7343460F2BAE +:10C2100000D0EFE5B31E1B78B373BA7BA37B53400A +:10C22000AB73E7E5222040425EE60023C6E521002D +:10C2300010220AA8E4F767FA21002000FFF76CF942 +:10C2400002E5C046F0B557464E46DE464546E0B5E7 +:10C250001C6885B0814617009A460E9E0F2C00D9A7 +:10C2600071E000292AD1002A53D00300043303933C +:10C27000364B00259B46292398460DE00F9B32192B +:10C28000595D137810984B4043550F230134013505 +:10C2900011701C40AF423CD0002CEFD14B461868C7 +:10C2A0005B4642461B689B5C1F2B3CD9039B3200BC +:10C2B00000930021330000F0B3FBDFE70025002AE4 +:10C2C00027D0030004330393204B9B462923984631 +:10C2D0000DE00F993219495D137801344B401099E4 +:10C2E0004B5513700F2301351C40AF4211D0002C69 +:10C2F000EFD14B4618685B4642461B689B5C1F2B80 +:10C3000019D9039B320000930021330000F088FB11 +:10C31000DFE7534600201C6005B03CBC90469946C0 +:10C32000A246AB46F0BD039B3200009300213300D0 +:10C3300000F07AFAA2E7039B320000930021330059 +:10C3400000F072FAC5E721204042E5E714E8010851 +:10C35000F0B557464E464546DE46E0B585B01E0070 +:10C3600014680F9B82460F00904699460F2C3CD8CC +:10C37000002930D00300043303931D4B00259B4656 +:10C380000BE00E9A335D525D013453404A465355DB +:10C390000F2301351C40AF421DD0002CF1D1534674 +:10C3A00018685B4629221B689B5C1F2B0BD9039BDB +:10C3B000320000930021330000F032FB0028E0D06F +:10C3C000252040420AE0039B320000930021330005 +:10C3D00000F02AFAF2E7434600201C6005B03CBC9E +:10C3E00090469946A246AB46F0BD21204042F5E773 +:10C3F00014E80108F0B557464E464546DE46E0B51E +:10C40000146885B08246884691461E000E9F0F2C08 +:10C4100000D996E0002900D181E0030004330393A2 +:10C42000494B00259B460BE00F9A3B5D525D013462 +:10C430005340109A53550F2301351C40A8456ED028 +:10C44000002CF1D1534618685B4629221B689B5C7F +:10C450001F2B6ED9039B3A0000930021330000F09C +:10C46000DFFAF37B0133DBB2F373002BDCD1B37B58 +:10C470000133DBB2B373002BD6D1737B0133DBB254 +:10C480007373002BD0D1337B0133DBB23373002BBA +:10C49000CAD1F37A0133DBB2F372002BC4D1B37A81 +:10C4A0000133DBB2B372002BBED1737A0133DBB23E +:10C4B0007372002BB8D1337A0133DBB23372002BA5 +:10C4C000B2D1F3790133DBB2F371002BACD1B37984 +:10C4D0000133DBB2B371002BA6D173790133DBB228 +:10C4E0007371002BA0D133790133DBB23371002B90 +:10C4F0009AD1F3780133DBB2F370002B94D1B37887 +:10C500000133DBB2B370002B8ED173780133DBB211 +:10C510007370002B88D133780133337084E74B4636 +:10C5200000201C6005B03CBC90469946A246AB4634 +:10C53000F0BD039B3A0000930021330000F074F932 +:10C540008FE721204042EDE714E8010810B5034BC6 +:10C5500003600120F2F78AF810BDC04600001040C9 +:10C5600010B50020F2F782F810BDC04670B5040087 +:10C570000D00002801D0002900D170BD0120F2F784 +:10C5800075F8002803D10020F2F770F8F5E7094AA2 +:10C59000ABB2116829228A5C1F2A05D9002221002A +:10C5A000054800F07DFBEEE700222100024800F084 +:10C5B000CFFAE8E714E801080000104070B5040065 +:10C5C0000D00002801D0002900D170BD0120F2F734 +:10C5D0004DF8002808D10020F2F748F80C4B012054 +:10C5E0002360F2F743F8F0E70A4AABB21168292258 +:10C5F0008A5C1F2A05D900222100054800F050FB63 +:10C60000E9E700222100024800F0A2FAE3E7C04671 +:10C610000000104014E8010870B504000D00002867 +:10C6200001D0002900D170BD0020F2F71FF80120D1 +:10C63000F2F71CF8002803D10020F2F717F8F2E710 +:10C64000094AABB2116829228A5C1F2A05D9002247 +:10C650002100064800F024FBEEE7002221000348F9 +:10C6600000F076FAE8E7C04614E801080000104040 +:10C67000F8B505000C1E21D0002B1FD02921114E2A +:10C6800000683768795C1F2911D9210000F0ACFDE2 +:10C69000002813D1292332682868D35C21001F2B7E +:10C6A00009D900F02BFE431E98414042F8BD2100FD +:10C6B00000F0C8FBECE700F065FCF4E70120404225 +:10C6C000F4E7C04614E8010870B5002914D0002A28 +:10C6D00012D0CC68002C0FD0094C006825682924A2 +:10C6E0002C5D1F2C05D900F01DFE431E98414042D1 +:10C6F00070BD00F05BFCF8E701204042F8E7C0465F +:10C7000014E8010810B5002914D0002A12D0CB6813 +:10C71000002B0FD0094B00681C682923E35C1F2BFA +:10C7200005D900F07DFF431E9841404210BD00F046 +:10C73000ABFCF8E701204042F8E7C04614E80108E6 +:10C74000F8B50C001D0000281ED000291CD0002BBD +:10C750001AD0069B002B17D093B22922134E0F68D4 +:10C7600031688A5C1F2A10D901002200380000F0CD +:10C7700035FA292331682068CB5C2A781F2B10D921 +:10C78000069B290000F030FDF8BD010022003800B2 +:10C7900000F0BEF9292331682068CB5C2A781F2B72 +:10C7A000EED8069B290000F04DFBEDE714E80108E8 +:10C7B00070B51D001A70049B02326B60D3000A0032 +:10C7C0000499040000F0A4F903220E4E287833687F +:10C7D00069685B690240E3181A600A002000203291 +:10C7E00008F0C8FD082300222000462108F02AFE98 +:10C7F000012233681868201803681A42FCD100200F +:10C8000070BDC046DCC2010870B50D000400702385 +:10C810000022496800F09CF9290020000C23002226 +:10C8200000F096F9002070BDF0B5D6464F4646465A +:10C83000C0B517001A004023994682B00A9E8A4666 +:10C840007568303BA9444946040000F061F90322B1 +:10C850001B4B317898461B680A405B695035E318DA +:10C860001A6053467168012B21D02B004A462000E4 +:10C8700008F09AFD44210C23002200932000083B7D +:10C8800008F0F4FD434601211B681A68A2181368DA +:10C890001942FCD1200010232A00390000F038F999 +:10C8A000002002B01CBC90469946A246F0BD203143 +:10C8B0002B004A46200008F077FD4521DBE7C04603 +:10C8C000DCC20108F0B50F26204B0D781A68AC1CAD +:10C8D00093684F68E400C1180B683340042BFBD801 +:10C8E000862149014358002BFCDB0F26D3681849E9 +:10C8F000C3181960D368C3181F60D368C3181C60BD +:10C900009368C1180B683340062BFBD8D3681149D4 +:10C91000C318103C1960002C0CD00F269368C11866 +:10C920000B683340062BFBD8D3680B492404C3188B +:10C930000C431C60032153690D40C3181D6013682C +:10C94000C0180368002BFCD1F0BDC046DCC2010852 +:10C9500008000071084010400850004070B5040005 +:10C960000D78FFF7AFFF0F21174B02351868ED0068 +:10C970008368E21813680B40062BFBD8A0220F2116 +:10C98000C368D205E3181A608368E21813680B4085 +:10C99000062BFBD8C3680D4AE318103D1A60002D22 +:10C9A0000CD00F218368E21813680B40062BFBD8CC +:10C9B000C368074A2D04E31815431D600368E41893 +:10C9C0002368002BFCD170BDDCC20108064010407A +:10C9D0000750004070B50D00040070230022496824 +:10C9E00000F05EF9290020000C23002200F058F925 +:10C9F000002070BDF8B51D00140006000F000C23C8 +:10CA00002900002200F04CF9069B30006B60A31C4B +:10CA10002C703A00DB00069900F0E0F80020F8BD29 +:10CA2000F8B50D00040016001F000699002D61D115 +:10CA3000FFF748FF0F20314B1A689368E1180B6825 +:10CA40000340042BFBD8862149016358002BFCDBF3 +:10CA5000D3682B49E318196010210F20D368E3181D +:10CA60001F60D368E31819609368E1180B680340EE +:10CA7000042BFBD8D3682349E318196010210F2039 +:10CA8000D368E3181E60D368E31819609368E1184F +:10CA90000B680340062BFBD8D3681B49E3181960C9 +:10CAA00093680F20E118002D09D10B680340062B75 +:10CAB000FBD8A021D368C905E318196008E00B680A +:10CAC0000340062BFBD8A221D368C905E3181960DF +:10CAD0000F209368E1180B680340062BFBD8D3683E +:10CAE0000A49E31819601368E4182368002BFCD185 +:10CAF0000020F8BDFFF732FF9CE7C046DCC201080A +:10CB0000080000710C0000700800104001C01040C7 +:10CB100010B5040082B01000002B01D102B010BD8E +:10CB20000A000100200008F03FFC082300220093C7 +:10CB30002000043B502108F099FC1022034B1B6895 +:10CB40001868201803681A42FCD1E7E7DCC2010824 +:10CB500010B5040082B0181E01D102B010BD130040 +:10CB60000200200008F020FC0C230022009320008B +:10CB7000043B512108F07AFC1022044B1B68186812 +:10CB8000201803681A42FCD1E7E7C046DCC201085E +:10CB900010B582B0040010001A0004AB1B88002BF3 +:10CBA00001D102B010BD00910100200008F018FC76 +:10CBB0000C230193043B00930022043B20005321EB +:10CBC00008F06EFC1022044B1B68186820180368DC +:10CBD0001A42FCD1E5E7C046DCC20108F0B5944634 +:10CBE000002B44D0294A1D001668B26887180F220E +:10CBF0003C681440042CFBD886277F01C459002CC4 +:10CC0000FCDBF268224C8218146064460F27F2683D +:10CC100082181460F26882181360B268841822685F +:10CC20003A40042AFBD8F2681A4C82181460F26861 +:10CC300082181160F268821813600F2B18D91D003A +:10CC40000F24154FB26881180A682240062AFBD8C3 +:10CC5000F268103D8218ADB217600F2DF2D80F2583 +:10CC60001D4005D13368C0180368002BFCD1F0BD0E +:10CC70000F21B368C3181A680A40062AFBD8F36864 +:10CC8000064A2D04C31815431D60EBE7DCC20108FA +:10CC9000080000710C00007008C0104008C000407F +:10CCA000F0B5002B30D09C460F26204C2768BC687E +:10CCB00005192C683440042CFBD8FC681C4D041961 +:10CCC0002560FC6804192160F96841180B600F2B7E +:10CCD0001CD918491E0011438C460F25B968441809 +:10CCE000216829400629FBD86446F968103E41189E +:10CCF000B6B20C600F2EF1D80F210B4005D13B6866 +:10CD0000C0180368002BFCD1F0BD9C460F24BB6803 +:10CD1000C1180B682340062BFBD8FB68C118064BD3 +:10CD20001A4363461B041A430A60E8E7DCC20108A1 +:10CD30000C00007000C0104200C00042F0B5C646B2 +:10CD400000B5904606AA1688002E59D0B4460F2783 +:10CD5000354A1568AA68821814683C40042CFBD830 +:10CD6000862252018458002CFCDBEA682F4C821882 +:10CD7000146044460F27EA6882181460EA68821833 +:10CD80001660AA68841822683A40042AFBD8284C06 +:10CD90000259002AFCDBEA68264C821814600F2432 +:10CDA000EA6882181360EB68C3181E60AB68C2188B +:10CDB00013682340042BFBD8EB681F4AC3181A6082 +:10CDC000EB68C3181960EB68C3181E600F2E1BD9DF +:10CDD00034000F21194FAB68C21813680B40062BA3 +:10CDE000FBD8EB68103CC318A4B21F600F2CF2D81C +:10CDF0000F27374007D12B68C0180368002BFCD1E0 +:10CE000004BC9046F0BDBC460F21AB68C218136845 +:10CE10000B40062BFBD86246EB681704084AC31880 +:10CE200017431F60E7E7C046DCC201080800007135 +:10CE3000D0100000090000710C00007098C0104173 +:10CE400098C00041062A00D988E0454892008258DF +:10CE50008B6097461A00C0338B6105230B60033B40 +:10CE60004B60404B8032CB628023CB60403B4B61B8 +:10CE70000A61203B4B62A02300209B00CB617047DE +:10CE80001A00C0338B6106230B60043B4B60364BAA +:10CE90008032CB628023CB60403B4B610A61243BF4 +:10CEA000E8E71A0054338B6100230B604B602F4B73 +:10CEB0004032CB624023CB602C3B4B614B622D3325 +:10CEC000FF330A61CB610020D9E71A0060338B6120 +:10CED00001230B604B60264B4032CB624023CB607A +:10CEE000203B4B61043B4B62E4330A61CB61002081 +:10CEF000C5E71A0060338B6102230B60013B4B6076 +:10CF00001C4B4032CB624023CB60203B4B614B62D9 +:10CF1000E0330A61CB610020B1E71A00C0338B61B6 +:10CF200003230B60013B4B60134B8032CB628023A9 +:10CF3000CB60403B4B610A61103B9BE71A00C0335A +:10CF40008B6104230B60023B4B600C4B8032CB6245 +:10CF50008023CB60403B0A614B618BE708488EE73A +:10CF600070100210A0110210601102108C1002103B +:10CF7000A0100210C0100210E010021020110210C8 +:10CF80000B00320010B500290CD000238B620B621D +:10CF90004B69002B06D0CA6A9BB20969FFF7B8FD3E +:10CFA000002000E0004810BD0B003200F0B55746ED +:10CFB0004E464546DE46E0B50C0083B0050017003E +:10CFC0001E00002949D0002A47D0CB689946002B83 +:10CFD00043D0002E3FD00B6A9B190B62896A7318ED +:10CFE000994542D8264BB0469B4607239A46A268ED +:10CFF0004B4694465E1AB3B261443A002800FFF7EC +:10D0000087FD52466368A1681340C0229200AB506E +:10D010002369226900932800A36908F0E1F90C2331 +:10D020000193043B00930022043B4C21280008F0AC +:10D0300037FA5B4604211B681A68AA18136819425C +:10D04000FCD143469B1B9846BF1900219945CED978 +:10D050001E1EA3620AD1002000E00A4803B03CBCB7 +:10D0600090469946A246AB46F0BDA362A26828004E +:10D070005118B3B23A00FFF74BFD0020EEE7C0466F +:10D08000DCC201080B003200F0B557464E4645465B +:10D09000DE46E0B5060085B00F001500002900D17E +:10D0A0009CE0002A00D199E08B680C699A46BB6A23 +:10D0B000C9689B463B6A5846DB0099460B00803B9B +:10D0C0005A1E934137225B4293439846702352463F +:10D0D0009C46103313548BB20393013B1B1A0291ED +:10D0E000411CE0449BB2514400223000FFF730FD68 +:10D0F000D8454BD93A4B98464946029B090E5344B2 +:10D100001A1F11704946DA1E090C117049469A1E01 +:10D11000090A11704A46013B1A7007237A683000E9 +:10D120001340C0229200B3503B6951460093BB6943 +:10D130003A6908F055F90C230193043B009300224F +:10D14000043B30004C2108F0ABF9434604221B6835 +:10D150001B68F61833681A42FCD17B6A9B080DD015 +:10D160009B00E318E2782A70A2786A706278AA704D +:10D1700022780434EA700435A342F3D1002005B0CC +:10D180003CBC90469946A246AB46F0BD07237A6860 +:10D1900051461340C0229200B3503B6930000093C7 +:10D1A000BB693A6908F01CF90C230193043B009316 +:10D1B0000022043B4C21300008F072F90421084B96 +:10D1C00098461B681A68B21813681942FCD1039B71 +:10D1D000002251463000FFF7BBFC8DE70148CEE747 +:10D1E000DCC201080B003200062A00D971E03A487F +:10D1F000920082588B60974680330B6105230B6049 +:10D2000066334B60354B0020CB628023CB60403BC4 +:10D210004B61203B4B62704780330B6106230B60F0 +:10D2200065334B602E4B0020CB628023CB60403BAC +:10D230004B61243B4B62EEE740330B6100230B60F4 +:10D2400069334B60274B0020CB624023CB602C3BE3 +:10D250004B614B62DFE740330B6101230B606933A5 +:10D260004B60214B0020CB624023CB60203B4B61C5 +:10D27000043B4B62CFE740330B6102230B60683302 +:10D280004B601A4B0020CB624023CB60203B4B61AC +:10D290004B62C0E780330B6103230B6068334B6044 +:10D2A000134B0020CB628023CB60403B4B61103B93 +:10D2B0004B62B0E780330B6104230B6067334B6034 +:10D2C0000C4B0020CB628023CB60403B4B614B6218 +:10D2D000A1E709489FE7C046E011021010130210B1 +:10D2E000D0120210FC1102101012021030120210A3 +:10D2F00050120210901202100B00320010B50029DB +:10D300000CD000238B620B624B69002B06D0CA6ADB +:10D310009BB20969FFF762FC002000E0004810BDE5 +:10D320000B003200F0B54546DE4657464E46E0B5A6 +:10D33000050083B0002900D11EE1002A00D11BE1C5 +:10D34000C8680190002800D116E10020002B00D110 +:10D3500013E1086AC0180862886A8146AB48006811 +:10D3600084682F190F24A44666463C683440062C76 +:10D37000FAD8C827C468FF052C19276004682F193C +:10D380003C68002CFCD10C69A0464C69A24684681C +:10D390002F190F24A44666463C683440042CFAD862 +:10D3A0004646C4689A4F2C192760C4682C19266019 +:10D3B0005646C4682C1926604C69A24684682F1909 +:10D3C0000F24A44666463C683440062CFAD8CC2785 +:10D3D0005646C468FF052C193743276004682F1987 +:10D3E0003C68002CFCD184682F190F24A4466646A3 +:10D3F0003C683440062CFAD8CA27C468FF052C19AB +:10D4000027604C46002C2BD08C68A24684682F19CC +:10D410000F24A44666463C683440042CFAD856468D +:10D42000C4687B4F2C192760C4682C1926604E46AF +:10D43000C4682C19266084682F190F24A4466646F8 +:10D440003C683440062CFAD8CC274E46C468FF0509 +:10D450002C193743276004682F193C68002CFCD135 +:10D4600084682F190F24A44666463C683440042C77 +:10D47000FAD886277F01EC59002CFCDBC468654F85 +:10D480002C192760C4682C192260C268AA1813607E +:10D490004A469C18019AA24200D9B2E0CC22D20599 +:10D4A0000F2494464A46019EB21A93468268AF18EA +:10D4B0003A682240062AFBD8C2685E46AF184A4640 +:10D4C00012023243664632433A604A6892468268A4 +:10D4D000AF183A682240062AFBD85646C26836067C +:10D4E000AA1816605A469B1A00229146019A9A423F +:10D4F000D8D98B62002B47D18368EA180F244E6974 +:10D5000013682340042BFBD8C368434AEB181A6006 +:10D5100042460F24C368EB181A60C368EB181E60FC +:10D520008368EA1813682340062BFBD8CA22C36815 +:10D53000D205EB181A604C690F218368EA1813684A +:10D540000B40062BFBD8CE22C368D205EB18224332 +:10D550001A600368EA181368002BFCD10F21836856 +:10D56000EA1813680B40062BFBD8CA23C068DB05FA +:10D570002D182B60002000E0284803B03CBC9046EA +:10D580009946A246AB46F0BD00220F2784682E19AB +:10D5900034683C40062CFBD81343CC22C468D20527 +:10D5A00013432C1923600368EA181368002BFCD17D +:10D5B00083688E6AEA18002EA0D00F248F68136843 +:10D5C0002340042BFBD80F24C368134AEB181A60BE +:10D5D000C368EB181F60C368EB181E6083688E6A0F +:10D5E000EA1813682340062BFBD8CE22C368D20565 +:10D5F000EB1832431A600368EA181368002BFCD159 +:10D600007AE74A468C621202BFE7C046DCC20108D4 +:10D6100008000070080000710C0000700B00320060 +:10D62000F0B54E46DE4657464546E0B5914683B0D6 +:10D63000002900D159E1002A00D156E18B6A0E6A17 +:10D64000CD689846730F01932B00803B5A4253419B +:10D6500038225B421A40382394469A460F27A44B3F +:10D66000F6001B68D4449A68841822683A40062A57 +:10D67000FBD8C824DA68E405821814601A68841894 +:10D680002268002AFCD10A6993464A6992469A6840 +:10D6900087180F223C681440042CFBD8DA68954C9C +:10D6A000821814605C46DA680F27821814605446AA +:10D6B000DA68821814604A6992469A688418226867 +:10D6C0003A40062AFBD8CC245746DA68E40582188B +:10D6D0003C4314601A6884182268002AFCD10F2782 +:10D6E0009A68841822683A40062AFBD8CA240F2771 +:10D6F000DA68E405821814608A6892469A68841889 +:10D7000022683A40042AFBD8DA687A4C82181460FE +:10D710005446DA680F27821814604446DA68821883 +:10D7200014609A68841822683A40062AFBD8CC24F0 +:10D730004746DA68E40582183C4314601A68841886 +:10D740002268002AFCD10F279A68841822683A4080 +:10D75000062AFBD84446DA682702674C82183C4305 +:10D760001460C44512D80F274A6894469A688418F2 +:10D7700022683A40062AFBD86446DA6824068218F2 +:10D7800014601A6884182268002AFCD10F276A1FC7 +:10D7900094469A68841822683A40062AFBD8DA68C8 +:10D7A000841862461702D022D2053A43019F3A43B9 +:10D7B0000F2722602A1F9046320E94469A688418DA +:10D7C00022683A40062AFBD8DA68841842461702D3 +:10D7D000D022D2053A4367463A430F272260EA1E19 +:10D7E0009046320CD2B294469A68841822683A4025 +:10D7F000062AFBD8DA68841842461702D022D205DE +:10D800003A4367463A430F272260AA1E9046320ADF +:10D81000D2B294469A68841822683A40062AFBD805 +:10D82000DA68013D841842461702D022D2053A43F5 +:10D8300067463A430F2722609A68F6B28418226836 +:10D840003A40062AFBD8DA682D028418D022D20585 +:10D850001543354325600F259A684E688418226861 +:10D860002A40062AFBD8DA683606821816601A683B +:10D8700084182268002AFCD10F259A684E6A841801 +:10D8800022682A40042AFBD8DA681C4C82181460EB +:10D890004C460F25DA6882181460DA688218166020 +:10D8A0009A68841822682A40062AFBD8CA24DA68B3 +:10D8B000E405821814600F249A684D6A81180A687A +:10D8C0002240062AFBD8CE22DB68D2052A43C318A1 +:10D8D0001A600B4A8358002BFCDB002003B03CBCD1 +:10D8E00090469946A246AB46F0BD0648F6E7C046CC +:10D8F000DCC2010808000070800000680C000070A5 +:10D90000F01000000B003200036870B50400CD1A5F +:10D91000002D02DC602040420DE0187846B2002E57 +:10D920000ADB581C20601B78136023680020C91A8A +:10D9300013688B42EED870BD7F2630400138032833 +:10D9400031D8E5F7E7FB02091420012DE2D0587821 +:10D95000023310602360E8E7022DDBDD98785D7804 +:10D960000002284340BA80B210600333F2E7032D6F +:10D97000D0DD58789D7800042D022843DD780433EB +:10D9800028431060E6E7042DC4DD9D7858782D0209 +:10D990000543D87800040543187905330006284369 +:10D9A00000BA1060D6E76420B5E770B504680D1BB7 +:10D9B000002D07DD25789D4207D101340460FFF773 +:10D9C000A3FF70BD60204042FBE76220FBE737B554 +:10D9D0001D00130001AA0400FFF7E7FF002804D18F +:10D9E000019B002B02D1642040423EBD23681B787E +:10D9F0007F2BF8D8019B002B09D021680A78002AD8 +:10DA000015D0042BEFD802D152B2002AEBDB002351 +:10DA10002B60019B5A1E0192002BE6D022682B68D6 +:10DA200011781B020B4301322B602260F1E70131B8 +:10DA3000013B21600193DDE710B513000222FFF7DF +:10DA4000C6FF10BD37B50223150001AA0400FFF779 +:10DA5000ACFF002808D1019A21682800F8F73DFAA8 +:10DA60002368019A9B1823603EBD70B50323040010 +:10DA70001500FFF79AFF002804D12B68002B02D174 +:10DA80006820404270BD013B2B6023681A78002A51 +:10DA9000F6D101332360F5E7F0B585B017001E001D +:10DAA00003AA302304000191FFF77FFF051E1ED15A +:10DAB0002168019B5B1A002B32DD3A000B782000B5 +:10DAC00008C2039BCB18019301990623FFF76DFF52 +:10DAD000051E0CD12368BB6022687B68D318019AAD +:10DAE0002360934206D10C213000EBF71BFB28008A +:10DAF00005B0F0BD32001978013302C22000236066 +:10DB00000199FFF701FF051EF1D12368B360226878 +:10DB10007368D318019A23609342E8D0662500E029 +:10DB200060256D42E3E77FB504000D00160000217B +:10DB30000C2201A8E2F703FE01AB3200290020000D +:10DB4000FFF7AAFF002809D1019B052B01D0002B6C +:10DB500002D1029B002B01D06820404204B070BD6E +:10DB6000036810B5591A7F2A06D800295ADD013BEF +:10DB7000036001201A7010BDFF2A0BD8012951DD66 +:10DB8000013B03601A7081220368013B03601A7035 +:10DB90000220F0E7254CA24210D8022942DD013BC9 +:10DBA00003601A700368120A013B03601A70822234 +:10DBB0000368013B03601A700320DCE71C4CA2429F +:10DBC00015D803292EDD013B03601A700368110A82 +:10DBD000013B036019700368120C013B03601A706B +:10DBE00083220368013B03601A700420C3E7042901 +:10DBF00018DD013B03601A700368110A013B0360E2 +:10DC000019700368110C013B036019700368120E50 +:10DC1000013B03601A7084220368013B03601A70A1 +:10DC20000520A8E76C204042A5E7C046FFFF0000A2 +:10DC3000FFFFFF000368591A002904DD013B036060 +:10DC400001201A7070476C204042FBE7F7B50F00C7 +:10DC50000600002101933368D81B002805DC6C24E2 +:10DC600064422000FEBD2900F5E7013B33604D1CF6 +:10DC70001A701212002AF6DC33681A787F2A07D944 +:10DC8000DA1B002AEBDD0022013B33608D1C1A7089 +:10DC90002A0039003000FFF763FF041EE1DB6B460A +:10DCA00039001A793000FFF7C5FF002802DB64193C +:10DCB0000419D6E70400D4E770B51C00036815000A +:10DCC0008B420BD3591AA14208D31B1B03602200BD +:10DCD00029001800E2F717FD200070BD6C204042BB +:10DCE000FBE7F7B5060010000F000192F8F7B8F84F +:10DCF00031680500B94203D26C2464422000FEBDA5 +:10DD0000CB1B8342F8D3091A020031600198F8F75F +:10DD100055F9041EF2D1019B1B68012B0AD133680F +:10DD20001A787F2A06D9DA1B002AE5DD013B336029 +:10DD3000013518702A0039003000FFF711FF041E6A +:10DD4000DCDB022239003000FFF774FF002802DB21 +:10DD500064190419D2E70400D0E7F8B506000F00F3 +:10DD6000FFF7AAFF041E10DB020005003900300097 +:10DD7000FFF7F6FE041E08DB062239003000FFF72D +:10DD800059FF002803DB641904192000F8BD0400C2 +:10DD9000FBE710B50223FFF759FF10BDF8B50600E9 +:10DDA0000F00FFF789FF041E10DB02000500390099 +:10DDB0003000FFF7D5FE041E08DB042239003000D6 +:10DDC000FFF738FF002803DB641904192000F8BDB1 +:10DDD0000400FBE710B50C220021E2F7B0FC10BDF7 +:10DDE000F0B587B00500029103921F00002800D112 +:10DDF00067E01800E2F72BFE061E64D00399380096 +:10DE0000E2F725FE041E5ED086425CD20298E2F75D +:10DE100003FE36183378203B5A425341F6183378C4 +:10DE20000D3B5A425341F61833780A2B4BD10398D5 +:10DE3000E2F7F2FD201803780136203B5A425341A5 +:10DE4000C01803780D3B5A425341C01803780A3B6F +:10DE50005A425341C0180E9BC01B1860A71B152FB8 +:10DE600006DD16221D493000E2F73EFC00282CD0CA +:10DE7000B4422CD900210097330005AA080000F015 +:10DE80009BFB2C3025D005990120EBF731F9041EBE +:10DE900021D03300009705AA059900F08DFB061EDE +:10DEA0000BD005992000EBF73DF92000EBF728F99E +:10DEB0000B4BF618300007B0F0BD059B2C606B6073 +:10DEC000F8E7084EF6E7084EF4E7084EF2E7044E8E +:10DED000F0E7074EEEE7074EECE7C046501302109E +:10DEE00000EFFFFF80EBFFFF80EFFFFF00ECFFFF85 +:10DEF000D4EEFFFF80EEFFFF10B50400006800289D +:10DF000005D06168EBF70EF92068EBF7F9F8A06827 +:10DF1000EBF7F6F80C212000EBF704F910BD000038 +:10DF20000048704700E1FFFFF0B5754CA54404932D +:10DF3000A2AB0390009105921878802900D9DAE00D +:10DF4000049B402B00D9D6E0A19B402B00D9D2E006 +:10DF5000FBF798FD0290002800D1CEE007A8FBF760 +:10DF60009DFD0022029907A8FBF7CAFD002878D181 +:10DF70000298FBF729FF80270190202800D8403F16 +:10DF8000A39B3A00D9B21AA8E2F7D9FB3C003AAEFB +:10DF9000A19DA54200D9250030002A00A099E2F7F2 +:10DFA000B2FB7619641BF3D13C005AAE049DA54226 +:10DFB00000D9250030002A000599E2F7A4FB761964 +:10DFC000641BF3D1009B002B36D007A8FBF7D4FDD0 +:10DFD000041E32D13A001AA907A8FBF7EDFD041E72 +:10DFE0002BD13A003AA907A8FBF7E6FD041E24D17D +:10DFF0003A005AA907A8FBF7DFFD041E1DD10AA9A4 +:10E0000007A8FBF7F3FD041E17D10125A49BAB4223 +:10E010002BD8009C019A944200D9140022000AA92E +:10E020000398E2F770FB009B1B1B0093039B1B19DB +:10E030000393009B002B22D1002480213AA8EBF708 +:10E0400071F880215AA8EBF76DF880217AA8EBF7D8 +:10E0500069F840210AA8EBF765F807A8FBF724FD4B +:10E0600020009B239B009D44F0BD0AAB019A190040 +:10E070000298FBF7D5FD041EDFD10135C6E73C0051 +:10E080007AAE019DA54200D9250030002A000AA9D8 +:10E09000E2F739FB7619641BF3D13B00E82106AAAD +:10E0A0004900013B5218D25C06A80132D2B2411895 +:10E0B000CA54002A1CD1002BF0D13B003AA87AADFB +:10E0C000013B195C5C5D091989180A0AD2B219541E +:10E0D000002BF5D13A005AA87AAD013A115C545D93 +:10E0E0000919C9180B0ADBB21154002AF5D169E7E6 +:10E0F0003B000022E2E70348B3E70348B1E7C0462C +:10E1000094FDFFFF80E0FFFF00E1FFFFF0B500247A +:10E11000DDB005001000099107930A94F9F72EFE6F +:10E120000600A04200D1B9E043680B940893C3688D +:10E130000693639B802B00D9AEE021000C220CA833 +:10E14000E2F7FDFA812221002C0052001BA8E2F721 +:10E15000F6FAAB686A6808349F182B68302B00D039 +:10E160009EE02C3B0DAA39002000FFF71EFC002882 +:10E1700063D04C4BC418002C00D08AE00023639A73 +:10E180009A426BD1089B551CDF080B9B6D000493D2 +:10E1900001230393079B1BAA02930D9B3900019354 +:10E1A0000E9B13A8089300932B00FFF7BDFE041EDF +:10E1B0006FD1069B002B59D11BA8F9F703FE310044 +:10E1C0001BA8FAF735F8041E2BD124226B469B18A6 +:10E1D0001B78FA005BB213A91BA8F9F711FE041E05 +:10E1E0001FD1F2680FA91BA8F9F72AFE041E18D147 +:10E1F0001BA8F9F747FE041E13D10AAD0095669BD4 +:10E20000659A64991BA8F9F749FE041E09D10A9A78 +:10E21000669B1BA899182A00F9F75AFF041E00D024 +:10E22000214C13A82021EAF77DFF0FA81021EAF75F +:10E2300079FF1BA8F9F7CCFD2BE0AB680D9A0E9384 +:10E240009B18AB600BAA39002000FFF7F5FB0028F4 +:10E250008FD1AB689F4291D0144C1AE05A001BA991 +:10E260008A186299C95C0133517088E70B9B1BAA1D +:10E27000049302230393079B069902930D9B0FA817 +:10E28000079301930E9B00932B00FFF74DFE041E96 +:10E2900092D020005DB0F0BD054CFAE7054CF8E7E0 +:10E2A000054CF6E780E1FFFF00E2FFFF1AE1FFFF08 +:10E2B00080E0FFFF00E1FFFF1EE1FFFFF0B505007A +:10E2C000A5B000680C0017000193FBF77DFD00234B +:10E2D0000122039303ABDA70210006003A00280004 +:10E2E000FBF7BEFC041E41D0200025B0F0BD2A9AE9 +:10E2F00001992800FBF70EFD00285AD1042203A93A +:10E300002800FBF707FD002853D114A92800FBF7CC +:10E3100011FD00284DD12800FBF73EFD002848D113 +:10E32000320014A904A8E2F7EEF901230093009B40 +:10E330002B9A93421ED32C9B37009E4200D91F007C +:10E340003A0014A92D98E2F7DEF904212C9B03AAC8 +:10E35000DB1B2C932D9BDB192D9301398B5C013337 +:10E36000DBB28B54002B01D10029F6D12C9B002B62 +:10E37000BDD1B9E704AF320039002800FBF7CAFC71 +:10E38000002816D139002800FBF7D4FC002810D152 +:10E390002800FBF701FD00280BD114AA864202DCFD +:10E3A000009B0133C2E7835CC15D4B408354013065 +:10E3B000F4E7040098E70000F0B51F000023C1B0A7 +:10E3C000069212220424866809930A930C934368E8 +:10E3D00005910B9604A9F618036852181470302B97 +:10E3E0001DD113AB0DAA31000BA8FFF755FB002878 +:10E3F00002D06B4BC418CEE00E9A092A01D0694CAA +:10E40000C9E00F996848E2F76FF90028F7D1149B2B +:10E41000159D07932795ED18139B302B01D0634C66 +:10E42000B9E023001AAA290027A8FFF7BEFA00289E +:10E4300000D17AE05A4BC418002C00D0ABE0122374 +:10E4400004AA9B181878FBF71DFB041ED7D016AB47 +:10E4500010AA31000BA8FFF71FFB0028C9D1132514 +:10E4600004ABED18290010A8FBF706FD0028C6D163 +:10E470002878F9F783FC051EC1D04368DB080A93AE +:10E48000169B0793042B00D088E0179BC268079364 +:10E49000934200D082E01CA8FBF700FB2FA8F9F7FD +:10E4A00091FC1899179A27A8E2F72DF9210001226B +:10E4B0001CA8FBF725FB041E30D10A9B1FAE02935C +:10E4C000099B039601931A9B3A00079300930699C0 +:10E4D0001B9B1CA8FFF7F2FE041E1FD129002FA8CA +:10E4E000F9F7A6FE041E19D16B460A9A1B7DD200CD +:10E4F0005BB231002FA8F9F783FC041E0ED10CABE0 +:10E500000293489B179A0193479B27A900932FA832 +:10E51000469BF9F7ABFE041E00D0254C1CA8FBF768 +:10E52000C3FA2FA8F9F754FC35E0279B1A9A1B93DE +:10E5300029009B1827A809AA2793FFF77DFA00282E +:10E5400000D077E7279B9D4200D178E70AAA2900EF +:10E5500027A8FFF771FA002803D00300623300D028 +:10E5600068E7279B9D4200D169E72FAA290027A8C9 +:10E57000FFF7D9FA002800D05CE7122104ABC918D4 +:10E580002FA8FBF7ABFC002800D038E7279B9D4263 +:10E5900000D154E7074C200041B0F0BD004CFAE731 +:10E5A00000D1FFFF80D1FFFF671302109ED0FFFF55 +:10E5B00000D2FFFF9AD0FFFFF0B5002485B0019094 +:10E5C0000F002000260002920A9A3100964212D2D1 +:10E5D0005D5C202D0BD00A9A521A012A11D00D2D04 +:10E5E0000FD15A1852780A2A0DD14E1CECE70A9A1C +:10E5F00001318A42ECD100281BD1029B186005B082 +:10E60000F0BD0A2DF1D0B14204D13D2D04D1013429 +:10E61000022C04D92C202DE06EB2002EFADB2D4AFC +:10E62000555D7F2DF6D03F2D01D8002CF2D1013061 +:10E63000DBE70725062605407543C008704307350C +:10E64000019AED08041B2C19002A10D0BC420ED8E8 +:10E650005A18002103240D0001980392039A934253 +:10E660000AD1019BC01A029B18600020C7E72A202C +:10E67000029B1C604042C2E71F783E000A3EF6B291 +:10E68000162E05D8144AF24016000122B24315D0C6 +:10E69000104A8901D65D01353700403F7A427A4100 +:10E6A000A41A3F2216403143042D07D10025AC4265 +:10E6B00004D00E0C0670012C02D101300133CDE7DD +:10E6C0000E0A4670022C01D10230F7E78170033048 +:10E6D000F4E7C0467113021009004000E181001008 +:10E6E00009820010757E0010B97E0010217D001097 +:10E6F0004D8000103182001059820010A18200105C +:10E700001D75001015750010D572001031730010C2 +:10E7100089730010FD7300105D740010B574001053 +:10E7200099770010A1770010257500109D750010D5 +:10E73000157600106D760010E1760010417700101C +:10E74000C5720010CD720010A97000101171001078 +:10E75000E16F00105170001079710010F971001014 +:10E760006D72001049860010E58600108187001048 +:10E7700089870010A1870010A9870010B1870010B9 +:10E78000C1870010B987001099870010C987001051 +:10E7900091870010D18700104D880010BD880010AF +:10E7A00091890010198A0010818A0010C58A001012 +:10E7B000FD8A0010DD8B0010658D0010A18B00100C +:10E7C000298C0010D98C0010E58D0010C58D00102B +:10E7D000C9830010117D0010197D00104C0000004D +:10E7E00080010000F800000018020000131517183F +:10E7F000191A1B1C1D1214161E0A010B020C03040D +:10E8000005060708090D000088010210900102109A +:10E8100098010210A001021010404040400000404A +:10E82000408080020305070B0D1113171D1F2529BA +:10E830002B2F353B3D4347494F53596165676B6DFE +:10E84000717F83898B95979DA3A7ADB3B5BFC1C5D4 +:10E85000C7D3DFE3E5E9EFF1FB00000001020304A9 +:10E86000050000000500190009020000F4E801108D +:10E8700008001C000002000000E90110040018005C +:10E880008001000010E9011007001B00800100005A +:10E890001CE9011003001700000100002CE9011021 +:10E8A0000C0016000001000038E9011006001A00F3 +:10E8B0000001000044E9011002001500E000000022 +:10E8C00054E901100B001400E000000060E90110A1 +:10E8D00001001300C00000006CE901100A001200E2 +:10E8E000C000000078E901100000000000000000F6 +:10E8F0000000000073656370353231723100000032 +:10E90000627261696E706F6F6C50353132723100B6 +:10E91000736563703338347231000000627261696C +:10E920006E706F6F6C503338347231007365637082 +:10E930003235367231000000736563703235366BE4 +:10E9400031000000627261696E706F6F6C50323519 +:10E9500036723100736563703232347231000000F8 +:10E96000736563703232346B31000000736563701D +:10E970003139327231000000736563703139326BA6 +:10E9800031000000A2170110AA1401105E15011039 +:10E99000FE1401102E15011090150110C015011064 +:10E9A000F4150110281601105C160110F81601105C +:10E9B000301701106A17011080140110D9B530F317 +:10E9C000444B4AE96C5CDC26C15580FBE7FF7A4189 +:10E9D0003075F6EE57302CFC75095A7DB6078CFF62 +:10E9E00018DCCC6BCEE1F75C29168495BF7CD7BBD5 +:10E9F000D9B530F3444B4AE96C5CDC266232CE9ADE +:10EA0000BD53443AC223BDE3E127DEB9AFB781FC71 +:10EA10002F484B2CCB577ECBB9AED28B9769042FA6 +:10EA2000C7541D5C548EED2D134577C2C91D61146A +:10EA30001A46F897FDC4DAC335F87E54A7564897AE +:10EA4000820E1E90F7A661B5A37A398C718D839DD5 +:10EA5000900A663EBCA9EEA1DB57FBA977536E1F57 +:10EA60001D481320282026D523F63B6E728D839DEA +:10EA7000900A663EBCA9EEA1DB57FBA92628CE2250 +:10EA8000DDC7A804EBD43A504A81A58A0FF991BAA0 +:10EA9000EF6591138727B24F8EA2BEC2A0AF05CEFD +:10EAA0000A08723C0C158C3DC682C37B114C50FA8F +:10EAB0009686B73A94C9DB950239B47CD562EB3EB1 +:10EAC000A50E882EA6D2DC07E17DB72F7C44F01678 +:10EAD00054B5398B2628CE22DDC7A8041EAFD447F3 +:10EAE000E2B287EFAA46D63634E026E8E810BD0C3D +:10EAF000FECA7FDBE34FF17EE7A347886B3FC1B7D8 +:10EB0000813AA6A2FF45CF68F0641C1D15533C2630 +:10EB100041038242118191772146460E282991F9BD +:10EB20004F059CE16458ECFE290BB76252D5CF9596 +:10EB30008EEBB15CA4C2F920751DBE8A656504E93F +:10EB40000232883B10C37F6BAFB63ACFA72504AC27 +:10EB50006C6E161FB35654ED09712F15DF41E65048 +:10EB60007E6F5D0F286D38A3821EB98C53EC073180 +:10EB700013004787711A1D9029A7D3AC2311B77FC3 +:10EB800019DAB112B45654ED09712F15DF41E65070 +:10EB90007E6F5D0F286D38A3821EB98CCA94FC77F6 +:10EBA0004DACC1E7B9C7F22BA717117FB5C89A8B37 +:10EBB000C9F12E0AA13A25A85A5DED2DBC6398EA49 +:10EBC000CA4134A81016F93D8DDDCB94C54C23AC59 +:10EBD000457132E2893B608B31A3307823F7168090 +:10EBE00063BD0928DDE5BA5EB7504098673E08DC92 +:10EBF000CA94FC774DACC1E7B9C7F22BA717117FB8 +:10EC0000B5C89A8BC9F12E0AA13A25A85A5DED2DF7 +:10EC1000BC6398EACA4134A81016F93D22F8B9BC81 +:10EC20000922358B685E6A4047506D7C5F7DB993E1 +:10EC30007B68D1508DD4D0E2781F3BFF8E09D0F491 +:10EC4000EE623BB4C116D9B5709FED85936A4C9CBA +:10EC50002E32215A64D92ED8BDE4AE819208D83A1A +:10EC60000F1ECD780654F0A82F2BCAD1AE63278A89 +:10EC7000D84BCA5B5E485F4A49DEDCB211811F880F +:10EC80005BC500A01A7BA52400F709F2FD2278CF0E +:10EC9000A9BFEAC0EC3263565D38DE7D6900A99CED +:10ECA000829687B5DDDA5D0881D3B11D4710AC7F50 +:10ECB000196186411926A94C415C3E557008337094 +:10ECC000CA9C63D60ED2C9B3B38D30CB07FCC9330F +:10ECD000AEE6D43F8BC4E9DBB89DDDAAF3483A58D1 +:10ECE0005660AA2885C6822D2FFF8128E680A3E6DC +:10ECF0002AA1CDAE4268C69B009B4D7D7108337042 +:10ED0000CA9C63D60ED2C9B3B38D30CB07FCC933CE +:10ED1000AEE6D43F8BC4E9DBB89DDDAA3031444276 +:10ED20003432000031344445463944454132463797 +:10ED3000394344363538313236333141354346353F +:10ED400044334544000000003938414100000000D0 +:10ED5000383333354443313633424231323442362C +:10ED600035313239433936464445393333443844F2 +:10ED700037323341373041414443383733443644E6 +:10ED800035344137424230440000000000000000AA +:10ED9000030000007D6CE0EAB1D1A51D34F4B7801A +:10EDA000027DB026AEE957C00EF14FDB9D2F5ED934 +:10EDB00088AA82403486BE15D0634184A728569C19 +:10EDC0006D2F2F9B8DFDDE746A46690F17FCF226AE +:10EDD000FEFFFFFFFFFFFFFFFFFFFFFF37EEFFFF1D +:10EDE000FEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF34 +:10EDF000FFFFFFFFB1B946C1ECDEB8FE4930247217 +:10EE0000ABE9A70FE7809CE5190521641210FF828A +:10EE1000FD0AFFF40088A143EB20BF7CF69030B0E0 +:10EE20000EA88D181148791EA177F973D5CD246BE2 +:10EE3000ED11106378DAC8FF952B19073128D2B489 +:10EE4000B1C96B1436F8DE99FFFFFFFFFFFFFFFF2C +:10EE5000FFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFC3 +:10EE6000FFFFFFFFFFFFFFFFFFFFFFFF00000000AE +:10EE7000050000005CA4B7B60E657E0FA97570E4AE +:10EE8000E967A469A128FC30DF99F04D335B45A107 +:10EE9000A5616D55DB4BCAE259BDB0C0F719E3F768 +:10EEA000D6FBCA824234BA7FED9F087EF7B19F76C7 +:10EEB00071A9F0CA8461ECD2E8DC01000000000016 +:10EEC0000000000000000000010000006DE5FFFFF1 +:10EED000FEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF43 +:10EEE000FFFFFFFFFFFFFFFFB4FF552343390B2751 +:10EEF000BAD8BFD7B7B04450563241F5ABB3040CC3 +:10EF0000850A05B4211D5C11D68032342211C25607 +:10EF1000D3C1034AB99013327FBFB46BBD0C0EB797 +:10EF2000347E00859981D5446447075AA07543CD46 +:10EF3000E6DF224CFB23F7B5886337BD3D2A5C5CD6 +:10EF40004529DD133EF0B8E0A216FFFFFFFFFFFFEB +:10EF5000FFFFFFFFFFFFFFFF0100000000000000B8 +:10EF600000000000FFFFFFFFFFFFFFFFFFFFFFFFAD +:10EF7000FFFFFFFF0000000000000000070000008E +:10EF80009817F8165B81F259D928CE2DDBFC9B022D +:10EF9000070B87CE9562A055ACBBDCF97E66BE79C7 +:10EFA000B8D410FB8FD0479C195485A648B417FDE0 +:10EFB000A808110EFCFBA45D65C4A32677DA3A48C5 +:10EFC000414136D08C5ED2BF3BA048AFE6DCAEBA42 +:10EFD000FEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF42 +:10EFE0002FFCFFFFFEFFFFFFFFFFFFFFFFFFFFFF05 +:10EFF000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF21 +:10F000004B60D2273E3CCE3BF6B053CCB0061D65DC +:10F01000BC86987655BDEBB3E7933AAAD835C65A65 +:10F0200096C298D84539A1F4A033EB2D817D0377A2 +:10F03000F240A463E5E6BCF847422CE1F2D1176B3D +:10F04000F551BF376840B6CBCE5E316B5733CE2B10 +:10F05000169E0F7C4AEBE78E9B7F1AFEE242E34F3F +:10F06000512563FCC2CAB9F3849E17A7ADFAE6BC6A +:10F07000FFFFFFFFFFFFFFFF00000000FFFFFFFF9C +:10F08000FFFFFFFFFFFFFFFFFFFFFFFF000000008C +:10F09000000000000000000001000000FFFFFFFF73 +:10F0A000EF2AECD3EDC8852A9DD12E8A8D3956C61C +:10F0B0005A8713508F081403124181FE6E9C1D184D +:10F0C000192DF8E36B058E98E4E73EE2A72F31B3E4 +:10F0D000B70A7672385E543A6C2955BF5DF2025514 +:10F0E000382A5482E041F759989BA78B623B1D6EEA +:10F0F00074AD20F31EC7B18E37058BBE22CA87AA16 +:10F100005F0EEA907C1D437A9D817E1DCEB1600A20 +:10F11000C0B8F0B51331DAE97C149A28BD1DF4F8B3 +:10F1200029DC9292BF989E5D6F2C26964ADE173698 +:10F130007329C5CC6A19ECEC7AA7B048B20D1A58FD +:10F14000DF2D37F4814D63C7FFFFFFFFFFFFFFFF98 +:10F15000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFBF +:10F16000FFFFFFFF0000000000000000FFFFFFFFA7 +:10F17000FEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA0 +:10F18000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF8F +:10F19000003F506BD41F45EFF1342C3D88DF7335B1 +:10F1A00007BFB13BBDC052167B937EEC5139195657 +:10F1B000E109F18E9189B4B8F315B3995B72DAA2C3 +:10F1C000EE4085B6A0219A921F9A1C8E61B93E9599 +:10F1D0005100000066BDE5C2317E7EF99B426A8522 +:10F1E000C1B34833DEA8FFA227C11DFE2859E7EFAF +:10F1F000775E4BA1BA3D4D6B60AF28F821B53F0556 +:10F200003981649C42B4952366CB3E9ECDE90404CB +:10F21000B7068E85C60000005066D19F7694BE88E2 +:10F2200040C272A286703C356107AD3F01B950C53E +:10F230004026F45E9972EE972C663E2717BDAF17F5 +:10F2400068449B574944F598D91B7D2CB45F8A5C70 +:10F2500004C03B9A786A2939180100000964389182 +:10F260001EB76FBBAE479C89B8C9B53BD0A509F79F +:10F270004801CC7F6B962FBF83878651FAFFFFFF33 +:10F28000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF8E +:10F29000FFFFFFFFFFFFFFFFFFFFFFFFFF0100007A +:10F2A000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6E +:10F2B000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5E +:10F2C000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF4E +:10F2D000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3E +:10F2E000FF0100000000000000000000000000001E +:10F2F000000000000000000000000000000000000E +:10F3000000000000000000000000000001000000FC +:10F31000C0000000A4F801100000000054F4011027 +:10F3200038F4011004F401101CF40110D4F301109E +:10F33000ECF3011002000000E0000000B0F8011042 +:10F340000000000000F50110E0F40110A4F4011029 +:10F35000C0F401106CF4011088F4011003000000E7 +:10F3600000010000BCF8011002000000C4F501100B +:10F37000A0F501105CF501107CF501101CF50110E1 +:10F380003CF501100400000080010000C8F80110E5 +:10F3900002000000DCF60110A8F6011044F601108E +:10F3A00074F60110E4F5011014F6011005000000D8 +:10F3B00009020000D4F801100000000060F80110FC +:10F3C0001CF8011094F70110D8F701100CF7011088 +:10F3D00050F701101210FF82FD0AFFF40088A143CC +:10F3E000EB20BF7CF69030B00EA88D181148791E26 +:10F3F000A177F973D5CD246BED11106378DAC8FFCE +:10F40000952B19073128D2B4B1C96B1436F8DE999F +:10F41000FFFFFFFFFFFFFFFFFFFFFFFFCFD72D4BDA +:10F420004E3694EBC9072166000000000000000082 +:10F4300000000000010000000100000000000000CA +:10F4400001000000000000000000000000000000BB +:10F4500001000000FFFFFFFFFFFFFFFFFEFFFFFFB8 +:10F46000FFFFFFFFFFFFFFFFFFFFFFFF211D5C11FD +:10F47000D68032342211C256D3C1034AB990133216 +:10F480007FBFB46BBD0C0EB7347E00859981D54427 +:10F490006447075AA07543CDE6DF224CFB23F7B53E +:10F4A000886337BD3D2A5C5C4529DD133EF0B8E03A +:10F4B000A216FFFFFFFFFFFFFFFFFFFFFFFFFFFFA2 +:10F4C000C3D5A3A3BAD622ECC10F471F5DE9000044 +:10F4D000000000000000000000000000010000002B +:10F4E000FFFFFFFFFFFFFFFFFFFFFFFF0000000028 +:10F4F000000000000000000000000000010000000B +:10F50000010000000000000000000000FFFFFFFFFE +:10F51000FFFFFFFFFFFFFFFFFFFFFFFF96C298D82F +:10F520004539A1F4A033EB2D817D0377F240A4632C +:10F53000E5E6BCF847422CE1F2D1176BF551BF3735 +:10F540006840B6CBCE5E316B5733CE2B169E0F7C08 +:10F550004AEBE78E9B7F1AFEE242E34F512563FCA4 +:10F56000C2CAB9F3849E17A7ADFAE6BCFFFFFFFF3E +:10F57000FFFFFFFF00000000FFFFFFFFFE9BDFEE2D +:10F5800085FD2F01216C1ADF52051943FFFFFFFF94 +:10F59000FEFFFFFFFFFFFFFF000000000100000073 +:10F5A0000300000000000000FFFFFFFFFEFFFFFF61 +:10F5B000FEFFFFFFFEFFFFFFFFFFFFFF0000000059 +:10F5C00001000000FFFFFFFFFFFFFFFFFFFFFFFF46 +:10F5D000000000000000000000000000010000002A +:10F5E000FFFFFFFFB70A7672385E543A6C2955BFA9 +:10F5F0005DF20255382A5482E041F759989BA78B57 +:10F60000623B1D6E74AD20F31EC7B18E37058BBEF5 +:10F6100022CA87AA5F0EEA907C1D437A9D817E1DD7 +:10F62000CEB1600AC0B8F0B51331DAE97C149A287B +:10F63000BD1DF4F829DC9292BF989E5D6F2C269632 +:10F640004ADE17367329C5CC6A19ECEC7AA7B048A4 +:10F65000B20D1A58DF2D37F4814D63C7FFFFFFFF4E +:10F66000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFAA +:10F67000FFFFFFFF8DD63A3395E6131385584FB73A +:10F680004DF2E5A720D2C80B7EB29C3800000000E6 +:10F69000000000000000000000000000000000006A +:10F6A000000000000100000001000000FFFFFFFF5C +:10F6B000FFFFFFFF0000000001000000000000004D +:10F6C000000000000000000000000000000000003A +:10F6D000000000000000000001000000FFFFFFFF2D +:10F6E0000000000000000000FFFFFFFFFEFFFFFF23 +:10F6F000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF1A +:10F70000FFFFFFFFFFFFFFFFFFFFFFFF66BDE5C23B +:10F71000317E7EF99B426A85C1B34833DEA8FFA2E1 +:10F7200027C11DFE2859E7EF775E4BA1BA3D4D6B0F +:10F7300060AF28F821B53F053981649C42B4952318 +:10F7400066CB3E9ECDE90404B7068E85C600000058 +:10F750005066D19F7694BE8840C272A286703C35B6 +:10F760006107AD3F01B950C54026F45E9972EE972E +:10F770002C663E2717BDAF1768449B574944F59840 +:10F78000D91B7D2CB45F8A5C04C03B9A786A293906 +:10F7900018010000096438911EB76FBBAE479C8901 +:10F7A000B8C9B53BD0A509F74801CC7F6B962FBFF0 +:10F7B00083878651FAFFFFFFFFFFFFFFFFFFFFFF79 +:10F7C000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF49 +:10F7D000FFFFFFFFFF010000F79BC76EE148904469 +:10F7E00051B8637647364AC42F5AF608B7FE3380BD +:10F7F0009469D0407C7879AE0500000000000000DC +:10F8000000000000000000000000000000000000F8 +:10F8100000000000000000000002000001000000E5 +:10F8200000000000000000000000000000000000D8 +:10F8300000000000000000000000000000000000C8 +:10F8400000000000000000000000000000000000B8 +:10F8500000000000000000000000000000020000A6 +:10F86000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA8 +:10F87000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF98 +:10F88000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF88 +:10F89000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF78 +:10F8A000FF0100004E49535420502D3139320000E1 +:10F8B0004E49535420502D32323400004E49535497 +:10F8C00020502D32353600004E49535420502D33F0 +:10F8D000383400004E49535420502D353231000049 +:10F8E000242C01104032011004310110182E011097 +:10F8F0004C2C0110442C0110242C0110104101103B +:10F90000DC3E0110543801107C330110442C0110EE +:10F91000010000000000000000000000FFFFFFFFEA +:10F92000FFFFFFFFFFFFFFFFFEFFFFFF01000000E3 +:10F93000FFFFFFFFFFFFFFFF0000000001000000CE +:10F940000300000005000000070000000B0000009D +:10F950000D0000001100000013000000170000005F +:10F960001D0000001F00000025000000290000000D +:10F970002B0000002F000000350000003B000000BD +:10F980003D00000043000000470000004900000067 +:10F990004F0000005300000059000000610000000B +:10F9A00065000000670000006B0000006D000000B3 +:10F9B000710000007F00000083000000890000004B +:10F9C0008B00000095000000970000009D000000E3 +:10F9D000A3000000A7000000AD000000B30000007D +:10F9E000B5000000BF000000C1000000C50000001D +:10F9F000C7000000D3000000DF000000E3000000AB +:10FA0000E5000000E9000000EF000000F100000048 +:10FA1000FB00000001010000070100000D010000D3 +:10FA20000F01000015010000190100001B0100007A +:10FA300025010000330100003701000039010000FA +:10FA40003D0100004B010000510100005B0100007E +:10FA50005D01000061010000670100006F0100000E +:10FA6000750100007B0100007F010000850100009E +:10FA70008D0100009101000099010000A301000028 +:10FA8000A5010000AF010000B1010000B7010000B6 +:10FA9000BB010000C1010000C9010000CD01000050 +:10FAA000CF010000D3010000DF010000E7010000EA +:10FAB000EB010000F3010000F7010000FD01000070 +:10FAC000090200000B0200001D02000023020000DA +:10FAD0002D02000033020000390200003B0200004A +:10FAE000410200004B0200005102000057020000DA +:10FAF000590200005F020000650200006902000078 +:10FB00006B02000077020000810200008302000007 +:10FB1000870200008D0200009302000095020000A1 +:10FB2000A1020000A5020000AB020000B302000029 +:10FB3000BD020000C5020000CF020000D702000095 +:10FB4000DD020000E3020000E7020000EF02000017 +:10FB5000F5020000F90200000103000005030000A7 +:10FB6000130300001D030000290300002B03000005 +:10FB700035030000370300003B0300003D03000095 +:10FB80004703000055030000590300005B03000019 +:10FB90005F0300006D0300007103000073030000A9 +:10FBA000770300008B0300008F0300009703000021 +:10FBB000A1030000A9030000AD030000B30300008F +:10FBC000B9030000C7030000CB030000D10300000D +:10FBD000D7030000DF030000E503000099FFFFFFEB +:10FBE00005020000800000009500021010000000D7 +:10FBF000000000001000000064FE01102B0800004F +:10FC000080000000C0FF01100C0000000100000097 +:10FC10001000000090FE01100803000080000000AA +:10FC20006E00021010000000000000001000000034 +:10FC300064FE01100B05000080000000200002108F +:10FC400010000000000000001000000064FE011021 +:10FC50000201000080000000B90002100000000056 +:10FC6000000000001000000064FE01100E060000FD +:10FC700080000000E4FF01100C0000000100000003 +:10FC800010000000BCFE01104304000080000000D2 +:10FC900044000210100000000000000010000000EE +:10FCA00064FE01104609000000010000FCFF011085 +:10FCB000100000000000000010000000C80002104A +:10FCC00006020000C00000008900021010000000C1 +:10FCD000000000001000000064FE01102C0800006D +:10FCE000C0000000B4FF01100C0000000100000083 +:10FCF0001000000090FE011009030000C000000089 +:10FD00005F00021010000000000000001000000062 +:10FD100064FE01100C050000C00000001400021079 +:10FD200010000000000000001000000064FE011040 +:10FD300003010000C0000000AD0002100000000040 +:10FD4000000000001000000064FE01100F0600001B +:10FD5000C0000000D8FF01100C00000001000000EE +:10FD600010000000BCFE011044040000C0000000B0 +:10FD70003800021010000000000000001000000019 +:10FD800064FE011007020000000100007D00021067 +:10FD900010000000000000001000000064FE0110D0 +:10FDA0002D08000000010000A8FF01100C00000059 +:10FDB000010000001000000090FE01100A03000086 +:10FDC00000010000500002101000000000000000C0 +:10FDD0001000000064FE01100D050000000100008D +:10FDE00008000210100000000000000010000000D9 +:10FDF00064FE01100401000000010000A1000210D7 +:10FE000000000000000000001000000064FE01106F +:10FE10001006000000010000CCFF01100C000000E3 +:10FE20000100000010000000BCFE011045040000AD +:10FE3000000100002C000210100000000000000073 +:10FE40001000000064FE01104709000000020000DD +:10FE5000F0FF011010000000000000001000000082 +:10FE6000C800021002000000F3830110E3830110B8 +:10FE7000CD830110BD830110A78301100000000095 +:10FE80009F830110978301108183011071830110FA +:10FE90000200000000000000000000000000000060 +:10FEA000000000000000000000000000E3820110DC +:10FEB000E3820110CD820110BD820110020000001A +:10FEC0000000000000000000000000000000000032 +:10FED00000000000000000001983011019830110C8 +:10FEE00001830110F18201100200000050FC01109A +:10FEF0000300000030FD011004000000F4FD0110BB +:10FF000005000000E0FB011006000000C0FC01102D +:10FF10000700000084FD01100800000018FC01101B +:10FF200009000000F8FC01100A000000BCFD0110EF +:10FF30004300000088FC01104400000068FD01102F +:10FF4000450000002CFE01100B00000034FC0110E5 +:10FF50000C00000014FD01100D000000D8FD011080 +:10FF600046000000A4FC01104700000048FE0110FC +:10FF70000E0000006CFC01100F0000004CFD011091 +:10FF80001000000010FE01102B000000FCFB01100F +:10FF90002C000000DCFC01102D000000A0FD011071 +:10FFA00000000000000000004145532D3235362D81 +:10FFB00043434D004145532D3139322D43434D00CC +:10FFC0004145532D3132382D43434D004145532D8A +:10FFD0003235362D47434D004145532D3139322DB1 +:10FFE00047434D004145532D3132382D47434D0095 +:10FFF0004145532D3235362D585453004145532D2C +:020000041002E8 +:100000003132382D585453004145532D3235362D59 +:10001000435452004145532D3139322D435452003F +:100020004145532D3132382D435452004145532D13 +:100030003235362D4F4642004145532D3139322D50 +:100040004F4642004145532D3132382D4F46420034 +:100050004145532D3235362D434642313238004129 +:1000600045532D3139322D43464231323800414516 +:10007000532D3132382D43464231323800414553F9 +:100080002D3235362D434243004145532D3139320F +:100090002D434243004145532D3132382D434243D5 +:1000A000004145532D3235362D45434200414553DD +:1000B0002D3139322D454342004145532D313238DF +:1000C0002D45434200000000020000000000000037 +:1000D0000000000000000000000000000000000020 +:1000E00051830110478301103F83011027830110C2 +:1000F000FB83011000000000000000000000000071 +:10010000201C00000000000040380000000000003B +:10011000602400000000000080700000000000006B +:10012000A06C000000000000C048000000000000BB +:10013000E05400000000000000E1000000000000AA +:1001400020FD00000000000040D900000000000079 +:1001500060C5000000000000809100000000000069 +:10016000A08D000000000000C0A9000000000000F9 +:10017000E0B50000000000008801021090010210AC +:1001800098010210A001021017080210051C40007F +:100190004408021006204000710802100730800059 +:1001A0009E080210084080002B81040021002B8152 +:1001B000040022002B81040023002B8104001F0077 +:1001C0002B81040020002B8104000A00551D200013 +:1001D00000000000B805021005000000BE05021076 +:1001E000BF04021021000000C50502100800000035 +:1001F000CE050210DB050210250000000000000003 +:1002000000000000000000000000000000000000EE +:10021000E805021008000000F1050210F1050210C7 +:1002200001000000A801021005000000FB050210FB +:10023000FB05021002000000050602100800000085 +:100240000E0602100E06021003000000AE0102109E +:100250000500000018060210180602100400000035 +:10026000B40102100500000022060210220602104E +:1002700005000000BA010210050000002C06021063 +:100280002C0602100A000000C00102100500000048 +:1002900036060210360602100B000000C6010210DE +:1002A0000500000040060210400602100C0000008D +:1002B0004A060210090000005406021064060210EB +:1002C0000600000073060210090000007D060210FF +:1002D0008D060210070000009C06021009000000B5 +:1002E000A6060210B606021008000000000000007A +:1002F00000000000000000000000000000000000FE +:100300006805021009000000720502105007021073 +:10031000050000007C05021009000000860502109F +:10032000830702100600000090050210090000007B +:100330009A050210B607021007000000A40502107B +:1003400009000000AE050210E907021008000000D5 +:10035000000000000000000000000000000000009D +:1003600000000000E404021008000000ED04021088 +:10037000F804021005000000050502100800000046 +:100380000E050210190502100600000026050210D5 +:10039000080000002F0502103A05021007000000B7 +:1003A0004705021008000000500502105B0502100E +:1003B0000800000000000000000000000000000035 +:1003C0000000000000000000C50602100900000047 +:1003D000CF060210DD06021001000000E106021047 +:1003E00007000000E9060210F806021002000000F3 +:1003F00007070210050000000D0702101507021084 +:1004000003000000000000000000000000000000E9 +:100410000000000000000000540402100A00000068 +:100420005F0402107F040210042500009C040210E7 +:100430000A000000A7040210C704021004230000F1 +:1004400000000000000000000000000000000000AC +:10045000000000002A864886F70D010C0103007099 +:10046000626557697468534841416E64332D4B652A +:1004700079547269706C654445532D434243005072 +:1004800042452077697468205348413120616E6489 +:1004900020332D4B65792033444553002A86488606 +:1004A000F70D010C010400706265576974685348C8 +:1004B00041416E64322D4B6579547269706C6544AC +:1004C00045532D43424300504245207769746820CC +:1004D0005348413120616E6420322D4B65792033C1 +:1004E000444553002A864886F70D020800686D616E +:1004F0006353484132323400484D41432D53484103 +:100500002D323234002A864886F70D020900686DC4 +:10051000616353484132353600484D41432D5348BD +:10052000412D323536002A864886F70D020A0068CA +:100530006D616353484133383400484D41432D5376 +:1005400048412D333834002A864886F70D020B00C7 +:10055000686D616353484135313200484D41432D48 +:100560005348412D3531320060864801650304024D +:10057000040069642D73686132323400608648017A +:1005800065030402010069642D7368613235360029 +:100590006086480165030402020069642D73686186 +:1005A000333834006086480165030402030069643F +:1005B0002D736861353132002B0E0302070064652C +:1005C00073434243002A864886F70D03070064659B +:1005D000732D656465332D636263004445532D4577 +:1005E0004445332D434243002A8648CE3D03010152 +:1005F0000073656370313932723100736563703234 +:1006000032347231002A8648CE3D030107007365FB +:10061000637032353672310073656370333834720B +:100620003100736563703532317231007365637008 +:100630003139326B3100736563703232346B3100A3 +:10064000736563703235366B31002B240303020867 +:1006500001010700627261696E706F6F6C50323514 +:1006600036723100627261696E706F6F6C3235364E +:100670007231002B240303020801010B0062726136 +:10068000696E706F6F6C5033383472310062726112 +:10069000696E706F6F6C3338347231002B24030332 +:1006A000020801010D00627261696E706F6F6C501B +:1006B000353132723100627261696E706F6F6C3504 +:1006C00031327231002A864886F70D01010100722D +:1006D0007361456E6372797074696F6E0052534135 +:1006E000002A8648CE3D02010069642D656350757D +:1006F000626C69634B65790047656E65726963205A +:100700004543206B6579002B8104010C0069642D41 +:1007100065634448004543206B657920666F72200D +:1007200045434448002A864886F70D01010E0073B0 +:10073000686132323457697468525341456E63724E +:10074000797074696F6E0052534120776974682024 +:100750005348412D323234002A864886F70D010174 +:100760000B007368613235365769746852534145DE +:100770006E6372797074696F6E00525341207769AD +:100780007468205348412D323536002A864886F752 +:100790000D01010C00736861333834576974685275 +:1007A0005341456E6372797074696F6E00525341A4 +:1007B0002077697468205348412D333834002A86E5 +:1007C0004886F70D01010D007368613531325769B4 +:1007D0007468525341456E6372797074696F6E002C +:1007E0005253412077697468205348412D35313286 +:1007F000002A8648CE3D0403010065636473612DC1 +:10080000776974682D53484132323400454344536C +:1008100041207769746820534841323234002A8677 +:1008200048CE3D0403020065636473612D776974EB +:10083000682D5348413235360045434453412077B3 +:1008400069746820534841323536002A8648CE3DC7 +:100850000403030065636473612D776974682D5325 +:100860004841333834004543445341207769746824 +:1008700020534841333834002A8648CE3D040304CF +:100880000065636473612D776974682D5348413541 +:1008900031320045434453412077697468205348FE +:1008A00041353132002A864886F70D01010A00528F +:1008B00053415353412D50535300616E79506F6C27 +:1008C00069637900416E7920506F6C696379002B00 +:1008D000060105050703010069642D6B702D736522 +:1008E000727665724175746800544C532057656286 +:1008F000205365727665722041757468656E7469FF +:10090000636174696F6E002B060105050703020021 +:1009100069642D6B702D636C69656E7441757468C4 +:1009200000544C532057656220436C69656E7420F7 +:1009300041757468656E7469636174696F6E002BCC +:10094000060105050703030069642D6B702D636FB5 +:1009500064655369676E696E6700436F6465205311 +:1009600069676E696E67002B0601050507030400C1 +:1009700069642D6B702D656D61696C50726F746563 +:100980006374696F6E00452D6D61696C2050726FE4 +:1009900074656374696F6E002B0601050507030813 +:1009A0000069642D6B702D74696D655374616D7091 +:1009B000696E670054696D65205374616D70696E6E +:1009C00067002B060105050703090069642D6B709C +:1009D0002D4F4353505369676E696E67004F435301 +:1009E00050205369676E696E67002B06010401820F +:1009F000E425010069642D6B702D776973756E2D88 +:100A000066616E2D6465766963650057692D53557F +:100A10004E20416C6C69616E6365204669656C644B +:100A20002041726561204E6574776F726B20284695 +:100A3000414E2900551D130069642D63652D6261C7 +:100A4000736963436F6E73747261696E747300428D +:100A50006173696320436F6E73747261696E74733E +:100A600000551D0F0069642D63652D6B6579557305 +:100A700061676500551D250069642D63652D6578E6 +:100A8000744B6579557361676500457874656E646C +:100A90006564204B657920557361676500551D11AC +:100AA0000069642D63652D7375626A656374416CBA +:100AB000744E616D65005375626A65637420416CA4 +:100AC00074204E616D65006086480186F842010120 +:100AD0000069642D6E657473636170652D63657262 +:100AE0007474797065004E6574736361706520433A +:100AF0006572746966696361746520547970650014 +:100B0000551D200069642D63652D636572746966E7 +:100B10006963617465506F6C6963696573004365EF +:100B200072746966696361746520506F6C6963698A +:100B30006573005504030069642D61742D636F6D46 +:100B40006D6F6E4E616D6500436F6D6D6F6E204E03 +:100B5000616D6500434E005504060069642D6174A3 +:100B60002D636F756E7472794E616D6500436F759C +:100B70006E747279005504070069642D61742D6CE0 +:100B80006F63616C697479004C6F63616C6974792F +:100B9000004C005504080069642D61742D73746164 +:100BA00074650053746174650053540055040A0061 +:100BB00069642D61742D6F7267616E697A61746901 +:100BC0006F6E4E616D65004F7267616E697A617418 +:100BD000696F6E004F0055040B0069642D61742D20 +:100BE0006F7267616E697A6174696F6E616C556E60 +:100BF00069744E616D65004F726720556E697400AF +:100C00004F55002A864886F70D01090100656D6180 +:100C1000696C4164647265737300452D6D61696C24 +:100C20002061646472657373005504050069642D66 +:100C300061742D73657269616C4E756D62657200C9 +:100C400053657269616C206E756D62657200550442 +:100C5000100069642D61742D706F7374616C416450 +:100C6000647265737300506F7374616C20616464A7 +:100C700072657373005504110069642D61742D70E1 +:100C80006F7374616C436F646500506F7374616C53 +:100C900020636F6465005504040069642D61742D40 +:100CA0007375724E616D65005375726E616D65008E +:100CB000534E0055042A0069642D61742D676976CE +:100CC000656E4E616D6500476976656E206E616D7B +:100CD0006500474E0055042B0069642D61742D6931 +:100CE0006E697469616C7300496E697469616C73D3 +:100CF0000055042C0069642D61742D67656E657262 +:100D00006174696F6E5175616C69666965720047DF +:100D1000656E65726174696F6E207175616C69666C +:100D20006965720055040C0069642D61742D746945 +:100D3000746C65005469746C650055042E00696418 +:100D40002D61742D646E5175616C69666965720000 +:100D500044697374696E67756973686564204E6170 +:100D60006D65207175616C69666965720055044135 +:100D70000069642D61742D70736575646F6E796D93 +:100D80000050736575646F6E796D000992268993C2 +:100D9000F22C6401190069642D646F6D61696E4302 +:100DA0006F6D706F6E656E7400446F6D61696E205B +:100DB000636F6D706F6E656E740044430055042D53 +:100DC0000069642D61742D756E697175654964657E +:100DD0006E74696669657200556E69717565204942 +:100DE00064656E746966696572000000940E021095 +:100DF000340E0210640E0210040E021065636B655F +:100E0000792E510004000000D80E021017A0011026 +:100E10003FA0011029A20110C5A10110000000008F +:100E20000000000097A101109FA10110B5A10110C1 +:100E30001DA0011002000000E40E021017A0011016 +:100E400009A001104DA20110DFA101100000000057 +:100E50000000000097A1011081A1011071A10110F3 +:100E60001DA0011003000000DE0E021017A00110EB +:100E700031A0011000000000000000000000000090 +:100E80000000000097A1011081A1011071A10110C3 +:100E90001DA0011001000000DD06021079A0011064 +:100EA000D59F011025A10110F5A00110BDA00110D2 +:100EB00085A0011071A0011057A0011047A00110DA +:100EC000E59F01107273612E4E007273612E450012 +:100ED0005253412D616C74004543445341004543D6 +:100EE0005F4448004543002D2D2D2D2D454E4420B7 +:100EF0005253412050524956415445204B45592D9B +:100F00002D2D2D2D002D2D2D2D2D424547494E20C7 +:100F10005253412050524956415445204B45592D7A +:100F20002D2D2D2D002D2D2D2D2D454E44204543AD +:100F30002050524956415445204B45592D2D2D2DB9 +:100F40002D002D2D2D2D2D424547494E2045432066 +:100F500050524956415445204B45592D2D2D2D2D8C +:100F6000002D2D2D2D2D454E4420505249564154D3 +:100F700045204B45592D2D2D2D2D002D2D2D2D2D61 +:100F8000424547494E2050524956415445204B4511 +:100F9000592D2D2D2D2D002D2D2D2D2D454E44203F +:100FA000454E43525950544544205052495641549D +:100FB00045204B45592D2D2D2D2D002D2D2D2D2D21 +:100FC000424547494E20454E4352595054454420CE +:100FD00050524956415445204B45592D2D2D2D2D0C +:100FE000002D2D2D2D2D454E44205253412050557E +:100FF000424C4943204B45592D2D2D2D2D002D2D93 +:101000002D2D2D424547494E2052534120505542E7 +:101010004C4943204B45592D2D2D2D2D002D2D2D87 +:101020002D2D454E44205055424C4943204B4559A7 +:101030002D2D2D2D2D002D2D2D2D2D424547494E89 +:10104000205055424C4943204B45592D2D2D2D2DD7 +:10105000002A864886F70D010C0101002A86488681 +:10106000F70D01050D002A8648CE3D010100000064 +:10107000A2CE0110CACE0110F2CE01101ACF01107B +:101080003CCF011054CE011080CE011001234567E2 +:1010900089ABCDEFFEDCBA9876543210F0E1D2C3C2 +:1010A000D89E05C107D57C3617DD703039590EF74B +:1010B000310BC0FF11155868A78FF964A44FFABE11 +:1010C00067E6096A85AE67BB72F36E3C3AF54FA5D9 +:1010D0007F520E518C68059BABD9831F19CDE05B05 +:1010E0005D9DBBCBD89E05C12A299A6207D57C3667 +:1010F0005A01599117DD7030D8EC2F1539590EF778 +:1011000067263367310BC0FF874AB48E11155868C4 +:101110000D2E0CDBA78FF9641D48B547A44FFABE0E +:1011200067E6096A08C9BCF385AE67BB3BA7CA84FA +:1011300072F36E3C2BF894FE3AF54FA5F1361D5F25 +:101140007F520E51D182E6AD8C68059B1F6C3E2B01 +:10115000ABD9831F6BBD41FB19CDE05B79217E13B9 +:10116000C8373D8CA24D54196699E173D6D4DC89F9 +:10117000AEB7FA1D829CFF3214D59D67CF9F2F58C2 +:10118000692B6D0FA84DD47B736FE3774289C4043C +:10119000A8859D3FC8361D6AADE61211A192D69171 +:1011A000942131222CF72BFCA35F559FC2644CC8BD +:1011B0006BB8932351B1536F19773896BDEA4059F4 +:1011C000E23E2896E3FF8EA8251E5EBE9239865326 +:1011D000FC99012BAAB8852CDC2DB70EA22CC58159 +:1011E00038D2011056D2011076D2011094D20110DB +:1011F000B4D20110F8D1011018D2011067452301B3 +:10120000EFCDAB8998BADCFE10325476C3D2E1F050 +:10121000C1059ED8367CD5073070DD17F70E5939D9 +:10122000FFC00B316858151164F98FA7BEFA4FA49F +:101230006A09E667BB67AE853C6EF372A54FF53A67 +:10124000510E527F9B05688C1F83D9AB5BE0CD1993 +:10125000CBBB9D5DC1059ED8629A292A367CD507F5 +:101260009159015A3070DD17152FECD8F70E593906 +:1012700067332667FFC00B318EB44A876858151153 +:10128000DB0C2E0D64F98FA747B5481DBEFA4FA49D +:101290006A09E667F3BCC908BB67AE8584CAA73B89 +:1012A0003C6EF372FE94F82BA54FF53A5F1D36F1B4 +:1012B000510E527FADE682D19B05688C2B3E6C1F90 +:1012C0001F83D9ABFB41BD6B5BE0CD19137E217948 +:1012D0008C3D37C819544DA273E1996689DCD4D688 +:1012E0001DFAB7AE32FF9C82679DD514582F9FCF51 +:1012F0000F6D2B697BD44DA877E36F7304C48942CB +:101300003F9D85A86A1D36C81112E6AD91D692A1FF +:1013100022312194FC2BF72C9F555FA3C84C64C24B +:101320002393B86B6F53B151963877195940EABD82 +:1013300096283EE2A88EFFE3BE5E1E2553863992B4 +:101340002B0199FC2C85B8AA0EB72DDC81C52CA2E7 +:1013500050726F632D547970653A20342C454E439A +:10136000525950544544002A864886F70D01050C11 +:10137000007F7F7F7F7F7F7F7F7F7F7F7F7F7F7FFC +:101380007F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F6D +:101390007F7F7F7F7F7F7F7F7F7F7F7F3E7F7F7F9E +:1013A0003F3435363738393A3B3C3D7F7F7F407F8D +:1013B0007F7F000102030405060708090A0B0C0DD4 +:1013C0000E0F101112131415161718197F7F7F7F37 +:1013D0007F7F1A1B1C1D1E1F202122232425262748 +:1013E00028292A2B2C2D2E2F303132337F7F7F7FDF +:1013F0007F0000000000000000000000000000006E +:10140000F0B5C646012500B5B4B024AE14AF8021B6 +:10141000012009064042E2F7FDFFC30618D4830607 +:1014200024D508A92020E2F7F7FF089CA31C6BDB5A +:10143000002C26DA099B002118000193E2F7F2FF45 +:101440008021012009064042E2F7E4FFC306E6D509 +:1014500031001020E2F7E0FF33689A1C55DB002BC7 +:1014600005DA00217068E2F7DDFFD0E7FEE7002B28 +:101470004BD1E0F77FFB01210028F3D100F08EF87B +:10148000EFE7002C40D10822002104A8DFF757F92C +:101490000822002106A8DFF752F940220021380077 +:1014A000DFF74DF9402200213000DFF748F90F9BAC +:1014B00003940193002B6ED10E9B0193002B68D1F6 +:1014C0000D9B0193002B62D10C9B1C000193631EAA +:1014D0009C41139B0193002B57D1129B0193002B2E +:1014E00053D1119B0193002B4FD1109A631E01928F +:1014F000002A3BD10120012B08D9099B01001800CB +:101500000193E2F78FFF82E7FEE7FEE700239846AC +:10151000042303AA00210998E2F780FF042831D1AF +:10152000022C2DD10D9B0998402B2BD83A00290075 +:10153000E2F774FF0D9B0193984223D10497059025 +:1015400004A94346002B16D0109B402B1AD806AA9C +:1015500003980793069600F02FF80400079B09985C +:10156000069A0021E2F75CFF2000C6E72800012B65 +:10157000C3D8A846CCE74246039800F01DF8BCE764 +:101580000021DEE781204042B7E72800B5E70224CA +:101590009FE703249DE704249BE7C046BFF34F8FDA +:1015A000034B044ADA60BFF34F8FC046FDE7C046E5 +:1015B00000ED00E00400FA05032070470000000081 +:1015C00030B5174C0569A54414AB0293036A04AA0D +:1015D0000400009201950393402D1ED88168114BA1 +:1015E000406819602B000021E2F718FF854211D1F5 +:1015F000012302AA0121684600F0FAFA051E05D16E +:10160000039B029A60680021E2F70AFF2800064B5C +:101610009D4430BD84256D42F8E787256D42F5E78E +:10162000ACFBFFFF50A2010854040000F0B5CE4609 +:10163000474680B5A9B000F0C7FA002820D1594B21 +:1016400017AC98464123994603AE04AF8021012090 +:1016500009064042E2F7DEFEC30621D4830611D418 +:1016600043060ED50BA94020E2F7D6FE0B98831C4B +:1016700028DB002829DA00210C98E2F7D3FEE5E701 +:10168000FEE7FEE721002020E2F7C6FE21688B1C62 +:101690001ADB00295ADA00216068E2F7C3FED5E7B9 +:1016A00021001020E2F7B8FE23689A1C0BDB002B08 +:1016B000F1DB08D12000FFF783FF01006068E2F74B +:1016C000B1FEC3E7FEE7FEE7FEE70028FAD14B468E +:1016D000069302230893DB180A93149B059407963C +:1016E00009970193022B2ED1159B0193042B2AD12C +:1016F0000D9B010001934346019A1A60032305AA3A +:1017000000F0E2FA139A049B050001929A4217D363 +:101710000C98002D0FD122000021E2F781FE089BDA +:10172000320001210C98E2F77BFE0A9B3A0002216D +:101730000C98E2F775FE29000C98E2F773FE85E736 +:101740008A256D42F7E787256D42F4E70029BBD172 +:101750002269236A059606920B970C936068042A07 +:101760001DD1042B1BD14246A56815603200E2F75B +:1017700055FE2369984212D101230BAA190005A82E +:1017800000F072FA051E05D101000C9B0B9A6068EF +:10179000E2F746FE29006068E2F744FE56E7872537 +:1017A0006D42F7E750A20108F0B5DE464E464546C9 +:1017B0005746E0B5D3B006000D00934600F0CCFAD2 +:1017C000041E09D000F0F2FA200053B03CBC904651 +:1017D0009946A246AB46F0BD072300955B42002226 +:1017E000002116A800F014FB002804D002240128D0 +:1017F000E8D00524E6E73200C84916A800F062FBED +:101800000BAB0822180000210293DEF798FFC44AB0 +:10181000C44B92463F2299461B880DAE35003000DE +:10182000002490461E00564500D05BE14B465F8881 +:101830004F44002C00D161E121000422DEF763FF58 +:1018400028006B88E418A74205D84BE16B88E418A0 +:10185000A74200D846E104222100DEF754FF4146AA +:101860002B8828009A111142F0D16A881942DAD1E6 +:10187000029B043A5A602E001A0004340B94AA49C1 +:1018800016A800F01FFB0023099302AB0E229C4612 +:1018900008A9624407A800F0A5FA002800D02FE1AB +:1018A000A24909A8E0F720FD002800D028E1089A05 +:1018B000079909A8E0F746FD002800D020E102A81A +:1018C00084462D2106AB2022614409A8E0F76AFD79 +:1018D000002800D014E101233370069B029A0133E3 +:1018E000934916A8069353600B9600F0EBFA202359 +:1018F000310009A809930CF0C7F9002800D0FFE0D7 +:10190000029B099A8B495A6016A81A000B9600F0A0 +:10191000D9FA300000F0E4FF041E00D052E70D9B1E +:101920000D9ADB17844916A800F0BEFA4B461B88B7 +:101930003F279A460DAB9846794B9A4500D0E1E097 +:101940004B465D884D44002C00D1DFE03000464618 +:1019500021000422DEF7D7FE7388E418A54205D8DB +:10196000D0E07388E418A54200D8CBE0042221001F +:101970003000DEF7C8FE33889A111742F1D1728821 +:101980003B40022BD8D1043A211D022A00D10EE19E +:10199000042A00D107E1012A00D02AE723790D9318 +:1019A0000D9B9AB2C023DB019A4200D921E70023A4 +:1019B000624916A800F078FA16A800F073FA00231E +:1019C000804601279A464B46554A1B88934200D0D1 +:1019D00096E04B465B885A4A4B44039393422ED978 +:1019E00014000DAD300005E06B88E418039BA342A2 +:1019F00000D8D6E004222100DEF785FE3F222B88A6 +:101A000028009B111340BB42EED101239C46E244C7 +:101A100053462E006D88634509D101234046494A4B +:101A20005B4200F0B5FA0421404600F0DBFB221DCA +:101A30002B1F0921404609920A9300F007FB01374A +:101A4000072FC0D15346002B62D1012200233E490B +:101A500016A800F029FA02980CF0C2F80D900028A0 +:101A600006D00B9B3200394916A8736000F03CFA8F +:101A700002980CF0CDF80D90002806D00B9B320098 +:101A8000334916A8736000F02FFA122308220021B0 +:101A900002980893DEF753FE3F2300259A46300054 +:101AA0004B461F4A1B8893426FD14B465E884E447B +:101AB000002D68D029000422DEF725FE0DA84388FA +:101AC000ED1804270DACAE425FD93A002900DEF7CD +:101AD0001AFE5146238820009A110A423AD06388A0 +:101AE000ED18F0E70600010020200CF0A9F800280E +:101AF00006D12023029A0B965360C0E61C1DA2E675 +:101B000003245FE60CF068F802004BE71C1D25E794 +:101B100000220421404600F08DFB9CE700DBFEFF25 +:101B20001620000000A0010804DBFEFF09000001F0 +:101B3000FFDAFEFF05DBFEFF07DBFEFF06DBFEFF35 +:101B400004A0010802DBFEFF01DBFEFFFEDAFEFF60 +:101B500008DBFEFF62880B40012BA1D1029B0435FC +:101B6000043A0B955A60164916A8029A00F0BCF97F +:101B7000594616A800F0CAF9002800D036E600F051 +:101B800015F9040020E60F4D9BE70600010008A8A8 +:101B90000CF094F80028B3D1029B089A0B965A6077 +:101BA000E1E72E004BE73000DEF7ADFDF8E60298E6 +:101BB000DEF7A9FD0BAB02931B880D93F0E6C04640 +:101BC00003DBFEFF04A00108802210B59200064945 +:101BD000012000F08DFE052803D8044B8000C0587A +:101BE00010BD84204042FBE700A00108FC28021041 +:101BF00010B51400126886B00368416802926268EA +:101C0000009301910392302907D0402905D0202963 +:101C100003D08720404206B010BD0122180000F01A +:101C20005DFE002808D103990029F2D00222029813 +:101C300000F054FE002805D005280FD8094B80007D +:101C4000C058E8E704AA02A96846FFF7ADFD0028DE +:101C5000F2D1049B2360059B6360DCE78420404253 +:101C6000D9E7C046FC280210002110B5036886B0F1 +:101C70001B68146800910291526811490193039105 +:101C8000032A05D9302B07D0402B05D0202B03D0B9 +:101C90008720404206B010BD04AA02A96846FFF79B +:101CA00083FD002802D1059B2360F3E7052803D8B4 +:101CB000044B8000C058EDE784204042EAE7C0466C +:101CC000FFFFFF7FFC280210F0B5140085B000294B +:101CD00001D1032B03D08720404205B0F0BDD3686B +:101CE000022BF8D15369042BF5D1156856682800EA +:101CF0000222310000F0F2FD002805D0052819D895 +:101D0000144B8000C058E8E70222E168A06800F0A8 +:101D1000E5FD0028F2D16B469F1D3A0003A902A8F9 +:101D200000F060F80028E9D1039A964205D28A2093 +:101D30004042D2E784204042CFE702992800DEF7F4 +:101D4000E2FC3B88A268002013802369039A1A6092 +:101D5000C3E7C046FC28021030B5104C83B023887E +:101D6000002B17D16B462000991D0CF077FE002840 +:101D700010D10B4B00251A68002A0CD12088413263 +:101D80000849E0F7E5F8002804D16B46DA88064BED +:101D90001A8000E00525280003B030BD06A2010826 +:101DA0004CA2010808A2010804A2010810B5064CC3 +:101DB0002088002805D00CF065FE002801D1208085 +:101DC00000E0052010BDC04606A20108044B1B8898 +:101DD000002B02D00380002070470520FCE7C0469E +:101DE00006A20108074B10B51B68002B07D0064C54 +:101DF000046000200B60054B1B88138010BD05207C +:101E0000FCE7C0464CA2010808A2010804A2010890 +:101E1000F0B504001F0005009823A035E1500433FD +:101E2000C25083B00E00502200212800DEF787FC4C +:101E300080235B026B646B46F60FAE632F62981DC6 +:101E4000FFF7C4FF0E2600281CD16B46DA88DC237E +:101E50000221E0500433E050183BE1542300D0331A +:101E600058601A60089B200006CB00F07BF8210028 +:101E7000280000F005FB0026002806D105212000DF +:101E800000F0B0F9300003B0F0BD032807D01938D6 +:101E900046424641012376429E430336EEE704263E +:101EA000ECE7C0467047C046D0B516001F000400DE +:101EB000CB170A0000F06CF832003B00200000F065 +:101EC00067F8D0BD70B505001668546882B0CB17AE +:101ED0000A0000F05DF8230032000221280000F023 +:101EE000B5F802B070BDC04670B5050016685468FC +:101EF00082B0CB170A0000F04BF823003200032118 +:101F0000280000F0A3F802B070BDC04670B5040010 +:101F100082B00D000022052100F08CF92000210084 +:101F2000A03000F025FB00280AD0032814D019386F +:101F300043425841012340429843033002B070BDF0 +:101F40006E462000310000F01DFA012808D000285C +:101F500004D10CCE0CC5F1E70420EFE70220EDE739 +:101F60000120EBE710B5040082B00091019200213E +:101F70009822DEF7E4FB019A0099200000F022FA93 +:101F8000220094231432E250903BA37602B010BD9D +:101F9000F0B5CE46474680B5017C87B006000029E3 +:101FA00023D1002B26DB180000239846B3680028B5 +:101FB00027D1172A25D84244D7B215226A4494461D +:101FC000110062460139521A0F70300001910292DD +:101FD00000F008FA9423F1581A4B8A889B1A012BB7 +:101FE0002DDD002301328A80337407B00CBC90468B +:101FF0009946F0BDD8432023D2439846B3680028C1 +:10200000D7D01521104C69448C460027A1464C4678 +:10201000E55D002D10D04D1B013904060A70120A2F +:102020002243000AA942F7D114007D1C044304D1C5 +:1020300018374744FFB2C4E77D1C2F00E7E70323AE +:102040003374D2E7FEFF000014290210F0B55746A2 +:102050004E464546DE46E0B589B0E8460092424627 +:102060005360037C07008946002B2AD183680A004D +:1020700005AC092911D0019D002428000B296CD042 +:102080009F220C2924D105AC2272012207A9380015 +:102090000391049200F0A6F9BB68424603CA03C448 +:1020A000424605995268380000F09CF99423F9588B +:1020B0002E4B8A889B1A012B33DD002301328A8044 +:1020C0003B7409B03CBC90469946A246AB46F0BD75 +:1020D00020320D29D7D0172D26D9072901D11F2D40 +:1020E00042D04A465201D2B293461D22204D6A4444 +:1020F00094461100AA4600225546AE5C002E29D017 +:102100008E1B013925060870000A2843240AB142B3 +:10211000F7D10500561C25431DD118325A44D2B2BE +:1021200009E003233B74CCE74A01D2B21D21694484 +:102130008C465219D2B201390A7062463800521ADE +:102140000391049200F04EF94B460B2BAED005AC38 +:10215000BB68A2E7561C3200CEE7172D02D93532F4 +:102160009346C2E74022E1E7FF228CE7FEFF000032 +:1021700014290210F0B5C64600B5816886B08C46B9 +:10218000002B01D1172A19D91527154C6F44390096 +:102190000026A0464446A55D002D1ED04D1B0139EA +:1021A0001C060A70120A22431B0AA942F7D1140026 +:1021B000751C1C4312D1283EF6B204E015276F446B +:1021C0003900403AD6B201390E707A1A634600F0EF +:1021D00009F906B004BC9046F0BD751C2E00D9E785 +:1021E0001429021070B594254459114BA2889B1AEA +:1021F000012B17DD83680132A2801E0000220274C9 +:1022000066360CD806008C36B4420ED0260008364E +:102210004651A3600023A281A173037401E0072348 +:10222000037470BD03230374FBE702230374F8E710 +:10223000FEFF0000F0B54E464546DE465746E0B587 +:10224000037C87B005001600002B0AD19433C258D6 +:10225000030014339A420BD0937999420BD00F2389 +:10226000037407B03CBC90469946A246AB46F0BD0D +:1022700004230374F5E713689B468368022926D07C +:102280009088052947D00C292FD115226A449F2315 +:1022900091461000411E0B704B4628005A1A5B46AF +:1022A00000F0A0F8002E0DD0290003A800F0D0F80F +:1022B000049B039A9B452BD859465B1A002A00D0F1 +:1022C0005A440CC69422AB58083BAB50C9E75A4657 +:1022D0009A1A13000024172A0FD8490189181522C9 +:1022E0006A44CBB291461000D4E70D2914D11522CF +:1022F0006A44BF2391461000CCE7002B1BD1152266 +:102300006A4491461000173349015B18DBB2C1E7FC +:1023100000230022D5E7400802000300002417280C +:10232000DBD90729E9D11F28E7D115226A44FF2309 +:1023300091461000AEE715226A4491461000002233 +:1023400090460F4A924652464746D75D002F12D01C +:10235000C71B0138220603701B0A1343240AB84224 +:10236000F7D10122424494461A00224306D1434643 +:102370001833DBB2C8E7012242449446E046E2E764 +:102380001429021070B5837B82B00D00002B05D09C +:10239000012301240374200002B070BD047C002CD2 +:1023A000F9D19423C258030014339A4201D00A246D +:1023B000F1E76E460100300000F04AF80CCE0CC583 +:1023C000E9E7C04682B06B465A60054A00918281B7 +:1023D00000228260827306CB06C002B07047C046FE +:1023E0000F0B000070B582B0009101921D00837B3D +:1023F0000400002B05D1154B82899A4203D001239A +:10240000A37302B070BD816843689942F7D8019EFA +:102410005B1AB342F3D3A942F1D303684A1B58199C +:10242000002A08D0002B0DD0831901001800DEF718 +:1024300073F923685819002B03D032000099DEF796 +:102440006BF9A1687118A160DBE7C0460F0B0000B3 +:102450008B7B10B5002B0DD1084A8C89944204D097 +:10246000012203608A73436010BD8B6843600B6870 +:102470000360F9E7002303604360F5E70F0B0000FA +:1024800070B50400AAB0006A0D0000F0FDF8012349 +:1024900000285CD0A36B9B0761D504212800FFF7BF +:1024A000A1FE1822210004A8266AFFF75BFD052182 +:1024B00004A8FFF797FE0122002304A8FFF768FD98 +:1024C000F317320004A8FFF763FD052104A80022DA +:1024D000FFF7B0FE02A904A8FFF754FF002839D186 +:1024E000029B039AA361E261002B3ED021000822E7 +:1024F000183102A8DEF707F9029A039B022128008F +:10250000FFF7A4FDA26B1C23D20720D4E66B246C3A +:1025100005212800FFF766FE002C0ED0002E0CD0FF +:10252000042200232800FFF733FD3200230002219C +:10253000280004960594FFF789FD00220521280054 +:10254000FFF778FE02212800FFF74CFE0023180059 +:102550002AB070BD0023A361E3610233F7E71222C2 +:1025600000232800FFF706FE97E70223EFE7C046A7 +:10257000F0B54E46DE4657464546E0B5ADB00CAB2D +:1025800099461CAB0C934A4640230C00536014AB95 +:102590000E93202310AD07000EAE2A00022120006A +:1025A0007360FFF747FEA37B002B0BD0012323743E +:1025B0001833984640462DB03CBC90469946A246FA +:1025C000AB46F0BD1922237C9046012BF2D0002BA4 +:1025D0001CD13B6A98462368002B1AD008AB0493A1 +:1025E0009B4602AB9A4606CE06C36B4606CD06C393 +:1025F00040460023B969FA6900F04EF88046002889 +:10260000D8D1BB6BDB0725D50AAD12E0182398465D +:10261000D0E739000A9330310BAB113A6846029388 +:10262000DEF771F84046BA6AFB6A00F0DBF88046D4 +:102630000AAD2900082212A8DEF765F8129A2000D8 +:10264000139B0221FFF702FD002204212000FFF767 +:10265000F1FDAFE74A460AAD3E6A04AB069503CAF0 +:1026600003C353465A4603CA03C339000822303114 +:102670006846DEF748F8BA6AFB6A300000F078F87E +:102680000028D6D0804695E70730434258410F23B3 +:10269000404298437047C04670B5C6B06D46009141 +:1026A0006A6014A93022040020A81E00FFF75AFC1B +:1026B000042120A8FFF796FD032120A82B4A0A2316 +:1026C000FFF7C4FC2B000CAA03CB03C202210C9A17 +:1026D0006B6820A8FFF7BAFC00220023022120A883 +:1026E000FFF7B4FC002E33D133000022022120A8D2 +:1026F000FFF7ACFC0125042120A80022FFF79AFD7A +:1027000004A920A8FFF73EFE00282DD1073461421E +:1027100061410F234942994306A800F08DF8002833 +:1027200014D1059B04995A1B934201D20022002127 +:1027300006A800F0A3F84A994B9A06A800F09EF864 +:102740004E9B4C994D9A06A800F0A8F846B070BD73 +:1027500010AB4AAA03CA03C30B21109A4B9B20A8B3 +:10276000FFF774FC0025C6E71520EFE718290210D3 +:1027700082B010B586B008920993C31D05D0012020 +:1027800006B010BC08BC02B018470A9B0E9C98B259 +:1027900005AB02930F9B009401930C9A0D9B10497B +:1027A000E0F7D0F8002810D00300953313D00300D1 +:1027B0008633E4D003008D330FD097304342584125 +:1027C0000423404298431730DAE7109B059A1C60B7 +:1027D0005A600020D4E70D20D2E71020D0E7C04691 +:1027E0000900061082B010B58AB00C920D93C31D7B +:1027F00005D001200AB010BC08BC02B018470E9BDF +:1028000024229CB2002101A8DDF799FF01A9200034 +:10281000DFF740FB03000020002BEBD16B460722C3 +:10282000998B00200A40CB08511E8A419B18109AB0 +:102830005B001360DEE7C04610314B4259410D4B3F +:10284000494219400C4B10B59C460023614403607B +:102850000400DFF749FD00236060002806D0030074 +:10286000863305D08A3043425841031D180010BDFD +:102870000323FBE70A00FF00FFFF000010B54368D9 +:1028800082B0040000910192002B04D1002902D0F3 +:10289000DFF758FD606002B010BDC04670B51D0086 +:1028A000436882B0040000910192002B08D01A0006 +:1028B000863210D08A3358425841043002B070BD7D +:1028C0002B1D0E00DFF76EFD606003002E60002000 +:1028D000002BF3D0EBE70320F0E7C0460020704761 +:1028E000024B1B68036000207047C04650A20108DD +:1028F00010B5DFF741F9431E984110BD00000000FC +:1029000070FFFFFF76FFFFFF7CFFFFFF79FFFFFFF8 +:102910007CFFFFFF010102045369676E61747572E9 +:102920006531000000000000000000000000000011 +:102930000000000000000000000000000000000097 +:082940009409FE7F0100000074 +:1029480010B5064C2378002B07D1054B002B02D07D +:10295800044800E000BF0123237010BDF8B101084E +:1029680000000000F80B0310044B10B5002B03D037 +:102978000349044800E000BF10BDC0460000000045 +:10298800FCB10108F80B031010B5431C17D00E4B0F +:102998005C68002C0FD09A68136E5B68984210D060 +:1029A800CC32002304E011686C324968814204D0BB +:1029B8000133A342F7D101235B42180010BD030085 +:1029C800FBE70023F9E7C04698AF0108F0B5254DAD +:1029D8006A68002A42D0244CAB68216823485966AB +:1029E800234918669966012A38D90700CC261C376E +:1029F8009F51676804369F510F00043628379F514E +:102A0800022A2BD007001E003837D8363766A76849 +:102A180077660F005037B766032A1FD007006C3659 +:102A280054373766E76877660F007837B766042A41 +:102A380014D007006C3670373766276977660F0041 +:102A4800A037B766052A09D08722920094466269A2 +:102A580063448C30C83118665A6699660123002091 +:102A68002B60F0BD98AF01089CB4010820F9021052 +:102A780030F802106C22034B50439B681818036E01 +:102A88009868704798AF01088007C00F7047C04624 +:102A98000020704770B504000B480D0000F052FF8D +:102AA80000280ED09C23C450002343600300A021BB +:102AB800A268A033856008345360425023605C608C +:102AC80070BD0020FCE7C046B4B4010870B504002E +:102AD8000D000100074800F04FFF002807D0A0684C +:102AE800401B431E9841044B4042184070BD0248A9 +:102AF800FCE7C046B4B401081F00008010B50C1EE6 +:102B080001D101F04FFA00232200E360A032A03384 +:102B1800E3585168200059605268136000F022FFA2 +:102B2800002010BD70B50C001500002901D101F07E +:102B380039FA2560002070BD70B5040003690C34B3 +:102B480006000D009C4203D109E05B689C420BD053 +:102B580018001C3802689268AA42F6D170BD01F0CC +:102B680021FA33699C42F3D10020F7E7F8B54746CC +:102B7800CE4680B5154F05007B68002B20D0042376 +:102B8800002600249846BB6820009946FFF772FF8C +:102B9800434603420FD04B469B1919001B690C3161 +:102BA800994208D018001C380268D268AA4208D096 +:102BB8005B689942F6D17B6801346C36A342E2D84F +:102BC80000200CBC90469946F8BDC04698AF010855 +:102BD8009C23C0587047C04610B5FFF7D5FE431C6C +:102BE80005D06C23034A43439068C01810BD0020E9 +:102BF800FCE7C04698AF010810B500F09DFDC36C16 +:102C08005868FFF7C1FE431C05D06C23034A4343B1 +:102C18009068C01810BD0020FCE7C04698AF0108B6 +:102C28000368986900280ED001280AD15869401A0B +:102C380041424841064B07499C464042084060448F +:102C480000E0034870475B698B424041F2E7C046A9 +:102C580002000080FEFFFF7F10B50400002A05D0A7 +:102C68000B681B7C002B21D0002010BD00F064FDF8 +:102C7800C36C5868FFF788FE431C19D06C230F4AB1 +:102C880043439068C018002812D0036E5869002882 +:102C98000CD09A6913689C42E6D00432002302E003 +:102CA80002CAA142E0D001338342F9D10448DCE7EB +:102CB80001F078F900231B6EFFDEC04698AF0108CB +:102CC8001F000080010010B50C3904000B4800F00B +:102CD80053FE00280FD00A4B22689A420BD100F00D +:102CE8002BFD63685B681A6EC36C52685B689A4216 +:102CF80001D1200010BD0024FBE7C046B4B4010890 +:102D0800434315150C307047F8B5DE4647460400B6 +:102D180080B58B461700002190229846099E0B9D8E +:102D280001F08EFA2F4B0D9AE360002323612E4B9E +:102D3800A76023605B4663608423E250089BE361DD +:102D4800434663610A9B002B18D07368636233683B +:102D580063640A9B012B11D9F368A362B368E36427 +:102D68000A9B022B0AD07369E362336963650A9B85 +:102D7800032B03D0F3692363B369E3650C9B002B32 +:102D88001ED01A006B6863632B6863660023A36612 +:102D9800012A15D9EA68A263AA682367E2660C9A31 +:102DA800022A0DD06A69E2632A69A36762670C9AEE +:102DB800032A05D0EA692264AA69E2678022A3503F +:102DC800A461002F01D03B682362089B002B03DB22 +:102DD8000CBC90469B46F8BD1900200001F002FB90 +:102DE800F6E7C046746E766543431515F8B5456831 +:102DF800060010300C0000F053FD071E18D1336890 +:102E080028009968AB681943EB6DA960194000F078 +:102E180031FD002C02D0E369002B05DD20000C30C9 +:102E280000F01CFD3800F8BD2369002BF6D1F9E746 +:102E3800004FF7E71F00008010B500F07DFCC36C61 +:102E4800586810BD10B500290BD0002811D0CC430C +:102E5800A0420CD8022B06D0029B01F013FD0028DB +:102E680005D1002010BD029B01F082FDF7E7024862 +:102E7800F8E780200006F5E703000080F0B5DE469D +:102E88004E4657464546B521E0B5A82285B01023E1 +:102E98000901694800F02CFD684E7268002A00D1CB +:102EA800C7E00023002703930133FF339946644B9F +:102EB800B8469B46B36843441C001B6E1B684B45D1 +:102EC80059D1656E002D0CD02968002909D0380029 +:102ED8000AF058FB002800D088E00435296800294A +:102EE800F5D13800FFF7C6FD0423034242D008237A +:102EF800A16D19435B461868A16500280FD0002210 +:102F0800BC46236E5D684F4B1F68AF4202D15F68B5 +:102F18003943A165013210338242F5D167464A4BE5 +:102F280023600023636023000C332361E360B368EC +:102F380043441D0014239A46AA4453462A00002BF2 +:102F480000D170E0906E126E436A1169026A5046B1 +:102F58000092002200F0F6FBB36843441B6EDB6866 +:102F68006B62236E5B68002B57D0504600F0F6FB6F +:102F780000284FD172686C239C460137E044974281 +:102F880098D3324B324F98461C006C230025994643 +:102F980015E02368826D9B68606013438365230096 +:102FA8000833E360A360C268143353600C30E261F5 +:102FB800013503601C37206224340F2D1ED0276092 +:102FC8007868FFF7E1FC431C06D04B465843B368CA +:102FD8009C4660440028DCD100F0E4FFEB005D195A +:102FE8000023AD0045446B609B6DFFDE043500F0A7 +:102FF800D9FF2968002900D069E772E7039C2000FF +:1030080000F00AFCE06B05B03CBC90469946A2462D +:10301800AB46F0BD00F0C6FFACE70AF0CBFA53466A +:10302800A8610393A1E700F0BDFFB36843441A0009 +:1030380088E700230393A4E7B4B4010898AF010814 +:10304800ECFC0210ECFC0210746E766504C00108FA +:10305800C8F9021070B5060000F060FB040000F02B +:103068006BFB0500002C0CD084420AD0E36C9868F6 +:103078008007C00FDEF79EFD22002900300000F017 +:10308800D9FB01F09DF970BD70B5011E13D0AC24B9 +:103098000A4D2A68135B106ADB00181803F020F841 +:1030A800002806D12A68135B126ADB009B18586057 +:1030B80070BD0348FCE70348FAE7C04614E8010876 +:1030C800030000800100008070B5011E13D0AC24FD +:1030D8000A4D2A68135B106ADB00181803F000F821 +:1030E800002806D12A68135B126ADB009B18586017 +:1030F80070BD0348FCE70348FAE7C04614E8010836 +:103108000300008001000080094B10B51968AC234A +:103118000200CC5A086A8021E3001B1918184900DC +:1031280002F0D0FF431E9841024B4042184010BDA8 +:1031380014E8010802000080094B80221B6810B5C2 +:10314800186A86235B011C00C1185200CB681B0C4F +:103158001342FBD080235B040351035910BDC046C2 +:1031680014E80108F0B54546DE4657464E46E0B538 +:103178008B69C94A89B004000D00934220D3C74A1D +:1031880093421DD201264B699E43FFF735FD071E6A +:1031980000D1C0E23B6E5A68002E16D0002A1CD11E +:1031A8002B003A6A2833934201D000F0FBFE053C1D +:1031B800E0B2172800D907E2B94B80001B589F4698 +:1031C800FFF71AFD061E05D0336E5B680026002B3C +:1031D800EDD1EAE700F0E6FEF6E700F0E3FEDFE710 +:1031E80000F0E0FB09B03CBC90469946A246AB46CD +:1031F800F0BDFFF74DFCF5E72C68002C00DC31E250 +:103208002000FFF7E9FC041E00D137E20821A3687B +:1032180020001943E36DA160194000F02BFB00204A +:10322800E0E741CDFFF74EFD041E00D147E2656897 +:10323800002D00D128E263699A1C00D1C7E15A1C0D +:1032480000D0CAE1002E00D03FE2A66833008133E7 +:1032580000D145E20022A3685A60E369002B03DC31 +:103268002369002B00D145E2200031000C3000F02A +:1032780001FB0020B6E7AB6828686E68EF689846DF +:10328800FFF720FD051E00D101E26B685B681B6E2D +:103298009868FFF7F9FB6B698146002B00DAE4E1D7 +:1032A800032E00D9C9E1F4000C36B6002C19AD196B +:1032B8006B68A26E9B1A9F4200D9BBE14B46002265 +:1032C8000093390001234046FFF7BCFD002801D0D8 +:1032D80000F068FEA26E636E9446634418003A00DC +:1032E800414600F031FFA36E00209C466744A76664 +:1032F80078E7C1CDFFF7E6FC041E00D1E2E163697F +:10330800002B00DAA8E1032E00D980E1B300E3180E +:103318005A6A0020002A00D164E73800974200D991 +:103328001000F600A419616C121A091861645A6237 +:1033380058E70BF049FB002054E7FFF75DFC041E3B +:1033480000D1AAE1A3681A0702D400F02BFEA368F3 +:1033580008229343A360002044E7280000F0AEFD54 +:1033680000203FE72D68280000F002FE002800D169 +:1033780069E1FFF741FC041E00D19AE100F012FE5A +:10338800A3682B4202D100F00DFEA368AB43A360F3 +:1033980000200AF0EBF900200AF0F6F9002021E7F6 +:1033A8002E686D68FFF728FC041E00D172E1A36D3A +:1033B800334200D144E1A068E6653040002D00DBCF +:1033C80010E7002800D00DE7200000F047FAA068B9 +:1033D800304007E7286800F0CBFD002800D113E152 +:1033E800FFF70AFC002800D145E100F0DBFD0020D2 +:1033F8000AF0D6F90020F5E6286800F0B9FD0028A3 +:1034080000D123E1FFF7F8FB002800D139E100F0F3 +:10341800C9FD00200AF0B8F90020E3E6AB68286887 +:103428009846EB686F689946FFF74CFC051E00D17B +:103438003CE16B685B681B6E9868FFF725FB6B695E +:103448000400002B00DA0AE1032F00D9EFE0BE00E8 +:10345800AE19736A0020002B00D1C3E60094022342 +:10346800002249464046FFF7EDFC002800D03EE127 +:10347800746A4C4500D94C46FF00ED192200696C6E +:10348800404600F061FE6B6C20001B196B64736A88 +:103498001B1B7362A6E6C04620060010C04500103C +:1034A8008CFC02102868310000F078FC002099E6B6 +:1034B8002B689846FFF7A0FB041E00D1F3E0236EAB +:1034C8009868FFF7E1FA00900700022332000C2108 +:1034D8006868FFF7B7FC002800D0A5E069680C22EF +:1034E80005A800F031FE069B059C9A46079B9B4663 +:1034F800AB68ED689946002C00DAAAE05B460397B2 +:1035080001930296009553464A462100404600F032 +:10351800B5FA67E603CD320000F05CFA62E6286887 +:10352800310000F043FA5DE641CDFFF7CBFB041E06 +:1035380000D19DE02662A16860683200FFF7F2FAC8 +:1035480000204FE6C0CD300000F006FD012801D074 +:1035580000F028FDFFF750FB041E00D1A0E0236E09 +:103568009868FFF791FA0223009000223021380072 +:10357800FFF768FC002854D1A368002B4DD03342D4 +:1035880048D031002000FFF7D7FA051E00D193E09C +:103598001035280000F09AF9002800D1B8E001227F +:1035A8000100836814315A6038002F3200F0CCFDD6 +:1035B800280000F099F903000020002B00D111E643 +:1035C800A368B343A3600DE6842040420AE6A168DD +:1035D8002800FFF793FA00263CE6002B7CDB636BA0 +:1035E800002B00D132E68423A26EE3585A60A26B06 +:1035F800002A00D12AE6226FDA60E26B002A00D1A5 +:1036080024E6A26F5A6121E600F0CCFCE8E600F05F +:10361800C9FC7BE600F0C6FCB3E700F0C3FCA36876 +:10362800ADE700F0BFFCA7E700F0BCFC56E700F0F0 +:10363800B9FC0CE700F0B6FC40E600F0B3FC32E65B +:1036480000F0B0FCB7E600F0ADFC92E600F0AAFC92 +:10365800D8E600F0A7FC51E700F0A4FC53E600F020 +:10366800A1FCF1E600F09EFCCAE500F09BFC17E621 +:1036780000F098FC5EE700F095FCB6E600F092FCDE +:10368800C4E500F08FFCC2E600F08CFCD3E500F046 +:1036980089FCFAE500F086FC89E600F083FC51E637 +:1036A80000F080FC5BE700F07DFC08E700F07AFCA6 +:1036B800BFE600F077FC61E600F074FC68E700F014 +:1036C80071FCB4E500F06EFC19E6330082331AD0C1 +:1036D8003300833300D1BDE500F064FC0026B9E572 +:1036E800E369002B0CDA0222A3685A60B8E500F0FF +:1036F80059FCBDE62000310000F06AFE002071E5AB +:1037080000F050FCA9E5A1682800FFF7F7F9A1E54A +:103718008C20404266E500F045FC3BE5054B186807 +:10372800002803D105E0006C002802D04369012B72 +:10373800F9D1704724C20108014B18687047C04688 +:1037480020C2010810B57F24046100244260029A57 +:10375800446101608260C36010BDC04670B54469B1 +:1037680082B00500002C08D10268002A05D08368C1 +:10377800002B02D0C168002903D10124200002B027 +:1037880070BD00914168183009F0FAF9124B1968B8 +:1037980000290FD028690A6990420BD90A0003E072 +:1037A8001E69B04203D91A00136C002BF8D12B64A0 +:1037B800156402E0296429001D6001236B61074B31 +:1037C8001A68002A05D012692869904201D3196045 +:1037D800D4E71D60D2E7C04628C2010824C2010808 +:1037E8004161074B012903D0064A106818607047E9 +:1037F8001A68002AFAD0126901699142F4D2F5E7F1 +:1038080024C2010828C201088022024B52055A60CE +:103818007047C04600ED00E0836B83F3098880227F +:10382800024B52051860024B5A60704720C20108CB +:1038380000ED00E070B505001400183108002822DA +:10384800290000F081FC210028001831282200F00E +:103858007BFC014B1C6070BD20C2010810B5040040 +:10386800FFF76AFF02216060FFF7BAFFFFF7CCFF9E +:1038780010BDC04670B5040040680D00002802D095 +:103888004369022B00D070BD0121FFF7A9FF6368CF +:103898009B6B1D6000236360FFF7B6FFF3E7C0462C +:1038A80010B500280FD000290DD08368002B07D051 +:1038B8008C224468A150416001338360002010BD10 +:1038C80001604160F8E780200006F8E7031E09D090 +:1038D8008268002A06D08C210068013A41589A6013 +:1038E800196070470020FCE78068434258417047E0 +:1038F800F8B5040017001D00002820D0002B1ED0AA +:1039080016001A000C36724310328A4217D1002171 +:1039180000F096FC2000230000220830E060A06040 +:103928001033A16801329C604B601960A360586035 +:103938009B199542F5D1002027606560F8BD80206D +:103948000006FBE700280BD0C3680830834207D085 +:1039580059681A68516059680C3318000A60704732 +:103968000020FCE70C3883689A68083350600260CE +:10397800186043607047C04610B504000CC8103486 +:103988000020A1420CD30C3253431B19994207D291 +:103998000C39081B1100DFF749FC48424841C0B206 +:1039A80010BDC046802040007047C04670B5050075 +:1039B8000E00FFF7DBF8041E09D0010032002800D2 +:1039C800FFF74AF9002802D12368586900E000206F +:1039D80070BDC046F0B5C64600B586B0050088463D +:1039E8001600FFF7C3F8041E41D0002E2FD000F0B8 +:1039F8004FFE3200070021002800FFF72DF90028AC +:103A08002FD139002000FFF745F8051E32D0414676 +:103A18002000FFF705F9002826D12800FFF772F9E2 +:103A2800061E27D000232A000593049303930293CC +:103A380001932100013B0097FFF766F93100200050 +:103A4800FFF7D4F9002006B004BC9046F0BDFFF79C +:103A5800F3F93200070021002800FFF7FDF80028DD +:103A6800CFD000F09FFACCE700F09CFAD5E700F041 +:103A780099FABAE783204042E5E7C046F0B54E46DA +:103A880057464546DE469846E0B59BB026AB1E78BD +:103A98004346814609911400279F042B03D8259B90 +:103AA800042B00D843E100F07DFA002E00D11FE17D +:103AB80000F0EEFD069001004846FFF707F80028E1 +:103AC80000D01FE14846FFF783F80890002800D18E +:103AD80021E14B465B68012B00D123E1022B00D189 +:103AE80059E14346DB009B460097012332005946C3 +:103AF8002000FFF7A7F9002800D029E1259B0097AF +:103B0800DB0019000793320002232498FFF79AF983 +:103B1800002800D019E10AAD20220021280000F079 +:103B28008FFB12AB9A4618002022002100F088FB78 +:103B38005A462100280000F007FB079A24995046AE +:103B480000F002FB4346002B00D18BE02797279B10 +:103B5800AB4437002C005E469B4602E00834B44272 +:103B68000ED05B4600933A00012361682068FFF796 +:103B780069F90028F2D0083400F014FAB442F0D100 +:103B880043463E005F46012B6CD9A968EB680A9A48 +:103B9800CB189A4200D2CFE04346022B62D0296963 +:103BA8006B690A9ACB189A4206D26B689C466244A3 +:103BB800914201D200F0F6F94346032B0BD0A969D4 +:103BC800EB690A9ACB189A4205D26B689C46624404 +:103BD800914200D2C5E029696B69AA68CB189A425C +:103BE80005D2EB689C466244914200D2B6E0434657 +:103BF800032B37D0A969EB69AA68CB189A4205D27A +:103C0800EB689C466244914200D2B4E04346042BE0 +:103C18000BD0296A6B6AAA68CB189A4205D2EB685E +:103C28009C466244914200D2ABE0A969EB692A69DB +:103C3800CB189A4206D26B699C466244914201D2E3 +:103C480000F0B0F94346042B0CD0296A6B6A2A6944 +:103C5800CB189A4204D26B69D218914200D28DE0F7 +:103C680000F0A0F9259B002B1AD0079B27975344F7 +:103C780037001E00279B54469B4602E00834B44296 +:103C88000ED05B4600933A00022361682068FFF774 +:103C9800D9F80028F2D0083400F084F9B442F0D101 +:103CA8004846FFF72FF8041E55D0249B019505932D +:103CB800259B089D04935346039343460293069B12 +:103CC800200000934A46099B2900FFF71DF82100B0 +:103CD8002800FFF78BF80024002801D000F062F9D3 +:103CE80020001BB03CBC90469946A246AB46F0BDAE +:103CF800FFF7A2F8069001004846FEF7E7FE002805 +:103D080000D1DFE600F04EF94846FEF761FF089063 +:103D1800002800D0DDE600F045F94B465B68012B32 +:103D280000D0DBE600F03EF94B465B68D6E643443C +:103D3800042B00D8B9E6B6E66B689C46624491420B +:103D480000D329E700F02EF926E700F02BF9E2E688 +:103D580000F028F9D2E600F025F9A6E700F022F9EC +:103D680045E700F01FF929696B69AA68CB189A42E0 +:103D780000D236E73EE700F015F947E700F012F900 +:103D88006EE700F00FF9A969EB692A69CB189A4226 +:103D980000D250E759E781246442A1E7F0B5040056 +:103DA80087B0002828D0002928D1FFF745F8070058 +:103DB80020003900FEF78AFE002828D12000FEF7EF +:103DC80007FF051E2CD02000FEF79CFF061E24D0FE +:103DD8006368012B1ED000232900059304930393E5 +:103DE8000293019330000097023B2200FEF78CFFFC +:103DF80031002800FEF7FAFF07B0F0BD00F048FCDC +:103E0800070020003900FEF761FE0028D6D000F038 +:103E1800C9F8D3E700F0C6F8DDE700F0C3F8D7E744 +:103E280000F0C0F8CFE7C046F8B509F0CFFC00288D +:103E380034D109F0CDFC002830D109F0CBFC0028A2 +:103E48002CD109F057FB002828D10AF0B1FD002831 +:103E580024D11648DFF726FB02211548DFF722FB9D +:103E680000F0C2F809F0AEFC002817D1114B1F680A +:103E7800002F15D0104C002609E00021280009F079 +:103E88009FFC00280AD101361034BE4208D02568AC +:103E98006168280009F0FCFB0028EED01F20F8BD5F +:103EA80009F060FC0028FAD0F8E7C04618FD0210B7 +:103EB80050FD0210ECFC0210F4FC0210036810B56F +:103EC8000400002B02D00323036010BDFEF794FE0C +:103ED800002802D000232360F7E700F063F8F9E731 +:103EE80010B5FFF7A1FF00282BD1174B00220121A5 +:103EF8001648DFF7D7FAFEF769FD00281ED109F04A +:103F080051FB002817D108F037FE05200021404258 +:103F180009F0BEFB00280BD10D490E4A0B6A1A4066 +:103F2800C0231B0413430B6200F05CF8002010BD93 +:103F380000F038F8F8E700F035F8E4E700F032F878 +:103F4800DDE700F02FF8D0E7F0FC0210F4FC0210D7 +:103F580000ED00E0FFFF00FF002807D00023013339 +:103F6800421EDBB21040FAD1180070470020FCE76F +:103F780003000020002B04D0581E0340584258412B +:103F8800C0B2704710B5CC43844208D3904206D3E0 +:103F98000139401883429B411F20184000E01F2030 +:103FA80010BDC04610B50AF00FFD10BD70B583698D +:103FB8000500023B18780C0006280DD00D2806D005 +:103FC8000A002900FFF7CEF82860200070BD08F02D +:103FD800D5FDFEF753FFF9E7280000F015F820009B +:103FE800F4E7C0460DDF7047044A054B12889A4231 +:103FF80002D10122034B1A607047C046000800082E +:10400800162000002CC20108F0B54546DE4657468A +:104018004E46E0B5036885B0040098464768866850 +:10402800FEF7EAFD051E62D02B6E35049868FEF790 +:104038002BFD2D0C00900223002229003800FEF7EA +:1040480001FF002803D13A4B1B68012B08D003233A +:10405800236005B03CBC90469946A246AB46F0BDED +:10406800FEF7EAFE0623FF339842F0D14346DBB25F +:10407800012BECD1B6B2032EE9D92E4A2D4B91462D +:104088005B8899442C4B3B8004237B803B1D9A46DC +:104098002A4B994546DD98463F239B46230003AEAD +:1040A8004C46A9464546B84657469A460CE004226F +:1040B8003100280000F048F833881B0B012B19D079 +:1040C8007388ED18AC422CD904222900300000F086 +:1040D8003BF873883288043373805B4613403F2B68 +:1040E800E5D19211134017D1154B3380DFE7FFF765 +:1040F80059FF99E743467288FB1A9B184B4514DC15 +:104108002900380000F020F842464146738852885A +:10411800FF189A184A80D4E7012BC8D1094B33807D +:10412800C5E754460023236093E754468FE7C0460B +:104138002CC2010800080008162000000408000826 +:104148003F1100007F110000F0B50500C6460324AA +:104158004D4000B506000B002C4226D1002A0ED097 +:104168000325204204D10DE00B00260025420AD089 +:10417800591C1B78013A741C3370002AF4D104BC12 +:104188009046F0BD0400032A55D9171FBF08BF0089 +:104198000B1DFF18641A65180B1D09682E1D296070 +:1041A8001900BB42F7D103210A40511E8846002A54 +:1041B800E5D000210D001C1DA6424D412C00351DE7 +:1041C800AB424941214309249442A44164420C4230 +:1041D80029D031001943890725D14146022915D92B +:1041E80091088C4600241900F51A0F6801346F50A5 +:1041F8000431A445F9D8032114008C432100444616 +:10420800641AA04676185B189142B8D01A783270B2 +:104218004246002AB3D05A7872704246012AAED07C +:104228009B78B370ABE79A18F51A1978E9540133FB +:104238009342FAD1A3E7531E984626000B00B8E72D +:10424800F8B54E46DE4657464546CCB2E0B50600C0 +:10425800002A0BD0830710D0032502E018001D4266 +:104268000CD0013A431C0470002AF7D130003CBC42 +:1042780090469946A246AB46F8BD0300032A2CD9BE +:10428800FF25141FA00887000D40844608068246B3 +:1042980028430D04A846FF252D04A9468346454614 +:1042A8004846054028005D46054350461C1D000C45 +:1042B8003F19054300E004341D6020002300A74295 +:1042C800F9D16446531FA4001C1B9307CED0FF23CB +:1042D800621C1940DCF72FFAC8E7541E1800F6E7ED +:1042E8007047C0467047C0460020704710B5FFF7BA +:1042F80059FB10BD10B50068FFF758FB10BDC0464C +:1043080010B50A00C1690068FFF764FB10BDC0461C +:1043180070B50D00002684B044680369C2688168DE +:104328000396029585690195406900902000FFF782 +:10433800A5FB04B070BDC04610B54068FFF72EFD60 +:1043480010BDC04630B500281CD00268002A19D01C +:104358004168002916D08068002813D00A4B0B4CFE +:104368001D68A5420CD10A4C5D68A54208D1094CCC +:104378009D68A54204D1986000201A60596030BD3C +:104388000548FCE70548FAE7A4AF0108E94202102E +:10439800ED420210F142021002000080010000808C +:1043A800034B044A1A60044A5A60044A9A607047E8 +:1043B800A4AF0108E9420210ED420210F1420210D6 +:1043C80010B5024B1B68984710BDC046A4AF010842 +:1043D800882310B5C058024B5B68984710BDC0468B +:1043E800A4AF0108044B10B59B6804000800984767 +:1043F8008823E05010BDC046A4AF0108A823064A90 +:10440800D35C032B05D801339800C018C00080186E +:1044180070470020FCE7C04630C20108A423F0B56D +:10442800244C83B0E558002837D00368002B37D0D8 +:104438000127013BDBB29F40032B27D822683A4271 +:1044480022D19A00D618F600019104362C20D218F1 +:10445800D200A2182432137801A901335843042248 +:104468002818FFF771FEA01928220021FFF7E8FE9F +:1044780023683B43236008F043FBAB681F43AF60EE +:1044880008F046FB08F0ECFA03B0F0BD01910422F5 +:1044980001A90020FFF758FEEDE701270023CDE72B +:1044A8002368DB07F0D401910426012700230022AA +:1044B800CCE7C04630C20108F0B5DE4657464E4646 +:1044C8004546A423E0B55D4F8DB0FB589A4608F0E9 +:1044D80017FB53465B689B46002B00D1A9E008F008 +:1044E80017FB0C235344984684235B420193002313 +:1044F80000243D1D02930126E3B29946A6405B467F +:1045080001341E424FD03B684A46B3433B602023E8 +:104518009C46AC44634641461A7028002022039307 +:10452800FFF712FE4A46A8236C62FA542B68202231 +:104538009946002104A8DCF7FEF84B46052B2AD83B +:104548003F4A9B00D3589F466B6801210493AB6890 +:1045580004A80B93FFF7D4FE01900423A822BB54B0 +:104568002B685A1E012A05D9033B012B1BD8019B36 +:10457800002B18D02C20A422029B04A933430293B9 +:10458800019B0493039B1B7801334343B858A03A1B +:10459800C018FFF7D9FD282200212800FFF750FE98 +:1045A8003B681E433E602C239C462835E044042C7F +:1045B800A1D108F0A5FA53465A465B68029D934379 +:1045C80052465360936800242B43936008F0A0FA86 +:1045D800002D01D008F044FA20000DB03CBC9046F4 +:1045E8009946A246AB46F0BD6B68012104A8049326 +:1045F800FFF780FE0190B0E76B68012104A80593DE +:10460800FFF79AFEA9E76B6801210593AB6804A838 +:104618000693EB6807932B6908936B690993AB6959 +:104628000A93FFF775FE019097E7FFF75FFE019089 +:1046380093E708F06DFA034CCEE7C04630C2010894 +:1046480070FD02100400008010B5FFF735FF10BDA3 +:1046580010B50C4CAC2200212000FFF7F1FD0F2310 +:1046680009482360FFF76EFE002808D1200008F0F3 +:1046780017FA041E01D0FFF793FE200010BD034C6B +:10468800FBE7C04630C2010888FD02100600008022 +:10469800012040427047C04610B50648DEF702FFC9 +:1046A80008F082FF08F08CFF08F0A8FFFFF7D0FFA2 +:1046B800FEE7C04694FD0210012370B51370140084 +:1046C800144B154A05000E00FFF75CFC002802D1C8 +:1046D8000023637070BD114B114A31002800FFF7A9 +:1046E80051FC0028F4D00F4B0F4A31002800FFF787 +:1046F80049FC002802D101236370EBE70B4B0C4AFD +:1047080031002800FFF73EFC0028F4D00023237076 +:10471800E0E7C046FF7F0E0800000308FFFB161005 +:1047280000040510FFFF020800180008FFFB041032 +:1047380000040010F0B50023C646012700B59846CE +:1047480013702B4B14005770013B2A4A05000E00CA +:10475800FFF718FC002809D1002301222371E27019 +:104768006271A371A37004BC9046F0BD224B234A2A +:10477800013B31002800FFF705FC002806D1012382 +:10478800E37023716371A371A370ECE71C4B1D4A9E +:10479800013B31002800FFF7F5FB0028DCD01A4B5D +:1047A8001A4A013B31002800FFF7ECFB0028E6D04D +:1047B800174B184A31002800FFF7E4FB002805D101 +:1047C800E77027716071A071A770CCE7124B134A8C +:1047D80031002800FFF7D6FB002802D0434663705B +:1047E800C1E7E77020716071A071A070BBE7C04697 +:1047F800C045001020060010001800080018000826 +:10480800402902104029021000180008001800086A +:10481800FFFF020800180008FFFB04100004001046 +:10482800F0B50023C646012500B51400137098465C +:104838005570104B104A06000F00FFF7A3FB002825 +:1048480007D1E57025716571A571A57004BC904606 +:10485800F0BD0A4B0A4A39003000FFF793FB0028E5 +:1048680002D043466370F1E7E57020716571A0716D +:10487800A070EBE7FF7F0E0800000308FFFB16108F +:1048880000040510F0B5D6464F464646C0B50400AC +:1048980084B00D00002B4DD01F20012B44D10023E4 +:1048A8009A46002A4AD1002301279946002C4AD06B +:1048B800EB431F209C4237D8EFF30583002B44D0ED +:1048C800002301AE337098463200013329002000DE +:1048D800737008F009FF3378002B34D073781F20E9 +:1048E800BB4221D180235B020293434602AE33715F +:1048F8007371B371320029002000002F28D008F00E +:104908000BFF3378002B2FD07378F1787279002B56 +:1049180019D04B46002B1ED00020002904D150424C +:1049280050411F234042184004B01CBC9046994691 +:10493800A246F0BD04239A46002AB4D012230027C9 +:104948009946002CB4D11F20EEE7FFF72BFBB7E701 +:1049580008F004FFD8E75346002BE0D1484248410D +:104968001F2340421840DFE7FFF71CFBCCE7C04697 +:10497800F0B5D6464F464646C0B5040084B00D0093 +:10498800002B54D01F20012B4BD100239A46002A1C +:1049980051D1002301279946002C51D0EB431F2009 +:1049A8009C423ED8EFF30583002B4BD0002301AE89 +:1049B800337098463200013329002000737008F0E4 +:1049C80093FE3378002B3BD073781F20BB4228D14D +:1049D80080235B020293434602AE33717371B37155 +:1049E800320029002000002F2FD008F095FE3378E0 +:1049F800002B38D07378F17834797579B279002B37 +:104A08001ED04B46002B23D0002902D11F20002D99 +:104A180007D00020002C04D1504250411F234042AF +:104A2800184004B01CBC90469946A246F0BD042329 +:104A38009A46002AADD0122300279946002CADD102 +:104A48001F20EEE7FFF7AEFAB0E708F087FED1E7E0 +:104A580053461F20002B09D0002DE2D053425A4163 +:104A680052421040DDE7FFF79DFAC3E70029D8D08E +:104A780063425C4164422040D3E7C04670B5094EAA +:104A880082B073690193984703000020002B07D177 +:104A98000124F56AA8470442FCD1336A0193984778 +:104AA80002B070BD3405031070B50B4E82B0736947 +:104AB800080011000193984703000020002B01D043 +:104AC80002B070BD0124F56AA8470442FCD1336ADC +:104AD80001939847F4E7C0463405031010B5084C15 +:104AE8000020A3689847236902209847E121A46A17 +:104AF80049020120A04701211520A04710BDC0464A +:104B0800340503101A4BF0B51D68002D2ED0AB6B81 +:104B1800C3181F680F242B6DC618AB68C21813681A +:104B28002340062BFBD88022EB681206C3181143DA +:104B38001960BE4212D08021AB684902C2181368BE +:104B48000B42FCD02B68C0180A4B1A682923D35C87 +:104B58001F2B04D8802203681A42FCD1F0BD0368D9 +:104B6800002BFBD00368002BF9D1F7E70027D1E72A +:104B7800DCC2010814E801088C461E49F0B5096832 +:104B8800002935D08C6B041926680C6D0F27041981 +:104B9800361B741EA6418C68F6B205192C683C4079 +:104BA800062CFBD8CC681206041913432360002E88 +:104BB80003D16346002B00D1F0BD80248B686402CA +:104BC800C21813682342FCD00B68C0180A4B1A6835 +:104BD8002923D35C1F2B04D8802203681A42FCD1F6 +:104BE800EAE70368002BE7D00368002BF9D1E3E775 +:104BF8000026CAE7DCC2010814E80108F8B5C54B6D +:104C08001B68002B00D19EE29A6B821816680F244D +:104C18001A6D85189A6881180A682240062AFBD8F6 +:104C2800B821DA68090682181160BB4A14689A68C4 +:104C38008118B5420FD080256D020A682A42FCD03F +:104C480029251A68655D82181F2D00D9F7E180268D +:104C580015682E42FCD10F259A6B821817681A6DB9 +:104C680086180A682A40062AFBD8B421DA68090699 +:104C7800821811609A688118B7420FD080256D029A +:104C88000A682A42FCD029251A68655D82181F2DFA +:104C980000D9DCE1802615682E42FCD10F259A6BDD +:104CA800821817681A6D86180A682A40062AFBD8DF +:104CB800B021DA680906821811609A688118B7422B +:104CC8000FD080256D020A682A42FCD029251A686F +:104CD800655D82181F2D00D9C1E1802615682E4216 +:104CE800FCD10F259A6B821817681A6D86180A6806 +:104CF8002A40062AFBD8AC21DA6809068218116016 +:104D08009A688118B7420FD080256D020A682A4236 +:104D1800FCD029251A68655D82181F2D00D9A6E1E7 +:104D2800802615682E42FCD10F259A6B82181768C9 +:104D38001A6D86180A682A40062AFBD8A821DA685C +:104D48000906821811609A688118B7420FD0802529 +:104D58006D020A682A42FCD029251A68655D821806 +:104D68001F2D00D98BE1802615682E42FCD10F2516 +:104D78009A6B821817681A6D86180A682A40062ADC +:104D8800FBD8A421DA680906821811609A6881188C +:104D9800B7420FD080256D020A682A42FCD0292527 +:104DA8001A68655D82181F2D00D970E18026156884 +:104DB8002E42FCD10F259A6B821817681A6D861837 +:104DC8000A682A40062AFBD8A021DA680906821850 +:104DD80011609A688118B7420FD080256D020A6861 +:104DE8002A42FCD029251A68655D82181F2D00D932 +:104DF80055E1802615682E42FCD10F259A6B821842 +:104E080017681A6D86180A682A40062AFBD89C215A +:104E1800DA680906821811609A688118B7420FD0BB +:104E280080256D020A682A42FCD029251A68655D2A +:104E380082181F2D00D93AE1802615682E42FCD130 +:104E48000F259A6B821817681A6D86180A682A4007 +:104E5800062AFBD89821DA680906821811609A6830 +:104E68008118B7420FD080256D020A682A42FCD00B +:104E780029251A68655D82181F2D00D91FE1802633 +:104E880015682E42FCD10F259A6B821817681A6D87 +:104E980086180A682A40062AFBD89421DA68090687 +:104EA800821811609A688118B7420FD080256D0268 +:104EB8000A682A42FCD029251A68655D82181F2DC8 +:104EC80000D904E1802615682E42FCD10F259A6B83 +:104ED800821817681A6D86180A682A40062AFBD8AD +:104EE8009021DA680906821811609A688118B74219 +:104EF80014D080256D020A682A42FCD029251A6838 +:104F0800655D82181F2D00D9E9E0802615682E42BC +:104F1800FCD103E0DCC2010814E801080F259A6BF4 +:104F2800821817681A6D86180A682A40062AFBD85C +:104F38008C21DA680906821811609A688118B742CC +:104F48000FD080256D020A682A42FCD029251A68EC +:104F5800655D82181F2D00D9C9E0802615682E428C +:104F6800FCD10F259A6B821817681A6D86180A6883 +:104F78002A40062AFBD88821DA68090682181160B7 +:104F88009A688118B7420FD080256D020A682A42B4 +:104F9800FCD029251A68655D82181F2D00D9AEE05E +:104FA800802615682E42FCD10F259A6B8218176847 +:104FB8001A6D86180A682A40062AFBD88421DA68FE +:104FC8000906821811609A688118B7420FD08025A7 +:104FD8006D020A682A42FCD029251A68655D821884 +:104FE8001F2D00D993E0802615682E42FCD10F258D +:104FF8009A6B821817681A6D86180A682A40062A5A +:10500800FBD88021DA680906821811604F4A1168B6 +:105018008908B74200D18EE080269A687602851802 +:105028002A683242FCD029221B68A25CC3181F2AB6 +:1050380075D880241A681442FCD10C2373E01568D3 +:10504800002D00D107E61568002DF8D103E6156894 +:10505800002D00D122E61568002DF8D11EE615684E +:10506800002D00D13DE61568002DF8D139E6156808 +:10507800002D00D158E61568002DF8D154E61568C2 +:10508800002D00D173E61568002DF8D16FE615687C +:10509800002D00D18EE61568002DF8D18AE6156836 +:1050A800002D00D1A9E61568002DF8D1A5E61568F0 +:1050B800002D00D1C4E61568002DF8D1C0E61568AA +:1050C800002D00D1DFE61568002DF8D1DBE6156864 +:1050D800002D00D1FAE61568002DF8D1F6E615681E +:1050E800002D00D11AE71568002DF8D116E71568CC +:1050F800002D00D135E71568002DF8D131E7156886 +:10510800002D00D150E71568002DF8D14CE715683F +:10511800002D00D16BE71568002DF8D167E71A68F4 +:10512800002AFCD10D2399400B00F0218905194371 +:10513800FFF7E8FCF8BD2923E25C0A3B93429B4158 +:105148005B420C33EFE7002661E5C046E0C2010888 +:10515800054B1A682923D35C1F2B03D9034A044B38 +:105168001A607047034AFAE714E8010804FE0210BF +:10517800DCC20108B0FD0210F0B5C6464E4B040073 +:105188001868292300B5C35C1F2B14D84B4A4C4B15 +:10519800012113604B4A4C4D22609022D200A21884 +:1051A80011602A68002A22D02000FFF727FD00207E +:1051B80004BC9046F0BD414A444B454913602268FF +:1051C800414D0A402260822242495201A2181160D0 +:1051D8008022216812060A4322600322A260A422C8 +:1051E80001215201A21811602A68002ADCD1196D28 +:1051F80061180029D8D0866CB600771EB846364F9D +:10520800B845D1D880273F01BE4249D030D9802740 +:10521800BF01BE4226D03BD98027FF01BE4242D003 +:1052280080273F02BE42BFD12927C75D1F2F1CD947 +:1052380047460F42B8D1294FE2519B6BE3181960DA +:105248002923C25C0A3B93429B415B420C33B10861 +:1052580099400B00F021890519432000FFF752FC03 +:105268002E60A1E7C022D201DEE78A04E5D09BE7E1 +:105278008022920096421BD08022D200964214D0FF +:1052880080225200964200D08EE7FE22D201CBE760 +:1052980080225201964200D086E7E022D201C3E77D +:1052A800F022D201C0E73200BEE7F822D201BBE704 +:1052B800FC22D201B8E7C04614E80108DCC20108A4 +:1052C800B0FD021003000080E0C2010804FE0210D5 +:1052D800FFFFFE7F01000200FF7F0000881400002E +:1052E800084B1A682923D35C1F2B07D900230360B6 +:1052F80083600022044B00201A607047002303607B +:10530800F7E7C04614E80108E0C2010810B5012912 +:1053180014D901220A4054426241CB0F5B185B103A +:1053280001399B1A8B4209DA4118C31802780C78A4 +:10533800013904704A7001309942F7D110BDC04656 +:1053480030B50F24084B1D68AB68C218136823409A +:10535800062BFBD88022EB68D205C3181A60EB68CD +:10536800C018016030BDC046DCC2010870B50F2509 +:10537800094B1E68B368C41823682B40052BFBD85B +:10538800F368064CC3181C60F368C3181960F36807 +:10539800C018026070BDC046DCC2010810000041A0 +:1053A800F0B50F260A4C2768BC6805192C683440EC +:1053B800042CFBD8FC68074D04192560FC68041907 +:1053C8002160F96841180A60FA6880180360F0BD26 +:1053D800DCC2010810020042F0B50F260C4C276809 +:1053E800BC6805192C683440032CFBD8FC68094DAF +:1053F80004192560FC6804192160F96841180A60DD +:10540800FA6882181360FB68C018059B0360F0BD3A +:10541800DCC201081032004330B50F24064B1D686A +:10542800AB68C21813682340072BFBD8EB68090642 +:10543800C018016030BDC046DCC2010870B50F2538 +:10544800074A1668B268841822682A40072AFBD8D7 +:10545800F2680906801801229A401143016070BD64 +:10546800DCC20108F0B50F250A4A1F00166805AB13 +:10547800B2681B78841822682A40072AFBD8F26889 +:105488000906801802229A400123BB40134319439E +:105498000160F0BDDCC20108F0B50F251F000C4B00 +:1054A8001E68B368C41822682A40072AFBD802225B +:1054B800F368069CC018059B09069A400123BB4067 +:1054C80013430322A240134319430160F0BDC046B1 +:1054D800DCC2010870B50400A020194D80002550D9 +:1054E8003F2504302550B0250020AD006051083517 +:1054F8006051B420012580002550124D10302550F0 +:1055080040382150A9218900625020001900FFF776 +:1055180017FF002260212000FFF77EFF40210A4B81 +:1055280018680368E21813680B40FCD1C269A21816 +:105538001168049A00201160A1229200A35070BD46 +:105548000000033101000100DCC20108F0B5A0240D +:105558001C4DA40005513F250434B02605510025F3 +:10556800B600855108368551174F083601358551E3 +:1055780010368751403E8151A92189004250A2220C +:105588009200835003599B0715D0A42322000324BB +:105598009B00C5500D4B1E683368C5182968835891 +:1055A8001C4208D00029F9DBF369C3181A68059B67 +:1055B8001A60002300E0064BA122002192008150CE +:1055C8001800F0BD0000033101000100DCC2010831 +:1055D80001003200014B18607047C04614E801080A +:1055E80070B5C4050500E40D3AD107F0F1FB1D4B79 +:1055F8001D4A1A605D609C60DC6050231B4C226869 +:10560800D35C002B05D18020002140000AF0FCF873 +:1056180070BD002001F044FD8021226813685258B3 +:105628009B1819681C68090E01314B081818DDF71A +:1056380077FD2404240E01346308C0182100DDF727 +:105648006FFDFA218900DDF76BFD01000848DDF7E1 +:1056580067FD084BC118802040000AF0D5F8D7E74D +:105668000548D5E7E4C201080001001C14E8010858 +:1056780060F59000980800000600520070B5C30558 +:1056880004000D00002B16D1002914D0802607F045 +:105698009FFB1D4B1D4A76001A605E609C60DD60B2 +:1056A8004F231B4C2268D35C002B06D1002130000D +:1056B8000AF0AAF800E0174870BD002001F0F0FCDD +:1056C80080212268136852589B1819681C68090EB3 +:1056D80001314B081818DDF723FD2404240E01348A +:1056E8006308C0182100DDF71BFDFA218900DDF7EA +:1056F80017FD01000848DDF713FDE1239B00C118E1 +:1057080030000AF081F8D7E7E4C20108000100067A +:1057180014E8010806005200808D5B00F0B5DE46F3 +:1057280057464E464546E0B583B0002800D1C2E052 +:10573800002A00D1BFE001238B409C461368002B50 +:1057480000D1A8E0634683608B0001935B4B0F2474 +:105758001D687923EE5C27003618336899468B005C +:105768009F404B46BB4357683C408F00BC40234397 +:1057780033606C691F26A046AB69147AC31ADB092B +:105788001B0143443440032900D887E05F68B846CA +:105798000F1FFF00BE40B9464746B7433E004F467D +:1057A800BC4034435C604B0098467823EB5C47462A +:1057B800994681444B461E6803231C00BC40A643FF +:1057C800D4681C40BC4026434C46266084690126A8 +:1057D800A2466446E443A1461469574634408C40C7 +:1057E800A3464C4627403C005F4627437A248761FE +:1057F8002C5D5769A24637408F4082445446BB46C9 +:105808004F4624683C405F463C4357463C607B27F4 +:10581800EF5D4446B846804447463F681034B94671 +:10582800976937408F40D1691940A140A3400F4381 +:105838001900634619434B468B43190043463943C5 +:1058480019607C23EB5C019DC018536A01685C00F9 +:1058580002232340946AA70004243C402343146A8B +:105868002640D46A3343E600182434402343FF24F7 +:10587800126BA143520122401343FE2292001540AD +:10588800AB400B430360002003B03CBC90469946F4 +:10589800A246AB46F0BD6346436055E71F68B8466D +:1058A800CF00BE40B9464746B7433E004F46BC40CE +:1058B80034431C6077E70248E6E7C04614E801086D +:1058C80001005A00F0B54F46D6464646C0B508AC6A +:1058D8002578012427001C408F408C4006681C4B0B +:1058E800BE4334431E6879230460F75C8B009C46F2 +:1058F8000F23924699461A0063469A403F183C681F +:105908004B469443524613406246934023433B60C0 +:10591800B3691F22C01AC00973690001C0182B009F +:10592800134003290CD90439C9008A408B404468C4 +:105938009443234343601CBC90469946A246F0BD5D +:10594800C9008A408B400468944323430360F2E70C +:1059580014E80108F0230A041B031A400F2310B5AA +:105968001C000C402243084C80022468246900195A +:105978008024E401025100591840401A431E9841FE +:10598800024B4042184010BD14E801080300C20051 +:10599800044B10301B6880021B69C3580F20184045 +:1059A8007047C04614E8010810B54A897F231400DF +:1059B8009C43231E23D18C7907332340520213437F +:1059C8004A7ACC79920713433822E40022401343E1 +:1059D8000A7A01214A40920113431A0009490A40F0 +:1059E8009A420CD14262406A0840801A43425841A8 +:1059F800054B40421840054B9C46604400E0044873 +:105A080010BDC046DBFEFFE0FDFF3DFF0300C20006 +:105A18000100C20030B54C897F2322009A43131E2F +:105A280030D10A68FF339A434B798D791A4307239B +:105A380064022B4023434C7ACD79A40723433824AE +:105A4800ED002C40012523430C7A09796C40A40110 +:105A58002343F8240906640521400B434360026090 +:105A6800016891420CD14068074A1040C01A43426D +:105A78005841064B40421840054B9C46604430BD97 +:105A88000348FCE70348FAE7FFFEFFFFFDFF3DFF81 +:105A98000300C2000100C2008023426A1B061343B0 +:105AA8004362406A024BC00F013818407047C04635 +:105AB8000300C200802342681B061343436040680A +:105AC800024BC00F013818407047C0460300C2009F +:105AD800F0B5CE4647464C4D80B52E682C25755DF1 +:105AE80007AC24781F2D00D88BE09D000C232B4099 +:105AF80003252A401A4363425C412401224349009A +:105B080013040F0B994616021506C36BFC0702D542 +:105B18001F24A3431343BC0702D53C4C2340334303 +:105B28007C0703D53A4C23404C4623433C0702D517 +:105B3800384F3B402B43C363C76BDB1B5F1EBB4126 +:105B4800354F5B423B400F0ABC466446876BE4070F +:105B580002D51F24A74317436446A40702D52B4C3C +:105B6800274037436446640703D5294C27404C46F1 +:105B780027436446240702D5264C27402F438763D2 +:105B8800846BBC4200D0244B0C09A446476BE40745 +:105B980002D51F24A74317436246920702D51B4A22 +:105BA800174037436246520703D5194A17404A46F9 +:105BB80017436246120702D5164A17402F43476318 +:105BC800426B974200D0144B026B8C0702D50F4FE3 +:105BD8003A4032434C0703D54C460D4E32402243DF +:105BE800090702D50B490A402A430263016B4A4060 +:105BF8001F218A4300D0084B18000CBC90469946D8 +:105C0800F0BD064BF8E7C04614E80108FFE0FFFFC7 +:105C1800FFFFE0FFFFFFFFE00300C2000200C20039 +:105C2800114B30B51C682C23E35C1F2B1AD90323B6 +:105C3800F825994301606D05130644682B400B4D08 +:105C48002C40234343600368994209D14068C0004F +:105C5800C00E101A421E9041054A4042104030BD05 +:105C68000348FCE70348FAE714E80108FFFFFFE0F0 +:105C78000300C2000200C200F0B5CE4647464C4DB4 +:105C880080B52E682C25755D07AC24781F2D00D8AB +:105C98008BE09D000C232B4003252A401A436342C6 +:105CA8005C4124012243490013040F0B9946160254 +:105CB8001506C369FC0702D51F24A3431343BC0779 +:105CC80002D53C4C234033437C0703D53A4C234050 +:105CD8004C4623433C0702D5384F3B402B43C36116 +:105CE800C769DB1B5F1EBB41354F5B423B400F0A58 +:105CF800BC4664468769E40702D51F24A7431743B7 +:105D08006446A40702D52B4C2740374364466407F2 +:105D180003D5294C27404C4627436446240702D51F +:105D2800264C27402F4387618469BC4200D0244B0E +:105D38000C09A4464769E40702D51F24A743174363 +:105D48006246920702D51B4A1740374362465207FC +:105D580003D5194A17404A4617436246120702D527 +:105D6800164A17402F4347614269974200D0144BA7 +:105D780002698C0702D50F4F3A4032434C0703D5CE +:105D88004C460D4E32402243090702D50B490A40C2 +:105D98002A43026101694A401F218A4300D0084B07 +:105DA80018000CBC90469946F0BD064BF8E7C04673 +:105DB80014E80108FFE0FFFFFFFFE0FFFFFFFFE03F +:105DC8000300C2000200C200094B1A682C23D35CEE +:105DD8001F2B0AD9802342681B061343436040687F +:105DE800044BC00F0138184070470348FCE7C04611 +:105DF80014E801080300C2000200C200F0B5CE4654 +:105E080047464C4D80B52E682C25755D07AC247827 +:105E18001F2D00D88BE09D000C232B4003252A4022 +:105E28001A4363425C4124012243490013040F0BC7 +:105E3800994616021506C36BFC0702D51F24A34317 +:105E48001343BC0702D53C4C234033437C0703D59E +:105E58003A4C23404C4623433C0702D5384F3B403D +:105E68002B43C363C76BDB1B5F1EBB41354F5B42D4 +:105E78003B400F0ABC466446876BE40702D51F24E3 +:105E8800A74317436446A40702D52B4C2740374342 +:105E98006446640703D5294C27404C46274364468B +:105EA800240702D5264C27402F438763846BBC42C6 +:105EB80000D0244B0C09A446476BE40702D51F24E5 +:105EC800A74317436246920702D51B4A1740374338 +:105ED8006246520703D5194A17404A461743624695 +:105EE800120702D5164A17402F434763426B974261 +:105EF80000D0144B026B8C0702D50F4F3A40324347 +:105F08004C0703D54C460D4E32402243090702D5B3 +:105F18000B490A402A430263016B4A401F218A4306 +:105F280000D0084B18000CBC90469946F0BD064BB3 +:105F3800F8E7C04614E80108FFE0FFFFFFFFE0FFB5 +:105F4800FFFFFFE00300C2000200C200F0B5CE462A +:105F580047464C4D80B52E682C25755D07AC2478D6 +:105F68001F2D00D88BE09D000C232B4003252A40D1 +:105F78001A4363425C4124012243490013040F0B76 +:105F8800994616021506C369FC0702D51F24A343C8 +:105F98001343BC0702D53C4C234033437C0703D54D +:105FA8003A4C23404C4623433C0702D5384F3B40EC +:105FB8002B43C361C769DB1B5F1EBB41354F5B4287 +:105FC8003B400F0ABC4664468769E40702D51F2494 +:105FD800A74317436446A40702D52B4C27403743F1 +:105FE8006446640703D5294C27404C46274364463A +:105FF800240702D5264C27402F4387618469BC4279 +:1060080000D0244B0C09A4464769E40702D51F2495 +:10601800A74317436246920702D51B4A17403743E6 +:106028006246520703D5194A17404A461743624643 +:10603800120702D5164A17402F4347614269974213 +:1060480000D0144B02698C0702D50F4F3A403243F7 +:106058004C0703D54C460D4E32402243090702D562 +:106068000B490A402A43026101694A401F218A43B9 +:1060780000D0084B18000CBC90469946F0BD064B62 +:10608800F8E7C04614E80108FFE0FFFFFFFFE0FF64 +:10609800FFFFFFE00300C2000200C200074B1A68BE +:1060A800B023D358C3181B68002B04DA0904090C61 +:1060B8004160002070470248FCE7C04614E8010828 +:1060C80001008A000368002B05DA0904090CC26084 +:1060D8008160002070470148FCE7C04601008A0043 +:1060E800064B1A68B023D358C3181B68002B03DA71 +:1060F800C36800200B6070470148FCE714E80108FA +:1061080001008A00024B1A68002A00D11860704703 +:10611800F8C201080821425EF0B557469246DE46AD +:106128004E4645465146E0B5036A87B00293394B5F +:10613800466A04AA11801A680396938E90460268EC +:10614800816A944604AA63445380334B01911D68C5 +:10615800FF212C2342680C000592C26AA9460092CE +:10616800C26807695A4380339B463C40A44643466D +:106178005E464A4414603C0A0C403F0C54609760E9 +:106188009E5B6346734345469C462D6AB046AC44C5 +:1061980066468034166164013E042C193743546105 +:1061A800A760019F5646D761009C9681146200241F +:1061B80094612C22039E029B370A53430A003940FC +:1061C80047464B4432401A607A435960360C52199C +:1061D80080311A61490132049E6069181643596179 +:1061E8008E60DC611C629C61016B04A801F034F8CC +:1061F80004AB00229B5E002B05DB1F221A40012303 +:106208009340064A136007B03CBC90469946A246A4 +:10621800AB46F0BD14E80108F8C2010800E100E04F +:10622800F0B52C25124C684324684D4320180169A9 +:106238006419002919D0A569002D14D10D68002D05 +:1062480011DA4768012006006568AE4015883604F3 +:1062580035431560CA60A061B8400004000C636251 +:106268008860002000E00348F0BD0348FCE7C04612 +:10627800F8C2010807028A0004028A0070B52C25BA +:10628800234B68431D68002382B02D1801936B6966 +:10629800DC68220C0BD012041A601A681D4A28699F +:1062A8001168B0228A5882181268002A10DB240468 +:1062B800240C0AD01C601A686A6A002A22D0904707 +:1062C80000236B626B690022AA611B6802B070BD73 +:1062D80001A9FFF705FF002600280DD1FF2301982B +:1062E8000268160C1340EA69934205D22A6A9B0099 +:1062F8009B58002B00D0984731002869FFF7CEFE45 +:106308006B69D4E7AA6A002ADDD090476B69DAE79F +:10631800F8C2010814E8010870B5131E2DD0002931 +:106328002DD02E241C4D6A601C4A29601268145D09 +:10633800A04224D2CC0622D1AC24145B184E604370 +:10634800146ACA080419002118003460DAF7F3F94E +:1063580000212000FFF7A2FE2A0000213068FFF785 +:10636800B1FE002807D130680021FFF797FE03002F +:106378000020002B04D00B4802E0002901D00A4875 +:1063880070BD064B1A68AC23D35A5843136AC01819 +:10639800034B18600020F3E7F405001014E8010827 +:1063A800FCC2010801018A0003018A00F0B5C64653 +:1063B800244D00B52A68D4682368834223D91F2353 +:1063C8000127460918408740002907D01368002B89 +:1063D80022DB1D4C200004BC9046F0BD09F0C9F931 +:1063E800804628680368002B24DA6368B6009E1983 +:1063F80033681F4209D00021FFF750FE134C404676 +:1064080009F0BBF9E6E7124CE4E73B4333600021AF +:10641800FFF744FE0024F2E76368B6009E1933686C +:106428003B4209D13B43336000211000FFF736FEA1 +:106438000024CFE7044CE2E700211000FFF72EFE0E +:10644800024CC7E7FCC2010803018800020188006A +:1064580004018A00F0B5C646244D00B52A68D46800 +:106468002368834223D91F23012746091840874000 +:10647800002907D01368002B22DB1D4C200004BC28 +:106488009046F0BD09F075F9804628680368002B2E +:1064980024DA6368B6009E1933681F4209D10021C7 +:1064A800FFF7FCFD134C404609F067F9E6E7124C8C +:1064B800E4E7BB4333600021FFF7F0FD0024F2E777 +:1064C8006368B6009E1933683B4209D0BB4333600A +:1064D80000211000FFF7E2FD0024CFE7044CE2E7BB +:1064E80000211000FFF7DAFD024CC7E7FCC20108E3 +:1064F800030188000201880004018A000B4B1B6815 +:10650800DB681A6882420FD959681F234209034081 +:10651800012098400300920050581840431E9841AB +:10652800034B9C46604470470248FCE7FCC20108E4 +:106538000001880004018A00024B1B68DB681868A8 +:106548007047C046FCC20108F0B54F46D6464646DD +:10655800C0B5C0270F24BF00C3591C40A446002A59 +:1065680025D0C2239B0099460F23D025BA469846CA +:10657800AD004B46C458E405E40D944200D914001C +:1065880053464646C3583340072B19D9002C07D029 +:106598000B0067007F1846591E800233BB42FAD1B0 +:1065A8006346072B08D96300C918121BE1D11CBC2C +:1065B80090469946A246F0BD0919121BD9D1F6E7B3 +:1065C800002CEDD00B000F1946591E700133BB4249 +:1065D800FAD1E5E7F0B55746DE464E464546E0B502 +:1065E80080270F24BF00C3591C40A446002A32D07C +:1065F80080231B019A4640239946C933FF339025CF +:106608009846BB46AD005446036823405C1EA34130 +:106618005C424B461C404346C3584034DB05DB0D07 +:10662800E31A934200D913005C460F2604593440FC +:10663800072C1AD9002B07D00C005F007F1826887A +:1066480002344651BC42FAD16446072C09D95C0091 +:106658000919D21AD7D13CBC90469946A246AB46F6 +:10666800F0BDC918D21ACED1F5E7002BECD00C003A +:106678005F18267801344651BC42FAD1E4E7C04697 +:10668800F0B5DE4657464E464546E0B583B000288D +:1066980000D1D3E0002900D1D0E00F78022F00D13B +:1066A800C5E04B685C1E0F231C4080239B042343DA +:1066B8000C7F002C02D08024640223438E68082EAD +:1066C80002D8802424012343C0240360A4043B0689 +:1066D800234003644B7F4D7B5C1EA3419B019A467C +:1066E8008B7C013D5C1EA3419B0299460B7C013EBD +:1066F8005C1EA3411B0298464B7C5C1EA3410724E9 +:106708005B029C46302325408C7B24011C4001946D +:10671800F024CB6A2403013B1B042340019C2B4338 +:106728002343544623434C46234344462343644669 +:10673800234383640B7B5C1EA341FF241B029C46FE +:10674800CB7F240498468B691B0423400C7D23438C +:106758000F24264064463443A146019C2C43CD7B3C +:10676800002D50D080264D46B6002E43C025AD00E2 +:106778004651103543514346002B4FD0012F5FD06F +:10678800446480234C469B00C450FF26C1240B6BF5 +:10679800A400334003512023CB5C5F1EBB415F063E +:1067A8002123CD5C013D6B426B411D062823CC5C47 +:1067B800013C63425C414B6A240433403B432B4316 +:1067C800234303658B6B4C6B1E4081239B00C65093 +:1067D800274B2340274C0351CB6B27490B402749B4 +:1067E8004350002A36D00023002053609360136082 +:1067F800D36013621363D36203B03CBC90469946DE +:10680800A246AB46F0BD022F26D0C0254E46AD00AD +:106818004651103543514346002BAFD14464012FF4 +:10682800AFD180234C465B021C43A146A9E78B7F6E +:10683800002B00D035E780239B0439E71048DBE7BD +:1068480080256D002C43802344644C465B021C4326 +:10685800A14696E70020CFE78025AD002E43654688 +:106868002E43C025AD0046511035435188E7C04638 +:106878006D0B0000C80F000073070000880F0000B0 +:106888000160AA00114B08220360C0210F3B03647A +:106898000023FF32890083644250043143500C3195 +:1068A80043501139FF3943644250FD328350084A3E +:1068B80003658350074A8350074A8350074A835029 +:1068C800074A8350074A83507047C0460F000003A9 +:1068D800C80E0000880E0000C80F0000880F0000D6 +:1068E800080F0000480F000003685B005B080360A6 +:1068F800002904D000234B600B600B62CB62704709 +:10690800024B984201D8024B1860704700E1F50528 +:1069180004C30108F0B5C64615001F006F4A704B46 +:1069280000B5D35806000C00002B00DAD4E06D4BFC +:106938006D4AC318934200D9CAE04B1E632B00D995 +:10694800C6E06A4A6B1E934200D9C1E0684A7B1EC2 +:10695800934200D9BCE0FA21F5308900FF30DCF71A +:10696800DFFB7B01DB1B80469801C01AC000C01901 +:106978006B08C001C0182900DCF7D2FB5D4B8022F0 +:1069880083429B415B42DB03D2011A43110051430E +:10699800884200D21A0080239B01134319005943EF +:1069A800884200D21300802252011A431100514339 +:1069B800884200D21A0080231B011343190059434F +:1069C800884200D213008022D2001A43110051439A +:1069D800884200D21A0080239B00134319005943B0 +:1069E800884200D21300802252001A4311005143FA +:1069F800884200D21A008023134319005943884261 +:106A080000D2130040221A4311005143884200D299 +:106A18001A002023134319005943884200D2130057 +:106A280010221A4311005143884200D21A00082349 +:106A3800134319005943884200D2130004221A4311 +:106A480011005143884200D21A000223134319004F +:106A58005943884200D2130001221A4311005143BE +:106A6800884200D313004146234861434343480802 +:106A78001818DCF755FB214B984229D947467F4324 +:106A88001F4B2049F818DCF74BFB64436043642133 +:106A98003230DCF745FB1C496843DCF741FB03282F +:106AA80016D8012801D8012358400C4A174C184918 +:106AB800135900031940174B0B4318431051022078 +:106AC8000749535803435350134B00201E6000E0FE +:106AD800124804BC9046F0BD1148FAE70000264071 +:106AE8002C05000000DC0BFFC0EA2101E7030000D1 +:106AF800CF070000FFFFFF3FB36D020089020000CF +:106B08005DF70000BBEE0100A0BB0D0020FF0000F8 +:106B180008C0FFFFF703000000C3010801004A0096 +:106B280003004A00F8B5144D144B0400EA58002A33 +:106B380020DB8022A626E95812060A43EA50F6000E +:106B4800AB59DB439B0711D0AB5900280ED0032764 +:106B580002E0AB59002C0BD0012000F065FCAB59CA +:106B6800013C3B40032BF4D1002C01D00020F8BDA0 +:106B78000348FCE70348FAE7000026402C0500001C +:106B880002004A0003004A00114B1A683A23D35CFA +:106B980083421BD9042911D94B1EFF3B132B15D84F +:106BA8001F2319400B4B04229C46C02380006044DD +:106BB8009B00C1504033C250002070470723D0309B +:106BC8001940044B8000C1500020F6E70248F4E762 +:106BD80014E801080000264001004A00094A830021 +:106BE8009446D0220720634492009A581040042803 +:106BF80006D1C02292009B581B300340E130184355 +:106C08007047C04600002640F8B5564B81009C46A8 +:106C1800D02361449B00CA5807231340042B06D194 +:106C2800C0239B00CA581F231A40E1331343022B89 +:106C380000D188E016D91222FF32934268D014227C +:106C4800FF32934200D178E0033A934268D000249F +:106C580000280FD0444B1A683B23D35C83423FD2B1 +:106C68002000F8BD002B77D0012BF0D13F4B1C68DA +:106C78000028EFD1B0228020B1263A4BD200995893 +:106C880040048D0301403A483A4F1858F6009E597F +:106C9800DF599B58C004AD0BC00C002BE0DAB600DE +:106CA800B60F022EDCD0002943D101220028D7D00C +:106CB80000230021DCF7E0FA0E0007002A00002379 +:106CC80020000021DCF7D8FAF4077A082243730879 +:106CD800801859413A003300DCF7AEFA0400BFE7E8 +:106CE8000138834222D91F227F25234E8B59895987 +:106CF800180A1F0C10401D403A400029B0DA9B00CA +:106D08009B0F022BACD00028AAD0002AA8D0CFE72E +:106D180004241A4B1B691C409AD08024240297E74C +:106D2800104A174BD458E40FE40391E7124BCB58A1 +:106D380096E702220028BBD192E70A4A114BD458A1 +:106D4800E40FE40384E7A622064CD200A358DB43F1 +:106D58009B0703D0A3587AE70B4C79E70B4B1C68C9 +:106D680076E7C0460000264014E8010804C301087D +:106D7800840500008C050000FC0500000000274089 +:106D88000C0500003C05000000127A0000C3010851 +:106D9800B023254ADB00D35870B5002B42DB0368CB +:106DA800C2799B039B0B002A38D1B0211E4AC90027 +:106DB8005350038981881D4C1B04C904C90C234006 +:106DC8000B431B491B4D5350FF23C17AE026090191 +:106DD8000B408189F600090229400B430F21857A6F +:106DE8002940C0250B43817BAD05090729400B438A +:106DF800B121C900535081790F4D090253593140CF +:106E08000E4E334019435151038A51590C481B0403 +:106E18000140002023400B43535170BD802252048F +:106E28001343C2E70748F8E7000026400000FF01C7 +:106E38008405000000FF1F008C050000FFF8FFFF1D +:106E4800FFFF00FE03004A008021F0B5C646B226C7 +:106E58004D4D4E4A0906AB5800B50B43AB50F600F2 +:106E6800AB5980465B0764D4002800D17BE004005E +:106E7800042701E0002C37D0012000F0D5FAAB59E7 +:106E8800013C1F42F6D0B121C9006B58404A1A4054 +:106E980080239B0513436B50002C2ED0B0228023F7 +:106EA800D200A9581B060B43AB50AB59DB070FD4D4 +:106EB800B225354EED0001E0002C36D0012000F05F +:106EC800B3FA7359013CDB07F6D54346002B47D18B +:106ED800B122C0232C49D20088589B0503430020C7 +:106EE8008B5004BC9046F0BDB121C9006B58284AAC +:106EF8001A4080239B0513436B50AB59B120224B9A +:106F0800C0001A5822491140802292050A43B02134 +:106F18001A50C9005A581F48520052085A501B4963 +:106F28005A58520052085A50DBE74346002BCFD03C +:106F3800E4E7B120C0002B58154A44461A40802384 +:106F48009B051343B0222B50D200AB581943A950CC +:106F5800AB59DB07B9D44346002BB9D04446A7E761 +:106F6800002CB5D1CAE7B120C0002B58084A1A40F6 +:106F780080239B0513432B50B023DB00EA581143B1 +:106F8800E950AB59A4E7C046000026408C05000034 +:106F9800FFFFFFCF02004A00204B70B51A683B2361 +:106FA800D35C834231D31E4B80009C461D4B60440A +:106FB800C358002B2FDB8B789A1E0E2A25D84A78C7 +:106FC800541E112C21D8CE780D78002E1FD1152DE6 +:106FD8001BD97024A54218D80979022909D07F2421 +:106FE80012022C401B0422431A43F6060D4B32436F +:106FF800C250C0240B4AA4050907835821400A4CF3 +:10700800234019438150002000E0084870BD122D2C +:10701800FBD93824DEE70648F8E7C04614E801083B +:1070280000002640FC050000FFFFFFCF01004A00DA +:1070380003004A00144B70B51A683B23D25C431E08 +:107048000C009A421CD9114B8000C5188023104AA5 +:107058001B06A9580F4E0B43AB50AB59DB070DD499 +:10706800002C02D10AE0002C0CD0012000F0DCF941 +:10707800AB59013CDB07F6D5002C03D0002070BDCE +:107088000548FCE70548FAE714E80108000026402F +:10709800FC0500003C06000001004A0002004A000E +:1070A800624BE0229C46F0B50124800092006044C7 +:1070B8008358C6469B069B0F9C4083580F221A4054 +:1070C800D02395009B006544E958072300B50B4081 +:1070D800042B06D1C0239B00E9581F231940E13334 +:1070E8000B43022B00D193E01ED91221FF318B42B2 +:1070F80000D171E01421FF318B4200D182E00339C5 +:107108008B4200D171E00026002A15D0484B19683F +:107118003B23CB5C9A4246D9600880192100DBF7F3 +:10712800FFFF04BC9046F0BD002B7AD0012BEAD1BA +:10713800404B1E68002AE9D1B0223C4BD200995836 +:10714800B1258803800B80468020400401403A48DE +:107158003A4F1858ED005D59DF599B58C004C00CD0 +:10716800002BD9DAAD00AD0F022DD5D0002945D1BD +:1071780001220028D0D000230021DCF77DF80D0083 +:1071880007004246002330000021DCF775F8EE07BF +:107198007A0832436B08801859413A002B00DCF713 +:1071A8004BF80600B8E7013A934224D97F211F2201 +:1071B800234FEB59ED5919408846180A190C10400D +:1071C8000A40002DA8DA9B009B0F022BA4D00028B0 +:1071D800A2D0002AA0D0CEE704261A4B1869064090 +:1071E80000D191E7802636028EE71049164BCE581B +:1071F800F60FF60388E7124BEB588DE702220028BA +:10720800B9D189E70949114BCE58F60FF6037BE748 +:10721800A6210648C9004358DB439B0703D04358BF +:1072280071E70B4E70E70B4B1E686DE700002640B8 +:1072380014E8010804C30108840500008C05000057 +:10724800FC050000000027400C0500003C0500007C +:1072580000127A0000C30108F0B5DE4657464E46D4 +:1072680045468B46E0B5002800D17FE00023C55E87 +:107278000323FF221E001400AFB23E40F600B440C4 +:107288009A46E443002D1BDA0F233B40384F4068F1 +:10729800BC4680010240B240083B9B089B00634407 +:1072A800DF6934483C402243DA61314A324C936802 +:1072B800A34233D03CBC90469946A246AB46F0BDAB +:1072C800282147888946BC462C4F4B463F68B8461C +:1072D8004146CB5CAF081F2B28D8072399463B00B3 +:1072E8004946BF008B432FD141460968534688461B +:1072F80020218946C844B844414609682B4089463C +:107308006146DB009A4699404B46594053469A409D +:107318004B460A405A4043461A6015E09268934229 +:10732800C8D15A461035AD00EA50C3E70B68802231 +:107338009846072312062B401A43802341469B0197 +:1073480063449B005A50BF000D4B40689C46C023C5 +:1073580067449B00FA589C46FF2380010340B340D2 +:1073680014401C4363460020FC509EE70148A1E7F7 +:1073780000ED00E00100560000AF010814E8010824 +:1073880000E100E0282230B5144B1B689A5C1F2AE4 +:1073980016D884080722250095432A1E0FD10332E8 +:1073A8001040C00081400A00FF2181401B68A400F2 +:1073B80020331B191C68624011406140196030BDC0 +:1073C8001A680723034080200006184380239B0186 +:1073D8009C46614489008850F1E7C04614E80108DA +:1073E800F8B5802506002D02A8420FD904000A4FDF +:1073F800386808F0B5F9094B9C466444AC42F7D8A4 +:10740800074BF318DB0BDB036644F61A054B1868C9 +:10741800704308F0A5F9F8BD10B001080080FFFF1F +:10742800FF7FFFFF18B0010810B5034B1B785843C6 +:1074380008F096F910BDC0461CB001088022064B22 +:1074480012069A64986C054BC043C0171840044B49 +:107458009C4660447047C04600002740FDFFB9FFC6 +:10746800030046008022054B12019858FF225B68F2 +:107478001A4202D08023DB021843704700002640DE +:10748800FEE7C04602680A4B10B51A6042685A60A7 +:1074980082689A60C268DA6002691A6142695A6150 +:1074A80082699A61C269DA61FFF7EAFF10BDC046D6 +:1074B800FC05001003005A1E93414A22F0B5A4248B +:1074C8005B429343643303278B429B41254A5B42CB +:1074D8001268145B156866193568BD431D4335602D +:1074E8001568214EAC4664442568B446354025608D +:1074F800A6241568145B66193568BD432B43654699 +:1075080033601368E3181C682C401C6000280ED0F8 +:107518000023102904D921338B429B415B4201335C +:107528000F2052681168814319431160F0BD51233F +:10753800D05C00238842F3D25233D05C513B88425E +:10754800EED25233D05C513B8842E9D25233D05C00 +:10755800513B8842E4D25233D35C8B429B415B421D +:107568000433DDE714E80108FFFCFFFF0E4B10B5FC +:107578001A68920615D51A68196812020DD50B4AB1 +:107588000A431A600120FFF74FFF80230020064AB4 +:10759800DB0511680B43136010BD054A0A431A60E6 +:1075A800F0E70448F8E7C04600002640000004164B +:1075B8000000041704004200154B10B51A681202A7 +:1075C8001ED41A6813490A401A600820FFF72CFFD6 +:1075D8000F490B68002B09DB642301E0002B14D052 +:1075E8000A68013B002AF9DA002B0ED0084A0A493A +:1075F800136801200B401360FFF716FF002010BD31 +:107608001A6806490A401A60DFE70548F7E7C046E6 +:1076180000002640FFFFFBACFFFFFFFBFFFFFBADB9 +:10762800020042000D4B10B51A684323D35C002BAF +:107638000FD080230A4ADB05516919420AD08023FA +:107648009620074A1B06916980000B439361FFF758 +:10765800EBFE10BD51690B435361F0E714E80108D4 +:10766800000026400D4B70B51A684323D35C002BED +:107678000ED007230A4DAA691A40904208D0AC6977 +:107688009C4303402343AB61002901D0904200D8BA +:1076980070BDC820FFF7C8FEFAE7C04614E8010825 +:1076A80000002640B02370B55B055A7804002125F8 +:1076B800002A00D05D78B0235B059A89002A15D18D +:1076C8000020FEF765F900283DD1222D3DD8802005 +:1076D800244B254A1B684004596824068B580440EB +:1076E800224803401C438C50002028E000209E893B +:1076F800FEF74EF98023B6B25B00002820D09E42E8 +:1077080021D0184E62426241336852421D6A0123F9 +:107718009A43174B9C46624401212800FEF7D2FC8D +:1077280000280BD1B0233268D258AA181368002B4E +:10773800FCDBEB6800201B0EA02B00D00D4870BDB1 +:107748009E42DED1C1E7222DF8D9064E624262413F +:10775800336852421D6AFF239A43074B9C46624492 +:10776800DAE7C04614E8010818F00000FFFFFFFE42 +:107778000300000C0400420001010030F8B5CE46B9 +:10778800474680B5050007F0F4FF0400022D00D13C +:107798008BE00721754A342053698B4304390B4326 +:1077A8005361FFF741FEB02252059389002B59D04F +:1077B8006F4E9423316897890868CB588446802097 +:1077C80063444000874253D06A4810581F68B8463F +:1077D800694F3840C02781464046BF0038400700FF +:1077E80048463843186098200B6809585B18634965 +:1077F80052581A6007235D4A506998432B40184332 +:1078080050619120FFF710FEB02149058B89002BAC +:1078180036D0326894231068D358844680208D89E6 +:1078280063444000854231D05548534E08581D687E +:107838003040C026B60035402843186098201368A9 +:1078480012589B18C12252018A581A600020FFF76B +:1078580029FF0500200007F090FF28000CBC904687 +:107868009946F8BD424E943332681168D358CB1804 +:107878001A68444911408022D2010A431A60B9E7C4 +:10788800326894331168D3588C4663440F2503201B +:107898001968A9430143196098231168D2588A18B6 +:1078A8001368AB4303431360D0E70120FFF7FAFEE8 +:1078B800051ECFD12E4BB0221E6894233068520586 +:1078C8008446F35891896344002917D08021908910 +:1078D8004900884212D02C49274F5158186839401E +:1078E800C027BF00384001431960316898238C468F +:1078F8002649F358525863441A600EE00F200221BB +:107908001A6882430A431A609823F25833689C46DF +:107918006244136883430B4313600721134A536976 +:107928008B4305390B435361B022942352053068C9 +:10793800F3589189C31800290FD0802190894900F4 +:1079480088420AD012490C48525819680240C0208F +:10795800800001400A431A607CE71A68094911400F +:10796800C022D2010A431A6074E7C04600002640CC +:1079780014E8010850180000FFFCFFFF4C18000035 +:1079880024180000FF8FFFFF48180000441800006B +:107998001C180000F8B5CE46474680B5040007F02D +:1079A800E8FE0500002C16D1814A824BB027D4503E +:1079B800E8237F05DB000120FE5CFFF773FEF6B2CB +:1079C800041E00D195E0280007F0D7FE20000CBC6B +:1079D80090469946F8BDB0241F20774B6405E258BD +:1079E8007349744BCA50754BE65C754BF6B2CA586E +:1079F800824314380243CA500838FFF715FDA3899B +:107A0800002B22D06F4F94233A68A0891168D3586D +:107A18008C4680216344490088421CD06A496158D9 +:107A28001868804669480140C02089464146800060 +:107A380001400800494601431960982113685258CB +:107A48009B18634AA2581A600CE05E4F94333A6858 +:107A58001168D358CB181A685E4911408022D201A8 +:107A68000A431A601F225649514816404358934307 +:107A7800334343500720FFF7D7FCB02149058B89D2 +:107A8800002B1DD03A6894231068D3588446802070 +:107A98008C8963444000844218D04F484B4E0858A4 +:107AA8001C683040C026B600344020431860982037 +:107AB800136812589B18C12252018A581A6013E0A1 +:107AC8003A6894331168D3588C4663440F240320D2 +:107AD8001968A1430143196098231168D2588A187C +:107AE8001368A343034313600020FFF7DBFD040082 +:107AF80069E7344BBA89196894230868CB588446D7 +:107B08006344002A44D08022B889520090423FD072 +:107B1800324ABA58186880462C480240C02091461C +:107B280042468000024010004A4602431A600A6832 +:107B3800982394462A4ACB58BA5863441A601F229D +:107B48001F481B4F3B58934332401343B0223B50CE +:107B5800942352050E68CB589089F31800280FD04B +:107B680080219089490088420AD01E4917485258F6 +:107B780019680240C020800001400A431A6022E7C9 +:107B88001A6814491140C022D2010A431A601AE740 +:107B98000F2702201A68BA4302431A609823CA586A +:107BA8000B689C4662441368BB4303431360C6E7F3 +:107BB80000002640307F0000101800004107000038 +:107BC8001CFF000014E8010850180000FFFCFFFF2C +:107BD8004C180000FF8FFFFF241800004818000011 +:107BE800441800001C180000F0B5C646A34C00B5A8 +:107BF800236805001B0238D5072362690024134057 +:107C080098422ED09E4B9434196808590B688446C4 +:107C1800B020634440051A001B688689002E30D0C6 +:107C280086898020400086422BD01068954E3040CF +:107C3800C026106008593601844630000A68984307 +:107C4800624417683340384310600A68095952186B +:107C580010683040181A431E9841C0B2002820D13D +:107C6800894C200004BC9046F0BD07F082FD060058 +:107C7800022D53D0052D19D0834C300007F07DFD1F +:107C8800EFE70020FDF784FEB0235B055A78002A51 +:107C980002D05B78222B04D843425841C0B2002856 +:107CA800DED02800FFF76AFD0400DAE7B020E821FB +:107CB800764AC9004005A358475C1F210B40BB42C8 +:107CC80000D18BE0A3588B4304390B43A350092000 +:107CD800FFF7AAFBE023694CDB032268E12013438A +:107CE800072223606369154093431D438023656120 +:107CF8006269DB0513436361802362691B061343D2 +:107D080063618000FFF790FB802322681B04134304 +:107D1800002223605E4BE2500024AEE7B021E82049 +:107D28005A4AC0004905A3580F5C1F200340BB42B4 +:107D380005D10B21A35883430B43A350C7E79424D1 +:107D48004F4B186807590368BC4663441A001B6800 +:107D58008F89002F33D08F89802149008F422ED000 +:107D68001168484F39401160015902688C466244D5 +:107D7800116890468C46C02109010F0062469F4356 +:107D8800174342461760026800590B4012181268E0 +:107D98000A409B1A5A1E9341DBB2002B00D16BE7B5 +:107DA8000020FFF7F7FD041E00D066E71F203349C7 +:107DB800364A8B588343143803438B5087E7002097 +:107DC800FDF7E6FDB0235B055A78002A02D05B7800 +:107DD800222BE5D843424341DBB2DEE79424284B0B +:107DE80019680F590B68BC4663441A001B688789D9 +:107DF800002F33D087898020400087422ED010681A +:107E0800204F3840106008590A6884466244106858 +:107E180090468446C0200001070062469F431743EE +:107E2800424617600A68095903405218126802400E +:107E38009B1A5A1E9341DBB2002B00D11CE701208C +:107E4800FFF7A8FD041E00D017E71F200B490F4AB3 +:107E58008B588343043803438B5038E70020FDF7E1 +:107E680097FDB0235B055A78002A02D05B78222B55 +:107E7800E5D843424341DBB2DEE7C0460000264076 +:107E880014E80108FFF3FFFF030042001CFF000095 +:107E9800307F0000F8B59426AA4BCE4647461968AD +:107EA8000500885980B58446B02099460B6840057E +:107EB80063441A001B688789002F27D08789802090 +:107EC8004000874222D010689F4F38401060885980 +:107ED8000A68844662441068C02784463F01380017 +:107EE80064469843204310600A6889593B405218F9 +:107EF80010683840181A431E9841C0B2002815D19E +:107F0800924D28000CBC90469946F8BD0020FDF71C +:107F18003FFDB0235B055A78002A02D05B78222BFC +:107F280004D843425841C0B20028E9D007F021FCE8 +:107F38000600002D14D1864A864B0120D550B02367 +:107F48005B059846E8234246DB00D75CFFF7AAFBAF +:107F5800FFB2051E00D17DE0300007F00EFCD0E72F +:107F6800B0271F207C4B7F05FA587949794BCA50B6 +:107F78007A4BFD5C7A4BEDB2CA58824314380243FF +:107F8800CA500838FFF750FABB89002B54D04B462B +:107F98001A6894231168D3588C468021B8896344A1 +:107FA800490088424ED06F496F4C79581868214073 +:107FB800C024A40020400143196098211368525836 +:107FC8009B186A4ABA581A601F22654960481540CA +:107FD800435893432B4343500720FFF725FAB0211A +:107FE80049058B89002B00D18AE04B461A689423F7 +:107FF8001068D358844680208D89634440008542A8 +:1080080000D184E05A48584D08581C682840C025BB +:10801800AD002C40204318609820136812589B1814 +:10802800C12252018A581A600020FFF73BFB050065 +:10803800300007F0A2FB64E74B461A6894231168E6 +:10804800D358CB181A684B4911408022D2010A43F1 +:108058001A60B9E743469A894B4619689423086819 +:10806800CB5884466344002A1AD04246908980221D +:108078005200904214D040463F4A3B4C8258186800 +:108088002240C024A400204002431A600A689823B2 +:1080980040469446394ACB58825863441A600EE0E9 +:1080A8000F2402201A68A24302431A609823CA5870 +:1080B8000B689C4662441368A343034313601F2262 +:1080C800234C2748235893433A401343B022235064 +:1080D800942352050C68CB589089E318002825D0C2 +:1080E800802190894900884220D025491E4852584D +:1080F80019680240C020800001400A431A602BE73B +:108108004B461A6894231168D3588C4663440F244D +:1081180003201968A1430143196098231168D258B4 +:108128008A181368A343034313607DE71A6811494B +:1081380030001140C022D2010A431A6007F01DFB2B +:10814800DFE6C04614E80108FFF3FFFF0300420022 +:1081580000002640307F0000101800004107000092 +:108168001CFF000050180000FFFCFFFF4C18000027 +:1081780024180000FF8FFFFF481800004418000073 +:108188001C180000042810D09C210A4B00061A680D +:108198001368525898399B18C02292041040064A16 +:1081A800186013688B4313607047034A13681843B9 +:1081B8001060F9E714E8010810E000E0C023044A61 +:1081C8005B00D058800F431E9841C0B27047C0462C +:1081D80000002640C0228020064952008B58C00566 +:1081E8009B009B0803438B50802388581B0603433E +:1081F8008B50704700002640F0B54E464546DE4697 +:108208005746AC22E0B5D14F87B039688A5A0B6A15 +:108218009146920090469C46C4446246D4680192B6 +:10822800A26825889346E26866880292072D00D9DD +:1082380092E0C748AA0082589746002290464246D4 +:1082480062605A46A260029A8021E2608522490350 +:108258005201258066800198995000219B58FDF7AE +:108268001DFF07B03CBC90469946A246AB46F0BD00 +:108278005A46002A01D001F03CF9B64A9046DEE79A +:1082880032002C3A92B2432A00D9A6E1B2489200B1 +:1082980082589746B14A1268002A66D03200083AD6 +:1082A80092B2632A01D900F0E9FDAD4892008258E4 +:1082B80097460F2E53D8AB4AF1008A58002A60D04F +:1082C8001268934600229046B9E7A64A029891465A +:1082D800F20094464A4452680390104242D1571C17 +:1082E8004CD00F2E01D901F03CF9674648463F585B +:1082F800002F01D101F06BF93B6803989C465B465F +:108308001A4363461A4002433A6042460B6AD2183F +:1083180001920022904692E75846924FF200944606 +:10832800BA185268104223D1501C24D00F2E01D9FC +:1083380001F013F96046C759002F01D101F04BF93C +:108348003B681A405B461A433A6042460B6AD218A9 +:1083580001920022904672E7834A90466FE7824A6C +:1083680090466CE7804A904669E77F4A904666E700 +:108378007D4A904663E77C4A904660E77A4A904691 +:108388005DE7794A90465AE7784A03921288049240 +:10839800002A01D101F023F9754A9046A6224046E9 +:1083A800D2008058C043800701D101F08FFB4046BE +:1083B8008058704894468246032205930B009146E4 +:1083C800514601989A4606E0434662469A58002963 +:1083D80001D101F015FB63464246D2584B4601399C +:1083E8001A40032AF0D152468A4611005246059B8C +:1083F8000190002A01D101F099F95F4B0194984648 +:1084080000235446B146AA461D00049B08E03B23BE +:10841800CB5C01359D4201D901F070F9039B1B88A3 +:108428000126AE40B6B23342F1D002212800FEF751 +:10843800ABFB002D01D101F027F94D4B01209C46E3 +:10844800AA004E4B62449C46D358396818420CD156 +:108458006046B446002C02D1D9E7002CD7D00126BB +:108468001358013C1E42F8D06646002CCFD0444B2E +:1084780044481B88334201D101F05CF91358424E3D +:108488003340135000239846C1E7384B1A00039332 +:10849800002313803A4A98461380354B9A46B023F6 +:1084A800DB0099464346A0461C000EE053464A4668 +:1084B8009B58DB0F002B01D001F03AF83B23CB5C33 +:1084C80001349C4201D901F059F8002CEED0230068 +:1084D80052468033FF339B009B58DB0FEAE75A462E +:1084E8001278072A01D801F0BFF81A4A9046A6E682 +:1084F80043271F4AC95D506900290BD08021C9054F +:10850800084207D05846002801D101F009F99769B7 +:10851800394391610022904691E643228A5C002A01 +:1085280004D013498A69520052088A610022904691 +:1085380085E6FFF777F8AC213A68505A136A80004D +:10854800C21801920022904679E6C04614E8010854 +:108558000CFF0210FE0F1A012CFF0210FCC30108C9 +:108568003C00031018E80108FF0F1A0108C30108AE +:108578000000264040420F00FA0F1A013C06000096 +:108588000AC30108FC050000FFFFFFCF4A4652005E +:108598004A440198624411680029FCDA8021D768AE +:1085A80049053943D1600021516052680022019089 +:1085B800904644E65A46002A01D101F042F8E827DD +:1085C800E74AE8485168BF0101400F4357605168C6 +:1085D800014051600022904631E6E34A90462EE67B +:1085E800E24B99465B794A469A46002348465371BE +:1085F80002F08AF88046002801D001F0EAF8AC21A0 +:108608003A68505A136A8000C218019217E6D74B8D +:1086180099461B784846019324239A464B4652466E +:108628009B5C4A460393012351461370002353541D +:1086380002F06AF88046002801D001F0ABF8AC21BE +:108648003A68505A136A8000C2180192F7E55A46F0 +:108658001268002A01D101F0CBF93B27C95D8A4293 +:1086680001D901F037FA59464968894609784846D8 +:108678008846494649788C4649468F78C978039197 +:1086880000798246012A01D101F0B4FA90214046CE +:10869800B64A50546046013150540131575493271B +:1086A80003995046D1559421505400229046C6E56E +:1086B800AE4B9946DB7E4A469A4601234846D37616 +:1086C80002F022F88046002801D001F03CF8AC21E5 +:1086D8003A68505A136A8000C2180192AFE5A34A5B +:1086E80058469146D42292464A465146525C0392D5 +:1086F8004A4650540021D27E8846002A00D19EE581 +:10870800484602F001F88046002801D001F004FA3A +:10871800AC213A68505A136A8000C21801928EE55B +:10872800924B99469B7F4A469A4600234846937740 +:1087380001F0EAFF8046002801D001F010F8AC21D2 +:108748003A68505A136A8000C218019277E5874B3D +:1087580099465B794A469A4601234846537101F087 +:10876800D3FF8046002801D001F03FF8AC213A68D9 +:10877800505A136A8000C218019260E57B4B9946F3 +:108788009B7F4A469A4601234846937701F0BCFFEF +:108798008046002801D001F00CF8AC213A68505A04 +:1087A800136A8000C218019249E559466F4A096860 +:1087B800D16659468F887021575259468F79722150 +:1087C80057545946CF797321575459460F89742104 +:1087D800575259468F7A762157545946CF7A77217E +:1087E800575459468F897821575259468F7B7A2199 +:1087F800575459460F8A7C215752002290461EE54D +:108808005A4A58469146D52292464A465146525CA3 +:1088180003924A4650540021D27E8846002A00D14D +:108828000DE5484601F070FF8046002801D001F0B0 +:1088380059F9AC213A68505A136A8000C21801925B +:10884800FDE44A4A58469146D82292464A4651463D +:10885800525A03924A4650520021927F8846002A73 +:1088680000D1ECE4484601F04FFF8046002801D0D3 +:1088780001F088F9AC213A68505A136A8000C2188E +:108888000192DCE4394B594699465B7F484601938F +:10889800D7239A464B4652469B5C4A46039301238C +:1088A80053774B465246995401F02EFF80460028D4 +:1088B80001D000F0A6FFAC213A68505A136A800034 +:1088C800C2180192BBE4294A58469146DA229246D8 +:1088D8004A465146525C03924A4650540021927FC0 +:1088E8008846002A00D1AAE4484601F00DFF8046D8 +:1088F800002801D001F01DF9AC213A68505A136ADA +:108908008000C21801929AE4184A9146527A924617 +:10891800002A01D101F096F8154A90468FE4134BCE +:10892800594699461B7F48460193D6239A464B469B +:1089380052469B5C4A460393012313774B465246A3 +:10894800995401F0E1FE8046002801D000F013FFA1 +:10895800AC213A68505A136A8000C21801926EE43A +:1089680000002640FF00FC0FFF0F1A010CC301088E +:108978003E0F1A01F24A5179002901D000F025FF73 +:1089880059460968916259464968D16259468968C9 +:1089980011635946C9685163002290464FE45A460C +:1089A8001268052A01D901F0EBF9E64B92009B58B1 +:1089B8009F46E34B9946DB7E4A469A460023484643 +:1089C800D37601F0A1FE8046002801D000F0C0FF58 +:1089D800AC213A68505A136A8000C21801922EE4FA +:1089E800D74B99461B784A469A464B465B78494688 +:1089F80001934B461B794846039301231370537028 +:108A08005B462222DBB28B545A4253410B7101F070 +:108A18007BFE8046002801D000F05FFFAC213A6859 +:108A2800505A136A8000C2180192FFF708FCC44B21 +:108A380059469946A3239A464B4652469B5C4A465A +:108A480001934B46DB7C484603930123D3744B4682 +:108A58005246995401F058FE8046002801D000F093 +:108A6800DFFEAC213A68505A136A8000C21801929E +:108A7800FFF7E5FBB24B99461B7848460193242340 +:108A88009A464B4652469B5C51464A4603930123FD +:108A98001370535401F038FE8046002801D000F0CE +:108AA8008BFFAC213A68505A136A8000C2180192B1 +:108AB800FFF7C5FBA24B99461B7A4A469A46012303 +:108AC8004846137201F020FE8046002801D000F0CD +:108AD8005BFFAC213A68505A136A8000C2180192B1 +:108AE800FFF7ADFB964B594699461B7D48460193C7 +:108AF800A4239A464B4652469B5C4A46039301235D +:108B080013754B465246995401F0FEFD80460028E5 +:108B180001D000F0FFFEAC213A68505A136A800079 +:108B2800C2180192FFF78BFB5A46052A01D901F0BA +:108B3800EFF89300844AD3589F46814B99461B7897 +:108B48004A469A464B465B78494601934B461B7901 +:108B58004846039301231370002353705B46232276 +:108B6800DBB28B54023B5A4253410B7101F0CCFDEE +:108B78008046002801D000F0F7FEAC213A68505A30 +:108B8800136A8000C2180192FFF759FB59466C4AD4 +:108B9800916400229046FFF752FB5A46012A01D100 +:108BA80000F034FF022A01D100F064FF3B228A5C06 +:108BB8005A4501D201F033F85A46002A01D001F093 +:108BC8008FF8624A9046FFF73AFB5D4B9946DB798E +:108BD8004A469A4600234846D37101F095FD8046DF +:108BE800002801D000F0DCFEAC213A68505A136A24 +:108BF8008000C2180192FFF722FB514B9946DB799E +:108C08004A469A4601234846D37101F07DFD8046C5 +:108C1800002801D000F02DFEAC213A68505A136AA2 +:108C28008000C2180192FFF70AFB5A46002A01D1B8 +:108C380000F0E2FE3B228A5C5A4501D200F04EFF6A +:108C48005B46012B01D100F0EEFF3D4B9946DB7AE4 +:108C58004A469A4600234846D37201F055FD80469D +:108C6800002801D100F0F5FF4B465246AC21DA72DC +:108C78003A68505A136A8000C2180192FFF7DFFA67 +:108C88002F4B99469B6E4A4601934B465B7A484662 +:108C98009A4600235372936601F036FD80460028F9 +:108CA80001D000F0CCFDAC213A68505A136A80001C +:108CB800C2180192FFF7C3FA5A461268052A01D969 +:108CC80001F02AF8224B92009B589F461C4B99466C +:108CD80020239A464B4652469B5C514601934A468E +:108CE80001234846535401F00FFD8046002801D067 +:108CF80000F071FEAC213A68505A136A8000C2181D +:108D08000192FFF79CFA0E4B994620239A464B4650 +:108D180052469B5C514601934A46002348465354A9 +:108D280001F0F2FC8046002801D000F0C9FDAC211A +:108D38003A68505A136A8000C2180192FFF77FFA06 +:108D48000CC30108CC010310E40103102D0F1A0114 +:108D5800FC010310E84A9146562292464A4651467B +:108D6800525C504603925A46D2B2013A51424A41A5 +:108D780049460A540A7A00218846002A01D1FFF799 +:108D88005EFA484601F0C0FC8046002801D000F099 +:108D9800B6FEAC213A68505A136A8000C218019294 +:108DA800FFF74DFAD44B994655239A464B465246FF +:108DB8009B5C514601935B465A1E93414A4648467E +:108DC800535401F0A1FC8046002801D000F095FD25 +:108DD800AC213A68505A136A8000C2180192FFF712 +:108DE8002EFAC54B594699469B7C48460193A223C7 +:108DF8009A464B4652469B5C4A460393012393741A +:108E08004B465246995401F07FFC8046002801D019 +:108E180000F08FFDAC213A68505A136A8000C218DE +:108E28000192FFF70CFA5A46052A01D900F0FEFF15 +:108E38009300B24AD3589F465A461268052A01D968 +:108E480000F0F8FFAE4B92009B589F46AA4B9946FC +:108E58001B7A4A469A4600234846137201F054FC8E +:108E68008046002801D000F0F8FCAC213A68505A3E +:108E7800136A8000C2180192FFF7E1F9A14A9046EF +:108E8800FFF7DDF99C4B9A46C4235246D25C9146C3 +:108E98005A4610795246D0540433984653464246AF +:108EA8009B58039353465B7E0193FDF7ADFEC523A4 +:108EB8005246D35C9449D840DAF732F953464246D1 +:108EC8009850019B002B01D000F040FEAC213A687D +:108ED800505A136A8000C218019200229046FFF788 +:108EE800AEF9854B9A46BC235246D25C91465A4607 +:108EF80010795246D05404339846534642469B58FC +:108F0800039353461B7E0193FDF77EFEBD23CFE7F7 +:108F1800794B9A46AC235246D25C91465A46107910 +:108F28005246D05404339846534642469B580393BE +:108F380053469B7D0193FDF767FEAD23B8E76E4B63 +:108F48009A46A5235246D25C91465A461079524613 +:108F5800D05403339846534642469B58039353468E +:108F68005B7D0193FDF750FEA623A1E7624B9A466D +:108F7800CC235246D25C91465A4610795246D05478 +:108F880004339846534642469B58039353469B7E68 +:108F98000193FDF739FECD238AE7574B9A46B42350 +:108FA8005246D25C91465A4610795246D054043300 +:108FB8009846534642469B5803935346DB7D01939C +:108FC800FDF722FEB52373E74B4B99465B7E4A4675 +:108FD8009A4600234846537601F096FB80460028BF +:108FE80001D000F09DFEAC213A68505A136A800007 +:108FF800C218019200229046FFF721F93E4B99468C +:109008001B7E4A469A4600234846137601F07CFBAD +:1090180080460028E7D0AC213A68505A136A80008D +:10902800C218019251464A461176FFF708F9324BA9 +:109038009946DB7D4A469A4600234846D37501F097 +:1090480063FB80460028CED0AC213A68505A136A98 +:109058008000C218019251464A46D175FFF7EFF8D1 +:10906800254B99469B7D4A469A4600234846937568 +:1090780001F04AFB80460028B5D0AC213A68505A26 +:10908800136A8000C218019251464A469175FFF74B +:10909800D6F8194B99465B7D4A469A4600234846BE +:1090A800537501F031FB804600289CD0AC213A680A +:1090B800505A136A8000C218019251464A465175A7 +:1090C800FFF7BDF80C4B99469B7E4A469A4600230B +:1090D8004846937601F018FB8046002800D182E7C5 +:1090E800AC213A68505A136A8000C218019251465E +:1090F8004A469176FFF7A3F80CC30108140203103F +:109108002C020310FF0F1A0140420F00E84B9A4649 +:10911800AD239846534642469B5C414603935B46C3 +:1091280052461B795354B023994653464A469B5896 +:10913800049353469B7D0193AC235246D05CFDF7C4 +:1091480063FD424653469B5CDA49D840D9F7E8FFAD +:1091580053464A469850019B002B01D000F032FD3F +:10916800AC213A68505A136A8000C2180192002252 +:109178009046FFF764F8CE4B9A46A6239846534686 +:1091880042469B5C414603935B4652461B795354C7 +:10919800A823994653464A469B58049353465B7DF9 +:1091A8000193A523C9E7C24B9A461B7C52469946B0 +:1091B8009E23D25A5146039201220A745A46928833 +:1091C800CA52504601F0A0FA3A688046002801D1F8 +:1091D80000F030FCAC21505A136A8000C21801928A +:1091E8005A461268052A01D900F08EFDB24992004C +:1091F8008A589746AE4B9A46DB7B524699469C2343 +:10920800D25A514603920122CA735A469288CA52C8 +:10921800D7E7A74B9A469B7B524699469A23D25A40 +:109228005146039201228A735A469288CA52C8E765 +:109238009F4B9A465B7B524699469823D25A514691 +:10924800039201224A735A469288CA52B9E7984B48 +:109258009A461B7B524699469623D25A5146039208 +:1092680001220A735A469288CA52AAE7904B9A4634 +:109278005B7C52469946A023D25A5146039201225A +:109288004A745A469288CA529BE7894B99465B7E34 +:109298004A469A4601234846537601F035FA8046F5 +:1092A800002801D000F070FDAC213A68505A136ACA +:1092B8008000C218019200229046FEF7C0FF7C4B46 +:1092C80099461B7E4A469A4601234846137601F082 +:1092D8001BFA80460028E7D0AC213A68505A136A36 +:1092E8008000C218019251464A461176FEF7A7FF40 +:1092F8006F4B9946DB7D4A469A4601234846D3750B +:1093080001F002FA80460028CED0AC213A68505AC3 +:10931800136A8000C218019251464A46D175FEF779 +:109328008EFF634B99469B7D4A469A4601234846E1 +:10933800937501F0E9F980460028B5D0AC213A6868 +:10934800505A136A8000C218019251464A469175D4 +:10935800FEF775FF564B99465B7D4A469A460123B0 +:109368004846537501F0D0F9804600289CD0AC21BE +:109378003A68505A136A8000C218019251464A4608 +:109388005175FEF75CFF4A4B99469B7E4A469A46C2 +:1093980001234846937601F0B7F98046002800D1AA +:1093A80082E7AC213A68505A136A8000C2180192C9 +:1093B80051464A469176FEF742FF3D4B9A46BD23F9 +:1093C8009846534642469B5C414603935B46524649 +:1093D8001B795354C023994653464A469B580493D5 +:1093E80053461B7E0193BC23A7E6314B9A46B5230F +:1093F8009846534642469B5C414603935B46524619 +:109408001B795354B823994653464A469B580493AC +:109418005346DB7D0193B4238FE6254B9A46C5233B +:109428009846534642469B5C414603935B465246E8 +:109438001B795354C823994653464A469B5804936C +:1094480053465B7E0193C42377E6194B9A46CD2396 +:109458009846534642469B5C414603935B465246B8 +:109468001B795354D023994653464A469B58049334 +:1094780053469B7E0193CC235FE6524649461174BE +:109488009E22514603988852FEF7D9FE5246494615 +:10949800D1739C22514603988852FEF7D0FE52465B +:1094A800494691739A22514603988852FEF7C7FE9F +:1094B8000CC3010840420F004402031052464946BB +:1094C80051739822514603988852FEF7B8FE5246C7 +:1094D800494611739622514603988852FEF7AFFE0B +:1094E800524649465174A022514603988852FEF7C5 +:1094F800A6FEE64BF022984618005946D7F7FFF823 +:10950800404601F001F9E24A80461368002B2CD14D +:10951800AC203968085A0B6A8000C118019141468D +:10952800002901D0FEF78BFE01311160FEF787FE9E +:109538002000FDF753FB02282BD0002C0AD1B121C3 +:109548005346C9005B58D34A1A4080239B051343EE +:10955800524653503968FEF7B1FFCF4A9046FEF79E +:109568006EFECD4A9046FEF76AFEAC213A68505A24 +:10957800136A8000C2180192FEF761FEAC22885A75 +:109588000B6A8000C2180192002244469046FEF7FA +:1095980056FE0123A3409BB20193002C00D095E016 +:1095A800B1215346C9005B58BA4A1A4080239B052B +:1095B80013435246535000212000FDF7E5FA039A61 +:1095C80001991388194311803968FEF777FFB24A69 +:1095D8009046FEF734FEB04A9046FEF730FEB022C1 +:1095E8000021AE4FD200BA588846002A01DBFEF7A8 +:1095F80026FEB221C9007A58D20714D48C4601211C +:10960800A74A88469946019802E0002A00D1D3E289 +:10961800614643467958013A0B42F6D04B460190D1 +:10962800002A00D102E2B1219C4FC9007A58944621 +:10963800C0226046920502437A5000229046FEF707 +:10964800FEFD964A974F516839401B2739435160B0 +:10965800576895490F43576057680F4357605768D5 +:1096680039435160FEF7B6FF5B4610005978FDF7A5 +:10967800F9FFAC213A68505A136A8000C218019267 +:1096880000229046FEF7DBFDB2220120834BD20078 +:109698009B583968184209D1002C01D1FEF7B7FE52 +:1096A80001207E4B013C9B581842F5D0002C01D17B +:1096B800FEF7ADFEB122C023784ED200B0589B050C +:1096C8000343B35000239846FEF7A1FE734A0321D3 +:1096D8009446A300754863441A58120F114218D0D3 +:1096E8001A58120F1140012913D0704869491A58A5 +:1096F8001140802292050A431A505CE7AC22885A2E +:109708000B6A8000C218019C4E4655460192FEF72E +:1097180096FD674A019912880A4365490A80E4E779 +:109728009169644F39409161FEF7F4FE624A9046B0 +:10973800FEF785FDC02316589B05334313500023BD +:109748009846FEF764FE4B465246AC21DA763A68F4 +:10975800505A136A8000C2180192FEF770FD4B46FA +:109768005246AC219A773A68505A136A8000C21858 +:109778000192FEF764FD4B46524603999954AC2179 +:10978800019A1A773A68505A136A8000C2180192EF +:10979800FEF755FD4B46019A03991A7052469954A3 +:1097A800AC213A68505A136A8000C2180192FEF739 +:1097B80046FD4B465246AC219A773A68505A136A8E +:1097C8008000C2180192FEF73AFD3C4A9046FEF727 +:1097D80036FD4B465246AC215A713A68505A136AC4 +:1097E8008000C2180192FEF72AFD4B465246AC2172 +:1097F8005A713A68505A136A8000C2180192FEF7EB +:109808001EFD4B46524603999954AC21019A5A774A +:109818003A68505A136A8000C2180192FEF70FFD89 +:109828004B46524601999954AC21039ADA743A6826 +:10983800505A136A8000C2180192FEF700FD4B4689 +:109848005246AC215A72019A9A663A68505A136A7B +:109858008000C2180192FEF7F2FC4B465246AC213A +:109868001A723A68505A136A8000C2180192FEF7B9 +:10987800E6FC4B465246AC21DA713A68505A136AF4 +:109888008000C2180192FEF7DAFCC0460CC301083A +:10989800FCC30108FFFFFFCFFF0F1A01000026409D +:1098A80040420F000000FC0F003A0280FC05000057 +:1098B8000AC30108FFFFFFBFFA0F1A01590F1A0167 +:1098C8004B46524601999954AC213A68505A136A4A +:1098D8008000C2180192FEF7B2FC4B465246AC21FA +:1098E8001A70019A5A70039A1A713A68505A136A90 +:1098F8008000C2180192FEF7A2FC4B46524601991D +:109908009954AC213A68505A136A8000C2180192DF +:10991800FEF795FC4B46524603999954AC21019A9F +:109928001A753A68505A136A8000C2180192FEF7F5 +:1099380086FC4B46524603999954AC21019A9A7475 +:109948003A68505A136A8000C2180192FEF777FCF1 +:109958004B465246AC21DA763A68505A136A800070 +:10996800C2180192FEF76BFC4B465246AC211A70A6 +:10997800019A5A70039A1A713A68505A136A800009 +:10998800C2180192FEF75BFC4B465246AC211A7294 +:109998003A68505A136A8000C2180192FEF74FFCC9 +:1099A8004B465246AC21DA713A68505A136A800025 +:1099B800C2180192FEF743FC4B46019A03991A70AC +:1099C80052469954AC213A68505A136A8000C2181A +:1099D8000192FEF734FC4B46524601999954AC214A +:1099E8003A68505A136A8000C2180192FEF727FCA1 +:1099F800EB4A9046FEF723FCE94A9046FEF71FFC27 +:109A0800E84A059B01909046FEF719FCE64A914604 +:109A1800927A9246002A00D0B0E03B228A5C002A63 +:109A280000D02BE1E14A9046FEF709FCDD4A90465A +:109A3800FEF705FCAC21505A136A8000C218019247 +:109A4800FEF7FDFB01234A464846537200F07EFDAF +:109A58004B469866484600F057FE8046002800D0DE +:109A68009DE0AC213A68505A136A8000C2180192EE +:109A7800FEF7E5FBCC4A9246D27A002A00D0CAE02B +:109A88003B228A5C012A00D826E15146022000F0D8 +:109A98009FFD8C23994653464A46985001235246C7 +:109AA8005046D37200F030FE8046002800D11AE1FB +:109AB8000023524649465350AC21D3723A68505A53 +:109AC800136A8000C2180192FEF7B9FBB84B9A4698 +:109AD800FEF793FCB24A9046FEF7B1FBB04A9046B7 +:109AE800FEF7ADFB4B46524603999954AC213A68B0 +:109AF800505A136A8000C2180192FEF7A0FB4B4629 +:109B0800524603999954AC213A68505A136A800016 +:109B1800C2180192FEF793FB4B465246039999549B +:109B2800AC213A68505A136A8000C2180192FEF7B5 +:109B380086FB4B46524603999954AC213A68505AD1 +:109B4800136A8000C2180192FEF779FB504600F0B4 +:109B5800DBFD3A688046002800D1A7E0AC21505AC6 +:109B6800136A8000C21801925A461268052A01D960 +:109B7800FEF765FB8F4992008A5897468B4A9046B4 +:109B8800FEF75DFB4B46524603999952AC213A6861 +:109B9800505A136A8000C2180192FEF750FB4B46D8 +:109BA8005246AC219A665A723A68505A136A800033 +:109BB800C2180192FEF743FB7A4A4B460190904641 +:109BC800FEF73DFB504600F09FFD3A6880460028AE +:109BD80000D191E0AC21505A136A8000C21801925A +:109BE8005A461268052A01D9FEF729FB72499200E4 +:109BF8008A589746842041466B4A1154852160460D +:109C0800505401315754872703995046D15588211C +:109C18005054FEF74AFD654A9046FEF710FB634A2A +:109C28009046FEF70CFB604B99469B7A4A469A464B +:109C380000234846937200F067FD8046002811D142 +:109C4800AC213A68505A136A8000C2180192FEF794 +:109C5800F6FAAC213A68505A136A8000C218019289 +:109C6800FEF7EDFA4B465246AC219A723A68505AC2 +:109C7800136A8000C2180192FEF7E1FA49460120F2 +:109C880000F0A6FC4B46802298505A4648469A72E5 +:109C980000F03AFD8046002810D1AC213A68505AAD +:109CA800136A8000C2180192FEF7C9FAAC21505A13 +:109CB800136A8000C2180192FEF7C1FA4B4651465A +:109CC800802299729950AC213A68505A136A8000E0 +:109CD800C2180192FEF7B3FA344A9046FEF7AFFA7B +:109CE800314B9A46D1E6AC213A68505A136A800043 +:109CF800C2180192FEF7A3FAAC21505A136A8000E9 +:109D0800C2180192FEF79BFA2C4A9046FEF797FA82 +:109D18002A4A9046FEF793FA284A9046FEF78FFAA9 +:109D2800AC213A68505A136A8000C2180192514611 +:109D38004A465176FEF783FAC5225146039888545D +:109D4800049803328850FEF77AFACD2251460398D8 +:109D58008854049803328850FEF771FAAD225146B0 +:109D680003988854049803328850FEF768FAA622AC +:109D7800514603988854049802328850FEF75FFAD7 +:109D88000E4A9046FEF75BFAAC213A68505A136ABD +:109D98008000C218019251464A465176FEF74FFAA2 +:109DA800BD0F1A01FA0F1A010CC301082D0F1A0171 +:109DB80040420F005C02031074020310FF0F1A01E7 +:109DC800BD22514603988854049803328850FEF700 +:109DD80036FAB522514603988854049803328850BD +:109DE800FEF72DFAC4225146484688540398043297 +:109DF8008850FEF724FACC225146484688540398E6 +:109E080004328850FEF71BFAAC2251464846885463 +:109E1800039804328850FEF712FAA52251464846A4 +:109E28008854039803328850FEF709FA0C4A904682 +:109E3800FEF705FA0A4A9046FEF701FABC22514697 +:109E480048468854039804328850FEF7F8F9B4223B +:109E5800514648468854039804328850FEF7EFF973 +:109E6800FF0F1A01354B364900B5196035490022F4 +:109E7800996035495A6019613449DA609961344901 +:109E88005A6119623349DA61996233495A6219632E +:109E98003249DA62996332495A6319643149DA639B +:109EA80008683C215A64DA645A65DA655A66DA66E3 +:109EB8005A67DA67415C83B004293CD92A4A0539D4 +:109EC8009A644A1E91414A4228490A401A654268E2 +:109ED80011000831996526491966264959662649A7 +:109EE80099662649196726498C4662449A67012271 +:109EF8005242DA678522520194468022036A52034D +:109F080063449A606A4604231380838E1D4905338F +:109F18005380002368460193FDF79EF96B460022A3 +:109F28009B5E002B05DB1F221A4001239340164A33 +:109F3800136003B000BD9A640022C7E718E801085F +:109F48000800264000072640040726400807264048 +:109F58001007264084032640880326408C032640A9 +:109F68009003264014E801089403264098032640ED +:109F78000400264000FF03F048052640440526401B +:109F880060F000000182021000E100E0094B1A684D +:109F98003C23D35C83420BD9074BE0229C468000CC +:109FA8006044920083585B005B088350002000E007 +:109FB8000248704714E801080000264001004A00E2 +:109FC80070B50B4D04002B78002683420BD0FEF7AA +:109FD800F5F8002809D10749074A01308B5883430F +:109FE80023438B502C70300070BD044EFBE7C046F5 +:109FF80000C40108000026400C0500005C0F1A018F +:10A0080070B5094D094C00262B59002B08DBFEF7CB +:10A01800D5F8002806D180232A591B0613432B5153 +:10A02800300070BD024EFBE7000026400C05000022 +:10A038005C0F1A0170B50C4C0C4D00266359002BAF +:10A0480001DB300070BDFEF7B9F8002809D1C02344 +:10A058005B00E358DB0704D463595B005B0863517A +:10A06800EFE7034EEDE7C046000026400C05000070 +:10A078005C0F1A0110B50400FCF78EFF002801D010 +:10A08800044805E004492000FCF7D4FF0028F7D174 +:10A0980010BDC046FD0F1A0110270000124B30B545 +:10A0A8001C683C23E35C984201D310481AE00F294E +:10A0B800FBD80F4B0F259C46E023800060449B0093 +:10A0C800C458AC432143C150032AEED83024C158A8 +:10A0D8001201A1430A43C2508022C15812060A4302 +:10A0E800C250002030BDC04614E80108FD0F1A0117 +:10A0F80000002640022310B53A245B4213604B4B04 +:10A108001B681C5D844205D9052803D8484C80008B +:10A1180020588746474810BD087C0028FAD09E2062 +:10A12800085A03286BD0032854D801286CD069D862 +:10A13800414B13600020EEE7487C0028EAD0A020BD +:10A14800085A0328EFD15AE0087B0028E2D0487A61 +:10A15800002850D07A20085C02284CD08B6E002052 +:10A168001360D8E7487B0028D4D03B20185C00282F +:10A1780026D0887A002823D08820085C02281FD09F +:10A188008023CB5800201360C5E7887B0028C1D006 +:10A198003B20185C012818D9C87A002815D09420CB +:10A1A800085C022811D08C23CB5800201360B2E73A +:10A1B800C87B0028AED09C20085A0328B3D11EE0E3 +:10A1C8009820085A0328AED119E09A20085A032883 +:10A1D800A9D114E01221FF31884224D01421FF3183 +:10A1E800884213D01138FF384342434113495B4238 +:10A1F8000B40023B9DE79620085A032893D1E4239D +:10A20800CB5896E78B6A94E78B6C92E73D215B5CB1 +:10A21800013B591E8B410A495B420B4080210902D0 +:10A228008C46634485E780231B0282E714E8010813 +:10A238008C020310FE0F1A0100127A00027D000042 +:10A24800FE7FFFFF00B505280ED83C4B80001B5849 +:10A258009F461222FF32934262D01422FF32934269 +:10A268004FD0033A934245D0354800BD0B7C002BB4 +:10A27800FAD09E23CB5A032B14D0032BE9D8012BF9 +:10A2880055D00020012BF0D94879434258412C4B36 +:10A2980040421840E9E74B7C002BE5D0A023CB5A7D +:10A2A800032BEAD12123C85C43425841244B404246 +:10A2B8001840DAE70B7B002BD6D09623CB5A032B1A +:10A2C800DBD1EFE78B7B002BCED09A23CB5A032B25 +:10A2D800D3D1E7E7CB7B002BC6D09C23CB5A032BEB +:10A2E800CBD1DFE74B7B002BBED09823CB5A032B77 +:10A2F800C3D1D7E7C87943425841114B404218406F +:10A30800B3E72023CB5C002BAED00E4B1A683D235D +:10A31800D05C0138431E9841094B40421840A4E7DD +:10A32800087A43425841064B404218409DE78879D5 +:10A3380043425841024B4042184096E7A40203109A +:10A34800FE0F1A0114E80108F8B50300012917D017 +:10A358009A22C67A855A0E3A84580732877B825CDD +:10A368000020002E0BD0002F08D0012D00D168E06E +:10A37800002D19D0022D5FD0032D0DD06948F8BDEE +:10A388009822867A855A183A84580732477B825C25 +:10A398000020002EE7D1F2E7E420634D1858AC46C0 +:10A3A8006044624DA842E9D8504242416048524256 +:10A3B80002406048844618796244002835D09442A7 +:10A3C800DCD35D4A9442D9D83B205C4A1268155CBC +:10A3D80000208D421FD3012938D09A21595A0329C8 +:10A3E80000D18DE062D8012900D181E000D98AE04E +:10A3F80091219022585C01315D5C9A5C504900289B +:10A4080009D0002D3BD04A4301001000D8F788FE40 +:10A418002900D8F785FE201A44426041494B404242 +:10A428001840404B9C466044A9E79442A6D3464A4C +:10A438009442C9D93B48A2E73B4D986AAC46604470 +:10A44800AFE7394D986CAC466044AAE79731595A42 +:10A4580003294AD015D8012945D007D88521842257 +:10A46800585C01315D5C9A5C3549C8E7996A842279 +:10A47800852086259A5C185C5D5D8B1CBFD1002009 +:10A48800C9E71225FF35A94224D01425FF35A94272 +:10A498001CD0882252009142BDD1842285219A5C29 +:10A4A800585C01315D5CFA21C901A8E71225FF3526 +:10A4B800A94233D01425FF35A94226D0882252005C +:10A4C8009142A8D1902291219A5CE9E73D21525C02 +:10A4D800012AA0D1842285219A5C585C01315D5CF7 +:10A4E800802109028BE7996CC1E7E4229958BEE7FD +:10A4F800996C9022912092259A5C185C5D5DBCE76E +:10A50800E4229958F5E7996AF3E73D21525C012A5C +:10A5180000D080E78F329A5C5431DEE79022912197 +:10A528009A5CDAE7FE0F1A0100F7C2FF008793036F +:10A53800389C1C00E81FA20080F0FA0214E8010809 +:10A5480000127A0002F0E5FE80D1F008962310B5DB +:10A55800C35A0400032B33D00CD91222FF32934282 +:10A5680026D01422FF3293421CD0033A934222D0C1 +:10A57800002011E0012B21D00FD8134B7022A15AD3 +:10A588000020002908D0E06E5843D8F7C9FD73238E +:10A59800E35C002B00D0400810BD836A9A1CEDD103 +:10A5A8000020F9E7094B1A683D23D35C012BDFD162 +:10A5B80080231B02E2E7FA23DB01DFE7836CEDE788 +:10A5C800E423C358EAE7C04600127A0014E80108F9 +:10A5D800030010B50020002B3CD03B24484A1268E9 +:10A5E800145D9C4236D3012B19D0022B32D19833FB +:10A5F800CB5A032B00D16BE042D91224FF34A3427B +:10A6080000D17AE01424FF34A34200D16DE08822FF +:10A61800520093421ED190239122CB5C2AE09733BB +:10A62800CB5A032B37D016D8012B4FD04CD88522C4 +:10A638008423885C01328C5CCB5C324A002809D0C8 +:10A64800002C32D0534301001800D8F769FD2100CF +:10A65800D8F766FD10BD1224FF34A3422BD0142472 +:10A66800FF34A34223D0882252009342F2D184239C +:10A678008522CB5C885C01328C5CFA22D201DDE752 +:10A68800012B30D02DD891229023885C01328C5C2C +:10A69800CB5C1C4AD2E7E423CA588423852086244D +:10A6A800CB5C085C0C5D911CC8D10020D2E73D232F +:10A6B800D35C012BCED184238522CB5C885C01320C +:10A6C8008C5C80221202B9E78A6AE6E78A6CE4E7C2 +:10A6D800E423CA58902391209224CB5C085C0C5D3B +:10A6E800E1E78A6AF6E78A6CF4E73D23D35C012B3D +:10A6F800B0D18F33CB5C9122E0E79023FAE7C046D4 +:10A7080014E8010800127A00F0B5DE4657464E46B6 +:10A718004546E0B504008DB0002800D181E0A622AE +:10A728008C49D2008B58DB439B071BD08B5843794D +:10A73800002B17D0884A836A9446884A6344934218 +:10A7480000D995E0C36A013B632B00D9FFE0036B96 +:10A75800834A013B934200D9DEE1436B013B9342BC +:10A7680000D9B6E1A379002B0CD02179A26C00297D +:10A7780000D1E6E07B498A4200D9CFE1E26C002AA9 +:10A7880000D1C0E1267B002E22D0774A11683A22F8 +:10A798008A5C002A00D16DE09622A25A032A01D1D0 +:10A7A80000F00EFC00D87DE11220FF30824201D17A +:10A7B80000F024FC1420FF30824201D100F010FC8C +:10A7C800882149008A4201D100F0F2FB674F29E055 +:10A7D800677B002F2ED1A27B9046002A4DD0624A7B +:10A7E80011683A228A5C022A47D99A22A25A032A75 +:10A7F80001D100F022FC00D85FE11220FF30824234 +:10A8080001D100F011FC1420FF30824201D100F088 +:10A81800FDFB882149008A4201D100F018FC544F01 +:10A8280000E0544F38000DB03CBC90469946A24613 +:10A83800AB46F0BD4C4A11683A228A5C012ACAD953 +:10A848009822A25A032A00D172E300D81FE11220ED +:10A85800FF30824200D165E31420FF30824200D1EC +:10A8680054E3882149008A4200D149E3424FD9E79D +:10A87800424FD7E7A27B677B9046E27B9146002A4E +:10A8880021D0394A11683A228A5C032A1BD99C22B2 +:10A89800A25A032A01D100F03EFC00D81BE1122085 +:10A8A800FF30824201D100F02EFC1420FF3082429A +:10A8B80001D100F01BFC882149008A4201D100F037 +:10A8C8000DFC2F4FAEE7227C9246002A16D0264A6E +:10A8D80011683A228A5C042A10D99E22A25A032AB5 +:10A8E80000D112E100D91BE1012A01D100F039FCA5 +:10A8F80004D96279002A01D1224F93E7627C9346FA +:10A90800002A47D0184D2A68110003923A228A5C1F +:10A91800052A3FD9A022A25A032A00D1D6E300D89B +:10A92800E4E01223FF339A4200D1BBE31423FF3340 +:10A938009A4200D1A9E3033B9A4200D19EE3124F09 +:10A9480070E712498A4200D818E7114F6AE70B4F9F +:10A9580068E7C0460000264000DC0BFFC0EA210182 +:10A96800E703000080F0FA0214E80108DF0F1A017B +:10A97800DD0F1A01FE0F1A01DE0F1A01EF0F1A017F +:10A98800DC0F1A01DB0F1A01DA0F1A0100E1F505D5 +:10A99800EE0F1A01B023884ADB00D358002B59DB8D +:10A9A800637A002B56D0002E00D1A7E29623E35AF3 +:10A9B800032B00D1DCE300D9DCE2012B01D100F04C +:10A9C800E8FB00D9E3E37D4BA56EEA182379002B59 +:10A9D80000D1E7E27A4B9A4200D9DFE3E36E794A85 +:10A9E800013B934201D900F0F6FB7023E35A764A03 +:10A9F800013B9BB2934200D9E7E37223E35C042B4B +:10AA080001D900F0F7FB7422704BA25A9A4201D97F +:10AA180000F0F3FB7622A25C0F2A01D900F0F3FBC9 +:10AA28007722A25C0F2A01D900F043FC7821684AFA +:10AA3800615A914201D900F042FC7C22A25A9A4202 +:10AA480001D900F051FC2000FFF780FD854201D0BC +:10AA580000F04DFC5F4D2B6803933B23039AD35CB6 +:10AA68000593002B6DD0A37A002B00D12FE2C023D1 +:10AA7800514ADB00D358002B00DA28E201212000DC +:10AA8800FFF762FC002800D121E2534FCAE6012AF1 +:10AA980000D154E200D89EE66779002F00D09AE6EC +:10AAA8004E4FBFE6012A00D193E200D890E66279C2 +:10AAB800002A00D08CE64A4FB4E6012A00D1CFE242 +:10AAC80000D8DAE662799046002A00D0D5E6454FEC +:10AAD800A8E6454FA6E6012A00D1C9E200D8F2E669 +:10AAE8006279002A00D0EEE6404F9BE6012A00D1A9 +:10AAF800E6E200D9DDE2B0232F4ADB00D358002B71 +:10AB080000DB4DE7A9E73A4F8CE62122A25C002A38 +:10AB180000D0F3E6374F85E6334F83E6344F81E6BE +:10AB28001220FF30824200D10BE31420FF30824212 +:10AB380000D1F9E2882149008A4200D109E32D4F6A +:10AB480070E6237F002B15D0D623E35C012B00D1C0 +:10AB580034E3002B00D12AE3032B00D024E3202385 +:10AB6800E35C002B00D154E33D23039AD35C012B13 +:10AB780000D04BE3637D002B00D17CE13C23039A9A +:10AB8800D35C002B00D123E3A5231100E25C6B3BCF +:10AB9800CB5C9A4200D31BE3210010000392FFF71D +:10ABA80051FB002800D066E1039A052A00D983E307 +:10ABB8009300114AD3589F460000264000CA91FED0 +:10ABC80080BA8C01FEFF0300FE1F0000FF01000099 +:10ABD800FF1F000014E80108BF0F1A01DE0F1A0159 +:10ABE800DF0F1A01DD0F1A01EF0F1A01DC0F1A012E +:10ABF800EE0F1A01DB0F1A01BC0203105346002B9B +:10AC080000D159E39E23E35A002B00D033E107AA71 +:10AC180021000398FFF76EFACB4B079A9A4200D8A7 +:10AC280029E1002800D026E1A823E358002B00D111 +:10AC380021E1C64FC64E7B43B34200D91BE1A62390 +:10AC4800E35C032B00D916E1A37D002B20D03C2226 +:10AC58002B689A5C012A1BD9AC22A05C723A9B5CD7 +:10AC6800984201D301F030F92100FFF7EBFA0028F0 +:10AC780001D001F029F9B022AD23A258E35C574373 +:10AC8800B74201D901F020F9032B01D901F01CF9D1 +:10AC9800E37D002B22D03C222B689A5C022A1DD926 +:10ACA800B422A05C7A3A9B5C984201D301F00FF978 +:10ACB8002100FFF7C7FA002801D001F008F9B523F1 +:10ACC800E25C0333E158A14B4B43A1498B4201D9C4 +:10ACD80001F0FDF8032A01D901F0F9F8237E002BD1 +:10ACE80022D03C222B689A5C032A1DD9BC22A05C86 +:10ACF800823A9B5C984201D301F0ECF82100FFF7FF +:10AD0800A1FA002801D001F0E5F8BD23E25C033385 +:10AD1800E1588E4B4B438E498B4201D901F0DAF84A +:10AD2800032A01D901F0D6F8637E002B22D03C22F9 +:10AD38002B689A5C042A1DD9C422A05C8A3A9B5CC1 +:10AD4800984201D301F0C9F82100FFF77BFA0028E7 +:10AD580001D001F0C2F8C523E25C0333E1587B4B14 +:10AD68004B437B498B4201D901F0B7F8032A01D93B +:10AD780001F0B3F8A37E002B22D03C222B689A5C0A +:10AD8800052A1DD9CC22A05C923A9B5C984201D33B +:10AD980001F014F82100FFF755FA002801D001F05E +:10ADA8000DF8CD23E25C0333E158684B4B43684907 +:10ADB8008B4201D901F002F8032A01D900F0FEFF05 +:10ADC800E37E002B23D0D4232A68E75C9A3BD35C2C +:10ADD8009F4200D314E221003800FFF733FA00281D +:10ADE80000D00DE2D526A35D042B00D908E207AAFE +:10ADF80021003800FFF77EF9002800D000E2A35DAB +:10AE0800079ADA401300534A934200D9F8E1637F66 +:10AE1800002B00D100E2D723E35C002B00D15AE2DB +:10AE2800012B00D05DE2237F002B00D165E2D62301 +:10AE3800E35C012B00D14EE2002B01D100F0C4FFEE +:10AE4800032B01D000F0BDFF2023E35C002B01D1D0 +:10AE580000F0B1FF3D232A68D35C012B00D1DBE170 +:10AE68003D4FDFE45B46002B00D125E2A023E35AE7 +:10AE7800002B00D1CBE6394FD4E44B46002B00D150 +:10AE88001AE29C23E35A002B00D1C0E6334FC9E4F1 +:10AE98004346002B00D10FE29A23E35A002B00D13E +:10AEA800B5E62E4FBEE4002F00D105E29823E35A01 +:10AEB800002B00D1ABE6294FB4E4002E00D1FBE112 +:10AEC8009623E35A002B00D1A1E6244FAAE4059B60 +:10AED800012B00D835E6E37A002B00D131E6204A71 +:10AEE800204BD358002B00DA2BE602212000FFF775 +:10AEF8002BFA002800D124E61B4F93E41B4F91E462 +:10AF0800E779002F00D066E4194F8BE42022A75C74 +:10AF1800002F00D138E11D328A5C012A00D15AE4A1 +:10AF2800134F7FE4277A002F00D054E4104F79E4C0 +:10AF38002122A75C002F00D04DE40D4F72E41F1EA4 +:10AF480000D048E40A4F6DE43F0D030040420F0073 +:10AF580080D1F0080084D7178E0F1A019F0F1A01AD +:10AF68000000264004060000BE0F1A01CF0F1A0188 +:10AF7800DE0F1A0188225200934200D20BE11222FE +:10AF8800FF32934200D81EE51422FF32934200D0CC +:10AF980001E1DD4B1A683D23D35C012B00D112E59A +:10AFA800DA4F3FE4DA4B9A4200D817E5D74F39E435 +:10AFB800E279002A01D0FFF70BFCD64FFFF732FCED +:10AFC8002122A25C002A01D0FFF702FCD14FFFF733 +:10AFD80029FC002B01D0FFF7FBFBCE4FFFF722FC2B +:10AFE8002022A25C002A00D1DBE03D228A5C012AF3 +:10AFF80001D1FFF7EDFBC74FFFF714FC227A002AB7 +:10B0080001D0FFF7E5FBC34FFFF70CFC2022A25C41 +:10B018009046002A00D1E1E03D228A5C012A00D155 +:10B028002BE4BD4FFFF7FEFB227A9046002A01D0A1 +:10B03800FFF723FCB84FFFF7F5FB2122A25C9046EF +:10B04800002A01D0FFF719FCB34FFFF7EBFBE279B9 +:10B058009046002A01D0FFF710FCAF4FFFF7E2FB44 +:10B068009846002B01D0FFF708FCAB4FFFF7DAFB3F +:10B07800002B00D027E4A94FFFF7D4FBE379002B7E +:10B0880000D038E5A64FFFF7CDFB2023E35C002B6B +:10B0980000D1A6E03D23CB5C012B00D12BE5A04FCE +:10B0A800FFF7C0FB237A002B00D024E59C4FFFF765 +:10B0B800B9FB6379002B00D01DE5994FFFF7B2FB70 +:10B0C800002B00D017E5964FFFF7ACFB2123E35C7C +:10B0D800002B00D00FE5924FFFF7A4FBE279002A7E +:10B0E80001D0FFF7F0FB8D4FFFF79CFB2022A25CFD +:10B0F800002A79D03D228A5C012A01D1FFF7E3FBBF +:10B10800864FFFF78FFB227A002A01D0FFF7DBFB7F +:10B11800824FFFF787FB2122A25C002A01D0FFF7AC +:10B12800D2FB7E4FFFF77EFB2022A25C002A5ED076 +:10B138003D228A5C012A01D1FFF7E0FB794FFFF736 +:10B1480071FB227A002A01D0FFF7D8FB754FFFF771 +:10B1580069FBE279002A01D0FFF7D0FB714FFFF7B6 +:10B1680061FB002B01D0FFF7C9FB6E4FFFF75AFBBD +:10B17800E423E3586C4A94466C4A6344934200D8EB +:10B1880021E4624FFFF74EFB694FFFF74BFBA36AC1 +:10B19800F0E7A36CEEE75D4FFFF744FB5B4FFFF76B +:10B1A80041FB5C4FFFF73EFB624FFFF73BFBE37948 +:10B1B800002B00D0DEE45F4FFFF734FB237A002B2F +:10B1C80000D0D7E45B4FFFF72DFB504FFFF72AFB6A +:10B1D800594FFFF727FB4D4FFFF724FB4E4FFFF763 +:10B1E80021FB4F4FFFF71EFB4C4FFFF71BFB4D4F4B +:10B1F800FFF718FB454FFFF715FB444FFFF712FB0E +:10B208004E4FFFF70FFB414FFFF70CFB494FFFF77E +:10B2180009FB484FFFF706FBA37C002B52D0637D48 +:10B22800002B67D0A8234648E3585843A223E15C83 +:10B238000131D7F775FF434B984201D900F06FFDF4 +:10B24800E37C002B01D100F067FDA8233C48E358BC +:10B2580058433D4B984201D900F05BFDA323E15CC4 +:10B268000131D7F75DFF2379002B01D100F049FDAB +:10B27800364B984201D900F07CFDA37F002B0CD0FF +:10B28800D8230222E35AFF32934206D00CD9304A1F +:10B29800934202D02F4A934208D1237D9846002B2F +:10B2A80064D12D4FFFF7BEFA012BF6D92B4FFFF7CC +:10B2B800B9FA164FFFF7B6FA1F4FFFF7B3FA134F55 +:10B2C800FFF7B0FAE37C002B1AD0637D002BBCD1CA +:10B2D800234FFFF7A7FA237A002B9DD1214FFFF7C1 +:10B2E800A1FA204FFFF79EFA084FFFF79BFA074F86 +:10B2F800FFF798FA1C4FFFF795FA1A4FFFF792FAE3 +:10B30800174FFFF78FFAC04614E80108CF0F1A014C +:10B3180000AB8704DF0F1A01DD0F1A01DC0F1A01D9 +:10B32800DA0F1A01DB0F1A0118FCFFFF18DDF5050B +:10B33800DE0F1A01AF0F1A019F0F1A018F0F1A01A2 +:10B3480040420F000084D71780D1F00840787D0173 +:10B3580001020000010300008B0F1A01890F1A0176 +:10B368008C0F1A018E0F1A018D0F1A01A423E15CAC +:10B378000131D7F7D5FED74B984201D900F018FD17 +:10B3880096210020FCF796F82378002B00D019E2CC +:10B398003C222B689A5C002A00D110E2E02030277A +:10B3A800CD4A80001158B9431150B021C9005058F6 +:10B3B8003B21595CC00F677A002900D135E2C026CD +:10B3C800F6009659B146012903D9C44E9259D20FB5 +:10B3D8000492B84205D14A46A07AD60FB04200D1AD +:10B3E800F1E2196884228C4680269A58BC48624447 +:10B3F8001168014011609F591A68BC468027624451 +:10B40800110012687F041202120A3A430A6019688E +:10B418003B278C469A596244116801401160DB5DF4 +:10B42800002B00D019E200210120FBF7ADFB00281A +:10B4380000D06DE2E0270F22A74EBF00F3599246D5 +:10B448001A4200D18DE2637A002B14D1B120A24BAD +:10B45800C0001A58A3491140802292050A43B0211E +:10B468001A50C9005A58520052085A509E495A5800 +:10B47800520052085A5000210020FBF785FB002893 +:10B4880000D091E23C222B689A5C002A00D196E118 +:10B49800E0210F27904889004258BA4342503D2284 +:10B4A8009B5C012B00D182E2237A002B00D093E22F +:10B4B80008268E4F3B681E4200D018E3237F002BDE +:10B4C80000D0F9E2A6228449D2008B58DB439B07BF +:10B4D80002D08B58002398466379434508D0002B47 +:10B4E80000D01FE37C49824A8B585B005B088B5075 +:10B4F800A379002B00D001E3A37C002B0CD084217E +:10B508002B6877481A685B58D218A2231168E35C45 +:10B5180001401B020B431360E37C002B0CD08022FC +:10B528002B6819689B58C918A3230A68E35C1202A0 +:10B538001B06120A13430B60237D002B0CD08021BD +:10B548002B6867481A685B58D218A4231168E35C13 +:10B5580001401B020B43136096221223A25AFF33A9 +:10B568009A4204D16C3BE35C002B00D121E3982381 +:10B578000120E15AFBF708FB002800D0C8E1237B33 +:10B58800002B00D008E2A37B002B00D0F4E2E37B81 +:10B59800002B05D03A232A68D35C032B00D959E342 +:10B5A800237C002B05D03A232A68D35C042B00D9CE +:10B5B80045E3637C002B05D03A232A68D35C052B2E +:10B5C80000D955E3B023444ADB00D358002B03DBF2 +:10B5D800637A002B00D004E33C232A68D35C002B59 +:10B5E80000D1ECE0A523E35C0F2B00D9E7E0E021D4 +:10B5F8000F27394889004258BA431A434250A622B5 +:10B60800A75C032F00D9DAE0302642583F01B24345 +:10B618003A43425096211222615AFF32914200D198 +:10B6280068E13B232A68D35C002B17D0A37A002B50 +:10B6380006D0C023284ADB00D358002B00DB9BE34D +:10B648003B232A68D35C012B08D9E37A002B05D069 +:10B65800214A224BD358002B00DB63E3A37D002B48 +:10B6680000D110E3AD23E25C013BE15C0120FEF771 +:10B6780015FD002800D00CE3E37D002B00D137E353 +:10B68800B523E25C013BE15C0220FEF707FD0028E0 +:10B6980000D033E33C232A68D35C227E002A00D002 +:10B6A80016E3032B05D90320FEF770FC002800D011 +:10B6B8001BE33C232A68D35C627E002A00D0F7E2B1 +:10B6C800042B17D90420FEF761FC002800D0FCE207 +:10B6D80010E0C04600E1F505000026400406000021 +:10B6E800FF00FFFFFFFFFFCF8C0500000000274091 +:10B6F8002C0500003C232A68D35CA27E002A00D1D6 +:10B70800CAE2052B00D929E3A37F002B00D199E3D6 +:10B71800D823E15A0233D04AE65CD04B3604D558D8 +:10B728006D006D08D550D058CD4D2840CD4D2940DD +:10B738000843D050D158CC4801403143D1508021E2 +:10B74800D05809060143D150E37E002B00D056E3C0 +:10B75800A022C149D2008B58C44803408B50637F54 +:10B76800002B0BD0D723C020E35CC14980001B020B +:10B778000A680340BF48024013430B605523E05C4E +:10B78800FEF71EFC071E01D0FFF74CF8E379002BEB +:10B7980000D02CE3B04AB84BD358002B00DA1BE397 +:10B7A8002378002B07D0637D002B04D0A8232079B1 +:10B7B800E158FBF77FFE01F00BFBFFF733F8AF4FC3 +:10B7C800FFF730F8E378AE4E002B06D03378002B25 +:10B7D80003D0E379002B00D0A5E000233370637811 +:10B7E800002B26D02223E05C012800D893E02423F4 +:10B7F800E35C002B2AD0FBF7B9FE002823D19C4A32 +:10B80800A049536C0B40E82189010B435364A3788A +:10B81800002B45D0536C1B041B0E3A2B00D0B7E508 +:10B82800516C994B0B435364B2E5B84200D0D8E54C +:10B8380035E62323E05C022801D00528D7D1FCF7A0 +:10B84800D3F90028D3D0914FFEF7ECFFFBF7B4FEF5 +:10B858000028D4D08D4FFEF7E5FFA27A002A2BD01E +:10B86800012B00D8DFE5E37A002B00D0DBE501F0FF +:10B87800AFFA3B232A68D35C012B00D889E0764EC7 +:10B88800834F844AF35901201A4080239B051343B0 +:10B89800F351FBF7C9FDF3595B005B08F351C2E5AF +:10B8A800536C1B041B0E3A2B00D071E5536C7A487D +:10B8B8000340194351646BE501F08AFA2B68DB5D9C +:10B8C800002B63D0C026644BF6009A46714A9B59F8 +:10B8D80001201A4080239B05134352469351FBF7DE +:10B8E800A3FD534652469B595B005B0893512B6856 +:10B8F800DB5DB5E7002B00D093E6637B002B07D018 +:10B9080098230120E15AFBF73FF9002800D188E687 +:10B91800624FFEF787FFFCF7BDFA002800D166E703 +:10B928005A4FFEF77FFFFBF79DFD002800D054E734 +:10B93800FBF784FD002886D1FEF77CFB071E01D0AB +:10B94800FEF770FFFEF75CFB071E01D0FEF76AFFEB +:10B958005523E05CFEF734FB071E00D13DE7FEF7F8 +:10B9680061FF0020FBF73AF91223FF33984200D019 +:10B9780069E52A68D53BD35C002B00D11FE7524606 +:10B98800F35993430E3A1343F3515CE5444FFEF7E2 +:10B9980049FF444FFEF746FF96230020E15AFBF784 +:10B9A800F3F8002800D1EEE53F4FFEF73BFF1F33C9 +:10B9B800E35C002B00D0EAE027493C4A8B58DB00C7 +:10B9C800DB088B5070E5012900D868E5E27A049914 +:10B9D8008A4200D005E562E501F0FAF9A06D002879 +:10B9E80010D0E36D002B0DD0002700230022216E1C +:10B9F8000097F9F767FF009700230022616EE06D5A +:10BA0800F9F760FF5623E35C194A002B00D184E064 +:10BA18008021136849020B4313600821144B1A68EC +:10BA28000A431A601A69520700D547E5204F99461C +:10BA3800042602E0002F00D19BE00120FBF7F4FC74 +:10BA48004B461B69013F1E42F4D0002F00D035E55C +:10BA5800184FFEF7E7FEC046000026400405000028 +:10BA6800FEFCFFFF01030000FFFF00FFFF7FFFFF59 +:10BA780000002740FFFCFFFF0C0500000F0F1A0114 +:10BA8800B0AF0108FF00FFFF003A00206F0F1A0156 +:10BA980004060000FFFFFFCFFFC5FFDF4E0F1A01AE +:10BAA8002F0F1A012E0F1A014F0F1A013C05000023 +:10BAB80040420F005A0F1A01D623A026E35C032741 +:10BAC8009B46E44BF6009A469B593B409B4500D168 +:10BAD800F8E4FCF773FB002800D0C6E053465A464A +:10BAE8009B59BB4317401F4353469F51EAE47B20B1 +:10BAF800FBF79AFC3B68B3433B60DFE4E06C00284B +:10BB080007D05423E35C08220093216D0023F9F742 +:10BB1800D9FEA06CFAF7F4FEEEE41368CE490B40A8 +:10BB280013607AE701F054F9A06B002810D0E36B9A +:10BB3800002B0DD0002700230022216C0097F9F775 +:10BB4800C1FE009700230022616CE06BF9F7BAFE92 +:10BB5800636B226BE16AA06AFAF7DCFE002805D164 +:10BB6800BE48FAF7DFFF002800D1C1E4BC4FFEF75A +:10BB780059FEBC4FFEF756FE9A230220E15AFBF706 +:10BB880003F8002800D102E5B74FFEF74BFE01F09D +:10BB98001FF98023AF4EB54F1B06F25901201343FE +:10BBA800F351FBF71DFCC023F259DB051343F35196 +:10BBB8007AE400210120FAF7E7FF002800D0A7E681 +:10BBC8003C232A68D35C002B00D1F8E5E0210F2242 +:10BBD800A0488900435893431A0001231343435054 +:10BBE800CDE401F0F5F8E36E04AA07937023E35A55 +:10BBF80007A813827223E35C93747323E35CD37402 +:10BC08007423E35A93827623E35C93757723E35C8A +:10BC1800D3757823E35A13837A23E35C93767C23E2 +:10BC2800E35A9383FBF7B4F8002805D19048FBF753 +:10BC38000BF9002800D1CFE48E4FFEF7F3FD9E23C9 +:10BC48000420E15AFAF7A0FF002800D1B1E48A4F96 +:10BC5800FEF7E8FD9C230320E15AFAF795FF002838 +:10BC680000D19DE4854FFEF7DDFD854FFEF7DAFD37 +:10BC7800A0230520E15AFAF787FF002800D1A1E4A4 +:10BC8800804FFEF7CFFD0120FEF780F9002800D194 +:10BC9800F2E47D4FFEF7C6FD052B00D834E50520FC +:10BCA800FEF774F9002800D12EE5784FFEF7BAFDAB +:10BCB800042B00D81EE5C523E25C013BE15C0420AF +:10BCC800FEF7ECF9002800D114E5714FFEF7AAFD44 +:10BCD800032B00D8EDE4BD23E25C013BE15C0320CB +:10BCE800FEF7DCF9002800D1E3E46A4FFEF79AFD7D +:10BCF8000220FEF74BF9002800D1CBE4664FFEF78F +:10BD080091FD664B984201D8FFF7B7FA644FFEF7EA +:10BD180089FD634FFEF786FD614FFEF783FD614F96 +:10BD2800FEF780FD9023E35C04AA13739123E35C80 +:10BD380053739223E35C93739323E35CD373942349 +:10BD4800E35C137401F044F807A90220FEF792F9A6 +:10BD5800002800D182E4544FFEF764FDCD23E25C55 +:10BD6800013BE15C0520FEF799F9002800D1CBE4FE +:10BD78009BE74B4FFEF756FD8423E35C04AA13733D +:10BD88008523E35C53738623E35C93738723E35C27 +:10BD9800D3738823E35C137401F01AF807A9012010 +:10BDA800FEF768F9002800D14AE4404FFEF73AFD53 +:10BDB8003F4FFEF737FD3F4FFEF734FD334FFEF799 +:10BDC80031FD3C4FFEF72EFDE379002B01D0FFF744 +:10BDD80023FA384FFEF726FDA320FBF725FBFEF7D5 +:10BDE80029F9002800D1DBE40700FEF71BFDFEF768 +:10BDF80007F9002800D1D3E40700FEF713FDD42388 +:10BE0800E05C0133E15CA023124ADB00D5582A4EDE +:10BE180000023540F026D5503601D5583040274E1F +:10BE2800090335402843E025D050ED01D05829407A +:10BE3800234D28400143D1508021D05809020143A5 +:10BE4800D1508CE403491F4A8B585B005B088B5028 +:10BE58007AE4C04600002640FFFFFEFFB80B000052 +:10BE68005F0F1A015A0F1A014D0F1A013C05000005 +:10BE7800400D03003F0F1A014B0F1A014C0F1A0116 +:10BE88001F0F1A014A0F1A019E0F1A019A0F1A0161 +:10BE98009B0F1A019C0F1A019D0F1A0100E1F5056D +:10BEA8008C0F1A018D0F1A012E0F1A012F0F1A016C +:10BEB8008B0F1A018E0F1A01FF7FFFFFFFF0FFFFA4 +:10BEC800FF8FFFFF04050000054FFEF7ABFC054F91 +:10BED800FEF7A8FC044FFEF7A5FC044FFEF7A2FCF2 +:10BEE8009E0F1A019D0F1A019C0F1A019B0F1A0130 +:10BEF80030B50025084C83B00095032303220F2199 +:10BF08002000FAF723F80095002300227021200072 +:10BF1800FAF71CF803B030BD801A0140002300B5C1 +:10BF280083B00093032203337F210248FAF70EF807 +:10BF380003B000BD801A014010B500F07BF800F096 +:10BF480007F800F067F800F029F800F037F810BD9E +:10BF5800802180220F4BC9001B68D205986810B554 +:10BF6800425070229A5A0C4C1218106820401060E7 +:10BF78006E246C221C5D9A5C9868A2406F241C5D3C +:10BF88000323A3401343802212061343435043580C +:10BF980010BDC04614E80108FF00FFFF3E22054B14 +:10BFA8001B689A5C2F2A03D900219A68024BD1504A +:10BFB8007047C04614E80108BC0C000010B50E4CD0 +:10BFC8000E4A00212000F9F7A9FB20000C4C0D4A6D +:10BFD8000121F9F7A3FB0C4A04212000F9F79EFB85 +:10BFE8000A4A06212000F9F799FB094A072120008F +:10BFF800F9F794FB10BDC0460000314070030310F0 +:10C0080000033140A40303103C030310080303108A +:10C01800D40203103322034B03495A5003495A50A0 +:10C028007047C04600003040082000001020000083 +:10C03800FEE7C046F0B5CE46474680B5962183B0A8 +:10C048000020FBF737FA3C22D54F3B689A5C002A60 +:10C0580000D089E1196884228C4680259A58D14CF1 +:10C06800624410682040106058591A68844680203D +:10C0780062441100126840041202120A02430A6064 +:10C0880019685A598C4662441168214011603B2254 +:10C098009B5C1C1E20D0C44AC44E91468022920547 +:10C0A800904603E03B232C003A68D35C651E9D4212 +:10C0B80010D2BF4B4A469C46A4006444A3590120B1 +:10C0C800134042461343A351FBF7AEF9A3595B0053 +:10C0D8005B08A351002DE5D1E0240F26B44D0021C3 +:10C0E8000120A400FAF750FD2B591E4200D127E188 +:10C0F800B121AF4CC9006358AB4A00201A408023D5 +:10C108009B051343B0226350D200A35800215B0063 +:10C118005B08A350A74AA3585B005B08A350FAF733 +:10C1280033FD3C233A68D35C002B00D024E1002483 +:10C13800002300220021A0480094F9F7C3FB002344 +:10C148000022009401219C48F9F7BCFB08229B4D72 +:10C158002B6813432B602B695B070FD4984C04267C +:10C1680002E0002C00D1E7E00120FBF75DF92B6924 +:10C17800013C1E42F5D0002C00D1DDE0A0220321B5 +:10C1880001258B4CD200A35886488B432B43A350E0 +:10C198003B68842219689A588C4662441168802644 +:10C1A80001401160802294469A581968904641448B +:10C1B8000A6876041202120A32430A6061461A6853 +:10C1C8005B580021D3181A6802401A600120FAF758 +:10C1D800DBFC3C233A68D35C002B06D0E0220F211D +:10C1E8009200A3588B431D43A55000210020FAF765 +:10C1F800CBFC00210220FAF7C7FC7248FAF7C8FD09 +:10C20800002800D0BFE07048FAF71EFE002802D0D0 +:10C218000420FFF70DFF3C233A68D35C002B0AD0BB +:10C22800E0230F20624A9B00D1588143D150D15856 +:10C2380021308143D15000210120FAF7A5FC634940 +:10C248000120FAF7A9FE002800D0A4E060490120E7 +:10C25800FAF7F0FE002802D00320FFF7E9FE5D4957 +:10C268000220FAF799FE002800D090E058490220F1 +:10C27800FAF7E0FE002802D00320FFF7D9FE3C239E +:10C288003A68D05C02282CD88025494C524B534937 +:10C29800E2582D0652005208E250E25800200A40A7 +:10C2A800E250E2584E490A40E250E2582A43E2502E +:10C2B800FBF768FF41494B4A0B681A4080235B0033 +:10C2C80013430B600121484BE2581543E550E258EF +:10C2D8000A43E25000F07CFD03B00CBC904699463E +:10C2E800F0BDE2220F2530241026314B92009958D8 +:10C2F800A94399509958A1433143995080219E5898 +:10C3080009060E439E500328BED004329E58AE4301 +:10C318009E509E58A6439E509E580E439E500428F9 +:10C32800B2D004329858A84398509858A0439850CF +:10C33800985801439950A7E70520FFF779FE1DE7B4 +:10C348000020FAF74BFC1223FF33984200D0CFE6C7 +:10C358003A68D53BD35C002B00D1C9E601222B59A2 +:10C36800B34313432B51C3E6E0213024104889001E +:10C378004258A24342506DE6E0220F219200A35892 +:10C388008B43A350D3E60420FFF752FE3BE703207C +:10C39800FFF74EFE6AE70320FFF74AFE56E7C0465E +:10C3A80014E80108FF00FFFFFFFFFFCFFC050000B6 +:10C3B800000026408C0500000000314000002740A6 +:10C3C80040420F00D8030310400D0300EC03031094 +:10C3D80010270000F403031004050000FEFCFFFF13 +:10C3E800FFFF00FFFFFCFFFF0C050000F8B56C27FE +:10C3F8003348F9F7EFF8FFF79FFD01208022314C11 +:10C40800D2052368304EDD5D996805402A438025B2 +:10C41800ED004A5170229A5A0431521811680E40A0 +:10C42800D8218901314311606F22D95D9F5C6C3A34 +:10C43800BA406E27DF5D0840B940114380221206DA +:10C448009E680A430243725172593E255A5D052A75 +:10C458001BD91E4970500F2A1ED96C21585C6B39A4 +:10C4680001409C681A482150102A1DD96C22995CF9 +:10C478006B3A0A409968C4231B01CA5000F0D6FDE4 +:10C4880000F078FD032818D0F8BD1248D4F78CFACC +:10C4980023685A5D0F2AE0D80F48D4F785FA3E2260 +:10C4A80023689A5C102AE1D80C48D4F77DFA00F08A +:10C4B800BDFD00F05FFD0328E6D100F09DFDE3E738 +:10C4C80058FE021014E80108FF00FFFF140C0000DA +:10C4D8003C0C000008040310300403105C04031033 +:10C4E800002070470020704710B506210E20F9F78C +:10C4F80031FA002800D010BD07210F30F9F72AFAC9 +:10C508000028F8D10121F9F725FAF4E770B5084CAD +:10C5180025001C3DA069043C02F06EFEAC42F9D136 +:10C5280002F0A4FEBFF34F8FBFF36F8F70BDC046FC +:10C53800CCAF010830B5104883B0D4F735FA0F4CAA +:10C548000F48236819000193D4F7B4F963680D48BC +:10C5580019000193D4F7AEF9A3680B4819000193A9 +:10C56800D4F7A8F9094C25001C3501CC02F0A2FC2F +:10C57800AC42FAD103B030BD88040310FC030310A9 +:10C5880098040310C8040310FC040310CCAF01087E +:10C5980070B5064C2500183501CC03F067F8AC429D +:10C5A800FAD1BFF34F8FBFF36F8F70BDB4AF0108DF +:10C5B800044B82B01B681A0C18041204000C1043B8 +:10C5C80002B070473005031001207047012801D9D7 +:10C5D8000020704704204042FBE7C0460420404248 +:10C5E8007047C046014B58687047C046E8AF01081D +:10C5F800014B98687047C046E8AF0108002382B035 +:10C608000193019802B07047042040427047C04629 +:10C61800002382B00193019802B0704770B50C00F6 +:10C6280000280AD0002908D0054D0A000100286812 +:10C63800F9F78AFF0020AC6070BD05204042FBE797 +:10C64800E8AF010810B5054C00212068FAF74CF94D +:10C658002068FAF717F9002010BDC046E8AF0108B6 +:10C6680070B51D4D90B0E86040221C496846D4F76B +:10C6780046F8002269462868FAF702F8C1228021A4 +:10C688002B6892009D5849020D439D509D58144EA9 +:10C6980035409D509A58812292009D5829439950BF +:10C6A8009958314099509A58002808D1802200247E +:10C6B800196812060A431A60200010B070BD094BB1 +:10C6C800984206D0F8D3084B9842F5D80224644221 +:10C6D800F2E705246442EFE7E8AF01087C1B00108D +:10C6E800FFFFFEFF0160AA000360AA0070B50C00FE +:10C6F800002817D0002915D00C4D0A000100286821 +:10C70800F9F768FF822101262868890042584358B2 +:10C71800D205DB0B3340D20D9B18002BF6D100203D +:10C728006C6070BD05204042FBE7C046E8AF0108D9 +:10C73800FF2370B503400400012B20D12A4D0021AE +:10C748002868FAF7D1F8E0212300A022C9000B409D +:10C75800D200934206D03FD8002B03D0802252004B +:10C7680093420CD1C02380229B0123405201934263 +:10C7780008D080229201934204D0002B02D00420DA +:10C78800404270BDC0231B021C408023DB019C4239 +:10C7980005D080231B029C4201D0002CEFD1C1227E +:10C7A80080212B689200985849020843985098585D +:10C7B8000E4C204098509A58812292009858014374 +:10C7C800995099580020214099509A588022196808 +:10C7D80012060A431A60D4E7C022D2009342C1D09D +:10C7E8008B42BFD0CBE7C046E8AF0108FFFFFEFF92 +:10C7F800044B82B01B681A0C18041204000C104376 +:10C8080002B0704788050310082070470020704761 +:10C8180000207047023843425841042340421840E0 +:10C8280004387047014B18687047C04604C40108B3 +:10C83800014B1B685868704700B0010870B5164A6C +:10C84800164E127833681C68120722D55B685B683D +:10C85800002B18D0002508E0336801355B689A681A +:10C868005B6894466444AB420CD92000F8F7B8FEE4 +:10C878000028F1D00A4B984208D00A4B984202D1BE +:10C888000520404270BD01204042FBE702204042A3 +:10C89800F8E704204042F5E78405031000B00108DA +:10C8A8000500520006005200C2430C4B10B51B682D +:10C8B8001B6893420CD21818F8F792FE084B98425E +:10C8C80009D0084B984203D043425841013810BD63 +:10C8D80005204042FBE702204042F8E700B001088B +:10C8E8000500520006005200F8B5454657464E4628 +:10C8F800DE46334BE0B51B6804001F688846160007 +:10C908003D18002959D0002E57D05B6830001969AE +:10C91800D6F78CFC002950D1E443A7424DD280239E +:10C928009B00284F9A461BE053461B1B99468022C2 +:10C938006B0A5B029B46190092003800D3F7DFFEB2 +:10C94800414638194A46D3F7DAFE39005846F8F70F +:10C9580095FE00281CD14B46C8444D44F61A23D0F6 +:10C96800EC05E40DA3195345DED880226D0A6D024B +:10C97800920029003800D3F7C2FE41463819320028 +:10C98800D3F7BDFE39002800F8F778FE00280BD051 +:10C998000D4B98420ED00D4B9C4660444342584183 +:10C9A80003234042984301383CBC90469946A2462E +:10C9B800AB46F8BD02204042F6E705204042F3E7C7 +:10C9C80000B0010808C4010805005200FAFFADFFD5 +:10C9D80070B50B000024002918D0002A16D00E4983 +:10C9E80009680D68C1438D4212D24119E8204003FD +:10C9F800281881420CD2D643B14209D25618B54202 +:10CA080006D8B04204D31800D3F779FE200070BDD1 +:10CA180005246442FAE7C04600B0010886220D4B9F +:10CA280000B51B6852011B6A83B09918C968C9010F +:10CA380003D58021490499509B5801A8F6F744FB77 +:10CA4800054B019A9A4203D18022044B52055A6041 +:10CA580003B000BD14E80108C650CFA500ED00E002 +:10CA6800AC22802110B50A4B49001B689A5A1B6AF0 +:10CA7800D0008018C018074AF9F724FB43425841F0 +:10CA8800054B40421840054B9C46604410BDC046CB +:10CA980014E801085AFC05C6FBFFFF7F050000806B +:10CAA800002310B582B004000193F9F745FD102862 +:10CAB80020D9AE20F6F728FBF6F73EFB01A8F6F7DB +:10CAC800E3FAA423019A1D21E2500720FAF75AFC41 +:10CAD800C120C021084A8000135809061B021B0AFE +:10CAE8000B43135080231360C320F6F70DFB00207F +:10CAF80002B010BD0148FBE700E100E0070000803C +:10CB080010B500211020F9F751FC0028F9D110BD0B +:10CB180010B500211020F9F79DFC0028F9D110BDAF +:10CB2800EFF3098001B5F0B444464D4656465F46DA +:10CB3800F0B46846F6F78EFAF0BCA046A946B246AD +:10CB4800BB46F0BC03BC8E4680F309887047C046DC +:10CB580003235B42016243627047C046042071466A +:10CB6800084202D0EFF3098000E070477146F7F7FA +:10CB78001DFA0047FEE770477047C0467047C04639 +:10CB8800F0B5C646884600B5069C0600203C150050 +:10CB98000021202220001F00F7F752FB43462360A4 +:10CBA8000123A5619D4380235B046561E361300037 +:10CBB80028220021F7F744FB3A0030002100FFF754 +:10CBC800C7FF04BC9046F0BD10B50020F9F756FB2E +:10CBD80010BDC0467047C04670B56848F8F7FAFC03 +:10CBE800B022E0253021664CD200A358AD005B008E +:10CBF8005B08A35063598B43635180235B04A350A4 +:10CC0800604B614AE250A02204339201E250FF22B5 +:10CC18005E4BE250FBF7DEFAC02201215200A35816 +:10CC28008B43A350FFF7D6FF0F2263591340544A92 +:10CC38009C009446D02264449200A15807220A40DE +:10CC480000D196E0042A48D05148002B55D1B22390 +:10CC5800B12503224A49DB00ED00CE584B594C5907 +:10CC68001B0F240F1340224200D16CE04959090FD1 +:10CC78000A40012A67D0032B67D0E023404A9B0073 +:10CC8800D358444A9B069B0FD840434B1860434BEC +:10CC9800D458D158090E0131D6F742FA404B210435 +:10CCA800090E18600131D6F73BFA3E4B04001860B4 +:10CCB8003D4B3E4918603E4BC018D6F731FAFA2171 +:10CCC8003C4B890018703C4BE018D6F729FA3B4BCF +:10CCD80018603B4BC003186070BDC0211F2289003B +:10CCE80060580240113A504242415042FA22D20161 +:10CCF800944608406044002BA9D0013B012BBCD8C6 +:10CD08000321304B304DE65863596259120F1142D6 +:10CD180031D06259120F114001292CD09B009B0F72 +:10CD2800032BAAD17F23284AA558A1582B401F2599 +:10CD3800A458090A29405843D6F7F2F9210C29408A +:10CD4800D6F7EEF999E7F20795D5B0220C4B0D49C5 +:10CD5800D2009C5859589D58C904C90CD6F7E0F917 +:10CD6800A403E901A40BC90F60430131D6F7D8F930 +:10CD780083E7164869E7F207D4D4CFE758FE0210D4 +:10CD88000000264084050000010002008C05000018 +:10CD980000366E010000204008B0010808100000AD +:10CDA8000CB0010804B0010814B0010840420F009B +:10CDB8003F420F001CB00108E703000018B001084B +:10CDC80010B001083C060000FC05000000127A00C3 +:10CDD800E023564A9B00D3580F221340534A70B59C +:10CDE8009446D0229C0092006444A15807220A402D +:10CDF80000D196E0042A48D04D48002B55D1B223E3 +:10CE0800B12503224949DB00ED00CE584B594C5956 +:10CE18001B0F240F1340224200D16CE04959090F1F +:10CE28000A40012A67D0032B67D0E0233F4A9B00C2 +:10CE3800D358404A9B069B0FD8403F4B18603F4B46 +:10CE4800D458D158090E0131D6F76AF93C4B210460 +:10CE5800090E18600131D6F763F93A4B04001860DF +:10CE6800394B3A4918603A4BC018D6F759F9FA21A4 +:10CE7800384B89001870384BE018D6F751F9374B02 +:10CE88001860374BC003186070BDC0211F2289008D +:10CE980060580240113A504242415042FA22D201AF +:10CEA800944608406044002BA9D0013B012BBCD814 +:10CEB80003212C4B2C4DE65863596259120F11422D +:10CEC80031D06259120F114001292CD09B009B0FC1 +:10CED800032BAAD17F23244AA558A1582B401F25EC +:10CEE800A458090A29405843D6F71AF9210C2940B1 +:10CEF800D6F716F999E7F20795D5B0220B4B1B49DF +:10CF0800D2009C5859589D58C904C90CD6F708F93D +:10CF1800A403E901A40BC90F60430131D6F700F956 +:10CF280083E7134869E7F207D4D4CFE70000264027 +:10CF380000366E010000204008B00108081000000B +:10CF48000CB0010804B0010814B0010840420F00F9 +:10CF58003F420F001CB00108E703000018B00108A9 +:10CF680010B001083C060000FC0500008405000024 +:10CF780000127A0090230320024A5B01D35818401C +:10CF88007047C04600002040F8B59027164C7F0136 +:10CF9800060002F0EEFBE3590500DB439B0713D0C4 +:10CFA80080239020104A9B00D650400113580F4907 +:10CFB80019400F4B0B431021135053681942FCD0F2 +:10CFC800280002F0DAFBF8BD02F0D3FBE359074A68 +:10CFD8001A40084B13431022E35163681A42FCD0ED +:10CFE80002F0CBFBDCE7C04600002040FCFF00005D +:10CFF8000300FA050100FA0510B5902402F0B9FB08 +:10D00800074A6401135907491940074B0B4310217C +:10D01800135153681942FCD002F0AFFB10BDC04653 +:10D0280000002040FCFF00000000FA05002210B5B7 +:10D0380000210320F9F770F90648F9F763F8064B61 +:10D048001A684D23D35C002B02D00448F9F762F824 +:10D0580010BDC04608C6010814E80108B805031049 +:10D0680070B50126F022036812011E40264B19688C +:10D07800264B11404A1E9141AC221B689A5A5143D3 +:10D088001A6A9446B02261449C580B680C19002B0C +:10D098000BDB00231E4D01E0AB4232D00A6801339E +:10D0A800002AF9DA1A4A93422BD0002E1BD00368C3 +:10D0B800CB6001238B602368002B1BDA0023154DFE +:10D0C80001E0AB421DD022680133002AF9DB114A86 +:10D0D800934216D0002E0DD1A02302681B069A4257 +:10D0E8000DD0006870BD0123C8608B602368002BD9 +:10D0F800E4DBF1E7A023C8681B069842F2D10020C0 +:10D10800F0E701204042EDE70000204014E8010864 +:10D11800983A000000943577F8B5404B05001B6835 +:10D12800002B00D16EE001263D4B1F682B68FF0FD6 +:10D138001E403C4B19683C4B1A68F0231B011940F0 +:10D148004B1E9941AC23D35A5943136A9C46B023CA +:10D158006144D0580B680818002B0BDB0023334CB4 +:10D1680001E0A34251D00A680133002AF9DA2F4AB4 +:10D1780093424AD0002E29D02B68CB6001238B60C4 +:10D188000368002B0DDA0023294C01E0A3423CD0B0 +:10D1980002680133002AF9DB254A934235D0002E74 +:10D1A8001AD0A023CC681B069C4224D0012F1BD088 +:10D1B800002C1ED0631C2AD01E4A230C1B04934249 +:10D1C80002D1FF231B061C432000F8BD0123CD60BC +:10D1D8008B600368002BD6DBA0232A681B069A42C3 +:10D1E80009D02C68012FE3D10D48F7F7C5FF002CB3 +:10D1F800E0D10024E8E7012FFBD10948F7F7BCFF8D +:10D208000024E1E7F7F7A4FF8DE7012F02D093246C +:10D218006442D9E70248F7F7AFFFF8E7DCC2010834 +:10D22800000010400000204014E80108983A00006F +:10D23800009435770000FFF710B58AB006930C9B71 +:10D24800084C07930D9B019408930E9B039003AC25 +:10D2580001A80294049105920993FFF75DFF0AB0B3 +:10D2680010BDC0460013003510B5D42488B005930E +:10D278000A9BA40506930B9B0094029002AC684697 +:10D288000194039104920793FFF746FF08B010BD7D +:10D2980000B5064B85B002936B46009002A8039335 +:10D2A8000191FFF739FF05B000BDC046000F0035FA +:10D2B80000B5054B89B00093029002AB6846019314 +:10D2C800FFF72AFF09B000BD0005003500B5064B81 +:10D2D80089B00093029002AB6846019303910492CF +:10D2E800FFF71AFF09B000BD0004003530B587B05C +:10D2F80003AC05000C2200212000D3F71CFA074BD1 +:10D3080001A801936B4600940293FFF705FF2B00D9 +:10D3180007CC07C3280007B030BDC046000600355B +:10D3280000B5064B87B00193039003AB01A80293A5 +:10D3380004910592FFF7F0FE07B000BD000200352A +:10D3480010B5074C86B00094029002AC6846019470 +:10D35800039104920593FFF7DFFE06B010BDC046A7 +:10D368000001003510B58AB005930C9B094C069353 +:10D378000D9B009407930E9B029008930F9B02ACA1 +:10D3880068460194039104920993FFF7C5FE0AB019 +:10D3980010BDC0460018003500B5064B85B0009397 +:10D3A800029002AB684601930391FFF7B5FE05B002 +:10D3B80000BDC0460016003500B5054B85B0029388 +:10D3C800019001AB02A80393FFF7A6FE05B000BDCC +:10D3D8000017003500B5064B85B00093029002ABEC +:10D3E800684601930391FFF797FE05B000BDC0465C +:10D3F800001C003500B5054B85B00293019001ABC8 +:10D4080002A80393FFF788FE05B000BD001D003594 +:10D41800F0B5C646DC2300B59B0584B00093002315 +:10D428000127944602AA02905360009B01921F4074 +:10D438002C4B1C682C4B1868F0231B011C40631EE6 +:10D448009C41AC23C35A5C43036A9846B0234444C6 +:10D45800C55823686519002B0BDB0023234E01E018 +:10D46800B3423BD0206801330028F9DA1F488342D1 +:10D4780034D0002F23D0009BE3600123A3602B68E6 +:10D48800002B24DA00231A4E01E0B34226D0286884 +:10D4980001330028F9DB164883421FD0002F16D12C +:10D4A800A02300981B06984216D000986446029B59 +:10D4B800236053680B6004B004BC9046F0BD6B4613 +:10D4C800E3600123A3602B68002BDBDBE8E7A023E4 +:10D4D800E0681B069842E9D10020E7E701204042B6 +:10D4E800E4E7C0460000204014E80108983A00002C +:10D4F8000094357700B51C4883B0F8F76BF8012124 +:10D50800012000F035FA00280CD0184B1B68002BBE +:10D5180012DBFEF7FBFFFFF73BF8FEF7E5FF002005 +:10D5280003B000BD6430F9F75BFF1148D3F73CFA4C +:10D538000E4B1B68002BECDA0E48D3F735FA72B69F +:10D548000D48FFF721FD0120F9F74AFF0B4B0C4A64 +:10D558001B680193802301999B00D15000F0F8F9D2 +:10D56800FFF74AFD62B6D4E758FE021000012640D4 +:10D578008C060310AC06031000400016FC030310D1 +:10D588000000204010B50C0004480549D3F792F973 +:10D598006042604103244042204010BD80060310D1 +:10D5A800EC05031000207047014B18687047C0460F +:10D5B800FC030310014B1B6858687047FC030310F9 +:10D5C80070B50400FEF7B6FF21000A48D3F772F9D8 +:10D5D800822101250848890042584358D205DB0BAF +:10D5E8002B40D20D9B18002BF6D12000FFF7CCFC66 +:10D5F80070BDC0466006031000006540862180208B +:10D60800F0B5C6461E4FAC243A684901136A400477 +:10D61800591800B5886080218625125B8046D000A5 +:10D628008018C018490082B0164AF8F74BFD3B68CD +:10D638006D01195B1E6AC900543486235B01F21818 +:10D64800D3681B0C2342FBD043468819735101A9A8 +:10D658007359F8F745FDAC223B68995A1E6AC90010 +:10D668000028EAD18B195860019A074B9A42E4D1F5 +:10D678000648D3F799F902B004BC9046F0BDC046FD +:10D6880014E8010811E0AD7DEE1F5282B8060310C0 +:10D698000322FF2330B504B280B20240D200C02575 +:10D6A80093402940DB439140002C0CDB0C4AC020FE +:10D6B8009446A408A40064448000225813401943E7 +:10D6C8002150002030BD0F221040064A08389446E9 +:10D6D800800880006044C26913401943C161F0E7C3 +:10D6E80000E100E000ED00E070B5094B1400094AC4 +:10D6F80005000E00F6F746FC002803D1012323702D +:10D70800637070BD220031002800F6F7D5FFF8E7F6 +:10D71800FFFF0F0800800E0870B5140005000E000A +:10D72800F7F708F80020F8F733F901384342584171 +:10D73800084A2070084B31002800F6F723FC00281F +:10D7480006D1012320716370E3706071A071A0702D +:10D7580070BDC04600800E08FFFF0F0810B5F7F730 +:10D768005FF810BD10B5FEF7BDFE10BD030407D469 +:10D778001F23C02218401E3B8340024952008B5091 +:10D788007047C04600E100E0030405D41F23184099 +:10D798001E3B8340014A13607047C04600E100E029 +:10D7A80003040AD41F2318401E3B834080220349E8 +:10D7B8008B50BFF34F8FBFF36F8F704700E100E0CE +:10D7C8000020704710B5FEF78BFE10BD0020704793 +:10D7D800002070470020704710B5FEF707FEFCF7E1 +:10D7E80041FB002010BDC04670B582B005000C009A +:10D7F8001048694600F086F9002815D1019B009E63 +:10D80800002B01D0F6F7CEFB2E6069460A4800F0DF +:10D8180079F900280BD1019B009D002B01D0F6F768 +:10D82800C1FB256002B070BDF6F7BCFBE6E7F6F772 +:10D83800B9FBF0E7140603102406031010B582B0F4 +:10D848006946094800F05EF9002809D1019B009C4F +:10D85800002B02D1200002B010BDF6F7A3FBF9E7B8 +:10D868008020C000F7E7C0463406031010B582B028 +:10D878006946094800F046F9002809D1019B009C37 +:10D88800002B02D1200002B010BDF6F78BFBF9E7A0 +:10D89800F6F788FB0020F6E74C06031070B582B057 +:10D8A80005000C001048694600F02CF9002815D135 +:10D8B800019B009E002B01D0F6F774FB2E60694691 +:10D8C8000A4800F01FF900280BD1019B009D002B8E +:10D8D80001D0F6F767FB256002B070BDF6F762FB72 +:10D8E800E6E7F6F75FFBF0E7D0060310E006031063 +:10D8F80010B582B06946084800F004F9002809D13B +:10D90800019B009C002B02D1200002B010BDF6F74D +:10D9180049FBF9E70148F8E7F0060310EC070000B7 +:10D9280010B582B06946094800F0ECF8002809D122 +:10D93800019B009C002B02D1200002B010BDF6F71D +:10D9480031FBF9E7F6F72EFB0020F6E7080703108E +:10D9580000B5064B83B001A80193FFF781FB0028AF +:10D9680001D101F059FF03B000BDC04601010032EA +:10D9780000B50302054883B018430904014301A810 +:10D988000191FFF76DFB03B000BDC0460100003AEE +:10D99800F0B5CE46474680B5534E87B0337804007D +:10D9A800002B68D0514B1D68002C60D0002399468D +:10D9B80098464F4E4F4F2000D3F72AF84F2858D893 +:10D9C8004F2221003000D3F72AF833783E60002B2D +:10D9D80044D00020320007E02F2B2CD02300140065 +:10D9E8001A006378002B09D0541C3A2BF4D1434613 +:10D9F8001370637802322000002BF5D13A600028BA +:10DA08002CD0D2F70FFE81463C6823785A1E9341EA +:10DA18005B421C402B7C012B15D02800310000F004 +:10DA2800D1FD051E23D0002CC5D1280007B00CBCA1 +:10DA380090469946F0BD43463C6013700028E0D1FB +:10DA480000239946E1E74B464A46AD68013B002A68 +:10DA580046D02D68013BFCD29946DEE72B7C012B92 +:10DA68001DD02800310000F0ADFD051EDDD10025D8 +:10DA7800DBE70024CEE7802003AA02A94000FFF7D5 +:10DA8800C7FC0028F3D105AA04A9029800F03CF9C4 +:10DA9800002806D040B20028E9D1002584E7AD6807 +:10DAA800DFE7059800F028F9C02203001201904230 +:10DAB800DDD8114A114D009205992A00049800F00A +:10DAC8003BF90028D3DD8022280052000C4900F0E1 +:10DAD8008BFD064B051E1860C9D00123337063E720 +:10DAE80001235B42994698E788C701088CC701085B +:10DAF80090C70108E0C70108005F2D00E4C70108CE +:10DB0800E4D3010810B50C1E0AD0FFF741FF002826 +:10DB180009D08068D2F786FD20606160002010BDC2 +:10DB280065204042FBE702204042F8E710B50C1E92 +:10DB380007D0FFF72DFF002806D083680020236058 +:10DB480010BD65204042FBE702204042F8E7C0468E +:10DB5800F0B5C64600B50E0090461F00FFF718FF47 +:10DB6800002832D0037C012B2FD18468002C2AD0C6 +:10DB78004346002B18D0237C4546042B05D01AE0D9 +:10DB8800002D11D0237C042B15D1A068D2F744FDB9 +:10DB9800307024680136013D002CF1D10020002F9F +:10DBA8000CD104BC9046F0BD002F01D043463B6029 +:10DBB80015204042F5E705204042F2E743465D1B49 +:10DBC8003D600020EDE74546E8E702204042E8E7EF +:10DBD800C02080017047C04630B583B0050001A958 +:10DBE8000848FFF7A3FF002809D1019C002D03D0A6 +:10DBF8002000D2F70DFF2860200003B030BD0024BC +:10DC0800FAE7C0465007031030B583B0050001A9F4 +:10DC18000848FFF78BFF002809D1019C002D03D08D +:10DC28002000D2F7F5FE2860200003B030BD0024A4 +:10DC3800FAE7C0461C070310F8B504000D002028B9 +:10DC480017D8002915D00C4F0C4E3B78002B06D066 +:10DC5800220031002800D2F752FD0020F8BD010053 +:10DC68003000FFF715FB03000120002BF6D13870B8 +:10DC7800EEE70320F2E7C04604E80108E4E70108FC +:10DC880010B5040082B000280FD000290DD001ABD8 +:10DC980002680748FFF75CFF03000120002B02D150 +:10DCA8000020019B236002B010BD0320FBE7C046A3 +:10DCB800A007031070B5040082B00D00002817D02B +:10DCC800002915D001A90B48FFF730FF03000120F8 +:10DCD800002B01D002B070BD019E3000D2F798FE33 +:10DCE8003100020020602800D2F709FD0020F1E78A +:10DCF8000320EFE78007031003004000C018032348 +:10DD08008008984304307047F8B50E002E2117009C +:10DD1800D2F766FE041E0CD0451C2E212800D2F72F +:10DD28005FFE002805D0001B0138386000203560F0 +:10DD3800F8BD16204042FBE7F0B557464E4645462B +:10DD4800DE46E0B585B001930E9B91461A0CD2B21F +:10DD580002921A0AD2B2DBB20392009300220300A5 +:10DD680090461C788D4A83460F00002692465D1C1B +:10DD7800002C35D0002F04DB5A46AA1A974200DA45 +:10DD88008FE02200093A042A25D9202C23D0009AB2 +:10DD9800944200D190E021005046D2F721FE00289D +:10DDA80032D0012E39D0012E4EDD022E5DD0032E49 +:10DDB80011D14B46002B0AD0019B984500D377E040 +:10DDC8004B4652464344801A1A7810431870012370 +:10DDD8009C460026E0442B001C785D1C002CC9D111 +:10DDE800009B002B62D1019B434561D94B46002B18 +:10DDF80002D0434400221A70404605B03CBC90460D +:10DE08009946A246AB46F0BD029BA34244D0039B71 +:10DE1800A3424DD16248012EC5D143464A4601333B +:10DE2800002A0DD0019A934242D2414652464944B3 +:10DE3800801A0A78041122430A704A460001D05415 +:10DE4800984602262B00C7E7002EC4D14B46002B6C +:10DE580024D0019B98452BD253464246C01A4B46C4 +:10DE68008000985401262B00B6E743464A46013302 +:10DE7800002A0DD0019A93421AD24146524649448B +:10DE8800801A0A78841022430A704A468001D054C6 +:10DE9800984603262B009FE7424882E701262B007D +:10DEA8009AE7009900299ED08C4209D0002E9AD07A +:10DEB80001235B4298469FE7002F03DB5A46AA1AC4 +:10DEC800BA42F3DC991C5B78022E34D024DD032E91 +:10DED80000D088E7002B12D00A00002F1FDB58461D +:10DEE8000AE019000939042901D9202BE0D10132AF +:10DEF800531E1B78002B02D0111A8F42F1DA4B46C1 +:10DF0800002B00D16FE743441A78002AD0D1019A38 +:10DF1800424500D96EE7CBE7002EC9DA63E719005E +:10DF28000939042901D9202BC2D10132531E1B788B +:10DF3800002BF4D1E3E7002BBAD00A00002F1DDB39 +:10DF48005C460AE019000939042901D9202B08D1B7 +:10DF58000132531E1B78002B1DD01000111B8F425D +:10DF6800F0DAA346009A9342A2D1002F03DD5B4664 +:10DF7800C31ABB429CDC411C0378ABE71900093982 +:10DF88001000042901D9202BECD10132531E1B7833 +:10DF9800002BF3D18CE7013B98462DE7C807031007 +:10DFA800070803100608031001230C388360006873 +:10DFB8007047C04603000C3B9A6859688A4207D2EA +:10DFC800501C9860900019688018800008187047E5 +:10DFD8000020FCE7F8B54E46DE4645465746002386 +:10DFE80089469346E0B5A74E0B748B600B60451CC1 +:10DFF8002A78002A50D0202433000133944257D085 +:10E008001C78002CF9D12A782C2A51D04B461B7C3D +:10E01800591E8B411F215B428B437D339A4200D1AD +:10E0280095E15846436898478046002834D04B46C7 +:10E038001B7C012B51D02B78222B2DD16C1C4460DA +:10E048006B78002B28D02500222B0BD1DDE02B701C +:10E05800130022001C0053780135002B1CD0222B02 +:10E0680000D1D2E0621C5C2BF1D16378752B21D0F2 +:10E07800222B1AD05C2B18D02F2B16D0622B00D154 +:10E0880063E1662B00D16DE16E2B00D16CE1722B40 +:10E0980000D16BE1742B07D0002528003CBC9046CA +:10E0A8009946A246AB46F8BD09232B700234D2E745 +:10E0B80001359DE7A31D9A46A71CD2F7DDFA442235 +:10E0C8003B78C01843781A42E6D00137BA45F4D1F4 +:10E0D8003F23621D2B705446BDE74460002342462F +:10E0E80013604B469B68002B79D04B46DB681A605F +:10E0F8004B46DA6043469D602B78662B77D0662BBB +:10E108005BD9742B00D113E17B2B00D10CE16E2B72 +:10E1180000D1FCE02D3B5A425341ED18D2F7ACFA3E +:10E1280004242B78C01842781442B5D0302B00D183 +:10E13800D8E1002B04D1AFE701352B78002BABD009 +:10E14800D2F79AFA2B78C01843781C42F4D1434688 +:10E1580004241C742B7804212E2B00D1D4E11A003E +:10E1680020208243D2B2452A00D180E12C2B00D155 +:10E1780006E2202432000132A3420ED01478002C8B +:10E18800F9D1414A7D340132A34206D01478002CDB +:10E1980000D181E70132A342F8D1042900D1E7E098 +:10E1A8002B787D2238490131934200D120E70A7843 +:10E1B800002AF8D12A7001350DE0222B56D05B2BAE +:10E1C800A8D1012342461374002393604A4643466C +:10E1D800C1461A600135002D00D009E75CE74B46BF +:10E1E8009A60DA6043469D602B78662B87D1662259 +:10E1F800264B04E01A78002A00D114E10D00287893 +:10E20800691C01339042F5D046E70023601C2B704F +:10E21800002800D140E76178002900D13CE720229E +:10E22800330001338A4217D01A78002AF9D10378CB +:10E23800451C3A2B00D02FE74178002900D12BE765 +:10E248002022330001338A420BD01A78002AF9D1F0 +:10E25800002D00D042E71FE7013001780029DED108 +:10E268001AE7013529780029EAD115E743466C1CDD +:10E278009C606B78002B00D10EE72500222B13D170 +:10E28800EBE0C046340803104408031048080310A4 +:10E298002B70130022001C0053780135002B00D18D +:10E2A800FAE6222B00D1D8E0621C5C2BF0D163780F +:10E2B800752B18D0222B13D05C2B11D02F2B0FD0FD +:10E2C800622B00D161E1662B00D16AE16E2B00D18F +:10E2D8005FE1722B00D160E1742B00D0DCE60923EA +:10E2E8002B700234D8E7A31D9A46A71CD2F7C4F9AD +:10E2F80044223B78C01843781A4200D1CCE6013753 +:10E30800BA45F3D13F23621D2B705446C4E76E22F1 +:10E31800A74B03E01A78002A46D00D002878691C1C +:10E3280001339042F6D0B7E60023424613744CE717 +:10E338007422A04B03E01A78002A53D00D002878E5 +:10E34800691C01339042F6D0A6E60823ADE64B4699 +:10E358002C701B680135002B00D19EE64A46994671 +:10E36800146045E60C23A0E60A239EE60D239CE6EE +:10E37800434699680A7813002D3B584243411333AA +:10E38800681A984200D987E600D009E700232B7065 +:10E398002D2A00D109E18848D2F730FB002800DA9D +:10E3A8007AE62C702300FCE6002900D174E6087890 +:10E3B8002C2809D02032330003E01A78002A00D133 +:10E3C80083E001339042F8D17D227C4B02E01A7839 +:10E3D800002A77D001339042F9D10D000623424636 +:10E3E8001374F8E6002900D156E608782C2809D0DD +:10E3F8002032330003E01A78002A00D1A6E0013366 +:10E408009042F8D17D226D4B02E01A78002A07D09D +:10E4180001339042F9D10D00032342461374DAE622 +:10E4280002350A70F8E7002900D135E608782C286B +:10E4380009D02032330003E01A78002A00D192E094 +:10E4480001338242F8D17D225C4B02E01A78002A1F +:10E45800E6D001339042F9D1DDE700232B70651C2B +:10E46800002D00D118E6022342461374C0E56B78EC +:10E47800B8322B3B13405C425C41D2F7FDF82C19B3 +:10E488006378C01843785B0700D405E6A378A51C19 +:10E49800002B00D100E6042404E001352B78002B82 +:10E4A80000D1F9E5D2F7E8F82B78C01843781C4278 +:10E4B800F3D10523424613742B782C2B00D170E638 +:10E4C800052156E602350A7088E73C4B7D241A0080 +:10E4D80003E01478002C00D1DEE501328442F8D143 +:10E4E8007D2277E7D2F7C8F86A786B1C80184278E3 +:10E4F800144200D0D0E51D00042443461C742B7838 +:10E5080004212E2B00D02AE6D2F7B6F86B78C01873 +:10E5180043781C4200D1BFE5AB78AC1C002B00D17E +:10E52800BAE5042504E001342378002B00D1B3E5D3 +:10E53800D2F7A2F82378C01843781D42F3D10523F7 +:10E548004246137423782500052108E61B4B7D24D9 +:10E558001A0003E01478002C00D19DE501328442B2 +:10E56800F8D17D2254E7154B7D241A0003E0147876 +:10E57800002C00D190E50132A042F8D17D2268E755 +:10E588002C24042900D00BE6F2E6082302342B7071 +:10E5980082E60A2302342B707EE60D2302342B70A8 +:10E5A8007AE60C2302342B7076E60548F4E6C0467A +:10E5B800500803103C08031008080310440803100F +:10E5C8001C08031070B584680D00002C0AD0606820 +:10E5D800002804D02900D2F711FA002802D02468B4 +:10E5E800002CF4D1200070BD002330B587B0039310 +:10E5F800144B0D00019104930178134B029205937B +:10E6080000291DD0114C2022230001338A4213D047 +:10E618001A78002AF9D103787B2B11D17A3B6A60EA +:10E628002A60AA60290004AA0393FFF7D3FC0028F4 +:10E6380006D0280007B030BD013001780029E2D1AA +:10E648000025F6E7B1DF0210BDDF02103408031021 +:10E65800F0B50D0085B014001F0000292FD0002A46 +:10E668002DD00120DFF7FEFF002828D0154B03AE80 +:10E678001A682923D35C00961F2B17D9124A202326 +:10E6880011001248F6F762FF002818D1DFF7EAFFF9 +:10E69800042C00D90424220031002800D2F72FF8D6 +:10E6A800002F0AD000203C6005B0F0BD064A2023A8 +:10E6B80011000648F6F70EFFE6E70020F4E7012010 +:10E6C8004042F1E714E80108B71DC10400001040FA +:10E6D800852040427047C04610B582B0049B069C16 +:10E6E800002B1DD192B2501C013AFF30FF3A80B284 +:10E6F800FF2A15D801AA6946FEF78AFE002815D117 +:10E708000199059B99420ED80098D6F75DF8002C20 +:10E7180004D00020019B236002B010BD0020FBE75D +:10E7280087204042F8E78A204042F5E7922040429D +:10E73800F2E7C04610B592B2501C013A82B0FF30E1 +:10E74800FF3A049C80B2FF2A0BD801AA6946FEF75B +:10E758005FFE002808D1019B63600123A36002B01B +:10E7680010BD87204042FAE792204042F7E7C046B2 +:10E77800852040427047C046C0231B069C460F2296 +:10E788000023604482425B41D8B27047004870471A +:10E7980001000040034B9C46604443425841C0B2CC +:10E7A8007047C046FFFFFFBFC023F0B51B06C31864 +:10E7B80087B00F0016000F2B07D903A88C25FEF78A +:10E7C80095FD6D42280007B0F0BD0E4BC41803A894 +:10E7D800FEF78CFD02AB991C2000FEF7DDFD051E3F +:10E7E800F0D102AB588803A9FEF7F4FD051E04D149 +:10E7F800039B3B600193049B33602000FEF7DCFD24 +:10E80800E0E7C046010000C0F0B5C6461E00C023C0 +:10E8180000B51B06C31884B0884617000F2B34D8E0 +:10E828001B4BC5186B462800991DFEF7B5FD041E45 +:10E8380004D0200004B004BC9046F0BD6B4603AA87 +:10E84800D88802A9FEF76CFD041E04D14346029A3B +:10E858001A60039B3B600A9B1A68022D0DD1202A7F +:10E8680003D91A002023136020220A493000D1F767 +:10E8780046FF2800FEF7A0FDDBE76B463100D8888D +:10E888000A9BFEF75DFD0400F3E78C246442D0E7A1 +:10E89800010000C058080310F0B5C6469846C023CA +:10E8A80000B51B06C31886B00E0017000F2B1FD823 +:10E8B800114BC41816236B4419002000FEF76CFD99 +:10E8C800051E10D16B46D88A0E9B3A0002930D9B09 +:10E8D800310001930C9B00934346FEF7ADFC050005 +:10E8E8002000FEF769FD280006B004BC9046F0BD84 +:10E8F8008C256D42F7E7C046010000C0F0B5C6465A +:10E908009846C02300B51B06C31884B00E00170034 +:10E918000F2B1DD8104BC4180E236B441900200070 +:10E92800FEF73AFD051E0ED16B46D8890B9B3A00BF +:10E9380001930A9B310000934346FEF795FC0500BE +:10E948002000FEF739FD280004B004BC9046F0BD55 +:10E958008C256D42F7E7C046010000C0F0B5C646F9 +:10E968009846C02300B51B06C31882B00E001700D6 +:10E978000F2B18D80D4BC4186B462000991DFEF7B5 +:10E988000BFD051E0AD16B463A00D8883100434674 +:10E99800FEF7D6FC05002000FEF70EFD280002B0A9 +:10E9A80004BC9046F0BD8C256D42F7E7010000C01D +:10E9B80010B5FEF711FF041E02D00124200010BD7F +:10E9C80062B6F6F78BF8F9E7BFF34F8F034B044AAB +:10E9D800DA60BFF34F8FC046FDE7C04600ED00E0A8 +:10E9E8000400FA05F0B51D00002387B00593123323 +:10E9F8006B4406000F000B2019001400FEF7CCFC36 +:10EA0800002802D0012007B0F0BD05A8FEF7F2FCEF +:10EA18000028F7D16B46598A0D9B029703930196FC +:10EA2800009523000A4A05A8FEF79CFC0028E9D1B6 +:10EA38000D9A0C9905A8FEF749FC0028E2D105A813 +:10EA4800FEF736FC0B20FEF7B7FC0020DBE7C046DC +:10EA58000901003070B504000D00FFF797FE210092 +:10EA6800D3F760F90123002804D1002D04D0163310 +:10EA78002B800023180070BD0023FBE710B5D3F7E7 +:10EA880083F9431E984110BD30B5324D324CAB6806 +:10EA9800A54400200093984700283BD180226B6949 +:10EAA800920002A92D4800939847002832D1039A72 +:10EAB8002B4B01929A4232D0802202A99200294817 +:10EAC800009B9847002825D1EB6924480093984774 +:10EAD80000281FD1AB69039A0193214B00929A42F7 +:10EAE8002BD0FC221E4B5200002104A80393D1F71F +:10EAF80022FE002203AB82A802CB4A409842FBD1F7 +:10EB080002928022019B920002A914489847431E52 +:10EB1800984100E0012083239B009D4430BD02AB57 +:10EB280082AC002200E0020002CB08005040A34261 +:10EB3800F9D100209142EED0BEE702AB82AC0022B0 +:10EB480000E0020002CB080050409C42F9D19142FB +:10EB5800D7D0C6E78C050310F4FDFFFF00901C001A +:10EB68004200DEC000921C0013000A4A10B5944609 +:10EB7800604482B08000042909D1074C19006369F8 +:10EB8800042201939847431E984102B010BD01200A +:10EB9800FBE7C046022407008C050310802270B5ED +:10EBA800214C224DA5446B6904000E00920002A975 +:10EBB8001F480093984700282DD10234A40002ABC7 +:10EBC8001B59B3422CD02DD8EB691A4800939847AB +:10EBD800002820D1002202AB1E5182A803AB02CB31 +:10EBE8004A409842FBD102928022AB69920002A966 +:10EBF80010480193984700280DD10D48009B98476D +:10EC0800002808D18022019B920002A90848984751 +:10EC1800431E984100E0012082239B009D4470BD63 +:10EC28000020F9E70320F7E7F8FDFFFF8C05031044 +:10EC380000901C0000921C0010B50D4B0400C01879 +:10EC48000C4B84B05B698000042203A901939847A8 +:10EC580003000120002B06D103994B1C05D001317C +:10EC68002000FFF79BFF04B010BD0220FBE7C04661 +:10EC7800022407008C050310F0B5DE4657464E46C1 +:10EC88004546E0B583B08B46824601A96846FEF743 +:10EC9800ABFD802252059446009B63441E000093FE +:10ECA8005B46002B00D0F2E0019F7D1E3D4219D14A +:10ECB80039003000D4F7BAFA002913D1FF2F5AD9F6 +:10ECC800534601221E60012000E01A000100531C77 +:10ECD80099408F42F9D853461A71002352460020B2 +:10ECE8005371B8E06C082C43A3081C4323091C4348 +:10ECF800230A1C43230C1C43802301345B009C42E1 +:10ED080033D380231B059F4245D98023DB059946D1 +:10ED18004C4524D8E50829003000D4F787FA0029A3 +:10ED28001AD1AF4246D06B0098469F4245D05A1937 +:10ED3800974242D0AB009F423FD05B199F423CD0E4 +:10ED48005200974239D0EB005B1B9F4235D023001D +:10ED5800072293439F4230D064004C45DAD95B4682 +:10ED6800002B00D09AE0504875E01C0080231B055A +:10ED78009F42CAD80FE06C082C43A5082C432509EC +:10ED88002C43250A2C43230C1C43802301345B00AD +:10ED98009C4200D21C00FA00530813439A081343FC +:10EDA8001A0913431A0A13431A0C13435A089B1AD5 +:10EDB8009946ADE77B003D00984621003000D4F726 +:10EDC800AFF9534660431860012301229C4600E0D6 +:10EDD8001A006146531C9940A142F9D353461A714F +:10EDE8000122B04203D3BA198242924152424319D6 +:10EDF800B34249D3B919994246D34346C318B342DB +:10EE08003FD3B9198B423CD84346EB18C1188E4200 +:10EE180034D8BC19A14231D8EB18C1188E422AD86F +:10EE2800BC19A14227D8EB18C1188E4220D8BC19AA +:10EE3800A1421DD8EB18C1188E4216D8BC19A142A0 +:10EE480013D8ED182D18B5420CD3BE19AE4209D30C +:10EE5800534600205A7103B03CBC90469946A246DE +:10EE6800AB46F0BD80231A43F2E740210A43E8E7A6 +:10EE780020210A43DEE710210A43D4E708210A4388 +:10EE8800CAE704231A43BFE702231A43B5E7310050 +:10EE9800019A0648D1F70EFD009E05E70448D1F710 +:10EEA80083FD0148D7E7C0460300C200940A031057 +:10EEB800B00A0310F0B5CE46474680B5426887B021 +:10EEC80005000368511C02D1018900292AD09F49F5 +:10EED8008B4200D110E112DD9D498B4200D10DE13A +:10EEE80051DD9C498B4200D184E06BDD9A498B420D +:10EEF80000D1FFE099498B4212D1994966E09949BE +:10EF08008B4200D1FCE031DD97498B4200D1EFE024 +:10EF180096498B4200D1F9E095498B4200D185E0B2 +:10EF2800944953E0894A934200D10BE138DD884A7D +:10EF3800934200D1FEE05FDD864A934200D1F7E0BC +:10EF480000DCE5E0844A934200D1EFE0834A934233 +:10EF580036D183498848D1F7ADFC884B2A689A4254 +:10EF680000D18CE08648D1F71FFD3EE083498B42F3 +:10EF780000D1BBE083498B4200D1C3E082498B4278 +:10EF8800CED1824922E082498B4200D1ACE081494E +:10EF98008B4200D1B8E080498B42C1D17F4915E04E +:10EFA800704A934200D1CBE033DD6F4A934200D1DF +:10EFB800B6E06E4A934200D1B0E06D4A934237D032 +:10EFC8006C49C7E776498B42AAD176490123287A4A +:10EFD80001308340687A00282CD173480090734828 +:10EFE800D1F768FC6B7A002B2CD107B00CBC90468B +:10EFF8009946F0BD6E49E9E7654A934200D193E02E +:10F00800644A934200D18DE0634A9342D8D1634960 +:10F01800A0E75A4A934200D190E05A4A934200D15D +:10F028008AE0594A9342CBD1584993E76149CDE7E1 +:10F0380060498FE7604800905C48D1F73BFC6B7AE9 +:10F04800002BD2D001212B7A5C4801339940C908A2 +:10F05800D1F730FC5A4B002499465A4B0127984661 +:10F06800594E6B7A424623411F4200D04A4621003E +:10F0780030000134D1F71EFC082CF2D1B5E703ADFE +:10F0880001212800FFF7F8FD0028AED101232979D6 +:10F09800039A01318B406979002955D14249009181 +:10F0A80042484A49D1F706FC6B79002B9DD00121D3 +:10F0B8002B79424801339940C908D1F7FBFB404BF3 +:10F0C800002499463F4B012798463F4E6B794246AC +:10F0D80023411F4200D04A46210030000134D1F7B5 +:10F0E800E9FB082CF2D180E739496FE739496DE728 +:10F0F80039496BE7394969E7394967E7394965E7C4 +:10F10800394963E7394961E739495FE739495DE7D3 +:10F11800234A934200D053E722491BE7354919E7B0 +:10F128002D4917E7324915E7294913E72B4911E714 +:10F138001F490FE72B490DE72C490BE7254909E73C +:10F14800294907E7264905E71B49A8E7C0212340C5 +:10F15800C02223404023234080232340C023234050 +:10F16800B4090310C02023404021234080212340BC +:10F1780000212340BC090310DC0903104020234070 +:10F18800D00A031080202340002023403C090310AC +:10F198004022234080222340002223407C09031080 +:10F1A800002323409C090310D0090310080A031008 +:10F1B800A40903105C090310D4090310480A0310BA +:10F1C800840A0310680A0310700A0310900A0310D7 +:10F1D800840903104409031064090310AC090310DF +:10F1E8007409031094090310540903104C090310FF +:10F1F8008C0903106C09031030B5436885B004000E +:10F20800011D0568013306D02800F6F703FC002825 +:10F218000DD005B030BD0389002BF5D10C2201A813 +:10F22800D1F76DFA0F4B9D4211D00F48F1E721003D +:10F2380020681031F6F7B8FB0028EAD12068F6F705 +:10F2480039FC0028E5D12068F6F726FCE1E7002123 +:10F2580001A8FFF711FD0028DBD101A92068F6F706 +:10F26800D9FBD4E7402023400300C20010B584B086 +:10F2780001AC0A2200212000D1F75DFA0123032204 +:10F28800A371E2716381B14AB14BB2499A585B5894 +:10F29800002A02DB002B00DBD9E0AF4AAB4BAC49BC +:10F2A800D358AE4A8A58002B02DB002A00DBDBE089 +:10F2B800A94AAB4BA649D358AA4A8A58002B02DB65 +:10F2C800002A00DBDDE0A44AA74BA149D358A74A8E +:10F2D8008A58002B02DB002A00DBDFE09E4AA44BA1 +:10F2E8009B49D358A34A8A58002B02DB002A00DB2B +:10F2F800E1E0994AA04B9649D358A04A8A58002B76 +:10F3080002DB002A00DBE3E0934A9D4B9049D35887 +:10F318009C4A8A58002B02DB002A00DBE5E08E4A73 +:10F32800994B8B49D358994A8A58002B02DB002AFB +:10F3380000DBE7E0884A964B8549D358954A8A58B6 +:10F34800002B02DB002A00DBE9E0834A924B80496C +:10F35800D358924A8A58002B0CDB002A0ADB21007A +:10F368008F48F6F721FB00286FD18D48F6F794FBFC +:10F3780000286AD1784A8B4B7549D3588A4A8A58EB +:10F38800002B0CDB002A0ADB21008848F6F70CFB6F +:10F3980000285AD18548F6F77FFB002855D16E4AD8 +:10F3A800834B6B49D358834A8A58002B0CDB002ABD +:10F3B8000ADB21008048F6F7F7FA002845D17E4895 +:10F3C800F6F76AFB002840D1634A7C4B6049D35862 +:10F3D8007B4A8A58002B0CDB002A0ADB210079487B +:10F3E800F6F7E2FA002830D17648F6F755FB002800 +:10F3F8002BD1594A744B5649D358744A8A58002B12 +:10F408000CDB002A0ADB21007148F6F7CDFA002848 +:10F418001BD16F48F6F740FB002816D14E4A6D4BBA +:10F428004B49D3586C4A8A58002B02DB002A00DB70 +:10F43800EAE0494A694B4649D358694A8A58002B39 +:10F4480002DB002A00DBF6E0002004B010BD21003A +:10F458006448F6F7A9FA0028F7D16248F6F71CFBCA +:10F46800002800D119E7F0E721005F48F6F79CFA79 +:10F478000028EAD15C48F6F70FFB002800D117E70F +:10F48800E3E721005948F6F78FFA0028DDD15748FD +:10F49800F6F702FB002800D115E7D6E7210054480B +:10F4A800F6F782FA0028D0D15148F6F7F5FA002885 +:10F4B80000D113E7C9E721004E48F6F775FA00288E +:10F4C800C3D14C48F6F7E8FA002800D111E7BCE7A9 +:10F4D80021004948F6F768FA0028B6D14648F6F7F9 +:10F4E800DBFA002800D10FE7AFE721004348F6F721 +:10F4F8005BFA0028A9D14148F6F7CEFA002800D1D6 +:10F508000DE7A2E721003E48F6F74EFA00289CD105 +:10F518003B48F6F7C1FA002800D10BE795E7210030 +:10F528003848F6F741FA002800D08EE73548F6F754 +:10F53800B3FA002800D088E7074A174B0449D35884 +:10F54800164A8A58002B00DB07E713E7042000005F +:10F5580000002340242000004000234064200000D5 +:10F5680044200000A420000084200000E4200000C3 +:10F57800C4200000242100000421000064210000B0 +:10F5880044210000A421000084210000E42100009F +:10F59800C42100002422000004220000642200008C +:10F5A8004022234044220000A4220000802223405D +:10F5B80084220000E4220000C0222340C42200006C +:10F5C80024230000002323400423000064230000B8 +:10F5D8004023234044230000A42300008423000088 +:10F5E800E4230000002023404020234080202340C3 +:10F5F800C020234000212340402123408021234074 +:10F60800C02123400022234021001248F6F7CCF9FC +:10F61800002800D019E70F48F6F73EFA002800D076 +:10F6280013E70D4A0D4B0E49D3580E4A8A58002B42 +:10F6380000DB06E708E721000B48F6F7B5F90028D4 +:10F6480000D002E70848F6F727FA002800D1FBE6C1 +:10F65800FBE6C0468023234040002340842300006B +:10F6680000002340E4230000C023234070B5057840 +:10F6780082B00400002D34D0012D06D02900364870 +:10F68800D1F718F9354802B070BD7F263100838A5A +:10F6980000959943002200234068F6F757FC00289C +:10F6A800F1D1207EA18AE37DA27D0090314060687F +:10F6B800F6F74CFC0028E6D13100238900959943E0 +:10F6C800012201236068F6F799FB0028DBD1E37A71 +:10F6D800A27A21896068247B31400094F6F78EFB7A +:10F6E800D1E72423016AC25C4068F6F799FA00283A +:10F6F800C9D17F2501262900A38A009699430022B3 +:10F7080000236068F6F7B8FA0028BCD1207EA18AE9 +:10F71800E37DA27D009029406068F6F7ADFA0028E5 +:10F72800B1D16068F6F750FB0028ACD129002389D5 +:10F7380000969943012201236068F6F7C9F9002869 +:10F74800A1D1E37AA27A21896068247B29400094B8 +:10F75800F6F7BEF997E7C046D80B03100100C200C0 +:10F768000230800803D001300238FCD1C046C046C0 +:10F778007047EFF3108072B6704780F310887047B7 +:10F7880058220120014B40421A60704798E801084E +:10F7980058220120014B40421A60704798E801083E +:10F7A8005822024B00201A607047C04698E80108AA +:10F7B80058220120014B40421A60704798E801081E +:10F7C80058220120014B40421A60704798E801080E +:10F7D800044A1368002B00D1034B18181060180056 +:10F7E8007047C04610E8010800180008FEE7C04648 +:10F7F800F8B5C046F8BC08BC9E467047F8B5C04688 +:10F80800F8BC08BC9E46704701B40248844601BC57 +:10F81800604700BF95F8020801B40248844601BC5D +:10F82800604700BF21FC0208000000000000000043 +:10F838000000000000000000009400080000000024 +:10F84800000000000000000000940008009C000870 +:10F85800C045001000550010C045001000550010AC +:10F86800009C0008009C0008009C000820B40008C8 +:10F8780080B4000800C2000800550010C06B0010DA +:10F8880000550010C06B001000C2000860C20008DC +:10F8980060C20008E0C6000800C7000880CD000864 +:10F8A800C06B001000140210C06B0010001402108E +:10F8B80080CD0008C0CD0008C0CD0008607B0108DD +:10F8C800807B0108809B010800140210C0150210FB +:10F8D80000140210C0150210809B0108809B0108CB +:10F8E800809B0108A09B0108009C010800A001085A +:10F8F800C015021040290210C0150210402902103C +:10F9080000A0010800A0010800A0010860A20108E9 +:10F9180080A2010880AE010800010000000000007C +:10F9280006000000FF000000A146021000000000D1 +:10F9380000000000000100000001000007000000B6 +:10F948007F000000C14500100500000084AF0108D9 +:10F958000001000001010000070000007F00000016 +:10F968000155001000000000000000000001000028 +:10F9780003010000070000007F000000D56B0010A5 +:10F988000000000000000000000100000401000069 +:10F99800070000007F0000000114021000000000B2 +:10F9A8000000000000010000050100000700000041 +:10F9B8007F0000002D1602100100000080AF010832 +:10F9C8006CFB021000010000100000006000000045 +:10F9D80001000000010000000100000078FB021097 +:10F9E800000100002000000061000000010000008C +:10F9F800010000000100000084FB0210000100006B +:10FA0800400000006200000001000000010000004A +:10FA18000100000098FB02100001000080000000B7 +:10FA28006300000001000000010000000100000068 +:10FA3800A8FB0210000100000001000064000000A3 +:10FA4800010000000100000001000000BCFB0210E2 +:10FA5800010100001000000070000000010000001B +:10FA68000100000001000000C8FB021001010000B5 +:10FA780020000000710000000100000001000000EB +:10FA880001000000D4FB021001010000400000004A +:10FA980072000000010000000100000001000000E9 +:10FAA800E8FB021001010000800000007300000064 +:10FAB800010000000100000001000000F8FB021036 +:10FAC8000301000010000000800000000100000099 +:10FAD800010000000100000004FC02100401000005 +:10FAE80010000000400000000100000001000000BC +:10FAF8000100000024FC02100401000020000000A6 +:10FB080041000000010000000100000001000000A9 +:10FB18003CFC02100501000010000000200000005D +:10FB280001000000010000000100000054FC021068 +:10FB38000501000020000000210000000100000075 +:10FB4800010000000100000070FC02100501000027 +:10FB58004000000022000000010000000100000039 +:10FB68000100000054464D5F5353545F5345540001 +:10FB780054464D5F5353545F4745540054464D5FB8 +:10FB88005353545F4745545F494E464F00000000A9 +:10FB980054464D5F5353545F52454D4F56450000F0 +:10FBA80054464D5F5353545F4745545F5355505027 +:10FBB8004F52540054464D5F4954535F53455400C7 +:10FBC80054464D5F4954535F4745540054464D5F72 +:10FBD8004954535F4745545F494E464F0000000063 +:10FBE80054464D5F4954535F52454D4F56450000AA +:10FBF80054464D5F43525950544F000054464D5F90 +:10FC080053505F504C4154464F524D5F53595354D3 +:10FC1800454D5F52455345540000000054464D5F22 +:10FC280053505F504C4154464F524D5F494F4354D7 +:10FC38004C00000054464D5F4154544553545F47AF +:10FC480045545F544F4B454E0000000054464D5FED +:10FC58004154544553545F4745545F544F4B454EA8 +:10FC68005F53495A4500000054464D5F415454457E +:10FC780053545F4745545F5055424C49435F4B4589 +:10FC88005900000062330210D0350210D03502103E +:10FC9800D035021000340210DC330210A8330210F1 +:10FCA8006C330210D0350210E831021026350210EC +:10FCB8001C350210B8340210AC3402104C35021056 +:10FCC8003035021024340210FA3202107E3202104B +:10FCD8002A32021000320210423302103A33021064 +:10FCE800FA31021000000000524333001B5B313B25 +:10FCF80033346D426F6F74696E672054464D2076B9 +:10FD080025642E25642025731B5B306D0D0A0000C9 +:10FD18001B5B313B33346D5B5365632054687265FC +:10FD280061645D2053656375726520696D616765FF +:10FD380020696E697469616C697A696E67211B5BF9 +:10FD4800306D0D0A0000000054462D4D2069736F78 +:10FD58006C6174696F6E206C6576656C2069733AA6 +:10FD68002025640D0A0000009E450210324602104C +:10FD7800F0450210504502100E46021000460210CF +:10FD8800514602102544021005440210456E616276 +:10FD98006C696E67206E6F6E2D7365637572652072 +:10FDA800636F72652E2E2E000400000040000000D4 +:10FDB800440000004800000080000000000100002E +:10FDC8001002000088020000000400001004000077 +:10FDD80020040000400400004804000080040000E3 +:10FDE8008404000090040000C0070000C40700005D +:10FDF800C8070000CC070000004000000410000005 +:10FE0800401000004410000048100000C01400001A +:10FE18000011000018020000980200000014000001 +:10FE280010140000201400004014000048140000C2 +:10FE380080140000841400009014000000010000E9 +:10FE480004010000080100000C010000008000000F +:10FE58000000204000002440000000400000000096 +:10FE680000002340000030400000314000009F4067 +:10FE780000002240000010402020202020101010F8 +:10FE88001D1D800017007500FF03060206003604DA +:10FE9800102000007FC000000004000000000000E7 +:10FEA8000019324B647D00804000080B10000000F0 +:10FEB8000000FF012002001F00800004FF08101846 +:10FEC800001000140018001C4044484C500000006A +:10FED80008100000080000000400000004100000E2 +:10FEE800001200000421000000210000001600009C +:10FEF80040114002C41300138013A0132000000017 +:10FF08001C00000060830210BA820210D282021024 +:10FF18002083021042820210788202108882021026 +:10FF28009C8202109284021090830210E2850210D3 +:10FF3800E2850210E2850210E2850210E2850210D5 +:10FF4800E2850210E2850210E2850210E2850210C5 +:10FF5800E2850210E2850210E2850210E2850210B5 +:10FF6800E2850210E2850210E2850210E2850210A5 +:10FF7800E2850210E2850210E2850210E285021095 +:10FF8800E2850210E2850210E2850210E285021085 +:10FF9800E2850210E2850210E2850210E285021075 +:10FFA800E2850210E2850210E2850210E285021065 +:10FFB800E2850210E2850210E2850210E285021055 +:10FFC800E2850210E2850210E2850210E285021045 +:10FFD800E2850210E2850210E2850210E285021035 +:10FFE800E2850210E2850210E2850210E285021025 +:08FFF800E2850210E28502100F +:020000041003E7 +:10000000E2850210E2850210E2850210E28502100C +:10001000E2850210BC85021094850210E285021070 +:10002000E2850210E2850210E28502103A85021094 +:1000300022850210F8840210E6840210E88502107E +:10004000888C0210328C0210028C0210D28B0210AB +:10005000AC8D0210D48C02100E8D0210848E021012 +:10006000BC8A0210548E02105C8D02102E8E02107B +:10007000308B0210408E0210C08C0210EA8D0210EC +:10008000368A0210268902104A880210CE88021091 +:100090008487021028870210E68602100888021062 +:1000A000B8860210BA8902108C8802107C8902106E +:1000B00056870210A6890210B2870210108902101A +:1000C00056860210A28B0210EC8A0210848E021057 +:1000D000848E0210948B0210848E0210848E021083 +:1000E000848E0210848E0210848E0210848E021080 +:1000F000848E0210848E0210848E0210848E021070 +:10010000848E0210848E0210848E0210848E02105F +:10011000848E0210848E0210848E0210848E02104F +:10012000848E0210848E0210848E0210848E02103F +:10013000848E0210848E0210848E0210848E02102F +:10014000848E0210848E0210848E0210848E02101F +:10015000848E0210848E0210848E0210848E02100F +:10016000848E0210848E0210848E0210848E0210FF +:10017000848E0210848E0210848E0210848E0210EF +:10018000848E0210848E0210848E0210848E0210DF +:10019000848E0210848E0210848E0210848E0210CF +:1001A000848E0210848E0210848E0210848E0210BF +:1001B000848E0210848E0210848E0210E889021050 +:1001C000428B02107C8A0210168602105692021090 +:1001D000389202101A920210FC910210AE91021095 +:1001E000749202109A9002106890021036900210D9 +:1001F00004900210D08F0210CC9002107E91021059 +:1002000014910210F2930210C29302102294021071 +:10021000529402105C9302102A930210F89202107A +:10022000C6920210929202108E930210468F021014 +:10023000188F0210A28F0210EA8E02108C8E02100C +:10024000748F0210D6940210C4940210A694021067 +:100250009494021082940210E8940210229E0210DC +:10026000109E0210569E0210449E0210EC9D021039 +:10027000FE9D0210769D0210649D0210DA9D021010 +:10028000C89D0210409D0210529D021050A1021004 +:100290006CA1021092A10210B8A1021020A10210BC +:1002A00040A10210BCA20210ECA20210CCA20210CB +:1002B000DCA2021074A202109EA20210C2AE0210B2 +:1002C000AEAE021098AE021082AE021004AC021064 +:1002D0006CAE0210010000000B0000001D000000C9 +:1002E000000000000000000000000000000000000E +:1002F00001000000000000000000000000000000FD +:100300000000000000000000010000000A000000E2 +:100310001D000000000000000000000000000000C0 +:1003200000000000010000000000000000000000CC +:1003300000000000000000000000000001000000BC +:10034000060000001D00000000000000000000008A +:10035000000000000000000001000000000000009C +:10036000000000000000000000000000000000008D +:10037000010000000000000000000000000000007C +:10038000000000000000000000000000010000006C +:10039000000000000000000000000000000000005D +:1003A000000000000100000000000000000000004C +:1003B000000000000000000000000000000000003D +:1003C000010000000000000000000000000000002C +:1003D0000000000000000000F4010000140004010F +:1003E0000A0009050800030063010000240102005F +:1003F000000000001E0105000000000000040510C0 +:1004000000000510FFFF16105741524E494E473A63 +:10041000204661696C656420746F20636F6E666945 +:1004200067757265205541525420636C6F636B0091 +:100430005741524E494E473A204661696C656420E7 +:10044000746F20636F6E6669677572652074696D7D +:1004500065723020636C6F636B0000005741524E31 +:10046000494E473A204661696C656420746F206389 +:100470006F6E6669677572652074696D657231208B +:10048000636C6F636B0000000A534D505520636F1F +:100490006E6669673A0000006D656D6F72795F7214 +:1004A0006567696F6E732E6E6F6E5F7365637572CD +:1004B000655F636F64655F7374617274203D2025AE +:1004C000236C780A000000006D656D6F72795F72B1 +:1004D0006567696F6E732E6E6F6E5F73656375729D +:1004E000655F706172746974696F6E5F6261736574 +:1004F000203D2025236C780A000000006D656D6F9B +:1005000072795F726567696F6E732E6E6F6E5F735F +:1005100065637572655F706172746974696F6E5F2F +:100520006C696D6974203D2025236C780A000000F9 +:1005300003020202B9C50210D1C5021069C6021039 +:100540004DC60210D5C50210F5C6021025C6021010 +:10055000E5C50210EDC50210F9C5021039C7021039 +:1005600005C6021011C6021019C6021000000000D4 +:10057000800E0000000200000002000001000000E8 +:10058000FF0000000800000001020101F9C702108D +:1005900011C8021015C8021019C802101DC8021097 +:1005A000D9C90210F1C80210B1C8021045C8021022 +:1005B0002DC8021039C8021003000000010000001D +:1005C00001000000000000000503600004000000BE +:1005D00001000000000000000100000006046000AF +:1005E0000800000068C70108D1CB021074666D5F77 +:1005F00073706D5F68616C5F636F6E66696775725B +:10060000655F64656661756C745F69736F6C617456 +:10061000696F6E0074666D2F6974732F6F666673F1 +:100620006574000074666D2F6974732F73697A6541 +:100630000000000074666D2F6974732F6D61785F20 +:1006400061737365745F73697A65000074666D2FFA +:100650006974732F6E756D5F6173736574730000D9 +:100660005374617274696E6720436F727465782D7C +:100670004D3420617420307825780D0A0000000088 +:10068000496E20257328290A00000000434D345F7D +:1006900041502044415020636F6E74726F6C20692A +:1006A0007320656E61626C656400000054455354AC +:1006B000204D4F44450D00000A0D436F72657320B5 +:1006C00073796E6320737563636573732E0D000019 +:1006D00074666D2F7373742F6F6666736574000094 +:1006E00074666D2F7373742F73697A650000000050 +:1006F00074666D2F7373742F6D61785F61737365AA +:10070000745F73697A65000074666D2F7373742F5C +:100710006E756D5F617373657473000074666D2F21 +:100720006174746573746174696F6E5F6461746120 +:100730002F6174746573746174696F6E5F70726F2A +:1007400066696C655F646566696E6974696F6E0081 +:1007500074666D2F6174746573746174696F6E5F14 +:10076000646174612F766572696669636174696F2B +:100770006E5F736572766963655F75726C00000009 +:1007800074666D2F6174746573746174696F6E5FE4 +:10079000646174612F68775F76657273696F6E004C +:1007A00074666D2F6174746573746174696F6E5FC4 +:1007B000646174612F696D706C656D656E746174D0 +:1007C000696F6E5F69640000414243444546474893 +:1007D000494A4B4C4D4E4F50515253545556575811 +:1007E000595A6162636465666768696A6B6C6D6EAD +:1007F0006F707172737475767778797A30313233BD +:100800003435363738390000393232333337323005 +:100810003336383534373735383037002D393232C2 +:10082000333337323033363835343737353830387C +:1008300000000000200A0D090C00000074727565AC +:10084000000000007D5D000066616C7365000000C3 +:100850006E756C6C0000000044E5F1C3790C5FB666 +:10086000721F77202C26597208FA3660C01A2FB8EA +:100870008216B87A8CD165700020234000000010E9 +:1008800012E007070000070000000000000001035D +:100890000000010040202340FFFFFFFF0000000395 +:1008A000000007000000000000000103000001003C +:1008B0008020234000901C10090000030000070066 +:1008C000000000000000010300000100802123401F +:1008D000000000080E0003030000070000000000F5 +:1008E0000000010300000100C021234000000008B7 +:1008F00010030003000007000000000000000103D7 +:100900000000010000222340000002080F00000345 +:1009100000000700000000000000010300000100CB +:100920004022234000F802080A00000500000700EA +:10093000000000000000010300000100534D50556D +:1009400020300000534D505520310000534D50557C +:1009500020320000534D505520330000534D505568 +:1009600020340000534D505520350000534D505554 +:1009700020360000534D505520370000534D505540 +:1009800020380000534D505520390000534D50552C +:1009900020313000534D505520313100534D5055CA +:1009A00020313200534D505520313300534D5055B6 +:1009B00020313400534D505520313500556E72654D +:1009C000636F676E6973656420534D505500000076 +:1009D000616C6C00736F6D65000000002573202D45 +:1009E00020636F6E666967757265642066726F6DED +:1009F0002070726F766973696F6E696E67206461CB +:100A000074612E20000000002573202D2061646495 +:100A100072657373203D2025702C2073697A6520E0 +:100A20003D2025236C782062797465732C20257312 +:100A300020737562726567696F6E7320656E61629F +:100A40006C65640A0000000009737562726567696D +:100A50006F6E2073697A65203D2025236C782062B3 +:100A6000797465730A000000656E61626C656400EC +:100A700009737562726567696F6E2025642025733E +:100A80000A00000064697361626C65640000000024 +:100A90000900000062617365203D2025236C782CDD +:100AA0002073697A65203D202523780A0000000024 +:100AB000094661696C656420746F206D61702074F3 +:100AC0006F20534D505520636F6E666967000000BC +:100AD000556E737570706F7274656420534D505508 +:100AE00020726567696F6E0001000000000B014015 +:100AF0007F0001010000000000000000070000036B +:100B000000000000000000000000000000000000E5 +:100B100001000000C00B01407F0001010000000047 +:100B200000000000070000030000000000000000BB +:100B3000000000000000000001000000C00A0140A9 +:100B40007F0001010000000000000000070000031A +:100B50000000000000000000000000000000000095 +:100B600001000000400B01407F0001010000000077 +:100B7000000000000700000300000000000000006B +:100B8000000000000000000001000000800B014098 +:100B90007F000101000000000000000007000003CA +:100BA0000000000000000000000000000000000045 +:100BB00001000000800A01407F00010100000000E8 +:100BC000000000000700000300000000000000001B +:100BD0000000000000000000556E657870656374C9 +:100BE0006564207065726970686572616C207479E3 +:0C0BF00070652025640A00000000000071 +:100C0000715A00100D6B0010256B00104D6B001019 +:100C1000756B0010796B00108C050310000000004C +:100C2000000200040000010000000000FF000000BE +:100C3000AD5A00100D6B0010256B00104D6B0010AD +:100C4000756B0010796B00108C050310000000001C +:100C5000000200080000010000000000FF0000008A +:100C600039060010B10600103F070010C91100003E +:100C700001000000931A000001000000D1030000F1 +:100C80000100000001000000020000000000000060 +:100C90000000000000000000000000000000000054 +:100CA0008000000080000000700000007100000063 +:100CB0007200000073000000000000000600000049 +:100CC00014B20108E9420210ED420210F142021092 +:100CD00001000000B00B0310380B0310E80A0310EA +:100CE000600B0310880B0310100B0310780803101F +:100CF00094080310B0080310CC080310E808031090 +:100D000004090310200903100000654000000000E2 +:100D10000000000000000000000000106C0503103F +:100D2000F8AF010800093D0000127A0000093D00FB +:100D30000000D00700093D00A00F000004000000E3 +:100D400024B0010800000000FC1A00101C1B001059 +:100D5000DC1A00100000000000000000000000008D +:100D60000000000000000000000000000000000083 +:100D70000000000000000000000000000000000073 +:100D80000000000000000000000000000000000063 +:100D90000000000000000000000000000000000053 +:100DA0000000000043000000000000000000000000 +:100DB0000000000000000000000000000000000033 +:100DC00000000000430000000000000000000000E0 +:100DD0000000000000000000000000000000000013 +:100DE00000000000430000000000000000000000C0 +:100DF00000000000000000000000000000000000F3 +:100E0000000000004300000000000000000000009F +:100E100000000000000000000000000000000000D2 +:100E2000000000004300000000000000000000007F +:100E300000000000000000000000000000000000B2 +:100E4000000000004300000000000000000000005F +:100E50000000000000000000000000000000000092 +:100E6000000000004300000000000000000000003F +:100E70000000000000000000000000000000000072 +:100E800000000000D90D0010C50600100000000091 +:100E9000DA190010D8190010411B0010411B001076 +:100EA000411B0010411B0010411B0010411B001092 +:100EB000411B0010411B0010411B0010FFFFFFFFF2 +:100EC000FFFFFFFFFFFFFFFFFFFF00000100415397 +:100ED000434949000000000000000000000000003D +:100EE000000000000000000000000000000041536E +:100EF000434949000000000000000000000000001D +:100F000000000000000000000000000000000000E1 +:080F10007129021049290210A9 +:100F18004378FF2B00D07047084B1A68AC23D15A8E +:100F2800126A4B005B1801219B18DB685A6813682A +:100F38000B43136013681942FCD1ECE714E801086D +:100F4800000430B5400B1FD0104B1D68AC23EB5A82 +:100F5800DC00E41A2B6AE2181368002BFCDA3E2244 +:100F68000B4B06211A600B4B0B4A1A60A3230B4A42 +:100F7800DB00D1500A49505053582B6AE41800231B +:100F880063605358002BFCDA30BDC04614E80108F2 +:100F980004012640080126401E1F000000002640CC +:100FA8001C050000F8B557464E464546DE46E0B5F6 +:100FB800B025A44F81463B688A465A591E6AB41820 +:100FC8004C229B5C002B45D000F0EAF983460328AD +:100FD80000D081E03A68116A53598C46AC21515AC5 +:100FE80063444A00521852009B181B68002B00DA11 +:100FF800B5E0002000F0E4F9934B9846984200D100 +:10100800ADE0924B00211A680120002300F0C0F9DE +:101018000025002804D0A2E09D4200D19FE00135C0 +:10102800002000F0CDF98A4B4045F5D19D4200D112 +:1010380095E000F095F9874A874B0500D358002BB7 +:1010480000DA9FE0854C0121002000F099F9002882 +:10105800F9D10CE000F084F9814B05001A00012158 +:101068003000984600F074F900280AD07B4C28001C +:1010780000F066F920003CBC90469946A246AB4673 +:10108800F8BD4B46002B01D1764CF0E72368002BC6 +:10109800FCDB3A68B023116AD3588C4663441B685A +:1010A800002B00DA84E043466F491B688B4261D00D +:1010B80057D96E498B4200D195E000D880E06C4941 +:1010C8008B4200D18DE06B498B4200D187E06A49A1 +:1010D8008B4269D0694C4EE000F042F95D4A5E4BA4 +:1010E8000500D358002BC1DA5D4B01211A003000EE +:1010F800984600F02DF90028B8D15046FFF720FF98 +:101108004B46002BC0D02368002BFCDB3A68B02389 +:10111800116AD3588C4663441B68002B73DB434623 +:1011280051491B688B426CD062D950498B4200D11F +:1011380085E06AD94E498B427DD04E498B427CD09E +:101148004D498B4232D04D4C0123526893609368CD +:10115800002BFCD15B46032B00D174E787E73F4C9B +:1011680088E7402B37D025D9802B36D080214900FD +:101178008B42AFD13C4C0123526893609368002B9B +:10118800FCD174E7364B01211A003000984600F074 +:10119800DFF8002800D055E75046FFF7D1FE4B4650 +:1011A800002BB0D12F4C4EE7354CE4E7344CCBE75D +:1011B800344C5CE7002B19D0102B8BD1294CDAE783 +:1011C800A02109068B4211D02F498B4200D081E71C +:1011D800A024E403CFE72B4CCDE7204CCBE72B4CE6 +:1011E800C9E72B4CC7E7A424E403C4E70024C2E7FB +:1011F800402B1AD013D9802B1BD0802149008B4259 +:10120800A1D1194CA0E71F4CA4E7A02109068B42E5 +:101218000DD01D498B4296D1A024E40394E7002BFE +:1012280005D0102B8FD10F4C8EE7164C8CE700247D +:101238008AE70A4C88E7164C86E7144C84E7A4240E +:10124800E40381E714E8010801018800F4C20108F9 +:10125800F0490200000026401C050000050052006D +:10126800E4C201080100500006005200010000F02D +:10127800040000F0050000F0030000F0FF00520039 +:101288000100520002005000090000A003005200B3 +:10129800020052000421F0B5C6461D4B1D4A1B68CA +:1012A80000B55C6813690B43136101282ED030BF69 +:1012B80086235B00E358002B02D004BC9046F0BDA7 +:1012C80000F076F8A3211448144B154AC9000768A2 +:1012D80090465E581568134A0260062042465850E8 +:1012E8003E211160442210495A505A58002AFCDA0B +:1012F80086220E495200A150074A1760A322D20045 +:101308009E50074B1D6000F033F8D6E720BFCFE7AB +:1013180014E8010800ED00E008012640000026401E +:10132800040126401E1F00001C050000AAAAAAAA44 +:10133800024A1368002BFCDB7047C04600012640B8 +:1013480001B40248844601BC604700BF83F702101D +:1013580001B40248844601BC604700BFCD6002105A +:1013680001B40248844601BC604700BF7BF7021005 +:1013780001B40248844601BC604700BF25BF021083 +:1013880001B40248844601BC604700BF5D64021096 +:1013980001B40248844601BC604700BF29620210BC +:1013A80001B40248844601BC604700BF7DCF0210EB +:1013B80001B40248844601BC604700BFF9BE021070 +:1013C80001B40248844601BC604700BF05650210AD +:040000051000049152 +:00000001FF diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/PeripheralPins.c b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/PeripheralPins.c new file mode 100755 index 0000000..4df4072 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/PeripheralPins.c @@ -0,0 +1,467 @@ +/* + * mbed Microcontroller Library + * Copyright (c) 2017-2018 Future Electronics + * Copyright (c) 2019 Cypress Semiconductor Corporation + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "PeripheralNames.h" +#include "PeripheralPins.h" +#include "pinmap.h" + +#if DEVICE_SERIAL +//*** SERIAL *** +const PinMap PinMap_UART_RX[] = { + {P0_2, UART_0, CYHAL_PIN_IN_FUNCTION(P0_2_SCB0_UART_RX)}, + {P1_0, UART_7, CYHAL_PIN_IN_FUNCTION(P1_0_SCB7_UART_RX)}, + {P2_0, UART_1, CYHAL_PIN_IN_FUNCTION(P2_0_SCB1_UART_RX)}, + {P3_0, UART_2, CYHAL_PIN_IN_FUNCTION(P3_0_SCB2_UART_RX)}, + {P4_0, UART_7, CYHAL_PIN_IN_FUNCTION(P4_0_SCB7_UART_RX)}, + {P5_0, UART_5, CYHAL_PIN_IN_FUNCTION(P5_0_SCB5_UART_RX)}, + {P6_0, UART_3, CYHAL_PIN_IN_FUNCTION(P6_0_SCB3_UART_RX)}, + {P6_4, UART_6, CYHAL_PIN_IN_FUNCTION(P6_4_SCB6_UART_RX)}, + {P7_0, UART_4, CYHAL_PIN_IN_FUNCTION(P7_0_SCB4_UART_RX)}, + {P8_0, UART_4, CYHAL_PIN_IN_FUNCTION(P8_0_SCB4_UART_RX)}, + {P9_0, UART_2, CYHAL_PIN_IN_FUNCTION(P9_0_SCB2_UART_RX)}, + {P10_0, UART_1, CYHAL_PIN_IN_FUNCTION(P10_0_SCB1_UART_RX)}, + {P11_0, UART_5, CYHAL_PIN_IN_FUNCTION(P11_0_SCB5_UART_RX)}, + {P12_0, UART_6, CYHAL_PIN_IN_FUNCTION(P12_0_SCB6_UART_RX)}, + {P13_0, UART_6, CYHAL_PIN_IN_FUNCTION(P13_0_SCB6_UART_RX)}, + {NC, NC, 0} +}; +const PinMap PinMap_UART_TX[] = { + {P0_3, UART_0, CYHAL_PIN_OUT_FUNCTION(P0_3_SCB0_UART_TX)}, + {P1_1, UART_7, CYHAL_PIN_OUT_FUNCTION(P1_1_SCB7_UART_TX)}, + {P2_1, UART_1, CYHAL_PIN_OUT_FUNCTION(P2_1_SCB1_UART_TX)}, + {P3_1, UART_2, CYHAL_PIN_OUT_FUNCTION(P3_1_SCB2_UART_TX)}, + {P4_1, UART_7, CYHAL_PIN_OUT_FUNCTION(P4_1_SCB7_UART_TX)}, + {P5_1, UART_5, CYHAL_PIN_OUT_FUNCTION(P5_1_SCB5_UART_TX)}, + {P6_1, UART_3, CYHAL_PIN_OUT_FUNCTION(P6_1_SCB3_UART_TX)}, + {P6_5, UART_6, CYHAL_PIN_OUT_FUNCTION(P6_5_SCB6_UART_TX)}, + {P7_1, UART_4, CYHAL_PIN_OUT_FUNCTION(P7_1_SCB4_UART_TX)}, + {P8_1, UART_4, CYHAL_PIN_OUT_FUNCTION(P8_1_SCB4_UART_TX)}, + {P9_1, UART_2, CYHAL_PIN_OUT_FUNCTION(P9_1_SCB2_UART_TX)}, + {P10_1, UART_1, CYHAL_PIN_OUT_FUNCTION(P10_1_SCB1_UART_TX)}, + {P11_1, UART_5, CYHAL_PIN_OUT_FUNCTION(P11_1_SCB5_UART_TX)}, + {P12_1, UART_6, CYHAL_PIN_OUT_FUNCTION(P12_1_SCB6_UART_TX)}, + {P13_1, UART_6, CYHAL_PIN_OUT_FUNCTION(P13_1_SCB6_UART_TX)}, + {NC, NC, 0} +}; +const PinMap PinMap_UART_RTS[] = { + {P0_4, UART_0, CYHAL_PIN_OUT_FUNCTION(P0_4_SCB0_UART_RTS)}, + {P1_2, UART_7, CYHAL_PIN_OUT_FUNCTION(P1_2_SCB7_UART_RTS)}, + {P2_2, UART_1, CYHAL_PIN_OUT_FUNCTION(P2_2_SCB1_UART_RTS)}, + {P3_2, UART_2, CYHAL_PIN_OUT_FUNCTION(P3_2_SCB2_UART_RTS)}, + {P5_2, UART_5, CYHAL_PIN_OUT_FUNCTION(P5_2_SCB5_UART_RTS)}, + {P6_2, UART_3, CYHAL_PIN_OUT_FUNCTION(P6_2_SCB3_UART_RTS)}, + {P6_6, UART_6, CYHAL_PIN_OUT_FUNCTION(P6_6_SCB6_UART_RTS)}, + {P7_2, UART_4, CYHAL_PIN_OUT_FUNCTION(P7_2_SCB4_UART_RTS)}, + {P8_2, UART_4, CYHAL_PIN_OUT_FUNCTION(P8_2_SCB4_UART_RTS)}, + {P9_2, UART_2, CYHAL_PIN_OUT_FUNCTION(P9_2_SCB2_UART_RTS)}, + {P10_2, UART_1, CYHAL_PIN_OUT_FUNCTION(P10_2_SCB1_UART_RTS)}, + {P11_2, UART_5, CYHAL_PIN_OUT_FUNCTION(P11_2_SCB5_UART_RTS)}, + {P12_2, UART_6, CYHAL_PIN_OUT_FUNCTION(P12_2_SCB6_UART_RTS)}, + {NC, NC, 0} +}; +const PinMap PinMap_UART_CTS[] = { + {P0_5, UART_0, CYHAL_PIN_IN_FUNCTION(P0_5_SCB0_UART_CTS)}, + {P1_3, UART_7, CYHAL_PIN_IN_FUNCTION(P1_3_SCB7_UART_CTS)}, + {P2_3, UART_1, CYHAL_PIN_IN_FUNCTION(P2_3_SCB1_UART_CTS)}, + {P3_3, UART_2, CYHAL_PIN_IN_FUNCTION(P3_3_SCB2_UART_CTS)}, + {P5_3, UART_5, CYHAL_PIN_IN_FUNCTION(P5_3_SCB5_UART_CTS)}, + {P6_3, UART_3, CYHAL_PIN_IN_FUNCTION(P6_3_SCB3_UART_CTS)}, + {P6_7, UART_6, CYHAL_PIN_IN_FUNCTION(P6_7_SCB6_UART_CTS)}, + {P7_3, UART_4, CYHAL_PIN_IN_FUNCTION(P7_3_SCB4_UART_CTS)}, + {P8_3, UART_4, CYHAL_PIN_IN_FUNCTION(P8_3_SCB4_UART_CTS)}, + {P9_3, UART_2, CYHAL_PIN_IN_FUNCTION(P9_3_SCB2_UART_CTS)}, + {P10_3, UART_1, CYHAL_PIN_IN_FUNCTION(P10_3_SCB1_UART_CTS)}, + {P11_3, UART_5, CYHAL_PIN_IN_FUNCTION(P11_3_SCB5_UART_CTS)}, + {P12_3, UART_6, CYHAL_PIN_IN_FUNCTION(P12_3_SCB6_UART_CTS)}, + {NC, NC, 0} +}; +#endif // DEVICE_SERIAL + + +#if DEVICE_I2C +//*** I2C *** +const PinMap PinMap_I2C_SCL[] = { + {P0_2, I2C_0, CYHAL_PIN_OD_FUNCTION(P0_2_SCB0_I2C_SCL)}, + {P1_0, I2C_7, CYHAL_PIN_OD_FUNCTION(P1_0_SCB7_I2C_SCL)}, + {P2_0, I2C_1, CYHAL_PIN_OD_FUNCTION(P2_0_SCB1_I2C_SCL)}, + {P3_0, I2C_2, CYHAL_PIN_OD_FUNCTION(P3_0_SCB2_I2C_SCL)}, + {P4_0, I2C_7, CYHAL_PIN_OD_FUNCTION(P4_0_SCB7_I2C_SCL)}, + {P5_0, I2C_5, CYHAL_PIN_OD_FUNCTION(P5_0_SCB5_I2C_SCL)}, + {P6_0, I2C_3, CYHAL_PIN_OD_FUNCTION(P6_0_SCB3_I2C_SCL)}, + {P6_0, I2C_8, CYHAL_PIN_OD_FUNCTION(P6_0_SCB8_I2C_SCL)}, + {P6_4, I2C_6, CYHAL_PIN_OD_FUNCTION(P6_4_SCB6_I2C_SCL)}, + {P6_4, I2C_8, CYHAL_PIN_OD_FUNCTION(P6_4_SCB8_I2C_SCL)}, + {P7_0, I2C_4, CYHAL_PIN_OD_FUNCTION(P7_0_SCB4_I2C_SCL)}, + {P8_0, I2C_4, CYHAL_PIN_OD_FUNCTION(P8_0_SCB4_I2C_SCL)}, + {P9_0, I2C_2, CYHAL_PIN_OD_FUNCTION(P9_0_SCB2_I2C_SCL)}, + {P10_0, I2C_1, CYHAL_PIN_OD_FUNCTION(P10_0_SCB1_I2C_SCL)}, + {P11_0, I2C_5, CYHAL_PIN_OD_FUNCTION(P11_0_SCB5_I2C_SCL)}, + {P12_0, I2C_6, CYHAL_PIN_OD_FUNCTION(P12_0_SCB6_I2C_SCL)}, + {P13_0, I2C_6, CYHAL_PIN_OD_FUNCTION(P13_0_SCB6_I2C_SCL)}, + {NC, NC, 0} +}; +const PinMap PinMap_I2C_SDA[] = { + {P0_3, I2C_0, CYHAL_PIN_OD_FUNCTION(P0_3_SCB0_I2C_SDA)}, + {P1_1, I2C_7, CYHAL_PIN_OD_FUNCTION(P1_1_SCB7_I2C_SDA)}, + {P2_1, I2C_1, CYHAL_PIN_OD_FUNCTION(P2_1_SCB1_I2C_SDA)}, + {P3_1, I2C_2, CYHAL_PIN_OD_FUNCTION(P3_1_SCB2_I2C_SDA)}, + {P4_1, I2C_7, CYHAL_PIN_OD_FUNCTION(P4_1_SCB7_I2C_SDA)}, + {P5_1, I2C_5, CYHAL_PIN_OD_FUNCTION(P5_1_SCB5_I2C_SDA)}, + {P6_1, I2C_3, CYHAL_PIN_OD_FUNCTION(P6_1_SCB3_I2C_SDA)}, + {P6_1, I2C_8, CYHAL_PIN_OD_FUNCTION(P6_1_SCB8_I2C_SDA)}, + {P6_5, I2C_6, CYHAL_PIN_OD_FUNCTION(P6_5_SCB6_I2C_SDA)}, + {P6_5, I2C_8, CYHAL_PIN_OD_FUNCTION(P6_5_SCB8_I2C_SDA)}, + {P7_1, I2C_4, CYHAL_PIN_OD_FUNCTION(P7_1_SCB4_I2C_SDA)}, + {P8_1, I2C_4, CYHAL_PIN_OD_FUNCTION(P8_1_SCB4_I2C_SDA)}, + {P9_1, I2C_2, CYHAL_PIN_OD_FUNCTION(P9_1_SCB2_I2C_SDA)}, + {P10_1, I2C_1, CYHAL_PIN_OD_FUNCTION(P10_1_SCB1_I2C_SDA)}, + {P11_1, I2C_5, CYHAL_PIN_OD_FUNCTION(P11_1_SCB5_I2C_SDA)}, + {P12_1, I2C_6, CYHAL_PIN_OD_FUNCTION(P12_1_SCB6_I2C_SDA)}, + {P13_1, I2C_6, CYHAL_PIN_OD_FUNCTION(P13_1_SCB6_I2C_SDA)}, + {NC, NC, 0} +}; +#endif // DEVICE_I2C + +#if DEVICE_SPI +//*** SPI *** +const PinMap PinMap_SPI_MOSI[] = { + {P0_2, SPI_0, CYHAL_PIN_OUT_FUNCTION(P0_2_SCB0_SPI_MOSI)}, + {P1_0, SPI_7, CYHAL_PIN_OUT_FUNCTION(P1_0_SCB7_SPI_MOSI)}, + {P2_0, SPI_1, CYHAL_PIN_OUT_FUNCTION(P2_0_SCB1_SPI_MOSI)}, + {P3_0, SPI_2, CYHAL_PIN_OUT_FUNCTION(P3_0_SCB2_SPI_MOSI)}, + {P4_0, SPI_7, CYHAL_PIN_OUT_FUNCTION(P4_0_SCB7_SPI_MOSI)}, + {P5_0, SPI_5, CYHAL_PIN_OUT_FUNCTION(P5_0_SCB5_SPI_MOSI)}, + {P6_0, SPI_3, CYHAL_PIN_OUT_FUNCTION(P6_0_SCB3_SPI_MOSI)}, + {P6_0, SPI_8, CYHAL_PIN_OUT_FUNCTION(P6_0_SCB8_SPI_MOSI)}, + {P6_4, SPI_6, CYHAL_PIN_OUT_FUNCTION(P6_4_SCB6_SPI_MOSI)}, + {P6_4, SPI_8, CYHAL_PIN_OUT_FUNCTION(P6_4_SCB8_SPI_MOSI)}, + {P7_0, SPI_4, CYHAL_PIN_OUT_FUNCTION(P7_0_SCB4_SPI_MOSI)}, + {P8_0, SPI_4, CYHAL_PIN_OUT_FUNCTION(P8_0_SCB4_SPI_MOSI)}, + {P9_0, SPI_2, CYHAL_PIN_OUT_FUNCTION(P9_0_SCB2_SPI_MOSI)}, + {P10_0, SPI_1, CYHAL_PIN_OUT_FUNCTION(P10_0_SCB1_SPI_MOSI)}, + {P11_0, SPI_5, CYHAL_PIN_OUT_FUNCTION(P11_0_SCB5_SPI_MOSI)}, + {P12_0, SPI_6, CYHAL_PIN_OUT_FUNCTION(P12_0_SCB6_SPI_MOSI)}, + {P13_0, SPI_6, CYHAL_PIN_OUT_FUNCTION(P13_0_SCB6_SPI_MOSI)}, + {NC, NC, 0} +}; +const PinMap PinMap_SPI_MISO[] = { + {P0_3, SPI_0, CYHAL_PIN_IN_FUNCTION(P0_3_SCB0_SPI_MISO)}, + {P1_1, SPI_7, CYHAL_PIN_IN_FUNCTION(P1_1_SCB7_SPI_MISO)}, + {P2_1, SPI_1, CYHAL_PIN_IN_FUNCTION(P2_1_SCB1_SPI_MISO)}, + {P3_1, SPI_2, CYHAL_PIN_IN_FUNCTION(P3_1_SCB2_SPI_MISO)}, + {P4_1, SPI_7, CYHAL_PIN_IN_FUNCTION(P4_1_SCB7_SPI_MISO)}, + {P5_1, SPI_5, CYHAL_PIN_IN_FUNCTION(P5_1_SCB5_SPI_MISO)}, + {P6_1, SPI_3, CYHAL_PIN_IN_FUNCTION(P6_1_SCB3_SPI_MISO)}, + {P6_1, SPI_8, CYHAL_PIN_IN_FUNCTION(P6_1_SCB8_SPI_MISO)}, + {P6_5, SPI_6, CYHAL_PIN_IN_FUNCTION(P6_5_SCB6_SPI_MISO)}, + {P6_5, SPI_8, CYHAL_PIN_IN_FUNCTION(P6_5_SCB8_SPI_MISO)}, + {P7_1, SPI_4, CYHAL_PIN_IN_FUNCTION(P7_1_SCB4_SPI_MISO)}, + {P8_1, SPI_4, CYHAL_PIN_IN_FUNCTION(P8_1_SCB4_SPI_MISO)}, + {P9_1, SPI_2, CYHAL_PIN_IN_FUNCTION(P9_1_SCB2_SPI_MISO)}, + {P10_1, SPI_1, CYHAL_PIN_IN_FUNCTION(P10_1_SCB1_SPI_MISO)}, + {P11_1, SPI_5, CYHAL_PIN_IN_FUNCTION(P11_1_SCB5_SPI_MISO)}, + {P12_1, SPI_6, CYHAL_PIN_IN_FUNCTION(P12_1_SCB6_SPI_MISO)}, + {P13_1, SPI_6, CYHAL_PIN_IN_FUNCTION(P13_1_SCB6_SPI_MISO)}, + {NC, NC, 0} +}; +const PinMap PinMap_SPI_SCLK[] = { + {P0_4, SPI_0, CYHAL_PIN_OUT_FUNCTION(P0_4_SCB0_SPI_CLK)}, + {P1_2, SPI_7, CYHAL_PIN_OUT_FUNCTION(P1_2_SCB7_SPI_CLK)}, + {P2_2, SPI_1, CYHAL_PIN_OUT_FUNCTION(P2_2_SCB1_SPI_CLK)}, + {P3_2, SPI_2, CYHAL_PIN_OUT_FUNCTION(P3_2_SCB2_SPI_CLK)}, + {P5_2, SPI_5, CYHAL_PIN_OUT_FUNCTION(P5_2_SCB5_SPI_CLK)}, + {P6_2, SPI_3, CYHAL_PIN_OUT_FUNCTION(P6_2_SCB3_SPI_CLK)}, + {P6_2, SPI_8, CYHAL_PIN_OUT_FUNCTION(P6_2_SCB8_SPI_CLK)}, + {P6_6, SPI_6, CYHAL_PIN_OUT_FUNCTION(P6_6_SCB6_SPI_CLK)}, + {P6_6, SPI_8, CYHAL_PIN_OUT_FUNCTION(P6_6_SCB8_SPI_CLK)}, + {P7_2, SPI_4, CYHAL_PIN_OUT_FUNCTION(P7_2_SCB4_SPI_CLK)}, + {P8_2, SPI_4, CYHAL_PIN_OUT_FUNCTION(P8_2_SCB4_SPI_CLK)}, + {P9_2, SPI_2, CYHAL_PIN_OUT_FUNCTION(P9_2_SCB2_SPI_CLK)}, + {P10_2, SPI_1, CYHAL_PIN_OUT_FUNCTION(P10_2_SCB1_SPI_CLK)}, + {P11_2, SPI_5, CYHAL_PIN_OUT_FUNCTION(P11_2_SCB5_SPI_CLK)}, + {P12_2, SPI_6, CYHAL_PIN_OUT_FUNCTION(P12_2_SCB6_SPI_CLK)}, + {NC, NC, 0} +}; +const PinMap PinMap_SPI_SSEL[] = { + {P0_5, SPI_0, CYHAL_PIN_OUT_FUNCTION(P0_5_SCB0_SPI_SELECT0)}, + {P1_3, SPI_7, CYHAL_PIN_OUT_FUNCTION(P1_3_SCB7_SPI_SELECT0)}, + {P2_3, SPI_1, CYHAL_PIN_OUT_FUNCTION(P2_3_SCB1_SPI_SELECT0)}, + {P3_3, SPI_2, CYHAL_PIN_OUT_FUNCTION(P3_3_SCB2_SPI_SELECT0)}, + {P5_3, SPI_5, CYHAL_PIN_OUT_FUNCTION(P5_3_SCB5_SPI_SELECT0)}, + {P6_3, SPI_3, CYHAL_PIN_OUT_FUNCTION(P6_3_SCB3_SPI_SELECT0)}, + {P6_3, SPI_8, CYHAL_PIN_OUT_FUNCTION(P6_3_SCB8_SPI_SELECT0)}, + {P6_7, SPI_6, CYHAL_PIN_OUT_FUNCTION(P6_7_SCB6_SPI_SELECT0)}, + {P6_7, SPI_8, CYHAL_PIN_OUT_FUNCTION(P6_7_SCB8_SPI_SELECT0)}, + {P7_3, SPI_4, CYHAL_PIN_OUT_FUNCTION(P7_3_SCB4_SPI_SELECT0)}, + {P8_3, SPI_4, CYHAL_PIN_OUT_FUNCTION(P8_3_SCB4_SPI_SELECT0)}, + {P9_3, SPI_2, CYHAL_PIN_OUT_FUNCTION(P9_3_SCB2_SPI_SELECT0)}, + {P10_3, SPI_1, CYHAL_PIN_OUT_FUNCTION(P10_3_SCB1_SPI_SELECT0)}, + {P11_3, SPI_5, CYHAL_PIN_OUT_FUNCTION(P11_3_SCB5_SPI_SELECT0)}, + {P12_3, SPI_6, CYHAL_PIN_OUT_FUNCTION(P12_3_SCB6_SPI_SELECT0)}, + {NC, NC, 0} +}; +#endif // DEVICE_SPI + +#if DEVICE_PWMOUT +//*** PWM *** +const PinMap PinMap_PWM_OUT[] = { + // 16-bit PWM outputs + {P0_0, PWM_16b_0, CYHAL_PIN_OUT_FUNCTION(P0_0_TCPWM1_LINE0)}, + {P0_2, PWM_16b_1, CYHAL_PIN_OUT_FUNCTION(P0_2_TCPWM1_LINE1)}, + {P0_4, PWM_16b_2, CYHAL_PIN_OUT_FUNCTION(P0_4_TCPWM1_LINE2)}, + {P1_0, PWM_16b_3, CYHAL_PIN_OUT_FUNCTION(P1_0_TCPWM1_LINE3)}, + {P1_2, PWM_16b_12, CYHAL_PIN_OUT_FUNCTION(P1_2_TCPWM1_LINE12)}, + {P1_4, PWM_16b_13, CYHAL_PIN_OUT_FUNCTION(P1_4_TCPWM1_LINE13)}, + {P2_0, PWM_16b_15, CYHAL_PIN_OUT_FUNCTION(P2_0_TCPWM1_LINE15)}, + {P2_2, PWM_16b_16, CYHAL_PIN_OUT_FUNCTION(P2_2_TCPWM1_LINE16)}, + {P2_4, PWM_16b_17, CYHAL_PIN_OUT_FUNCTION(P2_4_TCPWM1_LINE17)}, + {P2_6, PWM_16b_18, CYHAL_PIN_OUT_FUNCTION(P2_6_TCPWM1_LINE18)}, + {P3_0, PWM_16b_19, CYHAL_PIN_OUT_FUNCTION(P3_0_TCPWM1_LINE19)}, + {P3_2, PWM_16b_20, CYHAL_PIN_OUT_FUNCTION(P3_2_TCPWM1_LINE20)}, + {P3_4, PWM_16b_21, CYHAL_PIN_OUT_FUNCTION(P3_4_TCPWM1_LINE21)}, + {P4_0, PWM_16b_22, CYHAL_PIN_OUT_FUNCTION(P4_0_TCPWM1_LINE22)}, + {P5_0, PWM_16b_4, CYHAL_PIN_OUT_FUNCTION(P5_0_TCPWM1_LINE4)}, + {P5_2, PWM_16b_5, CYHAL_PIN_OUT_FUNCTION(P5_2_TCPWM1_LINE5)}, + {P5_4, PWM_16b_6, CYHAL_PIN_OUT_FUNCTION(P5_4_TCPWM1_LINE6)}, + {P5_6, PWM_16b_7, CYHAL_PIN_OUT_FUNCTION(P5_6_TCPWM1_LINE7)}, + {P6_0, PWM_16b_8, CYHAL_PIN_OUT_FUNCTION(P6_0_TCPWM1_LINE8)}, + {P6_2, PWM_16b_9, CYHAL_PIN_OUT_FUNCTION(P6_2_TCPWM1_LINE9)}, + {P6_4, PWM_16b_10, CYHAL_PIN_OUT_FUNCTION(P6_4_TCPWM1_LINE10)}, + {P6_6, PWM_16b_11, CYHAL_PIN_OUT_FUNCTION(P6_6_TCPWM1_LINE11)}, + {P7_0, PWM_16b_12, CYHAL_PIN_OUT_FUNCTION(P7_0_TCPWM1_LINE12)}, + {P7_2, PWM_16b_13, CYHAL_PIN_OUT_FUNCTION(P7_2_TCPWM1_LINE13)}, + {P7_4, PWM_16b_14, CYHAL_PIN_OUT_FUNCTION(P7_4_TCPWM1_LINE14)}, + {P7_6, PWM_16b_15, CYHAL_PIN_OUT_FUNCTION(P7_6_TCPWM1_LINE15)}, + {P8_0, PWM_16b_16, CYHAL_PIN_OUT_FUNCTION(P8_0_TCPWM1_LINE16)}, + {P8_2, PWM_16b_17, CYHAL_PIN_OUT_FUNCTION(P8_2_TCPWM1_LINE17)}, + {P8_4, PWM_16b_18, CYHAL_PIN_OUT_FUNCTION(P8_4_TCPWM1_LINE18)}, + {P8_6, PWM_16b_19, CYHAL_PIN_OUT_FUNCTION(P8_6_TCPWM1_LINE19)}, + {P9_0, PWM_16b_20, CYHAL_PIN_OUT_FUNCTION(P9_0_TCPWM1_LINE20)}, + {P9_2, PWM_16b_21, CYHAL_PIN_OUT_FUNCTION(P9_2_TCPWM1_LINE21)}, + {P9_4, PWM_16b_0, CYHAL_PIN_OUT_FUNCTION(P9_4_TCPWM1_LINE0)}, + {P9_6, PWM_16b_1, CYHAL_PIN_OUT_FUNCTION(P9_6_TCPWM1_LINE1)}, + {P10_0, PWM_16b_22, CYHAL_PIN_OUT_FUNCTION(P10_0_TCPWM1_LINE22)}, + {P10_2, PWM_16b_23, CYHAL_PIN_OUT_FUNCTION(P10_2_TCPWM1_LINE23)}, + {P10_4, PWM_16b_0, CYHAL_PIN_OUT_FUNCTION(P10_4_TCPWM1_LINE0)}, + {P10_6, PWM_16b_2, CYHAL_PIN_OUT_FUNCTION(P10_6_TCPWM1_LINE2)}, + {P11_0, PWM_16b_1, CYHAL_PIN_OUT_FUNCTION(P11_0_TCPWM1_LINE1)}, + {P11_2, PWM_16b_2, CYHAL_PIN_OUT_FUNCTION(P11_2_TCPWM1_LINE2)}, + {P11_4, PWM_16b_3, CYHAL_PIN_OUT_FUNCTION(P11_4_TCPWM1_LINE3)}, + {P12_0, PWM_16b_4, CYHAL_PIN_OUT_FUNCTION(P12_0_TCPWM1_LINE4)}, + {P12_2, PWM_16b_5, CYHAL_PIN_OUT_FUNCTION(P12_2_TCPWM1_LINE5)}, + {P12_4, PWM_16b_6, CYHAL_PIN_OUT_FUNCTION(P12_4_TCPWM1_LINE6)}, + {P12_6, PWM_16b_7, CYHAL_PIN_OUT_FUNCTION(P12_6_TCPWM1_LINE7)}, + {P13_0, PWM_16b_8, CYHAL_PIN_OUT_FUNCTION(P13_0_TCPWM1_LINE8)}, + {P13_2, PWM_16b_9, CYHAL_PIN_OUT_FUNCTION(P13_2_TCPWM1_LINE9)}, + {P13_4, PWM_16b_10, CYHAL_PIN_OUT_FUNCTION(P13_4_TCPWM1_LINE10)}, + {P13_6, PWM_16b_11, CYHAL_PIN_OUT_FUNCTION(P13_6_TCPWM1_LINE11)}, + // 16-bit PWM inverted outputs + {P0_1, PWM_16b_0, CYHAL_PIN_OUT_FUNCTION(P0_1_TCPWM1_LINE_COMPL0)}, + {P0_3, PWM_16b_1, CYHAL_PIN_OUT_FUNCTION(P0_3_TCPWM1_LINE_COMPL1)}, + {P0_5, PWM_16b_2, CYHAL_PIN_OUT_FUNCTION(P0_5_TCPWM1_LINE_COMPL2)}, + {P1_1, PWM_16b_3, CYHAL_PIN_OUT_FUNCTION(P1_1_TCPWM1_LINE_COMPL3)}, + {P1_3, PWM_16b_12, CYHAL_PIN_OUT_FUNCTION(P1_3_TCPWM1_LINE_COMPL12)}, + {P1_5, PWM_16b_14, CYHAL_PIN_OUT_FUNCTION(P1_5_TCPWM1_LINE_COMPL14)}, + {P2_1, PWM_16b_15, CYHAL_PIN_OUT_FUNCTION(P2_1_TCPWM1_LINE_COMPL15)}, + {P2_3, PWM_16b_16, CYHAL_PIN_OUT_FUNCTION(P2_3_TCPWM1_LINE_COMPL16)}, + {P2_5, PWM_16b_17, CYHAL_PIN_OUT_FUNCTION(P2_5_TCPWM1_LINE_COMPL17)}, + {P2_7, PWM_16b_18, CYHAL_PIN_OUT_FUNCTION(P2_7_TCPWM1_LINE_COMPL18)}, + {P3_1, PWM_16b_19, CYHAL_PIN_OUT_FUNCTION(P3_1_TCPWM1_LINE_COMPL19)}, + {P3_3, PWM_16b_20, CYHAL_PIN_OUT_FUNCTION(P3_3_TCPWM1_LINE_COMPL20)}, + {P3_5, PWM_16b_21, CYHAL_PIN_OUT_FUNCTION(P3_5_TCPWM1_LINE_COMPL21)}, + {P4_1, PWM_16b_22, CYHAL_PIN_OUT_FUNCTION(P4_1_TCPWM1_LINE_COMPL22)}, + {P5_1, PWM_16b_4, CYHAL_PIN_OUT_FUNCTION(P5_1_TCPWM1_LINE_COMPL4)}, + {P5_3, PWM_16b_5, CYHAL_PIN_OUT_FUNCTION(P5_3_TCPWM1_LINE_COMPL5)}, + {P5_5, PWM_16b_6, CYHAL_PIN_OUT_FUNCTION(P5_5_TCPWM1_LINE_COMPL6)}, + {P5_7, PWM_16b_7, CYHAL_PIN_OUT_FUNCTION(P5_7_TCPWM1_LINE_COMPL7)}, + {P6_1, PWM_16b_8, CYHAL_PIN_OUT_FUNCTION(P6_1_TCPWM1_LINE_COMPL8)}, + {P6_3, PWM_16b_9, CYHAL_PIN_OUT_FUNCTION(P6_3_TCPWM1_LINE_COMPL9)}, + {P6_5, PWM_16b_10, CYHAL_PIN_OUT_FUNCTION(P6_5_TCPWM1_LINE_COMPL10)}, + {P6_7, PWM_16b_11, CYHAL_PIN_OUT_FUNCTION(P6_7_TCPWM1_LINE_COMPL11)}, + {P7_1, PWM_16b_12, CYHAL_PIN_OUT_FUNCTION(P7_1_TCPWM1_LINE_COMPL12)}, + {P7_3, PWM_16b_13, CYHAL_PIN_OUT_FUNCTION(P7_3_TCPWM1_LINE_COMPL13)}, + {P7_5, PWM_16b_14, CYHAL_PIN_OUT_FUNCTION(P7_5_TCPWM1_LINE_COMPL14)}, + {P7_7, PWM_16b_15, CYHAL_PIN_OUT_FUNCTION(P7_7_TCPWM1_LINE_COMPL15)}, + {P8_1, PWM_16b_16, CYHAL_PIN_OUT_FUNCTION(P8_1_TCPWM1_LINE_COMPL16)}, + {P8_3, PWM_16b_17, CYHAL_PIN_OUT_FUNCTION(P8_3_TCPWM1_LINE_COMPL17)}, + {P8_5, PWM_16b_18, CYHAL_PIN_OUT_FUNCTION(P8_5_TCPWM1_LINE_COMPL18)}, + {P8_7, PWM_16b_19, CYHAL_PIN_OUT_FUNCTION(P8_7_TCPWM1_LINE_COMPL19)}, + {P9_1, PWM_16b_20, CYHAL_PIN_OUT_FUNCTION(P9_1_TCPWM1_LINE_COMPL20)}, + {P9_3, PWM_16b_21, CYHAL_PIN_OUT_FUNCTION(P9_3_TCPWM1_LINE_COMPL21)}, + {P9_5, PWM_16b_0, CYHAL_PIN_OUT_FUNCTION(P9_5_TCPWM1_LINE_COMPL0)}, + {P9_7, PWM_16b_1, CYHAL_PIN_OUT_FUNCTION(P9_7_TCPWM1_LINE_COMPL1)}, + {P10_1, PWM_16b_22, CYHAL_PIN_OUT_FUNCTION(P10_1_TCPWM1_LINE_COMPL22)}, + {P10_3, PWM_16b_23, CYHAL_PIN_OUT_FUNCTION(P10_3_TCPWM1_LINE_COMPL23)}, + {P10_5, PWM_16b_0, CYHAL_PIN_OUT_FUNCTION(P10_5_TCPWM1_LINE_COMPL0)}, + {P10_7, PWM_16b_2, CYHAL_PIN_OUT_FUNCTION(P10_7_TCPWM1_LINE_COMPL2)}, + {P11_1, PWM_16b_1, CYHAL_PIN_OUT_FUNCTION(P11_1_TCPWM1_LINE_COMPL1)}, + {P11_3, PWM_16b_2, CYHAL_PIN_OUT_FUNCTION(P11_3_TCPWM1_LINE_COMPL2)}, + {P11_5, PWM_16b_3, CYHAL_PIN_OUT_FUNCTION(P11_5_TCPWM1_LINE_COMPL3)}, + {P12_1, PWM_16b_4, CYHAL_PIN_OUT_FUNCTION(P12_1_TCPWM1_LINE_COMPL4)}, + {P12_3, PWM_16b_5, CYHAL_PIN_OUT_FUNCTION(P12_3_TCPWM1_LINE_COMPL5)}, + {P12_5, PWM_16b_6, CYHAL_PIN_OUT_FUNCTION(P12_5_TCPWM1_LINE_COMPL6)}, + {P12_7, PWM_16b_7, CYHAL_PIN_OUT_FUNCTION(P12_7_TCPWM1_LINE_COMPL7)}, + {P13_1, PWM_16b_8, CYHAL_PIN_OUT_FUNCTION(P13_1_TCPWM1_LINE_COMPL8)}, + {P13_3, PWM_16b_9, CYHAL_PIN_OUT_FUNCTION(P13_3_TCPWM1_LINE_COMPL9)}, + {P13_5, PWM_16b_10, CYHAL_PIN_OUT_FUNCTION(P13_5_TCPWM1_LINE_COMPL10)}, + {P13_7, PWM_16b_11, CYHAL_PIN_OUT_FUNCTION(P13_7_TCPWM1_LINE_COMPL11)}, + // 32-bit PWM outputs + {P0_0, PWM_32b_0, CYHAL_PIN_OUT_FUNCTION(P0_0_TCPWM0_LINE0)}, + {P0_2, PWM_32b_1, CYHAL_PIN_OUT_FUNCTION(P0_2_TCPWM0_LINE1)}, + {P0_4, PWM_32b_2, CYHAL_PIN_OUT_FUNCTION(P0_4_TCPWM0_LINE2)}, + {P1_0, PWM_32b_3, CYHAL_PIN_OUT_FUNCTION(P1_0_TCPWM0_LINE3)}, + {P1_2, PWM_32b_4, CYHAL_PIN_OUT_FUNCTION(P1_2_TCPWM0_LINE4)}, + {P1_4, PWM_32b_5, CYHAL_PIN_OUT_FUNCTION(P1_4_TCPWM0_LINE5)}, + {P2_0, PWM_32b_6, CYHAL_PIN_OUT_FUNCTION(P2_0_TCPWM0_LINE6)}, + {P2_2, PWM_32b_7, CYHAL_PIN_OUT_FUNCTION(P2_2_TCPWM0_LINE7)}, + {P2_4, PWM_32b_0, CYHAL_PIN_OUT_FUNCTION(P2_4_TCPWM0_LINE0)}, + {P2_6, PWM_32b_1, CYHAL_PIN_OUT_FUNCTION(P2_6_TCPWM0_LINE1)}, + {P3_0, PWM_32b_2, CYHAL_PIN_OUT_FUNCTION(P3_0_TCPWM0_LINE2)}, + {P3_2, PWM_32b_3, CYHAL_PIN_OUT_FUNCTION(P3_2_TCPWM0_LINE3)}, + {P3_4, PWM_32b_4, CYHAL_PIN_OUT_FUNCTION(P3_4_TCPWM0_LINE4)}, + {P4_0, PWM_32b_5, CYHAL_PIN_OUT_FUNCTION(P4_0_TCPWM0_LINE5)}, + {P5_0, PWM_32b_4, CYHAL_PIN_OUT_FUNCTION(P5_0_TCPWM0_LINE4)}, + {P5_2, PWM_32b_5, CYHAL_PIN_OUT_FUNCTION(P5_2_TCPWM0_LINE5)}, + {P5_4, PWM_32b_6, CYHAL_PIN_OUT_FUNCTION(P5_4_TCPWM0_LINE6)}, + {P5_6, PWM_32b_7, CYHAL_PIN_OUT_FUNCTION(P5_6_TCPWM0_LINE7)}, + {P6_0, PWM_32b_0, CYHAL_PIN_OUT_FUNCTION(P6_0_TCPWM0_LINE0)}, + {P6_2, PWM_32b_1, CYHAL_PIN_OUT_FUNCTION(P6_2_TCPWM0_LINE1)}, + {P6_4, PWM_32b_2, CYHAL_PIN_OUT_FUNCTION(P6_4_TCPWM0_LINE2)}, + {P6_6, PWM_32b_3, CYHAL_PIN_OUT_FUNCTION(P6_6_TCPWM0_LINE3)}, + {P7_0, PWM_32b_4, CYHAL_PIN_OUT_FUNCTION(P7_0_TCPWM0_LINE4)}, + {P7_2, PWM_32b_5, CYHAL_PIN_OUT_FUNCTION(P7_2_TCPWM0_LINE5)}, + {P7_4, PWM_32b_6, CYHAL_PIN_OUT_FUNCTION(P7_4_TCPWM0_LINE6)}, + {P7_6, PWM_32b_7, CYHAL_PIN_OUT_FUNCTION(P7_6_TCPWM0_LINE7)}, + {P8_0, PWM_32b_0, CYHAL_PIN_OUT_FUNCTION(P8_0_TCPWM0_LINE0)}, + {P8_2, PWM_32b_1, CYHAL_PIN_OUT_FUNCTION(P8_2_TCPWM0_LINE1)}, + {P8_4, PWM_32b_2, CYHAL_PIN_OUT_FUNCTION(P8_4_TCPWM0_LINE2)}, + {P8_6, PWM_32b_3, CYHAL_PIN_OUT_FUNCTION(P8_6_TCPWM0_LINE3)}, + {P9_0, PWM_32b_4, CYHAL_PIN_OUT_FUNCTION(P9_0_TCPWM0_LINE4)}, + {P9_2, PWM_32b_5, CYHAL_PIN_OUT_FUNCTION(P9_2_TCPWM0_LINE5)}, + {P9_4, PWM_32b_7, CYHAL_PIN_OUT_FUNCTION(P9_4_TCPWM0_LINE7)}, + {P9_6, PWM_32b_0, CYHAL_PIN_OUT_FUNCTION(P9_6_TCPWM0_LINE0)}, + {P10_0, PWM_32b_6, CYHAL_PIN_OUT_FUNCTION(P10_0_TCPWM0_LINE6)}, + {P10_2, PWM_32b_7, CYHAL_PIN_OUT_FUNCTION(P10_2_TCPWM0_LINE7)}, + {P10_4, PWM_32b_0, CYHAL_PIN_OUT_FUNCTION(P10_4_TCPWM0_LINE0)}, + {P10_6, PWM_32b_1, CYHAL_PIN_OUT_FUNCTION(P10_6_TCPWM0_LINE1)}, + {P11_0, PWM_32b_1, CYHAL_PIN_OUT_FUNCTION(P11_0_TCPWM0_LINE1)}, + {P11_2, PWM_32b_2, CYHAL_PIN_OUT_FUNCTION(P11_2_TCPWM0_LINE2)}, + {P11_4, PWM_32b_3, CYHAL_PIN_OUT_FUNCTION(P11_4_TCPWM0_LINE3)}, + {P12_0, PWM_32b_4, CYHAL_PIN_OUT_FUNCTION(P12_0_TCPWM0_LINE4)}, + {P12_2, PWM_32b_5, CYHAL_PIN_OUT_FUNCTION(P12_2_TCPWM0_LINE5)}, + {P12_4, PWM_32b_6, CYHAL_PIN_OUT_FUNCTION(P12_4_TCPWM0_LINE6)}, + {P12_6, PWM_32b_7, CYHAL_PIN_OUT_FUNCTION(P12_6_TCPWM0_LINE7)}, + {P13_0, PWM_32b_0, CYHAL_PIN_OUT_FUNCTION(P13_0_TCPWM0_LINE0)}, + {P13_2, PWM_32b_1, CYHAL_PIN_OUT_FUNCTION(P13_2_TCPWM0_LINE1)}, + {P13_4, PWM_32b_2, CYHAL_PIN_OUT_FUNCTION(P13_4_TCPWM0_LINE2)}, + {P13_6, PWM_32b_3, CYHAL_PIN_OUT_FUNCTION(P13_6_TCPWM0_LINE3)}, + // 32-bit PWM inverted outputs + {P0_1, PWM_32b_0, CYHAL_PIN_OUT_FUNCTION(P0_1_TCPWM0_LINE_COMPL0)}, + {P0_3, PWM_32b_1, CYHAL_PIN_OUT_FUNCTION(P0_3_TCPWM0_LINE_COMPL1)}, + {P0_5, PWM_32b_2, CYHAL_PIN_OUT_FUNCTION(P0_5_TCPWM0_LINE_COMPL2)}, + {P1_1, PWM_32b_3, CYHAL_PIN_OUT_FUNCTION(P1_1_TCPWM0_LINE_COMPL3)}, + {P1_3, PWM_32b_4, CYHAL_PIN_OUT_FUNCTION(P1_3_TCPWM0_LINE_COMPL4)}, + {P1_5, PWM_32b_5, CYHAL_PIN_OUT_FUNCTION(P1_5_TCPWM0_LINE_COMPL5)}, + {P2_1, PWM_32b_6, CYHAL_PIN_OUT_FUNCTION(P2_1_TCPWM0_LINE_COMPL6)}, + {P2_3, PWM_32b_7, CYHAL_PIN_OUT_FUNCTION(P2_3_TCPWM0_LINE_COMPL7)}, + {P2_5, PWM_32b_0, CYHAL_PIN_OUT_FUNCTION(P2_5_TCPWM0_LINE_COMPL0)}, + {P2_7, PWM_32b_1, CYHAL_PIN_OUT_FUNCTION(P2_7_TCPWM0_LINE_COMPL1)}, + {P3_1, PWM_32b_2, CYHAL_PIN_OUT_FUNCTION(P3_1_TCPWM0_LINE_COMPL2)}, + {P3_3, PWM_32b_3, CYHAL_PIN_OUT_FUNCTION(P3_3_TCPWM0_LINE_COMPL3)}, + {P3_5, PWM_32b_4, CYHAL_PIN_OUT_FUNCTION(P3_5_TCPWM0_LINE_COMPL4)}, + {P4_1, PWM_32b_5, CYHAL_PIN_OUT_FUNCTION(P4_1_TCPWM0_LINE_COMPL5)}, + {P5_1, PWM_32b_4, CYHAL_PIN_OUT_FUNCTION(P5_1_TCPWM0_LINE_COMPL4)}, + {P5_3, PWM_32b_5, CYHAL_PIN_OUT_FUNCTION(P5_3_TCPWM0_LINE_COMPL5)}, + {P5_5, PWM_32b_6, CYHAL_PIN_OUT_FUNCTION(P5_5_TCPWM0_LINE_COMPL6)}, + {P5_7, PWM_32b_7, CYHAL_PIN_OUT_FUNCTION(P5_7_TCPWM0_LINE_COMPL7)}, + {P6_1, PWM_32b_0, CYHAL_PIN_OUT_FUNCTION(P6_1_TCPWM0_LINE_COMPL0)}, + {P6_3, PWM_32b_1, CYHAL_PIN_OUT_FUNCTION(P6_3_TCPWM0_LINE_COMPL1)}, + {P6_5, PWM_32b_2, CYHAL_PIN_OUT_FUNCTION(P6_5_TCPWM0_LINE_COMPL2)}, + {P6_7, PWM_32b_3, CYHAL_PIN_OUT_FUNCTION(P6_7_TCPWM0_LINE_COMPL3)}, + {P7_1, PWM_32b_4, CYHAL_PIN_OUT_FUNCTION(P7_1_TCPWM0_LINE_COMPL4)}, + {P7_3, PWM_32b_5, CYHAL_PIN_OUT_FUNCTION(P7_3_TCPWM0_LINE_COMPL5)}, + {P7_5, PWM_32b_6, CYHAL_PIN_OUT_FUNCTION(P7_5_TCPWM0_LINE_COMPL6)}, + {P7_7, PWM_32b_7, CYHAL_PIN_OUT_FUNCTION(P7_7_TCPWM0_LINE_COMPL7)}, + {P8_1, PWM_32b_0, CYHAL_PIN_OUT_FUNCTION(P8_1_TCPWM0_LINE_COMPL0)}, + {P8_3, PWM_32b_1, CYHAL_PIN_OUT_FUNCTION(P8_3_TCPWM0_LINE_COMPL1)}, + {P8_5, PWM_32b_2, CYHAL_PIN_OUT_FUNCTION(P8_5_TCPWM0_LINE_COMPL2)}, + {P8_7, PWM_32b_3, CYHAL_PIN_OUT_FUNCTION(P8_7_TCPWM0_LINE_COMPL3)}, + {P9_1, PWM_32b_4, CYHAL_PIN_OUT_FUNCTION(P9_1_TCPWM0_LINE_COMPL4)}, + {P9_3, PWM_32b_5, CYHAL_PIN_OUT_FUNCTION(P9_3_TCPWM0_LINE_COMPL5)}, + {P9_5, PWM_32b_7, CYHAL_PIN_OUT_FUNCTION(P9_5_TCPWM0_LINE_COMPL7)}, + {P9_7, PWM_32b_0, CYHAL_PIN_OUT_FUNCTION(P9_7_TCPWM0_LINE_COMPL0)}, + {P10_1, PWM_32b_6, CYHAL_PIN_OUT_FUNCTION(P10_1_TCPWM0_LINE_COMPL6)}, + {P10_3, PWM_32b_7, CYHAL_PIN_OUT_FUNCTION(P10_3_TCPWM0_LINE_COMPL7)}, + {P10_5, PWM_32b_0, CYHAL_PIN_OUT_FUNCTION(P10_5_TCPWM0_LINE_COMPL0)}, + {P10_7, PWM_32b_1, CYHAL_PIN_OUT_FUNCTION(P10_7_TCPWM0_LINE_COMPL1)}, + {P11_1, PWM_32b_1, CYHAL_PIN_OUT_FUNCTION(P11_1_TCPWM0_LINE_COMPL1)}, + {P11_3, PWM_32b_2, CYHAL_PIN_OUT_FUNCTION(P11_3_TCPWM0_LINE_COMPL2)}, + {P11_5, PWM_32b_3, CYHAL_PIN_OUT_FUNCTION(P11_5_TCPWM0_LINE_COMPL3)}, + {P12_1, PWM_32b_4, CYHAL_PIN_OUT_FUNCTION(P12_1_TCPWM0_LINE_COMPL4)}, + {P12_3, PWM_32b_5, CYHAL_PIN_OUT_FUNCTION(P12_3_TCPWM0_LINE_COMPL5)}, + {P12_5, PWM_32b_6, CYHAL_PIN_OUT_FUNCTION(P12_5_TCPWM0_LINE_COMPL6)}, + {P12_7, PWM_32b_7, CYHAL_PIN_OUT_FUNCTION(P12_7_TCPWM0_LINE_COMPL7)}, + {P13_1, PWM_32b_0, CYHAL_PIN_OUT_FUNCTION(P13_1_TCPWM0_LINE_COMPL0)}, + {P13_3, PWM_32b_1, CYHAL_PIN_OUT_FUNCTION(P13_3_TCPWM0_LINE_COMPL1)}, + {P13_5, PWM_32b_2, CYHAL_PIN_OUT_FUNCTION(P13_5_TCPWM0_LINE_COMPL2)}, + {P13_7, PWM_32b_3, CYHAL_PIN_OUT_FUNCTION(P13_7_TCPWM0_LINE_COMPL3)}, + {NC, NC, 0} +}; +#endif // DEVICE_PWMOUT + +#if DEVICE_ANALOGIN +const PinMap PinMap_ADC[] = { + {P10_0, ADC_0, CYHAL_PIN_ANALOG_FUNCTION(HSIOM_SEL_GPIO)}, + {P10_1, ADC_0, CYHAL_PIN_ANALOG_FUNCTION(HSIOM_SEL_GPIO)}, + {P10_2, ADC_0, CYHAL_PIN_ANALOG_FUNCTION(HSIOM_SEL_GPIO)}, + {P10_3, ADC_0, CYHAL_PIN_ANALOG_FUNCTION(HSIOM_SEL_GPIO)}, + {P10_4, ADC_0, CYHAL_PIN_ANALOG_FUNCTION(HSIOM_SEL_GPIO)}, + {P10_5, ADC_0, CYHAL_PIN_ANALOG_FUNCTION(HSIOM_SEL_GPIO)}, + {P10_6, ADC_0, CYHAL_PIN_ANALOG_FUNCTION(HSIOM_SEL_GPIO)}, + {P10_7, ADC_0, CYHAL_PIN_ANALOG_FUNCTION(HSIOM_SEL_GPIO)}, + {NC, NC, 0} +}; +#endif // DEVICE_ANALOGIN + +#if DEVICE_QSPI +const PinMap PinMap_QSPI_SCLK[] = { + {P11_7, QSPI_0, CY_GPIO_CFG_CREATE(P11_7_SMIF_SPI_CLK, CY_GPIO_DM_STRONG_IN_OFF)}, + {NC, NC, 0}, +}; +const PinMap PinMap_QSPI_SSEL[] = { + {P11_2, QSPI_0, CY_GPIO_CFG_CREATE(P11_2_SMIF_SPI_SELECT0, CY_GPIO_DM_STRONG_IN_OFF)}, + {NC, NC, 0}, +}; +const PinMap PinMap_QSPI_DATA0[] = { + {P11_6, QSPI_0, CY_GPIO_CFG_CREATE(P11_6_SMIF_SPI_DATA0, CY_GPIO_DM_STRONG)}, + {NC, NC, 0}, +}; +const PinMap PinMap_QSPI_DATA1[] = { + {P11_5, QSPI_0, CY_GPIO_CFG_CREATE(P11_5_SMIF_SPI_DATA1, CY_GPIO_DM_STRONG)}, + {NC, NC, 0}, +}; +const PinMap PinMap_QSPI_DATA2[] = { + {P11_4, QSPI_0, CY_GPIO_CFG_CREATE(P11_4_SMIF_SPI_DATA2, CY_GPIO_DM_STRONG)}, + {NC, NC, 0}, +}; +const PinMap PinMap_QSPI_DATA3[] = { + {P11_3, QSPI_0, CY_GPIO_CFG_CREATE(P11_3_SMIF_SPI_DATA3, CY_GPIO_DM_STRONG)}, + {NC, NC, 0}, +}; +#endif // DEVICE_QSPI diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/cybsp.c b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/cybsp.c new file mode 100755 index 0000000..acd73e3 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/cybsp.c @@ -0,0 +1,134 @@ +/***************************************************************************//** +* \file cybsp.c +* +* Description: +* Provides initialization code for starting up the hardware contained on the +* Cypress board. +* +******************************************************************************** +* \copyright +* Copyright 2018-2020 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*******************************************************************************/ + +#include +#include "cy_syspm.h" +#include "cy_sysclk.h" +#include "cybsp.h" +#if defined(CY_USING_HAL) +#include "cyhal_hwmgr.h" +#include "cyhal_syspm.h" +#endif + +#if defined(__cplusplus) +extern "C" { +#endif + +/* The sysclk deep sleep callback is recommended to be the last callback that +* is executed before entry into deep sleep mode and the first one upon +* exit the deep sleep mode. +* Doing so minimizes the time spent on low power mode entry and exit. +*/ +#ifndef CYBSP_SYSCLK_PM_CALLBACK_ORDER + #define CYBSP_SYSCLK_PM_CALLBACK_ORDER (255u) +#endif + +#if defined(CYBSP_WIFI_CAPABLE) && defined(CY_USING_HAL) +static cyhal_sdio_t sdio_obj; + +cyhal_sdio_t* cybsp_get_wifi_sdio_obj(void) +{ + return &sdio_obj; +} +#endif + +/** + * Registers a power management callback that prepares the clock system + * for entering deep sleep mode and restore the clocks upon wakeup from deep sleep. + * NOTE: This is called automatically as part of \ref cybsp_init + */ +static cy_rslt_t cybsp_register_sysclk_pm_callback(void) +{ + cy_rslt_t result = CY_RSLT_SUCCESS; + static cy_stc_syspm_callback_params_t cybsp_sysclk_pm_callback_param = {NULL, NULL}; + static cy_stc_syspm_callback_t cybsp_sysclk_pm_callback = { + .callback = &Cy_SysClk_DeepSleepCallback, + .type = CY_SYSPM_DEEPSLEEP, + .callbackParams = &cybsp_sysclk_pm_callback_param, + .order = CYBSP_SYSCLK_PM_CALLBACK_ORDER + }; + + if (!Cy_SysPm_RegisterCallback(&cybsp_sysclk_pm_callback)) + { + result = CYBSP_RSLT_ERR_SYSCLK_PM_CALLBACK; + } + return result; +} + +cy_rslt_t cybsp_init(void) +{ + /* Setup hardware manager to track resource usage then initialize all system (clock/power) board configuration */ +#if defined(CY_USING_HAL) + cy_rslt_t result = cyhal_hwmgr_init(); + + if (CY_RSLT_SUCCESS == result) + { + result = cyhal_syspm_init(); + } +#else + cy_rslt_t result = CY_RSLT_SUCCESS; +#endif + +#if defined(COMPONENT_BSP_DESIGN_MODUS) || defined(COMPONENT_CUSTOM_DESIGN_MODUS) + init_cycfg_all(); +#endif + + if (CY_RSLT_SUCCESS == result) + { + result = cybsp_register_sysclk_pm_callback(); + } + +#if defined(CYBSP_WIFI_CAPABLE) && defined(CY_USING_HAL) + /* Initialize SDIO interface. This must be done before other HAL API calls as some SDIO implementations require + * specific peripheral instances. + * NOTE: The full WiFi interface still needs to be initialized via cybsp_wifi_init_primary(). This is typically + * done when starting up WiFi. + */ + if (CY_RSLT_SUCCESS == result) + { + /* Reserves: CYBSP_WIFI_SDIO, CYBSP_WIFI_SDIO_D0, CYBSP_WIFI_SDIO_D1, CYBSP_WIFI_SDIO_D2, CYBSP_WIFI_SDIO_D3 + * CYBSP_WIFI_SDIO_CMD and CYBSP_WIFI_SDIO_CLK. + */ + result = cyhal_sdio_init( + &sdio_obj, + CYBSP_WIFI_SDIO_CMD, + CYBSP_WIFI_SDIO_CLK, + CYBSP_WIFI_SDIO_D0, + CYBSP_WIFI_SDIO_D1, + CYBSP_WIFI_SDIO_D2, + CYBSP_WIFI_SDIO_D3); + } +#endif /* defined(CYBSP_WIFI_CAPABLE) */ + + /* CYHAL_HWMGR_RSLT_ERR_INUSE error code could be returned if any needed for BSP resource was reserved by + * user previously. Please review the Device Configurator (design.modus) and the BSP reservation list + * (cyreservedresources.list) to make sure no resources are reserved by both. + */ + return result; +} + +#if defined(__cplusplus) +} +#endif diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/cybsp.h b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/cybsp.h new file mode 100755 index 0000000..1ec5ff5 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/cybsp.h @@ -0,0 +1,73 @@ +/***************************************************************************//** +* \file cybsp.h +* +* \brief +* Basic API for setting up boards containing a Cypress MCU. +* +******************************************************************************** +* \copyright +* Copyright 2018-2020 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*******************************************************************************/ + +#pragma once + +#include "cy_result.h" +#include "cybsp_types.h" +#if defined(CYBSP_WIFI_CAPABLE) && defined(CY_USING_HAL) +#include "cyhal_sdio.h" +#endif + +#if defined(__cplusplus) +extern "C" { +#endif + +/** +* \addtogroup group_bsp_macros Macros +* \{ +*/ + +/** Failed to configure sysclk power management callback */ +#define CYBSP_RSLT_ERR_SYSCLK_PM_CALLBACK (CY_RSLT_CREATE(CY_RSLT_TYPE_ERROR, CY_RSLT_MODULE_ABSTRACTION_BSP, 0)) + +/** \} group_bsp_macros */ + +/** +* \addtogroup group_bsp_functions Functions +* \{ +*/ + +/** + * \brief Initialize all hardware on the board + * \returns CY_RSLT_SUCCESS if the board is sucessfully initialized, if there is + * a problem initializing any hardware it returns an error code specific + * to the hardware module that had a problem. + */ +cy_rslt_t cybsp_init(void); + +#if defined(CYBSP_WIFI_CAPABLE) && defined(CY_USING_HAL) +/** + * \brief Get the initialized sdio object used for communicating with the WiFi Chip. + * \note This function should only be called after cybsp_init(); + * \returns The initialized sdio object. + */ +cyhal_sdio_t* cybsp_get_wifi_sdio_obj(void); +#endif /* defined(CYBSP_WIFI_CAPABLE) */ + +/** \} group_bsp_functions */ + +#ifdef __cplusplus +} +#endif /* __cplusplus */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/cybsp_types.h b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/cybsp_types.h new file mode 100755 index 0000000..5652289 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/cybsp_types.h @@ -0,0 +1,514 @@ +/***************************************************************************//** +* \file CY8CKIT-064B0S2-4343W/cybsp_types.h +* +* Description: +* Provides APIs for interacting with the hardware contained on the Cypress +* CY8CKIT-064B0S2-4343W pioneer kit. +* +******************************************************************************** +* \copyright +* Copyright 2018-2020 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*******************************************************************************/ + +#pragma once + +#if defined(CY_USING_HAL) +#include "cyhal_pin_package.h" +#endif +#if defined(COMPONENT_BSP_DESIGN_MODUS) || defined(COMPONENT_CUSTOM_DESIGN_MODUS) +#include "cycfg.h" +#endif + +#if defined(__cplusplus) +extern "C" { +#endif + +/** +* \addtogroup group_bsp_settings BSP Settings +* \{ +* +*
Peripheral Default HAL Settings:
+* | Resource | Parameter | Value | Remarks | +* | :------: | :-------: | :---: | :------ | +* | ADC | VREF | 1.2 V | | +* | ^ | Measurement type | Single Ended | | +* | ^ | Input voltage range | 0 to 2.4 V (0 to 2*VREF) | | +* | ^ | Output range | 0x000 to 0x7FF | | +* | DAC | Reference source | VDDA | | +* | ^ | Input range | 0x000 to 0xFFF | | +* | ^ | Output range | 0 to VDDA | | +* | ^ | Output type | Unbuffered output | | +* | I2C | Role | Master | Configurable to slave mode through HAL function | +* | ^ | Data rate | 100 kbps | Configurable through HAL function | +* | ^ | Drive mode of SCL & SDA pins | Open Drain (drives low) | External pull-up resistors are required | +* | LpTimer | Uses WCO (32.768 kHz) as clock source & MCWDT as counter. 1 count = 1/32768 second or 32768 counts = 1 second. ||| +* | SPI | Data rate | 100 kpbs | Configurable through HAL function | +* | ^ | Slave select polarity | Active low | | +* | UART | Flow control | No flow control | Configurable through HAL function | +* | ^ | Data format | 8N1 | Configurable through HAL function | +* | ^ | Baud rate | 115200 | Configurable through HAL function | +*/ +/** \} group_bsp_settings */ + +/** +* \addtogroup group_bsp_pin_state Pin States +* \{ +*/ + +/** Pin state for the LED on. */ +#ifndef CYBSP_LED_STATE_ON +#define CYBSP_LED_STATE_ON (0U) +#endif +/** Pin state for the LED off. */ +#ifndef CYBSP_LED_STATE_OFF +#define CYBSP_LED_STATE_OFF (1U) +#endif + +/** Pin state for when a button is pressed. */ +#ifndef CYBSP_BTN_PRESSED +#define CYBSP_BTN_PRESSED (0U) +#endif +/** Pin state for when a button is released. */ +#ifndef CYBSP_BTN_OFF +#define CYBSP_BTN_OFF (1U) +#endif + +/** \} group_bsp_pin_state */ + +#if defined(CY_USING_HAL) + +/** +* \addtogroup group_bsp_pins Pin Mappings +* \{ +*/ + +/** +* \addtogroup group_bsp_pins_led LED Pins +* \{ +*/ + +/** LED 8; User LED1 (orange) */ +#ifndef CYBSP_LED8 +#define CYBSP_LED8 (P1_5) +#endif +/** LED 9; User LED2 (red) */ +#ifndef CYBSP_LED9 +#define CYBSP_LED9 (P11_1) +#endif +/** LED 5: RGB LED - Red; User LED3 */ +#ifndef CYBSP_LED_RGB_RED +#define CYBSP_LED_RGB_RED (P1_1) +#endif +/** LED 5: RGB LED - Green; User LED4 */ +#ifndef CYBSP_LED_RGB_GREEN +#define CYBSP_LED_RGB_GREEN (P0_5) +#endif +/** LED 5: RGB LED - Blue; User LED5 */ +#ifndef CYBSP_LED_RGB_BLUE +#define CYBSP_LED_RGB_BLUE (P7_3) +#endif + +/** LED 8; User LED1 (orange) */ +#ifndef CYBSP_USER_LED1 +#define CYBSP_USER_LED1 (CYBSP_LED8) +#endif +/** LED 9; User LED2 (red) */ +#ifndef CYBSP_USER_LED2 +#define CYBSP_USER_LED2 (CYBSP_LED9) +#endif +/** LED 5: RGB LED - Red; User LED3 */ +#ifndef CYBSP_USER_LED3 +#define CYBSP_USER_LED3 (CYBSP_LED_RGB_RED) +#endif +/** LED 5: RGB LED - Green; User LED4 */ +#ifndef CYBSP_USER_LED4 +#define CYBSP_USER_LED4 (CYBSP_LED_RGB_GREEN) +#endif +/** LED 5: RGB LED - Blue; User LED5 */ +#ifndef CYBSP_USER_LED5 +#define CYBSP_USER_LED5 (CYBSP_LED_RGB_BLUE) +#endif +/** LED 8; User LED1 (orange) */ +#ifndef CYBSP_USER_LED +#define CYBSP_USER_LED (CYBSP_USER_LED1) +#endif + +/** \} group_bsp_pins_led */ + + +/** +* \addtogroup group_bsp_pins_btn Button Pins +* \{ +*/ + +/** Switch 2; User Button 1 */ +#ifndef CYBSP_SW2 +#define CYBSP_SW2 (P0_4) +#endif +/** Switch 4; User Button 2 */ +#ifndef CYBSP_SW4 +#define CYBSP_SW4 (P1_4) +#endif + +/** Switch 2; User Button 1 */ +#ifndef CYBSP_USER_BTN1 +#define CYBSP_USER_BTN1 (CYBSP_SW2) +#endif +/** Switch 4; User Button 2 */ +#ifndef CYBSP_USER_BTN2 +#define CYBSP_USER_BTN2 (CYBSP_SW4) +#endif +/** Switch 2; User Button 1 */ +#ifndef CYBSP_USER_BTN +#define CYBSP_USER_BTN (CYBSP_USER_BTN1) +#endif + +/** \} group_bsp_pins_btn */ + + +/** +* \addtogroup group_bsp_pins_comm Communication Pins +* \{ +*/ + +/** Pin: WIFI SDIO D0 */ +#ifndef CYBSP_WIFI_SDIO_D0 +#define CYBSP_WIFI_SDIO_D0 (P2_0) +#endif +/** Pin: WIFI SDIO D1 */ +#ifndef CYBSP_WIFI_SDIO_D1 +#define CYBSP_WIFI_SDIO_D1 (P2_1) +#endif +/** Pin: WIFI SDIO D2 */ +#ifndef CYBSP_WIFI_SDIO_D2 +#define CYBSP_WIFI_SDIO_D2 (P2_2) +#endif +/** Pin: WIFI SDIO D3 */ +#ifndef CYBSP_WIFI_SDIO_D3 +#define CYBSP_WIFI_SDIO_D3 (P2_3) +#endif +/** Pin: WIFI SDIO CMD */ +#ifndef CYBSP_WIFI_SDIO_CMD +#define CYBSP_WIFI_SDIO_CMD (P2_4) +#endif +/** Pin: WIFI SDIO CLK */ +#ifndef CYBSP_WIFI_SDIO_CLK +#define CYBSP_WIFI_SDIO_CLK (P2_5) +#endif +/** Pin: WIFI ON */ +#ifndef CYBSP_WIFI_WL_REG_ON +#define CYBSP_WIFI_WL_REG_ON (P2_6) +#endif +/** Pin: WIFI Host Wakeup */ +#ifndef CYBSP_WIFI_HOST_WAKE +#define CYBSP_WIFI_HOST_WAKE (P4_1) +#endif + +/** Pin: BT UART RX */ +#ifndef CYBSP_BT_UART_RX +#define CYBSP_BT_UART_RX (P3_0) +#endif +/** Pin: BT UART TX */ +#ifndef CYBSP_BT_UART_TX +#define CYBSP_BT_UART_TX (P3_1) +#endif +/** Pin: BT UART RTS */ +#ifndef CYBSP_BT_UART_RTS +#define CYBSP_BT_UART_RTS (P3_2) +#endif +/** Pin: BT UART CTS */ +#ifndef CYBSP_BT_UART_CTS +#define CYBSP_BT_UART_CTS (P3_3) +#endif + +/** Pin: BT Power */ +#ifndef CYBSP_BT_POWER +#define CYBSP_BT_POWER (P3_4) +#endif +/** Pin: BT Host Wakeup */ +#ifndef CYBSP_BT_HOST_WAKE +#define CYBSP_BT_HOST_WAKE (P4_0) +#endif +/** Pin: BT Device Wakeup */ +#ifndef CYBSP_BT_DEVICE_WAKE +#define CYBSP_BT_DEVICE_WAKE (P3_5) +#endif + +/** Pin: UART RX */ +#ifndef CYBSP_DEBUG_UART_RX +#define CYBSP_DEBUG_UART_RX (P5_0) +#endif +/** Pin: UART TX */ +#ifndef CYBSP_DEBUG_UART_TX +#define CYBSP_DEBUG_UART_TX (P5_1) +#endif +/** Pin: UART RX */ +#ifndef CYBSP_DEBUG_UART_RTS +#define CYBSP_DEBUG_UART_RTS (P5_2) +#endif +/** Pin: UART TX */ +#ifndef CYBSP_DEBUG_UART_CTS +#define CYBSP_DEBUG_UART_CTS (P5_3) +#endif + +/** Pin: I2C SCL */ +#ifndef CYBSP_I2C_SCL +#define CYBSP_I2C_SCL (P6_0) +#endif +/** Pin: I2C SDA */ +#ifndef CYBSP_I2C_SDA +#define CYBSP_I2C_SDA (P6_1) +#endif + +/** Pin: SWO */ +#ifndef CYBSP_SWO +#define CYBSP_SWO (P6_4) +#endif +/** Pin: SWDIO */ +#ifndef CYBSP_SWDIO +#define CYBSP_SWDIO (P6_6) +#endif +/** Pin: SWDCK */ +#ifndef CYBSP_SWDCK +#define CYBSP_SWDCK (P6_7) +#endif + +/** Pin: QUAD SPI SS */ +#ifndef CYBSP_QSPI_SS +#define CYBSP_QSPI_SS (P11_2) +#endif +/** Pin: QUAD SPI D3 */ +#ifndef CYBSP_QSPI_D3 +#define CYBSP_QSPI_D3 (P11_3) +#endif +/** Pin: QUAD SPI D2 */ +#ifndef CYBSP_QSPI_D2 +#define CYBSP_QSPI_D2 (P11_4) +#endif +/** Pin: QUAD SPI D1 */ +#ifndef CYBSP_QSPI_D1 +#define CYBSP_QSPI_D1 (P11_5) +#endif +/** Pin: QUAD SPI D0 */ +#ifndef CYBSP_QSPI_D0 +#define CYBSP_QSPI_D0 (P11_6) +#endif +/** Pin: QUAD SPI SCK */ +#ifndef CYBSP_QSPI_SCK +#define CYBSP_QSPI_SCK (P11_7) +#endif + +/** Host-wake GPIO drive mode */ +#define CYBSP_WIFI_HOST_WAKE_GPIO_DM (CYHAL_GPIO_DRIVE_ANALOG) +/** Host-wake IRQ event */ +#define CYBSP_WIFI_HOST_WAKE_IRQ_EVENT (CYHAL_GPIO_IRQ_RISE) + +/** Pin: SPI MOSI */ +#ifndef CYBSP_SPI_MOSI +#define CYBSP_SPI_MOSI (P12_0) +#endif +/** Pin: SPI MISO */ +#ifndef CYBSP_SPI_MISO +#define CYBSP_SPI_MISO (P12_1) +#endif +/** Pin: SPI CLK */ +#ifndef CYBSP_SPI_CLK +#define CYBSP_SPI_CLK (P12_2) +#endif +/** Pin: SPI CS */ +#ifndef CYBSP_SPI_CS +#define CYBSP_SPI_CS (P12_4) +#endif + +/** \} group_bsp_pins_comm */ + + +/** +* \addtogroup group_bsp_pins_arduino Arduino Header Pins +* \{ +*/ + +/** Arduino A0 */ +#ifndef CYBSP_A0 +#define CYBSP_A0 (P10_0) +#endif +/** Arduino A1 */ +#ifndef CYBSP_A1 +#define CYBSP_A1 (P10_1) +#endif +/** Arduino A2 */ +#ifndef CYBSP_A2 +#define CYBSP_A2 (P10_2) +#endif +/** Arduino A3 */ +#ifndef CYBSP_A3 +#define CYBSP_A3 (P10_3) +#endif +/** Arduino A4 */ +#ifndef CYBSP_A4 +#define CYBSP_A4 (P10_4) +#endif +/** Arduino A5 */ +#ifndef CYBSP_A5 +#define CYBSP_A5 (P10_5) +#endif +/** Arduino D0 */ +#ifndef CYBSP_D0 +#define CYBSP_D0 (P5_0) +#endif +/** Arduino D1 */ +#ifndef CYBSP_D1 +#define CYBSP_D1 (P5_1) +#endif +/** Arduino D2 */ +#ifndef CYBSP_D2 +#define CYBSP_D2 (P5_2) +#endif +/** Arduino D3 */ +#ifndef CYBSP_D3 +#define CYBSP_D3 (P5_3) +#endif +/** Arduino D4 */ +#ifndef CYBSP_D4 +#define CYBSP_D4 (P5_4) +#endif +/** Arduino D5 */ +#ifndef CYBSP_D5 +#define CYBSP_D5 (P5_5) +#endif +/** Arduino D6 */ +#ifndef CYBSP_D6 +#define CYBSP_D6 (P5_6) +#endif +/** Arduino D7 */ +#ifndef CYBSP_D7 +#define CYBSP_D7 (P5_7) +#endif +/** Arduino D8 */ +#ifndef CYBSP_D8 +#define CYBSP_D8 (P7_5) +#endif +/** Arduino D9 */ +#ifndef CYBSP_D9 +#define CYBSP_D9 (P7_6) +#endif +/** Arduino D10 */ +#ifndef CYBSP_D10 +#define CYBSP_D10 (P12_3) +#endif +/** Arduino D11 */ +#ifndef CYBSP_D11 +#define CYBSP_D11 (P12_0) +#endif +/** Arduino D12 */ +#ifndef CYBSP_D12 +#define CYBSP_D12 (P12_1) +#endif +/** Arduino D13 */ +#ifndef CYBSP_D13 +#define CYBSP_D13 (P12_2) +#endif +/** Arduino D14 */ +#ifndef CYBSP_D14 +#define CYBSP_D14 (P6_1) +#endif +/** Arduino D15 */ +#ifndef CYBSP_D15 +#define CYBSP_D15 (P6_0) +#endif + +/** \} group_bsp_pins_arduino */ + + +/** +* \addtogroup group_bsp_pins_j2 J2 Header Pins +* \{ +*/ + +/** Cypress J2 Header pin 1 */ +#ifndef CYBSP_J2_1 +#define CYBSP_J2_1 (CYBSP_A0) +#endif +/** Cypress J2 Header pin 2 */ +#ifndef CYBSP_J2_2 +#define CYBSP_J2_2 (P9_0) +#endif +/** Cypress J2 Header pin 3 */ +#ifndef CYBSP_J2_3 +#define CYBSP_J2_3 (CYBSP_A1) +#endif +/** Cypress J2 Header pin 4 */ +#ifndef CYBSP_J2_4 +#define CYBSP_J2_4 (P9_1) +#endif +/** Cypress J2 Header pin 5 */ +#ifndef CYBSP_J2_5 +#define CYBSP_J2_5 (CYBSP_A2) +#endif +/** Cypress J2 Header pin 6 */ +#ifndef CYBSP_J2_6 +#define CYBSP_J2_6 (P9_2) +#endif +/** Cypress J2 Header pin 7 */ +#ifndef CYBSP_J2_7 +#define CYBSP_J2_7 (CYBSP_A3) +#endif +/** Cypress J2 Header pin 8 */ +#ifndef CYBSP_J2_8 +#define CYBSP_J2_8 (P9_3) +#endif +/** Cypress J2 Header pin 9 */ +#ifndef CYBSP_J2_9 +#define CYBSP_J2_9 (CYBSP_A4) +#endif +/** Cypress J2 Header pin 10 */ +#ifndef CYBSP_J2_10 +#define CYBSP_J2_10 (P9_4) +#endif +/** Cypress J2 Header pin 11 */ +#ifndef CYBSP_J2_11 +#define CYBSP_J2_11 (CYBSP_A5) +#endif +/** Cypress J2 Header pin 12 */ +#ifndef CYBSP_J2_12 +#define CYBSP_J2_12 (P9_5) +#endif +/** Cypress J2 Header pin 13 */ +#ifndef CYBSP_J2_13 +#define CYBSP_J2_13 (P10_6) +#endif +/** Cypress J2 Header pin 14 */ +#ifndef CYBSP_J2_14 +#define CYBSP_J2_14 (P9_6) +#endif +/** Cypress J2 Header pin 15 */ +#ifndef CYBSP_J2_15 +#define CYBSP_J2_15 (P10_7) +#endif +/** Cypress J2 Header pin 16 */ +#ifndef CYBSP_J2_16 +#define CYBSP_J2_16 (P9_7) +#endif + +/** \} group_bsp_pins_j2 */ + +/** \} group_bsp_pins */ + +#endif /* defined(CY_USING_HAL) */ + +#if defined(__cplusplus) +} +#endif diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/TOOLCHAIN_ARM/cyb06xxa_cm4_dual.sct b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/TOOLCHAIN_ARM/cyb06xxa_cm4_dual.sct new file mode 100644 index 0000000..f7ff390 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/TOOLCHAIN_ARM/cyb06xxa_cm4_dual.sct @@ -0,0 +1,318 @@ +#! armclang -E --target=arm-arm-none-eabi -x c -mcpu=cortex-m4 +; The first line specifies a preprocessor command that the linker invokes +; to pass a scatter file through a C preprocessor. + +;******************************************************************************* +;* \file cyb06xxa_cm4_dual.sct +;* \version 2.80 +;* +;* Linker file for the ARMCC. +;* +;* The main purpose of the linker script is to describe how the sections in the +;* input files should be mapped into the output file, and to control the memory +;* layout of the output file. +;* +;* \note The entry point location is fixed and starts at 0x10000000. The valid +;* application image should be placed there. +;* +;* \note The linker files included with the PDL template projects must be +;* generic and handle all common use cases. Your project may not use every +;* section defined in the linker files. In that case you may see the warnings +;* during the build process: L6314W (no section matches pattern) and/or L6329W +;* (pattern only matches removed unused sections). In your project, you can +;* suppress the warning by passing the "--diag_suppress=L6314W,L6329W" option to +;* the linker, simply comment out or remove the relevant code in the linker +;* file. +;* +;******************************************************************************* +;* \copyright +;* Copyright 2016-2020 Cypress Semiconductor Corporation +;* Copyright 2020 Arm Limited +;* SPDX-License-Identifier: Apache-2.0 +;* +;* Licensed under the Apache License, Version 2.0 (the "License"); +;* you may not use this file except in compliance with the License. +;* You may obtain a copy of the License at +;* +;* http://www.apache.org/licenses/LICENSE-2.0 +;* +;* Unless required by applicable law or agreed to in writing, software +;* distributed under the License is distributed on an "AS IS" BASIS, +;* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +;* See the License for the specific language governing permissions and +;* limitations under the License. +;******************************************************************************/ + +#include "../../../partition/region_defs.h" + +; By default, the COMPONENT_CM0P_SLEEP prebuilt image is used for the CM0p core. +; More about CM0+ prebuilt images, see here: +; https://github.com/cypresssemiconductorco/psoc6cm0p +; The size of the Cortex-M0+ application flash image +#define FLASH_CM0P_SIZE 0x10000 + +#if !defined(MBED_ROM_START) + #define MBED_ROM_START NS_CODE_START +#endif + +;* MBED_APP_START is being used by the bootloader build script and +;* will be calculate by the system. In case if MBED_APP_START address is +;* customized by the bootloader config, the application image should not +;* include CM0p prebuilt image. +;* + +#if !defined(MBED_APP_START) + #define MBED_APP_START MBED_ROM_START +#endif + +#if !defined(MBED_ROM_SIZE) + #define MBED_ROM_SIZE NS_CODE_SIZE +#endif + +;* MBED_APP_SIZE is being used by the bootloader build script and +;* will be calculate by the system. +;* +#if !defined(MBED_APP_SIZE) + #define MBED_APP_SIZE MBED_ROM_SIZE +#endif + +#if !defined(MBED_RAM_START) + #define MBED_RAM_START NS_DATA_START +#endif + +#if !defined(MBED_RAM_SIZE) + #define MBED_RAM_SIZE NS_DATA_SIZE +#endif + +#if !defined(MBED_BOOT_STACK_SIZE) + #define MBED_BOOT_STACK_SIZE NS_MSP_STACK_SIZE +#endif + +; Shared memory area between Non-secure and Secure +#define MBED_DATA_SHARED_SIZE NS_DATA_SHARED_SIZE + +; The defines below describe the location and size of blocks of memory in the target. +; Use these defines to specify the memory regions available for allocation. + +; The following defines control RAM and flash memory allocation for the CM4 core. +; You can change the memory allocation by editing RAM and Flash defines. +; Note that 2 KB of RAM (at the end of the SRAM) are reserved for system use. +; Using this memory region for other purposes will lead to unexpected behavior. +; Your changes must be aligned with the corresponding defines for CM0+ core in 'xx_cm0plus.scat', +; where 'xx' is the device group; for example, 'cyb06xx7_cm0plus.scat'. +; RAM +#define RAM_START MBED_RAM_START +#define RAM_SIZE MBED_RAM_SIZE +; Flash +#define FLASH_START MBED_APP_START +#define FLASH_SIZE MBED_APP_SIZE + +; The following defines describe a 32K flash region used for EEPROM emulation. +; This region can also be used as the general purpose flash. +; You can assign sections to this memory region for only one of the cores. +; Note some middleware (e.g. BLE, Emulated EEPROM) can place their data into this memory region. +; Therefore, repurposing this memory region will prevent such middleware from operation. +#define EM_EEPROM_START 0x14000000 +#define EM_EEPROM_SIZE 0x8000 + +; The following defines describe device specific memory regions and must not be changed. +; Supervisory flash: User data +#define SFLASH_USER_DATA_START 0x16000800 +#define SFLASH_USER_DATA_SIZE 0x00000800 + +; Supervisory flash: Normal Access Restrictions (NAR) +#define SFLASH_NAR_START 0x16001A00 +#define SFLASH_NAR_SIZE 0x00000200 + +; Supervisory flash: Public Key +#define SFLASH_PUBLIC_KEY_START 0x16005A00 +#define SFLASH_PUBLIC_KEY_SIZE 0x00000C00 + +; Supervisory flash: Table of Content # 2 +#define SFLASH_TOC_2_START 0x16007C00 +#define SFLASH_TOC_2_SIZE 0x00000200 + +; Supervisory flash: Table of Content # 2 Copy +#define SFLASH_RTOC_2_START 0x16007E00 +#define SFLASH_RTOC_2_SIZE 0x00000200 + +; External memory +#define XIP_START 0x18000000 +#define XIP_SIZE 0x08000000 + +; eFuse +#define EFUSE_START 0x90700000 +#define EFUSE_SIZE 0x100000 + +; Cortex-M4 application flash area +LR_IROM1 FLASH_START FLASH_SIZE +{ + ER_FLASH_VECTORS +0 + { + * (RESET, +FIRST) + } + + ER_FLASH_CODE +0 FIXED + { + * (InRoot$$Sections) + * (+RO) + } + + ER_RAM_VECTORS RAM_START UNINIT + { + * (RESET_RAM, +FIRST) + } + + RW_RAM_DATA +0 + { + * (.cy_ramfunc) + * (+RW, +ZI) + } + + ; Place variables in the section that should not be initialized during the + ; device startup. + RW_IRAM1 +0 UNINIT + { + * (.noinit) + } + + ; Application heap area (HEAP) + ARM_LIB_HEAP +0 ALIGN 4 EMPTY RAM_START+RAM_SIZE-MBED_BOOT_STACK_SIZE-MBED_DATA_SHARED_SIZE-ImageLimit(RW_IRAM1) + { + } + + ; Stack region growing down + ARM_LIB_STACK RAM_START+RAM_SIZE-MBED_DATA_SHARED_SIZE ALIGN 4 EMPTY -MBED_BOOT_STACK_SIZE + { + } + + ; Stack area overflowed within RAM + ScatterAssert(ImageBase(ARM_LIB_STACK) + ImageLength(ARM_LIB_STACK) == RAM_START+RAM_SIZE-MBED_DATA_SHARED_SIZE) + + ; Shared region + ARM_LIB_SHARED RAM_START+RAM_SIZE-MBED_DATA_SHARED_SIZE ALIGN 4 EMPTY MBED_DATA_SHARED_SIZE + { + } + + ; Shared area overflowed within RAM + ScatterAssert(ImageBase(ARM_LIB_SHARED) + ImageLength(ARM_LIB_SHARED) == RAM_START+RAM_SIZE) + + ; Used for the digital signature of the secure application and the + ; Bootloader SDK application. The size of the section depends on the required + ; data size. + .cy_app_signature (MBED_ROM_START + MBED_ROM_SIZE - 256) 256 + { + * (.cy_app_signature) + } +} + + +; Emulated EEPROM Flash area +LR_EM_EEPROM EM_EEPROM_START EM_EEPROM_SIZE +{ + .cy_em_eeprom +0 + { + * (.cy_em_eeprom) + } +} + +; Supervisory flash: User data +LR_SFLASH_USER_DATA SFLASH_USER_DATA_START SFLASH_USER_DATA_SIZE +{ + .cy_sflash_user_data +0 + { + * (.cy_sflash_user_data) + } +} + +; Supervisory flash: Normal Access Restrictions (NAR) +LR_SFLASH_NAR SFLASH_NAR_START SFLASH_NAR_SIZE +{ + .cy_sflash_nar +0 + { + * (.cy_sflash_nar) + } +} + +; Supervisory flash: Public Key +LR_SFLASH_PUBLIC_KEY SFLASH_PUBLIC_KEY_START SFLASH_PUBLIC_KEY_SIZE +{ + .cy_sflash_public_key +0 + { + * (.cy_sflash_public_key) + } +} + +; Supervisory flash: Table of Content # 2 +LR_SFLASH_TOC_2 SFLASH_TOC_2_START SFLASH_TOC_2_SIZE +{ + .cy_toc_part2 +0 + { + * (.cy_toc_part2) + } +} + +; Supervisory flash: Table of Content # 2 Copy +LR_SFLASH_RTOC_2 SFLASH_RTOC_2_START SFLASH_RTOC_2_SIZE +{ + .cy_rtoc_part2 +0 + { + * (.cy_rtoc_part2) + } +} + + +; Places the code in the Execute in Place (XIP) section. See the smif driver documentation for details. +LR_EROM XIP_START XIP_SIZE +{ + .cy_xip +0 + { + * (.cy_xip) + } +} + + +; eFuse +LR_EFUSE EFUSE_START EFUSE_SIZE +{ + .cy_efuse +0 + { + * (.cy_efuse) + } +} + + +; The section is used for additional metadata (silicon revision, Silicon/JTAG ID, etc.) storage. +CYMETA 0x90500000 +{ + .cymeta +0 { * (.cymeta) } +} + +/* The following symbols used by the cymcuelftool. */ +/* Flash */ +#define __cy_memory_0_start 0x10000000 +#define __cy_memory_0_length 0x00200000 +#define __cy_memory_0_row_size 0x200 + +/* Emulated EEPROM Flash area */ +#define __cy_memory_1_start 0x14000000 +#define __cy_memory_1_length 0x8000 +#define __cy_memory_1_row_size 0x200 + +/* Supervisory Flash */ +#define __cy_memory_2_start 0x16000000 +#define __cy_memory_2_length 0x8000 +#define __cy_memory_2_row_size 0x200 + +/* XIP */ +#define __cy_memory_3_start 0x18000000 +#define __cy_memory_3_length 0x08000000 +#define __cy_memory_3_row_size 0x200 + +/* eFuse */ +#define __cy_memory_4_start 0x90700000 +#define __cy_memory_4_length 0x100000 +#define __cy_memory_4_row_size 1 + + +/* [] END OF FILE */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/TOOLCHAIN_ARM/startup_psoc6_02_cm4.S b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/TOOLCHAIN_ARM/startup_psoc6_02_cm4.S new file mode 100755 index 0000000..4d54e8b --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/TOOLCHAIN_ARM/startup_psoc6_02_cm4.S @@ -0,0 +1,708 @@ +;/**************************************************************************//** +; * @file startup_psoc6_02_cm4.s +; * @brief CMSIS Core Device Startup File for +; * ARMCM4 Device Series +; * @version V5.00 +; * @date 02. March 2016 +; ******************************************************************************/ +;/* +; * Copyright (c) 2009-2016 ARM Limited. All rights reserved. +; * +; * SPDX-License-Identifier: Apache-2.0 +; * +; * Licensed under the Apache License, Version 2.0 (the License); you may +; * not use this file except in compliance with the License. +; * You may obtain a copy of the License at +; * +; * www.apache.org/licenses/LICENSE-2.0 +; * +; * Unless required by applicable law or agreed to in writing, software +; * distributed under the License is distributed on an AS IS BASIS, WITHOUT +; * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; * See the License for the specific language governing permissions and +; * limitations under the License. +; */ + + PRESERVE8 + THUMB + +; Vector Table Mapped to Address 0 at Reset + + AREA RESET, DATA, READONLY + EXPORT __Vectors + EXPORT __Vectors_End + EXPORT __Vectors_Size + + IMPORT |Image$$ARM_LIB_STACK$$ZI$$Base| + IMPORT |Image$$ARM_LIB_STACK$$ZI$$Length| + +__Vectors DCD |Image$$ARM_LIB_STACK$$ZI$$Base| + |Image$$ARM_LIB_STACK$$ZI$$Length| ; Top of Stack + + DCD Reset_Handler ; Reset Handler + + DCD 0x0000000D ; NMI Handler located at ROM code + DCD HardFault_Handler ; Hard Fault Handler + DCD MemManage_Handler ; MPU Fault Handler + DCD BusFault_Handler ; Bus Fault Handler + DCD UsageFault_Handler ; Usage Fault Handler + DCD 0 ; Reserved + DCD 0 ; Reserved + DCD 0 ; Reserved + DCD 0 ; Reserved + DCD SVC_Handler ; SVCall Handler + DCD DebugMon_Handler ; Debug Monitor Handler + DCD 0 ; Reserved + DCD PendSV_Handler ; PendSV Handler + DCD SysTick_Handler ; SysTick Handler + + ; External interrupts Description + DCD ioss_interrupts_gpio_0_IRQHandler ; GPIO Port Interrupt #0 + DCD ioss_interrupts_gpio_1_IRQHandler ; GPIO Port Interrupt #1 + DCD ioss_interrupts_gpio_2_IRQHandler ; GPIO Port Interrupt #2 + DCD ioss_interrupts_gpio_3_IRQHandler ; GPIO Port Interrupt #3 + DCD ioss_interrupts_gpio_4_IRQHandler ; GPIO Port Interrupt #4 + DCD ioss_interrupts_gpio_5_IRQHandler ; GPIO Port Interrupt #5 + DCD ioss_interrupts_gpio_6_IRQHandler ; GPIO Port Interrupt #6 + DCD ioss_interrupts_gpio_7_IRQHandler ; GPIO Port Interrupt #7 + DCD ioss_interrupts_gpio_8_IRQHandler ; GPIO Port Interrupt #8 + DCD ioss_interrupts_gpio_9_IRQHandler ; GPIO Port Interrupt #9 + DCD ioss_interrupts_gpio_10_IRQHandler ; GPIO Port Interrupt #10 + DCD ioss_interrupts_gpio_11_IRQHandler ; GPIO Port Interrupt #11 + DCD ioss_interrupts_gpio_12_IRQHandler ; GPIO Port Interrupt #12 + DCD ioss_interrupts_gpio_13_IRQHandler ; GPIO Port Interrupt #13 + DCD ioss_interrupts_gpio_14_IRQHandler ; GPIO Port Interrupt #14 + DCD ioss_interrupt_gpio_IRQHandler ; GPIO All Ports + DCD ioss_interrupt_vdd_IRQHandler ; GPIO Supply Detect Interrupt + DCD lpcomp_interrupt_IRQHandler ; Low Power Comparator Interrupt + DCD scb_8_interrupt_IRQHandler ; Serial Communication Block #8 (DeepSleep capable) + DCD srss_interrupt_mcwdt_0_IRQHandler ; Multi Counter Watchdog Timer interrupt + DCD srss_interrupt_mcwdt_1_IRQHandler ; Multi Counter Watchdog Timer interrupt + DCD srss_interrupt_backup_IRQHandler ; Backup domain interrupt + DCD srss_interrupt_IRQHandler ; Other combined Interrupts for SRSS (LVD, WDT, CLKCAL) + DCD cpuss_interrupts_ipc_0_IRQHandler ; CPUSS Inter Process Communication Interrupt #0 + DCD cpuss_interrupts_ipc_1_IRQHandler ; CPUSS Inter Process Communication Interrupt #1 + DCD cpuss_interrupts_ipc_2_IRQHandler ; CPUSS Inter Process Communication Interrupt #2 + DCD cpuss_interrupts_ipc_3_IRQHandler ; CPUSS Inter Process Communication Interrupt #3 + DCD cpuss_interrupts_ipc_4_IRQHandler ; CPUSS Inter Process Communication Interrupt #4 + DCD cpuss_interrupts_ipc_5_IRQHandler ; CPUSS Inter Process Communication Interrupt #5 + DCD cpuss_interrupts_ipc_6_IRQHandler ; CPUSS Inter Process Communication Interrupt #6 + DCD cpuss_interrupts_ipc_7_IRQHandler ; CPUSS Inter Process Communication Interrupt #7 + DCD cpuss_interrupts_ipc_8_IRQHandler ; CPUSS Inter Process Communication Interrupt #8 + DCD cpuss_interrupts_ipc_9_IRQHandler ; CPUSS Inter Process Communication Interrupt #9 + DCD cpuss_interrupts_ipc_10_IRQHandler ; CPUSS Inter Process Communication Interrupt #10 + DCD cpuss_interrupts_ipc_11_IRQHandler ; CPUSS Inter Process Communication Interrupt #11 + DCD cpuss_interrupts_ipc_12_IRQHandler ; CPUSS Inter Process Communication Interrupt #12 + DCD cpuss_interrupts_ipc_13_IRQHandler ; CPUSS Inter Process Communication Interrupt #13 + DCD cpuss_interrupts_ipc_14_IRQHandler ; CPUSS Inter Process Communication Interrupt #14 + DCD cpuss_interrupts_ipc_15_IRQHandler ; CPUSS Inter Process Communication Interrupt #15 + DCD scb_0_interrupt_IRQHandler ; Serial Communication Block #0 + DCD scb_1_interrupt_IRQHandler ; Serial Communication Block #1 + DCD scb_2_interrupt_IRQHandler ; Serial Communication Block #2 + DCD scb_3_interrupt_IRQHandler ; Serial Communication Block #3 + DCD scb_4_interrupt_IRQHandler ; Serial Communication Block #4 + DCD scb_5_interrupt_IRQHandler ; Serial Communication Block #5 + DCD scb_6_interrupt_IRQHandler ; Serial Communication Block #6 + DCD scb_7_interrupt_IRQHandler ; Serial Communication Block #7 + DCD scb_9_interrupt_IRQHandler ; Serial Communication Block #9 + DCD scb_10_interrupt_IRQHandler ; Serial Communication Block #10 + DCD scb_11_interrupt_IRQHandler ; Serial Communication Block #11 + DCD scb_12_interrupt_IRQHandler ; Serial Communication Block #12 + DCD csd_interrupt_IRQHandler ; CSD (Capsense) interrupt + DCD cpuss_interrupts_dmac_0_IRQHandler ; CPUSS DMAC, Channel #0 + DCD cpuss_interrupts_dmac_1_IRQHandler ; CPUSS DMAC, Channel #1 + DCD cpuss_interrupts_dmac_2_IRQHandler ; CPUSS DMAC, Channel #2 + DCD cpuss_interrupts_dmac_3_IRQHandler ; CPUSS DMAC, Channel #3 + DCD cpuss_interrupts_dw0_0_IRQHandler ; CPUSS DataWire #0, Channel #0 + DCD cpuss_interrupts_dw0_1_IRQHandler ; CPUSS DataWire #0, Channel #1 + DCD cpuss_interrupts_dw0_2_IRQHandler ; CPUSS DataWire #0, Channel #2 + DCD cpuss_interrupts_dw0_3_IRQHandler ; CPUSS DataWire #0, Channel #3 + DCD cpuss_interrupts_dw0_4_IRQHandler ; CPUSS DataWire #0, Channel #4 + DCD cpuss_interrupts_dw0_5_IRQHandler ; CPUSS DataWire #0, Channel #5 + DCD cpuss_interrupts_dw0_6_IRQHandler ; CPUSS DataWire #0, Channel #6 + DCD cpuss_interrupts_dw0_7_IRQHandler ; CPUSS DataWire #0, Channel #7 + DCD cpuss_interrupts_dw0_8_IRQHandler ; CPUSS DataWire #0, Channel #8 + DCD cpuss_interrupts_dw0_9_IRQHandler ; CPUSS DataWire #0, Channel #9 + DCD cpuss_interrupts_dw0_10_IRQHandler ; CPUSS DataWire #0, Channel #10 + DCD cpuss_interrupts_dw0_11_IRQHandler ; CPUSS DataWire #0, Channel #11 + DCD cpuss_interrupts_dw0_12_IRQHandler ; CPUSS DataWire #0, Channel #12 + DCD cpuss_interrupts_dw0_13_IRQHandler ; CPUSS DataWire #0, Channel #13 + DCD cpuss_interrupts_dw0_14_IRQHandler ; CPUSS DataWire #0, Channel #14 + DCD cpuss_interrupts_dw0_15_IRQHandler ; CPUSS DataWire #0, Channel #15 + DCD cpuss_interrupts_dw0_16_IRQHandler ; CPUSS DataWire #0, Channel #16 + DCD cpuss_interrupts_dw0_17_IRQHandler ; CPUSS DataWire #0, Channel #17 + DCD cpuss_interrupts_dw0_18_IRQHandler ; CPUSS DataWire #0, Channel #18 + DCD cpuss_interrupts_dw0_19_IRQHandler ; CPUSS DataWire #0, Channel #19 + DCD cpuss_interrupts_dw0_20_IRQHandler ; CPUSS DataWire #0, Channel #20 + DCD cpuss_interrupts_dw0_21_IRQHandler ; CPUSS DataWire #0, Channel #21 + DCD cpuss_interrupts_dw0_22_IRQHandler ; CPUSS DataWire #0, Channel #22 + DCD cpuss_interrupts_dw0_23_IRQHandler ; CPUSS DataWire #0, Channel #23 + DCD cpuss_interrupts_dw0_24_IRQHandler ; CPUSS DataWire #0, Channel #24 + DCD cpuss_interrupts_dw0_25_IRQHandler ; CPUSS DataWire #0, Channel #25 + DCD cpuss_interrupts_dw0_26_IRQHandler ; CPUSS DataWire #0, Channel #26 + DCD cpuss_interrupts_dw0_27_IRQHandler ; CPUSS DataWire #0, Channel #27 + DCD cpuss_interrupts_dw0_28_IRQHandler ; CPUSS DataWire #0, Channel #28 + DCD cpuss_interrupts_dw1_0_IRQHandler ; CPUSS DataWire #1, Channel #0 + DCD cpuss_interrupts_dw1_1_IRQHandler ; CPUSS DataWire #1, Channel #1 + DCD cpuss_interrupts_dw1_2_IRQHandler ; CPUSS DataWire #1, Channel #2 + DCD cpuss_interrupts_dw1_3_IRQHandler ; CPUSS DataWire #1, Channel #3 + DCD cpuss_interrupts_dw1_4_IRQHandler ; CPUSS DataWire #1, Channel #4 + DCD cpuss_interrupts_dw1_5_IRQHandler ; CPUSS DataWire #1, Channel #5 + DCD cpuss_interrupts_dw1_6_IRQHandler ; CPUSS DataWire #1, Channel #6 + DCD cpuss_interrupts_dw1_7_IRQHandler ; CPUSS DataWire #1, Channel #7 + DCD cpuss_interrupts_dw1_8_IRQHandler ; CPUSS DataWire #1, Channel #8 + DCD cpuss_interrupts_dw1_9_IRQHandler ; CPUSS DataWire #1, Channel #9 + DCD cpuss_interrupts_dw1_10_IRQHandler ; CPUSS DataWire #1, Channel #10 + DCD cpuss_interrupts_dw1_11_IRQHandler ; CPUSS DataWire #1, Channel #11 + DCD cpuss_interrupts_dw1_12_IRQHandler ; CPUSS DataWire #1, Channel #12 + DCD cpuss_interrupts_dw1_13_IRQHandler ; CPUSS DataWire #1, Channel #13 + DCD cpuss_interrupts_dw1_14_IRQHandler ; CPUSS DataWire #1, Channel #14 + DCD cpuss_interrupts_dw1_15_IRQHandler ; CPUSS DataWire #1, Channel #15 + DCD cpuss_interrupts_dw1_16_IRQHandler ; CPUSS DataWire #1, Channel #16 + DCD cpuss_interrupts_dw1_17_IRQHandler ; CPUSS DataWire #1, Channel #17 + DCD cpuss_interrupts_dw1_18_IRQHandler ; CPUSS DataWire #1, Channel #18 + DCD cpuss_interrupts_dw1_19_IRQHandler ; CPUSS DataWire #1, Channel #19 + DCD cpuss_interrupts_dw1_20_IRQHandler ; CPUSS DataWire #1, Channel #20 + DCD cpuss_interrupts_dw1_21_IRQHandler ; CPUSS DataWire #1, Channel #21 + DCD cpuss_interrupts_dw1_22_IRQHandler ; CPUSS DataWire #1, Channel #22 + DCD cpuss_interrupts_dw1_23_IRQHandler ; CPUSS DataWire #1, Channel #23 + DCD cpuss_interrupts_dw1_24_IRQHandler ; CPUSS DataWire #1, Channel #24 + DCD cpuss_interrupts_dw1_25_IRQHandler ; CPUSS DataWire #1, Channel #25 + DCD cpuss_interrupts_dw1_26_IRQHandler ; CPUSS DataWire #1, Channel #26 + DCD cpuss_interrupts_dw1_27_IRQHandler ; CPUSS DataWire #1, Channel #27 + DCD cpuss_interrupts_dw1_28_IRQHandler ; CPUSS DataWire #1, Channel #28 + DCD cpuss_interrupts_fault_0_IRQHandler ; CPUSS Fault Structure Interrupt #0 + DCD cpuss_interrupts_fault_1_IRQHandler ; CPUSS Fault Structure Interrupt #1 + DCD cpuss_interrupt_crypto_IRQHandler ; CRYPTO Accelerator Interrupt + DCD cpuss_interrupt_fm_IRQHandler ; FLASH Macro Interrupt + DCD cpuss_interrupts_cm4_fp_IRQHandler ; Floating Point operation fault + DCD cpuss_interrupts_cm0_cti_0_IRQHandler ; CM0+ CTI #0 + DCD cpuss_interrupts_cm0_cti_1_IRQHandler ; CM0+ CTI #1 + DCD cpuss_interrupts_cm4_cti_0_IRQHandler ; CM4 CTI #0 + DCD cpuss_interrupts_cm4_cti_1_IRQHandler ; CM4 CTI #1 + DCD tcpwm_0_interrupts_0_IRQHandler ; TCPWM #0, Counter #0 + DCD tcpwm_0_interrupts_1_IRQHandler ; TCPWM #0, Counter #1 + DCD tcpwm_0_interrupts_2_IRQHandler ; TCPWM #0, Counter #2 + DCD tcpwm_0_interrupts_3_IRQHandler ; TCPWM #0, Counter #3 + DCD tcpwm_0_interrupts_4_IRQHandler ; TCPWM #0, Counter #4 + DCD tcpwm_0_interrupts_5_IRQHandler ; TCPWM #0, Counter #5 + DCD tcpwm_0_interrupts_6_IRQHandler ; TCPWM #0, Counter #6 + DCD tcpwm_0_interrupts_7_IRQHandler ; TCPWM #0, Counter #7 + DCD tcpwm_1_interrupts_0_IRQHandler ; TCPWM #1, Counter #0 + DCD tcpwm_1_interrupts_1_IRQHandler ; TCPWM #1, Counter #1 + DCD tcpwm_1_interrupts_2_IRQHandler ; TCPWM #1, Counter #2 + DCD tcpwm_1_interrupts_3_IRQHandler ; TCPWM #1, Counter #3 + DCD tcpwm_1_interrupts_4_IRQHandler ; TCPWM #1, Counter #4 + DCD tcpwm_1_interrupts_5_IRQHandler ; TCPWM #1, Counter #5 + DCD tcpwm_1_interrupts_6_IRQHandler ; TCPWM #1, Counter #6 + DCD tcpwm_1_interrupts_7_IRQHandler ; TCPWM #1, Counter #7 + DCD tcpwm_1_interrupts_8_IRQHandler ; TCPWM #1, Counter #8 + DCD tcpwm_1_interrupts_9_IRQHandler ; TCPWM #1, Counter #9 + DCD tcpwm_1_interrupts_10_IRQHandler ; TCPWM #1, Counter #10 + DCD tcpwm_1_interrupts_11_IRQHandler ; TCPWM #1, Counter #11 + DCD tcpwm_1_interrupts_12_IRQHandler ; TCPWM #1, Counter #12 + DCD tcpwm_1_interrupts_13_IRQHandler ; TCPWM #1, Counter #13 + DCD tcpwm_1_interrupts_14_IRQHandler ; TCPWM #1, Counter #14 + DCD tcpwm_1_interrupts_15_IRQHandler ; TCPWM #1, Counter #15 + DCD tcpwm_1_interrupts_16_IRQHandler ; TCPWM #1, Counter #16 + DCD tcpwm_1_interrupts_17_IRQHandler ; TCPWM #1, Counter #17 + DCD tcpwm_1_interrupts_18_IRQHandler ; TCPWM #1, Counter #18 + DCD tcpwm_1_interrupts_19_IRQHandler ; TCPWM #1, Counter #19 + DCD tcpwm_1_interrupts_20_IRQHandler ; TCPWM #1, Counter #20 + DCD tcpwm_1_interrupts_21_IRQHandler ; TCPWM #1, Counter #21 + DCD tcpwm_1_interrupts_22_IRQHandler ; TCPWM #1, Counter #22 + DCD tcpwm_1_interrupts_23_IRQHandler ; TCPWM #1, Counter #23 + DCD pass_interrupt_sar_IRQHandler ; SAR ADC interrupt + DCD audioss_0_interrupt_i2s_IRQHandler ; I2S0 Audio interrupt + DCD audioss_0_interrupt_pdm_IRQHandler ; PDM0/PCM0 Audio interrupt + DCD audioss_1_interrupt_i2s_IRQHandler ; I2S1 Audio interrupt + DCD profile_interrupt_IRQHandler ; Energy Profiler interrupt + DCD smif_interrupt_IRQHandler ; Serial Memory Interface interrupt + DCD usb_interrupt_hi_IRQHandler ; USB Interrupt + DCD usb_interrupt_med_IRQHandler ; USB Interrupt + DCD usb_interrupt_lo_IRQHandler ; USB Interrupt + DCD sdhc_0_interrupt_wakeup_IRQHandler ; SDIO wakeup interrupt for mxsdhc + DCD sdhc_0_interrupt_general_IRQHandler ; Consolidated interrupt for mxsdhc for everything else + DCD sdhc_1_interrupt_wakeup_IRQHandler ; EEMC wakeup interrupt for mxsdhc, not used + DCD sdhc_1_interrupt_general_IRQHandler ; Consolidated interrupt for mxsdhc for everything else + +__Vectors_End + +__Vectors_Size EQU __Vectors_End - __Vectors + EXPORT __ramVectors + AREA RESET_RAM, READWRITE, NOINIT +__ramVectors SPACE __Vectors_Size + + + AREA |.text|, CODE, READONLY + + +; Weak function for startup customization +; +; Note. The global resources are not yet initialized (for example global variables, peripherals, clocks) +; because this function is executed as the first instruction in the ResetHandler. +; The PDL is also not initialized to use the proper register offsets. +; The user of this function is responsible for initializing the PDL and resources before using them. +; +Cy_OnResetUser PROC + EXPORT Cy_OnResetUser [WEAK] + BX LR + ENDP + +; Reset Handler +Reset_Handler PROC + EXPORT Reset_Handler [WEAK] + IMPORT Cy_SystemInitFpuEnable + IMPORT __main + + ; Define strong function for startup customization + BL Cy_OnResetUser + + ; Disable global interrupts + CPSID I + + ; Copy vectors from ROM to RAM + LDR r1, =__Vectors + LDR r0, =__ramVectors + LDR r2, =__Vectors_Size +Vectors_Copy + LDR r3, [r1] + STR r3, [r0] + ADDS r0, r0, #4 + ADDS r1, r1, #4 + SUBS r2, r2, #1 + CMP r2, #0 + BNE Vectors_Copy + + ; Update Vector Table Offset Register. */ + LDR r0, =__ramVectors + LDR r1, =0xE000ED08 + STR r0, [r1] + dsb 0xF + + ; Enable the FPU if used + LDR R0, =Cy_SystemInitFpuEnable + BLX R0 + + LDR R0, =__main + BLX R0 + + ; Should never get here + B . + + ENDP + +; Dummy Exception Handlers (infinite loops which can be modified) +NMI_Handler PROC + EXPORT NMI_Handler [WEAK] + B . + ENDP + +Cy_SysLib_FaultHandler PROC + EXPORT Cy_SysLib_FaultHandler [WEAK] + B . + ENDP +HardFault_Wrapper\ + PROC + EXPORT HardFault_Wrapper [WEAK] + movs r0, #4 + mov r1, LR + tst r0, r1 + beq L_MSP + mrs r0, PSP + bl L_API_call +L_MSP + mrs r0, MSP +L_API_call + bl Cy_SysLib_FaultHandler + ENDP +HardFault_Handler\ + PROC + EXPORT HardFault_Handler [WEAK] + B HardFault_Wrapper + ENDP +MemManage_Handler\ + PROC + EXPORT MemManage_Handler [WEAK] + B HardFault_Wrapper + ENDP +BusFault_Handler\ + PROC + EXPORT BusFault_Handler [WEAK] + B HardFault_Wrapper + ENDP +UsageFault_Handler\ + PROC + EXPORT UsageFault_Handler [WEAK] + B HardFault_Wrapper + ENDP +SVC_Handler PROC + EXPORT SVC_Handler [WEAK] + B . + ENDP +DebugMon_Handler\ + PROC + EXPORT DebugMon_Handler [WEAK] + B . + ENDP +PendSV_Handler PROC + EXPORT PendSV_Handler [WEAK] + B . + ENDP +SysTick_Handler PROC + EXPORT SysTick_Handler [WEAK] + B . + ENDP + +Default_Handler PROC + EXPORT Default_Handler [WEAK] + EXPORT ioss_interrupts_gpio_0_IRQHandler [WEAK] + EXPORT ioss_interrupts_gpio_1_IRQHandler [WEAK] + EXPORT ioss_interrupts_gpio_2_IRQHandler [WEAK] + EXPORT ioss_interrupts_gpio_3_IRQHandler [WEAK] + EXPORT ioss_interrupts_gpio_4_IRQHandler [WEAK] + EXPORT ioss_interrupts_gpio_5_IRQHandler [WEAK] + EXPORT ioss_interrupts_gpio_6_IRQHandler [WEAK] + EXPORT ioss_interrupts_gpio_7_IRQHandler [WEAK] + EXPORT ioss_interrupts_gpio_8_IRQHandler [WEAK] + EXPORT ioss_interrupts_gpio_9_IRQHandler [WEAK] + EXPORT ioss_interrupts_gpio_10_IRQHandler [WEAK] + EXPORT ioss_interrupts_gpio_11_IRQHandler [WEAK] + EXPORT ioss_interrupts_gpio_12_IRQHandler [WEAK] + EXPORT ioss_interrupts_gpio_13_IRQHandler [WEAK] + EXPORT ioss_interrupts_gpio_14_IRQHandler [WEAK] + EXPORT ioss_interrupt_gpio_IRQHandler [WEAK] + EXPORT ioss_interrupt_vdd_IRQHandler [WEAK] + EXPORT lpcomp_interrupt_IRQHandler [WEAK] + EXPORT scb_8_interrupt_IRQHandler [WEAK] + EXPORT srss_interrupt_mcwdt_0_IRQHandler [WEAK] + EXPORT srss_interrupt_mcwdt_1_IRQHandler [WEAK] + EXPORT srss_interrupt_backup_IRQHandler [WEAK] + EXPORT srss_interrupt_IRQHandler [WEAK] + EXPORT cpuss_interrupts_ipc_0_IRQHandler [WEAK] + EXPORT cpuss_interrupts_ipc_1_IRQHandler [WEAK] + EXPORT cpuss_interrupts_ipc_2_IRQHandler [WEAK] + EXPORT cpuss_interrupts_ipc_3_IRQHandler [WEAK] + EXPORT cpuss_interrupts_ipc_4_IRQHandler [WEAK] + EXPORT cpuss_interrupts_ipc_5_IRQHandler [WEAK] + EXPORT cpuss_interrupts_ipc_6_IRQHandler [WEAK] + EXPORT cpuss_interrupts_ipc_7_IRQHandler [WEAK] + EXPORT cpuss_interrupts_ipc_8_IRQHandler [WEAK] + EXPORT cpuss_interrupts_ipc_9_IRQHandler [WEAK] + EXPORT cpuss_interrupts_ipc_10_IRQHandler [WEAK] + EXPORT cpuss_interrupts_ipc_11_IRQHandler [WEAK] + EXPORT cpuss_interrupts_ipc_12_IRQHandler [WEAK] + EXPORT cpuss_interrupts_ipc_13_IRQHandler [WEAK] + EXPORT cpuss_interrupts_ipc_14_IRQHandler [WEAK] + EXPORT cpuss_interrupts_ipc_15_IRQHandler [WEAK] + EXPORT scb_0_interrupt_IRQHandler [WEAK] + EXPORT scb_1_interrupt_IRQHandler [WEAK] + EXPORT scb_2_interrupt_IRQHandler [WEAK] + EXPORT scb_3_interrupt_IRQHandler [WEAK] + EXPORT scb_4_interrupt_IRQHandler [WEAK] + EXPORT scb_5_interrupt_IRQHandler [WEAK] + EXPORT scb_6_interrupt_IRQHandler [WEAK] + EXPORT scb_7_interrupt_IRQHandler [WEAK] + EXPORT scb_9_interrupt_IRQHandler [WEAK] + EXPORT scb_10_interrupt_IRQHandler [WEAK] + EXPORT scb_11_interrupt_IRQHandler [WEAK] + EXPORT scb_12_interrupt_IRQHandler [WEAK] + EXPORT csd_interrupt_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dmac_0_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dmac_1_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dmac_2_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dmac_3_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_0_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_1_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_2_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_3_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_4_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_5_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_6_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_7_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_8_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_9_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_10_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_11_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_12_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_13_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_14_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_15_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_16_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_17_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_18_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_19_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_20_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_21_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_22_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_23_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_24_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_25_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_26_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_27_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw0_28_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_0_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_1_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_2_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_3_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_4_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_5_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_6_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_7_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_8_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_9_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_10_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_11_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_12_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_13_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_14_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_15_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_16_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_17_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_18_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_19_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_20_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_21_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_22_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_23_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_24_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_25_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_26_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_27_IRQHandler [WEAK] + EXPORT cpuss_interrupts_dw1_28_IRQHandler [WEAK] + EXPORT cpuss_interrupts_fault_0_IRQHandler [WEAK] + EXPORT cpuss_interrupts_fault_1_IRQHandler [WEAK] + EXPORT cpuss_interrupt_crypto_IRQHandler [WEAK] + EXPORT cpuss_interrupt_fm_IRQHandler [WEAK] + EXPORT cpuss_interrupts_cm4_fp_IRQHandler [WEAK] + EXPORT cpuss_interrupts_cm0_cti_0_IRQHandler [WEAK] + EXPORT cpuss_interrupts_cm0_cti_1_IRQHandler [WEAK] + EXPORT cpuss_interrupts_cm4_cti_0_IRQHandler [WEAK] + EXPORT cpuss_interrupts_cm4_cti_1_IRQHandler [WEAK] + EXPORT tcpwm_0_interrupts_0_IRQHandler [WEAK] + EXPORT tcpwm_0_interrupts_1_IRQHandler [WEAK] + EXPORT tcpwm_0_interrupts_2_IRQHandler [WEAK] + EXPORT tcpwm_0_interrupts_3_IRQHandler [WEAK] + EXPORT tcpwm_0_interrupts_4_IRQHandler [WEAK] + EXPORT tcpwm_0_interrupts_5_IRQHandler [WEAK] + EXPORT tcpwm_0_interrupts_6_IRQHandler [WEAK] + EXPORT tcpwm_0_interrupts_7_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_0_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_1_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_2_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_3_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_4_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_5_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_6_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_7_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_8_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_9_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_10_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_11_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_12_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_13_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_14_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_15_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_16_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_17_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_18_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_19_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_20_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_21_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_22_IRQHandler [WEAK] + EXPORT tcpwm_1_interrupts_23_IRQHandler [WEAK] + EXPORT pass_interrupt_sar_IRQHandler [WEAK] + EXPORT audioss_0_interrupt_i2s_IRQHandler [WEAK] + EXPORT audioss_0_interrupt_pdm_IRQHandler [WEAK] + EXPORT audioss_1_interrupt_i2s_IRQHandler [WEAK] + EXPORT profile_interrupt_IRQHandler [WEAK] + EXPORT smif_interrupt_IRQHandler [WEAK] + EXPORT usb_interrupt_hi_IRQHandler [WEAK] + EXPORT usb_interrupt_med_IRQHandler [WEAK] + EXPORT usb_interrupt_lo_IRQHandler [WEAK] + EXPORT sdhc_0_interrupt_wakeup_IRQHandler [WEAK] + EXPORT sdhc_0_interrupt_general_IRQHandler [WEAK] + EXPORT sdhc_1_interrupt_wakeup_IRQHandler [WEAK] + EXPORT sdhc_1_interrupt_general_IRQHandler [WEAK] + +ioss_interrupts_gpio_0_IRQHandler +ioss_interrupts_gpio_1_IRQHandler +ioss_interrupts_gpio_2_IRQHandler +ioss_interrupts_gpio_3_IRQHandler +ioss_interrupts_gpio_4_IRQHandler +ioss_interrupts_gpio_5_IRQHandler +ioss_interrupts_gpio_6_IRQHandler +ioss_interrupts_gpio_7_IRQHandler +ioss_interrupts_gpio_8_IRQHandler +ioss_interrupts_gpio_9_IRQHandler +ioss_interrupts_gpio_10_IRQHandler +ioss_interrupts_gpio_11_IRQHandler +ioss_interrupts_gpio_12_IRQHandler +ioss_interrupts_gpio_13_IRQHandler +ioss_interrupts_gpio_14_IRQHandler +ioss_interrupt_gpio_IRQHandler +ioss_interrupt_vdd_IRQHandler +lpcomp_interrupt_IRQHandler +scb_8_interrupt_IRQHandler +srss_interrupt_mcwdt_0_IRQHandler +srss_interrupt_mcwdt_1_IRQHandler +srss_interrupt_backup_IRQHandler +srss_interrupt_IRQHandler +cpuss_interrupts_ipc_0_IRQHandler +cpuss_interrupts_ipc_1_IRQHandler +cpuss_interrupts_ipc_2_IRQHandler +cpuss_interrupts_ipc_3_IRQHandler +cpuss_interrupts_ipc_4_IRQHandler +cpuss_interrupts_ipc_5_IRQHandler +cpuss_interrupts_ipc_6_IRQHandler +cpuss_interrupts_ipc_7_IRQHandler +cpuss_interrupts_ipc_8_IRQHandler +cpuss_interrupts_ipc_9_IRQHandler +cpuss_interrupts_ipc_10_IRQHandler +cpuss_interrupts_ipc_11_IRQHandler +cpuss_interrupts_ipc_12_IRQHandler +cpuss_interrupts_ipc_13_IRQHandler +cpuss_interrupts_ipc_14_IRQHandler +cpuss_interrupts_ipc_15_IRQHandler +scb_0_interrupt_IRQHandler +scb_1_interrupt_IRQHandler +scb_2_interrupt_IRQHandler +scb_3_interrupt_IRQHandler +scb_4_interrupt_IRQHandler +scb_5_interrupt_IRQHandler +scb_6_interrupt_IRQHandler +scb_7_interrupt_IRQHandler +scb_9_interrupt_IRQHandler +scb_10_interrupt_IRQHandler +scb_11_interrupt_IRQHandler +scb_12_interrupt_IRQHandler +csd_interrupt_IRQHandler +cpuss_interrupts_dmac_0_IRQHandler +cpuss_interrupts_dmac_1_IRQHandler +cpuss_interrupts_dmac_2_IRQHandler +cpuss_interrupts_dmac_3_IRQHandler +cpuss_interrupts_dw0_0_IRQHandler +cpuss_interrupts_dw0_1_IRQHandler +cpuss_interrupts_dw0_2_IRQHandler +cpuss_interrupts_dw0_3_IRQHandler +cpuss_interrupts_dw0_4_IRQHandler +cpuss_interrupts_dw0_5_IRQHandler +cpuss_interrupts_dw0_6_IRQHandler +cpuss_interrupts_dw0_7_IRQHandler +cpuss_interrupts_dw0_8_IRQHandler +cpuss_interrupts_dw0_9_IRQHandler +cpuss_interrupts_dw0_10_IRQHandler +cpuss_interrupts_dw0_11_IRQHandler +cpuss_interrupts_dw0_12_IRQHandler +cpuss_interrupts_dw0_13_IRQHandler +cpuss_interrupts_dw0_14_IRQHandler +cpuss_interrupts_dw0_15_IRQHandler +cpuss_interrupts_dw0_16_IRQHandler +cpuss_interrupts_dw0_17_IRQHandler +cpuss_interrupts_dw0_18_IRQHandler +cpuss_interrupts_dw0_19_IRQHandler +cpuss_interrupts_dw0_20_IRQHandler +cpuss_interrupts_dw0_21_IRQHandler +cpuss_interrupts_dw0_22_IRQHandler +cpuss_interrupts_dw0_23_IRQHandler +cpuss_interrupts_dw0_24_IRQHandler +cpuss_interrupts_dw0_25_IRQHandler +cpuss_interrupts_dw0_26_IRQHandler +cpuss_interrupts_dw0_27_IRQHandler +cpuss_interrupts_dw0_28_IRQHandler +cpuss_interrupts_dw1_0_IRQHandler +cpuss_interrupts_dw1_1_IRQHandler +cpuss_interrupts_dw1_2_IRQHandler +cpuss_interrupts_dw1_3_IRQHandler +cpuss_interrupts_dw1_4_IRQHandler +cpuss_interrupts_dw1_5_IRQHandler +cpuss_interrupts_dw1_6_IRQHandler +cpuss_interrupts_dw1_7_IRQHandler +cpuss_interrupts_dw1_8_IRQHandler +cpuss_interrupts_dw1_9_IRQHandler +cpuss_interrupts_dw1_10_IRQHandler +cpuss_interrupts_dw1_11_IRQHandler +cpuss_interrupts_dw1_12_IRQHandler +cpuss_interrupts_dw1_13_IRQHandler +cpuss_interrupts_dw1_14_IRQHandler +cpuss_interrupts_dw1_15_IRQHandler +cpuss_interrupts_dw1_16_IRQHandler +cpuss_interrupts_dw1_17_IRQHandler +cpuss_interrupts_dw1_18_IRQHandler +cpuss_interrupts_dw1_19_IRQHandler +cpuss_interrupts_dw1_20_IRQHandler +cpuss_interrupts_dw1_21_IRQHandler +cpuss_interrupts_dw1_22_IRQHandler +cpuss_interrupts_dw1_23_IRQHandler +cpuss_interrupts_dw1_24_IRQHandler +cpuss_interrupts_dw1_25_IRQHandler +cpuss_interrupts_dw1_26_IRQHandler +cpuss_interrupts_dw1_27_IRQHandler +cpuss_interrupts_dw1_28_IRQHandler +cpuss_interrupts_fault_0_IRQHandler +cpuss_interrupts_fault_1_IRQHandler +cpuss_interrupt_crypto_IRQHandler +cpuss_interrupt_fm_IRQHandler +cpuss_interrupts_cm4_fp_IRQHandler +cpuss_interrupts_cm0_cti_0_IRQHandler +cpuss_interrupts_cm0_cti_1_IRQHandler +cpuss_interrupts_cm4_cti_0_IRQHandler +cpuss_interrupts_cm4_cti_1_IRQHandler +tcpwm_0_interrupts_0_IRQHandler +tcpwm_0_interrupts_1_IRQHandler +tcpwm_0_interrupts_2_IRQHandler +tcpwm_0_interrupts_3_IRQHandler +tcpwm_0_interrupts_4_IRQHandler +tcpwm_0_interrupts_5_IRQHandler +tcpwm_0_interrupts_6_IRQHandler +tcpwm_0_interrupts_7_IRQHandler +tcpwm_1_interrupts_0_IRQHandler +tcpwm_1_interrupts_1_IRQHandler +tcpwm_1_interrupts_2_IRQHandler +tcpwm_1_interrupts_3_IRQHandler +tcpwm_1_interrupts_4_IRQHandler +tcpwm_1_interrupts_5_IRQHandler +tcpwm_1_interrupts_6_IRQHandler +tcpwm_1_interrupts_7_IRQHandler +tcpwm_1_interrupts_8_IRQHandler +tcpwm_1_interrupts_9_IRQHandler +tcpwm_1_interrupts_10_IRQHandler +tcpwm_1_interrupts_11_IRQHandler +tcpwm_1_interrupts_12_IRQHandler +tcpwm_1_interrupts_13_IRQHandler +tcpwm_1_interrupts_14_IRQHandler +tcpwm_1_interrupts_15_IRQHandler +tcpwm_1_interrupts_16_IRQHandler +tcpwm_1_interrupts_17_IRQHandler +tcpwm_1_interrupts_18_IRQHandler +tcpwm_1_interrupts_19_IRQHandler +tcpwm_1_interrupts_20_IRQHandler +tcpwm_1_interrupts_21_IRQHandler +tcpwm_1_interrupts_22_IRQHandler +tcpwm_1_interrupts_23_IRQHandler +pass_interrupt_sar_IRQHandler +audioss_0_interrupt_i2s_IRQHandler +audioss_0_interrupt_pdm_IRQHandler +audioss_1_interrupt_i2s_IRQHandler +profile_interrupt_IRQHandler +smif_interrupt_IRQHandler +usb_interrupt_hi_IRQHandler +usb_interrupt_med_IRQHandler +usb_interrupt_lo_IRQHandler +sdhc_0_interrupt_wakeup_IRQHandler +sdhc_0_interrupt_general_IRQHandler +sdhc_1_interrupt_wakeup_IRQHandler +sdhc_1_interrupt_general_IRQHandler + + B . + ENDP + + ALIGN + + +; User Initial Stack & Heap + IMPORT __use_two_region_memory + + END + + +; [] END OF FILE diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/TOOLCHAIN_GCC_ARM/cyb06xxa_cm4_dual.ld b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/TOOLCHAIN_GCC_ARM/cyb06xxa_cm4_dual.ld new file mode 100644 index 0000000..fcf026f --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/TOOLCHAIN_GCC_ARM/cyb06xxa_cm4_dual.ld @@ -0,0 +1,459 @@ +/***************************************************************************//** +* \file cyb06xxa_cm4_dual.ld +* \version 2.80 +* +* Linker file for the GNU C compiler. +* +* The main purpose of the linker script is to describe how the sections in the +* input files should be mapped into the output file, and to control the memory +* layout of the output file. +* +* \note The entry point location is fixed and starts at 0x10000000. The valid +* application image should be placed there. +* +* \note The linker files included with the PDL template projects must be generic +* and handle all common use cases. Your project may not use every section +* defined in the linker files. In that case you may see warnings during the +* build process. In your project, you can simply comment out or remove the +* relevant code in the linker file. +* +******************************************************************************** +* \copyright +* Copyright 2016-2020 Cypress Semiconductor Corporation +* Copyright 2020 Arm Limited +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*******************************************************************************/ + +OUTPUT_FORMAT ("elf32-littlearm", "elf32-bigarm", "elf32-littlearm") +SEARCH_DIR(.) +GROUP(-lgcc -lc -lnosys) +ENTRY(Reset_Handler) + +#include "../../../partition/region_defs.h" + +/* The size of the MCU boot header area at the start of FLASH */ +BOOT_HEADER_SIZE = 0x400; + +#if !defined(MBED_ROM_START) + #define MBED_ROM_START NS_CODE_START +#endif + +/* MBED_APP_START is being used by the bootloader build script and +* will be calculate by the system. In case if MBED_APP_START address is +* customized by the bootloader config, the application image should not +* include CM0p prebuilt image. +*/ +#if !defined(MBED_APP_START) + #define MBED_APP_START MBED_ROM_START +#endif + +#if !defined(MBED_ROM_SIZE) + #define MBED_ROM_SIZE NS_CODE_SIZE +#endif + +/* MBED_APP_SIZE is being used by the bootloader build script and +* will be calculate by the system. +*/ +#if !defined(MBED_APP_SIZE) + #define MBED_APP_SIZE MBED_ROM_SIZE +#endif + +#if !defined(MBED_RAM_START) + #define MBED_RAM_START NS_DATA_START +#endif + +#if !defined(MBED_RAM_SIZE) + #define MBED_RAM_SIZE NS_DATA_SIZE +#endif + +#if !defined(MBED_BOOT_STACK_SIZE) + #define MBED_BOOT_STACK_SIZE NS_MSP_STACK_SIZE +#endif + +/* Shared memory area between Non-Secure and Secure */ +#define MBED_DATA_SHARED_SIZE NS_DATA_SHARED_SIZE + +/* Force symbol to be entered in the output file as an undefined symbol. Doing +* this may, for example, trigger linking of additional modules from standard +* libraries. You may list several symbols for each EXTERN, and you may use +* EXTERN multiple times. This command has the same effect as the -u command-line +* option. +*/ +EXTERN(Reset_Handler) + +/* The MEMORY section below describes the location and size of blocks of memory in the target. +* Use this section to specify the memory regions available for allocation. +*/ +MEMORY +{ + /* The ram and flash regions control RAM and flash memory allocation for the CM4 core. + * You can change the memory allocation by editing the 'ram' and 'flash' regions. + * Using this memory region for other purposes will lead to unexpected behavior. + * Your changes must be aligned with the corresponding memory regions for CM0+ core in 'xx_cm0plus.ld', + * where 'xx' is the device group; for example, 'cyb06xxa_cm0plus.ld'. + */ + ram (rwx) : ORIGIN = MBED_RAM_START, LENGTH = MBED_RAM_SIZE + flash (rx) : ORIGIN = MBED_APP_START, LENGTH = MBED_APP_SIZE + + /* This is a 32K flash region used for EEPROM emulation. This region can also be used as the general purpose flash. + * You can assign sections to this memory region for only one of the cores. + * Note some middleware (e.g. BLE, Emulated EEPROM) can place their data into this memory region. + * Therefore, repurposing this memory region will prevent such middleware from operation. + */ + em_eeprom (rx) : ORIGIN = 0x14000000, LENGTH = 0x8000 /* 32 KB */ + + /* The following regions define device specific memory regions and must not be changed. */ + sflash_user_data (rx) : ORIGIN = 0x16000800, LENGTH = 0x800 /* Supervisory flash: User data */ + sflash_nar (rx) : ORIGIN = 0x16001A00, LENGTH = 0x200 /* Supervisory flash: Normal Access Restrictions (NAR) */ + sflash_public_key (rx) : ORIGIN = 0x16005A00, LENGTH = 0xC00 /* Supervisory flash: Public Key */ + sflash_toc_2 (rx) : ORIGIN = 0x16007C00, LENGTH = 0x200 /* Supervisory flash: Table of Content # 2 */ + sflash_rtoc_2 (rx) : ORIGIN = 0x16007E00, LENGTH = 0x200 /* Supervisory flash: Table of Content # 2 Copy */ + xip (rx) : ORIGIN = 0x18000000, LENGTH = 0x8000000 /* 128 MB */ + efuse (r) : ORIGIN = 0x90700000, LENGTH = 0x100000 /* 1 MB */ +} + +/* Library configurations */ +GROUP(libgcc.a libc.a libm.a libnosys.a) + +/* Linker script to place sections and symbol values. Should be used together + * with other linker script that defines memory regions FLASH and RAM. + * It references following symbols, which must be defined in code: + * Reset_Handler : Entry of reset handler + * + * It defines following symbols, which code can use without definition: + * __exidx_start + * __exidx_end + * __copy_table_start__ + * __copy_table_end__ + * __zero_table_start__ + * __zero_table_end__ + * __etext + * __data_start__ + * __preinit_array_start + * __preinit_array_end + * __init_array_start + * __init_array_end + * __fini_array_start + * __fini_array_end + * __data_end__ + * __bss_start__ + * __bss_end__ + * __end__ + * end + * __HeapLimit + * __StackLimit + * __StackTop + * __stack + * __Vectors_End + * __Vectors_Size + */ + + +SECTIONS +{ + /* Cortex-M4 application flash area */ + .text ORIGIN(flash) : + { + . = ALIGN(4); + __Vectors = . ; + KEEP(*(.vectors)) + . = ALIGN(4); + __Vectors_End = .; + __Vectors_Size = __Vectors_End - __Vectors; + __end__ = .; + + . = ALIGN(4); + *(.text*) + + KEEP(*(.init)) + KEEP(*(.fini)) + + /* .ctors */ + *crtbegin.o(.ctors) + *crtbegin?.o(.ctors) + *(EXCLUDE_FILE(*crtend?.o *crtend.o) .ctors) + *(SORT(.ctors.*)) + *(.ctors) + + /* .dtors */ + *crtbegin.o(.dtors) + *crtbegin?.o(.dtors) + *(EXCLUDE_FILE(*crtend?.o *crtend.o) .dtors) + *(SORT(.dtors.*)) + *(.dtors) + + /* Read-only code (constants). */ + *(.rodata .rodata.* .constdata .constdata.* .conststring .conststring.*) + + KEEP(*(.eh_frame*)) + } > flash + + + .ARM.extab : + { + *(.ARM.extab* .gnu.linkonce.armextab.*) + } > flash + + __exidx_start = .; + + .ARM.exidx : + { + *(.ARM.exidx* .gnu.linkonce.armexidx.*) + } > flash + __exidx_end = .; + + + /* To copy multiple ROM to RAM sections, + * uncomment .copy.table section and, + * define __STARTUP_COPY_MULTIPLE in startup_psoc6_02_cm4.S */ + .copy.table : + { + . = ALIGN(4); + __copy_table_start__ = .; + + /* Copy interrupt vectors from flash to RAM */ + LONG (__Vectors) /* From */ + LONG (__ram_vectors_start__) /* To */ + LONG (__Vectors_End - __Vectors) /* Size */ + + /* Copy data section to RAM */ + LONG (__etext) /* From */ + LONG (__data_start__) /* To */ + LONG (__data_end__ - __data_start__) /* Size */ + + __copy_table_end__ = .; + } > flash + + + /* To clear multiple BSS sections, + * uncomment .zero.table section and, + * define __STARTUP_CLEAR_BSS_MULTIPLE in startup_psoc6_02_cm4.S */ + .zero.table : + { + . = ALIGN(4); + __zero_table_start__ = .; + LONG (__bss_start__) + LONG (__bss_end__ - __bss_start__) + __zero_table_end__ = .; + } > flash + + __etext = . ; + + + .ramVectors (NOLOAD) : ALIGN(8) + { + __ram_vectors_start__ = .; + KEEP(*(.ram_vectors)) + __ram_vectors_end__ = .; + } > ram + + + .data __ram_vectors_end__ : AT (__etext) + { + __data_start__ = .; + + *(vtable) + *(.data*) + + . = ALIGN(4); + /* preinit data */ + PROVIDE_HIDDEN (__preinit_array_start = .); + KEEP(*(.preinit_array)) + PROVIDE_HIDDEN (__preinit_array_end = .); + + . = ALIGN(4); + /* init data */ + PROVIDE_HIDDEN (__init_array_start = .); + KEEP(*(SORT(.init_array.*))) + KEEP(*(.init_array)) + PROVIDE_HIDDEN (__init_array_end = .); + + . = ALIGN(4); + /* finit data */ + PROVIDE_HIDDEN (__fini_array_start = .); + KEEP(*(SORT(.fini_array.*))) + KEEP(*(.fini_array)) + PROVIDE_HIDDEN (__fini_array_end = .); + + KEEP(*(.jcr*)) + . = ALIGN(4); + + KEEP(*(.cy_ramfunc*)) + . = ALIGN(4); + + __data_end__ = .; + + } > ram + + + /* Place variables in the section that should not be initialized during the + * device startup. + */ + .noinit (NOLOAD) : ALIGN(8) + { + KEEP(*(.noinit)) + } > ram + + + /* The uninitialized global or static variables are placed in this section. + * + * The NOLOAD attribute tells linker that .bss section does not consume + * any space in the image. The NOLOAD attribute changes the .bss type to + * NOBITS, and that makes linker to A) not allocate section in memory, and + * A) put information to clear the section with all zeros during application + * loading. + * + * Without the NOLOAD attribute, the .bss section might get PROGBITS type. + * This makes linker to A) allocate zeroed section in memory, and B) copy + * this section to RAM during application loading. + */ + .bss (NOLOAD): + { + . = ALIGN(4); + __bss_start__ = .; + *(.bss*) + *(COMMON) + . = ALIGN(4); + __bss_end__ = .; + } > ram + + + .heap (NOLOAD): + { + __HeapBase = .; + __end__ = .; + end = __end__; + KEEP(*(.heap*)) + . = ORIGIN(ram) + LENGTH(ram) - MBED_BOOT_STACK_SIZE - MBED_DATA_SHARED_SIZE; + . = ALIGN(4); + __StackLimit = .; + __HeapLimit = .; + } > ram + + + __StackTop = (__StackLimit + MBED_BOOT_STACK_SIZE + 3) & 0xFFFFFFFC; + PROVIDE(__stack = __StackTop); + + .shared __StackTop (NOLOAD): + { + __SharedStart = .; + . += MBED_DATA_SHARED_SIZE; + KEEP(*(.shared*)) + __SharedLimit = .; + } > ram + + /* Check if Shared area overflowed within RAM */ + ASSERT(__SharedLimit == ORIGIN(ram) + LENGTH(ram), "Shared area overflowed within RAM") + + /* Used for the digital signature of the secure application and the Bootloader SDK application. + * The size of the section depends on the required data size. */ + .cy_app_signature ORIGIN(flash) + LENGTH(flash) - 256 : + { + KEEP(*(.cy_app_signature)) + } > flash + + + /* Emulated EEPROM Flash area */ + .cy_em_eeprom : + { + KEEP(*(.cy_em_eeprom)) + } > em_eeprom + + + /* Supervisory Flash: User data */ + .cy_sflash_user_data : + { + KEEP(*(.cy_sflash_user_data)) + } > sflash_user_data + + + /* Supervisory Flash: Normal Access Restrictions (NAR) */ + .cy_sflash_nar : + { + KEEP(*(.cy_sflash_nar)) + } > sflash_nar + + + /* Supervisory Flash: Public Key */ + .cy_sflash_public_key : + { + KEEP(*(.cy_sflash_public_key)) + } > sflash_public_key + + + /* Supervisory Flash: Table of Content # 2 */ + .cy_toc_part2 : + { + KEEP(*(.cy_toc_part2)) + } > sflash_toc_2 + + + /* Supervisory Flash: Table of Content # 2 Copy */ + .cy_rtoc_part2 : + { + KEEP(*(.cy_rtoc_part2)) + } > sflash_rtoc_2 + + + /* Places the code in the Execute in Place (XIP) section. See the smif driver + * documentation for details. + */ + .cy_xip : + { + KEEP(*(.cy_xip)) + } > xip + + + /* eFuse */ + .cy_efuse : + { + KEEP(*(.cy_efuse)) + } > efuse + + + /* These sections are used for additional metadata (silicon revision, + * Silicon/JTAG ID, etc.) storage. + */ + .cymeta 0x90500000 : { KEEP(*(.cymeta)) } :NONE +} + + +/* The following symbols used by the cymcuelftool. */ +/* Flash */ +__cy_memory_0_start = 0x10000000; +__cy_memory_0_length = 0x001D0000; +__cy_memory_0_row_size = 0x200; + +/* Emulated EEPROM Flash area */ +__cy_memory_1_start = 0x14000000; +__cy_memory_1_length = 0x8000; +__cy_memory_1_row_size = 0x200; + +/* Supervisory Flash */ +__cy_memory_2_start = 0x16000000; +__cy_memory_2_length = 0x8000; +__cy_memory_2_row_size = 0x200; + +/* XIP */ +__cy_memory_3_start = 0x18000000; +__cy_memory_3_length = 0x08000000; +__cy_memory_3_row_size = 0x200; + +/* eFuse */ +__cy_memory_4_start = 0x90700000; +__cy_memory_4_length = 0x100000; +__cy_memory_4_row_size = 1; + +/* EOF */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/TOOLCHAIN_GCC_ARM/startup_psoc6_02_cm4.S b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/TOOLCHAIN_GCC_ARM/startup_psoc6_02_cm4.S new file mode 100755 index 0000000..1ebcac3 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/TOOLCHAIN_GCC_ARM/startup_psoc6_02_cm4.S @@ -0,0 +1,673 @@ +/**************************************************************************//** + * @file startup_psoc6_02_cm4.S + * @brief CMSIS Core Device Startup File for + * ARMCM4 Device Series + * @version V5.00 + * @date 02. March 2016 + ******************************************************************************/ +/* + * Copyright (c) 2009-2016 ARM Limited. All rights reserved. + * + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the License); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an AS IS BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + /* Address of the NMI handler */ + #define CY_NMI_HANLDER_ADDR 0x0000000D + + /* The CPU VTOR register */ + #define CY_CPU_VTOR_ADDR 0xE000ED08 + + /* Copy flash vectors and data section to RAM */ + #define __STARTUP_COPY_MULTIPLE + + /* Clear single BSS section */ + #define __STARTUP_CLEAR_BSS + + .syntax unified + .arch armv7-m + + .section .stack + .align 3 +#ifdef __STACK_SIZE + .equ Stack_Size, __STACK_SIZE +#else + .equ Stack_Size, 0x00001000 +#endif + .globl __StackTop + .globl __StackLimit +__StackLimit: + .space Stack_Size + .size __StackLimit, . - __StackLimit +__StackTop: + .size __StackTop, . - __StackTop + + .section .heap + .align 3 +#ifdef __HEAP_SIZE + .equ Heap_Size, __HEAP_SIZE +#else + .equ Heap_Size, 0x00000400 +#endif + .globl __HeapBase + .globl __HeapLimit +__HeapBase: + .if Heap_Size + .space Heap_Size + .endif + .size __HeapBase, . - __HeapBase +__HeapLimit: + .size __HeapLimit, . - __HeapLimit + + .section .vectors + .align 2 + .globl __Vectors +__Vectors: + .long __StackTop /* Top of Stack */ + .long Reset_Handler /* Reset Handler */ + .long CY_NMI_HANLDER_ADDR /* NMI Handler */ + .long HardFault_Handler /* Hard Fault Handler */ + .long MemManage_Handler /* MPU Fault Handler */ + .long BusFault_Handler /* Bus Fault Handler */ + .long UsageFault_Handler /* Usage Fault Handler */ + .long 0 /* Reserved */ + .long 0 /* Reserved */ + .long 0 /* Reserved */ + .long 0 /* Reserved */ + .long SVC_Handler /* SVCall Handler */ + .long DebugMon_Handler /* Debug Monitor Handler */ + .long 0 /* Reserved */ + .long PendSV_Handler /* PendSV Handler */ + .long SysTick_Handler /* SysTick Handler */ + + /* External interrupts Description */ + .long ioss_interrupts_gpio_0_IRQHandler /* GPIO Port Interrupt #0 */ + .long ioss_interrupts_gpio_1_IRQHandler /* GPIO Port Interrupt #1 */ + .long ioss_interrupts_gpio_2_IRQHandler /* GPIO Port Interrupt #2 */ + .long ioss_interrupts_gpio_3_IRQHandler /* GPIO Port Interrupt #3 */ + .long ioss_interrupts_gpio_4_IRQHandler /* GPIO Port Interrupt #4 */ + .long ioss_interrupts_gpio_5_IRQHandler /* GPIO Port Interrupt #5 */ + .long ioss_interrupts_gpio_6_IRQHandler /* GPIO Port Interrupt #6 */ + .long ioss_interrupts_gpio_7_IRQHandler /* GPIO Port Interrupt #7 */ + .long ioss_interrupts_gpio_8_IRQHandler /* GPIO Port Interrupt #8 */ + .long ioss_interrupts_gpio_9_IRQHandler /* GPIO Port Interrupt #9 */ + .long ioss_interrupts_gpio_10_IRQHandler /* GPIO Port Interrupt #10 */ + .long ioss_interrupts_gpio_11_IRQHandler /* GPIO Port Interrupt #11 */ + .long ioss_interrupts_gpio_12_IRQHandler /* GPIO Port Interrupt #12 */ + .long ioss_interrupts_gpio_13_IRQHandler /* GPIO Port Interrupt #13 */ + .long ioss_interrupts_gpio_14_IRQHandler /* GPIO Port Interrupt #14 */ + .long ioss_interrupt_gpio_IRQHandler /* GPIO All Ports */ + .long ioss_interrupt_vdd_IRQHandler /* GPIO Supply Detect Interrupt */ + .long lpcomp_interrupt_IRQHandler /* Low Power Comparator Interrupt */ + .long scb_8_interrupt_IRQHandler /* Serial Communication Block #8 (DeepSleep capable) */ + .long srss_interrupt_mcwdt_0_IRQHandler /* Multi Counter Watchdog Timer interrupt */ + .long srss_interrupt_mcwdt_1_IRQHandler /* Multi Counter Watchdog Timer interrupt */ + .long srss_interrupt_backup_IRQHandler /* Backup domain interrupt */ + .long srss_interrupt_IRQHandler /* Other combined Interrupts for SRSS (LVD, WDT, CLKCAL) */ + .long cpuss_interrupts_ipc_0_IRQHandler /* CPUSS Inter Process Communication Interrupt #0 */ + .long cpuss_interrupts_ipc_1_IRQHandler /* CPUSS Inter Process Communication Interrupt #1 */ + .long cpuss_interrupts_ipc_2_IRQHandler /* CPUSS Inter Process Communication Interrupt #2 */ + .long cpuss_interrupts_ipc_3_IRQHandler /* CPUSS Inter Process Communication Interrupt #3 */ + .long cpuss_interrupts_ipc_4_IRQHandler /* CPUSS Inter Process Communication Interrupt #4 */ + .long cpuss_interrupts_ipc_5_IRQHandler /* CPUSS Inter Process Communication Interrupt #5 */ + .long cpuss_interrupts_ipc_6_IRQHandler /* CPUSS Inter Process Communication Interrupt #6 */ + .long cpuss_interrupts_ipc_7_IRQHandler /* CPUSS Inter Process Communication Interrupt #7 */ + .long cpuss_interrupts_ipc_8_IRQHandler /* CPUSS Inter Process Communication Interrupt #8 */ + .long cpuss_interrupts_ipc_9_IRQHandler /* CPUSS Inter Process Communication Interrupt #9 */ + .long cpuss_interrupts_ipc_10_IRQHandler /* CPUSS Inter Process Communication Interrupt #10 */ + .long cpuss_interrupts_ipc_11_IRQHandler /* CPUSS Inter Process Communication Interrupt #11 */ + .long cpuss_interrupts_ipc_12_IRQHandler /* CPUSS Inter Process Communication Interrupt #12 */ + .long cpuss_interrupts_ipc_13_IRQHandler /* CPUSS Inter Process Communication Interrupt #13 */ + .long cpuss_interrupts_ipc_14_IRQHandler /* CPUSS Inter Process Communication Interrupt #14 */ + .long cpuss_interrupts_ipc_15_IRQHandler /* CPUSS Inter Process Communication Interrupt #15 */ + .long scb_0_interrupt_IRQHandler /* Serial Communication Block #0 */ + .long scb_1_interrupt_IRQHandler /* Serial Communication Block #1 */ + .long scb_2_interrupt_IRQHandler /* Serial Communication Block #2 */ + .long scb_3_interrupt_IRQHandler /* Serial Communication Block #3 */ + .long scb_4_interrupt_IRQHandler /* Serial Communication Block #4 */ + .long scb_5_interrupt_IRQHandler /* Serial Communication Block #5 */ + .long scb_6_interrupt_IRQHandler /* Serial Communication Block #6 */ + .long scb_7_interrupt_IRQHandler /* Serial Communication Block #7 */ + .long scb_9_interrupt_IRQHandler /* Serial Communication Block #9 */ + .long scb_10_interrupt_IRQHandler /* Serial Communication Block #10 */ + .long scb_11_interrupt_IRQHandler /* Serial Communication Block #11 */ + .long scb_12_interrupt_IRQHandler /* Serial Communication Block #12 */ + .long csd_interrupt_IRQHandler /* CSD (Capsense) interrupt */ + .long cpuss_interrupts_dmac_0_IRQHandler /* CPUSS DMAC, Channel #0 */ + .long cpuss_interrupts_dmac_1_IRQHandler /* CPUSS DMAC, Channel #1 */ + .long cpuss_interrupts_dmac_2_IRQHandler /* CPUSS DMAC, Channel #2 */ + .long cpuss_interrupts_dmac_3_IRQHandler /* CPUSS DMAC, Channel #3 */ + .long cpuss_interrupts_dw0_0_IRQHandler /* CPUSS DataWire #0, Channel #0 */ + .long cpuss_interrupts_dw0_1_IRQHandler /* CPUSS DataWire #0, Channel #1 */ + .long cpuss_interrupts_dw0_2_IRQHandler /* CPUSS DataWire #0, Channel #2 */ + .long cpuss_interrupts_dw0_3_IRQHandler /* CPUSS DataWire #0, Channel #3 */ + .long cpuss_interrupts_dw0_4_IRQHandler /* CPUSS DataWire #0, Channel #4 */ + .long cpuss_interrupts_dw0_5_IRQHandler /* CPUSS DataWire #0, Channel #5 */ + .long cpuss_interrupts_dw0_6_IRQHandler /* CPUSS DataWire #0, Channel #6 */ + .long cpuss_interrupts_dw0_7_IRQHandler /* CPUSS DataWire #0, Channel #7 */ + .long cpuss_interrupts_dw0_8_IRQHandler /* CPUSS DataWire #0, Channel #8 */ + .long cpuss_interrupts_dw0_9_IRQHandler /* CPUSS DataWire #0, Channel #9 */ + .long cpuss_interrupts_dw0_10_IRQHandler /* CPUSS DataWire #0, Channel #10 */ + .long cpuss_interrupts_dw0_11_IRQHandler /* CPUSS DataWire #0, Channel #11 */ + .long cpuss_interrupts_dw0_12_IRQHandler /* CPUSS DataWire #0, Channel #12 */ + .long cpuss_interrupts_dw0_13_IRQHandler /* CPUSS DataWire #0, Channel #13 */ + .long cpuss_interrupts_dw0_14_IRQHandler /* CPUSS DataWire #0, Channel #14 */ + .long cpuss_interrupts_dw0_15_IRQHandler /* CPUSS DataWire #0, Channel #15 */ + .long cpuss_interrupts_dw0_16_IRQHandler /* CPUSS DataWire #0, Channel #16 */ + .long cpuss_interrupts_dw0_17_IRQHandler /* CPUSS DataWire #0, Channel #17 */ + .long cpuss_interrupts_dw0_18_IRQHandler /* CPUSS DataWire #0, Channel #18 */ + .long cpuss_interrupts_dw0_19_IRQHandler /* CPUSS DataWire #0, Channel #19 */ + .long cpuss_interrupts_dw0_20_IRQHandler /* CPUSS DataWire #0, Channel #20 */ + .long cpuss_interrupts_dw0_21_IRQHandler /* CPUSS DataWire #0, Channel #21 */ + .long cpuss_interrupts_dw0_22_IRQHandler /* CPUSS DataWire #0, Channel #22 */ + .long cpuss_interrupts_dw0_23_IRQHandler /* CPUSS DataWire #0, Channel #23 */ + .long cpuss_interrupts_dw0_24_IRQHandler /* CPUSS DataWire #0, Channel #24 */ + .long cpuss_interrupts_dw0_25_IRQHandler /* CPUSS DataWire #0, Channel #25 */ + .long cpuss_interrupts_dw0_26_IRQHandler /* CPUSS DataWire #0, Channel #26 */ + .long cpuss_interrupts_dw0_27_IRQHandler /* CPUSS DataWire #0, Channel #27 */ + .long cpuss_interrupts_dw0_28_IRQHandler /* CPUSS DataWire #0, Channel #28 */ + .long cpuss_interrupts_dw1_0_IRQHandler /* CPUSS DataWire #1, Channel #0 */ + .long cpuss_interrupts_dw1_1_IRQHandler /* CPUSS DataWire #1, Channel #1 */ + .long cpuss_interrupts_dw1_2_IRQHandler /* CPUSS DataWire #1, Channel #2 */ + .long cpuss_interrupts_dw1_3_IRQHandler /* CPUSS DataWire #1, Channel #3 */ + .long cpuss_interrupts_dw1_4_IRQHandler /* CPUSS DataWire #1, Channel #4 */ + .long cpuss_interrupts_dw1_5_IRQHandler /* CPUSS DataWire #1, Channel #5 */ + .long cpuss_interrupts_dw1_6_IRQHandler /* CPUSS DataWire #1, Channel #6 */ + .long cpuss_interrupts_dw1_7_IRQHandler /* CPUSS DataWire #1, Channel #7 */ + .long cpuss_interrupts_dw1_8_IRQHandler /* CPUSS DataWire #1, Channel #8 */ + .long cpuss_interrupts_dw1_9_IRQHandler /* CPUSS DataWire #1, Channel #9 */ + .long cpuss_interrupts_dw1_10_IRQHandler /* CPUSS DataWire #1, Channel #10 */ + .long cpuss_interrupts_dw1_11_IRQHandler /* CPUSS DataWire #1, Channel #11 */ + .long cpuss_interrupts_dw1_12_IRQHandler /* CPUSS DataWire #1, Channel #12 */ + .long cpuss_interrupts_dw1_13_IRQHandler /* CPUSS DataWire #1, Channel #13 */ + .long cpuss_interrupts_dw1_14_IRQHandler /* CPUSS DataWire #1, Channel #14 */ + .long cpuss_interrupts_dw1_15_IRQHandler /* CPUSS DataWire #1, Channel #15 */ + .long cpuss_interrupts_dw1_16_IRQHandler /* CPUSS DataWire #1, Channel #16 */ + .long cpuss_interrupts_dw1_17_IRQHandler /* CPUSS DataWire #1, Channel #17 */ + .long cpuss_interrupts_dw1_18_IRQHandler /* CPUSS DataWire #1, Channel #18 */ + .long cpuss_interrupts_dw1_19_IRQHandler /* CPUSS DataWire #1, Channel #19 */ + .long cpuss_interrupts_dw1_20_IRQHandler /* CPUSS DataWire #1, Channel #20 */ + .long cpuss_interrupts_dw1_21_IRQHandler /* CPUSS DataWire #1, Channel #21 */ + .long cpuss_interrupts_dw1_22_IRQHandler /* CPUSS DataWire #1, Channel #22 */ + .long cpuss_interrupts_dw1_23_IRQHandler /* CPUSS DataWire #1, Channel #23 */ + .long cpuss_interrupts_dw1_24_IRQHandler /* CPUSS DataWire #1, Channel #24 */ + .long cpuss_interrupts_dw1_25_IRQHandler /* CPUSS DataWire #1, Channel #25 */ + .long cpuss_interrupts_dw1_26_IRQHandler /* CPUSS DataWire #1, Channel #26 */ + .long cpuss_interrupts_dw1_27_IRQHandler /* CPUSS DataWire #1, Channel #27 */ + .long cpuss_interrupts_dw1_28_IRQHandler /* CPUSS DataWire #1, Channel #28 */ + .long cpuss_interrupts_fault_0_IRQHandler /* CPUSS Fault Structure Interrupt #0 */ + .long cpuss_interrupts_fault_1_IRQHandler /* CPUSS Fault Structure Interrupt #1 */ + .long cpuss_interrupt_crypto_IRQHandler /* CRYPTO Accelerator Interrupt */ + .long cpuss_interrupt_fm_IRQHandler /* FLASH Macro Interrupt */ + .long cpuss_interrupts_cm4_fp_IRQHandler /* Floating Point operation fault */ + .long cpuss_interrupts_cm0_cti_0_IRQHandler /* CM0+ CTI #0 */ + .long cpuss_interrupts_cm0_cti_1_IRQHandler /* CM0+ CTI #1 */ + .long cpuss_interrupts_cm4_cti_0_IRQHandler /* CM4 CTI #0 */ + .long cpuss_interrupts_cm4_cti_1_IRQHandler /* CM4 CTI #1 */ + .long tcpwm_0_interrupts_0_IRQHandler /* TCPWM #0, Counter #0 */ + .long tcpwm_0_interrupts_1_IRQHandler /* TCPWM #0, Counter #1 */ + .long tcpwm_0_interrupts_2_IRQHandler /* TCPWM #0, Counter #2 */ + .long tcpwm_0_interrupts_3_IRQHandler /* TCPWM #0, Counter #3 */ + .long tcpwm_0_interrupts_4_IRQHandler /* TCPWM #0, Counter #4 */ + .long tcpwm_0_interrupts_5_IRQHandler /* TCPWM #0, Counter #5 */ + .long tcpwm_0_interrupts_6_IRQHandler /* TCPWM #0, Counter #6 */ + .long tcpwm_0_interrupts_7_IRQHandler /* TCPWM #0, Counter #7 */ + .long tcpwm_1_interrupts_0_IRQHandler /* TCPWM #1, Counter #0 */ + .long tcpwm_1_interrupts_1_IRQHandler /* TCPWM #1, Counter #1 */ + .long tcpwm_1_interrupts_2_IRQHandler /* TCPWM #1, Counter #2 */ + .long tcpwm_1_interrupts_3_IRQHandler /* TCPWM #1, Counter #3 */ + .long tcpwm_1_interrupts_4_IRQHandler /* TCPWM #1, Counter #4 */ + .long tcpwm_1_interrupts_5_IRQHandler /* TCPWM #1, Counter #5 */ + .long tcpwm_1_interrupts_6_IRQHandler /* TCPWM #1, Counter #6 */ + .long tcpwm_1_interrupts_7_IRQHandler /* TCPWM #1, Counter #7 */ + .long tcpwm_1_interrupts_8_IRQHandler /* TCPWM #1, Counter #8 */ + .long tcpwm_1_interrupts_9_IRQHandler /* TCPWM #1, Counter #9 */ + .long tcpwm_1_interrupts_10_IRQHandler /* TCPWM #1, Counter #10 */ + .long tcpwm_1_interrupts_11_IRQHandler /* TCPWM #1, Counter #11 */ + .long tcpwm_1_interrupts_12_IRQHandler /* TCPWM #1, Counter #12 */ + .long tcpwm_1_interrupts_13_IRQHandler /* TCPWM #1, Counter #13 */ + .long tcpwm_1_interrupts_14_IRQHandler /* TCPWM #1, Counter #14 */ + .long tcpwm_1_interrupts_15_IRQHandler /* TCPWM #1, Counter #15 */ + .long tcpwm_1_interrupts_16_IRQHandler /* TCPWM #1, Counter #16 */ + .long tcpwm_1_interrupts_17_IRQHandler /* TCPWM #1, Counter #17 */ + .long tcpwm_1_interrupts_18_IRQHandler /* TCPWM #1, Counter #18 */ + .long tcpwm_1_interrupts_19_IRQHandler /* TCPWM #1, Counter #19 */ + .long tcpwm_1_interrupts_20_IRQHandler /* TCPWM #1, Counter #20 */ + .long tcpwm_1_interrupts_21_IRQHandler /* TCPWM #1, Counter #21 */ + .long tcpwm_1_interrupts_22_IRQHandler /* TCPWM #1, Counter #22 */ + .long tcpwm_1_interrupts_23_IRQHandler /* TCPWM #1, Counter #23 */ + .long pass_interrupt_sar_IRQHandler /* SAR ADC interrupt */ + .long audioss_0_interrupt_i2s_IRQHandler /* I2S0 Audio interrupt */ + .long audioss_0_interrupt_pdm_IRQHandler /* PDM0/PCM0 Audio interrupt */ + .long audioss_1_interrupt_i2s_IRQHandler /* I2S1 Audio interrupt */ + .long profile_interrupt_IRQHandler /* Energy Profiler interrupt */ + .long smif_interrupt_IRQHandler /* Serial Memory Interface interrupt */ + .long usb_interrupt_hi_IRQHandler /* USB Interrupt */ + .long usb_interrupt_med_IRQHandler /* USB Interrupt */ + .long usb_interrupt_lo_IRQHandler /* USB Interrupt */ + .long sdhc_0_interrupt_wakeup_IRQHandler /* SDIO wakeup interrupt for mxsdhc */ + .long sdhc_0_interrupt_general_IRQHandler /* Consolidated interrupt for mxsdhc for everything else */ + .long sdhc_1_interrupt_wakeup_IRQHandler /* EEMC wakeup interrupt for mxsdhc, not used */ + .long sdhc_1_interrupt_general_IRQHandler /* Consolidated interrupt for mxsdhc for everything else */ + + + .size __Vectors, . - __Vectors + .equ __VectorsSize, . - __Vectors + + .section .ram_vectors + .align 2 + .globl __ramVectors +__ramVectors: + .space __VectorsSize + .size __ramVectors, . - __ramVectors + + + .text + .thumb + .thumb_func + .align 2 + + /* + * Device startup customization + * + * Note. The global resources are not yet initialized (for example global variables, peripherals, clocks) + * because this function is executed as the first instruction in the ResetHandler. + * The PDL is also not initialized to use the proper register offsets. + * The user of this function is responsible for initializing the PDL and resources before using them. + */ + .weak Cy_OnResetUser + .func Cy_OnResetUser, Cy_OnResetUser + .type Cy_OnResetUser, %function + +Cy_OnResetUser: + bx lr + .size Cy_OnResetUser, . - Cy_OnResetUser + .endfunc + + /* Reset handler */ + .weak Reset_Handler + .type Reset_Handler, %function + +Reset_Handler: + bl Cy_OnResetUser + cpsid i + +/* Firstly it copies data from read only memory to RAM. There are two schemes + * to copy. One can copy more than one sections. Another can only copy + * one section. The former scheme needs more instructions and read-only + * data to implement than the latter. + * Macro __STARTUP_COPY_MULTIPLE is used to choose between two schemes. */ + +#ifdef __STARTUP_COPY_MULTIPLE +/* Multiple sections scheme. + * + * Between symbol address __copy_table_start__ and __copy_table_end__, + * there are array of triplets, each of which specify: + * offset 0: LMA of start of a section to copy from + * offset 4: VMA of start of a section to copy to + * offset 8: size of the section to copy. Must be multiply of 4 + * + * All addresses must be aligned to 4 bytes boundary. + */ + ldr r4, =__copy_table_start__ + ldr r5, =__copy_table_end__ + +.L_loop0: + cmp r4, r5 + bge .L_loop0_done + ldr r1, [r4] + ldr r2, [r4, #4] + ldr r3, [r4, #8] + +.L_loop0_0: + subs r3, #4 + ittt ge + ldrge r0, [r1, r3] + strge r0, [r2, r3] + bge .L_loop0_0 + + adds r4, #12 + b .L_loop0 + +.L_loop0_done: +#else +/* Single section scheme. + * + * The ranges of copy from/to are specified by following symbols + * __etext: LMA of start of the section to copy from. Usually end of text + * __data_start__: VMA of start of the section to copy to + * __data_end__: VMA of end of the section to copy to + * + * All addresses must be aligned to 4 bytes boundary. + */ + ldr r1, =__etext + ldr r2, =__data_start__ + ldr r3, =__data_end__ + +.L_loop1: + cmp r2, r3 + ittt lt + ldrlt r0, [r1], #4 + strlt r0, [r2], #4 + blt .L_loop1 +#endif /*__STARTUP_COPY_MULTIPLE */ + +/* This part of work usually is done in C library startup code. Otherwise, + * define this macro to enable it in this startup. + * + * There are two schemes too. One can clear multiple BSS sections. Another + * can only clear one section. The former is more size expensive than the + * latter. + * + * Define macro __STARTUP_CLEAR_BSS_MULTIPLE to choose the former. + * Otherwise define macro __STARTUP_CLEAR_BSS to choose the later. + */ +#ifdef __STARTUP_CLEAR_BSS_MULTIPLE +/* Multiple sections scheme. + * + * Between symbol address __copy_table_start__ and __copy_table_end__, + * there are array of tuples specifying: + * offset 0: Start of a BSS section + * offset 4: Size of this BSS section. Must be multiply of 4 + */ + ldr r3, =__zero_table_start__ + ldr r4, =__zero_table_end__ + +.L_loop2: + cmp r3, r4 + bge .L_loop2_done + ldr r1, [r3] + ldr r2, [r3, #4] + movs r0, 0 + +.L_loop2_0: + subs r2, #4 + itt ge + strge r0, [r1, r2] + bge .L_loop2_0 + + adds r3, #8 + b .L_loop2 +.L_loop2_done: +#elif defined (__STARTUP_CLEAR_BSS) +/* Single BSS section scheme. + * + * The BSS section is specified by following symbols + * __bss_start__: start of the BSS section. + * __bss_end__: end of the BSS section. + * + * Both addresses must be aligned to 4 bytes boundary. + */ + ldr r1, =__bss_start__ + ldr r2, =__bss_end__ + + movs r0, 0 +.L_loop3: + cmp r1, r2 + itt lt + strlt r0, [r1], #4 + blt .L_loop3 +#endif /* __STARTUP_CLEAR_BSS_MULTIPLE || __STARTUP_CLEAR_BSS */ + + /* Update Vector Table Offset Register. */ + ldr r0, =__ramVectors + ldr r1, =CY_CPU_VTOR_ADDR + str r0, [r1] + dsb 0xF + + /* Enable the FPU if used */ + bl Cy_SystemInitFpuEnable + + bl _start + + /* Should never get here */ + b . + + .pool + .size Reset_Handler, . - Reset_Handler + + .align 1 + .thumb_func + .weak Default_Handler + .type Default_Handler, %function + +Default_Handler: + b . + .size Default_Handler, . - Default_Handler + + + .weak Cy_SysLib_FaultHandler + .type Cy_SysLib_FaultHandler, %function + +Cy_SysLib_FaultHandler: + b . + .size Cy_SysLib_FaultHandler, . - Cy_SysLib_FaultHandler + .type Fault_Handler, %function + +Fault_Handler: + /* Storing LR content for Creator call stack trace */ + push {LR} + movs r0, #4 + mov r1, LR + tst r0, r1 + beq .L_MSP + mrs r0, PSP + b .L_API_call +.L_MSP: + mrs r0, MSP +.L_API_call: + /* Compensation of stack pointer address due to pushing 4 bytes of LR */ + adds r0, r0, #4 + bl Cy_SysLib_FaultHandler + b . + .size Fault_Handler, . - Fault_Handler + +.macro def_fault_Handler fault_handler_name + .weak \fault_handler_name + .set \fault_handler_name, Fault_Handler + .endm + +/* Macro to define default handlers. Default handler + * will be weak symbol and just dead loops. They can be + * overwritten by other handlers */ + .macro def_irq_handler handler_name + .weak \handler_name + .set \handler_name, Default_Handler + .endm + + def_irq_handler NMI_Handler + + def_fault_Handler HardFault_Handler + def_fault_Handler MemManage_Handler + def_fault_Handler BusFault_Handler + def_fault_Handler UsageFault_Handler + + def_irq_handler SVC_Handler + def_irq_handler DebugMon_Handler + def_irq_handler PendSV_Handler + def_irq_handler SysTick_Handler + + def_irq_handler ioss_interrupts_gpio_0_IRQHandler /* GPIO Port Interrupt #0 */ + def_irq_handler ioss_interrupts_gpio_1_IRQHandler /* GPIO Port Interrupt #1 */ + def_irq_handler ioss_interrupts_gpio_2_IRQHandler /* GPIO Port Interrupt #2 */ + def_irq_handler ioss_interrupts_gpio_3_IRQHandler /* GPIO Port Interrupt #3 */ + def_irq_handler ioss_interrupts_gpio_4_IRQHandler /* GPIO Port Interrupt #4 */ + def_irq_handler ioss_interrupts_gpio_5_IRQHandler /* GPIO Port Interrupt #5 */ + def_irq_handler ioss_interrupts_gpio_6_IRQHandler /* GPIO Port Interrupt #6 */ + def_irq_handler ioss_interrupts_gpio_7_IRQHandler /* GPIO Port Interrupt #7 */ + def_irq_handler ioss_interrupts_gpio_8_IRQHandler /* GPIO Port Interrupt #8 */ + def_irq_handler ioss_interrupts_gpio_9_IRQHandler /* GPIO Port Interrupt #9 */ + def_irq_handler ioss_interrupts_gpio_10_IRQHandler /* GPIO Port Interrupt #10 */ + def_irq_handler ioss_interrupts_gpio_11_IRQHandler /* GPIO Port Interrupt #11 */ + def_irq_handler ioss_interrupts_gpio_12_IRQHandler /* GPIO Port Interrupt #12 */ + def_irq_handler ioss_interrupts_gpio_13_IRQHandler /* GPIO Port Interrupt #13 */ + def_irq_handler ioss_interrupts_gpio_14_IRQHandler /* GPIO Port Interrupt #14 */ + def_irq_handler ioss_interrupt_gpio_IRQHandler /* GPIO All Ports */ + def_irq_handler ioss_interrupt_vdd_IRQHandler /* GPIO Supply Detect Interrupt */ + def_irq_handler lpcomp_interrupt_IRQHandler /* Low Power Comparator Interrupt */ + def_irq_handler scb_8_interrupt_IRQHandler /* Serial Communication Block #8 (DeepSleep capable) */ + def_irq_handler srss_interrupt_mcwdt_0_IRQHandler /* Multi Counter Watchdog Timer interrupt */ + def_irq_handler srss_interrupt_mcwdt_1_IRQHandler /* Multi Counter Watchdog Timer interrupt */ + def_irq_handler srss_interrupt_backup_IRQHandler /* Backup domain interrupt */ + def_irq_handler srss_interrupt_IRQHandler /* Other combined Interrupts for SRSS (LVD, WDT, CLKCAL) */ + def_irq_handler cpuss_interrupts_ipc_0_IRQHandler /* CPUSS Inter Process Communication Interrupt #0 */ + def_irq_handler cpuss_interrupts_ipc_1_IRQHandler /* CPUSS Inter Process Communication Interrupt #1 */ + def_irq_handler cpuss_interrupts_ipc_2_IRQHandler /* CPUSS Inter Process Communication Interrupt #2 */ + def_irq_handler cpuss_interrupts_ipc_3_IRQHandler /* CPUSS Inter Process Communication Interrupt #3 */ + def_irq_handler cpuss_interrupts_ipc_4_IRQHandler /* CPUSS Inter Process Communication Interrupt #4 */ + def_irq_handler cpuss_interrupts_ipc_5_IRQHandler /* CPUSS Inter Process Communication Interrupt #5 */ + def_irq_handler cpuss_interrupts_ipc_6_IRQHandler /* CPUSS Inter Process Communication Interrupt #6 */ + def_irq_handler cpuss_interrupts_ipc_7_IRQHandler /* CPUSS Inter Process Communication Interrupt #7 */ + def_irq_handler cpuss_interrupts_ipc_8_IRQHandler /* CPUSS Inter Process Communication Interrupt #8 */ + def_irq_handler cpuss_interrupts_ipc_9_IRQHandler /* CPUSS Inter Process Communication Interrupt #9 */ + def_irq_handler cpuss_interrupts_ipc_10_IRQHandler /* CPUSS Inter Process Communication Interrupt #10 */ + def_irq_handler cpuss_interrupts_ipc_11_IRQHandler /* CPUSS Inter Process Communication Interrupt #11 */ + def_irq_handler cpuss_interrupts_ipc_12_IRQHandler /* CPUSS Inter Process Communication Interrupt #12 */ + def_irq_handler cpuss_interrupts_ipc_13_IRQHandler /* CPUSS Inter Process Communication Interrupt #13 */ + def_irq_handler cpuss_interrupts_ipc_14_IRQHandler /* CPUSS Inter Process Communication Interrupt #14 */ + def_irq_handler cpuss_interrupts_ipc_15_IRQHandler /* CPUSS Inter Process Communication Interrupt #15 */ + def_irq_handler scb_0_interrupt_IRQHandler /* Serial Communication Block #0 */ + def_irq_handler scb_1_interrupt_IRQHandler /* Serial Communication Block #1 */ + def_irq_handler scb_2_interrupt_IRQHandler /* Serial Communication Block #2 */ + def_irq_handler scb_3_interrupt_IRQHandler /* Serial Communication Block #3 */ + def_irq_handler scb_4_interrupt_IRQHandler /* Serial Communication Block #4 */ + def_irq_handler scb_5_interrupt_IRQHandler /* Serial Communication Block #5 */ + def_irq_handler scb_6_interrupt_IRQHandler /* Serial Communication Block #6 */ + def_irq_handler scb_7_interrupt_IRQHandler /* Serial Communication Block #7 */ + def_irq_handler scb_9_interrupt_IRQHandler /* Serial Communication Block #9 */ + def_irq_handler scb_10_interrupt_IRQHandler /* Serial Communication Block #10 */ + def_irq_handler scb_11_interrupt_IRQHandler /* Serial Communication Block #11 */ + def_irq_handler scb_12_interrupt_IRQHandler /* Serial Communication Block #12 */ + def_irq_handler csd_interrupt_IRQHandler /* CSD (Capsense) interrupt */ + def_irq_handler cpuss_interrupts_dmac_0_IRQHandler /* CPUSS DMAC, Channel #0 */ + def_irq_handler cpuss_interrupts_dmac_1_IRQHandler /* CPUSS DMAC, Channel #1 */ + def_irq_handler cpuss_interrupts_dmac_2_IRQHandler /* CPUSS DMAC, Channel #2 */ + def_irq_handler cpuss_interrupts_dmac_3_IRQHandler /* CPUSS DMAC, Channel #3 */ + def_irq_handler cpuss_interrupts_dw0_0_IRQHandler /* CPUSS DataWire #0, Channel #0 */ + def_irq_handler cpuss_interrupts_dw0_1_IRQHandler /* CPUSS DataWire #0, Channel #1 */ + def_irq_handler cpuss_interrupts_dw0_2_IRQHandler /* CPUSS DataWire #0, Channel #2 */ + def_irq_handler cpuss_interrupts_dw0_3_IRQHandler /* CPUSS DataWire #0, Channel #3 */ + def_irq_handler cpuss_interrupts_dw0_4_IRQHandler /* CPUSS DataWire #0, Channel #4 */ + def_irq_handler cpuss_interrupts_dw0_5_IRQHandler /* CPUSS DataWire #0, Channel #5 */ + def_irq_handler cpuss_interrupts_dw0_6_IRQHandler /* CPUSS DataWire #0, Channel #6 */ + def_irq_handler cpuss_interrupts_dw0_7_IRQHandler /* CPUSS DataWire #0, Channel #7 */ + def_irq_handler cpuss_interrupts_dw0_8_IRQHandler /* CPUSS DataWire #0, Channel #8 */ + def_irq_handler cpuss_interrupts_dw0_9_IRQHandler /* CPUSS DataWire #0, Channel #9 */ + def_irq_handler cpuss_interrupts_dw0_10_IRQHandler /* CPUSS DataWire #0, Channel #10 */ + def_irq_handler cpuss_interrupts_dw0_11_IRQHandler /* CPUSS DataWire #0, Channel #11 */ + def_irq_handler cpuss_interrupts_dw0_12_IRQHandler /* CPUSS DataWire #0, Channel #12 */ + def_irq_handler cpuss_interrupts_dw0_13_IRQHandler /* CPUSS DataWire #0, Channel #13 */ + def_irq_handler cpuss_interrupts_dw0_14_IRQHandler /* CPUSS DataWire #0, Channel #14 */ + def_irq_handler cpuss_interrupts_dw0_15_IRQHandler /* CPUSS DataWire #0, Channel #15 */ + def_irq_handler cpuss_interrupts_dw0_16_IRQHandler /* CPUSS DataWire #0, Channel #16 */ + def_irq_handler cpuss_interrupts_dw0_17_IRQHandler /* CPUSS DataWire #0, Channel #17 */ + def_irq_handler cpuss_interrupts_dw0_18_IRQHandler /* CPUSS DataWire #0, Channel #18 */ + def_irq_handler cpuss_interrupts_dw0_19_IRQHandler /* CPUSS DataWire #0, Channel #19 */ + def_irq_handler cpuss_interrupts_dw0_20_IRQHandler /* CPUSS DataWire #0, Channel #20 */ + def_irq_handler cpuss_interrupts_dw0_21_IRQHandler /* CPUSS DataWire #0, Channel #21 */ + def_irq_handler cpuss_interrupts_dw0_22_IRQHandler /* CPUSS DataWire #0, Channel #22 */ + def_irq_handler cpuss_interrupts_dw0_23_IRQHandler /* CPUSS DataWire #0, Channel #23 */ + def_irq_handler cpuss_interrupts_dw0_24_IRQHandler /* CPUSS DataWire #0, Channel #24 */ + def_irq_handler cpuss_interrupts_dw0_25_IRQHandler /* CPUSS DataWire #0, Channel #25 */ + def_irq_handler cpuss_interrupts_dw0_26_IRQHandler /* CPUSS DataWire #0, Channel #26 */ + def_irq_handler cpuss_interrupts_dw0_27_IRQHandler /* CPUSS DataWire #0, Channel #27 */ + def_irq_handler cpuss_interrupts_dw0_28_IRQHandler /* CPUSS DataWire #0, Channel #28 */ + def_irq_handler cpuss_interrupts_dw1_0_IRQHandler /* CPUSS DataWire #1, Channel #0 */ + def_irq_handler cpuss_interrupts_dw1_1_IRQHandler /* CPUSS DataWire #1, Channel #1 */ + def_irq_handler cpuss_interrupts_dw1_2_IRQHandler /* CPUSS DataWire #1, Channel #2 */ + def_irq_handler cpuss_interrupts_dw1_3_IRQHandler /* CPUSS DataWire #1, Channel #3 */ + def_irq_handler cpuss_interrupts_dw1_4_IRQHandler /* CPUSS DataWire #1, Channel #4 */ + def_irq_handler cpuss_interrupts_dw1_5_IRQHandler /* CPUSS DataWire #1, Channel #5 */ + def_irq_handler cpuss_interrupts_dw1_6_IRQHandler /* CPUSS DataWire #1, Channel #6 */ + def_irq_handler cpuss_interrupts_dw1_7_IRQHandler /* CPUSS DataWire #1, Channel #7 */ + def_irq_handler cpuss_interrupts_dw1_8_IRQHandler /* CPUSS DataWire #1, Channel #8 */ + def_irq_handler cpuss_interrupts_dw1_9_IRQHandler /* CPUSS DataWire #1, Channel #9 */ + def_irq_handler cpuss_interrupts_dw1_10_IRQHandler /* CPUSS DataWire #1, Channel #10 */ + def_irq_handler cpuss_interrupts_dw1_11_IRQHandler /* CPUSS DataWire #1, Channel #11 */ + def_irq_handler cpuss_interrupts_dw1_12_IRQHandler /* CPUSS DataWire #1, Channel #12 */ + def_irq_handler cpuss_interrupts_dw1_13_IRQHandler /* CPUSS DataWire #1, Channel #13 */ + def_irq_handler cpuss_interrupts_dw1_14_IRQHandler /* CPUSS DataWire #1, Channel #14 */ + def_irq_handler cpuss_interrupts_dw1_15_IRQHandler /* CPUSS DataWire #1, Channel #15 */ + def_irq_handler cpuss_interrupts_dw1_16_IRQHandler /* CPUSS DataWire #1, Channel #16 */ + def_irq_handler cpuss_interrupts_dw1_17_IRQHandler /* CPUSS DataWire #1, Channel #17 */ + def_irq_handler cpuss_interrupts_dw1_18_IRQHandler /* CPUSS DataWire #1, Channel #18 */ + def_irq_handler cpuss_interrupts_dw1_19_IRQHandler /* CPUSS DataWire #1, Channel #19 */ + def_irq_handler cpuss_interrupts_dw1_20_IRQHandler /* CPUSS DataWire #1, Channel #20 */ + def_irq_handler cpuss_interrupts_dw1_21_IRQHandler /* CPUSS DataWire #1, Channel #21 */ + def_irq_handler cpuss_interrupts_dw1_22_IRQHandler /* CPUSS DataWire #1, Channel #22 */ + def_irq_handler cpuss_interrupts_dw1_23_IRQHandler /* CPUSS DataWire #1, Channel #23 */ + def_irq_handler cpuss_interrupts_dw1_24_IRQHandler /* CPUSS DataWire #1, Channel #24 */ + def_irq_handler cpuss_interrupts_dw1_25_IRQHandler /* CPUSS DataWire #1, Channel #25 */ + def_irq_handler cpuss_interrupts_dw1_26_IRQHandler /* CPUSS DataWire #1, Channel #26 */ + def_irq_handler cpuss_interrupts_dw1_27_IRQHandler /* CPUSS DataWire #1, Channel #27 */ + def_irq_handler cpuss_interrupts_dw1_28_IRQHandler /* CPUSS DataWire #1, Channel #28 */ + def_irq_handler cpuss_interrupts_fault_0_IRQHandler /* CPUSS Fault Structure Interrupt #0 */ + def_irq_handler cpuss_interrupts_fault_1_IRQHandler /* CPUSS Fault Structure Interrupt #1 */ + def_irq_handler cpuss_interrupt_crypto_IRQHandler /* CRYPTO Accelerator Interrupt */ + def_irq_handler cpuss_interrupt_fm_IRQHandler /* FLASH Macro Interrupt */ + def_irq_handler cpuss_interrupts_cm4_fp_IRQHandler /* Floating Point operation fault */ + def_irq_handler cpuss_interrupts_cm0_cti_0_IRQHandler /* CM0+ CTI #0 */ + def_irq_handler cpuss_interrupts_cm0_cti_1_IRQHandler /* CM0+ CTI #1 */ + def_irq_handler cpuss_interrupts_cm4_cti_0_IRQHandler /* CM4 CTI #0 */ + def_irq_handler cpuss_interrupts_cm4_cti_1_IRQHandler /* CM4 CTI #1 */ + def_irq_handler tcpwm_0_interrupts_0_IRQHandler /* TCPWM #0, Counter #0 */ + def_irq_handler tcpwm_0_interrupts_1_IRQHandler /* TCPWM #0, Counter #1 */ + def_irq_handler tcpwm_0_interrupts_2_IRQHandler /* TCPWM #0, Counter #2 */ + def_irq_handler tcpwm_0_interrupts_3_IRQHandler /* TCPWM #0, Counter #3 */ + def_irq_handler tcpwm_0_interrupts_4_IRQHandler /* TCPWM #0, Counter #4 */ + def_irq_handler tcpwm_0_interrupts_5_IRQHandler /* TCPWM #0, Counter #5 */ + def_irq_handler tcpwm_0_interrupts_6_IRQHandler /* TCPWM #0, Counter #6 */ + def_irq_handler tcpwm_0_interrupts_7_IRQHandler /* TCPWM #0, Counter #7 */ + def_irq_handler tcpwm_1_interrupts_0_IRQHandler /* TCPWM #1, Counter #0 */ + def_irq_handler tcpwm_1_interrupts_1_IRQHandler /* TCPWM #1, Counter #1 */ + def_irq_handler tcpwm_1_interrupts_2_IRQHandler /* TCPWM #1, Counter #2 */ + def_irq_handler tcpwm_1_interrupts_3_IRQHandler /* TCPWM #1, Counter #3 */ + def_irq_handler tcpwm_1_interrupts_4_IRQHandler /* TCPWM #1, Counter #4 */ + def_irq_handler tcpwm_1_interrupts_5_IRQHandler /* TCPWM #1, Counter #5 */ + def_irq_handler tcpwm_1_interrupts_6_IRQHandler /* TCPWM #1, Counter #6 */ + def_irq_handler tcpwm_1_interrupts_7_IRQHandler /* TCPWM #1, Counter #7 */ + def_irq_handler tcpwm_1_interrupts_8_IRQHandler /* TCPWM #1, Counter #8 */ + def_irq_handler tcpwm_1_interrupts_9_IRQHandler /* TCPWM #1, Counter #9 */ + def_irq_handler tcpwm_1_interrupts_10_IRQHandler /* TCPWM #1, Counter #10 */ + def_irq_handler tcpwm_1_interrupts_11_IRQHandler /* TCPWM #1, Counter #11 */ + def_irq_handler tcpwm_1_interrupts_12_IRQHandler /* TCPWM #1, Counter #12 */ + def_irq_handler tcpwm_1_interrupts_13_IRQHandler /* TCPWM #1, Counter #13 */ + def_irq_handler tcpwm_1_interrupts_14_IRQHandler /* TCPWM #1, Counter #14 */ + def_irq_handler tcpwm_1_interrupts_15_IRQHandler /* TCPWM #1, Counter #15 */ + def_irq_handler tcpwm_1_interrupts_16_IRQHandler /* TCPWM #1, Counter #16 */ + def_irq_handler tcpwm_1_interrupts_17_IRQHandler /* TCPWM #1, Counter #17 */ + def_irq_handler tcpwm_1_interrupts_18_IRQHandler /* TCPWM #1, Counter #18 */ + def_irq_handler tcpwm_1_interrupts_19_IRQHandler /* TCPWM #1, Counter #19 */ + def_irq_handler tcpwm_1_interrupts_20_IRQHandler /* TCPWM #1, Counter #20 */ + def_irq_handler tcpwm_1_interrupts_21_IRQHandler /* TCPWM #1, Counter #21 */ + def_irq_handler tcpwm_1_interrupts_22_IRQHandler /* TCPWM #1, Counter #22 */ + def_irq_handler tcpwm_1_interrupts_23_IRQHandler /* TCPWM #1, Counter #23 */ + def_irq_handler pass_interrupt_sar_IRQHandler /* SAR ADC interrupt */ + def_irq_handler audioss_0_interrupt_i2s_IRQHandler /* I2S0 Audio interrupt */ + def_irq_handler audioss_0_interrupt_pdm_IRQHandler /* PDM0/PCM0 Audio interrupt */ + def_irq_handler audioss_1_interrupt_i2s_IRQHandler /* I2S1 Audio interrupt */ + def_irq_handler profile_interrupt_IRQHandler /* Energy Profiler interrupt */ + def_irq_handler smif_interrupt_IRQHandler /* Serial Memory Interface interrupt */ + def_irq_handler usb_interrupt_hi_IRQHandler /* USB Interrupt */ + def_irq_handler usb_interrupt_med_IRQHandler /* USB Interrupt */ + def_irq_handler usb_interrupt_lo_IRQHandler /* USB Interrupt */ + def_irq_handler sdhc_0_interrupt_wakeup_IRQHandler /* SDIO wakeup interrupt for mxsdhc */ + def_irq_handler sdhc_0_interrupt_general_IRQHandler /* Consolidated interrupt for mxsdhc for everything else */ + def_irq_handler sdhc_1_interrupt_wakeup_IRQHandler /* EEMC wakeup interrupt for mxsdhc, not used */ + def_irq_handler sdhc_1_interrupt_general_IRQHandler /* Consolidated interrupt for mxsdhc for everything else */ + + .end + + +/* [] END OF FILE */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/device_cfg.h b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/device_cfg.h new file mode 100644 index 0000000..097d7f0 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/device_cfg.h @@ -0,0 +1,31 @@ +/* + * Copyright (c) 2017-2018 Arm Limited + * Copyright (c) 2020, Cypress Semiconductor Corporation. All rights reserved. + * + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing software + * distributed under the License is distributed on an "AS IS" BASIS + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __ARM_LTD_DEVICE_CFG_H__ +#define __ARM_LTD_DEVICE_CFG_H__ + +/* TCPWM0 Timers (IRQ test) */ +#define CY_TCPWM0_TIMER0_S +#define CY_TCPWM0_TIMER1_NS + +#ifdef TFM_MULTI_CORE_MULTI_CLIENT_CALL +#define NUM_MAILBOX_QUEUE_SLOT 4 +#endif + +#endif /* __ARM_LTD_DEVICE_CFG_H__ */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/device_definition.c b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/device_definition.c new file mode 100644 index 0000000..af6ac12 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/device_definition.c @@ -0,0 +1,89 @@ +/* + * Copyright (c) 2016-2018 ARM Limited + * Copyright (c) 2020, Cypress Semiconductor Corporation. All rights reserved. + * + * Licensed under the Apache License Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing software + * distributed under the License is distributed on an "AS IS" BASIS + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * \file device_definition.c + * \brief This file defines exports the structures based on the peripheral + * definitions from device_cfg.h. + * This retarget file is meant to be used as a helper for baremetal + * applications and/or as an example of how to configure the generic + * driver structures. + */ + +#include "device_definition.h" +#include "platform_base_address.h" +#include "tfm_peripherals_def.h" +#include "tfm_plat_defs.h" + +/* TCPWM Timer driver structures */ +#if defined(CY_TCPWM0_TIMER0_S) || defined(CY_TCPWM0_TIMER1_NS) +/* Sharing the tcpwm configuration data, as the IRQ test runs in sequence */ +cy_stc_tcpwm_counter_config_t tcpwm_config + TFM_LINK_SET_RW_IN_PARTITION_SECTION("TFM_IRQ_TEST_1") + = { + .period = TIMER0_MATCH, /* Upper limit (wrap around) */ + .clockPrescaler = CY_TCPWM_COUNTER_PRESCALER_DIVBY_8, /* Clk_counter = Clk_input / 8 */ + .runMode = CY_TCPWM_COUNTER_CONTINUOUS, /* Wrap around */ + .countDirection = CY_TCPWM_COUNTER_COUNT_UP, + .compareOrCapture = CY_TCPWM_COUNTER_MODE_COMPARE,/* match compare0 */ + .compare0 = TIMER0_MATCH, + .compare1 = 0, + .enableCompareSwap = false, /* swap compare0 & compare1 upon compare event */ + .interruptSources = CY_TCPWM_INT_ON_CC, + .captureInputMode = CY_TCPWM_INPUT_RISINGEDGE, /* NOT used */ + .captureInput = CY_TCPWM_INPUT_0, + .reloadInputMode = CY_TCPWM_INPUT_RISINGEDGE, /* NOT used */ + .reloadInput = CY_TCPWM_INPUT_0, + .startInputMode = CY_TCPWM_INPUT_RISINGEDGE, /* NOT used */ + .startInput = CY_TCPWM_INPUT_0, + .stopInputMode = CY_TCPWM_INPUT_RISINGEDGE, /* NOT used */ + .stopInput = CY_TCPWM_INPUT_0, + .countInputMode = CY_TCPWM_INPUT_LEVEL, + .countInput = CY_TCPWM_INPUT_1, /* count Clk_counter */ +}; +#endif + +#ifdef CY_TCPWM0_TIMER0_S +#if (CY_CPU_CORTEX_M0P) +cy_stc_sysint_t CY_TCPWM_NVIC_CFG_S + TFM_LINK_SET_RW_IN_PARTITION_SECTION("TFM_IRQ_TEST_1") + = { + .intrSrc = TFM_TIMER0_IRQ, /* NVIC #3 */ + .cm0pSrc = tcpwm_0_interrupts_0_IRQn, /* IRQ 123 */ + .intrPriority = 2U, /* ?: Flash is 0U, IPC is 1U */ +}; +#endif +tfm_timer_irq_test_dev_t CY_TCPWM0_TIMER0_DEV_S + TFM_LINK_SET_RW_IN_PARTITION_SECTION("TFM_IRQ_TEST_1") + = { + .is_initialized = false, + .tcpwm_base = TCPWM0, + .tcpwm_counter_num = 0, + .timer_match_value = TIMER0_MATCH, + .tcpwm_config = &tcpwm_config, +}; +#endif + +#ifdef CY_TCPWM0_TIMER1_NS +tfm_timer_irq_test_dev_t CY_TCPWM0_TIMER1_DEV_NS = { + .is_initialized = false, + .tcpwm_base = TCPWM0, + .tcpwm_counter_num = 1, + .timer_match_value = TIMER1_MATCH, + .tcpwm_config = &tcpwm_config, +}; +#endif diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/device_definition.h b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/device_definition.h new file mode 100644 index 0000000..efa3d3f --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/device_definition.h @@ -0,0 +1,76 @@ +/* + * Copyright (c) 2017-2018 Arm Limited + * Copyright (c) 2020, Cypress Semiconductor Corporation. All rights reserved. + * + * Licensed under the Apache License Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing software + * distributed under the License is distributed on an "AS IS" BASIS + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * \file device_definition.h + * \brief The structure definitions in this file are exported based on the peripheral + * definitions from device_cfg.h. + * This retarget file is meant to be used as a helper for baremetal + * applications and/or as an example of how to configure the generic + * driver structures. + */ + +#ifndef __DEVICE_DEFINITION_H__ +#define __DEVICE_DEFINITION_H__ + +#include "device_cfg.h" + + +/* ======= Defines peripheral configuration structures ======= */ +/* ======= and includes generic driver headers if necessary ======= */ +/* CMSDK Timer driver structures */ +#ifdef CMSDK_TIMER0_S +#include "timer_cmsdk_drv.h" +extern struct timer_cmsdk_dev_t CMSDK_TIMER0_DEV_S; +#endif +#ifdef CMSDK_TIMER0_NS +#include "timer_cmsdk_drv.h" +extern struct timer_cmsdk_dev_t CMSDK_TIMER0_DEV_NS; +#endif + +#ifdef CMSDK_TIMER1_S +#include "timer_cmsdk_drv.h" +extern struct timer_cmsdk_dev_t CMSDK_TIMER1_DEV_S; +#endif +#ifdef CMSDK_TIMER1_NS +#include "timer_cmsdk_drv.h" +extern struct timer_cmsdk_dev_t CMSDK_TIMER1_DEV_NS; +#endif + +#if defined(CY_TCPWM0_TIMER0_S) || defined(CY_TCPWM0_TIMER1_NS) +#include "cy_tcpwm_counter.h" +typedef struct tfm_timer_irq_test_dev { + bool is_initialized; + TCPWM_Type *tcpwm_base; + uint32_t tcpwm_counter_num; + uint32_t timer_match_value; + cy_stc_tcpwm_counter_config_t *tcpwm_config; +} tfm_timer_irq_test_dev_t; +#endif +#ifdef CY_TCPWM0_TIMER0_S +#include "cy_sysint.h" +extern cy_stc_sysint_t CY_TCPWM_NVIC_CFG_S; +extern void TFM_TIMER0_IRQ_Handler(void); +extern tfm_timer_irq_test_dev_t CY_TCPWM0_TIMER0_DEV_S; +#define TIMER0_MATCH (1000000 / 8) /* About 1 seconds (CM0+: 50MHz) */ +#endif +#ifdef CY_TCPWM0_TIMER1_NS +extern tfm_timer_irq_test_dev_t CY_TCPWM0_TIMER1_DEV_NS; +#define TIMER1_MATCH (1000000 / 8) /* About 2 seconds (CM4: 100MHz) */ +#endif + +#endif /* __DEVICE_DEFINITION_H__ */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/platform_base_address.h b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/platform_base_address.h new file mode 100644 index 0000000..f90be77 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/platform_base_address.h @@ -0,0 +1,55 @@ +/* + * Copyright (c) 2017-2019 Arm Limited. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* + * This file is derivative of CMSIS V5.01 Device\_Template_Vendor\Vendor\Device\Include\Device.h + */ + +#ifndef __PLATFORM_BASE_ADDRESS_H__ +#define __PLATFORM_BASE_ADDRESS_H__ + +#ifdef __cplusplus +extern "C" { +#endif + + +/* =========================================================================================================================== */ +/* ================ Device Specific Peripheral Address Map ================ */ +/* =========================================================================================================================== */ + + +/** @addtogroup Device_Peripheral_peripheralAddr + * @{ + */ + +/* Non-Secure Peripheral and SRAM base address */ +/* Secure Peripheral and SRAM base address */ + +/* SRAM MPC ranges and limits */ +/* Internal memory */ + +/* Code SRAM memory */ + +/* QSPI Flash memory */ + +/** @} */ /* End of group Device_Peripheral_peripheralAddr */ + + +#ifdef __cplusplus +} +#endif + +#endif /* __PLATFORM_BASE_ADDRESS_H__ */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/platform_irq.h b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/platform_irq.h new file mode 100644 index 0000000..49a6da1 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/platform_irq.h @@ -0,0 +1,42 @@ +/* + * Copyright (c) 2019 Arm Limited. All rights reserved. + * Copyright (c) 2020 Cypress Semiconductor Corporation. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __PLATFORM_IRQ_H__ +#define __PLATFORM_IRQ_H__ + +#include "cy_device_headers.h" + + +#ifdef __cplusplus +extern "C" { +#endif + +/* ========================================================================== */ +/* ============= Interrupt Number Definition ================ */ +/* ========================================================================== */ + + +/* This file is needed to build the core test suite. + * All the necessary definitions are brought in by cy_device_headers.h + */ + + +#ifdef __cplusplus +} +#endif + +#endif /* __PLATFORM_IRQ_H__ */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/system_psoc6_cm4.c b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/system_psoc6_cm4.c new file mode 100755 index 0000000..c58b712 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/system_psoc6_cm4.c @@ -0,0 +1,399 @@ +/***************************************************************************//** +* \file system_psoc6_cm4.c +* \version 2.80 +* +* The device system-source file. +* +******************************************************************************** +* \copyright +* Copyright 2016-2020 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*******************************************************************************/ + +#include +#include "system_psoc6.h" +#include "cy_device.h" +#include "cy_device_headers.h" +#include "cy_syslib.h" +#include "cy_sysclk.h" +#include "cy_wdt.h" + +#if !defined(CY_IPC_DEFAULT_CFG_DISABLE) + #include "cy_ipc_sema.h" + #include "cy_ipc_pipe.h" + #include "cy_ipc_drv.h" + + #if defined(CY_DEVICE_PSOC6ABLE2) + #include "cy_flash.h" + #endif /* defined(CY_DEVICE_PSOC6ABLE2) */ +#endif /* !defined(CY_IPC_DEFAULT_CFG_DISABLE) */ + +#if defined(CY_DEVICE_SECURE) + #include "cy_pra.h" +#endif /* defined(CY_DEVICE_SECURE) */ + + +/******************************************************************************* +* SystemCoreClockUpdate() +*******************************************************************************/ + +/** Default HFClk frequency in Hz */ +#define CY_CLK_HFCLK0_FREQ_HZ_DEFAULT (8000000UL) + +/** Default PeriClk frequency in Hz */ +#define CY_CLK_PERICLK_FREQ_HZ_DEFAULT (4000000UL) + +/** Default FastClk system core frequency in Hz */ +#define CY_CLK_SYSTEM_FREQ_HZ_DEFAULT (8000000UL) + + +/** +* Holds the SlowClk (Cortex-M0+) or FastClk (Cortex-M4) system core clock, +* which is the system clock frequency supplied to the SysTick timer and the +* processor core clock. +* This variable implements CMSIS Core global variable. +* Refer to the [CMSIS documentation] +* (http://www.keil.com/pack/doc/CMSIS/Core/html/group__system__init__gr.html "System and Clock Configuration") +* for more details. +* This variable can be used by debuggers to query the frequency +* of the debug timer or to configure the trace clock speed. +* +* \attention Compilers must be configured to avoid removing this variable in case +* the application program is not using it. Debugging systems require the variable +* to be physically present in memory so that it can be examined to configure the debugger. */ +uint32_t SystemCoreClock = CY_CLK_SYSTEM_FREQ_HZ_DEFAULT; + +/** Holds the HFClk0 clock frequency. Updated by \ref SystemCoreClockUpdate(). */ +uint32_t cy_Hfclk0FreqHz = CY_CLK_HFCLK0_FREQ_HZ_DEFAULT; + +/** Holds the PeriClk clock frequency. Updated by \ref SystemCoreClockUpdate(). */ +uint32_t cy_PeriClkFreqHz = CY_CLK_PERICLK_FREQ_HZ_DEFAULT; + +/** Holds the Alternate high frequency clock in Hz. Updated by \ref Cy_BLE_EcoConfigure(). */ +uint32_t cy_BleEcoClockFreqHz = 0UL; + +/* SCB->CPACR */ +#define SCB_CPACR_CP10_CP11_ENABLE (0xFUL << 20u) + + +/******************************************************************************* +* SystemInit() +*******************************************************************************/ + +/* CLK_FLL_CONFIG default values */ +#define CY_FB_CLK_FLL_CONFIG_VALUE (0x01000000u) +#define CY_FB_CLK_FLL_CONFIG2_VALUE (0x00020001u) +#define CY_FB_CLK_FLL_CONFIG3_VALUE (0x00002800u) +#define CY_FB_CLK_FLL_CONFIG4_VALUE (0x000000FFu) + +/* IPC_STRUCT7->DATA configuration */ +#define CY_STARTUP_CM0_DP_STATE (0x2uL) +#define CY_STARTUP_IPC7_DP_OFFSET (0x28u) + + +/******************************************************************************* +* SystemCoreClockUpdate (void) +*******************************************************************************/ + +/* Do not use these definitions directly in your application */ +#define CY_DELAY_MS_OVERFLOW_THRESHOLD (0x8000u) +#define CY_DELAY_1K_THRESHOLD (1000u) +#define CY_DELAY_1M_THRESHOLD (1000000u) + +uint32_t cy_delayFreqKhz = CY_SYSLIB_DIV_ROUNDUP(CY_CLK_SYSTEM_FREQ_HZ_DEFAULT, CY_DELAY_1K_THRESHOLD); + +uint8_t cy_delayFreqMhz = (uint8_t)CY_SYSLIB_DIV_ROUNDUP(CY_CLK_SYSTEM_FREQ_HZ_DEFAULT, CY_DELAY_1M_THRESHOLD); + +uint32_t cy_delay32kMs = CY_DELAY_MS_OVERFLOW_THRESHOLD * + CY_SYSLIB_DIV_ROUNDUP(CY_CLK_SYSTEM_FREQ_HZ_DEFAULT, CY_DELAY_1K_THRESHOLD); + + +/******************************************************************************* +* Function Name: SystemInit +****************************************************************************//** +* \cond +* Initializes the system: +* - Restores FLL registers to the default state for single core devices. +* - Unlocks and disables WDT. +* - Calls Cy_PDL_Init() function to define the driver library. +* - Calls the Cy_SystemInit() function, if compiled from PSoC Creator. +* - Calls \ref SystemCoreClockUpdate(). +* \endcond +*******************************************************************************/ +void SystemInit(void) +{ + Cy_PDL_Init(CY_DEVICE_CFG); + +#ifdef __CM0P_PRESENT + #if (__CM0P_PRESENT == 0) + /* Restore FLL registers to the default state as they are not restored by the ROM code */ + uint32_t copy = SRSS->CLK_FLL_CONFIG; + copy &= ~SRSS_CLK_FLL_CONFIG_FLL_ENABLE_Msk; + SRSS->CLK_FLL_CONFIG = copy; + + copy = SRSS->CLK_ROOT_SELECT[0u]; + copy &= ~SRSS_CLK_ROOT_SELECT_ROOT_DIV_Msk; /* Set ROOT_DIV = 0*/ + SRSS->CLK_ROOT_SELECT[0u] = copy; + + SRSS->CLK_FLL_CONFIG = CY_FB_CLK_FLL_CONFIG_VALUE; + SRSS->CLK_FLL_CONFIG2 = CY_FB_CLK_FLL_CONFIG2_VALUE; + SRSS->CLK_FLL_CONFIG3 = CY_FB_CLK_FLL_CONFIG3_VALUE; + SRSS->CLK_FLL_CONFIG4 = CY_FB_CLK_FLL_CONFIG4_VALUE; + + /* Unlock and disable WDT */ + Cy_WDT_Unlock(); + Cy_WDT_Disable(); + #endif /* (__CM0P_PRESENT == 0) */ +#endif /* __CM0P_PRESENT */ + + Cy_SystemInit(); + SystemCoreClockUpdate(); + +#ifdef __CM0P_PRESENT + #if (__CM0P_PRESENT == 0) + /* Configure data register (as CM0p in deep sleep state) of IPC structure #7, reserved for the Deep-Sleep operations. */ + REG_IPC_STRUCT_DATA(CY_IPC_STRUCT_PTR(CY_IPC_CHAN_DDFT)) = (CY_STARTUP_CM0_DP_STATE << + CY_STARTUP_IPC7_DP_OFFSET); + + /* Release IPC structure #7 to avoid deadlocks in case of SW or WDT reset during Deep-Sleep entering. */ + REG_IPC_STRUCT_RELEASE(CY_IPC_STRUCT_PTR(CY_IPC_CHAN_DDFT)) = 0UL; + #endif /* (__CM0P_PRESENT == 0) */ +#endif /* __CM0P_PRESENT */ + +#if !defined(CY_IPC_DEFAULT_CFG_DISABLE) + +#ifdef __CM0P_PRESENT + #if (__CM0P_PRESENT == 0) + /* Allocate and initialize semaphores for the system operations. */ + static uint32_t ipcSemaArray[CY_IPC_SEMA_COUNT / CY_IPC_SEMA_PER_WORD]; + (void) Cy_IPC_Sema_Init(CY_IPC_CHAN_SEMA, CY_IPC_SEMA_COUNT, ipcSemaArray); + #else + (void) Cy_IPC_Sema_Init(CY_IPC_CHAN_SEMA, 0ul, NULL); + #endif /* (__CM0P_PRESENT) */ +#else + (void) Cy_IPC_Sema_Init(CY_IPC_CHAN_SEMA, 0ul, NULL); +#endif /* __CM0P_PRESENT */ + + + /******************************************************************************** + * + * Initializes the system pipes. The system pipes are used by BLE and Flash. + * + * If the default startup file is not used, or SystemInit() is not called in your + * project, call the following three functions prior to executing any flash or + * EmEEPROM write or erase operation: + * -# Cy_IPC_Sema_Init() + * -# Cy_IPC_Pipe_Config() + * -# Cy_IPC_Pipe_Init() + * -# Cy_Flash_Init() + * + *******************************************************************************/ + /* Create an array of endpoint structures */ + static cy_stc_ipc_pipe_ep_t systemIpcPipeEpArray[CY_IPC_MAX_ENDPOINTS]; + + Cy_IPC_Pipe_Config(systemIpcPipeEpArray); + + static cy_ipc_pipe_callback_ptr_t systemIpcPipeSysCbArray[CY_SYS_CYPIPE_CLIENT_CNT]; + + static const cy_stc_ipc_pipe_config_t systemIpcPipeConfigCm4 = + { + /* .ep0ConfigData */ + { + /* .ipcNotifierNumber */ CY_IPC_INTR_CYPIPE_EP0, + /* .ipcNotifierPriority */ CY_SYS_INTR_CYPIPE_PRIOR_EP0, + /* .ipcNotifierMuxNumber */ CY_SYS_INTR_CYPIPE_MUX_EP0, + /* .epAddress */ CY_IPC_EP_CYPIPE_CM0_ADDR, + /* .epConfig */ CY_SYS_CYPIPE_CONFIG_EP0 + }, + /* .ep1ConfigData */ + { + /* .ipcNotifierNumber */ CY_IPC_INTR_CYPIPE_EP1, + /* .ipcNotifierPriority */ CY_SYS_INTR_CYPIPE_PRIOR_EP1, + /* .ipcNotifierMuxNumber */ 0u, + /* .epAddress */ CY_IPC_EP_CYPIPE_CM4_ADDR, + /* .epConfig */ CY_SYS_CYPIPE_CONFIG_EP1 + }, + /* .endpointClientsCount */ CY_SYS_CYPIPE_CLIENT_CNT, + /* .endpointsCallbacksArray */ systemIpcPipeSysCbArray, + /* .userPipeIsrHandler */ &Cy_SysIpcPipeIsrCm4 + }; + + Cy_IPC_Pipe_Init(&systemIpcPipeConfigCm4); + +#if defined(CY_DEVICE_PSOC6ABLE2) + Cy_Flash_Init(); +#endif /* defined(CY_DEVICE_PSOC6ABLE2) */ + +#endif /* !defined(CY_IPC_DEFAULT_CFG_DISABLE) */ + +#if defined(CY_DEVICE_SECURE) + /* Initialize Protected Register Access driver */ + Cy_PRA_Init(); +#endif /* defined(CY_DEVICE_SECURE) */ +} + + +/******************************************************************************* +* Function Name: Cy_SystemInit +****************************************************************************//** +* +* The function is called during device startup. Once project compiled as part of +* the PSoC Creator project, the Cy_SystemInit() function is generated by the +* PSoC Creator. +* +* The function generated by PSoC Creator performs all of the necessary device +* configuration based on the design settings. This includes settings from the +* Design Wide Resources (DWR) such as Clocks and Pins as well as any component +* configuration that is necessary. +* +*******************************************************************************/ +__WEAK void Cy_SystemInit(void) +{ + /* Empty weak function. The actual implementation to be in the PSoC Creator + * generated strong function. + */ +} + + +/******************************************************************************* +* Function Name: SystemCoreClockUpdate +****************************************************************************//** +* +* Gets core clock frequency and updates \ref SystemCoreClock, \ref +* cy_Hfclk0FreqHz, and \ref cy_PeriClkFreqHz. +* +* Updates global variables used by the \ref Cy_SysLib_Delay(), \ref +* Cy_SysLib_DelayUs(), and \ref Cy_SysLib_DelayCycles(). +* +*******************************************************************************/ +void SystemCoreClockUpdate (void) +{ + uint32 locHf0Clock = Cy_SysClk_ClkHfGetFrequency(0UL); + + if (0UL != locHf0Clock) + { + cy_Hfclk0FreqHz = locHf0Clock; + cy_PeriClkFreqHz = locHf0Clock / (1UL + (uint32_t)Cy_SysClk_ClkPeriGetDivider()); + SystemCoreClock = locHf0Clock / (1UL + (uint32_t)Cy_SysClk_ClkFastGetDivider()); + + /* Sets clock frequency for Delay API */ + cy_delayFreqMhz = (uint8_t)CY_SYSLIB_DIV_ROUNDUP(SystemCoreClock, CY_DELAY_1M_THRESHOLD); + cy_delayFreqKhz = CY_SYSLIB_DIV_ROUNDUP(SystemCoreClock, CY_DELAY_1K_THRESHOLD); + cy_delay32kMs = CY_DELAY_MS_OVERFLOW_THRESHOLD * cy_delayFreqKhz; + } +} + + +/******************************************************************************* +* Function Name: Cy_SystemInitFpuEnable +****************************************************************************//** +* +* Enables the FPU if it is used. The function is called from the startup file. +* +*******************************************************************************/ +void Cy_SystemInitFpuEnable(void) +{ + #if defined (__FPU_USED) && (__FPU_USED == 1U) + uint32_t interruptState; + interruptState = Cy_SysLib_EnterCriticalSection(); + SCB->CPACR |= SCB_CPACR_CP10_CP11_ENABLE; + __DSB(); + __ISB(); + Cy_SysLib_ExitCriticalSection(interruptState); + #endif /* (__FPU_USED) && (__FPU_USED == 1U) */ +} + + +#if !defined(CY_IPC_DEFAULT_CFG_DISABLE) +/******************************************************************************* +* Function Name: Cy_SysIpcPipeIsrCm4 +****************************************************************************//** +* +* This is the interrupt service routine for the system pipe. +* +*******************************************************************************/ +void Cy_SysIpcPipeIsrCm4(void) +{ + Cy_IPC_Pipe_ExecuteCallback(CY_IPC_EP_CYPIPE_CM4_ADDR); +} +#endif + + +/******************************************************************************* +* Function Name: Cy_MemorySymbols +****************************************************************************//** +* +* The intention of the function is to declare boundaries of the memories for the +* MDK compilers. For the rest of the supported compilers, this is done using +* linker configuration files. The following symbols used by the cymcuelftool. +* +*******************************************************************************/ +#if defined (__ARMCC_VERSION) && (__ARMCC_VERSION < 6010050) +__asm void Cy_MemorySymbols(void) +{ + /* Flash */ + EXPORT __cy_memory_0_start + EXPORT __cy_memory_0_length + EXPORT __cy_memory_0_row_size + + /* Working Flash */ + EXPORT __cy_memory_1_start + EXPORT __cy_memory_1_length + EXPORT __cy_memory_1_row_size + + /* Supervisory Flash */ + EXPORT __cy_memory_2_start + EXPORT __cy_memory_2_length + EXPORT __cy_memory_2_row_size + + /* XIP */ + EXPORT __cy_memory_3_start + EXPORT __cy_memory_3_length + EXPORT __cy_memory_3_row_size + + /* eFuse */ + EXPORT __cy_memory_4_start + EXPORT __cy_memory_4_length + EXPORT __cy_memory_4_row_size + + /* Flash */ +__cy_memory_0_start EQU __cpp(CY_FLASH_BASE) +__cy_memory_0_length EQU __cpp(CY_FLASH_SIZE) +__cy_memory_0_row_size EQU 0x200 + + /* Flash region for EEPROM emulation */ +__cy_memory_1_start EQU __cpp(CY_EM_EEPROM_BASE) +__cy_memory_1_length EQU __cpp(CY_EM_EEPROM_SIZE) +__cy_memory_1_row_size EQU 0x200 + + /* Supervisory Flash */ +__cy_memory_2_start EQU __cpp(CY_SFLASH_BASE) +__cy_memory_2_length EQU __cpp(CY_SFLASH_SIZE) +__cy_memory_2_row_size EQU 0x200 + + /* XIP */ +__cy_memory_3_start EQU __cpp(CY_XIP_BASE) +__cy_memory_3_length EQU __cpp(CY_XIP_SIZE) +__cy_memory_3_row_size EQU 0x200 + + /* eFuse */ +__cy_memory_4_start EQU __cpp(0x90700000) +__cy_memory_4_length EQU __cpp(0x100000) +__cy_memory_4_row_size EQU __cpp(1) +} +#endif /* defined (__ARMCC_VERSION) && (__ARMCC_VERSION < 6010050) */ + + +/* [] END OF FILE */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/tfm_peripherals_def.h b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/tfm_peripherals_def.h new file mode 100644 index 0000000..835822e --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/tfm_peripherals_def.h @@ -0,0 +1,36 @@ +/* + * Copyright (c) 2018-2019, Arm Limited. All rights reserved. + * Copyright (c) 2020, Cypress Semiconductor Corporation. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __TFM_PERIPHERALS_DEF_H__ +#define __TFM_PERIPHERALS_DEF_H__ + +#include "platform_irq.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#define TFM_TIMER0_IRQ (NvicMux3_IRQn) +#define TFM_TIMER1_IRQ (tcpwm_0_interrupts_1_IRQn) + +struct tfm_spm_partition_platform_data_t; + +extern struct tfm_spm_partition_platform_data_t tfm_peripheral_std_uart; +extern struct tfm_spm_partition_platform_data_t tfm_peripheral_uart1; +extern struct tfm_spm_partition_platform_data_t tfm_peripheral_timer0; + +#define TFM_PERIPHERAL_STD_UART (&tfm_peripheral_std_uart) +#define TFM_PERIPHERAL_UART1 (&tfm_peripheral_uart1) +#define TFM_PERIPHERAL_TIMER0 (&tfm_peripheral_timer0) +#define TFM_PERIPHERAL_FPGA_IO (0) + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_PERIPHERALS_DEF_H__ */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/tfm_plat_defs.h b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/tfm_plat_defs.h new file mode 100644 index 0000000..487bba5 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/COMPONENT_CM4/tfm_plat_defs.h @@ -0,0 +1,71 @@ +/* + * Copyright (c) 2017-2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __TFM_PLAT_DEFS_H__ +#define __TFM_PLAT_DEFS_H__ +/** + * \note The interfaces defined in this file must be implemented for each + * target. + */ + +#include +#include + +enum tfm_plat_err_t { + TFM_PLAT_ERR_SUCCESS = 0, + TFM_PLAT_ERR_SYSTEM_ERR, + TFM_PLAT_ERR_MAX_VALUE, + TFM_PLAT_ERR_INVALID_INPUT, + TFM_PLAT_ERR_UNSUPPORTED, + /* Following entry is only to ensure the error code of int size */ + TFM_PLAT_ERR_FORCE_INT_SIZE = INT_MAX +}; + +#if defined(TFM_PSA_API) && defined(TFM_LVL) && (TFM_LVL != 1) + +/*! + * \def TFM_LINK_SET_RO_IN_PARTITION_SECTION(TFM_PARTITION_NAME) + * + * \brief This macro provides a mechanism to place a function code or a data + * variable in the code section (e.g. RO) of a specific secure partition + * at linker time. + * + * \param[in] TFM_PARTITION_NAME TF-M partition name assigned in the manifest + * file "name" field. + */ +#define TFM_LINK_SET_RO_IN_PARTITION_SECTION(TFM_PARTITION_NAME) \ + __attribute__((section(TFM_PARTITION_NAME"_ATTR_FN"))) + +/*! + * \def TFM_LINK_SET_RW_IN_PARTITION_SECTION(TFM_PARTITION_NAME) + * + * \brief This macro provides a mechanism to place data variables in the RW data + * section of a specific secure partition at linker time. + * + * \param[in] TFM_PARTITION_NAME TF-M partition name assigned in the manifest + * file "name" field. + */ +#define TFM_LINK_SET_RW_IN_PARTITION_SECTION(TFM_PARTITION_NAME) \ + __attribute__((section(TFM_PARTITION_NAME"_ATTR_RW"))) + +/*! + * \def TFM_LINK_SET_ZI_IN_PARTITION_SECTION(TFM_PARTITION_NAME) + * + * \brief This macro provides a mechanism to place data variables in the ZI data + * section of a specific secure partition at linker time. + * + * \param[in] TFM_PARTITION_NAME TF-M partition name assigned in the manifest + * file "name" field. + */ +#define TFM_LINK_SET_ZI_IN_PARTITION_SECTION(TFM_PARTITION_NAME) \ + __attribute__((section(TFM_PARTITION_NAME"_ATTR_ZI"))) +#else +#define TFM_LINK_SET_RO_IN_PARTITION_SECTION(TFM_PARTITION_NAME) +#define TFM_LINK_SET_RW_IN_PARTITION_SECTION(TFM_PARTITION_NAME) +#define TFM_LINK_SET_ZI_IN_PARTITION_SECTION(TFM_PARTITION_NAME) +#endif +#endif /* __TFM_PLAT_DEFS_H__ */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/system_psoc6.h b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/system_psoc6.h new file mode 100755 index 0000000..bd27b72 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/device/system_psoc6.h @@ -0,0 +1,674 @@ +/***************************************************************************//** +* \file system_psoc6.h +* \version 2.80 +* +* \brief Device system header file. +* +******************************************************************************** +* \copyright +* Copyright 2016-2020 Cypress Semiconductor Corporation +* SPDX-License-Identifier: Apache-2.0 +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*******************************************************************************/ + + +#ifndef _SYSTEM_PSOC6_H_ +#define _SYSTEM_PSOC6_H_ + +/** +* \addtogroup group_system_config +* \{ +* Provides device startup, system configuration, and linker script files. +* The system startup provides the followings features: +* - See \ref group_system_config_device_initialization for the: +* * \ref group_system_config_dual_core_device_initialization +* * \ref group_system_config_single_core_device_initialization +* - \ref group_system_config_device_memory_definition +* - \ref group_system_config_heap_stack_config +* - \ref group_system_config_default_handlers +* - \ref group_system_config_device_vector_table +* - \ref group_system_config_cm4_functions +* +* \section group_system_config_configuration Configuration Considerations +* +* \subsection group_system_config_device_memory_definition Device Memory Definition +* The flash and RAM allocation for each CPU is defined by the linker scripts. +* For dual-core devices, the physical flash and RAM memory is shared between the CPU cores. +* 2 KB of RAM (allocated at the end of RAM) are reserved for system use. +* For Single-Core devices the system reserves additional 80 bytes of RAM. +* Using the reserved memory area for other purposes will lead to unexpected behavior. +* +* \note The linker files provided with the PDL are generic and handle all common +* use cases. Your project may not use every section defined in the linker files. +* In that case you may see warnings during the build process. To eliminate build +* warnings in your project, you can simply comment out or remove the relevant +* code in the linker file. +* +* \note For the PSoC 64 Secure MCUs devices, refer to the following page: +* https://www.cypress.com/documentation/software-and-drivers/psoc-64-secure-mcu-secure-boot-sdk-user-guide +* +* +* ARM GCC\n +* The flash and RAM sections for the CPU are defined in the linker files: +* 'xx_yy.ld', where 'xx' is the device group, and 'yy' is the target CPU; for example, +* 'cy8c6xx7_cm0plus.ld' and 'cy8c6xx7_cm4_dual.ld'. +* \note If the start of the Cortex-M4 application image is changed, the value +* of the \ref CY_CORTEX_M4_APPL_ADDR should also be changed. The +* \ref CY_CORTEX_M4_APPL_ADDR macro should be used as the parameter for the +* Cy_SysEnableCM4() function call. +* By default, the COMPONENT_CM0P_SLEEP prebuilt image is used for the CM0p core. +* More about CM0+ prebuilt images, see here: +* https://github.com/cypresssemiconductorco/psoc6cm0p +* +* Change the flash and RAM sizes by editing the macros value in the +* linker files for both CPUs: +* - 'xx_cm0plus.ld', where 'xx' is the device group: +* \code +* flash (rx) : ORIGIN = 0x10000000, LENGTH = 0x2000 +* ram (rwx) : ORIGIN = 0x08000000, LENGTH = 0x2000 +* \endcode +* - 'xx_cm4_dual.ld', where 'xx' is the device group: +* \code +* flash (rx) : ORIGIN = 0x10000000, LENGTH = 0x100000 +* ram (rwx) : ORIGIN = 0x08002000, LENGTH = 0x45800 +* \endcode +* +* Change the value of the \ref CY_CORTEX_M4_APPL_ADDR macro to the ROM ORIGIN's +* value (0x10000000) + FLASH_CM0P_SIZE value (0x2000, the size of a flash image +* of the Cortex-M0+ application should be the same value as the flash LENGTH in +* 'xx_cm0plus.ld') in the 'xx_cm4_dual.ld' file, where 'xx' is the device group. +* Do this by either: +* - Passing the following commands to the compiler:\n +* \code -D CY_CORTEX_M4_APPL_ADDR=0x10002000 \endcode +* or +* - Editing the \ref CY_CORTEX_M4_APPL_ADDR value in the 'system_xx.h', where +* 'xx' is the device family:\n +* \code #define CY_CORTEX_M4_APPL_ADDR (0x10002000u) \endcode +* +* ARM Compiler\n +* The flash and RAM sections for the CPU are defined in the linker files: +* 'xx_yy.sct', where 'xx' is the device group, and 'yy' is the target CPU; for +* example 'cy8c6xx7_cm0plus.sct' and 'cy8c6xx7_cm4_dual.sct'. +* \note If the start of the Cortex-M4 application image is changed, the value +* of the of the \ref CY_CORTEX_M4_APPL_ADDR should also be changed. The +* \ref CY_CORTEX_M4_APPL_ADDR macro should be used as the parameter for the \ref +* Cy_SysEnableCM4() function call. +* By default, the COMPONENT_CM0P_SLEEP prebuilt image is used for the CM0p core. +* More about CM0+ prebuilt images, see here: +* https://github.com/cypresssemiconductorco/psoc6cm0p +* +* \note The linker files provided with the PDL are generic and handle all common +* use cases. Your project may not use every section defined in the linker files. +* In that case you may see the warnings during the build process: +* L6314W (no section matches pattern) and/or L6329W +* (pattern only matches removed unused sections). In your project, you can +* suppress the warning by passing the "--diag_suppress=L6314W,L6329W" option to +* the linker. You can also comment out or remove the relevant code in the linker +* file. +* +* Change the flash and RAM sizes by editing the macros value in the +* linker files for both CPUs: +* - 'xx_cm0plus.sct', where 'xx' is the device group: +* \code +* #define FLASH_START 0x10000000 +* #define FLASH_SIZE 0x00002000 +* #define RAM_START 0x08000000 +* #define RAM_SIZE 0x00002000 +* \endcode +* - 'xx_cm4_dual.sct', where 'xx' is the device group: +* \code +* #define FLASH_START 0x10000000 +* #define FLASH_SIZE 0x00100000 +* #define RAM_START 0x08002000 +* #define RAM_SIZE 0x00045800 +* \endcode +* +* Change the value of the \ref CY_CORTEX_M4_APPL_ADDR macro to the FLASH_START +* value (0x10000000) + FLASH_CM0P_SIZE value (0x2000, the size of a flash image +* of the Cortex-M0+ application should be the same value as the FLASH_SIZE in the +* 'xx_cm0plus.sct') in the 'xx_cm4_dual.sct' file, where 'xx' is the device group. +* Do this by either: +* - Passing the following commands to the compiler:\n +* \code -D CY_CORTEX_M4_APPL_ADDR=0x10002000 \endcode +* or +* - Editing the \ref CY_CORTEX_M4_APPL_ADDR value in the 'system_xx.h', where +* 'xx' is the device family:\n +* \code #define CY_CORTEX_M4_APPL_ADDR (0x10002000u) \endcode +* +* IAR\n +* The flash and RAM sections for the CPU are defined in the linker files: +* 'xx_yy.icf', where 'xx' is the device group, and 'yy' is the target CPU; for example, +* 'cy8c6xx7_cm0plus.icf' and 'cy8c6xx7_cm4_dual.icf'. +* \note If the start of the Cortex-M4 application image is changed, the value +* of the of the \ref CY_CORTEX_M4_APPL_ADDR should also be changed. The +* \ref CY_CORTEX_M4_APPL_ADDR macro should be used as the parameter for the \ref +* Cy_SysEnableCM4() function call. +* By default, the COMPONENT_CM0P_SLEEP prebuilt image is used for the CM0p core. +* More about CM0+ prebuilt images, see here: +* https://github.com/cypresssemiconductorco/psoc6cm0p +* +* Change the flash and RAM sizes by editing the macros value in the +* linker files for both CPUs: +* - 'xx_cm0plus.icf', where 'xx' is the device group: +* \code +* define symbol __ICFEDIT_region_IROM1_start__ = 0x10000000; +* define symbol __ICFEDIT_region_IROM1_end__ = 0x10001FFF; +* define symbol __ICFEDIT_region_IRAM1_start__ = 0x08000000; +* define symbol __ICFEDIT_region_IRAM1_end__ = 0x08001FFF; +* \endcode +* - 'xx_cm4_dual.icf', where 'xx' is the device group: +* \code +* define symbol __ICFEDIT_region_IROM1_start__ = 0x10000000; +* define symbol __ICFEDIT_region_IROM1_end__ = 0x100FFFFF; +* define symbol __ICFEDIT_region_IRAM1_start__ = 0x08002000; +* define symbol __ICFEDIT_region_IRAM1_end__ = 0x080477FF; +* \endcode +* +* Change the value of the \ref CY_CORTEX_M4_APPL_ADDR macro to the +* __ICFEDIT_region_IROM1_start__ value (0x10000000) + FLASH_CM0P_SIZE value +* (0x2000, the size of a flash image of the Cortex-M0+ application) in the +* 'xx_cm4_dual.icf' file, where 'xx' is the device group. The sum result +* should be the same as (__ICFEDIT_region_IROM1_end__ + 1) value in the +* 'xx_cm0plus.icf'. Do this by either: +* - Passing the following commands to the compiler:\n +* \code -D CY_CORTEX_M4_APPL_ADDR=0x10002000 \endcode +* or +* - Editing the \ref CY_CORTEX_M4_APPL_ADDR value in the 'system_xx.h', where +* 'xx' is the device family:\n +* \code #define CY_CORTEX_M4_APPL_ADDR (0x10002000u) \endcode +* +* \subsection group_system_config_device_initialization Device Initialization +* After a power-on-reset (POR), the boot process is handled by the boot code +* from the on-chip ROM that is always executed by the Cortex-M0+ core. The boot +* code passes the control to the Cortex-M0+ startup code located in flash. +* +* \subsubsection group_system_config_dual_core_device_initialization Dual-Core Devices +* The Cortex-M0+ startup code performs the device initialization by a call to +* SystemInit() and then calls the main() function. The Cortex-M4 core is disabled +* by default. Enable the core using the \ref Cy_SysEnableCM4() function. +* See \ref group_system_config_cm4_functions for more details. +* \note Startup code executes SystemInit() function for the both Cortex-M0+ and Cortex-M4 cores. +* The function has a separate implementation on each core. +* Both function implementations unlock and disable the WDT. +* Therefore enable the WDT after both cores have been initialized. +* +* \subsubsection group_system_config_single_core_device_initialization Single-Core Devices +* The Cortex-M0+ core is not user-accessible on these devices. In this case the +* Flash Boot handles setup of the CM0+ core and starts the Cortex-M4 core. +* +* \subsection group_system_config_heap_stack_config Heap and Stack Configuration +* There are two ways to adjust heap and stack configurations: +* -# Editing source code files +* -# Specifying via command line +* +* By default, the stack size is set to 0x00001000 and the heap size is allocated +* dynamically to the whole available free memory up to stack memory and it +* is set to the 0x00000400 (for ARM GCC and IAR compilers) as minimal value. +* +* \subsubsection group_system_config_heap_stack_config_gcc ARM GCC +* - Editing source code files\n +* The heap and stack sizes are defined in the assembler startup files +* (e.g. startup_psoc6_01_cm0plus.S and startup_psoc6_01_cm4.S). +* Change the heap and stack sizes by modifying the following lines:\n +* \code .equ Stack_Size, 0x00001000 \endcode +* \code .equ Heap_Size, 0x00000400 \endcode +* Also, the stack size is defined in the linker script files: 'xx_yy.ld', +* where 'xx' is the device family, and 'yy' is the target CPU; for example, +* cy8c6xx7_cm0plus.ld and cy8c6xx7_cm4_dual.ld. +* Change the stack size by modifying the following line:\n +* \code STACK_SIZE = 0x1000; \endcode +* +* \subsubsection group_system_config_heap_stack_config_mdk ARM Compiler +* - Editing source code files\n +* The stack size is defined in the linker script files: 'xx_yy.sct', +* where 'xx' is the device family, and 'yy' is the target CPU; for example, +* cy8c6xx7_cm0plus.sct and cy8c6xx7_cm4_dual.sct. +* Change the stack size by modifying the following line:\n +* \code STACK_SIZE = 0x1000; \endcode +* +* \subsubsection group_system_config_heap_stack_config_iar IAR +* - Editing source code files\n +* The heap and stack sizes are defined in the linker script files: 'xx_yy.icf', +* where 'xx' is the device family, and 'yy' is the target CPU; for example, +* cy8c6xx7_cm0plus.icf and cy8c6xx7_cm4_dual.icf. +* Change the heap and stack sizes by modifying the following lines:\n +* \code Stack_Size EQU 0x00001000 \endcode +* \code Heap_Size EQU 0x00000400 \endcode +* +* - Specifying via command line\n +* Change the heap and stack sizes passing the following commands to the +* linker (including quotation marks):\n +* \code --define_symbol __STACK_SIZE=0x000000400 \endcode +* \code --define_symbol __HEAP_SIZE=0x000000100 \endcode +* +* \subsection group_system_config_default_handlers Default Interrupt Handlers Definition +* The default interrupt handler functions are defined as weak functions to a dummy +* handler in the startup file. The naming convention for the interrupt handler names +* is \_IRQHandler. A default interrupt handler can be overwritten in +* user code by defining the handler function using the same name. For example: +* \code +* void scb_0_interrupt_IRQHandler(void) +*{ +* ... +*} +* \endcode +* +* \subsection group_system_config_device_vector_table Vectors Table Copy from Flash to RAM +* This process uses memory sections defined in the linker script. The startup +* code actually defines the contents of the vector table and performs the copy. +* \subsubsection group_system_config_device_vector_table_gcc ARM GCC +* The linker script file is 'xx_yy.ld', where 'xx' is the device family, and +* 'yy' is the target CPU; for example, cy8c6xx7_cm0plus.ld and cy8c6xx7_cm4_dual.ld. +* It defines sections and locations in memory.\n +* Copy interrupt vectors from flash to RAM: \n +* From: \code LONG (__Vectors) \endcode +* To: \code LONG (__ram_vectors_start__) \endcode +* Size: \code LONG (__Vectors_End - __Vectors) \endcode +* The vector table address (and the vector table itself) are defined in the +* assembler startup files (e.g. startup_psoc6_01_cm0plus.S and startup_psoc6_01_cm4.S). +* The code in these files copies the vector table from Flash to RAM. +* \subsubsection group_system_config_device_vector_table_mdk ARM Compiler +* The linker script file is 'xx_yy.sct', where 'xx' is the device family, +* and 'yy' is the target CPU; for example, cy8c6xx7_cm0plus.sct and +* cy8c6xx7_cm4_dual.sct. The linker script specifies that the vector table +* (RESET_RAM) shall be first in the RAM section.\n +* RESET_RAM represents the vector table. It is defined in the assembler startup +* files (e.g. startup_psoc6_01_cm0plus.s and startup_psoc6_01_cm4.s). +* The code in these files copies the vector table from Flash to RAM. +* +* \subsubsection group_system_config_device_vector_table_iar IAR +* The linker script file is 'xx_yy.icf', where 'xx' is the device family, and +* 'yy' is the target CPU; for example, cy8c6xx7_cm0plus.icf and cy8c6xx7_cm4_dual.icf. +* This file defines the .intvec_ram section and its location. +* \code place at start of IRAM1_region { readwrite section .intvec_ram}; \endcode +* The vector table address (and the vector table itself) are defined in the +* assembler startup files (e.g. startup_psoc6_01_cm0plus.s and startup_psoc6_01_cm4.s). +* The code in these files copies the vector table from Flash to RAM. +* +* \section group_system_config_MISRA MISRA Compliance +* +* +* +* +* +* +* +* +* +* +* +* +* +* +*
MISRA RuleRule Class (Required/Advisory)Rule DescriptionDescription of Deviation(s)
2.3RThe character sequence // shall not be used within a comment.The comments provide a useful WEB link to the documentation.
+* +* \section group_system_config_changelog Changelog +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +* +*
VersionChangesReason for Change
2.80Updated linker scripts for PSoC 64 Secure MCU devices.Updated FLASH and SRAM memory area definitions in cyb0xxx linker script templates +* in accordance with the PSoC 64 Secure Boot SDK policies.
Added \ref Cy_PRA_Init() function call to \ref SystemInit() API for CM0+ core of PSoC 64 Secure MCU.Updated PSoC 64 Secure MCU startup sequence to initialize the Protected Register Access driver.
2.70.1Updated documentation for the better description of the existing startup implementation.User experience enhancement.
2.70Updated \ref SystemCoreClockUpdate() implementation - The SysClk API is reused.Code optimization.
Updated \ref SystemInit() implementation - The IPC7 structure is initialized for both cores.Provided support for SysPM driver updates.
Updated the linker scripts.Reserved FLASH area for the MCU boot headers.
Added System Pipe initialization for all devices. Improved PDL usability according to user experience.
Removed redundant legacy macros: CY_CLK_EXT_FREQ_HZ, CY_CLK_ECO_FREQ_HZ and CY_CLK_ALTHF_FREQ_HZ. +* Use \ref Cy_SysClk_ExtClkSetFrequency, \ref Cy_SysClk_EcoConfigure and \ref Cy_BLE_EcoConfigure functions instead them. Defect fixing.
2.60Updated linker scripts.Provided support for new devices, updated usage of CM0p prebuilt image.
2.50Updated assembler files, C files, linker scripts.Dynamic allocated HEAP size for Arm Compiler 6, IAR 8.
2.40Updated assembler files, C files, linker scripts.Added Arm Compiler 6 support.
2.30Added assembler files, linker scripts for Mbed OS.Added Arm Mbed OS embedded operating system support.
Updated linker scripts to extend the Flash and Ram memories size available for the CM4 core.Enhanced PDL usability.
2.20Moved the Cy_IPC_SystemSemaInit(), Cy_IPC_SystemPipeInit() functions implementation from IPC to Startup.Changed the IPC driver configuration method from compile time to run time.
2.10Added constructor attribute to SystemInit() function declaration for ARM MDK compiler. \n +* Removed $Sub$$main symbol for ARM MDK compiler. +* uVision Debugger support.
Updated description of the Startup behavior for Single-Core Devices. \n +* Added note about WDT disabling by SystemInit() function. +* Documentation improvement.
2.0Added restoring of FLL registers to the default state in SystemInit() API for single core devices. +* Single core device support. +*
Added Normal Access Restrictions, Public Key, TOC part2 and TOC part2 copy to Supervisory flash linker memory regions. \n +* Renamed 'wflash' memory region to 'em_eeprom'. +* Linker scripts usability improvement.
Added Cy_IPC_SystemSemaInit(), Cy_IPC_SystemPipeInit(), Cy_Flash_Init() functions call to SystemInit() API.Reserved system resources for internal operations.
Added clearing and releasing of IPC structure #7 (reserved for the Deep-Sleep operations) to SystemInit() API.To avoid deadlocks in case of SW or WDT reset during Deep-Sleep entering.
1.0Initial version
+* +* +* \defgroup group_system_config_macro Macro +* \{ +* \defgroup group_system_config_system_macro System +* \defgroup group_system_config_cm4_status_macro Cortex-M4 Status +* \defgroup group_system_config_user_settings_macro User Settings +* \} +* \defgroup group_system_config_functions Functions +* \{ +* \defgroup group_system_config_system_functions System +* \defgroup group_system_config_cm4_functions Cortex-M4 Control +* \} +* \defgroup group_system_config_globals Global Variables +* +* \} +*/ + +/** +* \addtogroup group_system_config_system_functions +* \{ +* \details +* The following system functions implement CMSIS Core functions. +* Refer to the [CMSIS documentation] +* (http://www.keil.com/pack/doc/CMSIS/Core/html/group__system__init__gr.html "System and Clock Configuration") +* for more details. +* \} +*/ + +#ifdef __cplusplus +extern "C" { +#endif + + +/******************************************************************************* +* Include files +*******************************************************************************/ +#include + + +/******************************************************************************* +* Global preprocessor symbols/macros ('define') +*******************************************************************************/ +#if ((defined(__GNUC__) && (__ARM_ARCH == 6) && (__ARM_ARCH_6M__ == 1)) || \ + (defined (__ICCARM__) && (__CORE__ == __ARM6M__)) || \ + (defined(__ARMCC_VERSION) && (__TARGET_ARCH_THUMB == 3))) + #define CY_SYSTEM_CPU_CM0P 1UL +#else + #define CY_SYSTEM_CPU_CM0P 0UL +#endif + + +/******************************************************************************* +* +* START OF USER SETTINGS HERE +* =========================== +* +* All lines with '<<<' can be set by user. +* +*******************************************************************************/ + +/** +* \addtogroup group_system_config_user_settings_macro +* \{ +*/ + + +/***************************************************************************//** +* \brief Start address of the Cortex-M4 application ([address]UL) +* (USER SETTING) +*******************************************************************************/ +#if !defined (CY_CORTEX_M4_APPL_ADDR) + #define CY_CORTEX_M4_APPL_ADDR (CY_FLASH_BASE + 0x2000U) /* <<< 8 kB of flash is reserved for the Cortex-M0+ application */ +#endif /* (CY_CORTEX_M4_APPL_ADDR) */ + + +/***************************************************************************//** +* \brief IPC Semaphores allocation ([value]UL). +* (USER SETTING) +*******************************************************************************/ +#define CY_IPC_SEMA_COUNT (128UL) /* <<< This will allow 128 (4*32) semaphores */ + + +/***************************************************************************//** +* \brief IPC Pipe definitions ([value]UL). +* (USER SETTING) +*******************************************************************************/ +#define CY_IPC_MAX_ENDPOINTS (8UL) /* <<< 8 endpoints */ + + +/******************************************************************************* +* +* END OF USER SETTINGS HERE +* ========================= +* +*******************************************************************************/ + +/** \} group_system_config_user_settings_macro */ + + +/** +* \addtogroup group_system_config_system_macro +* \{ +*/ + +#if (CY_SYSTEM_CPU_CM0P == 1UL) || defined(CY_DOXYGEN) + /** The Cortex-M0+ startup driver identifier */ + #define CY_STARTUP_M0P_ID ((uint32_t)((uint32_t)((0x0EU) & 0x3FFFU) << 18U)) +#endif /* (CY_SYSTEM_CPU_CM0P == 1UL) */ + +#if (CY_SYSTEM_CPU_CM0P != 1UL) || defined(CY_DOXYGEN) + /** The Cortex-M4 startup driver identifier */ + #define CY_STARTUP_M4_ID ((uint32_t)((uint32_t)((0x0FU) & 0x3FFFU) << 18U)) +#endif /* (CY_SYSTEM_CPU_CM0P != 1UL) */ + +/** \} group_system_config_system_macro */ + + +/** +* \addtogroup group_system_config_system_functions +* \{ +*/ +extern void SystemInit(void); + +extern void SystemCoreClockUpdate(void); +/** \} group_system_config_system_functions */ + + +/** +* \addtogroup group_system_config_cm4_functions +* \{ +*/ +extern uint32_t Cy_SysGetCM4Status(void); +extern void Cy_SysEnableCM4(uint32_t vectorTableOffset); +extern void Cy_SysDisableCM4(void); +extern void Cy_SysRetainCM4(void); +extern void Cy_SysResetCM4(void); +/** \} group_system_config_cm4_functions */ + + +/** \cond */ +extern void Default_Handler (void); + +void Cy_SysIpcPipeIsrCm0(void); +void Cy_SysIpcPipeIsrCm4(void); + +extern void Cy_SystemInit(void); +extern void Cy_SystemInitFpuEnable(void); + +extern uint32_t cy_delayFreqKhz; +extern uint8_t cy_delayFreqMhz; +extern uint32_t cy_delay32kMs; +/** \endcond */ + + +#if (CY_SYSTEM_CPU_CM0P == 1UL) || defined(CY_DOXYGEN) +/** +* \addtogroup group_system_config_cm4_status_macro +* \{ +*/ +#define CY_SYS_CM4_STATUS_ENABLED (3U) /**< The Cortex-M4 core is enabled: power on, clock on, no isolate, no reset and no retain. */ +#define CY_SYS_CM4_STATUS_DISABLED (0U) /**< The Cortex-M4 core is disabled: power off, clock off, isolate, reset and no retain. */ +#define CY_SYS_CM4_STATUS_RETAINED (2U) /**< The Cortex-M4 core is retained. power off, clock off, isolate, no reset and retain. */ +#define CY_SYS_CM4_STATUS_RESET (1U) /**< The Cortex-M4 core is in the Reset mode: clock off, no isolated, no retain and reset. */ +/** \} group_system_config_cm4_status_macro */ + +#endif /* (CY_SYSTEM_CPU_CM0P == 1UL) */ + + +/******************************************************************************* +* IPC Configuration +* ========================= +*******************************************************************************/ +/* IPC CY_PIPE default configuration */ +#define CY_SYS_CYPIPE_CLIENT_CNT (8UL) + +#define CY_SYS_INTR_CYPIPE_MUX_EP0 (1UL) /* IPC CYPRESS PIPE */ +#define CY_SYS_INTR_CYPIPE_PRIOR_EP0 (1UL) /* Notifier Priority */ +#define CY_SYS_INTR_CYPIPE_PRIOR_EP1 (1UL) /* Notifier Priority */ + +#define CY_SYS_CYPIPE_CHAN_MASK_EP0 (0x0001UL << CY_IPC_CHAN_CYPIPE_EP0) +#define CY_SYS_CYPIPE_CHAN_MASK_EP1 (0x0001UL << CY_IPC_CHAN_CYPIPE_EP1) + + +/******************************************************************************/ +/* + * The System pipe configuration defines the IPC channel number, interrupt + * number, and the pipe interrupt mask for the endpoint. + * + * The format of the endPoint configuration + * Bits[31:16] Interrupt Mask + * Bits[15:8 ] IPC interrupt + * Bits[ 7:0 ] IPC channel + */ + +/* System Pipe addresses */ +/* CyPipe defines */ + +#define CY_SYS_CYPIPE_INTR_MASK ( CY_SYS_CYPIPE_CHAN_MASK_EP0 | CY_SYS_CYPIPE_CHAN_MASK_EP1 ) + +#define CY_SYS_CYPIPE_CONFIG_EP0 ( (CY_SYS_CYPIPE_INTR_MASK << CY_IPC_PIPE_CFG_IMASK_Pos) \ + | (CY_IPC_INTR_CYPIPE_EP0 << CY_IPC_PIPE_CFG_INTR_Pos) \ + | CY_IPC_CHAN_CYPIPE_EP0) +#define CY_SYS_CYPIPE_CONFIG_EP1 ( (CY_SYS_CYPIPE_INTR_MASK << CY_IPC_PIPE_CFG_IMASK_Pos) \ + | (CY_IPC_INTR_CYPIPE_EP1 << CY_IPC_PIPE_CFG_INTR_Pos) \ + | CY_IPC_CHAN_CYPIPE_EP1) + +/******************************************************************************/ + + +/** \addtogroup group_system_config_globals +* \{ +*/ + +extern uint32_t SystemCoreClock; +extern uint32_t cy_BleEcoClockFreqHz; +extern uint32_t cy_Hfclk0FreqHz; +extern uint32_t cy_PeriClkFreqHz; + +/** \} group_system_config_globals */ + + + +/** \cond INTERNAL */ +/******************************************************************************* +* Backward compatibility macros. The following code is DEPRECATED and must +* not be used in new projects +*******************************************************************************/ + +/* BWC defines for functions related to enter/exit critical section */ +#define Cy_SaveIRQ Cy_SysLib_EnterCriticalSection +#define Cy_RestoreIRQ Cy_SysLib_ExitCriticalSection +#define CY_SYS_INTR_CYPIPE_EP0 (CY_IPC_INTR_CYPIPE_EP0) +#define CY_SYS_INTR_CYPIPE_EP1 (CY_IPC_INTR_CYPIPE_EP1) +#define cy_delayFreqHz (SystemCoreClock) + +/** \endcond */ + +#ifdef __cplusplus +} +#endif + +#endif /* _SYSTEM_PSOC6_H_ */ + + +/* [] END OF FILE */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/TFM_NS_KEY.json b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/TFM_NS_KEY.json new file mode 100644 index 0000000..4a8c4f4 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/TFM_NS_KEY.json @@ -0,0 +1,11 @@ +{ + "custom_priv_key": { + "crv": "P-256", + "d": "uR_Jq6LjMgp8DVtE7pKguttNo6L239aEcijzGOr5C70", + "kty": "EC", + "use": "sig", + "x": "_za6DQEnUxqOm0vK9Pgvt9GHBtFi1XIVrPvfQ5zq90k", + "y": "mhqW_r-kI0hWvAW_cqQmyaxlRs02bF4w-v4iV8YY-DQ", + "kid": "8" + } +} \ No newline at end of file diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/TFM_NS_KEY_PRIV.pem b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/TFM_NS_KEY_PRIV.pem new file mode 100644 index 0000000..e1f8e15 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/TFM_NS_KEY_PRIV.pem @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQguR/Jq6LjMgp8DVtE +7pKguttNo6L239aEcijzGOr5C72hRANCAAT/NroNASdTGo6bS8r0+C+30YcG0WLV +chWs+99DnOr3SZoalv6/pCNIVrwFv3KkJsmsZUbNNmxeMPr+IlfGGPg0 +-----END PRIVATE KEY----- diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/TFM_S_KEY.json b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/TFM_S_KEY.json new file mode 100644 index 0000000..44940c8 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/TFM_S_KEY.json @@ -0,0 +1,11 @@ +{ + "custom_priv_key": { + "crv": "P-256", + "d": "2zqwPP8bQUIEngCuNdpBtmcM-YwNMXqPcDYft6YaSio", + "kty": "EC", + "use": "sig", + "x": "qRDosvLFLGzZO9qpzLoVXIqL9PNcHabuix7aMpmTnCY", + "y": "-Dv0N4xICZUnKRLNDrjVjC9xrVxH8-VVPAZpysm-_u8", + "kid": "6" + } +} \ No newline at end of file diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/TFM_S_KEY_PRIV.pem b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/TFM_S_KEY_PRIV.pem new file mode 100644 index 0000000..925b8ad --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/TFM_S_KEY_PRIV.pem @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg2zqwPP8bQUIEngCu +NdpBtmcM+YwNMXqPcDYft6YaSiqhRANCAASpEOiy8sUsbNk72qnMuhVciov081wd +pu6LHtoymZOcJvg79DeMSAmVJykSzQ641Ywvca1cR/PlVTwGacrJvv7v +-----END PRIVATE KEY----- diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/USERAPP_CM4_KEY_PRIV.pem b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/USERAPP_CM4_KEY_PRIV.pem new file mode 100644 index 0000000..925b8ad --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/USERAPP_CM4_KEY_PRIV.pem @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg2zqwPP8bQUIEngCu +NdpBtmcM+YwNMXqPcDYft6YaSiqhRANCAASpEOiy8sUsbNk72qnMuhVciov081wd +pu6LHtoymZOcJvg79DeMSAmVJykSzQ641Ywvca1cR/PlVTwGacrJvv7v +-----END PRIVATE KEY----- diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/hsm_state.json b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/hsm_state.json new file mode 100644 index 0000000..e248170 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/hsm_state.json @@ -0,0 +1,18 @@ +{ + "hsm_priv_key": { + "crv": "P-256", + "d": "d-r9nPjLka7g5BHiT7OexYV7na-ofuNfjPPN4XvP_yQ", + "kty": "EC", + "use": "sig", + "x": "sJMsN-2Jo27kc51wVK7xJ2fP9BDkzAc2fZEZMlohHXA", + "y": "MWluzmXgXOvdQQDYX3yy1Tk9QoHL-9DZhswZpY0Xe5U" + }, + "hsm_pub_key": { + "crv": "P-256", + "kty": "EC", + "use": "sig", + "kid": "4", + "x": "sJMsN-2Jo27kc51wVK7xJ2fP9BDkzAc2fZEZMlohHXA", + "y": "MWluzmXgXOvdQQDYX3yy1Tk9QoHL-9DZhswZpY0Xe5U" + } +} \ No newline at end of file diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/oem_state.json b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/oem_state.json new file mode 100644 index 0000000..978cfbd --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/oem_state.json @@ -0,0 +1,18 @@ +{ + "oem_priv_key": { + "crv": "P-256", + "d": "JVozA1oRvg-zSotMUbrGebV3oBhBaF1mqUyEn_Fdcqc", + "kty": "EC", + "use": "sig", + "x": "vfb7_jewTxpFVINcXdrZQJBArC5igrN0BLc783FigrM", + "y": "9rBBUKXzpj1A5K7fxPtEaJdsfo7Jj_wsF7LTZLc-sPM" + }, + "oem_pub_key": { + "crv": "P-256", + "kty": "EC", + "use": "sig", + "kid": "5", + "x": "vfb7_jewTxpFVINcXdrZQJBArC5igrN0BLc783FigrM", + "y": "9rBBUKXzpj1A5K7fxPtEaJdsfo7Jj_wsF7LTZLc-sPM" + } +} \ No newline at end of file diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/readme.rst b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/readme.rst new file mode 100644 index 0000000..c8cfb17 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/keys/readme.rst @@ -0,0 +1,4 @@ +Signing keys: + +TFM_S_KEY.json - private OEM key for signing CM0P image +TFM_NS_KEY.json - private OEM key for signing CM4 image diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/packets/cy_auth.jwt b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/packets/cy_auth.jwt new file mode 100644 index 0000000..eebd6a3 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/packets/cy_auth.jwt @@ -0,0 +1 @@ +eyJhbGciOiJFUzI1NiJ9.eyJhdXRoIjp7fSwiY3lfcHViX2tleSI6eyJjcnYiOiJQLTI1NiIsImtpZCI6IjMiLCJrdHkiOiJFQyIsInVzZSI6InNpZyIsIngiOiJTYjhsVHB5X3BkM05yVVRraEl6ZzJqek0zN3VOcU5pdXQ4V0MtUXYzWE1RIiwieSI6IkN0d0NpNGFyWHNqRUQ1VFZtcl92UGxQMmtlMTMzS0s3bFA3U3pfSVppREUifSwiZXhwIjoxOTI0ODk4NDAwLCJoc21fcHViX2tleSI6eyJjcnYiOiJQLTI1NiIsImtpZCI6IjQiLCJrdHkiOiJFQyIsInVzZSI6InNpZyIsIngiOiJzSk1zTi0ySm8yN2tjNTF3Vks3eEoyZlA5QkRrekFjMmZaRVpNbG9oSFhBIiwieSI6Ik1XbHV6bVhnWE92ZFFRRFlYM3l5MVRrOVFvSEwtOURaaHN3WnBZMFhlNVUifSwiaWF0IjoxNTc4NTY0NDAwLCJ0eXBlIjoiQ1lfQVVUSF9IU00ifQ.3CwkRfY55eMAm6Zfj96JZrtrSx_6d-vkJ8JnPSfTY4vwemMG3WFwlD5GGMWzcq5heNk2B4LIC9Jlz2nQzDPBTA \ No newline at end of file diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/packets/cy_auth_2m_b0_sample.jwt b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/packets/cy_auth_2m_b0_sample.jwt new file mode 100644 index 0000000..a0a3b1b --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/packets/cy_auth_2m_b0_sample.jwt @@ -0,0 +1 @@ +eyJhbGciOiJFUzI1NiJ9.eyJhdXRoIjogeyJkZXZfaWQiOiB7ImluY2x1ZGUiOiBbIkU0NTMuMTIuMTAyIiwgIkU0MDAuMTIuMTAyIiwgIkU0QTAuMTIuMTAyIl19LCAiZGllX2lkIjogeyJtYXgiOiB7ImRheSI6IDAsICJsb3QiOiAwLCAibW9udGgiOiAwLCAid2FmZXIiOiAwLCAieHBvcyI6IDAsICJ5ZWFyIjogMCwgInlwb3MiOiAwfSwgIm1pbiI6IHsiZGF5IjogMCwgImxvdCI6IDAsICJtb250aCI6IDAsICJ3YWZlciI6IDAsICJ4cG9zIjogMCwgInllYXIiOiAwLCAieXBvcyI6IDB9fX0sICJjeV9wdWJfa2V5IjogeyJjcnYiOiAiUC0yNTYiLCAia2lkIjogIjMiLCAia3R5IjogIkVDIiwgIngiOiAiWndhdmxxNVNpQVhtdEN2amh5MGc2SGw0aDFkN0tzbFJ1aVh2d0FhN0JuTSIsICJ5IjogIkhKeHFVS2dwV0FKWU5ycnBhVTBmbVE2ZVUxckxhZEhyb2ZaLW5fSDJob3MiLCAidXNlIjogInNpZyIsICJrdmVyIjogIkIwLTAifSwgImV4cCI6IDE2MTg1Mzc3MzAsICJoc21fcHViX2tleSI6IHsiY3J2IjogIlAtMjU2IiwgImtpZCI6ICI0IiwgImt0eSI6ICJFQyIsICJ1c2UiOiAic2lnIiwgIngiOiAic0pNc04tMkpvMjdrYzUxd1ZLN3hKMmZQOUJEa3pBYzJmWkVaTWxvaEhYQSIsICJ5IjogIk1XbHV6bVhnWE92ZFFRRFlYM3l5MVRrOVFvSEwtOURaaHN3WnBZMFhlNVUifSwgInR5cGUiOiAiQ1lfQVVUSF9IU00ifQ.Ib5jt3jJzaMYlkHK0X67FujGPL2U8gw_bsvv76-GTigF5c6GfT45v9JEI-zTn29oUc7P4Ju-SYuycucAEHAn4Q \ No newline at end of file diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/packets/cy_auth_2m_s0_sample.jwt b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/packets/cy_auth_2m_s0_sample.jwt new file mode 100644 index 0000000..ff02929 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/packets/cy_auth_2m_s0_sample.jwt @@ -0,0 +1 @@ +eyJhbGciOiJFUzI1NiJ9.eyJhdXRoIjogeyJkZXZfaWQiOiB7ImluY2x1ZGUiOiBbIkU0NTMuMTIuMTAyIiwgIkU0MDAuMTIuMTAyIiwgIkU0QTAuMTIuMTAyIl19LCAiZGllX2lkIjogeyJtYXgiOiB7ImRheSI6IDI1NSwgImxvdCI6IDE2Nzc3MjE1LCAibW9udGgiOiAyNTUsICJ3YWZlciI6IDI1NSwgInhwb3MiOiAyNTUsICJ5ZWFyIjogMjU1LCAieXBvcyI6IDI1NX0sICJtaW4iOiB7ImRheSI6IDAsICJsb3QiOiAwLCAibW9udGgiOiAwLCAid2FmZXIiOiAwLCAieHBvcyI6IDAsICJ5ZWFyIjogMCwgInlwb3MiOiAwfX19LCAiY3lfcHViX2tleSI6IHsiY3J2IjogIlAtMjU2IiwgImtpZCI6ICIzIiwgImt0eSI6ICJFQyIsICJ4IjogIktJaVpMWVBBQS10MjZUaFlCdGpLVXZyVWFDdDhVM1ZWUlExUG1XMlZ4LU0iLCAieSI6ICJPYko5Qlc0NGs3a3A2T053QlJWUlFoQ3dEa21RWmFGU05iWFI1SXVrWGowIiwgInVzZSI6ICJzaWciLCAia3ZlciI6ICJTMC0wIn0sICJleHAiOiAxNjE4NTM3NzMwLCAiaHNtX3B1Yl9rZXkiOiB7ImNydiI6ICJQLTI1NiIsICJraWQiOiAiNCIsICJrdHkiOiAiRUMiLCAidXNlIjogInNpZyIsICJ4IjogInNKTXNOLTJKbzI3a2M1MXdWSzd4SjJmUDlCRGt6QWMyZlpFWk1sb2hIWEEiLCAieSI6ICJNV2x1em1YZ1hPdmRRUURZWDN5eTFUazlRb0hMLTlEWmhzd1pwWTBYZTVVIn0sICJ0eXBlIjogIkNZX0FVVEhfSFNNIn0.sI1p2vXMBIe1PCynLykodkbQ-ErQRXxzQeBylqZhZ8VW41yXMgu0bRMVbKmoJ6_aovmVmXnOks8DFpYgGlxisQ \ No newline at end of file diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/partition/flash_layout.h b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/partition/flash_layout.h new file mode 100644 index 0000000..63609b1 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/partition/flash_layout.h @@ -0,0 +1,170 @@ +/* + * Copyright (c) 2017-2019 Arm Limited. All rights reserved. + * Copyright (c) 2019-2020, Cypress Semiconductor Corporation. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __FLASH_LAYOUT_H__ +#define __FLASH_LAYOUT_H__ + +/* Flash layout with BL2: + * + * Not supported + * + * Flash layout if BL2 not defined: + * + * 0x1000_0000 Secure image primary (320 KB) + * 0x1005_0000 Non-secure image primary (1120 KB) + * 0x1016_8000 Non-secure KV Storage (32 KB) + * 0x1017_0000 Secure image secondary (320 KB) + * 0x101c_0000 - 0x101f_ffff Reserved + * 0x101c_0000 Internal Trusted Storage Area (16 KB) + * 0x101c_4000 Secure Storage Area (20 KB) + * 0x101c_9000 NV counters area (1 KB) + * 0x101c_9200 Scratch area (27 KB) + * 0x101d_0000 Reserved (192 KB) + * 0x101f_ffff End of Flash + * + */ + +#define MAX(X, Y) (((X) > (Y)) ? (X) : (Y)) + +/* This header file is included from linker scatter file as well, where only a + * limited C constructs are allowed. Therefore it is not possible to include + * here the platform_base_address.h to access flash related defines. To resolve + * this some of the values are redefined here with different names, these are + * marked with comment. + */ + +/* The size of S partition */ +#define FLASH_S_PARTITION_SIZE 0x50000 /* 320 KB */ +/* The size of NS partition */ +#define FLASH_NS_PARTITION_SIZE 0x118000 /* 1120 KB */ + +/* Sector size of the flash hardware; same as FLASH0_SECTOR_SIZE */ +#define FLASH_AREA_IMAGE_SECTOR_SIZE (0x200) /* 512 B */ +/* Same as FLASH0_SIZE */ +#define FLASH_TOTAL_SIZE (0x00200000) /* 2 MB */ + +/* Flash layout info for BL2 bootloader */ +#define FLASH_BASE_ADDRESS (0x10000000U) /* same as FLASH0_BASE */ + +/* Reserved areas */ +#define FLASH_RESERVED_AREA_OFFSET (SECURE_IMAGE_OFFSET + \ + 2*SECURE_IMAGE_MAX_SIZE + \ + NON_SECURE_IMAGE_MAX_SIZE) + +/* FixMe: implement proper mcuboot partitioning for CYBL */ + +/* Internal Trusted Storage Area */ +#define FLASH_ITS_AREA_OFFSET (FLASH_RESERVED_AREA_OFFSET) +#define FLASH_ITS_AREA_SIZE (0x4000) /* 16 KB */ + +/* Reserved for Secure Storage Area */ +#define FLASH_SST_AREA_OFFSET (FLASH_ITS_AREA_OFFSET + \ + FLASH_ITS_AREA_SIZE) +#define FLASH_SST_AREA_SIZE (0x5000) /* 20 KB */ + +#define FLASH_NV_COUNTERS_AREA_OFFSET (FLASH_SST_AREA_OFFSET + \ + FLASH_SST_AREA_SIZE) +#define FLASH_NV_COUNTERS_AREA_SIZE (2 * FLASH_AREA_IMAGE_SECTOR_SIZE) + +#ifdef BL2 +#error "BL2 configuration is not supported" +#else /* BL2 */ + +#define FLASH_AREA_SCRATCH_OFFSET (FLASH_NV_COUNTERS_AREA_OFFSET + \ + FLASH_NV_COUNTERS_AREA_SIZE) +#define FLASH_AREA_SCRATCH_SIZE (0x6c00) /* 27 KB */ +#endif /* BL2 */ + +#define FLASH_AREA_SYSTEM_RESERVED_SIZE (0x30000) /* 192 KB */ + + +/* Secure and non-secure images definition in flash area */ + +#define SECURE_IMAGE_OFFSET 0x0 + +#define SECURE_IMAGE_MAX_SIZE FLASH_S_PARTITION_SIZE + +#define NON_SECURE_IMAGE_OFFSET (SECURE_IMAGE_OFFSET + \ + SECURE_IMAGE_MAX_SIZE) + +#define NON_SECURE_IMAGE_MAX_SIZE FLASH_NS_PARTITION_SIZE + +/* Check if it fits into available Flash*/ + +#define FLASH_RESERVED_AREA_SIZE (FLASH_SST_AREA_SIZE + \ + FLASH_ITS_AREA_SIZE + \ + FLASH_NV_COUNTERS_AREA_SIZE + \ + FLASH_AREA_SCRATCH_SIZE + \ + FLASH_AREA_SYSTEM_RESERVED_SIZE) + +#if (FLASH_RESERVED_AREA_OFFSET + FLASH_RESERVED_AREA_SIZE) > (FLASH_TOTAL_SIZE) +#error "Out of Flash memory" +#endif + +/* Flash device name used by BL2 and SST + * Name is defined in flash driver file: Driver_Flash.c + */ +#define FLASH_DEV_NAME Driver_FLASH0 + +/* Secure Storage (SST) Service definitions + * Note: Further documentation of these definitions can be found in the + * TF-M SST Integration Guide. + */ +#define SST_FLASH_DEV_NAME Driver_FLASH0 + +/* In this target the CMSIS driver requires only the offset from the base + * address instead of the full memory address. + */ +/* SST base address, size, max asset size, and max number of assets all come + * from provisioning data */ +#define SST_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE +/* Number of SST_SECTOR_SIZE per block */ +#define SST_SECTORS_PER_BLOCK 4 +/* Specifies the smallest flash programmable unit in bytes */ +#define SST_FLASH_PROGRAM_UNIT 0x1 + +/* Internal Trusted Storage (ITS) Service definitions + * Note: Further documentation of these definitions can be found in the + * TF-M ITS Integration Guide. The ITS should be in the internal flash, but is + * allocated in the external flash just for development platforms that don't + * have internal flash available. + */ +#define ITS_FLASH_DEV_NAME Driver_FLASH0 + +/* ITS base address, size, max asset size, and max number of assets all come + * from provisioning data */ +#define ITS_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE +/* Number of ITS_SECTOR_SIZE per block */ +#define ITS_SECTORS_PER_BLOCK 2 +/* Specifies the smallest flash programmable unit in bytes */ +#define ITS_FLASH_PROGRAM_UNIT (0x1) + +/* NV Counters definitions */ +#define TFM_NV_COUNTERS_FLASH_DEV Driver_FLASH0 +#define TFM_NV_COUNTERS_AREA_SIZE FLASH_NV_COUNTERS_AREA_SIZE +#define TFM_NV_COUNTERS_SECTOR_ADDR FLASH_NV_COUNTERS_AREA_OFFSET +#define TFM_NV_COUNTERS_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE + +/* Use Flash to store Code data */ +#define S_ROM_ALIAS_BASE (0x10000000) +#define NS_ROM_ALIAS_BASE (0x10000000) + +/* Use SRAM to store RW data */ +#define S_RAM_ALIAS_BASE (0x08000000) +#define NS_RAM_ALIAS_BASE (0x08000000) + +#endif /* __FLASH_LAYOUT_H__ */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/partition/region_defs.h b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/partition/region_defs.h new file mode 100644 index 0000000..a83de6f --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/partition/region_defs.h @@ -0,0 +1,211 @@ +/* + * Copyright (c) 2017-2019 ARM Limited. All rights reserved. + * Copyright (c) 2019-2020, Cypress Semiconductor Corporation. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __REGION_DEFS_H__ +#define __REGION_DEFS_H__ + +#include "flash_layout.h" + +#define TOTAL_ROM_SIZE FLASH_TOTAL_SIZE +/* 2KB of RAM (at the end of the SRAM) are reserved for system use. Using + * this memory region for other purposes will lead to unexpected behavior. + * 94KB of RAM (just before the memory reserved for system use) are + * allocated and protected by Cypress Bootloader */ +/* FixMe: confirm exact available amount of RAM based on the actual + system allocation */ +#define TOTAL_RAM_SIZE (0x000E8000) /* CY_SRAM_SIZE - 96KB */ + +#define BL2_HEAP_SIZE 0x0001000 +#define BL2_MSP_STACK_SIZE 0x0001000 + +#define S_HEAP_SIZE 0x0001000 +#define S_MSP_STACK_SIZE_INIT 0x0000400 +#define S_MSP_STACK_SIZE 0x0000800 +#define S_PSP_STACK_SIZE 0x0000800 + +#define NS_HEAP_SIZE 0x0001000 +#define NS_MSP_STACK_SIZE 0x0000400 +#define NS_PSP_STACK_SIZE 0x0000C00 + +/* Relocation of vectors to RAM support */ +#define RAM_VECTORS_SUPPORT + +/* + * This size of buffer is big enough to store an attestation + * token produced by initial attestation service + */ +#define PSA_INITIAL_ATTEST_TOKEN_MAX_SIZE 0x400 + +/* + * MPC granularity is 128 KB on AN519 MPS2 FPGA image. Alignment + * of partitions is defined in accordance with this constraint. + */ + +#ifdef BL2 +#error "BL2 configuration is not supported" +#else +#define S_IMAGE_PRIMARY_PARTITION_OFFSET SECURE_IMAGE_OFFSET +#define NS_IMAGE_PRIMARY_PARTITION_OFFSET NON_SECURE_IMAGE_OFFSET +#endif /* BL2 */ + +/* TFM PSoC6 CY8CKIT_064 RAM layout: + * + * 0x0800_0000 - 0x0802_FFFF Secure (192KB) + * 0x0800_0000 - 0x0800_07FF Unused (S_UNUSED_SIZE, 2KB/0x800) + * 0x0800_0800 - 0x0800_17FF Boot Data (S_BOOT_DATA_SIZE, 4KB/0x1000) + * 0x0800_1800 - 0x0800_7FFF Secure unprivileged data (S_UNPRIV_DATA_SIZE, 26KB) + * 0x0800_8000 - 0x0802_F7FF Secure priviliged data (S_PRIV_DATA_SIZE, 158KB) + * 0x0802_F800 - 0x0802_FFFF Secure priv code executable from RAM (S_RAM_CODE_SIZE, 2KB) + * + * 0x0803_0000 - 0x080E_7FFF Non-secure (736KB) + * 0x0803_0000 - 0x080E_6FFF Non-secure OS/App (732KB) + * 0x080E_7000 - 0x080E_7FFF Shared memory (NS_DATA_SHARED_SIZE, 4KB) + * 0x080E_8000 - 0x080F_FFFF System reserved memory (96KB) + * 0x0810_0000 End of RAM + */ + +/* + * Boot partition structure if MCUBoot is used: + * 0x0_0000 Bootloader header + * 0x0_0400 Image area + * 0x1_FC00 Trailer + */ +/* Image code size is the space available for the software binary image. + * It is less than the FLASH_S_PARTITION_SIZE and FLASH_NS_PARTITION_SIZE + * because we reserve space for the image header and trailer introduced by the + * bootloader. + */ +#ifdef BL2 +#error "BL2 configuration is not supported" +#else +/* Even though TFM BL2 is excluded from the build, + * CY BL built externally is used and it needs offsets for header and trailer + * to be taken in account. + * */ +#define BL2_HEADER_SIZE (0x400) +#define BL2_TRAILER_SIZE (0x400) + +#endif /* BL2 */ + +#define IMAGE_S_CODE_SIZE \ + (FLASH_S_PARTITION_SIZE - BL2_HEADER_SIZE - BL2_TRAILER_SIZE) +#define IMAGE_NS_CODE_SIZE \ + (FLASH_NS_PARTITION_SIZE - BL2_HEADER_SIZE - BL2_TRAILER_SIZE) + +/* Alias definitions for secure and non-secure areas*/ +#define S_ROM_ALIAS(x) (S_ROM_ALIAS_BASE + (x)) +#define NS_ROM_ALIAS(x) (NS_ROM_ALIAS_BASE + (x)) + +#define S_RAM_ALIAS(x) (S_RAM_ALIAS_BASE + (x)) +#define NS_RAM_ALIAS(x) (NS_RAM_ALIAS_BASE + (x)) + +/* Secure regions */ +#define S_IMAGE_PRIMARY_AREA_OFFSET \ + (S_IMAGE_PRIMARY_PARTITION_OFFSET + BL2_HEADER_SIZE) +#define S_CODE_START (S_ROM_ALIAS(S_IMAGE_PRIMARY_AREA_OFFSET)) +#define S_CODE_SIZE IMAGE_S_CODE_SIZE +#define S_CODE_LIMIT (S_CODE_START + S_CODE_SIZE - 1) + +#define S_UNUSED_SIZE 0x00800 +#define S_BOOT_DATA_SIZE 0x01000 +#define S_DATA_START (S_RAM_ALIAS(S_UNUSED_SIZE + S_BOOT_DATA_SIZE)) +#define S_UNPRIV_DATA_SIZE 0x06800 +#define S_PRIV_DATA_SIZE 0x27800 +/* Reserve 4KB for RAM-based executable code */ +#define S_RAM_CODE_SIZE 0x800 + +/* Secure data area */ +#define S_DATA_SIZE (S_UNPRIV_DATA_SIZE + S_PRIV_DATA_SIZE + S_RAM_CODE_SIZE) +#define S_DATA_LIMIT (S_DATA_START + S_DATA_SIZE - 1) + +/* We need the privileged data area to be aligned so that an SMPU + * region can cover it. + */ +/* TODO It would be nice to figure this out automatically. + * In theory, in the linker script, we could determine the amount + * of secure data space available after all the unprivileged data, + * round that down to a power of 2 to get the actual size we want + * to use for privileged data, and then determine this value from + * that. We'd also potentially have to update the SMPU configs. + * + * Instead, there's an alignment check in SMPU configuration file. + */ +#define S_BOOT_DATA_OFFSET (S_UNUSED_SIZE) +#define S_BOOT_DATA_START S_RAM_ALIAS(S_BOOT_DATA_OFFSET) + +#define S_DATA_UNPRIV_OFFSET (S_BOOT_DATA_OFFSET + S_BOOT_DATA_SIZE) +#define S_DATA_UNPRIV_START S_RAM_ALIAS(S_DATA_UNPRIV_OFFSET) + +#define S_DATA_PRIV_OFFSET (S_DATA_UNPRIV_OFFSET + S_UNPRIV_DATA_SIZE) +#define S_DATA_PRIV_START S_RAM_ALIAS(S_DATA_PRIV_OFFSET) + +/* Reserve area for RAM-based executable code right after secure unprivileged + * and privileged data areas*/ +#define S_RAM_CODE_OFFSET (S_DATA_PRIV_OFFSET + S_PRIV_DATA_SIZE) +#define S_RAM_CODE_START S_RAM_ALIAS(S_RAM_CODE_OFFSET) + +#ifndef S_RAM_CODE_SEC_NAME +#define S_RAM_CODE_SEC_NAME .cy_ramfunc +#endif + +/* Non-secure regions */ +#define NS_IMAGE_PRIMARY_AREA_OFFSET \ + (NS_IMAGE_PRIMARY_PARTITION_OFFSET + BL2_HEADER_SIZE) +#define NS_CODE_START (NS_ROM_ALIAS(NS_IMAGE_PRIMARY_AREA_OFFSET)) +#define NS_CODE_SIZE IMAGE_NS_CODE_SIZE +#define NS_CODE_LIMIT (NS_CODE_START + NS_CODE_SIZE - 1) + +#define NS_DATA_START (S_DATA_START + S_DATA_SIZE) +#define NS_DATA_SIZE (TOTAL_RAM_SIZE - S_DATA_SIZE - S_BOOT_DATA_SIZE - S_UNUSED_SIZE) +#define NS_DATA_LIMIT (NS_DATA_START + NS_DATA_SIZE - 1) + +/* Shared memory */ +#define NS_DATA_SHARED_SIZE 0x1000 +#define NS_DATA_SHARED_START (NS_DATA_START + NS_DATA_SIZE - \ + NS_DATA_SHARED_SIZE) +#define NS_DATA_SHARED_LIMIT (NS_DATA_SHARED_START + NS_DATA_SHARED_SIZE - 1) + +/* Shared variables addresses */ +/* ipcWaitMessageStc, cy_flash.c */ +#define IPC_WAIT_MESSAGE_STC_SIZE 4 +#define IPC_WAIT_MESSAGE_STC_ADDR (NS_DATA_SHARED_START + \ + NS_DATA_SHARED_SIZE - \ + IPC_WAIT_MESSAGE_STC_SIZE) + +/* System reserved memory */ +#define SYS_RAM_START (S_RAM_ALIAS(TOTAL_RAM_SIZE)) +#define SYS_RAM_SIZE 0x18000 +#define SYS_RAM_LIMIT (SYS_RAM_START + SYS_RAM_SIZE - 1) + +/* NS partition information is used for MPC and SAU configuration */ +#define NS_PARTITION_START \ + (NS_ROM_ALIAS(NS_IMAGE_PRIMARY_PARTITION_OFFSET)) + +#define NS_PARTITION_SIZE (FLASH_NS_PARTITION_SIZE) + +#ifdef BL2 +#error "BL2 configuration is not supported" +#endif /* BL2 */ + +/* Shared data area between bootloader and runtime firmware. + * Shared data area is allocated at the beginning of the privileged data area, + * it is overlapping with TF-M Secure code's MSP stack + */ +#define BOOT_TFM_SHARED_DATA_BASE (S_BOOT_DATA_START) +#define BOOT_TFM_SHARED_DATA_SIZE (S_BOOT_DATA_SIZE) + +#endif /* __REGION_DEFS_H__ */ diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/policy/policy_multi_CM0_CM4_jitp.json b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/policy/policy_multi_CM0_CM4_jitp.json new file mode 100755 index 0000000..9ef03d0 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/policy/policy_multi_CM0_CM4_jitp.json @@ -0,0 +1,219 @@ +{ + "debug" : + { + "m0p" : { + "permission" : "enabled", + "control" : "firmware", + "key" : 5 + }, + "m4" : { + "permission" : "allowed", + "control" : "firmware", + "key" : 5 + }, + "system" : { + "permission" : "enabled", + "control" : "firmware", + "key" : 5, + "flashw": true, + "flashr": true + }, + "rma" : { + "permission" : "allowed", + "destroy_fuses" : [ + { + "start" : 888, + "size" : 136 + }, + { + "start" : 648, + "size" : 104 + } + ], + "destroy_flash" : [ + { + "start" : 270270464, + "size" : 65536 + }, + { + "start" : 268763136, + "size" : 1179648 + } + ], + "key" : 5 + } + }, + "wounding" : + { + }, + "boot_upgrade" : + { + "title": "upgrade_policy", + "firmware": [ + { + "boot_auth": [ + 5 + ], + "bootloader_keys": [ + { "kid": 5, "key": "../keys/oem_state.json" } + ], + "id": 0, + "launch": 1, + "acq_win": 100, + "monotonic": 0, + "smif_id": 0, + "clock_flags": 578, + "protect_flags": 1, + "upgrade": false, + "resources": [ + { + "type": "FLASH_PC1_SPM", + "address": 270336000, + "size": 65536 + }, + { + "type": "SRAM_SPM_PRIV", + "address": 135135232, + "size": 65536 + }, + { + "type": "SRAM_DAP", + "address": 135184384, + "size": 16384 + } + ] + }, + { + "boot_auth": [ + 6 + ], + "boot_keys": [ + { "kid": 6, "key": "../keys/TFM_S_KEY.json" } + ], + "id": 1, + "monotonic": 0, + "smif_id": 0, + "acq_win": 100, + "multi_image" : 1, + "upgrade": true, + "version": "0.1", + "rollback_counter": 0, + "encrypt": false, + "encrypt_key": "../keys/image-aes-128.key", + "encrypt_key_id": 1, + "encrypt_peer": "../keys/dev_pub_key.pem", + "upgrade_auth": [ + 6 + ], + "upgrade_keys": [ + { "kid": 6, "key": "../keys/TFM_S_KEY.json" } + ], + "resources": [ + { + "type": "BOOT", + "address": 268435456, + "size": 327680 + }, + { + "type": "UPGRADE", + "address": 269942784, + "size": 327680 + } + ] + }, + { + "boot_auth": [ + 8 + ], + "boot_keys": [ + { "kid": 8, "key": "../keys/TFM_NS_KEY.json" } + ], + "id": 16, + "monotonic": 8, + "smif_id": 1, + "multi_image" : 2, + "upgrade": true, + "version": "0.1", + "rollback_counter": 0, + "encrypt": false, + "encrypt_key": "../keys/image-aes-128.key", + "encrypt_key_id": 1, + "encrypt_peer": "../keys/dev_pub_key.pem", + "upgrade_auth": [ + 8 + ], + "upgrade_keys": [ + { "kid": 8, "key": "../keys/TFM_NS_KEY.json" } + ], + "resources": [ + { + "type": "BOOT", + "address": 268763136, + "size": 1146880 + }, + { + "type": "UPGRADE", + "address": 402653184, + "size": 1146880 + } + ] + } + ], + "reprogram": [ + { + "start": 270336000, + "size": 65536 + } + ], + "reprovision": { + "boot_loader": true, + "keys_and_policies": true + } + }, + "cy_bootloader": + { + "mode": "debug" + }, + "provisioning": + { + "packet_dir": "../packets", + "chain_of_trust": ["../certificates/device_cert.pem", "../certificates/rootCA.pem"] + }, + "pre_build": { + "oem_public_key": "../keys/oem_state.json", + "oem_private_key": "../keys/oem_state.json", + "hsm_public_key": "../keys/hsm_state.json", + "hsm_private_key": "../keys/hsm_state.json", + "provision_group_private_key": false, + "group_private_key": "../keys/grp_priv_key.json", + "provision_device_private_key": false, + "device_private_key": "../keys/dev_priv_key.json", + "cy_auth": "../packets/cy_auth_2m_b0_sample.jwt" + }, + "custom_data_sections": ["tfm"], + "tfm": + { + "attestation_data": + { + "verification_service_url": "www.trustedfirmware.org", + "attestation_profile_definition": "PSA_IOT_PROFILE_1", + "hw_version": "060456527282910010", + "implementation_id": [170, 170, 170, 170, 170, 170, 170, 170, 187, 187, 187, 187, 187, 187, 187, 187, + 204, 204, 204, 204, 204, 204, 204, 204, 221, 221, 221, 221, 221, 221, 221, 221] + }, + "its": + { + "offset": 1835008, + "size": 4096, + "num_assets": 8, + "max_asset_size": 512 + }, + "sst": + { + "offset": 1839104, + "size": 32768, + "num_assets": 35, + "max_asset_size": 2008 + } + } +} diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/policy/policy_multi_CM0_CM4_tfm.json b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/policy/policy_multi_CM0_CM4_tfm.json new file mode 100755 index 0000000..ad70405 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/policy/policy_multi_CM0_CM4_tfm.json @@ -0,0 +1,219 @@ +{ + "debug" : + { + "m0p" : { + "permission" : "enabled", + "control" : "firmware", + "key" : 5 + }, + "m4" : { + "permission" : "allowed", + "control" : "firmware", + "key" : 5 + }, + "system" : { + "permission" : "enabled", + "control" : "firmware", + "key" : 5, + "flashw": true, + "flashr": true + }, + "rma" : { + "permission" : "allowed", + "destroy_fuses" : [ + { + "start" : 888, + "size" : 136 + }, + { + "start" : 648, + "size" : 104 + } + ], + "destroy_flash" : [ + { + "start" : 270270464, + "size" : 65536 + }, + { + "start" : 268763136, + "size" : 1179648 + } + ], + "key" : 5 + } + }, + "wounding" : + { + }, + "boot_upgrade" : + { + "title": "upgrade_policy", + "firmware": [ + { + "boot_auth": [ + 5 + ], + "bootloader_keys": [ + { "kid": 5, "key": "../keys/oem_state.json" } + ], + "id": 0, + "launch": 1, + "acq_win": 100, + "monotonic": 0, + "smif_id": 0, + "clock_flags": 578, + "protect_flags": 1, + "upgrade": false, + "resources": [ + { + "type": "FLASH_PC1_SPM", + "address": 270336000, + "size": 65536 + }, + { + "type": "SRAM_SPM_PRIV", + "address": 135135232, + "size": 65536 + }, + { + "type": "SRAM_DAP", + "address": 135184384, + "size": 16384 + } + ] + }, + { + "boot_auth": [ + 6 + ], + "boot_keys": [ + { "kid": 6, "key": "../keys/TFM_S_KEY.json" } + ], + "id": 1, + "monotonic": 0, + "smif_id": 0, + "acq_win": 100, + "multi_image" : 1, + "upgrade": true, + "version": "0.1", + "rollback_counter": 0, + "encrypt": false, + "encrypt_key": "../keys/image-aes-128.key", + "encrypt_key_id": 1, + "encrypt_peer": "../keys/dev_pub_key.pem", + "upgrade_auth": [ + 6 + ], + "upgrade_keys": [ + { "kid": 6, "key": "../keys/TFM_S_KEY.json" } + ], + "resources": [ + { + "type": "BOOT", + "address": 268435456, + "size": 327680 + }, + { + "type": "UPGRADE", + "address": 269942784, + "size": 327680 + } + ] + }, + { + "boot_auth": [ + 8 + ], + "boot_keys": [ + { "kid": 8, "key": "../keys/TFM_NS_KEY.json" } + ], + "id": 16, + "monotonic": 8, + "smif_id": 1, + "multi_image" : 2, + "upgrade": true, + "version": "0.1", + "rollback_counter": 0, + "encrypt": false, + "encrypt_key": "../keys/image-aes-128.key", + "encrypt_key_id": 1, + "encrypt_peer": "../keys/dev_pub_key.pem", + "upgrade_auth": [ + 8 + ], + "upgrade_keys": [ + { "kid": 8, "key": "../keys/TFM_NS_KEY.json" } + ], + "resources": [ + { + "type": "BOOT", + "address": 268763136, + "size": 1146880 + }, + { + "type": "UPGRADE", + "address": 402653184, + "size": 1146880 + } + ] + } + ], + "reprogram": [ + { + "start": 270336000, + "size": 65536 + } + ], + "reprovision": { + "boot_loader": true, + "keys_and_policies": true + } + }, + "cy_bootloader": + { + "mode": "debug" + }, + "provisioning": + { + "packet_dir": "../packets", + "chain_of_trust": [] + }, + "pre_build": { + "oem_public_key": "../keys/oem_state.json", + "oem_private_key": "../keys/oem_state.json", + "hsm_public_key": "../keys/hsm_state.json", + "hsm_private_key": "../keys/hsm_state.json", + "provision_group_private_key": false, + "group_private_key": "../keys/grp_priv_key.json", + "provision_device_private_key": false, + "device_private_key": "../keys/dev_priv_key.json", + "cy_auth": "../packets/cy_auth_2m_b0_sample.jwt" + }, + "custom_data_sections": ["tfm"], + "tfm": + { + "attestation_data": + { + "verification_service_url": "www.trustedfirmware.org", + "attestation_profile_definition": "PSA_IOT_PROFILE_1", + "hw_version": "060456527282910010", + "implementation_id": [170, 170, 170, 170, 170, 170, 170, 170, 187, 187, 187, 187, 187, 187, 187, 187, + 204, 204, 204, 204, 204, 204, 204, 204, 221, 221, 221, 221, 221, 221, 221, 221] + }, + "its": + { + "offset": 1835008, + "size": 4096, + "num_assets": 8, + "max_asset_size": 512 + }, + "sst": + { + "offset": 1839104, + "size": 32768, + "num_assets": 35, + "max_asset_size": 2008 + } + } +} diff --git a/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/reprov_helper.py b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/reprov_helper.py new file mode 100755 index 0000000..96616b7 --- /dev/null +++ b/targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/reprov_helper.py @@ -0,0 +1,305 @@ +#!/usr/bin/python3 + +""" +Copyright (c) 2020 Cypress Semiconductor Corporation + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +""" + +import os +import platform +import sys, argparse +import subprocess +import json +from time import sleep + +from cysecuretools import CySecureTools +from cysecuretools.execute.provisioning_lib.cyprov_pem import PemKey +from OpenSSL import crypto, SSL +from cysecuretools.execute.programmer.programmer import ProgrammingTool +from cysecuretools.execute.programmer.base import AP +from cysecuretools.core.target_director import Target +from cysecuretools.execute.programmer.pyocd_wrapper import ResetType + +# Examples +# minimal parameters for default values: +# ./reprov_helper.py +# +# non-interactive: +# ./reprov_helper.py -d cys06xxa \ +# -p policy/policy_multi_CM0_CM4_jitp.json \ +# -[existing-keys|new-keys] -s -y + + +def myargs(argv): + parser = argparse.ArgumentParser(add_help=False) + parser.add_argument('-h', '--help', + dest='show_help', + action='help', + help='Print this help message and exit') + + parser.add_argument('-p', '--policy', + dest='policy_file', + action='store', + type=str, + help="Device policy file", + required=False) + + parser.add_argument('-d', '--device', + dest='device', + action='store', + type=str, + help="Device manufacturing part number", + required=False) + + parser.add_argument('-s', '--serial', + dest='serial_number', + action='store', + type=str, + help="Device unique serial number", + required=False) + + parser.add_argument('-new-keys', + dest='new_keys', + action='store_true', + help="Create a new set keys if defined", + required=False) + + parser.add_argument('-existing-keys', + dest='existing_keys', + action='store_true', + help="Force to use existing set keys if defined", + required=False) + + parser.add_argument('-y', + dest='force_reprov', + action='store_true', + help="Force reprovisioning", + required=False) + + options = parser.parse_args(argv) + return options + + +def create_app_keys(overwrite=None): + cytools.create_keys(overwrite) + + +def read_device_pub_key(): + # Read Device Key and save + print('Reading public key from device') + key=cytools.read_public_key(1, "jwk") + print("key: {}".format(key)) + if not key: + print('Error: Cannot read device public key.') + return 1 + + pub_key_json = 'keys/device_pub_key.json' + + with open(pub_key_json, 'w') as json_file: + json.dump(key, json_file) + + # Change from JWK to PEM + pub_key_pem = 'keys/device_pub_key.pem' + if os.path.exists(pub_key_json) and os.stat(pub_key_json).st_size > 0: + pem = PemKey(pub_key_json) + pem.save(pub_key_pem, private_key=False) + else: + print('Failed to read device public key') + return 1 + print('Device public key has been read successfully.') + return 0 + + +def generate_device_cert(dev_serial_num, + dev_pub_key_path="keys/device_pub_key.pem", + ca_priv_key_path="certificates/rootCA.key", + ca_cert_path="certificates/rootCA.pem"): + + if True: + # read device public key from previously read from the device + dev_pub_key = crypto.load_publickey(crypto.FILETYPE_PEM, + open(dev_pub_key_path, 'r').read()) + else: + # for development only, use public key from self generated private key + dev_priv_key = crypto.load_privatekey(crypto.FILETYPE_ASN1, + open("keys/device_priv_key.der", + 'rb').read()) + dev_pub_key = crypto.load_publickey(crypto.FILETYPE_PEM, + crypto.dump_publickey(crypto.FILETYPE_PEM, + dev_priv_key)) + ca_privatekey = crypto.load_privatekey(crypto.FILETYPE_PEM, + open(ca_priv_key_path, 'r').read()) + ca_cert = crypto.load_certificate(crypto.FILETYPE_PEM, + open(ca_cert_path, 'r').read()) + + # create cert signed by ca_cert + cert = crypto.X509() + cert.set_subject(ca_cert.get_subject()) + cert.get_subject().CN = cytools.target_name.upper() + '-' + str(dev_serial_num) + cert.set_serial_number(int(dev_serial_num)) + cert.gmtime_adj_notBefore(0) + cert.gmtime_adj_notAfter(10*365*24*60*60) + cert.set_issuer(ca_cert.get_subject()) + cert.set_pubkey(dev_pub_key) + cert.sign(ca_privatekey, 'sha256') + + open("certificates/device_cert.pem", "wb")\ + .write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert)) + open("certificates/device_cert.der", "wb")\ + .write(crypto.dump_certificate(crypto.FILETYPE_ASN1, cert)) + print('Device certificate generated successfully.') + return 0 + + +def create_provisioning_packet(): + cytools.create_provisioning_packet() + + +def re_provision_device(device, policy): + cytools.re_provision_device() + + +def erase_flash(addr, size): + tool = ProgrammingTool.create(cytools.PROGRAMMING_TOOL) + tool.connect(target_name=cytools.target_name, ap='cm0') + tool.set_ap(AP.CM0) + print('Erasing address {hex(addr)}, size {hex(size)} ...') + tool.erase(addr, size) + print('Erasing complete\n') + tool.reset(ResetType.HW) + sleep(3) + tool.disconnect() + return 0 + + +def exec_shell_command(cmd): + if not isinstance(cmd, list) or not cmd: + raise Exception("Command must be in a non-empty list") + + output = [] + print("Executing command: {}".format(' '.join(cmd))) + p = subprocess.Popen(cmd, stdout=subprocess.PIPE, + stderr=subprocess.STDOUT) + for line in iter(p.stdout.readline, b''): + output.append(line.decode('utf-8')) + print("{}".format(line.decode('utf-8')), end='') + p.stdout.close() + ret = p.wait() + print("Command completed (ret={})".format(ret)) + return ret, ''.join(output) + + +def main(argv): + + create_signing_keys = False + + options = myargs(argv) + print("options: {}\r\n".format(options)) + + if not options.policy_file: + options.policy_file = 'policy_multi_CM0_CM4_jitp.json' + options.policy_file = os.path.join('policy', + options.policy_file) + answer = \ + input('Policy file name was not provided, use default {}? (Y/n): ' + .format(options.policy_file)) + if answer == 'N' or answer == 'n': + print("Please specify policy as a parameter: `-p `") + exit(1) + if not os.path.isfile(options.policy_file): + print("Policy file {} doesn't exit.".format(options.policy_file)) + exit(1) + + if not options.device: + options.device = "cys06xxa" + answer = input("\r\nDevice is not provided, use default {}? (Y/n): " + .format(options.device)) + if answer == 'N' or answer == 'n': + print("Please specify device as a parameter: `-d '") + exit(1) + + # Create cysecuretools object + global cytools + cytools = CySecureTools(options.device, options.policy_file) + + if not options.serial_number: + dev_serial_num = \ + input("\r\nSelect unique device serial number for {} (digits only):\n" + .format(cytools.target_name.upper())) + if not dev_serial_num.isnumeric(): + print('Error: device serial number not number') + exit(1) + else: + dev_serial_num = options.serial_number + + # signing keys + if not options.new_keys and not options.existing_keys: + answer = \ + input('\r\nDo you want to create a new set of keys (y/N): ') + if answer == 'Y' or answer == 'y': + print('Will create new keys.') + create_signing_keys = True + else: + # TBD: check if the keys exist (open json, read keys) + print('Will use existing keys.') + else: + if options.new_keys: + create_signing_keys = True + else: + create_signing_keys = False + + print("\r\n") + print("##################################################################") + print("Current configuration:") + print("Policy file: {}".format(options.policy_file)) + print("Device: {}".format(options.device)) + print("Serial Number: {}".format(dev_serial_num)) + print("Create new signing keys: {}".format(create_signing_keys)) + print("##################################################################") + print("\r\n") + print("!!! Make sure the board is in the DAPLink mode (Mode LED blinks at 2Hz) !!!") + print("\r\n") + + if not options.force_reprov: + answer = input('Reprovision the device. Are you sure? (y/N): ') + if answer is not 'y' and answer is not 'Y': + print('Reprovision skipped.') + exit(1) + + if create_signing_keys == True: + print('Creating new signing keys.') + create_app_keys(overwrite=True) + + # invalidate SPE image in Flash so it won't run. + ret = erase_flash(0x10000000, 0x1000) + if ret != 0: + exit(1) + + ret = read_device_pub_key() + if ret != 0: + exit(1) + + ret = generate_device_cert(dev_serial_num) + if ret != 0: + exit(1) + + create_provisioning_packet() + + re_provision_device(options.device, options.policy_file) + + exit(0) + + +if __name__ == "__main__": + main(sys.argv[1:]) diff --git a/targets/targets.json b/targets/targets.json index 4667ead..6b1f488 100644 --- a/targets/targets.json +++ b/targets/targets.json @@ -135,6 +135,7 @@ ], "extra_labels": [ "TFM", + "TFM_V1_1", "TFM_V8M" ], "device_has": [ @@ -6194,6 +6195,73 @@ }, "program_cycle_s": 10 }, + "CYTFM_064B0S2_4343W": { + "inherits": [ + "MCU_PSOC6_M4" + ], + "supported_form_factors": [ + "ARDUINO" + ], + "features_add": [ + "BLE", + "EXPERIMENTAL_API", + "PSA" + ], + "components_add": [ + "WHD", + "4343W", + "CYW43XXX", + "TFM_S_FW" + ], + "components_remove": [ + "QSPIF", + "CM0P_SLEEP" + ], + "device_has_remove": [ + "ANALOGOUT", + "QSPI", + "TRNG", + "CRC" + ], + "extra_labels_add": [ + "PSOC6_02", + "CORDIO", + "TFM", + "TFM_V1_0", + "TFM_DUALCPU" + ], + "macros_add": [ + "CYB0644ABZI_S2D44", + "CY_IPC_DEFAULT_CFG_DISABLE", + "CYBSP_WIFI_CAPABLE", + "MXCRYPTO_DISABLED", + "TFM_MULTI_CORE_MULTI_CLIENT_CALL=1" + ], + "detect_code": [ + "1910" + ], + "forced_reset_timeout": 5, + "hex_filename": "tfm_s.hex", + "cm0_img_id": 1, + "cm4_img_id": 16, + "boot_scheme": "multi_image", + "policy_file": "policy_multi_CM0_CM4_tfm.json", + "post_binary_hook": { + "function": "PSOC6Code.sign_image" + }, + "overrides": { + "network-default-interface-type": "WIFI" + }, + "program_cycle_s": 10, + "tfm_target_name": "psoc64", + "tfm_bootloader_supported": false, + "tfm_default_toolchain": "GNUARM", + "tfm_supported_toolchains": [ + "GNUARM" + ], + "tfm_delivery_dir": "TARGET_Cypress/TARGET_PSOC6/TARGET_CYTFM_064B0S2_4343W/COMPONENT_TFM_S_FW", + "TFM_OUTPUT_EXT": "hex" + }, "CYSBSYSKIT_01": { "inherits": [ "MCU_PSOC6_M4" diff --git a/tools/targets/PSOC6.py b/tools/targets/PSOC6.py index a49f78f..1646f16 100644 --- a/tools/targets/PSOC6.py +++ b/tools/targets/PSOC6.py @@ -162,6 +162,7 @@ # Mapping from mbed target to cysecuretools target TARGET_MAPPING = { "CY8CKIT_064B0S2_4343W": "cy8ckit-064b0s2-4343w", + "CYTFM_064B0S2_4343W" : "cy8ckit-064b0s2-4343w", "CY8CPROTO_064B0S1_BLE": "cy8cproto-064b0s1-ble", "CY8CPROTO_064S1_SB" : "cy8cproto-064s1-sb", "CY8CPROTO_064B0S3" : "cy8cproto-064b0s3"