shimun/solo
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

crypto is sorted out for nrf52

Browse Source
This commit is contained in:
Conor Patrick 2018-06-03 00:50:46 -04:00
parent 4837d5d5e9
commit e69865384f
8 changed files with 289 additions and 79 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
ctap_test.py
View File

@ -369,17 +369,65 @@ class Tester():
exclude_list.append({'id': fake_id1, 'type': 'public-key'})
exclude_list.append({'id': fake_id2, 'type': 'public-key'})
t1 = time.time() * 1000
attest, data = self.client.make_credential(rp, user, challenge, pin = PIN, exclude_list = [])
t2 = time.time() * 1000
attest.verify(data.hash)
print('Register valid (%d ms)' % (t2-t1))
cred = attest.auth_data.credential_data
creds.append(cred)
allow_list = [{'id':creds[0].credential_id, 'type': 'public-key'}]
t1 = time.time() * 1000
assertions, client_data = self.client.get_assertion(rp['id'], challenge, allow_list, pin = PIN)
t2 = time.time() * 1000
assertions[0].verify(client_data.hash, creds[0].public_key)
print('PASS')
print('Assertion valid (%d ms)' % (t2-t1))
def test_fido2_brute_force(self):
creds = []
exclude_list = []
rp = {'id': 'examplo.org', 'name': 'ExaRP'}
user = {'id': b'usee_od', 'name': 'AB User'}
PIN = None
abc = 'abcdefghijklnmopqrstuvwxyz'
abc += abc.upper()
self.ctap.reset()
for i in range(0,2048):
creds = []
print(i)
challenge = ''.join([abc[randint(0,len(abc)-1)] for x in range(0,32)])
fake_id1 = array.array('B',[randint(0,255) for i in range(0,150)]).tostring()
fake_id2 = array.array('B',[randint(0,255) for i in range(0,73)]).tostring()
exclude_list.append({'id': fake_id1, 'type': 'public-key'})
exclude_list.append({'id': fake_id2, 'type': 'public-key'})
t1 = time.time() * 1000
attest, data = self.client.make_credential(rp, user, challenge, pin = PIN, exclude_list = [])
t2 = time.time() * 1000
attest.verify(data.hash)
print('Register valid (%d ms)' % (t2-t1))
sys.stdout.flush()
cred = attest.auth_data.credential_data
creds.append(cred)
allow_list = [{'id':creds[0].credential_id, 'type': 'public-key'}]
t1 = time.time() * 1000
assertions, client_data = self.client.get_assertion(rp['id'], challenge, allow_list, pin = PIN)
t2 = time.time() * 1000
assertions[0].verify(client_data.hash, creds[0].public_key)
print('Assertion valid (%d ms)' % (t2-t1))
sys.stdout.flush()
def test_fido2(self):
@ -504,7 +552,8 @@ if __name__ == '__main__':
t.find_device()
#t.test_hid()
#t.test_fido2()
t.test_fido2_simple()
#t.test_fido2_simple()
t.test_fido2_brute_force()

61
ctaphid.c
View File

@ -8,6 +8,7 @@
#include "u2f.h"
#include "time.h"
#include "util.h"
#include "log.h"
typedef enum
{
@ -336,7 +337,7 @@ void ctaphid_check_timeouts()
{
if (CIDS[i].busy && ((millis() - CIDS[i].last_used) >= 750))
{
printf("TIMEOUT CID: %08x\n", CIDS[i].cid);
printf1(TAG_HID, "TIMEOUT CID: %08x\n", CIDS[i].cid);
ctaphid_send_error(CIDS[i].cid, CTAP1_ERR_TIMEOUT);
memset(CIDS + i, 0, sizeof(struct CID));
}
@ -349,10 +350,10 @@ void ctaphid_handle_packet(uint8_t * pkt_raw)
{
CTAPHID_PACKET * pkt = (CTAPHID_PACKET *)(pkt_raw);
printf("Recv packet\n");
printf(" CID: %08x \n", pkt->cid);
printf(" cmd: %02x\n", pkt->pkt.init.cmd);
if (!is_cont_pkt(pkt)) printf(" length: %d\n", ctaphid_packet_len(pkt));
printf1(TAG_HID, "Recv packet\n");
printf1(TAG_HID, " CID: %08x \n", pkt->cid);
printf1(TAG_HID, " cmd: %02x\n", pkt->pkt.init.cmd);
if (!is_cont_pkt(pkt)) printf1(TAG_HID, " length: %d\n", ctaphid_packet_len(pkt));
int ret;
uint8_t status;
@ -368,13 +369,13 @@ void ctaphid_handle_packet(uint8_t * pkt_raw)
{
if (ctaphid_packet_len(pkt) != 8)
{
printf("Error,invalid length field for init packet\n");
printf2(TAG_ERR, "Error,invalid length field for init packet\n");
ctaphid_send_error(pkt->cid, CTAP1_ERR_INVALID_LENGTH);
return;
}
if (pkt->cid == 0)
{
printf("Error, invalid cid 0\n");
printf2(TAG_ERR,"Error, invalid cid 0\n");
ctaphid_send_error(pkt->cid, CTAP1_ERR_INVALID_CHANNEL);
return;
}
@ -383,7 +384,7 @@ void ctaphid_handle_packet(uint8_t * pkt_raw)
if (is_broadcast(pkt))
{
// Check if any existing cids are busy first ?
printf("adding a new cid\n");
printf1(TAG_HID,"adding a new cid\n");
oldcid = CTAPHID_BROADCAST_CID;
newcid = get_new_cid();
ret = add_cid(newcid);
@ -391,7 +392,7 @@ void ctaphid_handle_packet(uint8_t * pkt_raw)
}
else
{
printf("synchronizing to cid\n");
printf1(TAG_HID, "synchronizing to cid\n");
oldcid = pkt->cid;
newcid = pkt->cid;
if (cid_exists(newcid))
@ -401,7 +402,7 @@ void ctaphid_handle_packet(uint8_t * pkt_raw)
}
if (ret == -1)
{
printf("Error, not enough memory for new CID. return BUSY.\n");
printf2(TAG_ERR, "Error, not enough memory for new CID. return BUSY.\n");
ctaphid_send_error(pkt->cid, CTAP1_ERR_CHANNEL_BUSY);
return;
}
@ -424,14 +425,14 @@ void ctaphid_handle_packet(uint8_t * pkt_raw)
{
if (pkt->cid == buffer_cid() && ! is_cont_pkt(pkt))
{
printf("INVALID_SEQ\n");
printf("Have %d/%d bytes\n", ctap_buffer_offset, ctap_buffer_bcnt);
printf2(TAG_ERR,"INVALID_SEQ\n");
printf2(TAG_ERR,"Have %d/%d bytes\n", ctap_buffer_offset, ctap_buffer_bcnt);
ctaphid_send_error(pkt->cid, CTAP1_ERR_INVALID_SEQ);
return;
}
else if (pkt->cid != buffer_cid())
{
printf("BUSY with %08x\n", buffer_cid());
printf2(TAG_ERR,"BUSY with %08x\n", buffer_cid());
ctaphid_send_error(pkt->cid, CTAP1_ERR_CHANNEL_BUSY);
return;
}
@ -449,33 +450,33 @@ void ctaphid_handle_packet(uint8_t * pkt_raw)
{
if (buffer_status() == EMPTY || pkt->cid != buffer_cid())
{
printf("ignoring random cont packet\n");
printf2(TAG_ERR,"ignoring random cont packet\n");
return;
}
}
if (buffer_packet(pkt) == SEQUENCE_ERROR)
{
printf("Buffering sequence error\n");
printf2(TAG_ERR,"Buffering sequence error\n");
ctaphid_send_error(pkt->cid, CTAP1_ERR_INVALID_SEQ);
return;
}
ret = cid_refresh(pkt->cid);
if (ret != 0)
{
printf("Error, refresh cid failed\n");
printf2(TAG_ERR,"Error, refresh cid failed\n");
exit(1);
}
active_cid = pkt->cid;
}
else if (is_cont_pkt(pkt))
{
printf("ignoring unwarranted cont packet\n");
printf2(TAG_ERR,"ignoring unwarranted cont packet\n");
// Ignore
return;
}
else
{
printf("BUSY\n");
printf2(TAG_ERR,"BUSY\n");
ctaphid_send_error(pkt->cid, CTAP1_ERR_CHANNEL_BUSY);
return;
}
@ -486,21 +487,21 @@ void ctaphid_handle_packet(uint8_t * pkt_raw)
switch(buffer_status())
{
case BUFFERING:
printf("BUFFERING\n");
printf1(TAG_HID,"BUFFERING\n");
active_cid_timestamp = millis();
break;
case EMPTY:
printf("empty buffer!\n");
printf1(TAG_HID,"empty buffer!\n");
case BUFFERED:
switch(buffer_cmd())
{
case CTAPHID_INIT:
printf("CTAPHID_INIT, error this should already be handled\n");
printf2(TAG_ERR,"CTAPHID_INIT, error this should already be handled\n");
exit(1);
break;
case CTAPHID_PING:
printf("CTAPHID_PING\n");
printf1(TAG_HID,"CTAPHID_PING\n");
ctaphid_write_buffer_init(&wb);
wb.cid = active_cid;
@ -513,7 +514,7 @@ void ctaphid_handle_packet(uint8_t * pkt_raw)
break;
case CTAPHID_WINK:
printf("CTAPHID_WINK\n");
printf1(TAG_HID,"CTAPHID_WINK\n");
ctaphid_write_buffer_init(&wb);
@ -525,10 +526,10 @@ void ctaphid_handle_packet(uint8_t * pkt_raw)
break;
case CTAPHID_CBOR:
printf("CTAPHID_CBOR\n");
printf1(TAG_HID,"CTAPHID_CBOR\n");
if (buffer_len() == 0)
{
printf("Error,invalid 0 length field for cbor packet\n");
printf2(TAG_ERR,"Error,invalid 0 length field for cbor packet\n");
ctaphid_send_error(pkt->cid, CTAP1_ERR_INVALID_LENGTH);
return;
}
@ -547,10 +548,10 @@ void ctaphid_handle_packet(uint8_t * pkt_raw)
break;
case CTAPHID_MSG:
printf("CTAPHID_MSG\n");
printf1(TAG_HID,"CTAPHID_MSG\n");
if (buffer_len() == 0)
{
printf("Error,invalid 0 length field for MSG/U2F packet\n");
printf2(TAG_ERR,"Error,invalid 0 length field for MSG/U2F packet\n");
ctaphid_send_error(pkt->cid, CTAP1_ERR_INVALID_LENGTH);
return;
}
@ -568,7 +569,7 @@ void ctaphid_handle_packet(uint8_t * pkt_raw)
break;
default:
printf("error, unimplemented HID cmd: %02x\r\n", buffer_cmd());
printf2(TAG_ERR,"error, unimplemented HID cmd: %02x\r\n", buffer_cmd());
ctaphid_send_error(pkt->cid, CTAP1_ERR_INVALID_COMMAND);
break;
}
@ -577,12 +578,12 @@ void ctaphid_handle_packet(uint8_t * pkt_raw)
break;
default:
printf("invalid buffer state; abort\n");
printf2(TAG_ERR,"invalid buffer state; abort\n");
exit(1);
break;
}
printf("\n");
printf1(TAG_HID,"\n");
}

1
log.c
View File

@ -25,6 +25,7 @@ struct logtag tagtable[] = {
{TAG_CTAP,"CTAP"},
{TAG_U2F,"U2F"},
{TAG_DUMP,"DUMP"},
{TAG_HID,"HID"},
{TAG_GREEN,"\x1b[32mDEBUG\x1b[0m"},
{TAG_RED,"\x1b[31mDEBUG\x1b[0m"},
{TAG_TIME,"\x1b[33mTIME\x1b[0m"},

1
log.h
View File

@ -22,6 +22,7 @@ typedef enum
TAG_GREEN = (1 << 8),
TAG_RED= (1 << 9),
TAG_TIME= (1 << 10),
TAG_HID = (1 << 11),
TAG_FILENO = (1<<31)
} LOG_TAG;

14
main.c
View File

@ -16,20 +16,22 @@ int main(int argc, char * argv[])
{
int count = 0;
uint64_t t1 = 0;
uint64_t t2 = 0;
uint64_t accum = 0;
uint8_t hidmsg[64];
set_logging_mask(
/*TAG_MC |*/
/*TAG_GA |*/
/*TAG_CP |*/
TAG_CTAP|
/*TAG_CTAP|*/
/*TAG_U2F|*/
/*TAG_PARSE |*/
TAG_TIME
/*TAG_TIME|*/
/*TAG_DUMP|*/
/*TAG_GREEN|*/
/*TAG_RED|*/
/*TAG_ERR*/
TAG_ERR
);
printf("init device\n");
@ -57,13 +59,15 @@ int main(int argc, char * argv[])
if (usbhid_recv(hidmsg) > 0)
{
printf1(TAG_DUMP,"%d>> ",count++); dump_hex1(TAG_DUMP, hidmsg,sizeof(hidmsg));
t2 = millis();
ctaphid_handle_packet(hidmsg);
accum += millis() - t2;
printf1(TAG_TIME,"accum: %lu\n", (uint32_t)accum);
memset(hidmsg, 0, sizeof(hidmsg));
}
else
{
main_loop_delay();
/*main_loop_delay();*/
}
ctaphid_check_timeouts();
}

208
nrf52840/crypto.c
View File

@ -33,7 +33,10 @@ const uint16_t attestation_key_size;
static SHA256_CTX sha256_ctx;
/*static SHA256_CTX sha256_ctx;*/
struct CRYS_HASHUserContext_t sha256_ctx;
const CRYS_ECPKI_Domain_t* _es256_curve;
CRYS_RND_State_t rndState_ptr;
CRYS_RND_WorkBuff_t rndWorkBuff_ptr;
@ -54,7 +57,13 @@ static uint8_t transport_secret[32] = "\x10\x01\x22\x33\x44\x55\x66\x77\x87\x90\
void crypto_sha256_init()
{
sha256_init(&sha256_ctx);
/*sha256_init(&sha256_ctx);*/
int ret = CRYS_HASH_Init(&sha256_ctx, CRYS_HASH_SHA256_mode);
if (ret != CRYS_OK )
{
printf("sha init fail\n");
exit(1);
}
}
void crypto_reset_master_secret()
@ -65,19 +74,41 @@ void crypto_reset_master_secret()
void crypto_sha256_update(uint8_t * data, size_t len)
{
sha256_update(&sha256_ctx, data, len);
/*sha256_update(&sha256_ctx, data, len);*/
int ret = CRYS_HASH_Update(&sha256_ctx, data, len);
if (ret != CRYS_OK )
{
printf("sha update fail\n");
exit(1);
}
}
void crypto_sha256_update_secret()
{
sha256_update(&sha256_ctx, master_secret, 32);
/*sha256_update(&sha256_ctx, master_secret, 32);*/
int ret = CRYS_HASH_Update(&sha256_ctx, master_secret, 32);
if (ret != CRYS_OK )
{
printf("sha update secret fail\n");
exit(1);
}
}
void crypto_sha256_final(uint8_t * hash)
{
sha256_final(&sha256_ctx, hash);
/*sha256_final(&sha256_ctx, hash);*/
int ret = CRYS_HASH_Finish(&sha256_ctx, (uint32_t*)hash);
if (ret != CRYS_OK )
{
printf("sha finish fail\n");
exit(1);
}
}
void crypto_sha256_hmac_init(uint8_t * key, uint32_t klen, uint8_t * hmac)
{
uint8_t buf[64];
@ -148,40 +179,40 @@ void crypto_ecc256_init()
ret = SaSi_LibInit();
if (ret != SA_SILIB_RET_OK) {
printf("Failed SaSi_LibInit - ret = 0x%x\n", ret);
switch(ret)
{
case SA_SILIB_RET_OK:
printf("SA_SILIB_RET_OK\n");
break;
/*switch(ret)*/
/*{*/
/*case SA_SILIB_RET_OK:*/
/*printf("SA_SILIB_RET_OK\n");*/
/*break;*/
case SA_SILIB_RET_EINVAL_CTX_PTR:
printf("SA_SILIB_RET_EINVAL_CTX_PTR\n");
break;
/*case SA_SILIB_RET_EINVAL_CTX_PTR:*/
/*printf("SA_SILIB_RET_EINVAL_CTX_PTR\n");*/
/*break;*/
case SA_SILIB_RET_EINVAL_WORK_BUF_PTR:
printf("SA_SILIB_RET_EINVAL_WORK_BUF_PTR\n");
break;
/*case SA_SILIB_RET_EINVAL_WORK_BUF_PTR:*/
/*printf("SA_SILIB_RET_EINVAL_WORK_BUF_PTR\n");*/
/*break;*/
case SA_SILIB_RET_HAL:
printf("SA_SILIB_RET_HAL\n");
break;
/*case SA_SILIB_RET_HAL:*/
/*printf("SA_SILIB_RET_HAL\n");*/
/*break;*/
case SA_SILIB_RET_PAL:
printf("SA_SILIB_RET_PAL\n");
break;
/*case SA_SILIB_RET_PAL:*/
/*printf("SA_SILIB_RET_PAL\n");*/
/*break;*/
case SA_SILIB_RET_EINVAL_HW_VERSION :
printf("SA_SILIB_RET_EINVAL_HW_VERSION \n");
break;
/*case SA_SILIB_RET_EINVAL_HW_VERSION :*/
/*printf("SA_SILIB_RET_EINVAL_HW_VERSION \n");*/
/*break;*/
case SA_SILIB_RET_EINVAL_HW_SIGNATURE:
printf("SA_SILIB_RET_EINVAL_HW_SIGNATURE\n");
break;
/*case SA_SILIB_RET_EINVAL_HW_SIGNATURE:*/
/*printf("SA_SILIB_RET_EINVAL_HW_SIGNATURE\n");*/
/*break;*/
case SA_SILIB_RESERVE32B:
printf("SA_SILIB_RESERVE32B\n");
break;
}
/*case SA_SILIB_RESERVE32B:*/
/*printf("SA_SILIB_RESERVE32B\n");*/
/*break;*/
/*}*/
exit(1);
}
@ -242,19 +273,21 @@ void crypto_ecc256_sign(uint8_t * data, int len, uint8_t * sig)
/*int uECC_compute_public_key(const uint8_t *private_key, uint8_t *public_key, uECC_Curve curve);*/
void derive_private_key_pair(uint8_t * data, int len, uint8_t * data2, int len2, uint8_t * privkey, uint8_t * pubkey);
void crypto_ecc256_derive_public_key(uint8_t * data, int len, uint8_t * x, uint8_t * y)
{
uint8_t privkey[32];
uint8_t pubkey[64];
generate_private_key(data,len,NULL,0,privkey);
derive_private_key_pair(data,len,NULL,0,privkey,pubkey);
memset(pubkey,0,sizeof(pubkey));
uECC_compute_public_key(privkey, pubkey, uECC_secp256r1());
/*memset(pubkey,0,sizeof(pubkey));*/
/*uECC_compute_public_key(privkey, pubkey, uECC_secp256r1());*/
memmove(x,pubkey,32);
memmove(y,pubkey+32,32);
}
void crypto_ecc256_load_key(uint8_t * data, int len, uint8_t * data2, int len2)
{
static uint8_t privkey[32];
@ -264,11 +297,29 @@ void crypto_ecc256_load_key(uint8_t * data, int len, uint8_t * data2, int len2)
void crypto_ecc256_make_key_pair(uint8_t * pubkey, uint8_t * privkey)
{
if (uECC_make_key(pubkey, privkey, uECC_secp256r1()) != 1)
{
printf("Error, uECC_make_key failed\n");
CRYS_ECPKI_UserPrivKey_t nrfpriv;
CRYS_ECPKI_UserPublKey_t nrfpub;
CRYS_ECPKI_KG_TempData_t tmp;
uint8_t pubkey1[65];
int ret;
uint32_t sz;
ret = CRYS_ECPKI_GenKeyPair(&rndState_ptr,
CRYS_RND_GenerateVector,
_es256_curve,
&nrfpriv, &nrfpub, &tmp, NULL);
if (ret != SA_SILIB_RET_OK){
printf(" gen key failed with 0x%x \n",ret);
exit(1);
}
sz = 32;
CRYS_ECPKI_ExportPrivKey(&nrfpriv, privkey, &sz);
sz = 65;
CRYS_ECPKI_ExportPublKey(&nrfpub,CRYS_EC_PointUncompressed, pubkey1, &sz);
memmove(pubkey, pubkey1+1, 64);
}
void crypto_ecc256_shared_secret(const uint8_t * pubkey, const uint8_t * privkey, uint8_t * shared_secret)
@ -281,13 +332,92 @@ void crypto_ecc256_shared_secret(const uint8_t * pubkey, const uint8_t * privkey
}
void generate_private_key(uint8_t * data, int len, uint8_t * data2, int len2, uint8_t * privkey)
uint8_t fixed_vector_hmac[32];
int fixed_vector_iter = 31;
uint32_t fixed_vector(void * rng, uint16_t sz, uint8_t * out)
{
while(sz--)
{
*out++ = fixed_vector_hmac[fixed_vector_iter--];
if (fixed_vector_iter == -1)
{
fixed_vector_iter = 31;
}
}
return 0;
}
void derive_private_key_pair(uint8_t * data, int len, uint8_t * data2, int len2, uint8_t * privkey, uint8_t * pubkey)
{
CRYS_ECPKI_UserPrivKey_t nrfpriv;
CRYS_ECPKI_UserPublKey_t nrfpub;
CRYS_ECPKI_KG_TempData_t tmp;
uint32_t ret;
uint32_t sz;
int i;
uint8_t pubkey1[65];
crypto_sha256_hmac_init(CRYPTO_MASTER_KEY, 0, privkey);
crypto_sha256_update(data, len);
crypto_sha256_update(data2, len2);
crypto_sha256_update(master_secret, 32);
crypto_sha256_hmac_final(CRYPTO_MASTER_KEY, 0, privkey);
memmove(fixed_vector_hmac, privkey, 32);
fixed_vector_iter=31;
/*privkey[31] += 1;*/
for (i = 31; i > -1; i++)
{
privkey[i] += 1;
if (privkey[i] != 0)
break;
}
// There isn't a CC310 function for calculating a public key from a private
// so to get around it, we can "fix" the RNG input to GenKeyPair
if(pubkey != NULL)
{
ret = CRYS_ECPKI_GenKeyPair(&rndState_ptr,
fixed_vector,
/*CRYS_RND_GenerateVector,*/
_es256_curve,
&nrfpriv, &nrfpub, &tmp, NULL);
if (ret != SA_SILIB_RET_OK){
printf(" gen key failed with 0x%x \n",ret);
exit(1);
}
/*sz = 32;*/
/*ret = CRYS_ECPKI_ExportPrivKey(&nrfpriv, privkey, &sz);*/
/*if (ret != 0)*/
/*{*/
/*printf("privkey export fail\n");*/
/*exit(1);*/
/*}*/
sz = 65;
ret = CRYS_ECPKI_ExportPublKey(&nrfpub,CRYS_EC_PointUncompressed , pubkey1, &sz);
if (ret != 0 || sz != 65)
{
printf("pubkey export fail 0x%04x\n",ret);
exit(1);
}
if (pubkey1[0] != 0x04)
{
printf("pubkey uncompressed export fail 0x%02x\n",(int)pubkey1[0]);
exit(1);
}
memmove(pubkey, pubkey1+1 , 64);
}
}
void generate_private_key(uint8_t * data, int len, uint8_t * data2, int len2, uint8_t * privkey)
{
derive_private_key_pair(data,len,data2,len2,privkey,NULL);
}
struct AES_ctx aes_ctx;

2
nrf52840/device.c
View File

@ -1,7 +1,7 @@
/*
* Device specific functionality here
* */
#define DEBUG
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>

28
nrf52840/sdk_config.h
View File

@ -510,6 +510,30 @@
#define NRF_CRYPTO_ALLOCATOR 0
#endif
// <h> nrf_crypto_rng - RNG Configuration
//==========================================================
// <q> NRF_CRYPTO_RNG_STATIC_MEMORY_BUFFERS_ENABLED - Use static memory buffers for context and temporary init buffer.
// <i> Always recommended when using the nRF HW RNG as the context and temporary buffers are small. Consider disabling if using the CC310 RNG in a RAM constrained application. In this case, memory must be provided to nrf_crypto_rng_init, or it can be allocated internally provided that NRF_CRYPTO_ALLOCATOR does not allocate memory on the stack.
#ifndef NRF_CRYPTO_RNG_STATIC_MEMORY_BUFFERS_ENABLED
#define NRF_CRYPTO_RNG_STATIC_MEMORY_BUFFERS_ENABLED 1
#endif
// <q> NRF_CRYPTO_RNG_AUTO_INIT_ENABLED - Initialize the RNG module automatically when nrf_crypto is initialized.
// <i> Automatic initialization is only supported with static or internally allocated context and temporary memory.
#ifndef NRF_CRYPTO_RNG_AUTO_INIT_ENABLED
#define NRF_CRYPTO_RNG_AUTO_INIT_ENABLED 1
#endif
// </h>
//==========================================================
// <e> NRF_CRYPTO_BACKEND_CC310_BL_ENABLED - Enable the ARM Cryptocell CC310 reduced backend.
// <i> The CC310 hardware-accelerated cryptography backend with reduced functionality and footprint (only available on nRF52840).
@ -581,7 +605,7 @@
// <i> The CC310 hardware-accelerated cryptography backend (only available on nRF52840).
//==========================================================
#ifndef NRF_CRYPTO_BACKEND_CC310_ENABLED
#define NRF_CRYPTO_BACKEND_CC310_ENABLED 0
#define NRF_CRYPTO_BACKEND_CC310_ENABLED 1
#endif
// <q> NRF_CRYPTO_BACKEND_CC310_AES_CBC_ENABLED - Enable the AES CBC mode using CC310.
@ -6350,7 +6374,7 @@
// <e> MEM_MANAGER_ENABLED - mem_manager - Dynamic memory allocator
//==========================================================
#ifndef MEM_MANAGER_ENABLED
#define MEM_MANAGER_ENABLED 0
#define MEM_MANAGER_ENABLED 1
#endif
// <o> MEMORY_MANAGER_SMALL_BLOCK_COUNT - Size of each memory blocks identified as 'small' block. <0-255>