MCUX CLNS
MCUX Crypto Library Normal Secure
mcuxCsslFlowProtection_SecureCounter_Common.h
Go to the documentation of this file.
1 /*--------------------------------------------------------------------------*/
2 /* Copyright 2020-2023 NXP */
3 /* */
4 /* NXP Confidential. This software is owned or controlled by NXP and may */
5 /* only be used strictly in accordance with the applicable license terms. */
6 /* By expressly accepting such terms or by downloading, installing, */
7 /* activating and/or otherwise using the software, you are agreeing that */
8 /* you have read, and that you agree to comply with and are bound by, such */
9 /* license terms. If you do not agree to be bound by the applicable license */
10 /* terms, then you may not retain, install, activate or otherwise use the */
11 /* software. */
12 /*--------------------------------------------------------------------------*/
13 
19 #ifndef MCUX_CSSL_FLOW_PROTECTION_SECURE_COUNTER_COMMON_H_
20 #define MCUX_CSSL_FLOW_PROTECTION_SECURE_COUNTER_COMMON_H_
21 
22 /* Include the CSSL C pre-processor support functionality. */
23 #include <mcuxCsslCPreProcessor.h>
24 #include <mcuxCsslAnalysis.h>
25 
26 /* Include the CSSL secure counter mechanism as basic building block. */
27 #include <mcuxCsslSecureCounter.h>
28 
29 /* Include the C99 standard integer types. */
30 #include <stdint.h>
31 
63 #define MCUX_CSSL_FP_DECL_NAME(type, id) \
64  MCUX_CSSL_CPP_CAT4(mcuxCsslFlowProtection_, type, _, id)
65 
75 #define MCUX_CSSL_FP_DECL_IMPL(type, id) \
76  MCUX_CSSL_SC_VALUE_TYPE MCUX_CSSL_FP_DECL_NAME(type, id) = \
77  MCUX_CSSL_CPP_CAT3(MCUX_CSSL_FP_, type, _ID)(id)
78 
86 #define MCUX_CSSL_FP_ID_IMPL() \
87  MCUX_CSSL_CPP_CAT(__LINE__, u)
88 
89 
90 
106 #define MCUX_CSSL_FP_EXPECTATIONS(...) \
107  ((uint32_t) 0u + (MCUX_CSSL_CPP_MAP(MCUX_CSSL_CPP_ADD, __VA_ARGS__)))
108 
121 #define MCUX_CSSL_FP_COUNTER_STMT_IMPL(statement) \
122  statement
123 
135 #define MCUX_CSSL_FP_CONDITIONAL_IMPL(condition, ...) \
136  (MCUX_CSSL_FP_EXPECTATIONS(__VA_ARGS__) & ((condition) ? ((uint32_t) UINT32_MAX) : ((uint32_t) 0)))
137 
148 #define MCUX_CSSL_FP_VOID_EXPECTATION_IMPL() \
149  (0u)
150 
164 #define MCUX_CSSL_FP_EXPECT_IMPL(...) \
165  MCUX_CSSL_SC_SUB( \
166  MCUX_CSSL_FP_EXPECTATIONS(__VA_ARGS__) \
167  )
168 
169 
170 
188 #define MCUX_CSSL_FP_FUNCTION_ID(id) \
189  MCUX_CSSL_CPP_CAT(MCUX_CSSL_FP_FUNCID_, id)
190 
196 #define MCUX_CSSL_FP_FUNCTION_ID_ENTRY_MASK \
197  (0x5A5A5A5Au)
198 
206 #define MCUX_CSSL_FP_FUNCTION_ID_ENTRY_PART(id) \
207  (MCUX_CSSL_FP_FUNCTION_VALUE(id) & MCUX_CSSL_FP_FUNCTION_ID_ENTRY_MASK)
208 
216 #define MCUX_CSSL_FP_FUNCTION_ID_EXIT_PART(id) \
217  (MCUX_CSSL_FP_FUNCTION_VALUE(id) - MCUX_CSSL_FP_FUNCTION_ID_ENTRY_PART(id))
218 
230 #define MCUX_CSSL_FP_FUNCTION_DECL_IMPL(...) \
231  /* Intentionally empty */
232 
241 #define MCUX_CSSL_FP_FUNCTION_VALUE(id) \
242  ((uint32_t) MCUX_CSSL_FP_FUNCTION_ID(id))
243 
254 #define MCUX_CSSL_FP_FUNCTION_DEF_IMPL(...) \
255  /* Intentionally empty. */
256 
265 #define MCUX_CSSL_FP_FUNCTION_POINTER_IMPL(type, definition) \
266  definition
267 
273 #define MCUX_CSSL_FP_RESULT_OFFSET \
274  (0u)
275 
281 #define MCUX_CSSL_FP_RESULT_MASK \
282  (0xFFFFFFFFuLL)
283 
291 #define MCUX_CSSL_FP_RESULT_VALUE(result) \
292  (((uint64_t)(result) & MCUX_CSSL_FP_RESULT_MASK) << MCUX_CSSL_FP_RESULT_OFFSET)
293 
301 #define MCUX_CSSL_FP_RESULT_IMPL(return) \
302  (uint32_t)(((return) >> MCUX_CSSL_FP_RESULT_OFFSET) & MCUX_CSSL_FP_RESULT_MASK)
303 
309 #define MCUX_CSSL_FP_PROTECTION_OFFSET \
310  (32u)
311 
317 #define MCUX_CSSL_FP_PROTECTION_MASK \
318  ((uint64_t) 0xFFFFFFFFuLL)
319 
330 #define MCUX_CSSL_FP_PROTECTION_TOKEN_VALUE(token) \
331  ((((uint64_t)(token) & MCUX_CSSL_FP_PROTECTION_MASK)) << MCUX_CSSL_FP_PROTECTION_OFFSET)
332 
343 #define MCUX_CSSL_FP_PROTECTION_TOKEN_IMPL(return) \
344  (uint32_t)(((return) >> MCUX_CSSL_FP_PROTECTION_OFFSET) & MCUX_CSSL_FP_PROTECTION_MASK)
345 
352 #define MCUX_CSSL_FP_COUNTER_COMPRESSED() \
353  MCUX_CSSL_SC_VALUE()
354 
355 
369 #define MCUX_CSSL_FP_FUNCTION_CALLED_IMPL(id) \
370  MCUX_CSSL_FP_FUNCTION_VALUE(id)
371 
372 
386 #define MCUX_CSSL_FP_FUNCTION_ENTERED_IMPL(id) \
387  MCUX_CSSL_FP_FUNCTION_ID_ENTRY_PART(id)
388 
389 
408 #define MCUX_CSSL_FP_LOOP_ID(id) \
409  MCUX_CSSL_FP_ID_IMPL()
410 
418 #define MCUX_CSSL_FP_LOOP_DECL_IMPL(id) \
419  MCUX_CSSL_FP_DECL_IMPL(LOOP, id)
420 
429 #define MCUX_CSSL_FP_LOOP_VALUE(id) \
430  MCUX_CSSL_FP_DECL_NAME(LOOP, id)
431 
443 #define MCUX_CSSL_FP_LOOP_ITERATION_IMPLn(id, ...) \
444  MCUX_CSSL_SC_ADD( \
445  MCUX_CSSL_FP_LOOP_VALUE(id) \
446  - MCUX_CSSL_FP_EXPECTATIONS(__VA_ARGS__) \
447  )
448 
459 #define MCUX_CSSL_FP_LOOP_ITERATION_IMPL1(id) \
460  MCUX_CSSL_FP_LOOP_ITERATION_IMPLn(id, 0u)
461 
476 #define MCUX_CSSL_FP_LOOP_ITERATION_IMPL(...) \
477  MCUX_CSSL_CPP_OVERLOADED1(MCUX_CSSL_FP_LOOP_ITERATION_IMPL, __VA_ARGS__)
478 
487 #define MCUX_CSSL_FP_LOOP_ITERATIONS_IMPL(id, count) \
488  MCUX_CSSL_ANALYSIS_START_PATTERN_SC_INTEGER_OVERFLOW() \
489  ((count) * MCUX_CSSL_FP_LOOP_VALUE(id)) \
490  MCUX_CSSL_ANALYSIS_STOP_PATTERN_SC_INTEGER_OVERFLOW()
491 
492 
493 
512 #define MCUX_CSSL_FP_BRANCH_ID(id) \
513  MCUX_CSSL_FP_ID_IMPL()
514 
522 #define MCUX_CSSL_FP_BRANCH_DECL_IMPL(id) \
523  MCUX_CSSL_FP_DECL_IMPL(BRANCH, id)
524 
533 #define MCUX_CSSL_FP_BRANCH_VALUE(id) \
534  MCUX_CSSL_FP_DECL_NAME(BRANCH, id)
535 
541 #define MCUX_CSSL_FP_BRANCH_POSITIVE_VALUE 0x5u
542 
548 #define MCUX_CSSL_FP_BRANCH_NEGATIVE_VALUE 0xAu
549 
564 #define MCUX_CSSL_FP_BRANCH_SCENARIO_IMPL(id, scenario, ...) \
565  MCUX_CSSL_SC_ADD( \
566  (MCUX_CSSL_FP_BRANCH_VALUE(id) * (scenario)) \
567  - MCUX_CSSL_FP_EXPECTATIONS(__VA_ARGS__) \
568  )
569 
584 #define MCUX_CSSL_FP_BRANCH_POSITIVE_IMPLn(id, ...) \
585  MCUX_CSSL_FP_BRANCH_SCENARIO_IMPL(id, MCUX_CSSL_FP_BRANCH_POSITIVE_VALUE, \
586  __VA_ARGS__)
587 
600 #define MCUX_CSSL_FP_BRANCH_POSITIVE_IMPL1(id) \
601  MCUX_CSSL_FP_BRANCH_SCENARIO_IMPL(id, MCUX_CSSL_FP_BRANCH_POSITIVE_VALUE, 0u)
602 
618 #define MCUX_CSSL_FP_BRANCH_POSITIVE_IMPL(...) \
619  MCUX_CSSL_CPP_OVERLOADED1(MCUX_CSSL_FP_BRANCH_POSITIVE_IMPL, __VA_ARGS__)
620 
635 #define MCUX_CSSL_FP_BRANCH_NEGATIVE_IMPLn(id, ...) \
636  MCUX_CSSL_FP_BRANCH_SCENARIO_IMPL(id, MCUX_CSSL_FP_BRANCH_NEGATIVE_VALUE, \
637  __VA_ARGS__)
638 
651 #define MCUX_CSSL_FP_BRANCH_NEGATIVE_IMPL1(id) \
652  MCUX_CSSL_FP_BRANCH_SCENARIO_IMPL(id, MCUX_CSSL_FP_BRANCH_NEGATIVE_VALUE, 0u)
653 
669 #define MCUX_CSSL_FP_BRANCH_NEGATIVE_IMPL(...) \
670  MCUX_CSSL_CPP_OVERLOADED1(MCUX_CSSL_FP_BRANCH_NEGATIVE_IMPL, __VA_ARGS__)
671 
684 #define MCUX_CSSL_FP_BRANCH_TAKEN_IMPL(id, scenario, condition) \
685  MCUX_CSSL_ANALYSIS_START_PATTERN_SC_INTEGER_OVERFLOW() \
686  MCUX_CSSL_FP_CONDITIONAL_IMPL(condition, \
687  MCUX_CSSL_FP_BRANCH_VALUE(id) * (scenario)) \
688  MCUX_CSSL_ANALYSIS_STOP_PATTERN_SC_INTEGER_OVERFLOW()
689 
702 #define MCUX_CSSL_FP_BRANCH_TAKEN_POSITIVE_IMPL2(id, condition) \
703  MCUX_CSSL_FP_BRANCH_TAKEN_IMPL(id, MCUX_CSSL_FP_BRANCH_POSITIVE_VALUE, condition)
704 
716 #define MCUX_CSSL_FP_BRANCH_TAKEN_POSITIVE_IMPL1(id) \
717  MCUX_CSSL_ANALYSIS_COVERITY_START_FALSE_POSITIVE(MISRA_C_2012_Rule_10_8, "The macro does not contain a composite expression.") \
718  MCUX_CSSL_ANALYSIS_COVERITY_START_DEVIATE(MISRA_C_2012_Rule_14_3, "The usage of an invariant condition here is intended to keep the macro structures more clear.") \
719  MCUX_CSSL_FP_BRANCH_TAKEN_IMPL(id, MCUX_CSSL_FP_BRANCH_POSITIVE_VALUE, true) \
720  MCUX_CSSL_ANALYSIS_COVERITY_STOP_DEVIATE(MISRA_C_2012_Rule_14_3) \
721  MCUX_CSSL_ANALYSIS_COVERITY_STOP_FALSE_POSITIVE(MISRA_C_2012_Rule_10_8)
722 
736 #define MCUX_CSSL_FP_BRANCH_TAKEN_POSITIVE_IMPL(...) \
737  MCUX_CSSL_CPP_OVERLOADED2(MCUX_CSSL_FP_BRANCH_TAKEN_POSITIVE_IMPL, __VA_ARGS__)
738 
751 #define MCUX_CSSL_FP_BRANCH_TAKEN_NEGATIVE_IMPL2(id, condition) \
752  MCUX_CSSL_FP_BRANCH_TAKEN_IMPL(id, MCUX_CSSL_FP_BRANCH_NEGATIVE_VALUE, condition)
753 
765 #define MCUX_CSSL_FP_BRANCH_TAKEN_NEGATIVE_IMPL1(id) \
766  MCUX_CSSL_ANALYSIS_COVERITY_START_FALSE_POSITIVE(MISRA_C_2012_Rule_10_8, "The macro does not contain a composite expression.") \
767  MCUX_CSSL_ANALYSIS_COVERITY_START_DEVIATE(MISRA_C_2012_Rule_14_3, "The usage of an invariant condition here is intended to keep the macro structures more clear.") \
768  MCUX_CSSL_FP_BRANCH_TAKEN_IMPL(id, MCUX_CSSL_FP_BRANCH_NEGATIVE_VALUE, true) \
769  MCUX_CSSL_ANALYSIS_COVERITY_STOP_DEVIATE(MISRA_C_2012_Rule_14_3) \
770  MCUX_CSSL_ANALYSIS_COVERITY_STOP_FALSE_POSITIVE(MISRA_C_2012_Rule_10_8)
771 
785 #define MCUX_CSSL_FP_BRANCH_TAKEN_NEGATIVE_IMPL(...) \
786  MCUX_CSSL_CPP_OVERLOADED2(MCUX_CSSL_FP_BRANCH_TAKEN_NEGATIVE_IMPL, __VA_ARGS__)
787 
788 
789 
808 #define MCUX_CSSL_FP_SWITCH_ID(id) \
809  MCUX_CSSL_FP_ID_IMPL()
810 
818 #define MCUX_CSSL_FP_SWITCH_DECL_IMPL(id) \
819  MCUX_CSSL_FP_DECL_IMPL(SWITCH, id)
820 
829 #define MCUX_CSSL_FP_SWITCH_VALUE(id) \
830  MCUX_CSSL_FP_DECL_NAME(SWITCH, id)
831 
845 #define MCUX_CSSL_FP_SWITCH_CASE_IMPLn(id, case, ...) \
846  MCUX_CSSL_SC_ADD( \
847  (MCUX_CSSL_FP_SWITCH_VALUE(id) * (case)) \
848  - MCUX_CSSL_FP_EXPECTATIONS(__VA_ARGS__) \
849  )
850 
862 #define MCUX_CSSL_FP_SWITCH_CASE_IMPL2(id, case) \
863  MCUX_CSSL_FP_SWITCH_CASE_IMPLn(id, case, 0u)
864 
880 #define MCUX_CSSL_FP_SWITCH_CASE_IMPL(...) \
881  MCUX_CSSL_CPP_OVERLOADED2(MCUX_CSSL_FP_SWITCH_CASE_IMPL, __VA_ARGS__)
882 
888 #define MCUX_CSSL_FP_SWITCH_DEFAULT_VALUE \
889  (0xDEFAu)
890 
903 #define MCUX_CSSL_FP_SWITCH_DEFAULT_IMPLn(id, ...) \
904  MCUX_CSSL_FP_SWITCH_CASE_IMPLn( \
905  id, MCUX_CSSL_FP_SWITCH_DEFAULT_VALUE, __VA_ARGS__)
906 
917 #define MCUX_CSSL_FP_SWITCH_DEFAULT_IMPL1(id) \
918  MCUX_CSSL_FP_SWITCH_DEFAULT_IMPLn(id, 0u) \
919 
920 
934 #define MCUX_CSSL_FP_SWITCH_DEFAULT_IMPL(...) \
935  MCUX_CSSL_CPP_OVERLOADED1(MCUX_CSSL_FP_SWITCH_DEFAULT_IMPL, __VA_ARGS__)
936 
950 #define MCUX_CSSL_FP_SWITCH_TAKEN_IMPL3(id, case, condition) \
951  MCUX_CSSL_ANALYSIS_START_PATTERN_SC_INTEGER_OVERFLOW() \
952  MCUX_CSSL_FP_CONDITIONAL_IMPL(condition, \
953  MCUX_CSSL_FP_SWITCH_VALUE(id) * (case)) \
954  MCUX_CSSL_ANALYSIS_STOP_PATTERN_SC_INTEGER_OVERFLOW()
955 
967 #define MCUX_CSSL_FP_SWITCH_TAKEN_IMPL2(id, case) \
968  MCUX_CSSL_ANALYSIS_COVERITY_START_FALSE_POSITIVE(MISRA_C_2012_Rule_10_8, "The macro does not contain a composite expression.") \
969  MCUX_CSSL_ANALYSIS_COVERITY_START_DEVIATE(MISRA_C_2012_Rule_14_3, "The usage of an invariant condition here is intended to keep the macro structures more clear.") \
970  MCUX_CSSL_FP_SWITCH_TAKEN_IMPL3(id, case, true) \
971  MCUX_CSSL_ANALYSIS_COVERITY_STOP_DEVIATE(MISRA_C_2012_Rule_14_3) \
972  MCUX_CSSL_ANALYSIS_COVERITY_STOP_FALSE_POSITIVE(MISRA_C_2012_Rule_10_8)
973 
989 #define MCUX_CSSL_FP_SWITCH_TAKEN_IMPL(...) \
990  MCUX_CSSL_CPP_OVERLOADED3(MCUX_CSSL_FP_SWITCH_TAKEN_IMPL, __VA_ARGS__)
991 
1003 #define MCUX_CSSL_FP_SWITCH_TAKEN_DEFAULT_IMPL2(id, condition) \
1004  MCUX_CSSL_FP_SWITCH_TAKEN_IMPL3(id, MCUX_CSSL_FP_SWITCH_DEFAULT_VALUE, condition)
1005 
1016 #define MCUX_CSSL_FP_SWITCH_TAKEN_DEFAULT_IMPL1(id) \
1017  MCUX_CSSL_ANALYSIS_COVERITY_START_FALSE_POSITIVE(MISRA_C_2012_Rule_10_8, "The macro does not contain a composite expression.") \
1018  MCUX_CSSL_ANALYSIS_COVERITY_START_DEVIATE(MISRA_C_2012_Rule_14_3, "The usage of an invariant condition here is intended to keep the macro structures more clear.") \
1019  MCUX_CSSL_FP_SWITCH_TAKEN_DEFAULT_IMPL2(id, true) \
1020  MCUX_CSSL_ANALYSIS_COVERITY_STOP_DEVIATE(MISRA_C_2012_Rule_14_3) \
1021  MCUX_CSSL_ANALYSIS_COVERITY_STOP_FALSE_POSITIVE(MISRA_C_2012_Rule_10_8)
1022 
1036 #define MCUX_CSSL_FP_SWITCH_TAKEN_DEFAULT_IMPL(...) \
1037  MCUX_CSSL_CPP_OVERLOADED2(MCUX_CSSL_FP_SWITCH_TAKEN_DEFAULT_IMPL, __VA_ARGS__)
1038 
1056 #ifndef MCUX_CSSL_FP_ASSERT_CALLBACK
1057  #define MCUX_CSSL_FP_ASSERT_CALLBACK() \
1058  return 1/0 /* Fallback ASSERT callback is used, please provide your own. */
1059 #endif
1060 
1061 #endif /* MCUX_CSSL_FLOW_PROTECTION_SECURE_COUNTER_COMMON_H_ */
The default implementation is based on standard C preprocessor functionality.
Provides the API for the CSSL secure counter mechanism.